From f466a284c12b8843f7d488029886976f68d332b2 Mon Sep 17 00:00:00 2001
From: Waleed Elmelegy <waleed.elmelegy@arm.com>
Date: Tue, 3 Dec 2024 13:52:28 +0000
Subject: [PATCH] Fix checks for key type in psa_export_public_key_iop_setup()

Key type must be a key pair or public-key if not we return
PSA_ERROR_INVALID_ARGUMENT.

The key type must be ECC key as this is what we support for
now otherwise we return PSA_ERROR_NOT_SUPPORTED.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
---
 tf-psa-crypto/core/psa_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tf-psa-crypto/core/psa_crypto.c b/tf-psa-crypto/core/psa_crypto.c
index 13ab40a3b6..a298fcc7ae 100644
--- a/tf-psa-crypto/core/psa_crypto.c
+++ b/tf-psa-crypto/core/psa_crypto.c
@@ -1717,12 +1717,14 @@ psa_status_t psa_export_public_key_iop_setup(psa_export_public_key_iop_t *operat
 
     private_key_type = psa_get_key_type(&private_key_attributes);
 
-    if (!PSA_KEY_TYPE_IS_KEY_PAIR(private_key_type)) {
+    if (!PSA_KEY_TYPE_IS_KEY_PAIR(private_key_type) &&
+        !PSA_KEY_TYPE_IS_PUBLIC_KEY(private_key_type)) {
         status = PSA_ERROR_INVALID_ARGUMENT;
         goto exit;
     }
 
-    if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key_type)) {
+    if (!PSA_KEY_TYPE_IS_ECC_KEY_PAIR(private_key_type) &&
+        !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(private_key_type)) {
         status = PSA_ERROR_NOT_SUPPORTED;
         goto exit;
     }