Upgrade MbedTLS to 3.0.0

- rc4-md5 & bf-cfb are not supported if building with mbedtls 3.0.0 or later - Fix some errors which are not corresponding to the API specification
pichi-router · Jul 24, 2021 · b5ae67c · b5ae67c
2 parents 6493d31 + af3be7d
commit b5ae67c
Show file tree

Hide file tree

Showing 14 changed files with 128 additions and 64 deletions.
diff --git a/cmake/FindMbedTLS.cmake b/cmake/FindMbedTLS.cmake
@@ -4,7 +4,13 @@ find_library(MbedTLS_LIBRARY NAMES mbedtls libmbedtls)
 find_library(MbedTLS_CRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto)
 
 if (MbedTLS_INCLUDE_DIRS)
-  file(STRINGS "${MbedTLS_INCLUDE_DIRS}/mbedtls/version.h" version_line
+  find_file(has_build_info "build_info.h" PATHS "${MbedTLS_INCLUDE_DIRS}/mbedtls")
+  if (has_build_info)
+    set(ver_file "${MbedTLS_INCLUDE_DIRS}/mbedtls/build_info.h")
+  else ()
+    set(ver_file "${MbedTLS_INCLUDE_DIRS}/mbedtls/version.h")
+  endif ()
+  file(STRINGS "${ver_file}" version_line
         REGEX "^#define[\t ]+MBEDTLS_VERSION_STRING[\t ]+\".*\"")
   if (version_line)
     string(REGEX REPLACE "^#define[\t ]+MBEDTLS_VERSION_STRING[\t ]+\"(.*)\""

diff --git a/include/pichi/crypto/hash.hpp b/include/pichi/crypto/hash.hpp
@@ -8,6 +8,21 @@
 #include <pichi/common/buffer.hpp>
 #include <pichi/common/enumerations.hpp>
 
+#if MBEDTLS_VERSION_MAJOR >= 3
+#define mbedtls_md5_starts_ret mbedtls_md5_starts
+#define mbedtls_sha1_starts_ret mbedtls_sha1_starts
+#define mbedtls_sha256_starts_ret mbedtls_sha256_starts
+#define mbedtls_sha512_starts_ret mbedtls_sha512_starts
+#define mbedtls_md5_update_ret mbedtls_md5_update
+#define mbedtls_sha1_update_ret mbedtls_sha1_update
+#define mbedtls_sha256_update_ret mbedtls_sha256_update
+#define mbedtls_sha512_update_ret mbedtls_sha512_update
+#define mbedtls_md5_finish_ret mbedtls_md5_finish
+#define mbedtls_sha1_finish_ret mbedtls_sha1_finish
+#define mbedtls_sha256_finish_ret mbedtls_sha256_finish
+#define mbedtls_sha512_finish_ret mbedtls_sha512_finish
+#endif  // MBEDTLS_VERSION_MAJOR >= 3
+
 namespace pichi::crypto {
 
 // TODO use lambda if compiler supports

diff --git a/include/pichi/crypto/stream.hpp b/include/pichi/crypto/stream.hpp
@@ -4,25 +4,34 @@
 #include <algorithm>
 #include <array>
 #include <mbedtls/aes.h>
-#include <mbedtls/arc4.h>
-#include <mbedtls/blowfish.h>
 #include <mbedtls/camellia.h>
 #include <pichi/common/buffer.hpp>
 #include <pichi/crypto/method.hpp>
 #include <stdint.h>
 
+#if MBEDTLS_VERSION_MAJOR < 3
+#include <mbedtls/arc4.h>
+#include <mbedtls/blowfish.h>
+#endif  // MBEDTLS_VERSION_MAJOR < 3
+
 namespace pichi::crypto {
 
