commit a3d9daca92048e7d0e39e2a4e44f3b769eaa69be
author Ronald Cron <ronald.cron@arm.com> Sun Nov 15 15:44:34 2020 +0100
committer Ronald Cron <ronald.cron@arm.com> Thu Nov 19 16:59:40 2020 +0100
tree 86108fa5b9c5ad5e1779fdf84e46b35b6f98c484
parent 1ad1eeeaf105190961e8d9be7e5d1c3de844bc41

Add change log

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

ChangeLog.d/psa-openless.txt

diff --git a/ChangeLog.d/psa-openless.txt b/ChangeLog.d/psa-openless.txt
new file mode 100644
index 0000000..2e40cdf
--- /dev/null
+++ b/ChangeLog.d/psa-openless.txt
@@ -0,0 +1,17 @@
+Features
+   * In the PSA API, it is no longer necessary to open persistent keys:
+     operations now accept the key identifier. The type psa_key_handle_t is now
+     identical to psa_key_id_t instead of being platform-defined. This bridges
+     the last major gap to compliance with the PSA Cryptography specification
+     version 1.0.0. Opening persistent keys is still supported for backward
+     compatibility, but will be deprecated and later removed in future
+     releases.
+
+Bugfix
+   * psa_set_key_id() now also sets the lifetime to persistent for keys located
+     in a secure element.
+   * Attempting to create a volatile key with a non-zero key identifier now
+     fails. Previously the key identifier was just ignored when creating a
+     volatile key.
+   * Attempting to create or register a key with a key identifier in the vendor
+     range now fails.