PolarSSL v1.3.3
ssl_ciphersuites.c
Go to the documentation of this file.
1 
28 #include "polarssl/config.h"
29 
30 #if defined(POLARSSL_SSL_TLS_C)
31 
33 #include "polarssl/ssl.h"
34 
35 #include <stdlib.h>
36 
37 #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
38  !defined(EFI32)
39 #define strcasecmp _stricmp
40 #endif
41 
42 /*
43  * Ordered from most preferred to least preferred in terms of security.
44  *
45  * Current rule (except weak and null which come last):
46  * 1. By key exchange:
47  * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
48  * 2. By key length and cipher:
49  * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES > RC4
50  * 3. By cipher mode when relevant GCM > CBC
51  * 4. By hash function used
52  * 5. By key exchange/auth again: EC > non-EC
53  */
54 static const int ciphersuite_preference[] =
55 {
56  /* All AES-256 ephemeral suites */
66 
67  /* All CAMELLIA-256 ephemeral suites */
75 
76  /* All AES-128 ephemeral suites */
86 
87  /* All CAMELLIA-128 ephemeral suites */
95 
96  /* All remaining >= 128-bit ephemeral suites */
102 
103  /* The PSK ephemeral suites */
112 
121 
126 
127  /* All AES-256 suites */
137 
138  /* All CAMELLIA-256 suites */
146 
147  /* All AES-128 suites */
157 
158  /* All CAMELLIA-128 suites */
166 
167  /* All remaining >= 128-bit suites */
175 
176  /* The RSA PSK suites */
182 
188 
191 
192  /* The PSK suites */
198 
204 
207 
208  /* Weak suites */
211 
212  /* NULL suites */
221 
233 
234  0
235 };
236 
237 #define MAX_CIPHERSUITES 160
238 static int supported_ciphersuites[MAX_CIPHERSUITES];
239 static int supported_init = 0;
240 
241 static const ssl_ciphersuite_t ciphersuite_definitions[] =
242 {
243 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
244 #if defined(POLARSSL_AES_C)
245 #if defined(POLARSSL_SHA1_C)
246 #if defined(POLARSSL_CIPHER_MODE_CBC)
247  { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
251  0 },
252  { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
256  0 },
257 #endif /* POLARSSL_CIPHER_MODE_CBC */
258 #endif /* POLARSSL_SHA1_C */
259 #if defined(POLARSSL_SHA256_C)
260 #if defined(POLARSSL_CIPHER_MODE_CBC)
261  { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
265  0 },
266 #endif /* POLARSSL_CIPHER_MODE_CBC */
267 #if defined(POLARSSL_GCM_C)
268  { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
272  0 },
273 #endif /* POLARSSL_GCM_C */
274 #endif /* POLARSSL_SHA256_C */
275 #if defined(POLARSSL_SHA512_C)
276 #if defined(POLARSSL_CIPHER_MODE_CBC)
277  { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
281  0 },
282 #endif /* POLARSSL_CIPHER_MODE_CBC */
283 #if defined(POLARSSL_GCM_C)
284  { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
288  0 },
289 #endif /* POLARSSL_GCM_C */
290 #endif /* POLARSSL_SHA512_C */
291 #endif /* POLARSSL_AES_C */
292 
293 #if defined(POLARSSL_CAMELLIA_C)
294 #if defined(POLARSSL_CIPHER_MODE_CBC)
295 #if defined(POLARSSL_SHA256_C)
296  { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
300  0 },
301 #endif /* POLARSSL_SHA256_C */
302 #if defined(POLARSSL_SHA512_C)
303  { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
307  0 },
308 #endif /* POLARSSL_SHA512_C */
309 #endif /* POLARSSL_CIPHER_MODE_CBC */
310 
311 #if defined(POLARSSL_GCM_C)
312 #if defined(POLARSSL_SHA256_C)
313  { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
317  0 },
318 #endif /* POLARSSL_SHA256_C */
319 #if defined(POLARSSL_SHA512_C)
320  { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
324  0 },
325 #endif /* POLARSSL_SHA512_C */
326 #endif /* POLARSSL_GCM_C */
327 #endif /* POLARSSL_CAMELLIA_C */
328 
329 #if defined(POLARSSL_DES_C)
330 #if defined(POLARSSL_CIPHER_MODE_CBC)
331 #if defined(POLARSSL_SHA1_C)
332  { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
336  0 },
337 #endif /* POLARSSL_SHA1_C */
338 #endif /* POLARSSL_CIPHER_MODE_CBC */
339 #endif /* POLARSSL_DES_C */
340 
341 #if defined(POLARSSL_ARC4_C)
342 #if defined(POLARSSL_SHA1_C)
343  { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
347  0 },
348 #endif /* POLARSSL_SHA1_C */
349 #endif /* POLARSSL_ARC4_C */
350 
351 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
352 #if defined(POLARSSL_SHA1_C)
353  { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
358 #endif /* POLARSSL_SHA1_C */
359 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
360 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
361 
362 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
363 #if defined(POLARSSL_AES_C)
364 #if defined(POLARSSL_SHA1_C)
365 #if defined(POLARSSL_CIPHER_MODE_CBC)
366  { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
370  0 },
371  { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
