Features | |
* The configuration option MBEDTLS_USE_PSA_CRYPTO, which previously | |
affected only a limited subset of crypto operations in TLS, X.509 and PK, | |
now causes most of them to be done using PSA Crypto; see | |
docs/use-psa-crypto.md for the list of exceptions. | |
* The function mbedtls_pk_setup_opaque() now supports RSA key pairs as well. | |
Opaque keys can now be used everywhere a private key is expected in the | |
TLS and X.509 modules. | |
* Opaque pre-shared keys for TLS, provisioned with | |
mbedtls_ssl_conf_psk_opaque() or mbedtls_ssl_set_hs_psk_opaque(), which | |
previously only worked for "pure" PSK key exchange, now can also be used | |
for the "mixed" PSK key exchanges as well: ECDHE-PSK, DHE-PSK, RSA-PSK. |