diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 682fa87d7..97a1b2b68 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -614,26 +614,8 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA + * This module is required to support the TLS ciphersuites that use the NULL + * cipher. * * Uncomment this macro to enable the NULL cipher */ @@ -1057,65 +1039,8 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA + * This module is required to support the TLS ciphersuites that use the AES + * cipher. * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1129,17 +1054,8 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA + * This module is required to support the TLS ciphersuites that use the ARC4 + * cipher. * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1217,49 +1133,8 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module is required to support the TLS ciphersuites that use the + * Camellia cipher. */ #define MBEDTLS_CAMELLIA_C @@ -1271,45 +1146,8 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module is required to support the TLS ciphersuites that use the + * ARIA cipher. */ //#define MBEDTLS_ARIA_C @@ -1395,17 +1233,8 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module is required to support the TLS ciphersuites that use the DES + * cipher. * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1530,8 +1359,7 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in - * TLS. + * This module is required to support the TLS ciphersuites that use GCM. */ #define MBEDTLS_GCM_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 4c86e90d2..18a6097f6 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -614,26 +614,8 @@ * Warning: Only do so when you know what you are doing. This allows for * encryption or channels without any security! * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_NULL_SHA - * TLS_ECDH_RSA_WITH_NULL_SHA - * TLS_ECDHE_ECDSA_WITH_NULL_SHA - * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_ECDHE_PSK_WITH_NULL_SHA384 - * TLS_ECDHE_PSK_WITH_NULL_SHA256 - * TLS_ECDHE_PSK_WITH_NULL_SHA - * TLS_DHE_PSK_WITH_NULL_SHA384 - * TLS_DHE_PSK_WITH_NULL_SHA256 - * TLS_DHE_PSK_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_SHA256 - * TLS_RSA_WITH_NULL_SHA - * TLS_RSA_WITH_NULL_MD5 - * TLS_RSA_PSK_WITH_NULL_SHA384 - * TLS_RSA_PSK_WITH_NULL_SHA256 - * TLS_RSA_PSK_WITH_NULL_SHA - * TLS_PSK_WITH_NULL_SHA384 - * TLS_PSK_WITH_NULL_SHA256 - * TLS_PSK_WITH_NULL_SHA + * This module is required to support the TLS ciphersuites that use the NULL + * cipher. * * Uncomment this macro to enable the NULL cipher */ @@ -1086,65 +1068,8 @@ * library/pem.c * library/ctr_drbg.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - * TLS_DHE_RSA_WITH_AES_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_RSA_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 - * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_256_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA - * TLS_DHE_PSK_WITH_AES_128_CBC_SHA - * TLS_RSA_WITH_AES_256_GCM_SHA384 - * TLS_RSA_WITH_AES_256_CBC_SHA256 - * TLS_RSA_WITH_AES_256_CBC_SHA - * TLS_RSA_WITH_AES_128_GCM_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA256 - * TLS_RSA_WITH_AES_128_CBC_SHA - * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_AES_256_CBC_SHA - * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_AES_128_CBC_SHA - * TLS_PSK_WITH_AES_256_GCM_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA384 - * TLS_PSK_WITH_AES_256_CBC_SHA - * TLS_PSK_WITH_AES_128_GCM_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA256 - * TLS_PSK_WITH_AES_128_CBC_SHA + * This module is required to support the TLS ciphersuites that use the AES + * cipher. * * PEM_PARSE uses AES for decrypting encrypted keys. */ @@ -1158,17 +1083,8 @@ * Module: library/arc4.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_RC4_128_SHA - * TLS_ECDH_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - * TLS_ECDHE_RSA_WITH_RC4_128_SHA - * TLS_ECDHE_PSK_WITH_RC4_128_SHA - * TLS_DHE_PSK_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_SHA - * TLS_RSA_WITH_RC4_128_MD5 - * TLS_RSA_PSK_WITH_RC4_128_SHA - * TLS_PSK_WITH_RC4_128_SHA + * This module is required to support the TLS ciphersuites that use the ARC4 + * cipher. * * \warning ARC4 is considered a weak cipher and its use constitutes a * security risk. If possible, we recommend avoidng dependencies on @@ -1246,49 +1162,8 @@ * Module: library/camellia.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - * TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - * TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 - * TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 - * TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 - * TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 - * TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * This module is required to support the TLS ciphersuites that use the + * Camellia cipher. */ #define MBEDTLS_CAMELLIA_C @@ -1300,45 +1175,8 @@ * Module: library/aria.c * Caller: library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 - * TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 - * TLS_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 - * TLS_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 - * TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 - * TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 - * TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 + * This module is required to support the TLS ciphersuites that use the + * ARIA cipher. */ //#define MBEDTLS_ARIA_C @@ -1424,17 +1262,8 @@ * Caller: library/pem.c * library/cipher.c * - * This module is required to support the following ciphersuites in TLS: - * TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_WITH_3DES_EDE_CBC_SHA - * TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA - * TLS_PSK_WITH_3DES_EDE_CBC_SHA + * This module is required to support the TLS ciphersuites that use the DES + * cipher. * * PEM_PARSE uses DES/3DES for decrypting encrypted keys. * @@ -1559,8 +1388,7 @@ * * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C * - * This module is required to support AES-GCM and CAMELLIA-GCM ciphersuites in - * TLS. + * This module is required to support the TLS ciphersuites that use GCM. */ #define MBEDTLS_GCM_C