375  0 },
376 #endif /* POLARSSL_CIPHER_MODE_CBC */
377 #endif /* POLARSSL_SHA1_C */
378 #if defined(POLARSSL_SHA256_C)
379 #if defined(POLARSSL_CIPHER_MODE_CBC)
380  { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
384  0 },
385 #endif /* POLARSSL_CIPHER_MODE_CBC */
386 #if defined(POLARSSL_GCM_C)
387  { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
391  0 },
392 #endif /* POLARSSL_GCM_C */
393 #endif /* POLARSSL_SHA256_C */
394 #if defined(POLARSSL_SHA512_C)
395 #if defined(POLARSSL_CIPHER_MODE_CBC)
396  { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
400  0 },
401 #endif /* POLARSSL_CIPHER_MODE_CBC */
402 #if defined(POLARSSL_GCM_C)
403  { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
407  0 },
408 #endif /* POLARSSL_GCM_C */
409 #endif /* POLARSSL_SHA512_C */
410 #endif /* POLARSSL_AES_C */
411 
412 #if defined(POLARSSL_CAMELLIA_C)
413 #if defined(POLARSSL_CIPHER_MODE_CBC)
414 #if defined(POLARSSL_SHA256_C)
415  { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
419  0 },
420 #endif /* POLARSSL_SHA256_C */
421 #if defined(POLARSSL_SHA512_C)
422  { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
426  0 },
427 #endif /* POLARSSL_SHA512_C */
428 #endif /* POLARSSL_CIPHER_MODE_CBC */
429 
430 #if defined(POLARSSL_GCM_C)
431 #if defined(POLARSSL_SHA256_C)
432  { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
436  0 },
437 #endif /* POLARSSL_SHA256_C */
438 #if defined(POLARSSL_SHA512_C)
439  { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
443  0 },
444 #endif /* POLARSSL_SHA512_C */
445 #endif /* POLARSSL_GCM_C */
446 #endif /* POLARSSL_CAMELLIA_C */
447 
448 #if defined(POLARSSL_DES_C)
449 #if defined(POLARSSL_CIPHER_MODE_CBC)
450 #if defined(POLARSSL_SHA1_C)
451  { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
455  0 },
456 #endif /* POLARSSL_SHA1_C */
457 #endif /* POLARSSL_CIPHER_MODE_CBC */
458 #endif /* POLARSSL_DES_C */
459 
460 #if defined(POLARSSL_ARC4_C)
461 #if defined(POLARSSL_SHA1_C)
462  { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
466  0 },
467 #endif /* POLARSSL_SHA1_C */
468 #endif /* POLARSSL_ARC4_C */
469 
470 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
471 #if defined(POLARSSL_SHA1_C)
472  { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
477 #endif /* POLARSSL_SHA1_C */
478 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
479 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
480 
481 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
482 #if defined(POLARSSL_AES_C)
483 #if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
484  { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
488  0 },
489 #endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
490 
491 #if defined(POLARSSL_SHA256_C)
492 #if defined(POLARSSL_GCM_C)
493  { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
497  0 },
498 #endif /* POLARSSL_GCM_C */
499 
500 #if defined(POLARSSL_CIPHER_MODE_CBC)
501  { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
505  0 },
506 
507  { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
511  0 },
512 #endif /* POLARSSL_CIPHER_MODE_CBC */
513 #endif /* POLARSSL_SHA256_C */
514 
515 #if defined(POLARSSL_CIPHER_MODE_CBC)
516 #if defined(POLARSSL_SHA1_C)
517  { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
521  0 },
522 
523  { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
527  0 },
528 #endif /* POLARSSL_SHA1_C */
529 #endif /* POLARSSL_CIPHER_MODE_CBC */
530 #endif /* POLARSSL_AES_C */
531 
532 #if defined(POLARSSL_CAMELLIA_C)
533 #if defined(POLARSSL_CIPHER_MODE_CBC)
534 #if defined(POLARSSL_SHA256_C)
535  { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
539  0 },
540 
541  { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
545  0 },
546 #endif /* POLARSSL_SHA256_C */
547 
548 #if defined(POLARSSL_SHA1_C)
549  { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
553  0 },
554 
555  { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
559  0 },
560 #endif /* POLARSSL_SHA1_C */
561 #endif /* POLARSSL_CIPHER_MODE_CBC */
562 #if defined(POLARSSL_GCM_C)
563 #if defined(POLARSSL_SHA256_C)
564  { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
568  0 },
569 #endif /* POLARSSL_SHA256_C */
570 
571 #if defined(POLARSSL_SHA512_C)
572  { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
576  0 },
577 #endif /* POLARSSL_SHA512_C */
578 #endif /* POLARSSL_GCM_C */
579 #endif /* POLARSSL_CAMELLIA_C */
580 
581 #if defined(POLARSSL_DES_C)
582 #if defined(POLARSSL_CIPHER_MODE_CBC)
583 #if defined(POLARSSL_SHA1_C)
584  { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
588  0 },
589 #endif /* POLARSSL_SHA1_C */
590 #endif /* POLARSSL_CIPHER_MODE_CBC */
