diff --git a/include/polarssl/ssl_ciphersuites.h b/include/polarssl/ssl_ciphersuites.h
index cfc047433..62a41ec47 100644
--- a/include/polarssl/ssl_ciphersuites.h
+++ b/include/polarssl/ssl_ciphersuites.h
@@ -171,7 +171,6 @@ typedef enum {
 typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t;
 
 #define POLARSSL_CIPHERSUITE_WEAK   0x01    /*<! Weak ciphersuite flag      */
-#define POLARSSL_CIPHERSUITE_EC     0x02    /*<! EC-based ciphersuite flag  */
 
 /**
  * \brief   This structure is used for storing ciphersuite information
@@ -200,6 +199,8 @@ const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id );
 
 pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
 
+int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info );
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 4e8a53dd9..359a2842c 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -173,12 +173,12 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
     { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
       POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_SHA256_C)
 #if defined(POLARSSL_CIPHER_MODE_CBC)
@@ -186,14 +186,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_GCM_C)
     { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
       POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_GCM_C */
 #endif /* POLARSSL_SHA256_C */
 #if defined(POLARSSL_SHA512_C)
@@ -202,14 +202,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_GCM_C)
     { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
       POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_GCM_C */
 #endif /* POLARSSL_SHA512_C */
 #endif /* POLARSSL_AES_C */
@@ -221,14 +221,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_SHA256_C */
 #if defined(POLARSSL_SHA512_C)
     { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
       POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_SHA512_C */
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #endif /* POLARSSL_CAMELLIA_C */
@@ -239,7 +239,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #endif /* POLARSSL_DES_C */
 
@@ -248,7 +248,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_ARC4_C */
 
 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
@@ -256,7 +256,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC | POLARSSL_CIPHERSUITE_WEAK },
+      POLARSSL_CIPHERSUITE_WEAK },
 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
 
@@ -267,12 +267,12 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
     { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
       POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_SHA256_C)
 #if defined(POLARSSL_CIPHER_MODE_CBC)
@@ -280,14 +280,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_GCM_C)
     { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
       POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_GCM_C */
 #endif /* POLARSSL_SHA256_C */
 #if defined(POLARSSL_SHA512_C)
@@ -296,14 +296,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #if defined(POLARSSL_GCM_C)
     { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
       POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_GCM_C */
 #endif /* POLARSSL_SHA512_C */
 #endif /* POLARSSL_AES_C */
@@ -315,14 +315,14 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_SHA256_C */
 #if defined(POLARSSL_SHA512_C)
     { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
       POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_SHA512_C */
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #endif /* POLARSSL_CAMELLIA_C */
@@ -333,7 +333,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_CIPHER_MODE_CBC */
 #endif /* POLARSSL_DES_C */
 
@@ -342,7 +342,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC },
+      0 },
 #endif /* POLARSSL_ARC4_C */
 
 #if defined(POLARSSL_CIPHER_NULL_CIPHER)
@@ -350,7 +350,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] =
       POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
       SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
-      POLARSSL_CIPHERSUITE_EC | POLARSSL_CIPHERSUITE_WEAK },
+      POLARSSL_CIPHERSUITE_WEAK },
 #endif /* POLARSSL_CIPHER_NULL_CIPHER */
 #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
 
@@ -976,8 +976,10 @@ pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
 {
     switch( info->key_exchange )
     {
+        case POLARSSL_KEY_EXCHANGE_RSA:
         case POLARSSL_KEY_EXCHANGE_DHE_RSA:
         case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
+        case POLARSSL_KEY_EXCHANGE_RSA_PSK:
             return( POLARSSL_PK_RSA );
 
         case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
@@ -988,4 +990,17 @@ pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
     }
 }
 
+int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
+        case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+
 #endif
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 0ef342392..8931382d4 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1294,7 +1294,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
                     continue;
 
 #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
-                if( ( ciphersuite_info->flags & POLARSSL_CIPHERSUITE_EC ) &&
+                if( ssl_ciphersuite_uses_ec( ciphersuite_info ) &&
                     ssl->handshake->ec_curve == 0 )
                     continue;
 #endif
@@ -1592,8 +1592,8 @@ static int ssl_write_server_hello( ssl_context *ssl )
     *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite      );
     *p++ = (unsigned char)( ssl->session_negotiate->compression      );
 
-    SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: 0x%04X",
-                   ssl->session_negotiate->ciphersuite ) );
+    SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s",
+           ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) );
     SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X",
                    ssl->session_negotiate->compression ) );