From 73a0e1da0d1acec38a54e0b3d84358dea0bfce09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 21 Sep 2021 13:55:00 +0200 Subject: [PATCH] Document parts not covered by USE_PSA_CRYPTO MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also, remove the section about design considerations for now. It's probably more suitable for a developer-oriented document that would also include considerations about possible paths for the future, which would better be separated from user documentation (separating the certain that is now, from the uncertain that might or might not be later). Signed-off-by: Manuel Pégourié-Gonnard --- docs/use-psa-crypto.md | 43 +++++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md index d1298af2b3..c8f89d0c24 100644 --- a/docs/use-psa-crypto.md +++ b/docs/use-psa-crypto.md @@ -1,6 +1,6 @@ -This document describes the compile-time configutation option -`MBEDTLS_USE_PSA_CRYPTO`: its current effects as well as some design -considerations and plans for the future. +This document describes the compile-time configuration option +`MBEDTLS_USE_PSA_CRYPTO` from a user's perspective, more specifically its +current effects as well as the parts that aren't covered yet. Current effects =============== @@ -148,10 +148,39 @@ Benefits: use of PSA Crypto drivers. Parts that are not covered yet ============================== -(To be written.) +This is only a high-level overview, grouped by theme -Design considerations -===================== +TLS: key exchanges / asymmetric crypto +-------------------------------------- -(To be written.) +- RSA: not covered +- DHE-RSA: not covered +- ECDHE-RSA: ECDHE computation client-side only +- ECDHE-ECDSA: + - ECDHE computation client-side + - ECDSA verification both sides + - ECDSA signature (if using `mbedtls_pk_setup_opaque()`) +- PSK: client-side PSA-held using `mbedtls_ssl_conf_psk_opaque()` +- DHE-PSK: not covered +- RSA-PSK: not covered +- ECDHE-PSK: not covered +- ECDH-RSA: not covered +- ECDH-ECDSA: not covered +- ECJPAKE: not covered +TLS: symmetric crypto +--------------------- + +- some ciphers not supported via PSA yet: ARIA, Camellia, ChachaPoly (silent + fallback to the legacy APIs) +- the HMAC part of the CBC and NULL ciphersuites is not covered +- the HMAC computation in `ssl_cookie.c` + +X.509 +----- + +- most hash operations are still done via the legacy API, except the few that + are documented above as using PSA +- RSA PKCS#1 v1.5 signature generation (from PSA-held keys): not covered +- RSA PKCS#1 v1.5 signature verification: not covered +- RSA-PSS signature verification: not covered