| Minos Galanakis | 9314555 | 2025-09-09 18:54:52 +0100 | [diff] [blame] | 1 | Default behavior changes |
| Minos Galanakis | 92a2154 | 2025-09-25 15:11:52 +0100 | [diff] [blame] | 2 | * The X.509 and TLS modules now always use the PSA subsystem |
| Minos Galanakis | 9314555 | 2025-09-09 18:54:52 +0100 | [diff] [blame] | 3 | to perform cryptographic operations, with a few exceptions documented |
| 4 | in docs/architecture/psa-migration/psa-limitations.md. This |
| 5 | corresponds to the behavior of Mbed TLS 3.x when |
| 6 | MBEDTLS_USE_PSA_CRYPTO is enabled. In effect, MBEDTLS_USE_PSA_CRYPTO |
| 7 | is now always enabled. |
| 8 | * psa_crypto_init() must be called before performing any cryptographic |
| 9 | operation, including indirect requests such as parsing a key or |
| 10 | certificate or starting a TLS handshake. |
| Minos Galanakis | 92a2154 | 2025-09-25 15:11:52 +0100 | [diff] [blame] | 11 | |