Remove USE_PSA references from crypto documentation
MBEDTLS_USE_PSA_CRYPTO is now always enabled we need to update the
documentation accordingly.
Signed-off-by: Janos Follath <janos.follath@arm.com>
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h
index 1dc31c9..75e95d3 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h
@@ -642,8 +642,6 @@
* Please use psa_aead_xxx() / psa_cipher_xxx() directly
* instead.
*
- * \note See #MBEDTLS_USE_PSA_CRYPTO for information on PSA.
- *
* \param ctx The context to initialize. May not be \c NULL.
* \param cipher_info The cipher to use.
* \param taglen For AEAD ciphers, the length in bytes of the
diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h
index 52f4cc6..3c0f6e1 100644
--- a/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h
+++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h
@@ -88,20 +88,17 @@
typedef struct mbedtls_pk_rsassa_pss_options {
/** The digest to use for MGF1 in PSS.
*
- * \note When #MBEDTLS_USE_PSA_CRYPTO is enabled and #MBEDTLS_RSA_C is
- * disabled, this must be equal to the \c md_alg argument passed
- * to mbedtls_pk_verify_ext(). In a future version of the library,
- * this constraint may apply whenever #MBEDTLS_USE_PSA_CRYPTO is
- * enabled regardless of the status of #MBEDTLS_RSA_C.
+ * \note When #MBEDTLS_RSA_C is disabled, this must be equal to the \c md_alg argument passed
+ * to mbedtls_pk_verify_ext(). In a future version of the library, this constraint may
+ * apply regardless of the status of #MBEDTLS_RSA_C.
*/
mbedtls_md_type_t mgf1_hash_id;
/** The expected length of the salt, in bytes. This may be
* #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
*
- * \note When #MBEDTLS_USE_PSA_CRYPTO is enabled, only
- * #MBEDTLS_RSA_SALT_LEN_ANY is valid. Any other value may be
- * ignored (allowing any salt length).
+ * \note Only #MBEDTLS_RSA_SALT_LEN_ANY is valid. Any other value may be ignored (allowing any
+ * salt length).
*/
int expected_salt_len;
@@ -165,7 +162,8 @@
* which functions are used for various operations. The overall picture looks
* like this:
* - if USE_PSA is not defined and ECP_C is defined then use ecp_keypair data
- * structure and legacy functions
+ * structure and legacy functions. (MBEDTLS_USE_PSA_CRYPTO is always on and
+ * although this codepath remains present, it never will be taken.)
* - if USE_PSA is defined and
* - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly
* format and use PSA functions
@@ -222,7 +220,7 @@
void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */
/* The following field is used to store the ID of a private key in the
* following cases:
- * - opaque key when MBEDTLS_USE_PSA_CRYPTO is defined
+ * - opaque key
* - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case:
* - the pk_ctx above is not not used to store the private key anymore.
* Actually that field not populated at all in this case because also
@@ -805,9 +803,9 @@
*
* \note If type is MBEDTLS_PK_RSASSA_PSS, then options must point
* to a mbedtls_pk_rsassa_pss_options structure,
- * otherwise it must be NULL. Note that if
- * #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not
- * verified as PSA_ALG_RSA_PSS_ANY_SALT is used.
+ * otherwise it must be NULL. Note that the salt length is not
+ * verified as contexes have PSA_ALG_RSA_PSS_ANY_SALT as default
+ * and that is the only valid value.
*/
int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
@@ -1075,9 +1073,8 @@
/**
* \brief Parse a private key in PEM or DER format
*
- * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
- * subsystem must have been initialized by calling
- * psa_crypto_init() before calling this function.
+ * \note The PSA crypto subsystem must have been initialized by
+ * calling psa_crypto_init() before calling this function.
*
* \param ctx The PK context to fill. It must have been initialized
* but not set up.
@@ -1115,9 +1112,8 @@
/**
* \brief Parse a public key in PEM or DER format
*
- * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
- * subsystem must have been initialized by calling
- * psa_crypto_init() before calling this function.
+ * \note The PSA crypto subsystem must have been initialized by
+ * calling psa_crypto_init() before calling this function.
*
* \param ctx The PK context to fill. It must have been initialized
* but not set up.
@@ -1148,9 +1144,8 @@
/**
* \brief Load and parse a private key
*
- * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
- * subsystem must have been initialized by calling
- * psa_crypto_init() before calling this function.
+ * \note The PSA crypto subsystem must have been initialized by
+ * calling psa_crypto_init() before calling this function.
*
* \param ctx The PK context to fill. It must have been initialized
* but not set up.