Baseline Feature Completeness
No due date
60% complete
Support every kind of operation expected from a full-blown crypto provider in decreasing order of priority:
- ASN.1 (low-level abstractions, parsing, encoding, construction, high-level encoding) in the crypto context (i.e. no ANS.1 REAL, etc.)
-
Signing+Verifying
- EC (NIST curves)
- RSA (PKCS#1, PSS)
-
HW-backed crypto on iOS + Android
- Biometric Auth
- Passp…
Support every kind of operation expected from a full-blown crypto provider in decreasing order of priority:
- ASN.1 (low-level abstractions, parsing, encoding, construction, high-level encoding) in the crypto context (i.e. no ANS.1 REAL, etc.)
- Signing+Verifying
- EC (NIST curves)
- RSA (PKCS#1, PSS)
- HW-backed crypto on iOS + Android
- Biometric Auth
- Passphrase-based Auth
- Attestation support
- Symmetric Encryption/Decryption
- AES-CBC
- AES-GCM
- Key Agreement
- ECDH
- Asymmetric Encryption/Decryption
- RSA
- Key Wrapping
- AES key wrapping
- KDF/KSF
- HKDF
- PBKDF2
- Scrypt
- MAC
- HMAC-SHA1
- HMAC-SHA{256-512}
This is not about supporting specific algorithms, paddings, etc, but to have all interfaces ready, with at least a single algorithm being usable across all targets