mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard

Published 20 hours ago verified publisher icon Mbed-TLS

Add client-server build to all.sh

Open gilles-peskine-arm opened this issue 11 months ago • 0 comments

Starting from the all.sh component created in https://github.com/Mbed-TLS/mbedtls/issues/8962:

  1. In that component, build Mbed TLS twice, in separate build directories:
    • Once with the configuration of component_build_full_psa_crypto_client_without_crypto_provider, but with some potentially problematic features disabled:
      • Disable MBEDTLS_X509_RSASSA_PSS_SUPPORT and the RSA key exchanges.
      • Disable restartable ECC.
      • Disable multithreading.
    • once with the configuration of component_build_psa_crypto_spm (and that component can be removed).
  2. Run psasim with a server linked with libmbedcrypto with the SPM configuration, and a client linked with libmbed{crypto,x509,tls}.
  3. Implement psa_crypto_init on the client to open a connection to the server, and mbedtls_psa_crypto_free to close the connection. The server doesn't need to maintain any client state (that will come later).

Prerequisites: https://github.com/Mbed-TLS/mbedtls/issues/8962

gilles-peskine-arm avatar Mar 20 '24 17:03 gilles-peskine-arm