diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f17e6afe9..435aca809 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -244,6 +244,19 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status ) } } +/* Translations for ECC */ + +/* This function transforms an ECC group identifier from + * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 + * into a PSA ECC group identifier. */ +static inline psa_ecc_curve_t mbedtls_psa_parse_tls_ecc_group( + uint16_t tls_ecc_grp_reg_id ) +{ + /* The PSA identifiers are currently aligned with those from + * the TLS Supported Groups registry, so no conversion is necessary. */ + return( (psa_ecc_curve_t) tls_ecc_grp_reg_id ); +} + #endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/library/pk.c b/library/pk.c index 8f649f97e..c0ed54229 100644 --- a/library/pk.c +++ b/library/pk.c @@ -572,7 +572,8 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, return( ret ); curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id; - key_type = PSA_KEY_TYPE_ECC_KEYPAIR(curve_id); + key_type = PSA_KEY_TYPE_ECC_KEYPAIR( + mbedtls_psa_parse_tls_ecc_group ( curve_id ) ); /* allocate a key slot */ if( PSA_SUCCESS != psa_allocate_key( key_type, d_len * 8, &key ) )