Rename aead_chacha20_poly1305 to chachapoly

While the old name is explicit and aligned with the RFC, it's also very long,
so with the mbedtls_ prefix prepended we get a 31-char prefix to each
identifier, which quickly conflicts with our 80-column policy.

The new name is shorter, it's what a lot of people use when speaking about
that construction anyway, and hopefully should not introduce confusion at
it seems unlikely that variants other than 20/1305 be standardised in the
foreseeable future.
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index b8f663d..582769b 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -3,7 +3,6 @@
 option(LINK_WITH_PTHREAD "Explicitly link mbed TLS library to pthread." OFF)
 
 set(src_crypto
-    aead_chacha20_poly1305.c
     aes.c
     aesni.c
     arc4.c
@@ -15,6 +14,7 @@
     camellia.c
     ccm.c
     chacha20.c
+    chachapoly.c
     cipher.c
     cipher_wrap.c
     cmac.c
diff --git a/library/Makefile b/library/Makefile
index de4bd5c..a4c6e35 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -47,11 +47,10 @@
 DLEXT=dll
 endif
 
-OBJS_CRYPTO=	aead_chacha20_poly1305.o	\
-		aes.o		aesni.o		arc4.o		\
+OBJS_CRYPTO=	aes.o		aesni.o		arc4.o		\
 		asn1parse.o	asn1write.o	base64.o	\
 		bignum.o	blowfish.o	camellia.o	\
-		ccm.o		chacha20.o			\
+		ccm.o		chacha20.o	chachapoly.o	\
 		cipher.o	cipher_wrap.o			\
 		cmac.o		ctr_drbg.o	des.o		\
 		dhm.o		ecdh.o		ecdsa.o		\
diff --git a/library/aead_chacha20_poly1305.c b/library/chachapoly.c
similarity index 64%
rename from library/aead_chacha20_poly1305.c
rename to library/chachapoly.c
index 0418008..3ba1954 100644
--- a/library/aead_chacha20_poly1305.c
+++ b/library/chachapoly.c
@@ -1,5 +1,5 @@
 /**
- * \file aead_chacha20_poly1305.c
+ * \file chachapoly.c
  *
  * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539.
  *
@@ -26,9 +26,9 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
 
-#include "mbedtls/aead_chacha20_poly1305.h"
+#include "mbedtls/chachapoly.h"
 #include <string.h>
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -40,12 +40,12 @@
 #endif /* MBEDTLS_PLATFORM_C */
 #endif /* MBEDTLS_SELF_TEST */
 
-#if !defined(MBEDTLS_AEAD_CHACHA20_POLY1305_ALT)
+#if !defined(MBEDTLS_CHACHAPOLY_ALT)
 
-#define AEAD_CHACHA20_POLY1305_STATE_INIT       ( 0 )
-#define AEAD_CHACHA20_POLY1305_STATE_AAD        ( 1 )
-#define AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
-#define AEAD_CHACHA20_POLY1305_STATE_FINISHED   ( 3 )
+#define CHACHAPOLY_STATE_INIT       ( 0 )
+#define CHACHAPOLY_STATE_AAD        ( 1 )
+#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
+#define CHACHAPOLY_STATE_FINISHED   ( 3 )
 
 /* Implementation that should never be optimized out by the compiler */
 static void mbedtls_zeroize( void *v, size_t n ) {
@@ -57,7 +57,7 @@
  *
  * \param ctx       The ChaCha20-Poly1305 context.
  */
-static void mbedtls_aead_chacha20_poly1305_pad_aad( mbedtls_aead_chacha20_poly1305_context *ctx )
+static void mbedtls_chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
 {
     uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U );
     unsigned char zeroes[15];
@@ -76,7 +76,7 @@
  *
  * \param ctx       The ChaCha20-Poly1305 context.
  */
-static void mbedtls_aead_chacha20_poly1305_pad_ciphertext( mbedtls_aead_chacha20_poly1305_context *ctx )
+static void mbedtls_chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
 {
     uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U );
     unsigned char zeroes[15];
@@ -90,7 +90,7 @@
     }
 }
 