591 #endif /* POLARSSL_DES_C */
592 #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
593 
594 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
595 #if defined(POLARSSL_AES_C)
596 #if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
597  { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
601  0 },
602 #endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
603 
604 #if defined(POLARSSL_SHA256_C)
605 #if defined(POLARSSL_GCM_C)
606  { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
610  0 },
611 #endif /* POLARSSL_GCM_C */
612 
613 #if defined(POLARSSL_CIPHER_MODE_CBC)
614  { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
618  0 },
619 
620  { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
624  0 },
625 #endif /* POLARSSL_CIPHER_MODE_CBC */
626 #endif /* POLARSSL_SHA256_C */
627 
628 #if defined(POLARSSL_SHA1_C)
629 #if defined(POLARSSL_CIPHER_MODE_CBC)
630  { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
634  0 },
635 
636  { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
640  0 },
641 #endif /* POLARSSL_CIPHER_MODE_CBC */
642 #endif /* POLARSSL_SHA1_C */
643 #endif /* POLARSSL_AES_C */
644 
645 #if defined(POLARSSL_CAMELLIA_C)
646 #if defined(POLARSSL_CIPHER_MODE_CBC)
647 #if defined(POLARSSL_SHA256_C)
648  { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
652  0 },
653 
654  { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
658  0 },
659 #endif /* POLARSSL_SHA256_C */
660 
661 #if defined(POLARSSL_SHA1_C)
662  { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
666  0 },
667 
668  { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
672  0 },
673 #endif /* POLARSSL_SHA1_C */
674 #endif /* POLARSSL_CIPHER_MODE_CBC */
675 
676 #if defined(POLARSSL_GCM_C)
677 #if defined(POLARSSL_SHA256_C)
678  { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
682  0 },
683 #endif /* POLARSSL_SHA256_C */
684 
685 #if defined(POLARSSL_SHA1_C)
686  { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
690  0 },
691 #endif /* POLARSSL_SHA1_C */
692 #endif /* POLARSSL_GCM_C */
693 #endif /* POLARSSL_CAMELLIA_C */
694 
695 #if defined(POLARSSL_DES_C)
696 #if defined(POLARSSL_CIPHER_MODE_CBC)
697 #if defined(POLARSSL_SHA1_C)
698  { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
702  0 },
703 #endif /* POLARSSL_SHA1_C */
704 #endif /* POLARSSL_CIPHER_MODE_CBC */
705 #endif /* POLARSSL_DES_C */
706 
707 #if defined(POLARSSL_ARC4_C)
708 #if defined(POLARSSL_MD5_C)
709  { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
713  0 },
714 #endif
715 
716 #if defined(POLARSSL_SHA1_C)
717  { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
721  0 },
722 #endif
723 #endif /* POLARSSL_ARC4_C */
724 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
725 
726 #if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
727 #if defined(POLARSSL_AES_C)
728 #if defined(POLARSSL_SHA1_C)
729 #if defined(POLARSSL_CIPHER_MODE_CBC)
730  { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
734  0 },
735  { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
739  0 },
740 #endif /* POLARSSL_CIPHER_MODE_CBC */
741 #endif /* POLARSSL_SHA1_C */
742 #if defined(POLARSSL_SHA256_C)
743 #if defined(POLARSSL_CIPHER_MODE_CBC)
744  { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
748  0 },
749 #endif /* POLARSSL_CIPHER_MODE_CBC */
750 #if defined(POLARSSL_GCM_C)
751  { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
755  0 },
756 #endif /* POLARSSL_GCM_C */
757 #endif /* POLARSSL_SHA256_C */
758 #if defined(POLARSSL_SHA512_C)
759 #if defined(POLARSSL_CIPHER_MODE_CBC)
760  { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
764  0 },
765 #endif /* POLARSSL_CIPHER_MODE_CBC */
766 #if defined(POLARSSL_GCM_C)
767  { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
771  0 },
772 #endif /* POLARSSL_GCM_C */
773 #endif /* POLARSSL_SHA512_C */
774 #endif /* POLARSSL_AES_C */
775 
776 #if defined(POLARSSL_CAMELLIA_C)
777 #if defined(POLARSSL_CIPHER_MODE_CBC)
778 #if defined(POLARSSL_SHA256_C)
779  { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
783  0 },
784 #endif /* POLARSSL_SHA256_C */
785 #if defined(POLARSSL_SHA512_C)
786  { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
790  0 },
791 #endif /* POLARSSL_SHA512_C */
792 #endif /* POLARSSL_CIPHER_MODE_CBC */
793 
794 #if defined(POLARSSL_GCM_C)
795 #if defined(POLARSSL_SHA256_C)
796  { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
800  0 },
801 #endif /* POLARSSL_SHA256_C */
802 #if defined(POLARSSL_SHA512_C)
803  { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
807  0 },
808 #endif /* POLARSSL_SHA512_C */
809 #endif /* POLARSSL_GCM_C */
810 #endif /* POLARSSL_CAMELLIA_C */
811 
812 #if defined(POLARSSL_DES_C)
813 #if defined(POLARSSL_CIPHER_MODE_CBC)
814 #if defined(POLARSSL_SHA1_C)
815  { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
819  0 },
820 #endif /* POLARSSL_SHA1_C */
821 #endif /* POLARSSL_CIPHER_MODE_CBC */
822 #endif /* POLARSSL_DES_C */
823 
824 #if defined(POLARSSL_ARC4_C)
825 #if defined(POLARSSL_SHA1_C)
826  { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
830  0 },
831 #endif /* POLARSSL_SHA1_C */
832 #endif /* POLARSSL_ARC4_C */
833 
834 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
835 #if defined(POLARSSL_SHA1_C)
836  { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
841 #endif /* POLARSSL_SHA1_C */
842 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
843 #endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
844 
845 #if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
846 #if defined(POLARSSL_AES_C)
847 #if defined(POLARSSL_SHA1_C)
848 #if defined(POLARSSL_CIPHER_MODE_CBC)
849  { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
853  0 },
854  { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
858  0 },
859 #endif /* POLARSSL_CIPHER_MODE_CBC */
860 #endif /* POLARSSL_SHA1_C */
861 #if defined(POLARSSL_SHA256_C)
862 #if defined(POLARSSL_CIPHER_MODE_CBC)
863  { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
867  0 },
868 #endif /* POLARSSL_CIPHER_MODE_CBC */
869 #if defined(POLARSSL_GCM_C)
870  { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
874  0 },
875 #endif /* POLARSSL_GCM_C */
876 #endif /* POLARSSL_SHA256_C */
877 #if defined(POLARSSL_SHA512_C)
878 #if defined(POLARSSL_CIPHER_MODE_CBC)
879  { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
883  0 },
884 #endif /* POLARSSL_CIPHER_MODE_CBC */
885 #if defined(POLARSSL_GCM_C)
886  { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
890  0 },
891 #endif /* POLARSSL_GCM_C */
892 #endif /* POLARSSL_SHA512_C */
893 #endif /* POLARSSL_AES_C */
894 
895 #if defined(POLARSSL_CAMELLIA_C)
896 #if defined(POLARSSL_CIPHER_MODE_CBC)
897 #if defined(POLARSSL_SHA256_C)
898  { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
902  0 },
903 #endif /* POLARSSL_SHA256_C */
904 #if defined(POLARSSL_SHA512_C)
905  { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
909  0 },
910 #endif /* POLARSSL_SHA512_C */
911 #endif /* POLARSSL_CIPHER_MODE_CBC */
912 
913 #if defined(POLARSSL_GCM_C)
914 #if defined(POLARSSL_SHA256_C)
915  { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
919  0 },
920 #endif /* POLARSSL_SHA256_C */
921 #if defined(POLARSSL_SHA512_C)
922  { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
926  0 },
927 #endif /* POLARSSL_SHA512_C */
928 #endif /* POLARSSL_GCM_C */
929 #endif /* POLARSSL_CAMELLIA_C */
930 
931 #if defined(POLARSSL_DES_C)
932 #if defined(POLARSSL_CIPHER_MODE_CBC)
933 #if defined(POLARSSL_SHA1_C)
934  { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
938  0 },
939 #endif /* POLARSSL_SHA1_C */
940 #endif /* POLARSSL_CIPHER_MODE_CBC */
941 #endif /* POLARSSL_DES_C */
942 
943 #if defined(POLARSSL_ARC4_C)
944 #if defined(POLARSSL_SHA1_C)
945  { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
949  0 },
950 #endif /* POLARSSL_SHA1_C */
951 #endif /* POLARSSL_ARC4_C */
952 
953 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
954 #if defined(POLARSSL_SHA1_C)
955  { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
960 #endif /* POLARSSL_SHA1_C */
961 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
962 #endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
963 
964 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
965 #if defined(POLARSSL_AES_C)
966 #if defined(POLARSSL_GCM_C)
967 #if defined(POLARSSL_SHA256_C)
968  { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
972  0 },
973 #endif /* POLARSSL_SHA256_C */
974 
975 #if defined(POLARSSL_SHA512_C)
976  { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
980  0 },
981 #endif /* POLARSSL_SHA512_C */
982 #endif /* POLARSSL_GCM_C */
983 
984 #if defined(POLARSSL_CIPHER_MODE_CBC)
985 #if defined(POLARSSL_SHA256_C)
986  { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
990  0 },
991 #endif /* POLARSSL_SHA256_C */
992 
993 #if defined(POLARSSL_SHA512_C)
994  { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
998  0 },
999 #endif /* POLARSSL_SHA512_C */
1000 
1001 #if defined(POLARSSL_SHA1_C)
1002  { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1006  0 },
1007 
1008  { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1012  0 },
1013 #endif /* POLARSSL_SHA1_C */
1014 #endif /* POLARSSL_CIPHER_MODE_CBC */
1015 #endif /* POLARSSL_AES_C */
1016 
1017 #if defined(POLARSSL_CAMELLIA_C)
1018 #if defined(POLARSSL_CIPHER_MODE_CBC)
