From e65cca2ee5cf67a4815e25e9451814c427ec551b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 6 Jun 2024 21:27:16 +0200 Subject: [PATCH] Document the key_ext functions as deprecated Don't formally deprecate them because we don't do that in a long-time support branch. But do point readers away from them. Signed-off-by: Gilles Peskine --- include/psa/crypto.h | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 006da9bc19..7240df75cc 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -3842,13 +3842,11 @@ psa_status_t psa_key_derivation_output_key_custom( /** Derive a key from an ongoing key derivation operation with custom * production parameters. * - * See the description of psa_key_derivation_out_key() for the operation of - * this function with the default production parameters. - * Mbed TLS currently does not currently support any non-default production - * parameters. - * - * \note This function is experimental and may change in future minor - * versions of Mbed TLS. + * \note + * This is a deprecated variant of psa_key_derivation_output_key_custom(). + * It is equivalent except that the associated variable-length data + * is passed in `params->data` instead of a separate parameter. + * This function will be removed in a future version of Mbed TLS. * * \param[in] attributes The attributes for the new key. * If the key type to be created is @@ -4265,15 +4263,11 @@ psa_status_t psa_generate_key_custom(const psa_key_attributes_t *attributes, /** * \brief Generate a key or key pair using custom production parameters. * - * See the description of psa_generate_key() for the operation of this - * function with the default production parameters. In addition, this function - * supports the following production customizations, described in more detail - * in the documentation of ::psa_key_production_parameters_t: - * - * - RSA keys: generation with a custom public exponent. - * - * \note This function is experimental and may change in future minor - * versions of Mbed TLS. + * \note + * This is a deprecated variant of psa_key_derivation_output_key_custom(). + * It is equivalent except that the associated variable-length data + * is passed in `params->data` instead of a separate parameter. + * This function will be removed in a future version of Mbed TLS. * * \param[in] attributes The attributes for the new key. * \param[in] params Customization parameters for the key generation.