From 65df79303fafe853809dc392f8eb91d2bddec31d Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Thu, 4 Jan 2024 10:58:36 +0100
Subject: [PATCH] psa_crypto_ecp: return unsupported for secp224k1 in
 check_ecc_parameters()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/psa_crypto_ecp.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
index f38efff670..d6b640cf75 100644
--- a/library/psa_crypto_ecp.c
+++ b/library/psa_crypto_ecp.c
@@ -77,14 +77,14 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits)
         case PSA_ECC_FAMILY_SECP_K1:
             switch (*bits) {
                 case 192:
-                case 224:
                 case 256:
                     return PSA_SUCCESS;
-                /* secp224k1 has 224-bit coordinates but 225-bit private keys.
-                 * This means that private keys are represented with 232 bits. */
+                /* secp224k1 is not and will not be supported in PSA (#3541).
+                 * Note: secp224k1 has 225-bit private keys which are rounded
+                 * up to 232 for their representation. */
+                case 224:
                 case 232:
-                    *bits = 225;
-                    return PSA_SUCCESS;
+                    return PSA_ERROR_NOT_SUPPORTED;
             }
             break;
     }