Some sentences or paragraphs became confusing or meaningless after
removing USE_PSA and only fixing the local context/semantics.
Fix the semantics where needed and remove parts that became meaningless.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This is an architecture document focusing on how PSA APIs can be mixed
with non-PSA APIs, notably including PK (and in fact, it's mostly about
PK, since we didn't identify work to be done in other areas). It is not
really relevant in 4.0/1.0, where the goals will be different — to do
without low-level legacy APIs.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This is an architecture document focusing on how parts of the code base
can accommodate both builds with PSA crypto disabled and builds with
driver-only mechanisms. Going forward, this coexistence is no longer
relevant.
The document does explain why some parts of md and cipher are the way
they are. In the future, we'll want to remove legacy code paths and keep
only the PSA code paths. But for that, it isn't particularly useful to
know how the dual code paths came about, or what constraints they had to
obey. Those constraints no longer apply.
Signed-off-by: Janos Follath <janos.follath@arm.com>
MBED_TLS_USE_PSA_CRYPTO is now always enabled we need to remove
documentation discussing cases when it is disabled.
Signed-off-by: Janos Follath <janos.follath@arm.com>
MBED_TLS_USE_PSA_CRYPTO is now always enabled we need to remove
documentation discussing cases when it is disabled.
The goal is not to update the document, only to remove
MBED_TLS_USE_PSA_CRYPTO, while making a minimal local context of the
occurrance up to date and sensible.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This document is describes the testing strategy for the
`MBEDTLS_USE_PSA_CRYPTO` option. This option is now always on, can't be
disabled and the corresponding behaviour is the only library behaviour.
Signed-off-by: Janos Follath <janos.follath@arm.com>
MBED_TLS_USE_PSA_CRYPTO is now always enabled we need to remove
documentation discussing cases when it is disabled.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.
Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Mostly to reflect this has been implemented, and remove references to
temporary remains from the previous strategy (hash_info, legacy_or_psa)
which would probably be more confusing than helpful at this point.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
