Changelog entry for MBEDTLS_USE_PSA_CRYPTO always enabled Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: 99c34238e2afb9051671e3a986b112982fa42794 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Wed Oct 09 18:01:49 2024 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue Oct 22 22:10:42 2024 +0200
tree: 1838376dfdbe6d7c64ec83e340e0743cd8941d60
parent: d2da02b1ce13ac80d7cc65fe6c8a23c8398b717b [diff]
diff --git a/ChangeLog.d/psa-always-on.txt b/ChangeLog.d/psa-always-on.txt
new file mode 100644
index 0000000..49edb3e
--- /dev/null
+++ b/ChangeLog.d/psa-always-on.txt

@@ -0,0 +1,9 @@
+Default behavior changes
+   * The PK, X.509, PKCS7 and TLS modules now always use the PSA subsystem
+     to perform cryptographic operations, with a few exceptions documented
+     in docs/use-psa-crypto.md. This corresponds to the behavior of
+     Mbed TLS 3.x when MBEDTLS_USE_PSA_CRYPTO is enabled. In effect,
+     MBEDTLS_USE_PSA_CRYPTO is now always enabled.
+   * psa_crypto_init() must be called before performing any cryptographic
+     operation, including indirect requests such as parsing a key or
+     certificate or starting a TLS handshake.
commit	99c34238e2afb9051671e3a986b112982fa42794	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Oct 09 18:01:49 2024 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Oct 22 22:10:42 2024 +0200
tree	1838376dfdbe6d7c64ec83e340e0743cd8941d60
parent	d2da02b1ce13ac80d7cc65fe6c8a23c8398b717b [diff]