mbed TLS v2.23.0
Modules
Here is a list of all modules:
 API version
 Library initialization
 Key management
 Key import and export
 Message digests
 Message authentication codes
 Symmetric ciphers
 Authenticated encryption with associated data (AEAD)
 Asymmetric cryptography
 Key derivation and pseudorandom generation
 Random generation
 Hardware-Accelerated Message DigestsGeneration and authentication of Message Digests (aka hashes) must be done in parts using the following sequence:
 Hardware-Accelerated Message Authentication CodeGeneration and authentication of Message Authentication Codes (MACs) using cryptographic accelerators can be done either as a single function call (via the psa_drv_accel_mac_generate_t or psa_drv_accel_mac_verify_t functions), or in parts using the following sequence:
 Hardware-Accelerated Block CiphersEncryption and Decryption using hardware-acceleration in block modes other than ECB must be done in multiple parts, using the following flow:
 Hardware-Accelerated Authenticated Encryption with Additional DataHardware-accelerated Authenticated Encryption with Additional Data (AEAD) operations must be done in one function call. While this creates a burden for implementers as there must be sufficient space in memory for the entire message, it prevents decrypted data from being made available before the authentication operation is complete and the data is known to be authentic
 Hardware-Accelerated Asymmetric CryptographySince the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, hardware-accelerated asymmetric key operations must be done in single function calls
 Entropy Generation
 TLS helper functions
 Secure element driver initialization
 Secure Element Message Authentication CodesGeneration and authentication of Message Authentication Codes (MACs) using a secure element can be done either as a single function call (via the psa_drv_se_mac_generate_t or psa_drv_se_mac_verify_t functions), or in parts using the following sequence:
 Secure Element Symmetric CiphersEncryption and Decryption using secure element keys in block modes other than ECB must be done in multiple parts, using the following flow:
 Secure Element Asymmetric CryptographySince the amount of data that can (or should) be encrypted or signed using asymmetric keys is limited by the key size, asymmetric key operations using keys in a secure element must be done in single function calls
 Secure Element Authenticated Encryption with Additional DataAuthenticated Encryption with Additional Data (AEAD) operations with secure elements must be done in one function call. While this creates a burden for implementers as there must be sufficient space in memory for the entire message, it prevents decrypted data from being made available before the authentication operation is complete and the data is known to be authentic
 Secure Element Key ManagementCurrently, key management is limited to importing keys in the clear, destroying keys, and exporting keys in the clear. Whether a key may be exported is determined by the key policies in place on the key slot
 Secure Element Key Derivation and AgreementKey derivation is the process of generating new key material using an existing key and additional parameters, iterating through a basic cryptographic function, such as a hash. Key agreement is a part of cryptographic protocols that allows two parties to agree on the same key value, but starting from different original key material. The flows are similar, and the PSA Crypto Driver Model uses the same functions for both of the flows
 Secure element driver registration
 Error codes
 Key and algorithm types
 Key lifetimes
 Key policies
 Key attributes
 Key derivation
 Asn1_module
 X.509 module
 Encryption/decryption module
 Hashing module
 Random number generator (RNG) module
 SSL/TLS communication module
 TCP/IP communication module