1019 #if defined(POLARSSL_SHA256_C)
1020  { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1024  0 },
1025 #endif /* POLARSSL_SHA256_C */
1026 
1027 #if defined(POLARSSL_SHA512_C)
1028  { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1032  0 },
1033 #endif /* POLARSSL_SHA512_C */
1034 #endif /* POLARSSL_CIPHER_MODE_CBC */
1035 
1036 #if defined(POLARSSL_GCM_C)
1037 #if defined(POLARSSL_SHA256_C)
1038  { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1042  0 },
1043 #endif /* POLARSSL_SHA256_C */
1044 
1045 #if defined(POLARSSL_SHA512_C)
1046  { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1050  0 },
1051 #endif /* POLARSSL_SHA512_C */
1052 #endif /* POLARSSL_GCM_C */
1053 #endif /* POLARSSL_CAMELLIA_C */
1054 
1055 #if defined(POLARSSL_DES_C)
1056 #if defined(POLARSSL_CIPHER_MODE_CBC)
1057 #if defined(POLARSSL_SHA1_C)
1058  { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1062  0 },
1063 #endif /* POLARSSL_SHA1_C */
1064 #endif /* POLARSSL_CIPHER_MODE_CBC */
1065 #endif /* POLARSSL_DES_C */
1066 
1067 #if defined(POLARSSL_ARC4_C)
1068 #if defined(POLARSSL_SHA1_C)
1069  { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1073  0 },
1074 #endif /* POLARSSL_SHA1_C */
1075 #endif /* POLARSSL_ARC4_C */
1076 #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1077 
1078 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
1079 #if defined(POLARSSL_AES_C)
1080 #if defined(POLARSSL_GCM_C)
1081 #if defined(POLARSSL_SHA256_C)
1082  { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1086  0 },
1087 #endif /* POLARSSL_SHA256_C */
1088 
1089 #if defined(POLARSSL_SHA512_C)
1090  { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1094  0 },
1095 #endif /* POLARSSL_SHA512_C */
1096 #endif /* POLARSSL_GCM_C */
1097 
1098 #if defined(POLARSSL_CIPHER_MODE_CBC)
1099 #if defined(POLARSSL_SHA256_C)
1100  { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1104  0 },
1105 #endif /* POLARSSL_SHA256_C */
1106 
1107 #if defined(POLARSSL_SHA512_C)
1108  { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1112  0 },
1113 #endif /* POLARSSL_SHA512_C */
1114 
1115 #if defined(POLARSSL_SHA1_C)
1116  { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1120  0 },
1121 
1122  { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1126  0 },
1127 #endif /* POLARSSL_SHA1_C */
1128 #endif /* POLARSSL_CIPHER_MODE_CBC */
1129 #endif /* POLARSSL_AES_C */
1130 
1131 #if defined(POLARSSL_CAMELLIA_C)
1132 #if defined(POLARSSL_CIPHER_MODE_CBC)
1133 #if defined(POLARSSL_SHA256_C)
1134  { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1138  0 },
1139 #endif /* POLARSSL_SHA256_C */
1140 
1141 #if defined(POLARSSL_SHA512_C)
1142  { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1146  0 },
1147 #endif /* POLARSSL_SHA512_C */
1148 #endif /* POLARSSL_CIPHER_MODE_CBC */
1149 
1150 #if defined(POLARSSL_GCM_C)
1151 #if defined(POLARSSL_SHA256_C)
1152  { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1156  0 },
1157 #endif /* POLARSSL_SHA256_C */
1158 
1159 #if defined(POLARSSL_SHA512_C)
1160  { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1164  0 },
1165 #endif /* POLARSSL_SHA512_C */
1166 #endif /* POLARSSL_GCM_C */
1167 #endif /* POLARSSL_CAMELLIA_C */
1168 
1169 #if defined(POLARSSL_DES_C)
1170 #if defined(POLARSSL_CIPHER_MODE_CBC)
1171 #if defined(POLARSSL_SHA1_C)
1172  { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1176  0 },
1177 #endif /* POLARSSL_SHA1_C */
1178 #endif /* POLARSSL_CIPHER_MODE_CBC */
1179 #endif /* POLARSSL_DES_C */
1180 
1181 #if defined(POLARSSL_ARC4_C)
1182 #if defined(POLARSSL_SHA1_C)
1183  { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1187  0 },
1188 #endif /* POLARSSL_SHA1_C */
1189 #endif /* POLARSSL_ARC4_C */
1190 #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1191 
1192 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1193 #if defined(POLARSSL_AES_C)
1194 
1195 #if defined(POLARSSL_CIPHER_MODE_CBC)
1196 #if defined(POLARSSL_SHA256_C)
1197  { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1201  0 },
1202 #endif /* POLARSSL_SHA256_C */
1203 
1204 #if defined(POLARSSL_SHA512_C)
1205  { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1209  0 },
1210 #endif /* POLARSSL_SHA512_C */
1211 
1212 #if defined(POLARSSL_SHA1_C)
1213  { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1217  0 },
1218 
1219  { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1223  0 },
1224 #endif /* POLARSSL_SHA1_C */
1225 #endif /* POLARSSL_CIPHER_MODE_CBC */
1226 #endif /* POLARSSL_AES_C */
1227 
1228 #if defined(POLARSSL_CAMELLIA_C)
1229 #if defined(POLARSSL_CIPHER_MODE_CBC)
1230 #if defined(POLARSSL_SHA256_C)
1231  { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1235  0 },
