Description
Problem:
s2n_pq_is_enabled() can be removed entirely from s2n now. It was initially used to skip compiling the interned Kyber512 implementation within s2n-tls due to the NIST reference code not being able to compile on very old compilers. Now that the internal Kyber implementation has been removed, this function is no longer needed, and usages of it can be replaced with calls to s2n_libcrypto_supports_evp_kem() or s2n_libcrypto_supports_mlkem() as needed.
Solution:
Remove all calls to s2n_pq_is_enabled() and replace them with s2n_libcrypto_supports_evp_kem() or s2n_libcrypto_supports_mlkem() as needed.
Requirements / Acceptance Criteria:
What must a solution address in order to solve the problem? How do we know the solution is complete?
- RFC links: Links to relevant RFC(s)
- Related Issues: Link any relevant issues
- Will the Usage Guide or other documentation need to be updated?
- Testing: How will this change be tested? Call out new integration tests, functional tests, or particularly interesting/important unit tests.
- Will this change trigger SAW changes? Changes to the state machine, the s2n_handshake_io code that controls state transitions, the DRBG, or the corking/uncorking logic could trigger SAW failures.
- Should this change be fuzz tested? Will it handle untrusted input? Create a separate issue to track the fuzzing work.
Out of scope:
Is there anything the solution will intentionally NOT address?