From 7d7867fb44778262a6b14674d03c11e29bcc5768 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Tue, 13 Aug 2024 16:02:08 +0200
Subject: [PATCH] psa_crypto_core: take also cipher's key length into account
 when sizing static key buffer

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tf-psa-crypto/core/psa_crypto_core.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tf-psa-crypto/core/psa_crypto_core.h b/tf-psa-crypto/core/psa_crypto_core.h
index 5f59697612..a3c0fd6f19 100644
--- a/tf-psa-crypto/core/psa_crypto_core.h
+++ b/tf-psa-crypto/core/psa_crypto_core.h
@@ -56,9 +56,12 @@ typedef enum {
 } psa_key_slot_state_t;
 
 /* If the size of static key slots is not explicitly defined by the user, then
- * set it to PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE. */
+ * set it to the maximum between PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE and
+ * PSA_CIPHER_MAX_KEY_LENGTH. */
 #if !defined(MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE)
-#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE        (PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE)
+#define MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE  \
+    (PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE > PSA_CIPHER_MAX_KEY_LENGTH) ? \
+    PSA_EXPORT_KEY_PAIR_OR_PUBLIC_MAX_SIZE : PSA_CIPHER_MAX_KEY_LENGTH
 #endif /* !MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE*/
 
 /** The data structure representing a key slot, containing key material