 template <CryptoMethod method>
 using StreamContext = std::conditional_t<
+#if MBEDTLS_VERSION_MAJOR < 3
     detail::isArc<method>(), mbedtls_arc4_context,
     std::conditional_t<
         detail::isBlowfish<method>(), mbedtls_blowfish_context,
         std::conditional_t<
+#endif  // MBEDTLS_VERSION_MAJOR < 3
             detail::isAesCtr<method>() || detail::isAesCfb<method>(), mbedtls_aes_context,
             std::conditional_t<detail::isCamellia<method>(), mbedtls_camellia_context,
                                std::conditional_t<detail::isSodiumStream<method>(),
-                                                  std::array<uint8_t, KEY_SIZE<method>>, void>>>>>;
+                                                  std::array<uint8_t, KEY_SIZE<method>>, void>>>
+#if MBEDTLS_VERSION_MAJOR < 3
+        >>
+#endif  // MBEDTLS_VERSION_MAJOR < 3
+    ;
 
 template <CryptoMethod method>
 inline constexpr size_t BLK_SIZE = detail::isAesCtr<method>() ? 16 : 0;

diff --git a/include/pichi/vo/keys.hpp b/include/pichi/vo/keys.hpp
@@ -60,7 +60,7 @@ inline decltype(auto) LEAST_CONN = "least_conn";
 namespace security {
 
 inline decltype(auto) AUTO = "auto";
-inline decltype(auto) NONE = "auto";
+inline decltype(auto) NONE = "none";
 inline decltype(auto) CHACHA20_IETF_POLY1305 = "chacha20-ietf-poly1305";
 inline decltype(auto) AES_128_GCM = "aes-128-gcm";
 
@@ -119,7 +119,7 @@ inline decltype(auto) TYPE = "type";
 inline decltype(auto) BIND = "bind";
 inline decltype(auto) OPTION = "option";
 inline decltype(auto) TLS = "tls";
-inline decltype(auto) CREDENTIAL = "credential";
+inline decltype(auto) CREDENTIALS = "credentials";
 inline decltype(auto) WEBSOCKET = "websocket";
 
 }  // namespace ingress

diff --git a/include/pichi/vo/messages.hpp b/include/pichi/vo/messages.hpp
@@ -44,6 +44,7 @@ inline std::string_view const TOO_LONG_NAME_PASSWORD = "Name or password is too
 inline std::string_view const DUPLICATED_ITEMS = "Duplicated items";
 
 inline std::string_view const NOT_IMPLEMENTED = "Not implemented";
+inline std::string_view const DEPRECATED_METHOD = "rc4-md5 & bf-cfb are deprecated";
 
 }  // namespace pichi::vo::msg
 

diff --git a/schemas/examples/egress/ss.json b/schemas/examples/egress/ss.json
@@ -4,7 +4,7 @@
     "host": "ss.example.com",
     "port": 8388
   },
-  "ss": {
+  "option": {
     "password": "shadowsocks password",
     "method": "rc4-md5"
   }

diff --git a/schemas/examples/ingress/ss.json b/schemas/examples/ingress/ss.json
@@ -10,7 +10,7 @@
       "port": 8388
     }
   ],
-  "ss": {
+  "option": {
     "method": "xchacha20-ietf-poly1305",
     "password": "shadowsocks password"
   }

diff --git a/src/crypto/stream.cpp b/src/crypto/stream.cpp
@@ -124,17 +124,7 @@ static size_t encrypt(StreamContext<method>& ctx, size_t offset, ConstBuffer<uin
   suppressC4100(ctx);
   assertTrue(plain.size() <= cipher.size(), PichiError::CRYPTO_ERROR);
   assertTrue(iv.size() >= IV_SIZE<method> + BLK_SIZE<method>, PichiError::CRYPTO_ERROR);
-  if constexpr (detail::isArc<method>()) {
-    assertTrue(mbedtls_arc4_crypt(&ctx, plain.size(), plain.data(), cipher.data()) == 0,
-               PichiError::CRYPTO_ERROR);
-    offset += plain.size();
-  }
-  else if constexpr (detail::isBlowfish<method>()) {
-    assertTrue(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, plain.size(), &offset,
-                                            iv.data(), plain.data(), cipher.data()) == 0,
-               PichiError::CRYPTO_ERROR);
-  }
-  else if constexpr (detail::isAesCtr<method>()) {
+  if constexpr (detail::isAesCtr<method>()) {
     assertTrue(mbedtls_aes_crypt_ctr(&ctx, plain.size(), &offset, iv.data(),
                                      iv.data() + IV_SIZE<method>, plain.data(), cipher.data()) == 0,
                PichiError::CRYPTO_ERROR);
@@ -158,6 +148,18 @@ static size_t encrypt(StreamContext<method>& ctx, size_t offset, ConstBuffer<uin
   else if constexpr (method == CryptoMethod::CHACHA20_IETF) {
     offset = sodiumHelper(crypto_stream_chacha20_ietf_xor_ic, ctx, offset, plain, iv, cipher);
   }
+#if MBEDTLS_VERSION_MAJOR < 3
+  else if constexpr (detail::isArc<method>()) {
+    assertTrue(mbedtls_arc4_crypt(&ctx, plain.size(), plain.data(), cipher.data()) == 0,
+               PichiError::CRYPTO_ERROR);
+    offset += plain.size();
+  }
+  else if constexpr (detail::isBlowfish<method>()) {
+    assertTrue(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_ENCRYPT, plain.size(), &offset,
+                                            iv.data(), plain.data(), cipher.data()) == 0,
+               PichiError::CRYPTO_ERROR);
+  }
+#endif  // MBEDTLS_VERSION_MAJOR < 3
   else
     static_assert(detail::DependentFalse<method>::value);
   return offset;
@@ -170,17 +172,7 @@ static size_t decrypt(StreamContext<method>& ctx, size_t offset, ConstBuffer<uin
   suppressC4100(ctx);
   assertTrue(plain.size() >= cipher.size(), PichiError::CRYPTO_ERROR);
   assertTrue(iv.size() >= IV_SIZE<method> + BLK_SIZE<method>, PichiError::CRYPTO_ERROR);
-  if constexpr (detail::isArc<method>()) {
-    assertTrue(mbedtls_arc4_crypt(&ctx, cipher.size(), cipher.data(), plain.data()) == 0,
-               PichiError::CRYPTO_ERROR);
-    offset += cipher.size();
-  }
-  else if constexpr (detail::isBlowfish<method>()) {
-    assertTrue(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_DECRYPT, cipher.size(), &offset,
-                                            iv.data(), cipher.data(), plain.data()) == 0,
-               PichiError::CRYPTO_ERROR);
-  }
-  else if constexpr (detail::isAesCtr<method>()) {
+  if constexpr (detail::isAesCtr<method>()) {
     assertTrue(mbedtls_aes_crypt_ctr(&ctx, cipher.size(), &offset, iv.data(),
                                      iv.data() + IV_SIZE<method>, cipher.data(), plain.data()) == 0,
                PichiError::CRYPTO_ERROR);
@@ -204,6 +196,18 @@ static size_t decrypt(StreamContext<method>& ctx, size_t offset, ConstBuffer<uin
   else if constexpr (method == CryptoMethod::CHACHA20_IETF) {
     offset = sodiumHelper(crypto_stream_chacha20_ietf_xor_ic, ctx, offset, cipher, iv, plain);
   }
+#if MBEDTLS_VERSION_MAJOR < 3
+  else if constexpr (detail::isArc<method>()) {
+    assertTrue(mbedtls_arc4_crypt(&ctx, cipher.size(), cipher.data(), plain.data()) == 0,
+               PichiError::CRYPTO_ERROR);
+    offset += cipher.size();
+  }
+  else if constexpr (detail::isBlowfish<method>()) {
+    assertTrue(mbedtls_blowfish_crypt_cfb64(&ctx, MBEDTLS_BLOWFISH_DECRYPT, cipher.size(), &offset,
+                                            iv.data(), cipher.data(), plain.data()) == 0,
+               PichiError::CRYPTO_ERROR);
+  }
+#endif  // MBEDTLS_VERSION_MAJOR < 3
   else
     static_assert(detail::DependentFalse<method>::value);
   return offset;
@@ -240,8 +244,10 @@ size_t StreamEncryptor<method>::encrypt(ConstBuffer<uint8_t> plain, MutableBuffe
   return plain.size();
 }
 
