From c1cea63478aa3739c1a724a93c53273bdc236b1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 11:02:26 +0100 Subject: [PATCH] Quickly mention the status of RSA accel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not related to other commits in this PR, should have been done in #8616 really, but since I'm updating the document, might as well do it here. Signed-off-by: Manuel Pégourié-Gonnard --- docs/driver-only-builds.md | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 1a60bfd4f1..8f708259ce 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -55,6 +55,8 @@ For now, only the following (families of) mechanisms are supported: - hashes: SHA-3, SHA-2, SHA-1, MD5, etc. - elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. - finite-field Diffie-Hellman: FFDH algorithm, DH key types. +- RSA: PKCS#1 v1.5 and v2.1 signature and encryption algorithms, RSA key types + (for now, only crypto, no X.509 or TLS support). - AEADs: - GCM and CCM with AES, ARIA and Camellia key types - ChachaPoly with ChaCha20 Key type @@ -71,9 +73,6 @@ work in the same way as if the mechanisms where built-in, except as documented in the "Limitations" sub-sections of the sections dedicated to each family below. -Currently (mid-2023) we don't have plans to extend this to RSA. If -you're interested in driver-only support for RSA, please let us know. - Hashes ------ @@ -138,9 +137,10 @@ then you can also disable `MBEDTLS_ECP_C`. However, a small subset of it might still be included in the build, see limitations sub-section below. In addition, if: -- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), and -- support for RSA key types and algorithms is fully disabled, and -- support for DH key types and the FFDH algorithm is either disabled, or +- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), +- and support for RSA key types and algorithms is either fully disabled or + fully provided by a driver, +- and support for DH key types and the FFDH algorithm is either disabled or fully provided by a driver, then you can also disable `MBEDTLS_BIGNUM_C`. @@ -243,6 +243,29 @@ The same holds for the associated algorithm: `[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and removing builtin support (i.e. `MBEDTLS_DHM_C`). +RSA +--- + +It is possible for all RSA operations to be provided only by a driver. + +More precisely, if: +- all the RSA algorithms that are enabled (`PSA_WANT_ALG_RSA_*`) are also + accelerated (`MBEDTLS_PSA_ACCEL_ALG_RSA_*`), +- and all the RSA key types that are enabled (`PSA_WANT_KEY_TYPE_RSA_*`) are + also accelerated (`MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_*`), + +then you can disable `MBEDTLS_RSA_C`, `MBEDTLS_PKCS1_V15` and +`MBEDTLS_PKCS1_V21`, and RSA will still work in PSA Crypto. + +### Limitations on RSA acceleration + +Unlike other mechanisms, for now in configurations with driver-only RSA, only +PSA Crypto works. In particular, PK, X.509 and TLS will _not_ work with +driver-only RSA even if `MBEDTLS_USE_PSA_CRYPTO` is enabled. + +Currently (early 2024) we don't have plans to extend this support. If you're +interested in wider driver-only support for RSA, please let us know. + Ciphers (unauthenticated and AEAD) ----------------------------------