Use PSA drivers to manage built-in crypto acceleration #8977
Labels
component-crypto
Crypto primitives and low-level interfaces
enhancement
needs-design-approval
size-m
Estimated task size: medium (~1w)
Comments
gilles-peskine-arm
added
enhancement
needs-design-approval
component-crypto
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The PSA accelerator driver mechanism, as specified, can handle the accelerated crypto modules that we ship (AESNI, AESCE, SHA256 and SHA512 acceleration on armv8-A). This is only practical once the tooling is fully mature, so that users can easily choose between having optional acceleration with fallback, acceleration only or no acceleration.
If the tooling isn't mature enough by the time of the 4.0 release, or if we don't want to put in the work before 4.0, we could potentially do this in a 4.x minor release, keeping the existing options for compatibility but using the driver structure under the hood. This would break for people who have their own handwritten driver wrapper file, which may or may not be a concern.
Related: Mbed-TLS/TF-PSA-Crypto#99
The text was updated successfully, but these errors were encountered: