Fix checks for key type in psa_export_public_key_iop_setup()
Key type must be a key pair or public-key if not we return
PSA_ERROR_INVALID_ARGUMENT.
The key type must be ECC key as this is what we support for
now otherwise we return PSA_ERROR_NOT_SUPPORTED.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c
index 13ab40a..a298fcc 100644
--- a/tf-psa-crypto/core/psa_crypto.c
+++ b/tf-psa-crypto/core/psa_crypto.c
@@ -1717,12 +1717,14 @@
private_key_type = psa_get_key_type(&private_key_attributes);
- if (!PSA_KEY_TYPE_IS_KEY_PAIR(private_key_type)) {
+ if (!PSA_KEY_TYPE_IS_KEY_PAIR(private_key_type) &&
+ !PSA_KEY_TYPE_IS_PUBLIC_KEY(private_key_type)) {
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
- if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key_type)) {
+ if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key_type) &&
+ !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(private_key_type)) {
status = PSA_ERROR_NOT_SUPPORTED;
goto exit;
}