-void mbedtls_aead_chacha20_poly1305_init( mbedtls_aead_chacha20_poly1305_context *ctx )
+void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx )
 {
     if ( ctx != NULL )
     {
@@ -98,12 +98,12 @@
         mbedtls_poly1305_init( &ctx->poly1305_ctx );
         ctx->aad_len        = 0U;
         ctx->ciphertext_len = 0U;
-        ctx->state          = AEAD_CHACHA20_POLY1305_STATE_INIT;
-        ctx->mode           = MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT;
+        ctx->state          = CHACHAPOLY_STATE_INIT;
+        ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
     }
 }
 
-void mbedtls_aead_chacha20_poly1305_free( mbedtls_aead_chacha20_poly1305_context *ctx )
+void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx )
 {
     if ( ctx != NULL )
     {
@@ -111,19 +111,19 @@
         mbedtls_poly1305_free( &ctx->poly1305_ctx );
         ctx->aad_len        = 0U;
         ctx->ciphertext_len = 0U;
-        ctx->state          = AEAD_CHACHA20_POLY1305_STATE_INIT;
-        ctx->mode           = MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT;
+        ctx->state          = CHACHAPOLY_STATE_INIT;
+        ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
     }
 }
 
-int mbedtls_aead_chacha20_poly1305_setkey( mbedtls_aead_chacha20_poly1305_context *ctx,
-                                           const unsigned char key[32] )
+int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
+                               const unsigned char key[32] )
 {
     int result;
 
     if ( ( ctx == NULL ) || ( key == NULL ) )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
 
     result = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key );
@@ -131,16 +131,16 @@
     return( result );
 }
 
-int mbedtls_aead_chacha20_poly1305_starts( mbedtls_aead_chacha20_poly1305_context *ctx,
-                                           const unsigned char nonce[12],
-                                           mbedtls_aead_chacha20_poly1305_mode_t mode  )
+int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
+                               const unsigned char nonce[12],
+                               mbedtls_chachapoly_mode_t mode  )
 {
     int result;
     unsigned char poly1305_key[64];
 
     if ( ( ctx == NULL ) || ( nonce == NULL ) )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
 
     result = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 1U );
@@ -161,7 +161,7 @@
     {
         ctx->aad_len        = 0U;
         ctx->ciphertext_len = 0U;
-        ctx->state          = AEAD_CHACHA20_POLY1305_STATE_AAD;
+        ctx->state          = CHACHAPOLY_STATE_AAD;
         ctx->mode           = mode;
     }
 
@@ -170,22 +170,22 @@
     return( result );
 }
 
-int mbedtls_aead_chacha20_poly1305_update_aad( mbedtls_aead_chacha20_poly1305_context *ctx,
-                                               size_t aad_len,
-                                               const unsigned char *aad )
+int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
+                                   size_t aad_len,
+                                   const unsigned char *aad )
 {
     if ( ctx == NULL )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
     else if ( ( aad_len > 0U ) && ( aad == NULL ) )
     {
         /* aad pointer is allowed to be NULL if aad_len == 0 */
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
-    else if ( ctx->state != AEAD_CHACHA20_POLY1305_STATE_AAD )
+    else if ( ctx->state != CHACHAPOLY_STATE_AAD )
     {
-        return(MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE );
+        return(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
     }
 
     ctx->aad_len += aad_len;
@@ -193,36 +193,36 @@
     return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad_len, aad ) );
 }
 