+#if MBEDTLS_VERSION_MAJOR < 3
 template class StreamEncryptor<CryptoMethod::RC4_MD5>;
 template class StreamEncryptor<CryptoMethod::BF_CFB>;
+#endif  // MBEDTLS_VERSION_MAJOR < 3
 template class StreamEncryptor<CryptoMethod::AES_128_CTR>;
 template class StreamEncryptor<CryptoMethod::AES_192_CTR>;
 template class StreamEncryptor<CryptoMethod::AES_256_CTR>;
@@ -291,8 +297,10 @@ size_t StreamDecryptor<method>::decrypt(ConstBuffer<uint8_t> cipher, MutableBuff
   return cipher.size();
 }
 
+#if MBEDTLS_VERSION_MAJOR < 3
 template class StreamDecryptor<CryptoMethod::RC4_MD5>;
 template class StreamDecryptor<CryptoMethod::BF_CFB>;
+#endif  // MBEDTLS_VERSION_MAJOR < 3
 template class StreamDecryptor<CryptoMethod::AES_128_CTR>;
 template class StreamDecryptor<CryptoMethod::AES_192_CTR>;
 template class StreamDecryptor<CryptoMethod::AES_256_CTR>;

diff --git a/src/net/adapter.cpp b/src/net/adapter.cpp
@@ -95,10 +95,16 @@ unique_ptr<Ingress> makeShadowsocksIngress(Socket&& s, vo::ShadowsocksOption con
   psk = {container,
          crypto::generateKey(option.method_, ConstBuffer<uint8_t>{option.password_}, container)};
   switch (option.method_) {
+#if MBEDTLS_VERSION_MAJOR < 3
   case CryptoMethod::RC4_MD5:
     return make_unique<SSStreamAdapter<CryptoMethod::RC4_MD5, Socket>>(psk, forward<Socket>(s));
   case CryptoMethod::BF_CFB:
     return make_unique<SSStreamAdapter<CryptoMethod::BF_CFB, Socket>>(psk, forward<Socket>(s));
+#else   // MBEDTLS_VERSION_MAJOR < 3
+  case CryptoMethod::RC4_MD5:
+  case CryptoMethod::BF_CFB:
+    fail(PichiError::SEMANTIC_ERROR, vo::msg::DEPRECATED_METHOD);
+#endif  // MBEDTLS_VERSION_MAJOR < 3
   case CryptoMethod::AES_128_CTR:
     return make_unique<SSStreamAdapter<CryptoMethod::AES_128_CTR, Socket>>(psk, forward<Socket>(s));
   case CryptoMethod::AES_192_CTR:
@@ -152,10 +158,16 @@ static unique_ptr<Egress> makeShadowsocksEgress(vo::ShadowsocksOption const& opt
   auto psk = MutableBuffer<uint8_t>{container, len};
 
   switch (option.method_) {
+#if MBEDTLS_VERSION_MAJOR < 3
   case CryptoMethod::RC4_MD5:
     return make_unique<SSStreamAdapter<CryptoMethod::RC4_MD5, TCPSocket>>(psk, io);
   case CryptoMethod::BF_CFB:
     return make_unique<SSStreamAdapter<CryptoMethod::BF_CFB, TCPSocket>>(psk, io);
+#else   // MBEDTLS_VERSION_MAJOR < 3
+  case CryptoMethod::RC4_MD5:
+  case CryptoMethod::BF_CFB:
+    fail(PichiError::SEMANTIC_ERROR, vo::msg::DEPRECATED_METHOD);
+#endif  // MBEDTLS_VERSION_MAJOR < 3
   case CryptoMethod::AES_128_CTR:
     return make_unique<SSStreamAdapter<CryptoMethod::AES_128_CTR, TCPSocket>>(psk, io);
   case CryptoMethod::AES_192_CTR:

diff --git a/src/net/ssstream.cpp b/src/net/ssstream.cpp
@@ -100,8 +100,10 @@ void SSStreamAdapter<method, Stream>::connect(Endpoint const& remote, ResolveRes
   send({plain, plen}, yield);
 }
 
