Agree on the name of our PSA cryptography API implementation and apply it

[ronald-cron-arm]

As part of our implementation of the PSA cryptography API, we need to define macros(like configuration options), types (like operation object types) and functions that are specific to our implementation. In Mbed TLS repository where the PSA cryptography API implementation is located for the time being those symbols are prefixed with MBEDTLSPSA or mbedtlspsa as we think about our implementation as the Mbed TLS implementation of the PSA cryptography API. With the move of the PSA cryptography implementation to its own repository named PSA-Crypto, one may wonder if this should change or not.

As we aim for a group of three repositories (mbedtls, psa-crypto, mbedtls-tf(?)) I think it makes sense to keep the PSA cryptography implementation under the Mbed TLS umbrella. We would then keep the MBEDTLSPSA and mbedtlspsa prefixes for the symbols specific to the implementation of the PSA cryptography API. We would also keep MBEDTLS and mbedtls prefixes for macros, types and functions exposed by PSA-Crypto beyond the PSA cryptography API, thinking about LMS, asn1 (useful to implement protocols like but not restricted to TLS using PSA Crypto API), platform(?) APIs here.

[daverodgman]

Agree with @ronald-cron-arm - retaining the mbedtls_ prefix is best for users, as they can then continue to use e.g. LMS without changes. I think we do want a clear distinction between things that are in the PSA spec, vs. things that are implementation-specific, and I don't see any value in trying to obscure the link to Mbed TLS.

[daverodgman]

@shebuk do you have a view on this?

[shebuk]

Retaining mbedtls prefix makes sense for macros, types and functions that are specific to our implementation and not coming from the PSA Crypto Specification. TF-M also uses tf-m prefix in similar cases.

[ronald-cron-arm]

There is maybe a better solution: name mbedcrypto our implementation of the PSA cryptography API. That allows to better differentiate from the current Mbed TLS repo and the future one containing only TLS and x509 while remaining under the Mbed TLS umbrella with the "mbed" prefix. @daverodgman @shebuk what do you think about that?

[shebuk]

The implementation is a reference implementation of PSA Crypto APIs. The repository is better to be named as PSA-Crytpo rather than MbedCrypto makes it clearer. The latter name might indicate that it includes some legacy Mbed tls cipher APIs which isn't the end goal. The PSA-Crypto is meant to have its own life as crypto library based on PSA Crypto APIs

[ronald-cron-arm]

I do not intend to change the directory name, sorry as it seems I was not clear about that. Thus the directory name stays PSA-Crypto, it is just the prefix for symbols that are specific to our implementation that I am proposing to change from mbedtls_ or mbedtlspsa as I initially proposed in this issue to mbedcrypto_ or mbedcryptopsa. I hope this makes the intent clearer.

[shebuk]

MbedCrypto will be a 3rd term beyond Mbedtls and PSACrypto. Will have to then justify the difference between mbedcrypto and PSACrypto. Better to stick with with mbedtls makes sense as prefix and avoid a new term.