Deprecate Mbed TLS cryptography API
The PSA Crypto API should be used instead. The Mbed TLS cryptography API
will still remain available under MBEDTLS_DEPRECATED_REMOVED, as Mbed
Crypto (which implements the PSA Crypto API) continues to rely on this
now internal API.
Functions in that are already considered internal and are not deprecated
by this commit. We already have the freedom to change or remove these
internal APIs.
Document the relationship between Mbed Crypto and Mbed TLS, describing
Mbed Crypto's dual purpose of providing both deprecated Mbed TLS
cryptography APIs and the PSA Crypto API.
diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h
index 02a94af..5298fd1 100644
--- a/include/mbedtls/pem.h
+++ b/include/mbedtls/pem.h
@@ -30,6 +30,7 @@
#include MBEDTLS_CONFIG_FILE
#endif
+#include "mbedtls/platform_util.h"
#include <stddef.h>
/**
@@ -70,6 +71,7 @@
*
* \param ctx context to be initialized
*/
+MBEDTLS_DEPRECATED
void mbedtls_pem_init( mbedtls_pem_context *ctx );
/**
@@ -94,6 +96,7 @@
*
* \return 0 on success, or a specific PEM error code
*/
+MBEDTLS_DEPRECATED
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data,
const unsigned char *pwd,
@@ -104,6 +107,7 @@
*
* \param ctx context to be freed
*/
+MBEDTLS_DEPRECATED
void mbedtls_pem_free( mbedtls_pem_context *ctx );
#endif /* MBEDTLS_PEM_PARSE_C */
@@ -124,6 +128,7 @@
* MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
* size.
*/
+MBEDTLS_DEPRECATED
int mbedtls_pem_write_buffer( const char *header, const char *footer,
const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen );