For an IETF protocol that I am currently implementing a compact representation [1] of ECDH public keys needs to be sent over the network and be used on the receiving side for deriving a shared secret. With psa_export_public_key() I can export the public key form a psa_key_id_t object. The exported key is 65 bytes long (I am working with P256) which has the format 04|x|y as documented in [2].

It is easy to compress the public key before sending it -> just send the x part.

How to decompress the x part back to the representation 04|x|y. As far I understand the psa_raw_key_agreement() function

the public key must be encoded "in the same format that psa_import_key() accepts", that is 04|x|y [3]. Is there a function for that?

[1]: https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-12#appendix-B

draft-ietf-lake-edhoc-12

Network Working Group G. Selander Internet-Draft J. Preuß Mattsson Intended status: Standards Track F. Palombini Expires: 23 April 2022 Ericsson 20 October 2021 Ephemeral Diffie-Hellman Over COSE (EDHOC) draft-ietf-lake-edhoc-12 Abstract This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys.

datatracker.ietf.org

[2]: https://github.com/ARMmbed/mbedtls/blob/f660c7c92308b6080f8ca97fa1739370d1b2fab5/include/psa/crypto.h#L783

mbedtls/crypto.h at f660c7c92308b6080f8ca97fa1739370d1b2fab5 · ARMmbed/mbedtls

An open source, portable, easy to use, readable and flexible SSL library - mbedtls/crypto.h at f660c7c92308b6080f8ca97fa1739370d1b2fab5 · ARMmbed/mbedtls

github.com

[3]: https://github.com/ARMmbed/mbedtls/blob/f660c7c92308b6080f8ca97fa1739370d1b2fab5/include/psa/crypto.h#L3968

mbedtls/crypto.h at f660c7c92308b6080f8ca97fa1739370d1b2fab5 · ARMmbed/mbedtls

An open source, portable, easy to use, readable and flexible SSL library - mbedtls/crypto.h at f660c7c92308b6080f8ca97fa1739370d1b2fab5 · ARMmbed/mbedtls

github.com