From 729cf89704c1d86d9798534da2c16baf50b3936d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 8 Jan 2024 10:38:51 +0100
Subject: [PATCH] Consolidate ChangeLog entries about CIPHER_C
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 ChangeLog.d/8060.txt      | 4 ----
 ChangeLog.d/8357.txt      | 8 --------
 ChangeLog.d/8358.txt      | 2 --
 ChangeLog.d/no-cipher.txt | 9 +++++++++
 4 files changed, 9 insertions(+), 14 deletions(-)
 delete mode 100644 ChangeLog.d/8060.txt
 delete mode 100644 ChangeLog.d/8357.txt
 create mode 100644 ChangeLog.d/no-cipher.txt

diff --git a/ChangeLog.d/8060.txt b/ChangeLog.d/8060.txt
deleted file mode 100644
index a5fd93c8db..0000000000
--- a/ChangeLog.d/8060.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
-    * The CCM and GCM modules no longer depend on MBEDTLS_CIPHER_C. People who
-      use CCM and GCM but don't need the Cipher API can now disable
-      MBEDTLS_CIPHER_C in order to save code size.
diff --git a/ChangeLog.d/8357.txt b/ChangeLog.d/8357.txt
deleted file mode 100644
index 9cae396ec5..0000000000
--- a/ChangeLog.d/8357.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-Features
-   * It is now possible to have AEADs support (CCM, GCM and ChaChaPoly) without
-     MBEDTLS_CIPHER_C. This holds both for the builtin suport (MBEDTLS_CCM_C,
-     MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_C) as well as the PSA one
-     (PSA_WANT_ALG_CCM, PSA_WANT_ALG_GCM, PSA_WANT_ALG_CHACHA20_POLY1305).
-     On the PSA side this means that it is possible to enable
-     MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if none of the
-     non-authenticated ciphers is enabled.
diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt
index 70b795a4ba..2c3e15d665 100644
--- a/ChangeLog.d/8358.txt
+++ b/ChangeLog.d/8358.txt
@@ -2,8 +2,6 @@ Features
    * If a cipher or AEAD mechanism has a PSA driver, you can now build the
      library without the corresponding built-in implementation. See
      docs/driver-only-builds.md for full details and current limitations.
-   * It is possible to disable MBEDTLS_CIPHER_C in some circumstances, please
-     see docs/driver-only-builds.md for full details and current limitations.
    * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is
      disabled. This requires PSA_WANT_ALG_ECB_NO_PADDING in addition to
      MBEDTLS_PSA_CRYPTO_C and PSA_WANT_KEY_TYPE_AES.
diff --git a/ChangeLog.d/no-cipher.txt b/ChangeLog.d/no-cipher.txt
new file mode 100644
index 0000000000..4deadab980
--- /dev/null
+++ b/ChangeLog.d/no-cipher.txt
@@ -0,0 +1,9 @@
+Features
+   * Fewer modules depend on MBEDTLS_CIPHER_C, making it possible to save code
+     size by disabling it in more circumstances. In particular, the CCM and
+     GCM modules no longer depends on MBEDTLS_CIPHER_C. Also,
+     MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all
+     unauthenticated (non-AEAD) ciphers are disabled, or if they're all
+     fully provided by drivers. See docs/driver-only-builds.md for full
+     details and current limitations; in particular, NIST_KW and PKCS5/PKCS12
+     decryption still unconditionally depend on MBEDTLS_CIPHER_C.