psa_crypto_core: take also cipher's key length into account when sizing static key buffer

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-03-28 19:21:08 +00:00 · 2024-08-13 16:02:08 +02:00 · 2024-08-13 16:02:08 +02:00 · 7d7867fb44
commit 7d7867fb44
parent 5278ebd186
1 changed files with 5 additions and 2 deletions
--- a/tf-psa-crypto/core/psa_crypto_core.h
+++ b/tf-psa-crypto/core/psa_crypto_core.h
@ -56,9 +56,12 @@ typedef enum {
 } psa_key_slot_state_t;

 /* If the size of static key slots is not explicitly defined by the user, then
- * set it to PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE. */
+ * set it to the maximum between PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE and
+ * PSA_CIPHER_MAX_KEY_LENGTH. */
 #if !defined(MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE)
-#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE        (PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE)
+#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE  \
+    (PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE > PSA_CIPHER_MAX_KEY_LENGTH) ? \
+    PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE : PSA_CIPHER_MAX_KEY_LENGTH
 #endif /* !MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE*/

 /** The data structure representing a key slot, containing key material