Mbed TLS is now part of TrustedFirmware.org.

Cipherlist per SSL version

Nov 21, 2012 09:09
Hugo Leisink

Hoi Paul,

I'd like to have an option to specify a cipherlist per SSL version via ssl_set_ciphersuites(). I think it would be nice if the SSL version is optional. So, if not specified, the cipherlist is used as the default. Also nice for backwards compatibility. :)

# One suite for all SSL versions:
ssl_set_ciphersuites(ssl_context, cipherlist);

# Suites per SSL version:
ssl_set_ciphersuites(ssl_context, cipherlist_ssl30,
                     SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0);
ssl_set_ciphersuites(ssl_context, cipherlist_tls10,
                     SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1);
ssl_set_ciphersuites(ssl_context, cipherlist_tls11,
                     SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_2);
ssl_set_ciphersuites(ssl_context, cipherlist_tls12,
                     SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3);

greetings, Hugo