TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 03cb87ea3ce020d5bcd13bb4399bd84fa3cc68a1^! / .
commit03cb87ea3ce020d5bcd13bb4399bd84fa3cc68a1[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Wed Mar 22 16:06:47 2023 +0100
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Fri Mar 24 10:44:59 2023 +0100
treebf17846e81f4cdf5e53fa6354041a0b6a5234511
parent52f7edb6adf1cb256643a6524b13838843291b86 [diff]
Update psa-limitations.md

For recent work and latest plans.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

diff --git a/docs/architecture/psa-migration/psa-limitations.md b/docs/architecture/psa-migration/psa-limitations.md
index c368023..b81aeb4 100644
--- a/docs/architecture/psa-migration/psa-limitations.md
+++ b/docs/architecture/psa-migration/psa-limitations.md

@@ -11,11 +11,15 @@
 Limitations relevant for G1 (performing crypto operations)
 ==========================================================
 
-Restartable ECC operations
---------------------------
+Restartable (aka interruptible) ECC operations
+----------------------------------------------
 
-There is currently no support for that in PSA at all, but it will be added at
-some point, see <https://github.com/orgs/Mbed-TLS/projects/1#column-18816849>.
+Support for interruptible ECDSA sign/verify was added to PSA in Mbed TLS 3.4.
+However support for interruptible ECDH is not present yet. Also, PK, X.509 and
+TLS have not yet been adapted to take advantage of the new PSA APIs. See:
+- <https://github.com/Mbed-TLS/mbedtls/issues/7292>;
+- <https://github.com/Mbed-TLS/mbedtls/issues/7293>;
+- <https://github.com/Mbed-TLS/mbedtls/issues/7294>.
 
 Currently, when `MBEDTLS_USE_PSA_CRYPTO` and `MBEDTLS_ECP_RESTARTABLE` are
 both enabled, some operations that should be restartable are not (ECDH in TLS
@@ -78,6 +82,10 @@
 migration by implementing RFC 7919. (Implementing RFC 7919 could be done any
 time; making it mandatory can only be done in 4.0 or another major version.)
 
+As of early 2023, the plan is to go with option 2 in Mbed TLS 4.0, which has
+been announced on the mailing-list and got no push-back, see
+<https://github.com/Mbed-TLS/mbedtls/issues/5278>.
+
 RSA-PSS parameters
 ------------------
 
@@ -321,6 +329,8 @@
    in the meantime. Such an extension seems inconvenient and not motivated by
 strong security arguments, so it's unclear whether it would be accepted.
 
+Since Mbed TLS 3.4, option 1 is implemented.
+
 Limitations relevant for G2 (isolation of long-term secrets)
 ============================================================