RSA-PSS signing using hardware acceleration (ALT) about mbedtls HOT 3 CLOSED

Hi, I am not completely familiar with that part of the MbedTLS code but it seems that rsa_sign_wrap supports both RSASSA-PKCS1-v1_5 and RSASSA-PSS signature schemes thus in a similar way it may be possible for the alternative function of type mbedtls_pk_rsa_alt_sign_func to support RSASSA-PSS signature as well. I can see that rsa_alt_can_do would need to be changed to indicate that it supports key of type MBEDTLS_PK_RSASSA_PSS though.

Otherwise please note that we are likely to deprecate the ALT interfaces in the next major release (4.0) and nowadays we rather advice to add support for hardware acceleration through the PSA driver interface, see docs/proposed/psa-driver-interface.md.

from mbedtls.

ALT interfaces are deprecated. The preferred way to accelerate crypto in Mbed TLS today is with PSA drivers.

If you prefer the old way (which, for RSA, does lead to reduced code size), you can define MBEDTLS_RSA_ALT and write a full replacement for rsa.c. This lets you use whatever accelerators are present on your platform.

The MBEDTLS_PK_RSA_ALT interface (intended for keys in external secure elements) does not support PSS or OAEP. It supports a single signature mechanism and a single decryption mechanism. mbedtls_pk_sign_ext rejects RSA_ALT keys when asked to calculate a PSS signature. You can “cheat” and make the alt functions calculate PSS/OAEP, and then mbedtls_pk_sign and mbedtls_pk_decrypt will calculate PSS/OAEP. But you can't use that key from X.509 or TLS code: that code assumes that mbedtls_pk_sign calculates a PKCS#1v1.5 signature and mbedtls_pk_sign_ext(MBEDTLS_PK_RSA_PSS, ...) calculates a PSS signature.

from mbedtls.

I am closing this issue because ALT interfaces are deprecated and will not be extended.

from mbedtls.