1236 #endif /* POLARSSL_SHA256_C */
1237 
1238 #if defined(POLARSSL_SHA512_C)
1239  { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1243  0 },
1244 #endif /* POLARSSL_SHA512_C */
1245 #endif /* POLARSSL_CIPHER_MODE_CBC */
1246 #endif /* POLARSSL_CAMELLIA_C */
1247 
1248 #if defined(POLARSSL_DES_C)
1249 #if defined(POLARSSL_CIPHER_MODE_CBC)
1250 #if defined(POLARSSL_SHA1_C)
1251  { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1255  0 },
1256 #endif /* POLARSSL_SHA1_C */
1257 #endif /* POLARSSL_CIPHER_MODE_CBC */
1258 #endif /* POLARSSL_DES_C */
1259 
1260 #if defined(POLARSSL_ARC4_C)
1261 #if defined(POLARSSL_SHA1_C)
1262  { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1266  0 },
1267 #endif /* POLARSSL_SHA1_C */
1268 #endif /* POLARSSL_ARC4_C */
1269 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1270 
1271 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
1272 #if defined(POLARSSL_AES_C)
1273 #if defined(POLARSSL_GCM_C)
1274 #if defined(POLARSSL_SHA256_C)
1275  { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1279  0 },
1280 #endif /* POLARSSL_SHA256_C */
1281 
1282 #if defined(POLARSSL_SHA512_C)
1283  { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1287  0 },
1288 #endif /* POLARSSL_SHA512_C */
1289 #endif /* POLARSSL_GCM_C */
1290 
1291 #if defined(POLARSSL_CIPHER_MODE_CBC)
1292 #if defined(POLARSSL_SHA256_C)
1293  { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1297  0 },
1298 #endif /* POLARSSL_SHA256_C */
1299 
1300 #if defined(POLARSSL_SHA512_C)
1301  { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1305  0 },
1306 #endif /* POLARSSL_SHA512_C */
1307 
1308 #if defined(POLARSSL_SHA1_C)
1309  { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1313  0 },
1314 
1315  { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1319  0 },
1320 #endif /* POLARSSL_SHA1_C */
1321 #endif /* POLARSSL_CIPHER_MODE_CBC */
1322 #endif /* POLARSSL_AES_C */
1323 
1324 #if defined(POLARSSL_CAMELLIA_C)
1325 #if defined(POLARSSL_CIPHER_MODE_CBC)
1326 #if defined(POLARSSL_SHA256_C)
1327  { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1331  0 },
1332 #endif /* POLARSSL_SHA256_C */
1333 
1334 #if defined(POLARSSL_SHA512_C)
1335  { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1339  0 },
1340 #endif /* POLARSSL_SHA512_C */
1341 #endif /* POLARSSL_CIPHER_MODE_CBC */
1342 
1343 #if defined(POLARSSL_GCM_C)
1344 #if defined(POLARSSL_SHA256_C)
1345  { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1349  0 },
1350 #endif /* POLARSSL_SHA256_C */
1351 
1352 #if defined(POLARSSL_SHA512_C)
1353  { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1357  0 },
1358 #endif /* POLARSSL_SHA512_C */
1359 #endif /* POLARSSL_GCM_C */
1360 #endif /* POLARSSL_CAMELLIA_C */
1361 
1362 #if defined(POLARSSL_DES_C)
1363 #if defined(POLARSSL_CIPHER_MODE_CBC)
1364 #if defined(POLARSSL_SHA1_C)
1365  { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1369  0 },
1370 #endif /* POLARSSL_SHA1_C */
1371 #endif /* POLARSSL_CIPHER_MODE_CBC */
1372 #endif /* POLARSSL_DES_C */
1373 
1374 #if defined(POLARSSL_ARC4_C)
1375 #if defined(POLARSSL_SHA1_C)
1376  { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1380  0 },
1381 #endif /* POLARSSL_SHA1_C */
1382 #endif /* POLARSSL_ARC4_C */
1383 #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1384 
1385 #if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1386 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
1387 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
1388 #if defined(POLARSSL_MD5_C)
1389  { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1394 #endif
1395 
1396 #if defined(POLARSSL_SHA1_C)
1397  { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1402 #endif
1403 
1404 #if defined(POLARSSL_SHA256_C)
1405  { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1410 #endif
1411 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1412 
1413 #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
1414 #if defined(POLARSSL_SHA1_C)
1415  { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1420 #endif /* POLARSSL_SHA1_C */
1421 
1422 #if defined(POLARSSL_SHA256_C)
1423  { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1428 #endif
1429 
1430 #if defined(POLARSSL_SHA512_C)
1431  { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1436 #endif
1437 #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1438 
1439 #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
1440 #if defined(POLARSSL_SHA1_C)
1441  { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1446 #endif /* POLARSSL_SHA1_C */
1447 
1448 #if defined(POLARSSL_SHA256_C)
1449  { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1454 #endif
