[DI] Use interruptible sign/verify in X.509 & TLS #7292
Comments
|
I've just been thinking: since the keys are held as PK contexts in X.509 and TLS so far, and those modules always use PK functions to operate on them (even when This would probably involve providing an alternative definition of the type |
|
Alternatively, as a completely different strategy, we can leave PK alone and instead change the TLS and X.509 code to:
I'm not sure which one is best. Perhaps changing PK is easier in the short term, but leaving it out of the equation is better in the long term? |
|
In general I think pk is a good abstraction layer between X.509/TLS and crypto, and I think it can stay around for a while. I'd like to change some things about it in an incompatible way (in particular, make its concept of mechanism match the one in PSA), but I don't feel any need to remove it. Especially not until we have PSA functions to replace parse/write. |
PSA recently gained interruptible functions for signing and verifying hash-based signatures. So far, these functions are not used by X.509 or TLS, but they should be used when
MBEDTLS_USE_PSA_CRYPTOenabled, in all places that currently support restartable operations using the legacy API (that's currently just 1.2 with the ECDHE-ECDSA key exchange, including client authentication), in order to avoid feature gaps in PSA-based builds.This task is to investigate how to achieve that goal, and break the work down in reasonnably-size and testable steps.
Note: execution of the work will probably depend on #7029
The text was updated successfully, but these errors were encountered: