From 064888bb2ac535d2aa12dd924fe891364e06a91a Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Thu, 31 Mar 2022 09:05:03 -0700
Subject: [PATCH] Add KCAPI ECC support for using a private key id.

---
 wolfcrypt/src/port/kcapi/kcapi_ecc.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/wolfcrypt/src/port/kcapi/kcapi_ecc.c b/wolfcrypt/src/port/kcapi/kcapi_ecc.c
index 07248c653..4cb0a1c66 100644
--- a/wolfcrypt/src/port/kcapi/kcapi_ecc.c
+++ b/wolfcrypt/src/port/kcapi/kcapi_ecc.c
@@ -293,8 +293,18 @@ static int KcapiEcc_SetPrivKey(ecc_key* key)
     if (ret == 0) {
         priv[0] = ECDSA_KEY_VERSION;
         priv[1] = kcapiCurveId;
-        ret = wc_export_int(&key->k, priv + KCAPI_PARAM_SZ, &keySz, keySz,
-                            WC_TYPE_UNSIGNED_BIN);
+    #ifdef WOLF_PRIVATE_KEY_ID
+        if (key->idLen > 0) {
+            WOLFSSL_MSG("Using ID based private key");
+            keySz = key->idLen;
+            XMEMCPY(priv + KCAPI_PARAM_SZ, key->id, keySz);
+        }
+        else
+    #endif
+        {
+            ret = wc_export_int(&key->k, priv + KCAPI_PARAM_SZ, &keySz, keySz,
+                                WC_TYPE_UNSIGNED_BIN);
+        }
     }
     if (ret == 0) {
         /* call with NULL to so KCAPI treats incoming data as hash */