psa-api icon indicating copy to clipboard operation
psa-api copied to clipboard

Published 20 hours ago verified publisher icon ARM-software

Integrate the PAKE Extension into the Crypto API specification

Open athoelke opened this issue 11 months ago • 0 comments

[Updated: rebased the PR after publication of Crypto API 1.2.1, and updated the rendered PDF]

As an initial step for the Crypto API 1.3 release, integrate the API for PAKE operations into the primary specification, now that the PAKE Extension is Final.

Fixes #170.

A draft PDF render of the integrated specification: IHI0086-PSA_Certified_Crypto_API-1.3.0-integrate-pake-draft.2.pdf

Notes on the integration

  • Most of the extension forms a new sub-chapter within Cryptographic operations, but the key type and encoding information for SPAKE2+ is integrated into the respective sections.
  • Previous indirect references to the Crypto API, have been replaced with direct cross-references. (I hope I didn't miss any)
  • I have reworked parts of the Functionality chapter, as multi-part operations are now used with asymmetric cryptography as well.
  • Lists of 'key creation functions' all include the psa_pake_get_shared_key().

athoelke avatar Feb 28 '24 10:02 athoelke