TLS Cipher Suite IDs

The following list of macros defined the list of supported TLS Cipher suites.

Each MACRO defines a single Cipher suite.

See Also

m2m_ssl_set_active_ciphersuites

Macros
#define	SSL_CIPHER_ALL
#define	SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA   NBIT2
#define	SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA256   NBIT3
#define	SSL_CIPHER_DHE_RSA_WITH_AES_128_GCM_SHA256   NBIT5
#define	SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA   NBIT8
#define	SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA256   NBIT9
#define	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   NBIT13
#define	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   NBIT15
#define	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA   NBIT10
#define	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA256   NBIT12
#define	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_GCM_SHA256   NBIT14
#define	SSL_CIPHER_ECDHE_RSA_WITH_AES_256_CBC_SHA   NBIT11
#define	SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA   NBIT0
#define	SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA256   NBIT1
#define	SSL_CIPHER_RSA_WITH_AES_128_GCM_SHA256   NBIT4
#define	SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA   NBIT6
#define	SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA256   NBIT7
#define	SSL_ECC_ALL_CIPHERS
#define	SSL_ECC_CIPHERS_AES_256
#define	SSL_ECC_ONLY_CIPHERS
#define	SSL_NON_ECC_CIPHERS_AES_128
#define	SSL_NON_ECC_CIPHERS_AES_256

#define SSL_CIPHER_ALL

Value:

(\
	SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA                |   \
	SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA256         |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA            |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA256     |   \
	SSL_CIPHER_RSA_WITH_AES_128_GCM_SHA256         |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_128_GCM_SHA256     |   \
	SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA                |   \
	SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA256         |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA            |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA256     |   \
	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA      |   \
	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA256   |   \
	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_GCM_SHA256   |   \
	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |   \
	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |   \
	SSL_CIPHER_ECDHE_RSA_WITH_AES_256_CBC_SHA          \
)

Turn On All TLS Ciphers.

#define SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA   NBIT2

#define SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA256   NBIT3

#define SSL_CIPHER_DHE_RSA_WITH_AES_128_GCM_SHA256   NBIT5

#define SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA   NBIT8

#define SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA256   NBIT9

#define SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   NBIT13

#define SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   NBIT15

#define SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA   NBIT10

#define SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA256   NBIT12

#define SSL_CIPHER_ECDHE_RSA_WITH_AES_128_GCM_SHA256   NBIT14

#define SSL_CIPHER_ECDHE_RSA_WITH_AES_256_CBC_SHA   NBIT11

#define SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA   NBIT0

#define SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA256   NBIT1

#define SSL_CIPHER_RSA_WITH_AES_128_GCM_SHA256   NBIT4

#define SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA   NBIT6

#define SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA256   NBIT7

#define SSL_ECC_ALL_CIPHERS

Value:

(\
	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA      |   \
	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_CBC_SHA256   |   \
	SSL_CIPHER_ECDHE_RSA_WITH_AES_128_GCM_SHA256   |   \
	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |   \
	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256     \
)

All supported ECC Ciphers including those ciphers that depend on RSA and ECC. These ciphers are turned off by default at startup. The application may enable them if it has an ECC math engine (like ATECC508).

#define SSL_ECC_CIPHERS_AES_256

Value:

(\
	SSL_CIPHER_ECDHE_RSA_WITH_AES_256_CBC_SHA  \
)

ECC AES-256 supported ciphers.

#define SSL_ECC_ONLY_CIPHERS

Value:

(\
	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 |   \
	SSL_CIPHER_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256     \
)

All ciphers that use ECC crypto only. This excludes ciphers that use RSA. They use ECDSA instead. These ciphers are turned off by default at startup. The application may enable them if it has an ECC math engine (like ATECC508).

#define SSL_NON_ECC_CIPHERS_AES_128

Value:

(\
	SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA                |   \
	SSL_CIPHER_RSA_WITH_AES_128_CBC_SHA256         |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA            |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_128_CBC_SHA256     |   \
	SSL_CIPHER_RSA_WITH_AES_128_GCM_SHA256         |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_128_GCM_SHA256         \
)

All supported AES-128 Ciphers (ECC ciphers are not counted). This is the default active group after startup.

#define SSL_NON_ECC_CIPHERS_AES_256

Value:

(\
	SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA            |   \
	SSL_CIPHER_RSA_WITH_AES_256_CBC_SHA256     |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA    |   \
	SSL_CIPHER_DHE_RSA_WITH_AES_256_CBC_SHA256     \
)

AES-256 Ciphers. This group is disabled by default at startup because the WINC HW Accelerator supports only AES-128. If the application needs to force AES-256 cipher support, it could enable them (or any of them) explicitly by calling m2m_ssl_set_active_ciphersuites.