Which sample programs to keep in 1.0/4.0

[gilles-peskine-arm]

For each program under /programs in Mbed TLS 3.6, should we remove, keep, adapt or rewrite for TF-PSA-Crypto 1.0 or Mbed TLS 4.0?

This is an investigation task. The expected outcome is a list/table covering every program, with the desired outcome for each program and a justification (which I expect will usually be just a short sentence fragment). The outcomes I can think of:

• Keep as is, e.g. x509/* — no work to be scheduled
• Remove (because it is not really useful for anything except demonstrating the legacy crypto API), e.g. crypt_and_hash — we'll remove those in batch
• Replace (because it has a useful purpose, but the current implementation relies heavily on the legacy crypto API), e.g. cipher_aead_demo (for which the rewriting has already been done) — we'll remove those and file issues to replace them after 1.0/4.0
• Keep, but will need minor adjustments due to rare use of APIs that are now private, e.g. programs/fuzz/fuzz_*key — file an issue to do the minor adjustments, which will be considered for 1.0/4.0
• Keep, but will need major adjustments due to major use of APIs that are now private, e.g. benchmark — file an issue for the rewrite, which will happen after 1.0/4.0.

Definition of done for this task: the list/table, and file issues where we identify that work needs to be done.

Reasons to keep a program:

• If it's useful as a sample of API usage.
• If it's useful as a test.
• If its functionality is useful, e.g. programs/x509/* are meant to be usable to run a simple CA and work with a simple CA, and some of programs/pk/* are complementary with that.

[gilles-peskine-arm]

For pk programs, it would make sense to also evaluate whether those programs should stay in Mbed TLS or move to TF-PSA-Crypto. PK is a TF-PSA-Crypto API, but if the main usefulness of the programs is to create/parse keys used by the X.509 programs, then it could make sense to keep the programs in mbedtls.