ChangeLog: improving descriptions of KEY_PAIR changes
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/ChangeLog.d/Define-PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy.txt b/ChangeLog.d/Define-PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy.txt
index 65afb7f..95464e4 100644
--- a/ChangeLog.d/Define-PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy.txt
+++ b/ChangeLog.d/Define-PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy.txt
@@ -2,13 +2,17 @@
* PSA_WANT_KEY_TYPE_xxx_KEY_PAIR and
MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR, where xxx is either ECC or RSA,
are now being deprecated in favor of PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy and
- MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR_yyy. Here yyy can be: USE, IMPORT,
- EXPORT, GENERATE, DERIVE. The goal is to have a finer detail about the
- capabilities of the PSA side for either key.
+ MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR_yyy. Here yyy can be: BASIC,
+ IMPORT, EXPORT, GENERATE, DERIVE. The goal is to have a finer detail about
+ the capabilities of the PSA side for either key.
Features
* New symbols PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy and
MBEDTLS_PSA_ACCEL_KEY_TYPE_xxx_KEY_PAIR_yyy (where xxx is either ECC, RSA
or DH) were introduced in order to have finer accuracy in defining the
PSA capabilities for each key. These capabilities, named yyy above, can be
- any of: USE, IMPORT, EXPORT, GENERATE, DERIVE.
+ any of: BASIC, IMPORT, EXPORT, GENERATE, DERIVE.
+ - GENERATE is only available for ECC keys, not for RSA or DH ones.
+ - implementations are free to enable more than what it was strictly
+ requested. For example BASIC internally enables IMPORT and EXPORT
+ (useful for testing purposes), but this might change in the future).