Deprecate the pkcs11-helper wrapper

[gilles-peskine-arm]

We are deprecating the pkcs11-helper module in Mbed TLS (MBEDTLS_PKCS11_C, i.e. mbedtls_pkcs11_xxx and mbedtls_ssl_pkcs11_xxx functions in pkcs11.c). We've announced this in a low-key way through a pull request over a year ago. It's high time to make this official.

The pkcs11-helper module has some use. However, it is wholly untested, so if we have inadvertently broken it, we wouldn't even know.

Migration paths

If you have a TLS server authentication key in a device with a PKCS#11 interface, you can use the generic support for TLS keys in an external cryptoprocessor. This feature is not available for client authentication.

The library can work with RSA private keys in an external cryptoprocessor using the RSA “alt” functionality. This feature is not available for EC keys.

Future plans

In the future, we intend to support PKCS#11 via the PSA secure element interface. Limited support for using the PSA cryptography interface is already present in the TLS code, and limited support for the PSA secure element is present in Mbed Crypto. However, this support is not yet production-quality. At this point we do not yet have a PKCS#11 secure element driver for PSA Crypto. We intend to have one eventually, but at this point we intend for it to interact directly with the Cryptoki interface, not with the pkcs11-helper interface.

What projects are using the Mbed TLS PKCS11 module?

• OpenVPN uses it in the current version (2.24.x). However the development version (not yet released) no longer relies on pkcs11-helper support in Mbed TLS (they use RSA alt instead).
• Anyone else? Please let us know!

[gilles-peskine-arm]

Mailing list discussion: https://lists.trustedfirmware.org/pipermail/mbed-tls/2020-April/000024.html

[mpg]

This module has been officially deprecated by #2261, first included in the Mbed TLS 2.21 release, published 2020-02-20. So I think this issue can be closed.