1455 
1456 #if defined(POLARSSL_SHA512_C)
1457  { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1462 #endif
1463 #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1464 
1465 #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1466 #if defined(POLARSSL_SHA1_C)
1467  { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1472 #endif /* POLARSSL_SHA1_C */
1473 
1474 #if defined(POLARSSL_SHA256_C)
1475  { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1480 #endif
1481 
1482 #if defined(POLARSSL_SHA512_C)
1483  { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1488 #endif
1489 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1490 
1491 #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
1492 #if defined(POLARSSL_SHA1_C)
1493  { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1498 #endif /* POLARSSL_SHA1_C */
1499 
1500 #if defined(POLARSSL_SHA256_C)
1501  { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1506 #endif
1507 
1508 #if defined(POLARSSL_SHA512_C)
1509  { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1514 #endif
1515 #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1516 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
1517 
1518 #if defined(POLARSSL_DES_C)
1519 #if defined(POLARSSL_CIPHER_MODE_CBC)
1520 #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
1521 #if defined(POLARSSL_SHA1_C)
1522  { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1527 #endif /* POLARSSL_SHA1_C */
1528 #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
1529 
1530 #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
1531 #if defined(POLARSSL_SHA1_C)
1532  { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1537 #endif /* POLARSSL_SHA1_C */
1538 #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1539 #endif /* POLARSSL_CIPHER_MODE_CBC */
1540 #endif /* POLARSSL_DES_C */
1541 #endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1542 
1543  { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1544 };
1545 
1546 const int *ssl_list_ciphersuites( void )
1547 {
1548  /*
1549  * On initial call filter out all ciphersuites not supported by current
1550  * build based on presence in the ciphersuite_definitions.
1551  */
1552  if( supported_init == 0 )
1553  {
1554  const int *p = ciphersuite_preference;
1555  int *q = supported_ciphersuites;
1556  size_t i;
1557  size_t max = sizeof(supported_ciphersuites) / sizeof(int);
1558 
1559  for( i = 0; i < max - 1 && p[i] != 0; i++ )
1560  {
1561  if( ssl_ciphersuite_from_id( p[i] ) != NULL )
1562  *(q++) = p[i];
1563  }
1564  *q = 0;
1565 
1566  supported_init = 1;
1567  }
1568 
1569  return supported_ciphersuites;
1570 };
1571 
1572 const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
1573 {
1574  const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1575 
1576  if( NULL == ciphersuite_name )
1577  return( NULL );
1578 
1579  while( cur->id != 0 )
1580  {
1581  if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1582  return( cur );
1583 
1584  cur++;
1585  }
1586 
1587  return( NULL );
1588 }
1589 
1590 const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1591 {
1592  const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1593 
1594  while( cur->id != 0 )
1595  {
1596  if( cur->id == ciphersuite )
1597  return( cur );
1598 
1599  cur++;
1600  }
1601 
1602  return( NULL );
1603 }
1604 
1605 const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1606 {
1607  const ssl_ciphersuite_t *cur;
1608 
1609  cur = ssl_ciphersuite_from_id( ciphersuite_id );
1610 
1611  if( cur == NULL )
1612  return( "unknown" );
1613 
1614  return( cur->name );
1615 }
1616 
1617 int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1618 {
1619  const ssl_ciphersuite_t *cur;
1620 
1621  cur = ssl_ciphersuite_from_string( ciphersuite_name );
1622 
1623  if( cur == NULL )
1624  return( 0 );
1625 
1626  return( cur->id );
1627 }
1628 
1629 #if defined(POLARSSL_PK_C)
1631 {
1632  switch( info->key_exchange )
1633  {
1638  return( POLARSSL_PK_RSA );
1639 
1641  return( POLARSSL_PK_ECDSA );
1642 
1645  return( POLARSSL_PK_ECKEY );
1646 
1647  default:
1648  return( POLARSSL_PK_NONE );
1649  }
1650 }
1651 #endif
1652 
1653 int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1654 {
1655  switch( info->key_exchange )
1656  {
1662  return( 1 );
1663 
1664  default:
1665  return( 0 );
1666  }
1667 }
1668 
1670 {
1671  switch( info->key_exchange )
1672  {
1677  return( 1 );
1678 
1679  default:
1680  return( 0 );
1681  }
1682 }
1683 
1684 #endif
#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
int ssl_ciphersuite_uses_ec(const ssl_ciphersuite_t *info)
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_PSK_WITH_NULL_SHA
Weak!
