Parsec Operations Coverage

These tables define the current level of coverage in Parsec for the operations and their parameters. Only the operations specified and that have a dedicated page are put in the following table.

Not all parameters (key types, algorithms) of the operation might be supported. See the following sections for details.

OperationCore providerMbed Crypto providerPKCS 11 providerTPM 2.0 provider
Ping
ListProviders
ListOpcodes
ListAuthenticators
ListKeys
PsaImportKey
PsaGenerateKey
PsaDestroyKey
PsaExportKey
PsaExportPublicKey
PsaHashCompute
PsaHashCompare
PsaMacCompute
PsaMacVerify
PsaCipherEncrypt
PsaCipherDecrypt
PsaAeadEncrypt
PsaAeadDecrypt
PsaSignMessage
PsaVerifyMessage
PsaSignHash
PsaVerifyHash
PsaAsymmetricEncrypt
PsaAsymmetricDecrypt
PsaRawKeyAgreement
PsaGenerateRandom

Key types support

This table describe if the following key types are supported for key management operations.

Key typeMbed Crypto providerPKCS 11 providerTPM 2.0 provider
RawData
Hmac
Derive
Aes
Des
Camellia
Arc4
Chacha20
RsaPublicKey
RsaKeyPair
EccKeyPair
EccPublicKey
DhKeyPair
DhPublicKey

Algorithm support

These tables describe if the following algorithms are supported in all cryptographic operations they could be used in.

Hash algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
MD2
MD4
MD5
RIPEMD-160
SHA-1
SHA-224
SHA-256
SHA-384
SHA-512
SHA-512/224
SHA-512/256
SHA3-224
SHA3-256
SHA3-384
SHA3-512

MAC algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
HMAC
CBC-MAC
CMAC

Cipher algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
Stream Cipher
CTR
CFB
OFB
XTS
ECB with no padding
CBC with no padding
CBCP with PKCS#7 padding

AEAD algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
CCM
GCM
ChaCha20-Poly1305

Asymmetric signature algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
RSA PKCS#1 v1.5 signature with hashing
Raw PKCS#1 v1.5 signature
RSA PSS signature with hashing
ECDSA signature with hashing
ECDSA signature without hashing
Deterministic ECDSA signature with hashing

Asymmetric encryption algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
RSA PKCS#1 v1.5 encryption
RSA OAEP encryption

Key agreement algorithms

AlgorithmMbed Crypto providerPKCS 11 providerTPM 2.0 provider
FFDH
ECDH

Increasing PSA API coverage

You can help increase the coverage of the PSA Crypto API! See here on how you can contribute.

Copyright 2020 Contributors to the Parsec project.