Thank you for the information. According to the roadmap page (https://developer.trustedfirmware.org/w/mbed-tls/roadmap/ ), legacy cipher APIs will be removed in the mebedTLS v4.0. Could you inform when the v4.0 would be released? I would like to plan for it in advance.
Best Regards, Peter Chung
-----Original Message----- From: Gilles Peskine via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: Wednesday, September 28, 2022 2:22 PM To: mbed-tls@lists.trustedfirmware.org Subject: [EXTERNAL] [mbed-tls] Re: Mbed TLS4.0 - Remove legacy cipher APIs
Hello,
We do plan to fully migrate to PSA APIs for cryptography. This means we'll retire mbedtls_md and mbedtls_cipher. The status of mbedtls_pk is still a little unclear because it does key parsing/writing, which PSA doesn't do; it might move to the x509 library since the supported key formats are mostly those used in X.509, or we may expand the PSA API to have similar functions.
It's highly likely that mbedtls_md and mbedtls_cipher won't be in Mbed TLS 5.0. It's not completely clear to me whether they'll be in Mbed TLS 4.0: they might be still available as a deprecated compatibility layer, depending on how much user demand there is.
Low-level crypto APIs (aes.h, ecp.h, …) will definitely not be in the public API of Mbed TLS 4.0, and ALT interfaces will no longer be supported.
Best regards,
-- Gilles Peskine Mbed TLS developer
On 28/09/2022 00:05, S Krishnan, Archanaa via mbed-tls wrote:
Hi,
In mbedTLS road map, there is a future task to remove legacy cipher API (https://developer.trustedfirmware.org/w/mbed-tls/roadmap/). Does that mean all existing mbedtls crypto APIs will not be supported anymore?
mbedTLS is used for both its TLS and crypto library. I am curious how the planned changes will affect both set of users.
- Are the crypto library users expected to only use PSA crypto APIs and key IDs?
- Are the TLS library users expected to see API changes to TLS functions to support key IDs?
Thank, Archanaa
-- mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.org