From 56771d12b80705deeed4fc52538c98cbdc18041a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Thu, 12 Feb 2026 12:06:54 +0100
Subject: [PATCH] PK: improve naming & doc of internal macro
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 library/pk.c | 47 ++++++++++++++++++++++++++++-------------------
 1 file changed, 28 insertions(+), 19 deletions(-)

diff --git a/library/pk.c b/library/pk.c
index f9b05a3a51..55e14bf6fc 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -35,20 +35,29 @@
 #include <limits.h>
 #include <stdint.h>
 
-#if defined(MBEDTLS_RSA_C)
-#define PK_HAVE_KEYS_LARGER_THAN_ECC
+/*
+ * We're trying to statisfy two kinds of users:
+ * - those who don't want to use the heap;
+ * - those who can't afford large stack buffers.
+ *
+ * The current compromise is that if ECC is the only key type supported in PK,
+ * then we export keys on the stack, and otherwise we use the heap.
+ */
+#if !defined(MBEDTLS_RSA_C)
+#define PK_EXPORT_KEYS_ON_THE_STACK
 #endif
 
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if defined(PK_EXPORT_KEYS_ON_THE_STACK)
+/* We know for ECC, pubkey are longer than privkeys, but double check */
+#define PK_EXPORT_KEY_STACK_BUFFER_SIZE  MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
+#if MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH > PK_EXPORT_KEY_STACK_BUFFER_SIZE
+#undef PK_EXPORT_KEY_STACK_BUFFER_SIZE
+#define PK_EXPORT_KEY_STACK_BUFFER_SIZE  MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
+#endif
+#else
 #include "mbedtls/platform.h" // for calloc/free
 #endif
 
-/* We know for ECC, pubkey are longer than privkeys, but double check */
-#define PK_MAX_EC_KEYPAIR_OR_PUBKEY_LENGTH  MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH
-#if MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH > PK_MAX_EC_KEYPAIR_OR_PUBKEY_LENGTH
-#undef PK_MAX_EC_KEYPAIR_OR_PUBKEY_LENGTH
-#define PK_MAX_EC_KEYPAIR_OR_PUBKEY_LENGTH  MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH
-#endif
 
 /*
  * Initialise a mbedtls_pk_context
@@ -600,7 +609,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk,
 }
 
 #if defined(MBEDTLS_PSA_CRYPTO_CLIENT)
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
 /*
  * Size needed to export a key of a type supported by PK.
  *
@@ -635,7 +644,7 @@ static size_t pk_export_max_size(psa_key_type_t key_type, size_t bits)
 #endif
     return 0;
 }
-#endif /* PK_HAVE_KEYS_LARGER_THAN_ECC */
+#endif /* PK_EXPORT_KEYS_ON_THE_STACK */
 #endif /* MBEDTLS_PSA_CRYPTO_CLIENT */
 
 #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) || defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -644,17 +653,17 @@ static psa_status_t export_import_into_psa(mbedtls_svc_key_id_t old_key_id,
                                            const psa_key_attributes_t *attributes,
                                            mbedtls_svc_key_id_t *new_key_id)
 {
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
     unsigned char *key_buffer = NULL;
     size_t key_buffer_size = 0;
 #else
-    unsigned char key_buffer[PK_MAX_EC_KEYPAIR_OR_PUBKEY_LENGTH];
+    unsigned char key_buffer[PK_EXPORT_KEY_STACK_BUFFER_SIZE];
     const size_t key_buffer_size = sizeof(key_buffer);
 #endif
     size_t key_length = 0;
 
     /* We are exporting from a PK object, so we know key type is valid for PK */
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
     key_buffer_size = pk_export_max_size(old_type, old_bits);
     key_buffer = mbedtls_calloc(1, key_buffer_size);
     if (key_buffer == NULL) {
@@ -675,7 +684,7 @@ static psa_status_t export_import_into_psa(mbedtls_svc_key_id_t old_key_id,
     mbedtls_platform_zeroize(key_buffer, key_length);
 
 cleanup:
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
     mbedtls_free(key_buffer);
 #endif
     return status;
@@ -962,11 +971,11 @@ static int copy_from_psa(mbedtls_svc_key_id_t key_id,
     psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
     psa_key_type_t key_type;
     size_t key_bits;
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
     unsigned char *exp_key = NULL;
     size_t exp_key_size = 0;
 #else
-    unsigned char exp_key[PK_MAX_EC_KEYPAIR_OR_PUBKEY_LENGTH];
+    unsigned char exp_key[PK_EXPORT_KEY_STACK_BUFFER_SIZE];
     const size_t exp_key_size = sizeof(exp_key);
 #endif
     size_t exp_key_len;
@@ -991,7 +1000,7 @@ static int copy_from_psa(mbedtls_svc_key_id_t key_id,
     }
     key_bits = psa_get_key_bits(&key_attr);
 
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
     exp_key_size = pk_export_max_size(key_type, key_bits);
     exp_key = mbedtls_calloc(1, exp_key_size);
     if (exp_key == NULL) {
@@ -1090,7 +1099,7 @@ static int copy_from_psa(mbedtls_svc_key_id_t key_id,
 
 exit:
     mbedtls_platform_zeroize(exp_key, exp_key_size);
-#if defined(PK_HAVE_KEYS_LARGER_THAN_ECC)
+#if !defined(PK_EXPORT_KEYS_ON_THE_STACK)
     mbedtls_free(exp_key);
 #endif
     psa_reset_key_attributes(&key_attr);