Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PSA interruptible asymmetric operations: basic design #5888

Closed
gilles-peskine-arm opened this issue May 31, 2022 · 2 comments
Closed

PSA interruptible asymmetric operations: basic design #5888

gilles-peskine-arm opened this issue May 31, 2022 · 2 comments
Labels
component-psa PSA keystore/dispatch layer (storage, drivers, …) enhancement size-m Estimated task size: medium (~1w)

Comments

@gilles-peskine-arm
Copy link
Contributor

gilles-peskine-arm commented May 31, 2022
edited
Loading

The goal of this task is to write a basic design of a PSA interruptible operations API. At this stage, some minor questions may be left unanswered.

Normally a cryptographic operation is implemented as a function. The function returns when the calculation is finished. Interruptible operations (which Mbed TLS calls “restartable”) are operations that return after a short period of time, whether the calculation is finished or not. If the calculation is unfinished, its state is saved in a context, and the caller can resume the operation by passing the context to the crypto library again. This is intended for very constrainted embedded environments that do not have preemption.

This API should support long-running operations, meaning asymmetric cryptography: signature, key agreement, asymmetric encryption. (Mbed TLS will not implement the asymmetric encryption interface, but I think it should be there for completeness, and it's only a very minor design effort.)

For the first phase, we're doing just sign-hash, tracked in #6061.
@gilles-peskine-arm gilles-peskine-arm added enhancement component-psa PSA keystore/dispatch layer (storage, drivers, …) size-m Estimated task size: medium (~1w) labels May 31, 2022
@hanno-becker
Copy link

This is intended for very constrainted embedded environments that do not have preemption.

(1) It may also be needed in high performance systems code which runs with interrupts masked.

(2) [Entirely Unrelated] It may be worth considering if the design of such an API can be consolidated with the design of an API for 'streaming' processing, with the user passing or receiving one piece of key material a time (this may be hidden in the 'restart' context). While the use cases are different, the interfaces seem very similar, so maybe something can be done. Such streaming API matters for the support of very large public-key schemes (esp. from PQC) on highly constrained devices, see e.g. https://eprint.iacr.org/2015/1042.pdf MPS already has support for such streaming crypto, so it would be nice for PSA to support it, too.

@gilles-peskine-arm
Copy link
Contributor Author

We've implemented interruptible sign-hash. The rest of the API design will be tracked in the PSA API repository. So I am closing this issue here.

@gilles-peskine-arm gilles-peskine-arm closed this as not planned Won't fix, can't repro, duplicate, stale Jul 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component-psa PSA keystore/dispatch layer (storage, drivers, …) enhancement size-m Estimated task size: medium (~1w)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gilles-peskine-arm @hanno-becker