1 /**************************************************************************/
2 /*                                                                        */
3 /*       Copyright (c) Microsoft Corporation. All rights reserved.        */
4 /*                                                                        */
5 /*       This software is licensed under the Microsoft Software License   */
6 /*       Terms for Microsoft Azure RTOS. Full text of the license can be  */
7 /*       found in the LICENSE file at https://aka.ms/AzureRTOS_EULA       */
8 /*       and in the root directory of this software.                      */
9 /*                                                                        */
10 /**************************************************************************/
11 
12 #include "nx_azure_iot_ciphersuites.h"
13 
14 #if (!NX_SECURE_TLS_TLS_1_2_ENABLED)
15 #error "TLS 1.2 must be enabled."
16 #endif /* (!NX_SECURE_TLS_TLS_1_2_ENABLED) */
17 
18 #ifdef NX_SECURE_DISABLE_X509
19 #error "X509 must be enabled."
20 #endif /* NX_SECURE_DISABLE_X509 */
21 
22 /* Define supported crypto method.  */
23 extern NX_CRYPTO_METHOD crypto_method_hmac;
24 extern NX_CRYPTO_METHOD crypto_method_hmac_sha256;
25 extern NX_CRYPTO_METHOD crypto_method_tls_prf_sha256;
26 extern NX_CRYPTO_METHOD crypto_method_sha256;
27 extern NX_CRYPTO_METHOD crypto_method_sha384;
28 extern NX_CRYPTO_METHOD crypto_method_aes_cbc_128;
29 extern NX_CRYPTO_METHOD crypto_method_rsa;
30 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
31 extern NX_CRYPTO_METHOD crypto_method_ecdhe;
32 extern NX_CRYPTO_METHOD crypto_method_ecdsa;
33 extern NX_CRYPTO_METHOD crypto_method_ec_secp384;
34 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
35 
36 const NX_CRYPTO_METHOD *_nx_azure_iot_tls_supported_crypto[] =
37 {
38     &crypto_method_hmac,
39     &crypto_method_hmac_sha256,
40     &crypto_method_tls_prf_sha256,
41     &crypto_method_sha256,
42     &crypto_method_sha384,
43     &crypto_method_aes_cbc_128,
44     &crypto_method_rsa,
45 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
46     &crypto_method_ecdhe,
47     &crypto_method_ecdsa,
48     &crypto_method_ec_secp384,
49 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
50 };
51 
52 const UINT _nx_azure_iot_tls_supported_crypto_size = sizeof(_nx_azure_iot_tls_supported_crypto) / sizeof(NX_CRYPTO_METHOD*);
53 
54 
55 /* Define supported TLS ciphersuites.  */
56 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
57 extern const NX_CRYPTO_CIPHERSUITE nx_crypto_tls_ecdhe_rsa_with_aes_128_cbc_sha256;
58 #else
59 extern const NX_CRYPTO_CIPHERSUITE nx_crypto_tls_rsa_with_aes_128_cbc_sha256;
60 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
61 
62 /* Define supported X.509 ciphersuites.  */
63 extern const NX_CRYPTO_CIPHERSUITE nx_crypto_x509_rsa_sha_256;
64 extern const NX_CRYPTO_CIPHERSUITE nx_crypto_x509_rsa_sha_384;
65 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
66 extern const NX_CRYPTO_CIPHERSUITE nx_crypto_x509_ecdsa_sha_256;
67 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
68 
69 const NX_CRYPTO_CIPHERSUITE *_nx_azure_iot_tls_ciphersuite_map[] =
70 {
71 
72     /* TLS ciphersuites. */
73 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
74     &nx_crypto_tls_ecdhe_rsa_with_aes_128_cbc_sha256,
75 #else
76     &nx_crypto_tls_rsa_with_aes_128_cbc_sha256,
77 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
78 
79     /* X.509 ciphersuites. */
80     &nx_crypto_x509_rsa_sha_256,
81     &nx_crypto_x509_rsa_sha_384,
82 #ifdef NX_SECURE_ENABLE_ECC_CIPHERSUITE
83     &nx_crypto_x509_ecdsa_sha_256,
84 #endif /* NX_SECURE_ENABLE_ECC_CIPHERSUITE */
85 };
86 
87 const UINT _nx_azure_iot_tls_ciphersuite_map_size = sizeof(_nx_azure_iot_tls_ciphersuite_map) / sizeof(NX_CRYPTO_CIPHERSUITE*);
88