Document parts not covered by USE_PSA_CRYPTO

Also, remove the section about design considerations for now. It's
probably more suitable for a developer-oriented document that would also
include considerations about possible paths for the future, which would
better be separated from user documentation (separating the certain that
is now, from the uncertain that might or might not be later).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2021-09-21 13:55:00 +02:00 committed by Gilles Peskine
parent b52b91d949
commit 6cf7d94ab4

View File

@ -1,6 +1,6 @@
This document describes the compile-time configutation option This document describes the compile-time configuration option
`MBEDTLS_USE_PSA_CRYPTO`: its current effects as well as some design `MBEDTLS_USE_PSA_CRYPTO` from a user's perspective, more specifically its
considerations and plans for the future. current effects as well as the parts that aren't covered yet.
Current effects Current effects
=============== ===============
@ -148,10 +148,39 @@ Benefits: use of PSA Crypto drivers.
Parts that are not covered yet Parts that are not covered yet
============================== ==============================
(To be written.) This is only a high-level overview, grouped by theme
Design considerations TLS: key exchanges / asymmetric crypto
===================== --------------------------------------
(To be written.) - RSA: not covered
- DHE-RSA: not covered
- ECDHE-RSA: ECDHE computation client-side only
- ECDHE-ECDSA:
- ECDHE computation client-side
- ECDSA verification both sides
- ECDSA signature (if using `mbedtls_pk_setup_opaque()`)
- PSK: client-side PSA-held using `mbedtls_ssl_conf_psk_opaque()`
- DHE-PSK: not covered
- RSA-PSK: not covered
- ECDHE-PSK: not covered
- ECDH-RSA: not covered
- ECDH-ECDSA: not covered
- ECJPAKE: not covered
TLS: symmetric crypto
---------------------
- some ciphers not supported via PSA yet: ARIA, Camellia, ChachaPoly (silent
fallback to the legacy APIs)
- the HMAC part of the CBC and NULL ciphersuites is not covered
- the HMAC computation in `ssl_cookie.c`
X.509
-----
- most hash operations are still done via the legacy API, except the few that
are documented above as using PSA
- RSA PKCS#1 v1.5 signature generation (from PSA-held keys): not covered
- RSA PKCS#1 v1.5 signature verification: not covered
- RSA-PSS signature verification: not covered