search

Mbed-TLS / TF-PSA-Crypto

Reference implementation of the PSA Cryptography API
Apache License 2.0
7 stars 6 forks source link

Naming scheme for crypto tuning options #101

Open gilles-peskine-arm opened 1 month ago

gilles-peskine-arm commented 1 month ago

The goal of this issue is to define a naming scheme for configuration options that tune how cryptography is performed. This excludes cryptographic mechanism selection (PSA_WANT_xxx), driver availability (driver JSON parametrization), and platform options (handled separately).

The relevant boolean options in Mbed TLS 3.6 are:

MBEDTLS_AES_FEWER_TABLES
MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
MBEDTLS_AES_ROM_TABLES
MBEDTLS_CAMELLIA_SMALL_MEMORY
MBEDTLS_ECP_FIXED_POINT_OPTIM
MBEDTLS_ECP_NIST_OPTIM

If any of those options are to be removed or reorganized, this should be tracked as a separate issue.

gilles-peskine-arm commented 1 month ago

I just found that this already exists in the mbedtls repository. https://github.com/Mbed-TLS/mbedtls/issues/9100

gilles-peskine-arm commented 1 month ago

The mbedtls issue is a broader study issue, so on second thoughts I'm reopening this one to focus on the options that are being moved and renamed.