Use Explicit Context in the Crypto API.

[lhuang04]

Legacy mbedtls crypto API uses explicit context, this removes the global variable and makes the thread-safety easily guaranteed .

We use mbedtls 2.x for Family of Apps in Meta Platforms. We chose it primarily because of the small binary size. Here are our use cases.

• It is used by different libraries for different purposes.
  • As a TLS library for QUIC/HTTPS client
  • As a TLS library for MQTT client
  • As a crypto library for encryption, and decryption
• It is linked as a single dynamic library for an App.
  • There is only one copy of mbedtls library in an App, but it may be instantiated as many different instances.
  • Each mbedtls instance is maintained by different teams for different workloads, so we like to have it independent of each other.
• It is used in a multithreaded environment.
  • We archive thread-safety by running each mbedtls instance in its own thread.

When we started integrating mbedtls PSA crypto, one issue was the use of global_data in PSA crypto.

• We may need synchronization between our libraries, otherwise we may run into thread-safety issues when we call psa_crypto_init from different threads.
• There may be no concurrency, for example, there is only one slot for a volatile key.
• All libraries need to share the same set of key slots.

cc @hannestschofenig, @ronald-cron-arm, @daverodgman.

[paul-elliott-arm]

Hi!

I can confirm we are looking at the unsafe access to key slots problem over the next quarter or so, but this is of course only one part of your complaint. I can certainly take a look at the other issues, and see how simple (or not) they would be to solve, however I cannot promise anything on them as yet.