mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-16 13:20:51 +00:00
Update psa-limitations.md
For recent work and latest plans. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
52f7edb6ad
commit
03cb87ea3c
@ -11,11 +11,15 @@ is, of course, to actually do the migration work.
|
||||
Limitations relevant for G1 (performing crypto operations)
|
||||
==========================================================
|
||||
|
||||
Restartable ECC operations
|
||||
--------------------------
|
||||
Restartable (aka interruptible) ECC operations
|
||||
----------------------------------------------
|
||||
|
||||
There is currently no support for that in PSA at all, but it will be added at
|
||||
some point, see <https://github.com/orgs/Mbed-TLS/projects/1#column-18816849>.
|
||||
Support for interruptible ECDSA sign/verify was added to PSA in Mbed TLS 3.4.
|
||||
However support for interruptible ECDH is not present yet. Also, PK, X.509 and
|
||||
TLS have not yet been adapted to take advantage of the new PSA APIs. See:
|
||||
- <https://github.com/Mbed-TLS/mbedtls/issues/7292>;
|
||||
- <https://github.com/Mbed-TLS/mbedtls/issues/7293>;
|
||||
- <https://github.com/Mbed-TLS/mbedtls/issues/7294>.
|
||||
|
||||
Currently, when `MBEDTLS_USE_PSA_CRYPTO` and `MBEDTLS_ECP_RESTARTABLE` are
|
||||
both enabled, some operations that should be restartable are not (ECDH in TLS
|
||||
@ -78,6 +82,10 @@ the one that requires the most work, but it would deliver value beyond PSA
|
||||
migration by implementing RFC 7919. (Implementing RFC 7919 could be done any
|
||||
time; making it mandatory can only be done in 4.0 or another major version.)
|
||||
|
||||
As of early 2023, the plan is to go with option 2 in Mbed TLS 4.0, which has
|
||||
been announced on the mailing-list and got no push-back, see
|
||||
<https://github.com/Mbed-TLS/mbedtls/issues/5278>.
|
||||
|
||||
RSA-PSS parameters
|
||||
------------------
|
||||
|
||||
@ -321,6 +329,8 @@ probably not acceptable.
|
||||
in the meantime. Such an extension seems inconvenient and not motivated by
|
||||
strong security arguments, so it's unclear whether it would be accepted.
|
||||
|
||||
Since Mbed TLS 3.4, option 1 is implemented.
|
||||
|
||||
Limitations relevant for G2 (isolation of long-term secrets)
|
||||
============================================================
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user