From b4113bac9ab95d5466c5d8ebfbcca659efd0425e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Sep 2021 10:06:04 +0200 Subject: [PATCH] Clarify wording of "not covered" section MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The section is about things that are not covered, but some lists are about things that are covered, which was very confusing. Signed-off-by: Manuel Pégourié-Gonnard --- docs/use-psa-crypto.md | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md index 6300bf02e..4292aa6b9 100644 --- a/docs/use-psa-crypto.md +++ b/docs/use-psa-crypto.md @@ -153,27 +153,33 @@ This is only a high-level overview, grouped by theme TLS: key exchanges / asymmetric crypto -------------------------------------- -- RSA: not covered -- DHE-RSA: not covered -- ECDHE-RSA: ECDHE computation client-side only -- ECDHE-ECDSA: - - ECDHE computation client-side - - ECDSA verification both sides - - ECDSA signature (if using `mbedtls_pk_setup_opaque()`) -- PSK: PSA-held keys using `mbedtls_ssl_conf_psk_opaque()` -- DHE-PSK: not covered -- RSA-PSK: not covered -- ECDHE-PSK: not covered -- ECDH-RSA: not covered -- ECDH-ECDSA: not covered -- ECJPAKE: not covered +The following key exchanges are not covered at all: + +- RSA +- DHE-RSA +- DHE-PSK +- RSA-PSK +- ECDHE-PSK +- ECDH-RSA +- ECDH-ECDSA +- ECJPAKE + +The following key exchanges are only partially covered: + +- ECDHE-RSA: RSA operations are not covered and, server-side, the ECDHE + operation isn't either +- ECDHE-ECDSA: server-side, the ECDHE operation isn't covered. (ECDSA + signature generation is only covered if using `mbedtls_pk_setup_opaque()`.) + +PSK if covered when the application uses `mbedtls_ssl_conf_psk_opaque()` or +`mbedtls_ssl_set_hs_psk_opaque()`. TLS: symmetric crypto --------------------- - some ciphers not supported via PSA yet: ARIA, Camellia, ChachaPoly (silent fallback to the legacy APIs) -- the HMAC part of the CBC and NULL ciphersuites is not covered +- the HMAC part of the CBC and NULL ciphersuites - the HMAC computation in `ssl_cookie.c` X.509 @@ -181,6 +187,6 @@ X.509 - most hash operations are still done via the legacy API, except the few that are documented above as using PSA -- RSA PKCS#1 v1.5 signature generation (from PSA-held keys): not covered -- RSA PKCS#1 v1.5 signature verification: not covered -- RSA-PSS signature verification: not covered +- RSA PKCS#1 v1.5 signature generation (from PSA-held keys) +- RSA PKCS#1 v1.5 signature verification +- RSA-PSS signature verification