-int mbedtls_aead_chacha20_poly1305_update( mbedtls_aead_chacha20_poly1305_context *ctx,
-                                           size_t len,
-                                           const unsigned char *input,
-                                           unsigned char *output )
+int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
+                               size_t len,
+                               const unsigned char *input,
+                               unsigned char *output )
 {
     if ( ( ctx == NULL ) || ( input == NULL ) || ( output == NULL ) )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
     else if ( ( len > 0U ) && ( ( input == NULL ) || ( output == NULL ) ) )
     {
         /* input and output pointers are allowed to be NULL if len == 0 */
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
-    else if ( ( ctx->state != AEAD_CHACHA20_POLY1305_STATE_AAD ) &&
-              ( ctx->state != AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT ) )
+    else if ( ( ctx->state != CHACHAPOLY_STATE_AAD ) &&
+              ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
     }
 
-    if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_AAD )
+    if ( ctx->state == CHACHAPOLY_STATE_AAD )
     {
-        ctx->state = AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT;
+        ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
 
-        mbedtls_aead_chacha20_poly1305_pad_aad( ctx );
+        mbedtls_chachapoly_pad_aad( ctx );
     }
 
     ctx->ciphertext_len += len;
 
-    if ( ctx->mode == MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT )
+    if ( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT )
     {
         /* Note: the following functions return an error only if one or more of
          *       the input pointers are NULL. Since we have checked their validity
@@ -240,30 +240,30 @@
     return( 0 );
 }
 
-int mbedtls_aead_chacha20_poly1305_finish( mbedtls_aead_chacha20_poly1305_context *ctx,
-                                           unsigned char mac[16] )
+int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
+                               unsigned char mac[16] )
 {
     unsigned char len_block[16];
 
     if ( ( ctx == NULL ) || ( mac == NULL ) )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA );
     }
-    else if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_INIT )
+    else if ( ctx->state == CHACHAPOLY_STATE_INIT )
     {
-        return( MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE );
+        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
     }
 
-    if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_AAD )
+    if ( ctx->state == CHACHAPOLY_STATE_AAD )
     {
-        mbedtls_aead_chacha20_poly1305_pad_aad( ctx );
+        mbedtls_chachapoly_pad_aad( ctx );
     }
-    else if ( ctx->state == AEAD_CHACHA20_POLY1305_STATE_CIPHERTEXT )
+    else if ( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT )
     {
-        mbedtls_aead_chacha20_poly1305_pad_ciphertext( ctx );
+        mbedtls_chachapoly_pad_ciphertext( ctx );
     }
 
-    ctx->state = AEAD_CHACHA20_POLY1305_STATE_FINISHED;
+    ctx->state = CHACHAPOLY_STATE_FINISHED;
 
     /* The lengths of the AAD and ciphertext are processed by
      * Poly1305 as the final 128-bit block, encoded as little-endian integers.
@@ -291,45 +291,45 @@
     return( 0 );
 }
 
-int mbedtls_aead_chacha20_poly1305_crypt_and_mac ( const unsigned char key[32],
-                                                    const unsigned char nonce[12],
-                                                    mbedtls_aead_chacha20_poly1305_mode_t mode,
-                                                    size_t aad_len,
-                                                    const unsigned char *aad,
-                                                    size_t ilen,
-                                                    const unsigned char *input,
-                                                    unsigned char *output,
-                                                    unsigned char mac[16] )
+int mbedtls_chachapoly_crypt_and_mac ( const unsigned char key[32],
+                                       const unsigned char nonce[12],
+                                       mbedtls_chachapoly_mode_t mode,
+                                       size_t aad_len,
+                                       const unsigned char *aad,
+                                       size_t ilen,
+                                       const unsigned char *input,
+                                       unsigned char *output,
+                                       unsigned char mac[16] )
 {
-    mbedtls_aead_chacha20_poly1305_context ctx;
+    mbedtls_chachapoly_context ctx;
     int result;
 
-    mbedtls_aead_chacha20_poly1305_init( &ctx );
+    mbedtls_chachapoly_init( &ctx );
 
