commit 93b21e74f928cae31c01894481cd0d76bd84beac
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Mar 29 10:30:26 2023 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Mar 29 10:30:26 2023 +0200
tree ce6b1d0ed651662ab7b3506adaeabf9eaa9d6b42
parent 77902df54ac9f671cbc874d5456a004a9ec8537f

Update documentation to mention ECC drivers

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

docs/use-psa-crypto.md

diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md
index 4d72f99..305dd73 100644
--- a/docs/use-psa-crypto.md
+++ b/docs/use-psa-crypto.md
@@ -15,6 +15,13 @@
 `psa_crypto_init()` before calling any function from the SSL/TLS, X.509 or PK
 module.
 
+**Why enable this option:** to fully take advantage of PSA drivers in PK,
+X.509 and TLS. For example, enabling this option is what allows use of drivers
+for ECDSA, ECDH and EC J-PAKE in those modules. However, note that ven with
+this option disabled, some code in PK, X.509, TLS or the crypto library might
+still use PSA drivers, if it can determine it's safe to do so; currently
+that's the case for hashes.
+
 **Relationship with other options:** This option depends on
 `MBEDTLS_PSA_CRYPTO_C`. These two options differ in the following way:
 - `MBEDTLS_PSA_CRYPTO_C` enables the implementation of the PSA Crypto API.