psa_export_public_key() function

Export a public key or the public part of a key pair in binary format. The output of this function can be passed to psa_import_key() to create an object that is equivalent to the public key. This specification supports a single format for each key type. Implementations may support other formats as long as the standard format is supported. Implementations that support other formats should ensure that the formats are clearly unambiguous so as to minimize the risk that an invalid input is accidentally interpreted according to a different format. For standard key types, the output format is as follows: - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the DER encoding of the representation defined by RFC 3279 §2.3.1 as `RSAPublicKey`. ``` RSAPublicKey ::= SEQUENCE { modulus INTEGER, -- n publicExponent INTEGER } -- e ``` - For elliptic curve keys on a twisted Edwards curve (key types for which #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true and #PSA_KEY_TYPE_ECC_GET_FAMILY returns #PSA_ECC_FAMILY_TWISTED_EDWARDS), the public key is as defined by RFC 8032 (a 32-byte string for Edwards25519, a 57-byte string for Edwards448). - For other elliptic curve public keys (key types for which #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true), the format is the uncompressed representation defined by SEC1 §2.3.3 as the content of an ECPoint. Let `m` be the bit size associated with the curve, i.e. the bit size of `q` for a curve over `F_q`. The representation consists of: - The byte 0x04; - `x_P` as a `ceiling(m/8)`-byte string, big-endian; - `y_P` as a `ceiling(m/8)`-byte string, big-endian. - For Diffie-Hellman key exchange public keys (key types for which #PSA_KEY_TYPE_IS_DH_PUBLIC_KEY is true), the format is the representation of the public key `y = g^x mod p` as a big-endian byte string. The length of the byte string is the length of the base prime `p` in bytes. Exporting a public key object or the public part of a key pair is always permitted, regardless of the key's usage flags.