Hi Jouni, This is a query regarding the plan for adding embedded security support in Hostap using MbedTLS. We have two implementations, so, far 1. Based on Epressif's Apache-2.0-based implementation (Submitted by me) - https://lists.infradead.org/pipermail/hostap/2022-April/040470.html 2. Based on lighthttpd's BSD-3 implementation - http://lists.infradead.org/pipermail/hostap/2022-September/040794.html Now I am planning to start a fresh port of MbedTLS but using PSA APIs [1] which are supposed to be vendor-agnostic and designed for constrained hosts, see [2]. But I see that APIs of PSA in existing libraries are not the same, I have checked MbedTLS and WolfSSL, but couldn't find the PSA APIs for Boring SSL/OpenSSL (only did a quick search). I have started to work on this using one of the below approaches 1. Generic CRYPTO_PSA with different backends MbedTLS, WolfSSL, etc 2. Different implementations CONFIG_PSA_MBEDTLS, CONFIG_PSA_WOLF_SSL This will be a ground-up implementation rather than based on existing ones using MbedTLS as the first backend, not that I see one. But before that, I want to check with you and the community to see if this is something that is a shared interest or not. [1] - https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/ [2] - https://arm-software.github.io/psa-api/ Others, Please pitch in if you have any shared interests or parallel implementation or ideas. Cheers. _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