-    result = mbedtls_aead_chacha20_poly1305_setkey( &ctx, key );
+    result = mbedtls_chachapoly_setkey( &ctx, key );
     if ( result != 0 )
         goto cleanup;
 
-    result = mbedtls_aead_chacha20_poly1305_starts( &ctx, nonce, mode );
+    result = mbedtls_chachapoly_starts( &ctx, nonce, mode );
     if ( result != 0 )
         goto cleanup;
 
-    result = mbedtls_aead_chacha20_poly1305_update_aad( &ctx, aad_len, aad );
+    result = mbedtls_chachapoly_update_aad( &ctx, aad_len, aad );
     if ( result != 0 )
             goto cleanup;
 
-    result = mbedtls_aead_chacha20_poly1305_update( &ctx, ilen, input, output );
+    result = mbedtls_chachapoly_update( &ctx, ilen, input, output );
     if ( result != 0 )
             goto cleanup;
 
-    result = mbedtls_aead_chacha20_poly1305_finish( &ctx, mac );
+    result = mbedtls_chachapoly_finish( &ctx, mac );
 
 cleanup:
-    mbedtls_aead_chacha20_poly1305_free( &ctx );
+    mbedtls_chachapoly_free( &ctx );
     return( result );
 }
 
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_ALT */
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -419,7 +419,7 @@
     }
 };
 
-int mbedtls_aead_chacha20_poly1305_self_test( int verbose )
+int mbedtls_chachapoly_self_test( int verbose )
 {
     unsigned i;
     int result;
@@ -433,15 +433,15 @@
             mbedtls_printf( "  ChaCha20-Poly1305 test %u ", i );
         }
 
-        result = mbedtls_aead_chacha20_poly1305_crypt_and_mac( test_key[i],
-                                                               test_nonce[i],
-                                                               MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT,
-                                                               test_aad_len[i],
-                                                               test_aad[i],
-                                                               test_input_len[i],
-                                                               test_input[i],
-                                                               output,
-                                                               mac );
+        result = mbedtls_chachapoly_crypt_and_mac( test_key[i],
+                                                   test_nonce[i],
+                                                   MBEDTLS_CHACHAPOLY_ENCRYPT,
+                                                   test_aad_len[i],
+                                                   test_aad[i],
+                                                   test_input_len[i],
+                                                   test_input[i],
+                                                   output,
+                                                   mac );
         if ( result != 0 )
         {
             if ( verbose != 0 )
@@ -485,4 +485,4 @@
 
 #endif /* MBEDTLS_SELF_TEST */
 
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_CHACHAPOLY_C */
diff --git a/library/cipher.c b/library/cipher.c
index 71fa6f5..acc986f 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -38,8 +38,8 @@
 #include <stdlib.h>
 #include <string.h>
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
-#include "mbedtls/aead_chacha20_poly1305.h"
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
 #endif
 
 #if defined(MBEDTLS_GCM_C)
@@ -70,7 +70,7 @@
 #endif
 
 
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
 /* Compare the contents of two buffers in constant time.
  * Returns 0 if the contents are bitwise identical, otherwise returns
  * a non-zero value.
@@ -88,7 +88,7 @@
 
     return (int)diff;
 }
-#endif /* MBEDTLS_GCM_C || MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
 
 static int supported_init = 0;
 
@@ -288,7 +288,7 @@
     return( 0 );
 }
 
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
                       const unsigned char *ad, size_t ad_len )
 {
@@ -303,30 +303,30 @@
     }
 #endif
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
     if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
     {
         int result;
-        mbedtls_aead_chacha20_poly1305_mode_t mode;
+        mbedtls_chachapoly_mode_t mode;
 
         mode = ( ctx->operation == MBEDTLS_ENCRYPT )
-                ? MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT
-                : MBEDTLS_AEAD_CHACHA20_POLY1305_DECRYPT;
+                ? MBEDTLS_CHACHAPOLY_ENCRYPT
+                : MBEDTLS_CHACHAPOLY_DECRYPT;
 
