contrib/restricted/aws/s2n/tls/s2n_cipher_preferences.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

/*
 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License").
 * You may not use this file except in compliance with the License.
 * A copy of the License is located at
 *
 *  http://aws.amazon.com/apache2.0
 *
 * or in the "license" file accompanying this file. This file is distributed
 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing
 * permissions and limitations under the License.
 */

#pragma once

#include <stdint.h>

#include "tls/s2n_cipher_suites.h"
#include "tls/s2n_kem.h"
#include "tls/s2n_tls13.h"

struct s2n_cipher_preferences {
    uint8_t count;
    struct s2n_cipher_suite **suites;
    bool allow_chacha20_boosting;
};

extern const struct s2n_cipher_preferences cipher_preferences_20230317;
extern const struct s2n_cipher_preferences cipher_preferences_20140601;
extern const struct s2n_cipher_preferences cipher_preferences_20141001;
extern const struct s2n_cipher_preferences cipher_preferences_20150202;
extern const struct s2n_cipher_preferences cipher_preferences_20150214;
extern const struct s2n_cipher_preferences cipher_preferences_20150306;
extern const struct s2n_cipher_preferences cipher_preferences_20160411;
extern const struct s2n_cipher_preferences cipher_preferences_20160804;
extern const struct s2n_cipher_preferences cipher_preferences_20160824;
extern const struct s2n_cipher_preferences cipher_preferences_20170210;
extern const struct s2n_cipher_preferences cipher_preferences_20170328;
extern const struct s2n_cipher_preferences cipher_preferences_20170328_gcm;
extern const struct s2n_cipher_preferences cipher_preferences_20170405;
extern const struct s2n_cipher_preferences cipher_preferences_20170405_gcm;
extern const struct s2n_cipher_preferences cipher_preferences_20170718;
extern const struct s2n_cipher_preferences cipher_preferences_20170718_gcm;
extern const struct s2n_cipher_preferences cipher_preferences_20190214;
extern const struct s2n_cipher_preferences cipher_preferences_20190214_gcm;
extern const struct s2n_cipher_preferences cipher_preferences_20190801;
extern const struct s2n_cipher_preferences cipher_preferences_20190120;
extern const struct s2n_cipher_preferences cipher_preferences_20190121;
extern const struct s2n_cipher_preferences cipher_preferences_20190122;
extern const struct s2n_cipher_preferences cipher_preferences_rfc9151;
extern const struct s2n_cipher_preferences cipher_preferences_20210816;
extern const struct s2n_cipher_preferences cipher_preferences_20210816_gcm;
extern const struct s2n_cipher_preferences cipher_preferences_20210825;
extern const struct s2n_cipher_preferences cipher_preferences_20210825_gcm;
extern const struct s2n_cipher_preferences cipher_preferences_20210831;
extern const struct s2n_cipher_preferences cipher_preferences_default_fips;

extern const struct s2n_cipher_preferences cipher_preferences_test_all;

extern const struct s2n_cipher_preferences cipher_preferences_test_all_tls12;
extern const struct s2n_cipher_preferences cipher_preferences_test_all_fips;
extern const struct s2n_cipher_preferences cipher_preferences_test_all_ecdsa;
extern const struct s2n_cipher_preferences cipher_preferences_test_ecdsa_priority;
extern const struct s2n_cipher_preferences cipher_preferences_test_all_rsa_kex;
extern const struct s2n_cipher_preferences cipher_preferences_test_all_tls13;

/* See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html */
extern const struct s2n_cipher_preferences elb_security_policy_2015_04;
extern const struct s2n_cipher_preferences elb_security_policy_2016_08;

extern const struct s2n_cipher_preferences elb_security_policy_tls_1_1_2017_01;
extern const struct s2n_cipher_preferences elb_security_policy_tls_1_2_2017_01;
extern const struct s2n_cipher_preferences elb_security_policy_tls_1_2_ext_2018_06;

extern const struct s2n_cipher_preferences elb_security_policy_fs_2018_06;
extern const struct s2n_cipher_preferences elb_security_policy_fs_1_2_2019_08;
extern const struct s2n_cipher_preferences elb_security_policy_fs_1_1_2019_08;
extern const struct s2n_cipher_preferences elb_security_policy_fs_1_2_Res_2019_08;

/* CloudFront upstream */
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls10;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls11;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls12;
/* CloudFront viewer facing */
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_ssl_v_3;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2014;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2016;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_1_2016;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2017;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2018;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2019;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2021;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2021_chacha20_boosted;

/* CloudFront viewer facing legacy TLS 1.2 policies */
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_ssl_v_3_legacy;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2014_legacy;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2016_legacy;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_1_2016_legacy;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2018_legacy;
extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2019_legacy;

/* AWS Common Runtime Cipher Preferences */
extern const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_ssl_v3;
extern const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_default;
extern const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_tls_13;

/* AWS KMS Cipher Preferences */
extern const struct s2n_cipher_preferences cipher_preferences_kms_tls_1_0_2018_10;
extern const struct s2n_cipher_preferences cipher_preferences_kms_tls_1_0_2021_08;
extern const struct s2n_cipher_preferences cipher_preferences_kms_fips_tls_1_2_2018_10;
extern const struct s2n_cipher_preferences cipher_preferences_kms_fips_tls_1_2_2021_08;
extern const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2019_06;
extern const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2020_02;
extern const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2020_07;
extern const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2019_11;
extern const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2020_02;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2020_12;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_1_2021_05_17;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_18;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_19;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_1_2021_05_21;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_22;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_23;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_24;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_25;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_26;
extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_3_2023_06_01;

extern const struct s2n_cipher_preferences cipher_preferences_null;