TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 729cf89704c1d86d9798534da2c16baf50b3936d^! / . / ChangeLog.d
commit729cf89704c1d86d9798534da2c16baf50b3936d[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Mon Jan 08 10:38:51 2024 +0100
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Mon Jan 08 11:35:01 2024 +0100
treea4f820e260dac59d800435b1b073f1e19b65dd20
parent4aad0ff510a8b22193708012ba5900113d119fc3 [diff]
Consolidate ChangeLog entries about CIPHER_C

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

diff --git a/ChangeLog.d/8060.txt b/ChangeLog.d/8060.txt
deleted file mode 100644
index a5fd93c..0000000
--- a/ChangeLog.d/8060.txt
+++ /dev/null

@@ -1,4 +0,0 @@
-Features
-    * The CCM and GCM modules no longer depend on MBEDTLS_CIPHER_C. People who
-      use CCM and GCM but don't need the Cipher API can now disable
-      MBEDTLS_CIPHER_C in order to save code size.

diff --git a/ChangeLog.d/8357.txt b/ChangeLog.d/8357.txt
deleted file mode 100644
index 9cae396..0000000
--- a/ChangeLog.d/8357.txt
+++ /dev/null

@@ -1,8 +0,0 @@
-Features
-   * It is now possible to have AEADs support (CCM, GCM and ChaChaPoly) without
-     MBEDTLS_CIPHER_C. This holds both for the builtin suport (MBEDTLS_CCM_C,
-     MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_C) as well as the PSA one
-     (PSA_WANT_ALG_CCM, PSA_WANT_ALG_GCM, PSA_WANT_ALG_CHACHA20_POLY1305).
-     On the PSA side this means that it is possible to enable
-     MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if none of the
-     non-authenticated ciphers is enabled.

diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt
index 70b795a..2c3e15d 100644
--- a/ChangeLog.d/8358.txt
+++ b/ChangeLog.d/8358.txt

@@ -2,8 +2,6 @@
    * If a cipher or AEAD mechanism has a PSA driver, you can now build the
      library without the corresponding built-in implementation. See
      docs/driver-only-builds.md for full details and current limitations.
-   * It is possible to disable MBEDTLS_CIPHER_C in some circumstances, please
-     see docs/driver-only-builds.md for full details and current limitations.
    * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is
      disabled. This requires PSA_WANT_ALG_ECB_NO_PADDING in addition to
      MBEDTLS_PSA_CRYPTO_C and PSA_WANT_KEY_TYPE_AES.

diff --git a/ChangeLog.d/no-cipher.txt b/ChangeLog.d/no-cipher.txt
new file mode 100644
index 0000000..4deadab
--- /dev/null
+++ b/ChangeLog.d/no-cipher.txt

@@ -0,0 +1,9 @@
+Features
+   * Fewer modules depend on MBEDTLS_CIPHER_C, making it possible to save code
+     size by disabling it in more circumstances. In particular, the CCM and
+     GCM modules no longer depends on MBEDTLS_CIPHER_C. Also,
+     MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all
+     unauthenticated (non-AEAD) ciphers are disabled, or if they're all
+     fully provided by drivers. See docs/driver-only-builds.md for full
+     details and current limitations; in particular, NIST_KW and PKCS5/PKCS12
+     decryption still unconditionally depend on MBEDTLS_CIPHER_C.