How to implement a custom RSA-based mechanism #104

gilles-peskine-arm · 2024-05-29T15:57:41Z

TF-PSA-Crypto 1.0 and Mbed TLS 4.0 will no longer expose the RSA module, only specific algorithms (PKCS#1 v1.5 encryption, PKCS#1 v1.5 signature, PSS, OAEP). Users who need a diffferent RSA-based mechanism (e.g. full-domain encryption) must contribute an implementation and wait for the next release.

Should TF-PSA-Crypto offer a way to access the private-key and public-key RSA primitives (in Mbed TLS ≤3.x: mbedtls_rsa_public, mbedtls_rsa_private)?

Mailing list thread: https://lists.trustedfirmware.org/archives/list/mbed-tls@lists.trustedfirmware.org/thread/EKDLYVDR6HZPM55HF4ZKNWX7LDEFRCRG/

The text was updated successfully, but these errors were encountered:

gilles-peskine-arm · 2024-08-08T15:51:44Z

Architectural decision: we are not going to provide an API for custom RSA mechanisms in TF-PSA-Crypto 1.0. We may add such a mechanism later based on demand.

gilles-peskine-arm added enhancement New feature or request needs-design-approval Needs design discussion / approval labels May 29, 2024

mpg mentioned this issue Aug 6, 2024

Announce planned 4.0 deprecations Mbed-TLS/mbedtls#7800

Closed

gilles-peskine-arm closed this as not planned Won't fix, can't repro, duplicate, stale Aug 8, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How to implement a custom RSA-based mechanism #104

How to implement a custom RSA-based mechanism #104

gilles-peskine-arm commented May 29, 2024 •

edited

Loading

gilles-peskine-arm commented Aug 8, 2024

How to implement a custom RSA-based mechanism #104

How to implement a custom RSA-based mechanism #104

Comments

gilles-peskine-arm commented May 29, 2024 • edited Loading

gilles-peskine-arm commented Aug 8, 2024

gilles-peskine-arm commented May 29, 2024 •

edited

Loading