From e4f6d79bbe70933d145479d89b45be265c26ca26 Mon Sep 17 00:00:00 2001
From: TTornblom <thomas.tornblom@iar.com>
Date: Thu, 16 Apr 2020 13:53:38 +0200
Subject: [PATCH 1/4] BUILD: Update For IAR support

Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 CMakeLists.txt          | 4 +++-
 library/constant_time.c | 2 +-
 library/psa_crypto.c    | 7 ++++++-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9092c494d..4d7e0b055 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -226,7 +226,9 @@ if(CMAKE_COMPILER_IS_CLANG)
 endif(CMAKE_COMPILER_IS_CLANG)
 
 if(CMAKE_COMPILER_IS_IAR)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts -Ohz")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts")
+    set(CMAKE_C_FLAGS_RELEASE     "-Ohz")
+    set(CMAKE_C_FLAGS_DEBUG       "--debug -On")
 endif(CMAKE_COMPILER_IS_IAR)
 
 if(CMAKE_COMPILER_IS_MSVC)
diff --git a/library/constant_time.c b/library/constant_time.c
index 832ded9e7..cb5003d02 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -78,7 +78,7 @@ static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsi
      */
     uint32_t r;
 #if defined(MBEDTLS_CT_ARM_ASM)
-    asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
+    __asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
 #elif defined(MBEDTLS_CT_AARCH64_ASM)
     asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :);
 #else
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2b9eca8f2..352756dc8 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7049,8 +7049,13 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                                size_t peer_key_length)
 {
     psa_status_t status;
+#if PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE != 0
     uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE];
+    size_t shared_secret_length = sizeof(shared_secret);
+#else
+    uint8_t *shared_secret = NULL;
     size_t shared_secret_length = 0;
+#endif
     psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg);
 
     /* Step 1: run the secret agreement algorithm to generate the shared
@@ -7059,7 +7064,7 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                             private_key,
                                             peer_key, peer_key_length,
                                             shared_secret,
-                                            sizeof(shared_secret),
+                                            shared_secret_length,
                                             &shared_secret_length);
     if (status != PSA_SUCCESS) {
         goto exit;

From 1ee4d1228ccd77a79d38a3dd3c1e200a39dfccf3 Mon Sep 17 00:00:00 2001
From: Antonio de Angelis <Antonio.deAngelis@arm.com>
Date: Wed, 16 Aug 2023 12:26:37 +0100
Subject: [PATCH 2/4] Fix error strings without quotes

Some of the error strings that should be printed with the
error preprocessor directive are missing quotes

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 library/aes.c                | 2 +-
 library/common.h             | 2 +-
 library/constant_time.c      | 2 +-
 library/entropy_poll.c       | 2 +-
 library/psa_crypto_storage.h | 2 +-
 library/x509_crt.c           | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index b55c08ab1..fa773ec60 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1866,7 +1866,7 @@ int mbedtls_aes_self_test(int verbose)
 #elif MBEDTLS_AESNI_HAVE_CODE == 2
         mbedtls_printf("  AES note: AESNI code present (intrinsics implementation).\n");
 #else
-#error Unrecognised value for MBEDTLS_AESNI_HAVE_CODE
+#error "Unrecognised value for MBEDTLS_AESNI_HAVE_CODE"
 #endif
         if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
             mbedtls_printf("  AES note: using AESNI.\n");
diff --git a/library/common.h b/library/common.h
index 97dc1d3de..3c472c685 100644
--- a/library/common.h
+++ b/library/common.h
@@ -288,7 +288,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r,
 /* Normal case (64-bit pointers): use "r" as the constraint for pointer operands to asm */
 #define MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT "r"
 #else
-#error Unrecognised pointer size for aarch64
+#error "Unrecognised pointer size for aarch64"
 #endif
 #endif
 
diff --git a/library/constant_time.c b/library/constant_time.c
index cb5003d02..4b71a3da4 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -82,7 +82,7 @@ static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsi
 #elif defined(MBEDTLS_CT_AARCH64_ASM)
     asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :);
 #else
-#error No assembly defined for mbedtls_get_unaligned_volatile_uint32
+#error "No assembly defined for mbedtls_get_unaligned_volatile_uint32"
 #endif
     return r;
 }
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index f90167ca8..bc71307f5 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -75,7 +75,7 @@ int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
     return 0;
 }
 #else /* !_WIN32_WINNT_WINXP */
-#error Entropy not available before Windows XP, use MBEDTLS_NO_PLATFORM_ENTROPY
+#error "Entropy not available before Windows XP, use MBEDTLS_NO_PLATFORM_ENTROPY"
 #endif /* !_WIN32_WINNT_WINXP */
 #else /* _WIN32 && !EFIX64 && !EFI32 */
 
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 04768f8a4..edd9b947c 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -39,7 +39,7 @@ extern "C" {
 /* Sanity check: a file size must fit in 32 bits. Allow a generous
  * 64kB of metadata. */
 #if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
-#error PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
+#error "PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000"
 #endif
 
 /** The maximum permitted persistent slot number.
diff --git a/library/x509_crt.c b/library/x509_crt.c
index b40bad2f4..2cbced210 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1599,7 +1599,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
 cleanup:
     FindClose(hFind);
 #else /* !_WIN32_WINNT_XP */
-#error mbedtls_x509_crt_parse_path not available before Windows XP
+#error "mbedtls_x509_crt_parse_path not available before Windows XP"
 #endif /* !_WIN32_WINNT_XP */
 #else /* _WIN32 */
     int t_ret;

From f1adc2a7a1e44feef10be3c311e5819fe0b2fd67 Mon Sep 17 00:00:00 2001
From: Antonio de Angelis <Antonio.deAngelis@arm.com>
Date: Wed, 16 Aug 2023 12:31:54 +0100
Subject: [PATCH 3/4] Use asm instead of __asm in constant_time.c

The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 library/constant_time.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/constant_time.c b/library/constant_time.c
index 4b71a3da4..12aed13f3 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -78,7 +78,7 @@ static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsi
      */
     uint32_t r;
 #if defined(MBEDTLS_CT_ARM_ASM)
-    __asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
+    asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
 #elif defined(MBEDTLS_CT_AARCH64_ASM)
     asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :);
 #else

From 8e9d6b927e2f36606b7c59f5b094cc5fa8637c3a Mon Sep 17 00:00:00 2001
From: Antonio de Angelis <Antonio.deAngelis@arm.com>
Date: Thu, 17 Aug 2023 15:27:54 +0100
Subject: [PATCH 4/4] Remove the workaround for psa_key_agreement_internal

Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 library/psa_crypto.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 352756dc8..2b9eca8f2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7049,13 +7049,8 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                                size_t peer_key_length)
 {
     psa_status_t status;
-#if PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE != 0
     uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE];
-    size_t shared_secret_length = sizeof(shared_secret);
-#else
-    uint8_t *shared_secret = NULL;
     size_t shared_secret_length = 0;
-#endif
     psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg);
 
     /* Step 1: run the secret agreement algorithm to generate the shared
@@ -7064,7 +7059,7 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                             private_key,
                                             peer_key, peer_key_length,
                                             shared_secret,
-                                            shared_secret_length,
+                                            sizeof(shared_secret),
                                             &shared_secret_length);
     if (status != PSA_SUCCESS) {
         goto exit;