Merge pull request #6723 from mpg/restartable-vs-use-psa
Document ECP_RESTARTABLE and make it compatible with USE_PSA
This commit is contained in:
Gilles Peskine
GitHub
commit
d1dd41f3fc
12 changed files with 202 additions and 37 deletions
|
|
@ -690,11 +690,42 @@
|
|||
* This is useful in non-threaded environments if you want to avoid blocking
|
||||
* for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
|
||||
*
|
||||
* Uncomment this macro to enable restartable ECC computations.
|
||||
* This option:
|
||||
* - Adds xxx_restartable() variants of existing operations in the
|
||||
* following modules, with corresponding restart context types:
|
||||
* - ECP (for Short Weierstrass curves only): scalar multiplication (mul),
|
||||
* linear combination (muladd);
|
||||
* - ECDSA: signature generation & verification;
|
||||
* - PK: signature generation & verification;
|
||||
* - X509: certificate chain verification.
|
||||
* - Adds mbedtls_ecdh_enable_restart() in the ECDH module.
|
||||
* - Changes the behaviour of TLS 1.2 clients (not servers) when using the
|
||||
* ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC
|
||||
* computations restartable:
|
||||
* - ECDH operations from the key exchange, only for Short Weierstass
|
||||
* curves, only when MBEDTLS_USE_PSA_CRYPTO is not enabled.
|
||||
* - verification of the server's key exchange signature;
|
||||
* - verification of the server's certificate chain;
|
||||
* - generation of the client's signature if client authentication is used,
|
||||
* with an ECC key/certificate.
|
||||
*
|
||||
* \note In the cases above, the usual SSL/TLS functions, such as
|
||||
* mbedtls_ssl_handshake(), can now return
|
||||
* MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS.
|
||||
*
|
||||
* \note When this option and MBEDTLS_USE_PSA_CRYPTO are both enabled,
|
||||
* restartable operations in PK, X.509 and TLS (see above) are not
|
||||
* using PSA. On the other hand, ECDH computations in TLS are using
|
||||
* PSA, and are not restartable. These are temporary limitations that
|
||||
* should be lifted in the future.
|
||||
*
|
||||
* \note This option only works with the default software implementation of
|
||||
* elliptic curve functionality. It is incompatible with
|
||||
* MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT.
|
||||
*
|
||||
* Requires: MBEDTLS_ECP_C
|
||||
*
|
||||
* Uncomment this macro to enable restartable ECC computations.
|
||||
*/
|
||||
//#define MBEDTLS_ECP_RESTARTABLE
|
||||
|
||||
|
|
@ -1923,7 +1954,6 @@
|
|||
* before calling any function from the SSL/TLS, X.509 or PK modules.
|
||||
*
|
||||
* Requires: MBEDTLS_PSA_CRYPTO_C.
|
||||
* Conflicts with: MBEDTLS_ECP_RESTARTABLE
|
||||
*
|
||||
* Uncomment this to enable internal use of PSA Crypto and new associated APIs.
|
||||
*/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue