crypto: MAX_SIZE constant for public key or key pair

[gilles-peskine-arm]

The PSA crypto API has constants PSA_EXPORT_KEY_PAIR_MAX_SIZE and PSA_EXPORT_PUBLIC_KEY_MAX_SIZE to determine the size of a buffer to export a key pair or a public key respectively. Occasionally, it would be useful to have a constant for when you know you're working with a key pair or a public key, but you don't know which. Which one is bigger depends on what key types are supported.

This has come up in Mbed TLS when writing code to bridge the PSA API with our legacy API for public-key cryptography. It's not a common requirement, but it could come up when writing generic key management code that knows it's working with asymmetric cryptography, but manipulates both public-key and key-pair objects. Also there's a risk that someone needing this and used to RSA would assume that key pairs are larger, but they're actually not in an ECC-only configuration — or conversely someone used to ECC would make the opposite assumption. Since this is only a macro definition and will not affect an implementation's code size, we might as well include it in the official API.

Tentative name: PSA_EXPORT_KEY_PAIR_OR_PUBLIC_KEY_MAX_SIZE or PSA_EXPORT_ASYMMETRIC_KEY_MAX_SIZE.

[athoelke]

It makes sense - my vote would be for PSA_EXPORT_ASYMMETRIC_KEY_MAX_SIZE