From 4bf73ad83f1878c8b8ed085773b43f483eadaca7 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Tue, 4 Apr 2023 10:48:57 +0200
Subject: [PATCH] pkparse: use proper sizing for buffer

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/pkparse.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/library/pkparse.c b/library/pkparse.c
index 11a5b38036..87146af4f8 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -888,7 +888,10 @@ static int pk_derive_public_key(mbedtls_ecp_group *grp, mbedtls_ecp_point *Q,
     psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
     size_t curve_bits;
     psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(grp->id, &curve_bits);
-    unsigned char key_buf[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH];
+    /* This buffer is used to store the private key at first and then the
+     * public one (but not at the same time). Therefore we size it for the
+     * latter since it's bigger. */
+    unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
     size_t key_len = PSA_BITS_TO_BYTES(curve_bits);
     mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
     int ret;