Mbed Crypto 1.0.0
Introduction
Mbed Crypto 1.0.0 has now been released.
The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security (PSA) architecture. Note that while this library is versioned as 1.0.0, the PSA APIs are under development and subject to change based on feedback. The next release of Mbed Crypto may not provide backwards compatibility with this release.
New features
This release of Mbed Crypto adds support for the following features:
- Manage keys through handles instead of requiring external key slot management.
- Implement the new function
psa_copy_key(), allowing copying keys between key slots without an export. - Implement the function
psa_hash_clone(), enabling TLS stacks built on PSA to use the intermediate result of hash calculations as part of the TLS handshake. - Simplify the format of RSA and EC keys, removing the
SubjectPublicKeyInfoencoding layer. - Support wildcard hash in signature policies. This supports concrete use cases which require a different trade-off between safety and flexibility. In particular, X.509 makes it impractical to commit a signature key to a specific hash mechanism as was previously required.
- Other changes for compliance with the PSA Crypto API 1.0.0b1.
- Support 64-bit key IDs when integrated with a PSA Secure Partition Manager (SPM).
API Changes
What is being broken?
By continuing to track the PSA Crypto API, this release of Mbed Crypto includes API breaking changes.
PSA Crypto API 1.0b1 API breaking changes, addressed in Mbed Crypto 1.0.0
- Simplify the EC and RSA public key formats
- Replace manual key slot allocation with dynamic key slot allocation and key handles (affects most PSA Crypto API functions)
- Add and require initializers for PSA Crypto contexts
- Align PSA Crypto error codes with other PSA error codes
Why is it being broken?
Mbed Crypto needs to track the PSA Crypto API in order remain PSA compliant. The PSA Crypto API was not yet finalized in Mbed Crypto 0.1.0 and continues to evolve. We shipped an implementation of early PSA Crypto APIs in Mbed Crypto 0.1.0 to enable building services atop APIs that should be similar to, but may not be compatible with, future versions of the PSA Crypto API.
Impact
Compilation or linker failures when using code written against Mbed Crypto 0.1.0 with Mbed Crypto 1.0.0.
Mitigation and migration path
Please update to the new version of the API.
- Key handles replace key slots. Adapting to this change requires accessing key slots via handles instead of using key slots directly. To obtain a handle to a volatile key slot, allocate a slot with
psa_allocate_key(). To obtain a handle to a persistent key slot, open the key from storage withpsa_open_key(). - Use the new RSA and EC key formats, as documented in
crypto.h. - Initialize PSA crypto contexts before use using appropriate initializers, as documented for each context type in
crypto.h. - Update to using new PSA error codes. Previous error codes have been deprecated.
Driver model
This release includes a specification of the interface that drivers for cryptography accelerators, entropy sources and secure elements must implement. This specification is a work in progress, provided for review purposes only. The implementation does not support drivers yet. The specification is provided in the distribution as docs/PSACryptoDriverModelSpec.pdf.
Intended future changes
The PSA Crypto API is still under development and subject to change based on feedback. The following is a list of major changes that we intend to make in the near future. This list may be revised without notice at any time.
Expected breaking changes from tracking the PSA Crypto API, to be addressed in Mbed Crypto 2.0.0