Hi Gergely,
Currently the only solution with the PSA crypto API is to have
preemption in the runtime environment.
We do plan to add a PSA Crypto equivalent of MBEDTLS_ECP_RESTARTABLE and
implement that in Mbed TLS, but it isn't scheduled yet. I've just
created an epic for it
https://github.com/orgs/Mbed-TLS/projects/1#column-18816849 “PSA
restartable operations”. I'm afraid we're unlikely to start work until
we've completed many of the already existing epics.
Best regards,
--
Gilles Peskine
PSA Crypto architect and Mbed TLS developer
On 31/05/2022 14:32, gergely.nagymate--- via mbed-tls wrote:
> Hi,
>
> I am using mbedTLS v3.0.0 on a low performance CPU on a non-threaded environment, a custom task manager, which is not a preemptive operating system.
>
> I have been using MBEDTLS_ECP_RESTARTABLE so even the long ECC calculations during the handshake periodically returned so the external logic and task manager could run without being blocked for too long.
>
> Recently an IoT SAFE implementation was introduced through PSA API. It is used for RNG and verification calculation, but not for ECDSA and ECDH during key exchange.
> PSA API is designed for threaded environments and can not simultaneously use MBEDTLS_ECP_RESTARTABLE. Now the ECC functions block for several seconds.
>
> Do you have a recommendation on how to use PSA on non-threaded environments, or how to inject external logic execution during these long ECC operations?
>
> Thanks,
> Gergely