Hi Archanaa, the ability for a user of Mbed TLS to use its own implementation of PSA Crypto API and not the TF-PSA-Crypto is not in scope for the second half of 2024. It is something we want to eventually support though (not planned yet
as far as I know). Another possibility for a crypto hardware is to not implement the PSA Crypto API for it but the PSA Crypto driver interface and we have already reasonable support for that.
Thanks, Ronald.
From: S Krishnan, Archanaa via mbed-tls <mbed-tls@lists.trustedfirmware.org>
Sent: Monday, October 30, 2023 6:43 PM
To: mbed-tls@lists.trustedfirmware.org
Subject: [mbed-tls] Re: TF-PSA-Crypto publication
Also, sending to mbedtls forum.
From: S Krishnan, Archanaa
Sent: Monday, October 30, 2023 9:18 AM
To: 'Ronald Cron' <Ronald.Cron@arm.com>
Subject: RE: TF-PSA-Crypto publication
Hi Ronald,
Thank you for the announcement.
According to the roadmap,
https://mbed-tls.readthedocs.io/en/latest/project/roadmap/, mbedTLS is expected to use the PSA API repository in the second half of 2024.
When that happens, will a user have the option to either choose PSA Crypto API implementation from TF-PSA-Crypto repo vs their own custom repo? I.e., if I have my own implementation of PSA Crypto
API for a crypto hardware, will I be able to use it with mbedTLS in place of the TF-PSA-Crypto repository?
Please let me know if there is any documentation about the same that I can refer to in mbedTLS repo.
Regards,
Archanaa
From: Ronald Cron via mbed-tls <mbed-tls@lists.trustedfirmware.org>
Sent: Friday, October 13, 2023 8:06 AM
To: mbed-tls@lists.trustedfirmware.org
Subject: [EXTERNAL] [mbed-tls] TF-PSA-Crypto publication
We are happy to announce the publication in GitHub of the TF-PSA-Crypto repository:
https://github.com/Mbed-TLS/TF-PSA-Crypto.
The TF-PSA-Crypto repository provides an implementation of the PSA Cryptography API (https://arm-software.github.io/psa-api). This encompasses the on-going extensions to the PSA Cryptography
API (e.g. PAKE). The PSA Cryptography API implementation is organized around the PSA Cryptography driver interface aiming to ease the support of cryptographic accelerators and processors.
This is a significant milestone on the journey to split the PSA Cryptography API implementation and its development out of the Mbed TLS repository into TF-PSA-Crypto. This is early days though and the TF-PSA-Crypto repository should be
considered as a prototype: it is read-only and mostly a mirror of the PSA Cryptography API implementation of Mbed TLS. But we believe it is a good illustration of what we are aiming at.
Thanks, Ronald Cron on behalf of the Mbed TLS team.