From d78d695c46db16d6c8769ba9f6d8e3a70dfaeb59 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2024 18:04:55 +0100 Subject: [PATCH 1/2] FFDH in TLS: it's only a limitation for TLS 1.2, not TLS 1.3 Signed-off-by: Gilles Peskine --- docs/driver-only-builds.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 6bd92623a1..e85496a053 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -278,9 +278,11 @@ The same holds for the associated algorithm: removing builtin support (i.e. `MBEDTLS_DHM_C`). Note that the PSA API only supports FFDH with RFC 7919 groups, whereas the -Mbed TLS legacy API supports custom groups. As a consequence, the TLS layer -of Mbed TLS only supports DHE cipher suites if built-in FFDH +Mbed TLS legacy API supports custom groups. As a consequence, the TLS 1.2 +layer of Mbed TLS only supports DHE cipher suites if built-in FFDH (`MBEDTLS_DHM_C`) is present, even when `MBEDTLS_USE_PSA_CRYPTO` is enabled. +(The TLS 1.3 layer uses PSA, and this is not a limitation because the +protocol does not allow custom FFDH groups.) RSA --- From 4f65e1f0752f44a30e69f49281e3bab73e049f26 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Dec 2024 18:05:46 +0100 Subject: [PATCH 2/2] Distinguish between MBEDTLS_PSA_CRYPTO_C and MBEDTLS_PSA_CRYPTO_CLIENT Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/strategy.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/strategy.md b/docs/architecture/psa-migration/strategy.md index a89fe67ad4..5c5d83f1b8 100644 --- a/docs/architecture/psa-migration/strategy.md +++ b/docs/architecture/psa-migration/strategy.md @@ -36,7 +36,9 @@ Compile-time options We currently have a few compile-time options that are relevant to the migration: - `MBEDTLS_PSA_CRYPTO_C` - enabled by default, controls the presence of the PSA - Crypto APIs. + Crypto APIs with their implementations. (Builds with only + `MBEDTLS_PSA_CRYPTO_CLIENT`, where PSA crypto APIs are present but + implemented via third-party code, are out of scope of this document.) - `MBEDTLS_USE_PSA_CRYPTO` - disabled by default (enabled in "full" config), controls usage of PSA Crypto APIs to perform operations in X.509 and TLS (G1 above), as well as the availability of some new APIs (G2 above).