Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Study: Adapt "Mbed TLS feature support" configuration options for the crypto split #9100

Open
ronald-cron-arm opened this issue May 6, 2024 · 0 comments
Open

Study: Adapt "Mbed TLS feature support" configuration options for the crypto split #9100

ronald-cron-arm opened this issue May 6, 2024 · 0 comments
Assignees
@ronald-cron-arm
Labels
enhancement priority-high High priority - will be reviewed soon
Projects
EPICs for Mbed TLS

Comments

@ronald-cron-arm
Copy link
Contributor

ronald-cron-arm commented May 6, 2024
edited

Adapt the configuration options in the section "Mbed TLS feature support" of mbedtls_config.h for the crypto split. As of 771fd7d there are 160 such options.

Table columns legend:
R: Remove
K: Keep in mbedtls_config.h
M: Move to crypto_config.h:C-G(general),C-S(system, not in TF-PSA-Crypto config yet), C-C(core section), C-D(driver section)

R K Move to Comment
MBEDTLS_*_ALT x #8149
MBEDTLS_AES_ROM_TABLES C-D
MBEDTLS_AES_FEWER_TABLES C-D
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH C-D
MBEDTLS_AES_USE_HARDWARE_ONLY C-D
MBEDTLS_CAMELLIA_SMALL_MEMORY C-D
MBEDTLS_CHECK_RETURN_WARNING C-G
MBEDTLS_CIPHER_* x #8153
MBEDTLS_CTR_DRBG_USE_128_BIT_KEY C-D
MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED C-D
MBEDTLS_ECP_DP_*_ENABLED x #8153
MBEDTLS_ECP_NIST_OPTIM C-D
MBEDTLS_ECP_RESTARTABLE ???
MBEDTLS_ECP_WITH_MPI_UINT C-D
MBEDTLS_ECDSA_DETERMINISTIC x #8153
MBEDTLS_KEY_EXCHANGE_*_ENABLED x
MBEDTLS_PK_PARSE_EC_EXTENDED ???
MBEDTLS_PK_PARSE_EC_COMPRESSED ???
MBEDTLS_ERROR_STRERROR_DUMMY x
MBEDTLS_GENPRIME x #8153
MBEDTLS_FS_IO C-G
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES C-C
MBEDTLS_NO_PLATFORM_ENTROPY C-C TF_PSA_CRYPTO_PLATFORM_ENTROPY in TF-PSA-Crypto
MBEDTLS_ENTROPY_FORCE_SHA256 C-C
MBEDTLS_ENTROPY_NV_SEED C-C
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER C-C
MBEDTLS_MEMORY_DEBUG C-G
MBEDTLS_MEMORY_BACKTRACE C-G
MBEDTLS_PK_RSA_ALT_SUPPORT x #8149
MBEDTLS_PKCS1_V15 x #8153
MBEDTLS_PKCS1_V21 x #8153
MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS C-C
MBEDTLS_PSA_CRYPTO_CLIENT C-C
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG C-C
MBEDTLS_PSA_CRYPTO_SPM C-C
MBEDTLS_PSA_P256M_DRIVER_ENABLED C-D
MBEDTLS_PSA_INJECT_ENTROPY C-C
MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS C-C
MBEDTLS_RSA_NO_CRT C-D
MBEDTLS_SELF_TEST C-G
MBEDTLS_SHA256_SMALLER C-D
MBEDTLS_SHA512_SMALLER C-D
MBEDTLS_SSL_* x
MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN C-G
MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND C-G
MBEDTLS_TEST_HOOKS C-G
MBEDTLS_THREADING_ALT C-S
MBEDTLS_THREADING_PTHREAD C-S
MBEDTLS_USE_PSA_CRYPTO x
MBEDTLS_PSA_CRYPTO_CONFIG x
MBEDTLS_VERSION_FEATURES C-G
MBEDTLS_X509_* x
@ronald-cron-arm ronald-cron-arm added enhancement priority-high High priority - will be reviewed soon labels May 6, 2024
@ronald-cron-arm ronald-cron-arm added this to TF-PSA-Crypto live in EPICs for Mbed TLS May 6, 2024
@ronald-cron-arm ronald-cron-arm changed the title Adapt "Mbed TLS feature support" configuration options for the crypto split Study: Adapt "Mbed TLS feature support" configuration options for the crypto split May 6, 2024
@ronald-cron-arm ronald-cron-arm self-assigned this May 7, 2024
@gilles-peskine-arm gilles-peskine-arm mentioned this issue May 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ronald-cron-arm ronald-cron-arm

Labels
enhancement priority-high High priority - will be reviewed soon
Projects
EPICs for Mbed TLS
Configuration split
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ronald-cron-arm