CR50: make public key part generation optional.

Callers may not need computation of the public key.
Making this optional speeds this routine up.

Cr50 never passes in NULL for any argument, so is not affected.

BUG=none
TEST=build
BRANCH=none
Change-Id: Ia0077a35064f53b53f51867254aaa51eac6c55d8
Reviewed-on: https://chromium-review.googlesource.com/427058
Reviewed-by: Marius Schilder <mschilder@chromium.org>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
Tested-by: Marius Schilder <mschilder@chromium.org>

chip/g/dcrypto/dcrypto.h

@@ -145,8 +145,13 @@ int DCRYPTO_p256_base_point_mul(p256_int *out_x, p256_int *out_y,
 int DCRYPTO_p256_point_mul(p256_int *out_x, p256_int *out_y,
 			const p256_int *n, const p256_int *in_x,
 			const p256_int *in_y);
+/*
+ * Produce uniform private key from seed.
+ * If x or y is NULL, the public key part is not computed.
+ * Returns !0 on success.
+ */
 int DCRYPTO_p256_key_from_bytes(p256_int *x, p256_int *y, p256_int *d,
-				const uint8_t key_bytes[P256_NBYTES]);
+				const uint8_t bytes[P256_NBYTES]);
 /* P256 based integration encryption (DH+AES128+SHA256). */
 /* Authenticated data may be provided, where the first auth_data_len
  * bytes of in will be authenticated but not encrypted. */

chip/g/dcrypto/p256.c

@@ -16,14 +16,14 @@ static const p256_int p256_one = P256_ONE;
 int DCRYPTO_p256_key_from_bytes(p256_int *x, p256_int *y, p256_int *d,
 				const uint8_t key_bytes[P256_NBYTES])
 {
-	int result;
 	p256_int key;
 
 	p256_from_bin(key_bytes, &key);
 	if (p256_cmp(&SECP256r1_nMin2, &key) < 0)
 		return 0;
 	p256_add(&key, &p256_one, d);
-	result = dcrypto_p256_base_point_mul(d, x, y);
 	dcrypto_memset(&key, 0, sizeof(key));
-	return result;
+	if (x == NULL || y == NULL)
+		return 1;
+	return dcrypto_p256_base_point_mul(d, x, y);
 }