mbedtls: Fix PSA key encoding

When using TF-M, use the PSA_KEY_TYPE_ECC_KEY_PAIR() macro from
mbedtls_psa_parse_tls_ecc_group(), since that function is supposed to
return a psa_key_type_t. This helps to avoid any misencodings when the
return value from mbedtls_psa_parse_tls_ecc_group() is used directly as
a psa_key_type_t without additional encoding.

Fixes: 0961f31 ("Make PSA util compatible with Mbed Crypto 3.0.1")

Author: Patater

features/mbedtls/inc/mbedtls/psa_util.h

@@ -453,7 +453,7 @@ static inline psa_key_type_t mbedtls_psa_parse_tls_ecc_group(
 {
 #if TARGET_TFM
     *bits = PSA_ECC_CURVE_BITS( tls_ecc_grp_reg_id );
-    return( (psa_ecc_curve_t) tls_ecc_grp_reg_id );
+    return( PSA_KEY_TYPE_ECC_KEY_PAIR( tls_ecc_grp_reg_id ));
 #else
     const mbedtls_ecp_curve_info *curve_info =
         mbedtls_ecp_curve_info_from_tls_id( tls_ecc_grp_reg_id );

features/mbedtls/src/pk.c

@@ -620,9 +620,7 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
     /* prepare the key attributes */
 #if TARGET_TFM
     curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id;
-    key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(
-                                 mbedtls_psa_parse_tls_ecc_group ( curve_id,
-                                 &bits ) );
+    key_type = mbedtls_psa_parse_tls_ecc_group ( curve_id, &bits );
 #else
     curve_id = mbedtls_ecc_group_to_psa( ec->grp.id, &bits );
     key_type = PSA_KEY_TYPE_ECC_KEY_PAIR( curve_id );