+#if MBEDTLS_VERSION_MAJOR < 3
 template class SSStreamAdapter<CryptoMethod::RC4_MD5, tcp::socket>;
 template class SSStreamAdapter<CryptoMethod::BF_CFB, tcp::socket>;
+#endif  // MBEDTLS_VERSION_MAJOR < 3
 template class SSStreamAdapter<CryptoMethod::AES_128_CTR, tcp::socket>;
 template class SSStreamAdapter<CryptoMethod::AES_192_CTR, tcp::socket>;
 template class SSStreamAdapter<CryptoMethod::AES_256_CTR, tcp::socket>;
@@ -116,8 +118,10 @@ template class SSStreamAdapter<CryptoMethod::SALSA20, tcp::socket>;
 template class SSStreamAdapter<CryptoMethod::CHACHA20_IETF, tcp::socket>;
 
 #ifdef BUILD_TEST
+#if MBEDTLS_VERSION_MAJOR < 3
 template class SSStreamAdapter<CryptoMethod::RC4_MD5, stream::TestStream>;
 template class SSStreamAdapter<CryptoMethod::BF_CFB, stream::TestStream>;
+#endif  // MBEDTLS_VERSION_MAJOR < 3
 template class SSStreamAdapter<CryptoMethod::AES_128_CTR, stream::TestStream>;
 template class SSStreamAdapter<CryptoMethod::AES_192_CTR, stream::TestStream>;
 template class SSStreamAdapter<CryptoMethod::AES_256_CTR, stream::TestStream>;

diff --git a/src/vo/ingress.cpp b/src/vo/ingress.cpp
@@ -35,7 +35,7 @@ json::Value toJson(Ingress const& ingress, Allocator& alloc)
   case AdapterType::SOCKS5:
     if (ingress.tls_.has_value()) ret.AddMember(ingress::TLS, toJson(*ingress.tls_, alloc), alloc);
     if (ingress.credential_.has_value())
-      ret.AddMember(ingress::CREDENTIAL,
+      ret.AddMember(ingress::CREDENTIALS,
                     toJson(get<UpIngressCredential>(*ingress.credential_), alloc), alloc);
     break;
   case AdapterType::SS:
@@ -48,14 +48,14 @@ json::Value toJson(Ingress const& ingress, Allocator& alloc)
     assertTrue(ingress.credential_.has_value());
     ret.AddMember(ingress::OPTION, toJson(get<TrojanOption>(*ingress.opt_), alloc), alloc);
     ret.AddMember(ingress::TLS, toJson(*ingress.tls_, alloc), alloc);
-    ret.AddMember(ingress::CREDENTIAL,
+    ret.AddMember(ingress::CREDENTIALS,
                   toJson(get<TrojanIngressCredential>(*ingress.credential_), alloc), alloc);
     if (ingress.websocket_.has_value())
       ret.AddMember(ingress::WEBSOCKET, toJson(*ingress.websocket_, alloc), alloc);
     break;
   case AdapterType::VMESS:
     assertTrue(ingress.credential_.has_value());
-    ret.AddMember(ingress::CREDENTIAL,
+    ret.AddMember(ingress::CREDENTIALS,
                   toJson(get<VMessIngressCredential>(*ingress.credential_), alloc), alloc);
     if (ingress.tls_.has_value()) ret.AddMember(ingress::TLS, toJson(*ingress.tls_, alloc), alloc);
     if (ingress.websocket_.has_value())
@@ -93,26 +93,26 @@ template <> Ingress parse(json::Value const& v)
   case AdapterType::HTTP:
   case AdapterType::SOCKS5:
     if (v.HasMember(ingress::TLS)) ingress.tls_ = parse<TlsIngressOption>(v[ingress::TLS]);
-    if (v.HasMember(ingress::CREDENTIAL))
-      ingress.credential_ = parse<UpIngressCredential>(v[ingress::CREDENTIAL]);
+    if (v.HasMember(ingress::CREDENTIALS))
+      ingress.credential_ = parse<UpIngressCredential>(v[ingress::CREDENTIALS]);
     break;
   case AdapterType::SS:
     assertTrue(v.HasMember(ingress::OPTION), PichiError::BAD_JSON, msg::MISSING_OPTION_FIELD);
     ingress.opt_ = parse<ShadowsocksOption>(v[ingress::OPTION]);
     break;
   case AdapterType::TROJAN:
-    assertTrue(v.HasMember(ingress::CREDENTIAL), PichiError::BAD_JSON, msg::MISSING_CRED_FIELD);
+    assertTrue(v.HasMember(ingress::CREDENTIALS), PichiError::BAD_JSON, msg::MISSING_CRED_FIELD);
     assertTrue(v.HasMember(ingress::OPTION), PichiError::BAD_JSON, msg::MISSING_OPTION_FIELD);
     assertTrue(v.HasMember(ingress::TLS), PichiError::BAD_JSON, msg::MISSING_TLS_FIELD);
-    ingress.credential_ = parse<TrojanIngressCredential>(v[ingress::CREDENTIAL]);
+    ingress.credential_ = parse<TrojanIngressCredential>(v[ingress::CREDENTIALS]);
     ingress.opt_ = parse<TrojanOption>(v[ingress::OPTION]);
     ingress.tls_ = parse<TlsIngressOption>(v[ingress::TLS]);
     if (v.HasMember(ingress::WEBSOCKET))
       ingress.websocket_ = parse<WebsocketOption>(v[ingress::WEBSOCKET]);
     break;
   case AdapterType::VMESS:
-    assertTrue(v.HasMember(ingress::CREDENTIAL), PichiError::BAD_JSON, msg::MISSING_CRED_FIELD);
-    ingress.credential_ = parse<VMessIngressCredential>(v[ingress::CREDENTIAL]);
+    assertTrue(v.HasMember(ingress::CREDENTIALS), PichiError::BAD_JSON, msg::MISSING_CRED_FIELD);
+    ingress.credential_ = parse<VMessIngressCredential>(v[ingress::CREDENTIALS]);
     if (v.HasMember(ingress::TLS)) ingress.tls_ = parse<TlsIngressOption>(v[ingress::TLS]);
     if (v.HasMember(ingress::WEBSOCKET))
       ingress.websocket_ = parse<WebsocketOption>(v[ingress::WEBSOCKET]);