-        result = mbedtls_aead_chacha20_poly1305_starts( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        result = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                         ctx->iv,
                                                         mode );
         if ( result != 0 )
             return( result );
 
-        return mbedtls_aead_chacha20_poly1305_update_aad( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        return mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                           ad_len, ad );
     }
 #endif
 
     return( 0 );
 }
-#endif /* MBEDTLS_GCM_C || MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
 
 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
                    size_t ilen, unsigned char *output, size_t *olen )
@@ -394,11 +394,11 @@
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
     }
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
     if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 )
     {
         *olen = ilen;
-        return mbedtls_aead_chacha20_poly1305_update( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        return mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                       ilen, input, output );
     }
 #endif
@@ -852,7 +852,7 @@
 }
 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
 
-#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
                       unsigned char *tag, size_t tag_len )
 {
@@ -867,14 +867,14 @@
         return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
 #endif
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
     if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
     {
         /* Don't allow truncated MAC for Poly1305 */
         if ( tag_len != 16U )
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-        return mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        return mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                       tag );
     }
 #endif
@@ -914,14 +914,14 @@
     }
 #endif /* MBEDTLS_GCM_C */
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
     if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
     {
         /* Don't allow truncated MAC for Poly1305 */
         if ( tag_len != sizeof( check_tag ) )
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-        ret = mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                      check_tag );
         if ( ret != 0 )
         {
@@ -934,11 +934,11 @@
 
         return( 0 );
     }
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_CHACHAPOLY_C */
 
     return( 0 );
 }
-#endif /* MBEDTLS_GCM_C || MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
 
 /*
  * Packet-oriented wrapper for non-AEAD modes
@@ -997,7 +997,7 @@
                                      tag, tag_len ) );
     }
 #endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
     if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
     {
         int ret;
@@ -1010,26 +1010,26 @@
 
         *olen = ilen;
 
-        ret = mbedtls_aead_chacha20_poly1305_starts( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
-                                                     iv, MBEDTLS_AEAD_CHACHA20_POLY1305_ENCRYPT );
+        ret = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+                                                     iv, MBEDTLS_CHACHAPOLY_ENCRYPT );
         if ( ret != 0 )
             return( ret );
 
-        ret = mbedtls_aead_chacha20_poly1305_update_aad( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                          ad_len, ad );
         if ( ret != 0 )
             return( ret );
 
-        ret = mbedtls_aead_chacha20_poly1305_update( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                      ilen, input, output );
         if ( ret != 0 )
             return( ret );
 
-        ret = mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                      tag );
         return( ret );
     }
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_CHACHAPOLY_C */
 
     return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 }
@@ -1076,7 +1076,7 @@
         return( ret );
     }
 #endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
     if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
     {
         unsigned char check_tag[16];
@@ -1090,22 +1090,22 @@
 
         *olen = ilen;
 
-        ret = mbedtls_aead_chacha20_poly1305_starts( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
-                                                     iv, MBEDTLS_AEAD_CHACHA20_POLY1305_DECRYPT );
+        ret = mbedtls_chachapoly_starts( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
+                                                     iv, MBEDTLS_CHACHAPOLY_DECRYPT );
         if ( ret != 0 )
             return( ret );
 
-        ret = mbedtls_aead_chacha20_poly1305_update_aad( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_update_aad( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                          ad_len, ad );
         if ( ret != 0 )
             return( ret );
 
-        ret = mbedtls_aead_chacha20_poly1305_update( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_update( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                      ilen, input, output );
         if ( ret != 0 )
             return( ret );
 
-        ret = mbedtls_aead_chacha20_poly1305_finish( (mbedtls_aead_chacha20_poly1305_context*) ctx->cipher_ctx,
+        ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
                                                      check_tag );
         if ( ret != 0 )
             return( ret );
@@ -1116,7 +1116,7 @@
 
         return( 0 );
     }
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_CHACHAPOLY_C */
 
     return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 }
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index d8c5f06..5c80828 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -33,8 +33,8 @@
 
 #include "mbedtls/cipher_internal.h"
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
-#include "mbedtls/aead_chacha20_poly1305.h"
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
 #endif
 
 #if defined(MBEDTLS_AES_C)
@@ -1356,40 +1356,41 @@
 };
 #endif /* MBEDTLS_CHACHA20_C */
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
+#if defined(MBEDTLS_CHACHAPOLY_C)
 
-static int aead_chacha20_poly1305_setkey_wrap( void *ctx, const unsigned char *key,
-                                               unsigned int key_bitlen )
+static int chachapoly_setkey_wrap( void *ctx,
+                                   const unsigned char *key,
+                                   unsigned int key_bitlen )
 {
     if( key_bitlen != 256U )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-    if ( 0 != mbedtls_aead_chacha20_poly1305_setkey( (mbedtls_aead_chacha20_poly1305_context*)ctx, key ) )
+    if ( 0 != mbedtls_chachapoly_setkey( (mbedtls_chachapoly_context*)ctx, key ) )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
     return( 0 );
 }
 
-static void * aead_chacha20_poly1305_ctx_alloc( void )
+static void * chachapoly_ctx_alloc( void )
 {
-    mbedtls_aead_chacha20_poly1305_context *ctx;
-    ctx = mbedtls_calloc( 1, sizeof( mbedtls_aead_chacha20_poly1305_context ) );
+    mbedtls_chachapoly_context *ctx;
+    ctx = mbedtls_calloc( 1, sizeof( mbedtls_chachapoly_context ) );
 
     if( ctx == NULL )
         return( NULL );
 
-    mbedtls_aead_chacha20_poly1305_init( ctx );
+    mbedtls_chachapoly_init( ctx );
 
     return( ctx );
 }
 
-static void aead_chacha20_poly1305_ctx_free( void *ctx )
+static void chachapoly_ctx_free( void *ctx )
 {
-    mbedtls_aead_chacha20_poly1305_free( (mbedtls_aead_chacha20_poly1305_context *) ctx );
+    mbedtls_chachapoly_free( (mbedtls_chachapoly_context *) ctx );
     mbedtls_free( ctx );
 }
 
-static const mbedtls_cipher_base_t aead_chacha20_poly1305_base_info = {
+static const mbedtls_cipher_base_t chachapoly_base_info = {
     MBEDTLS_CIPHER_ID_CHACHA20,
     NULL,
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1404,12 +1405,12 @@
 #if defined(MBEDTLS_CIPHER_MODE_STREAM)
     NULL,
 #endif
-    aead_chacha20_poly1305_setkey_wrap,
-    aead_chacha20_poly1305_setkey_wrap,
-    aead_chacha20_poly1305_ctx_alloc,
-    aead_chacha20_poly1305_ctx_free
+    chachapoly_setkey_wrap,
+    chachapoly_setkey_wrap,
+    chachapoly_ctx_alloc,
+    chachapoly_ctx_free
 };
-static const mbedtls_cipher_info_t aead_chacha20_poly1305_info = {
+static const mbedtls_cipher_info_t chachapoly_info = {
     MBEDTLS_CIPHER_CHACHA20_POLY1305,
     MBEDTLS_MODE_NONE,
     256,
@@ -1417,9 +1418,9 @@
     12,
     0,
     64,
-    &aead_chacha20_poly1305_base_info
+    &chachapoly_base_info
 };
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#endif /* MBEDTLS_CHACHAPOLY_C */
 
 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
 static int null_crypt_stream( void *ctx, size_t length,
@@ -1580,8 +1581,8 @@
     { MBEDTLS_CIPHER_CHACHA20,             &chacha20_info },
 #endif
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
-    { MBEDTLS_CIPHER_CHACHA20_POLY1305,    &aead_chacha20_poly1305_info },
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    { MBEDTLS_CIPHER_CHACHA20_POLY1305,    &chachapoly_info },
 #endif
 
 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
diff --git a/library/error.c b/library/error.c
index d0a75ca..aeef930 100644
--- a/library/error.c
+++ b/library/error.c
@@ -41,10 +41,6 @@
 
 #include <stdio.h>
 
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
-#include "mbedtls/aead_chacha20_poly1305.h"
-#endif
-
 #if defined(MBEDTLS_AES_C)
 #include "mbedtls/aes.h"
 #endif
@@ -77,6 +73,10 @@
 #include "mbedtls/chacha20.h"
 #endif
 
+#if defined(MBEDTLS_CHACHAPOLY_C)
+#include "mbedtls/chachapoly.h"
+#endif
+
 #if defined(MBEDTLS_CIPHER_C)
 #include "mbedtls/cipher.h"
 #endif
@@ -579,13 +579,6 @@
     // Low level error codes
     //
     // BEGIN generated code
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
-    if( use_ret == -(MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_INPUT_DATA) )
-        mbedtls_snprintf( buf, buflen, "AEAD_CHACHA20_POLY1305 - Invalid input parameter(s)" );
-    if( use_ret == -(MBEDTLS_ERR_AEAD_CHACHA20_POLY1305_BAD_STATE) )
-        mbedtls_snprintf( buf, buflen, "AEAD_CHACHA20_POLY1305 - The requested operation is not permitted in the current state" );
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
-
 #if defined(MBEDTLS_AES_C)
     if( use_ret == -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH) )
         mbedtls_snprintf( buf, buflen, "AES - Invalid key length" );
@@ -677,6 +670,13 @@
         mbedtls_snprintf( buf, buflen, "CHACHA20 - Invalid input parameter(s)" );
 #endif /* MBEDTLS_CHACHA20_C */
 
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_BAD_INPUT_DATA) )
+        mbedtls_snprintf( buf, buflen, "CHACHAPOLY - Invalid input parameter(s)" );
+    if( use_ret == -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE) )
+        mbedtls_snprintf( buf, buflen, "CHACHAPOLY - The requested operation is not permitted in the current state" );
+#endif /* MBEDTLS_CHACHAPOLY_C */
+
 #if defined(MBEDTLS_CMAC_C)
     if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
         mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
diff --git a/library/version_features.c b/library/version_features.c
index b73410c..cce1a38 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -84,9 +84,9 @@
 #if defined(MBEDTLS_TIMING_ALT)
     "MBEDTLS_TIMING_ALT",
 #endif /* MBEDTLS_TIMING_ALT */
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_ALT)
-    "MBEDTLS_AEAD_CHACHA20_POLY1305_ALT",
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_ALT */
+#if defined(MBEDTLS_CHACHAPOLY_ALT)
+    "MBEDTLS_CHACHAPOLY_ALT",
+#endif /* MBEDTLS_CHACHAPOLY_ALT */
 #if defined(MBEDTLS_AES_ALT)
     "MBEDTLS_AES_ALT",
 #endif /* MBEDTLS_AES_ALT */
@@ -519,9 +519,9 @@
 #if defined(MBEDTLS_AES_C)
     "MBEDTLS_AES_C",
 #endif /* MBEDTLS_AES_C */
-#if defined(MBEDTLS_AEAD_CHACHA20_POLY1305_C)
-    "MBEDTLS_AEAD_CHACHA20_POLY1305_C",
-#endif /* MBEDTLS_AEAD_CHACHA20_POLY1305_C */
+#if defined(MBEDTLS_CHACHAPOLY_C)
+    "MBEDTLS_CHACHAPOLY_C",
+#endif /* MBEDTLS_CHACHAPOLY_C */
 #if defined(MBEDTLS_ARC4_C)
     "MBEDTLS_ARC4_C",
 #endif /* MBEDTLS_ARC4_C */