From 97ec0b7bfa27f4824b15e71fd04777b180bebeec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 20 Apr 2022 15:20:15 +0200 Subject: [PATCH] Clarify effect of USE_PSA on TLS 1.3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The previous wording was wrong, there are parts that are affected. Signed-off-by: Manuel Pégourié-Gonnard --- docs/use-psa-crypto.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md index 9c97b5d5c..a3eebc59b 100644 --- a/docs/use-psa-crypto.md +++ b/docs/use-psa-crypto.md @@ -12,8 +12,10 @@ Compile-time: enabling `MBEDTLS_USE_PSA_CRYPTO` requires `MBEDTLS_ECP_RESTARTABLE` and `MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` to be disabled. -Effect: `MBEDTLS_USE_PSA_CRYPTO` has no effect on TLS 1.3 for which PSA -cryptography is mandatory. +Scope: `MBEDTLS_USE_PSA_CRYPTO` has no effect on the parts of the code that +are specific to TLS 1.3; those parts always use PSA Crypto. The parts of the +TLS 1.3 code that are common with TLS 1.2, however, follow this option (this +is currently just the record protection code). Stability: any API that's only available when `MBEDTLS_USE_PSA_CRYPTO` is defined is considered experimental and may change in incompatible ways at any