Merge pull request #9366 from eleuzi01/replace-chachapoly

Replace MBEDTLS_SSL_HAVE_CHACHAPOLY with PSA_WANT_ALG_CHACHA20_POLY1305
2025-04-16 08:42:50 +00:00 · 2024-08-02 14:26:27 +00:00 · 2024-08-02 14:26:27 +00:00 · 9c9a3df3bf
commit 9c9a3df3bf
parent 5b85d709c3 5c70c30655
4 changed files with 12 additions and 12 deletions
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@ -310,17 +310,17 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
 #endif /* PSA_WANT_ALG_SHA_256 && MBEDTLS_SSL_HAVE_CCM */
 #endif /* PSA_WANT_KEY_TYPE_AES */
-#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(PSA_WANT_ALG_SHA_256)
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) && defined(PSA_WANT_ALG_SHA_256)
    { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
      "TLS1-3-CHACHA20-POLY1305-SHA256",
      MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
      MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
      0,
      MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
-#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY && PSA_WANT_ALG_SHA_256 */
+#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 && PSA_WANT_ALG_SHA_256 */
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

-#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && \
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) && \
    defined(PSA_WANT_ALG_SHA_256) && \
    defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
@ -379,7 +379,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
      0,
      MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
 #endif
-#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY &&
+#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 &&
          PSA_WANT_ALG_SHA_256 &&
          MBEDTLS_SSL_PROTO_TLS1_2 */
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -2654,7 +2654,7 @@ psa_status_t mbedtls_ssl_cipher_to_psa(mbedtls_cipher_type_t mbedtls_cipher_type
            *key_size = 256;
            break;
 #endif
-#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY)
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
        case MBEDTLS_CIPHER_CHACHA20_POLY1305:
            *alg = PSA_ALG_CHACHA20_POLY1305;
            *key_type = PSA_KEY_TYPE_CHACHA20;
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@ -52,7 +52,7 @@
 #define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256
 #endif
 #endif /* PSA_WANT_KEY_TYPE_AES */
-#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(PSA_WANT_ALG_SHA_256)
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305) && defined(PSA_WANT_ALG_SHA_256)
 #define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256
 #endif

--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@ -1818,27 +1818,27 @@ depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:PSA_WANT_ALG_MD5:
 ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0

 Record crypt, ChachaPoly
-depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:MBEDTLS_SSL_PROTO_TLS1_2
 ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0

 Record crypt, ChachaPoly, 1.3
-depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_3
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:MBEDTLS_SSL_PROTO_TLS1_3
 ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0

 Record crypt, little space, ChachaPoly
-depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:MBEDTLS_SSL_PROTO_TLS1_2
 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0

 Record crypt, little space, ChachaPoly, 1.3
-depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_3
+depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:MBEDTLS_SSL_PROTO_TLS1_3
 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0

 Record crypt, little space, ChachaPoly, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_ALG_CHACHA20_POLY1305:MBEDTLS_SSL_PROTO_TLS1_2
 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4

 Record crypt, little space, ChachaPoly, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2
+depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:PSA_WANT_ALG_CHACHA20_POLY1305:MBEDTLS_SSL_PROTO_TLS1_2
 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0

 Record crypt, little space, AES-128-CBC, 1.2, SHA-384