This issue is a collation of the updates planned for the PAKE API. This might help to highlight issues or concerns with the overall plan of action, and track the progress.
psa_pake_get_implicit_key() which outputs to a single key derivation operation, with psa_pake_get_shared_key() that outputs as a key. Add an attribute to the ciphersuite that indicates whether the application requires a confirmed, or unconfirmed key from the PAKE. See APIs for extracting the shared secret from PAKE operations #100 It is impossible to derive multiple keys from the common secret in the PAKE API #86 Draft : SPAKE2PLUS protocol flow proposal #73 Change the PAKE output function to return a key #114 psa_pake_setup(), psa_pake_set_role(), psa_pake_set_user(), psa_pake_set_peer(), psa_pake_set_password_key(), with a single function. This enables correct selection of a driver based on the key. It might be better to just combine the key provision with the setup function? See The PAKE interface does not work easily with the Mbed TLS driver design #89 Combine psa_pake_set_password_key() with psa_pake_setup() #115 PAKE SIZE macros need more arguments #88 See Add a hash algorithm parameter to the PAKE input and output size macros #116 Move PAKE hash parameter to the PAKE algorithm identifier #124 Missing support for ‘out of band’ setup calculations in PAKE API #87 Draft : SPAKE2PLUS protocol flow proposal #73 Compatible reworking of asymmetric key type encoding #109 Draft : SPAKE2PLUS protocol flow proposal #73 Add asymmetric key types for SPAKE2+ #119 Miscellaneous SPAKE2+ support APIs #120 context data to a PAKE operationMiscellaneous SPAKE2+ support APIs #120 Draft : SPAKE2PLUS protocol flow proposal #73 [v2] Define the SPAKE2+ algorithms #129 Support for SPAKE2+ in the Crypto PAKE API #66 Draft : SPAKE2PLUS protocol flow proposal #73 [v2] Define the SPAKE2+ algorithms #129 
This issue is a collation of the updates planned for the PAKE API. This might help to highlight issues or concerns with the overall plan of action, and track the progress.
psa_pake_get_implicit_key()which outputs to a single key derivation operation, withpsa_pake_get_shared_key()that outputs as a key. Add an attribute to the ciphersuite that indicates whether the application requires a confirmed, or unconfirmed key from the PAKE. See APIs for extracting the shared secret from PAKE operations #100 and It is impossible to derive multiple keys from the common secret in the PAKE API #86, and related discussion in Draft : SPAKE2PLUS protocol flow proposal #73.See Change the PAKE output function to return a key #114 (merged)
psa_pake_setup(),psa_pake_set_role(),psa_pake_set_user(),psa_pake_set_peer(),psa_pake_set_password_key(), with a single function. This enables correct selection of a driver based on the key. It might be better to just combine the key provision with the setup function? See The PAKE interface does not work easily with the Mbed TLS driver design #89.See Combine
psa_pake_set_password_key()withpsa_pake_setup()#115 (merged)See Add a hash algorithm parameter to the PAKE input and output size macros #116See Move PAKE hash parameter to the PAKE algorithm identifier #124 (merged)
See Add asymmetric key types for SPAKE2+ #119
See Miscellaneous SPAKE2+ support APIs #120 (merged)
See Miscellaneous SPAKE2+ support APIs #120 (merged)
See [v2] Define the SPAKE2+ algorithms #129
See [v2] Define the SPAKE2+ algorithms #129