eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Mention EC J-PAKE opaque passwords.

Browse source 
Unrelated to the other changes, other than I noticed it was missing
while making the other edits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-03-24 09:26:40 +01:00
parent 2ca08c8409
commit 86efa852df
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
docs/use-psa-crypto.md
View file

@ -98,6 +98,19 @@ register a PSA key for use with a PSK key exchange.
**Use in TLS:** opt-in. The application needs to register the key using one of **Use in TLS:** opt-in. The application needs to register the key using one of
the new APIs to get the benefits. the new APIs to get the benefits.
### PSA-held (opaque) keys for TLS 1.2 EC J-PAKE key exchange
**New API function:** `mbedtls_ssl_set_hs_ecjpake_password_opaque()`.
Call this function from an application to register a PSA key for use with the
TLS 1.2 EC J-PAKE key exchange.
**Benefits:** isolation of long-term secrets.
**Limitations:** none.
**Use in TLS:** opt-in. The application needs to register the key using one of
the new APIs to get the benefits.
### PSA-based operations in the Cipher layer ### PSA-based operations in the Cipher layer
There is a new API function `mbedtls_cipher_setup_psa()` to set up a context There is a new API function `mbedtls_cipher_setup_psa()` to set up a context