#define TLS_RSA_WITH_RC4_128_MD5
#define TLS_DHE_PSK_WITH_NULL_SHA
Weak!
#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_NULL_SHA384
Weak!
#define TLS_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
Not in SSL3!
#define TLS_RSA_PSK_WITH_NULL_SHA384
Weak!
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
Not in SSL3!
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_NULL_MD5
Weak!
#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_PSK_WITH_AES_256_CBC_SHA
#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA
#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
Not in SSL3!
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
#define TLS_ECDHE_PSK_WITH_NULL_SHA256
Weak! No SSL3!
Configuration options (set of defines)
#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_PSK_WITH_AES_128_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Not in SSL3!
SSL Ciphersuites for PolarSSL.
#define SSL_MAJOR_VERSION_3
Definition: ssl.h:140
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_RC4_128_SHA
pk_type_t ssl_get_ciphersuite_sig_pk_alg(const ssl_ciphersuite_t *info)
#define TLS_ECDHE_PSK_WITH_NULL_SHA
Weak! No SSL3!
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Not in SSL3!
int ssl_get_ciphersuite_id(const char *ciphersuite_name)
Return the ID of the ciphersuite associated with the given name.
#define SSL_MINOR_VERSION_1
Definition: ssl.h:142
#define TLS_RSA_WITH_RC4_128_SHA
#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_NULL_SHA
Weak!
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA
#define TLS_DHE_PSK_WITH_NULL_SHA256
Weak!
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_PSK_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Not in SSL3!
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
#define TLS_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define SSL_MINOR_VERSION_0
Definition: ssl.h:141
#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
Not in SSL3!
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Not in SSL3!
#define POLARSSL_CIPHERSUITE_WEAK
Weak ciphersuite flag.
#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
key_exchange_type_t key_exchange
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_PSK_WITH_NULL_SHA256
Weak!
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Not in SSL3!
#define TLS_PSK_WITH_NULL_SHA384
Weak!
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_AES_256_CBC_SHA
#define TLS_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA
#define TLS_ECDHE_RSA_WITH_NULL_SHA
Weak!
int ssl_ciphersuite_uses_psk(const ssl_ciphersuite_t *info)
#define TLS_DHE_PSK_WITH_RC4_128_SHA
#define TLS_RSA_PSK_WITH_NULL_SHA256
Weak!
#define SSL_MINOR_VERSION_3
Definition: ssl.h:144
#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
pk_type_t
Public key types.
Definition: pk.h:90
#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
const ssl_ciphersuite_t * ssl_ciphersuite_from_string(const char *ciphersuite_name)
#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDH_RSA_WITH_NULL_SHA
Weak!
#define TLS_ECDHE_PSK_WITH_NULL_SHA384
Weak! No SSL3!
This structure is used for storing ciphersuite information.
#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_ECDH_ECDSA_WITH_NULL_SHA
Weak!
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
#define TLS_PSK_WITH_AES_256_CBC_SHA384
const ssl_ciphersuite_t * ssl_ciphersuite_from_id(int ciphersuite_id)
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_WITH_NULL_SHA256
Weak!
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA
#define TLS_DHE_RSA_WITH_DES_CBC_SHA
Weak! Not in TLS 1.2.
#define TLS_RSA_WITH_DES_CBC_SHA
Weak! Not in TLS 1.2.
#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
Not in SSL3!
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
Not in SSL3!
#define TLS_ECDH_RSA_WITH_RC4_128_SHA
Not in SSL3!
#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
Not in SSL3!
#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Not in SSL3!
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
const int * ssl_list_ciphersuites(void)
Returns the list of ciphersuites supported by the SSL/TLS module.
#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
SSL/TLS functions.
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_NULL_SHA
Weak!
#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
TLS 1.2.
#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
TLS 1.2.
#define TLS_PSK_WITH_AES_128_CBC_SHA256
#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS 1.2.
#define TLS_RSA_PSK_WITH_NULL_SHA
Weak!
#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_RSA_WITH_AES_256_CBC_SHA256
TLS 1.2.
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
const char * ssl_get_ciphersuite_name(const int ciphersuite_id)
Return the name of the ciphersuite associated with the given ID.
#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_AES_128_CBC_SHA256
TLS 1.2.
#define TLS_RSA_WITH_AES_128_CBC_SHA
#define TLS_PSK_WITH_RC4_128_SHA
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
Not in SSL3!
#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
Not in SSL3!
#define TLS_PSK_WITH_AES_256_GCM_SHA384
TLS 1.2.
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Not in SSL3!
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA