Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 828c0f3..b7a869a 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -295,7 +295,7 @@
*
* Requires: PSA_WANT_ALG_JPAKE
* PSA_WANT_ALG_SHA_256
- * MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ * PSA_WANT_ECC_SECP_R1_256
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9f7ab7f..5b852bd 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2346,15 +2346,15 @@
#if defined(PSA_WANT_ALG_SHA_256) && defined(PSA_WANT_ECC_SECP_R1_256)
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP256R1_SHA256:
break;
-#endif /* PSA_WANT_ALG_SHA_256 && MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+#endif /* PSA_WANT_ALG_SHA_256 && PSA_WANT_ECC_SECP_R1_256 */
#if defined(PSA_WANT_ALG_SHA_384) && defined(PSA_WANT_ECC_SECP_R1_384)
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP384R1_SHA384:
break;
-#endif /* PSA_WANT_ALG_SHA_384 && MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+#endif /* PSA_WANT_ALG_SHA_384 && PSA_WANT_ECC_SECP_R1_384 */
#if defined(PSA_WANT_ALG_SHA_512) && defined(PSA_WANT_ECC_SECP_R1_521)
case MBEDTLS_TLS1_3_SIG_ECDSA_SECP521R1_SHA512:
break;
-#endif /* PSA_WANT_ALG_SHA_512 && MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+#endif /* PSA_WANT_ALG_SHA_512 && PSA_WANT_ECC_SECP_R1_521 */
#endif /* PSA_HAVE_ALG_SOME_ECDSA */
#if defined(PSA_WANT_ALG_RSA_PSS)
diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c
index 79d3059..fcbc090 100644
--- a/programs/ssl/ssl_test_lib.c
+++ b/programs/ssl/ssl_test_lib.c
@@ -470,47 +470,47 @@
uint8_t is_supported;
} tls_id_group_name_table[] =
{
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521)
+#if defined(PSA_WANT_ECC_SECP_R1_521)
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_384)
+#if defined(PSA_WANT_ECC_SECP_R1_384)
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_256)
+#if defined(PSA_WANT_ECC_SECP_R1_256)
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || defined(PSA_WANT_ECC_SECP_K1_256)
+#if defined(PSA_WANT_ECC_SECP_K1_256)
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
+#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_255)
+#if defined(PSA_WANT_ECC_MONTGOMERY_255)
{ MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519", 0 },
#endif
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) || defined(PSA_WANT_ECC_MONTGOMERY_448)
+#if defined(PSA_WANT_ECC_MONTGOMERY_448)
{ MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 1 },
#else
{ MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448", 0 },
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index 860371d..ccb4a0b 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -433,17 +433,16 @@
component_test_everest_curve25519_only () {
msg "build: Everest ECDH context, only Curve25519" # ~ 6 min
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
- scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
- scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECDSA
- scripts/config.py -c $CRYPTO_CONFIG_H set PSA_WANT_ALG_ECDH
+ scripts/config.py unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
+ scripts/config.py unset PSA_WANT_ALG_ECDSA
+ scripts/config.py set PSA_WANT_ALG_ECDH
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- scripts/config.py -c $CRYPTO_CONFIG_H unset PSA_WANT_ALG_JPAKE
+ scripts/config.py unset PSA_WANT_ALG_JPAKE
# Disable all curves
- scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED"
- scripts/config.py -c $CRYPTO_CONFIG_H unset-all "PSA_WANT_ECC_[0-9A-Z_a-z]*$"
- scripts/config.py -c $CRYPTO_CONFIG_H set PSA_WANT_ECC_MONTGOMERY_255
+ scripts/config.py unset-all "PSA_WANT_ECC_[0-9A-Z_a-z]*$"
+ scripts/config.py set PSA_WANT_ECC_MONTGOMERY_255
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py
index 7a7c754..11ee5a0 100755
--- a/tests/scripts/depends.py
+++ b/tests/scripts/depends.py
@@ -257,26 +257,7 @@
'PSA_WANT_ALG_CCM': ['PSA_WANT_ALG_CCM_STAR_NO_TAG'],
'PSA_WANT_ALG_CMAC': ['PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128'],
- # These reverse dependencies can be removed as part of issue
- # tf-psa-crypto#364.
- 'PSA_WANT_ECC_BRAINPOOL_P_R1_256': ['MBEDTLS_ECP_DP_BP256R1_ENABLED'],
- 'PSA_WANT_ECC_BRAINPOOL_P_R1_384': ['MBEDTLS_ECP_DP_BP384R1_ENABLED'],
- 'PSA_WANT_ECC_BRAINPOOL_P_R1_512': ['MBEDTLS_ECP_DP_BP512R1_ENABLED'],
- 'PSA_WANT_ECC_MONTGOMERY_255': ['MBEDTLS_ECP_DP_CURVE25519_ENABLED'],
- 'PSA_WANT_ECC_MONTGOMERY_448': ['MBEDTLS_ECP_DP_CURVE448_ENABLED'],
- 'PSA_WANT_ECC_SECP_R1_256': ['PSA_WANT_ALG_JPAKE',
- 'MBEDTLS_ECP_DP_SECP256R1_ENABLED'],
- 'PSA_WANT_ECC_SECP_R1_384': ['MBEDTLS_ECP_DP_SECP384R1_ENABLED'],
- 'PSA_WANT_ECC_SECP_R1_521': ['MBEDTLS_ECP_DP_SECP521R1_ENABLED'],
- 'PSA_WANT_ECC_SECP_K1_256': ['MBEDTLS_ECP_DP_SECP256K1_ENABLED'],
-
- # Support for secp224[k|r]1 was removed in tfpsacrypto#408 while
- # secp192[k|r]1 were kept only for internal testing (hidden to the end
- # user). We need to keep these reverse dependencies here until
- # symbols are hidden/removed from crypto_config.h.
- 'PSA_WANT_ECC_SECP_R1_192': ['MBEDTLS_ECP_DP_SECP192R1_ENABLED'],
- 'PSA_WANT_ECC_SECP_R1_224': ['MBEDTLS_ECP_DP_SECP224R1_ENABLED'],
- 'PSA_WANT_ECC_SECP_K1_192': ['MBEDTLS_ECP_DP_SECP192K1_ENABLED'],
+ 'PSA_WANT_ECC_SECP_R1_256': ['PSA_WANT_ALG_JPAKE'],
'PSA_WANT_ALG_ECDSA': ['PSA_WANT_ALG_DETERMINISTIC_ECDSA',
'MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED'],