commit 65df79303fafe853809dc392f8eb91d2bddec31d
author Valerio Setti <valerio.setti@nordicsemi.no> Thu Jan 04 10:58:36 2024 +0100
committer Valerio Setti <valerio.setti@nordicsemi.no> Tue Jan 09 13:41:52 2024 +0100
tree d88738b3707ff2931982b796f6f8c9fe3a7b737a
parent ac739524740747292352b8b8393e7fdbe244b6d2

psa_crypto_ecp: return unsupported for secp224k1 in check_ecc_parameters()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

library/psa_crypto_ecp.c

diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
index f38efff..d6b640c 100644
--- a/library/psa_crypto_ecp.c
+++ b/library/psa_crypto_ecp.c
@@ -77,14 +77,14 @@
         case PSA_ECC_FAMILY_SECP_K1:
             switch (*bits) {
                 case 192:
-                case 224:
                 case 256:
                     return PSA_SUCCESS;
-                /* secp224k1 has 224-bit coordinates but 225-bit private keys.
-                 * This means that private keys are represented with 232 bits. */
+                /* secp224k1 is not and will not be supported in PSA (#3541).
+                 * Note: secp224k1 has 225-bit private keys which are rounded
+                 * up to 232 for their representation. */
+                case 224:
                 case 232:
-                    *bits = 225;
-                    return PSA_SUCCESS;
+                    return PSA_ERROR_NOT_SUPPORTED;
             }
             break;
     }