psa_util: properly handle secp224r1 private key size Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: 0bc8598d20071c1a8ae122cdeae74f7c53ba0e62 [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Wed Jan 03 15:22:46 2024 +0100
committer: Valerio Setti <valerio.setti@nordicsemi.no> Tue Jan 09 13:41:52 2024 +0100
tree: 0bc2fbadf8c13d03c34186a372e78d65576e9f8d
parent: 8bd330dff554dfbf3e170463bcd21d31e2405595 [diff] [blame]
diff --git a/library/psa_util.c b/library/psa_util.c
index 28b0285..971f965 100644
--- a/library/psa_util.c
+++ b/library/psa_util.c

@@ -232,8 +232,10 @@
             return PSA_ECC_FAMILY_SECP_K1;
 #endif
 #if defined(MBEDTLS_ECP_HAVE_SECP224K1)
+        /* secp224k1 has 224-bit coordinates but 225-bit private keys.
+         * The nominal key size in PSA is the private key size, hence 225. */
         case MBEDTLS_ECP_DP_SECP224K1:
-            *bits = 224;
+            *bits = 225;
             return PSA_ECC_FAMILY_SECP_K1;
 #endif
 #if defined(MBEDTLS_ECP_HAVE_SECP256K1)
@@ -318,7 +320,9 @@
                     return MBEDTLS_ECP_DP_SECP192K1;
 #endif
 #if defined(PSA_WANT_ECC_SECP_K1_224)
-                case 224:
+                /* secp224k1 has 224-bit coordinates but 225-bit private keys.
+                 * The nominal key size in PSA is the private key size, hence 225. */
+                case 225:
                     return MBEDTLS_ECP_DP_SECP224K1;
 #endif
 #if defined(PSA_WANT_ECC_SECP_K1_256)
commit	0bc8598d20071c1a8ae122cdeae74f7c53ba0e62	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Wed Jan 03 15:22:46 2024 +0100
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Tue Jan 09 13:41:52 2024 +0100
tree	0bc2fbadf8c13d03c34186a372e78d65576e9f8d
parent	8bd330dff554dfbf3e170463bcd21d31e2405595 [diff] [blame]