diff --git a/test/cryptogram.cpp b/test/cryptogram.cpp
@@ -55,6 +55,7 @@ template <CryptoMethod method> struct Ciphers {
   static vector<uint8_t> const& IV;
 };
 
+#if MBEDTLS_VERSION_MAJOR < 3
 template <>
 vector<vector<uint8_t>> const Ciphers<CryptoMethod::RC4_MD5>::CIPHERS = {
     hex2bin("cd1695a36fbfb5270d59fcf7153e7dcf"), hex2bin("eca24c0e95c67b736c52e75d66355385"),
@@ -88,6 +89,7 @@ vector<vector<uint8_t>> const Ciphers<CryptoMethod::BF_CFB>::CIPHERS = {
     hex2bin("985445eed87575ffd8f105c70fcc6db9"), hex2bin("cd8fd745369f58")};
 template <> vector<uint8_t> const& Ciphers<CryptoMethod::BF_CFB>::KEY = KeyIv<16>::KEY;
 template <> vector<uint8_t> const& Ciphers<CryptoMethod::BF_CFB>::IV = KeyIv<8>::IV;
+#endif  // MBEDTLS_VERSION_MAJOR < 3
 
 template <>
 vector<vector<uint8_t>> const Ciphers<CryptoMethod::AES_128_CTR>::CIPHERS = {
@@ -442,26 +444,30 @@ vector<uint8_t> const& Ciphers<CryptoMethod::XCHACHA20_IETF_POLY1305>::KEY = Key
 template <>
 vector<uint8_t> const& Ciphers<CryptoMethod::XCHACHA20_IETF_POLY1305>::IV = KeyIv<32>::IV;
 
