mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-30 16:20:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Now compatible with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER

Browse Source 
Also make a few general clarifications/improvements while at it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2022-05-11 13:31:47 +02:00 committed by Manuel Pégourié-Gonnard
parent 3e83098e01
commit f3f79a00fc
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/use-psa-crypto.md
View File

@ -1,12 +1,18 @@
This document describes the compile-time configuration option
`MBEDTLS_USE_PSA_CRYPTO` from a user's perspective.
This option makes the X.509 and TLS library use PSA for cryptographic
operations, and enables new APIs for using keys handled by PSA Crypto.
General limitations
-------------------
Compile-time: enabling `MBEDTLS_USE_PSA_CRYPTO` requires
`MBEDTLS_ECP_RESTARTABLE` and
`MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` to be disabled.
`MBEDTLS_ECP_RESTARTABLE` to be disabled.
Application code: when this option is enabled, you need to call
`psa_crypto_init()` before calling any function from the SSL/TLS, X.509 or PK
module.
Scope: `MBEDTLS_USE_PSA_CRYPTO` has no effect on the parts of the code that
are specific to TLS 1.3; those parts always use PSA Crypto. The parts of the