Bug 1692930 - Update HPKE to final version, r=bbeurdouche

This adds the final HPKE version string.

This removes the draft version markers from the implementation and stops
tracking the draft version with the exported syntax.

I've added the script that I used to convert the JSON test vectors from the
specification; that should allow us to pick up new tests relatively easily,
especially if we need to add new algorithms.

This change breaks several ECH test cases.  As fixing those tests is
extraordinarily fiddly, I'm going to defer making those changes until we need to
update ECH.  As we can't land this code until ECH is updated to depend on the
final HPKE and until we have coordinated with servers on when the ECH update can
be deployed, it should be OK to defer.

In short, don't land this without the matching ECH changes.

Differential Revision: https://phabricator.services.mozilla.com/D105256

2 files changed, 0 insertions, 9 deletions

diff --git a/coreconf/config.gypi b/coreconf/config.gypi
index 951e9abd1..eec50ddbb 100644
--- a/coreconf/config.gypi
+++ b/coreconf/config.gypi
@@ -573,11 +573,6 @@
               'NSS_DISABLE_DBM',
             ],
           }],
-          [ 'enable_draft_hpke==1', {
-            'defines': [
-              'NSS_ENABLE_DRAFT_HPKE',
-            ],
-          }],
           [ 'disable_libpkix==1', {
             'defines': [
               'NSS_DISABLE_LIBPKIX',
diff --git a/coreconf/config.mk b/coreconf/config.mk
index 4ae941c47..d4c9ccaa1 100644
--- a/coreconf/config.mk
+++ b/coreconf/config.mk
@@ -195,10 +195,6 @@ ifdef NSS_PKIX_NO_LDAP
 DEFINES += -DNSS_PKIX_NO_LDAP
 endif
 
-ifdef NSS_ENABLE_DRAFT_HPKE
-DEFINES += -DNSS_ENABLE_DRAFT_HPKE
-endif
-
 # FIPS support requires startup tests to be executed at load time of shared modules.
 # For performance reasons, these tests are disabled by default.
 # When compiling binaries that must support FIPS mode,