-using Cases =
-    mpl::list<Ciphers<CryptoMethod::RC4_MD5>, Ciphers<CryptoMethod::BF_CFB>,
-              Ciphers<CryptoMethod::AES_128_CTR>, Ciphers<CryptoMethod::AES_192_CTR>,
-              Ciphers<CryptoMethod::AES_256_CTR>, Ciphers<CryptoMethod::AES_128_CFB>,
-              Ciphers<CryptoMethod::AES_192_CFB>, Ciphers<CryptoMethod::AES_256_CFB>,
-              Ciphers<CryptoMethod::CAMELLIA_128_CFB>, Ciphers<CryptoMethod::CAMELLIA_192_CFB>,
-              Ciphers<CryptoMethod::CAMELLIA_256_CFB>, Ciphers<CryptoMethod::CHACHA20>,
-              Ciphers<CryptoMethod::SALSA20>, Ciphers<CryptoMethod::CHACHA20_IETF>,
-              Ciphers<CryptoMethod::AES_128_GCM>, Ciphers<CryptoMethod::AES_192_GCM>,
-              Ciphers<CryptoMethod::AES_256_GCM>, Ciphers<CryptoMethod::CHACHA20_IETF_POLY1305>,
-              Ciphers<CryptoMethod::XCHACHA20_IETF_POLY1305>>;
-
-using StreamCases =
-    mpl::list<Ciphers<CryptoMethod::RC4_MD5>, Ciphers<CryptoMethod::BF_CFB>,
-              Ciphers<CryptoMethod::AES_128_CTR>, Ciphers<CryptoMethod::AES_192_CTR>,
-              Ciphers<CryptoMethod::AES_256_CTR>, Ciphers<CryptoMethod::AES_128_CFB>,
-              Ciphers<CryptoMethod::AES_192_CFB>, Ciphers<CryptoMethod::AES_256_CFB>,
-              Ciphers<CryptoMethod::CAMELLIA_128_CFB>, Ciphers<CryptoMethod::CAMELLIA_192_CFB>,
-              Ciphers<CryptoMethod::CAMELLIA_256_CFB>, Ciphers<CryptoMethod::CHACHA20>,
-              Ciphers<CryptoMethod::SALSA20>, Ciphers<CryptoMethod::CHACHA20_IETF>>;
+using Cases = mpl::list<
+#if MBEDTLS_VERSION_MAJOR < 3
+    Ciphers<CryptoMethod::RC4_MD5>, Ciphers<CryptoMethod::BF_CFB>,
+#endif  // MBEDTLS_VERSION_MAJOR < 3
+    Ciphers<CryptoMethod::AES_128_CTR>, Ciphers<CryptoMethod::AES_192_CTR>,
+    Ciphers<CryptoMethod::AES_256_CTR>, Ciphers<CryptoMethod::AES_128_CFB>,
+    Ciphers<CryptoMethod::AES_192_CFB>, Ciphers<CryptoMethod::AES_256_CFB>,
+    Ciphers<CryptoMethod::CAMELLIA_128_CFB>, Ciphers<CryptoMethod::CAMELLIA_192_CFB>,
+    Ciphers<CryptoMethod::CAMELLIA_256_CFB>, Ciphers<CryptoMethod::CHACHA20>,
+    Ciphers<CryptoMethod::SALSA20>, Ciphers<CryptoMethod::CHACHA20_IETF>,
+    Ciphers<CryptoMethod::AES_128_GCM>, Ciphers<CryptoMethod::AES_192_GCM>,
+    Ciphers<CryptoMethod::AES_256_GCM>, Ciphers<CryptoMethod::CHACHA20_IETF_POLY1305>,
+    Ciphers<CryptoMethod::XCHACHA20_IETF_POLY1305>>;
+
+using StreamCases = mpl::list<
+#if MBEDTLS_VERSION_MAJOR < 3
+    Ciphers<CryptoMethod::RC4_MD5>, Ciphers<CryptoMethod::BF_CFB>,
+#endif  // MBEDTLS_VERSION_MAJOR < 3
+    Ciphers<CryptoMethod::AES_128_CTR>, Ciphers<CryptoMethod::AES_192_CTR>,
+    Ciphers<CryptoMethod::AES_256_CTR>, Ciphers<CryptoMethod::AES_128_CFB>,
+    Ciphers<CryptoMethod::AES_192_CFB>, Ciphers<CryptoMethod::AES_256_CFB>,
+    Ciphers<CryptoMethod::CAMELLIA_128_CFB>, Ciphers<CryptoMethod::CAMELLIA_192_CFB>,
+    Ciphers<CryptoMethod::CAMELLIA_256_CFB>, Ciphers<CryptoMethod::CHACHA20>,
+    Ciphers<CryptoMethod::SALSA20>, Ciphers<CryptoMethod::CHACHA20_IETF>>;
 
 BOOST_AUTO_TEST_SUITE(Cryptogram)