From 0763ccf04f9a433bb02a98c467046fd049611ccd Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 14:32:30 +0100
Subject: [PATCH 01/19] Refactor ARIA_SELF_TEST_IF_FAIL macro

Change the ARIA_SELF_TEST_IF_FAIL macro to be more code-style friendly.
Currently it expands to the body of an if statement, which causes
problems for automatic brace-addition for if statements.

Convert the macro to a function-like macro that takes the condition as
an argument and expands to a full if statement inside a do {} while (0)
idiom.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/aria.c | 49 ++++++++++++++++++++++++-------------------------
 1 file changed, 24 insertions(+), 25 deletions(-)

diff --git a/library/aria.c b/library/aria.c
index bc05c4a319..43ca762e11 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -895,15 +895,17 @@ static const uint8_t aria_test2_ctr_ct[3][48] =         // CTR ciphertext
 };
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
-#define ARIA_SELF_TEST_IF_FAIL              \
-        {                                   \
-            if( verbose )                   \
-                mbedtls_printf( "failed\n" );       \
-            goto exit;                              \
-        } else {                            \
-            if( verbose )                   \
-                mbedtls_printf( "passed\n" );       \
-        }
+#define ARIA_SELF_TEST_IF_FAIL( cond )                  \
+        do {                                            \
+            if( cond ) {                                \
+                if( verbose )                           \
+                    mbedtls_printf( "failed\n" );       \
+                goto exit;                              \
+            } else {                                    \
+                if( verbose )                           \
+                    mbedtls_printf( "passed\n" );       \
+            }                                           \
+        } while( 0 )
 
 /*
  * Checkup routine
@@ -937,16 +939,18 @@ int mbedtls_aria_self_test( int verbose )
             mbedtls_printf( "  ARIA-ECB-%d (enc): ", 128 + 64 * i );
         mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i );
         mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk );
-        if( memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL(
+                memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE )
+                != 0 );
 
         /* test ECB decryption */
         if( verbose )
             mbedtls_printf( "  ARIA-ECB-%d (dec): ", 128 + 64 * i );
         mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i );
         mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk );
-        if( memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL(
+                memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE )
+                != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );
@@ -965,8 +969,8 @@ int mbedtls_aria_self_test( int verbose )
         memset( buf, 0x55, sizeof( buf ) );
         mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
             aria_test2_pt, buf );
-        if( memcmp( buf, aria_test2_cbc_ct[i], 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_cbc_ct[i], 48 )
+                != 0 );
 
         /* Test CBC decryption */
         if( verbose )
@@ -976,8 +980,7 @@ int mbedtls_aria_self_test( int verbose )
         memset( buf, 0xAA, sizeof( buf ) );
         mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
             aria_test2_cbc_ct[i], buf );
-        if( memcmp( buf, aria_test2_pt, 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_pt, 48 ) != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );
@@ -996,8 +999,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
             aria_test2_pt, buf );
-        if( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 );
 
         /* Test CFB decryption */
         if( verbose )
@@ -1008,8 +1010,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
             iv, aria_test2_cfb_ct[i], buf );
-        if( memcmp( buf, aria_test2_pt, 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_pt, 48 ) != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );
@@ -1027,8 +1028,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
             aria_test2_pt, buf );
-        if( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 );
 
         /* Test CTR decryption */
         if( verbose )
@@ -1039,8 +1039,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
             aria_test2_ctr_ct[i], buf );
-        if( memcmp( buf, aria_test2_pt, 48 ) != 0 )
-            ARIA_SELF_TEST_IF_FAIL;
+        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_pt, 48 ) != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );

From 3b2276a43922f600ac6a1bb80a25aca9548044ba Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 14:49:08 +0100
Subject: [PATCH 02/19] Refactor macro-spanning ifs in ssl_tls.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_tls.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f0615ea7d1..075a65b647 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1211,9 +1211,11 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
 #endif
 
 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    int free_cli_id = 1;
 #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
-    if( partial == 0 )
+    free_cli_id = ( partial == 0 );
 #endif
+    if( free_cli_id )
     {
         mbedtls_free( ssl->cli_id );
         ssl->cli_id = NULL;
@@ -7601,11 +7603,16 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
          *   sequence number).
          */
         transform->ivlen = 12;
+
+        int is_chachapoly = 0;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( key_type == PSA_KEY_TYPE_CHACHA20 )
+        is_chachapoly = ( key_type == PSA_KEY_TYPE_CHACHA20 );
 #else
-        if( mbedtls_cipher_info_get_mode( cipher_info ) == MBEDTLS_MODE_CHACHAPOLY )
+        is_chachapoly = ( mbedtls_cipher_info_get_mode( cipher_info )
+                == MBEDTLS_MODE_CHACHAPOLY );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+        if( is_chachapoly )
             transform->fixed_ivlen = 12;
         else
             transform->fixed_ivlen = 4;

From b21bbef06187b521df31151c1795716684400cef Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 17:49:31 +0100
Subject: [PATCH 03/19] Refactor macro-spanning if in ssl_tls12_client.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_tls12_client.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index d1ec55cfcb..ba39d89813 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -2471,9 +2471,11 @@ start_processing:
 
         if( ret != 0 )
         {
+            int send_alert_msg = 1;
 #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
-            if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+            send_alert_msg = ( ret != MBEDTLS_ERR_ECP_IN_PROGRESS );
 #endif
+            if( send_alert_msg )
                 mbedtls_ssl_send_alert_message(
                     ssl,
                     MBEDTLS_SSL_ALERT_LEVEL_FATAL,

From e0af39a2efd4463dd01cc37baa68b0db6514ea56 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 18:19:18 +0100
Subject: [PATCH 04/19] Refactor macro-spanning ifs in ssl_tls12_server.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_tls12_server.c | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 997f5848ea..fcf8e9a06e 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -714,11 +714,13 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
 #endif
         list = ssl->conf->key_cert;
 
+    int pk_alg_none = 0;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( pk_alg == PSA_ALG_NONE )
+    pk_alg_none = ( pk_alg == PSA_ALG_NONE );
 #else
-    if( pk_alg == MBEDTLS_PK_NONE )
+    pk_alg_none = ( pk_alg == MBEDTLS_PK_NONE );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if( pk_alg_none )
         return( 0 );
 
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) );
@@ -735,18 +737,21 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
         MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate",
                           cur->cert );
 
+        int key_type_mismatch = 0;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        if( ( ssl->conf->f_async_sign_start == NULL &&
-              ssl->conf->f_async_decrypt_start == NULL &&
-              ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) ||
-            ! mbedtls_pk_can_do_ext( &cur->cert->pk, pk_alg, pk_usage ) )
+        key_type_mismatch = ( ( ssl->conf->f_async_sign_start == NULL &&
+                    ssl->conf->f_async_decrypt_start == NULL &&
+                    ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) ||
+                ! mbedtls_pk_can_do_ext( &cur->cert->pk, pk_alg, pk_usage ) );
 #else
-        if( ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) )
+        key_type_mismatch = (
+                ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) );
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 #else
-        if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) )
+        key_type_mismatch = ( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
+        if( key_type_mismatch )
         {
             MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) );
             continue;
@@ -923,6 +928,8 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
 
+    int renegotiating;
+
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
 read_record_header:
 #endif
@@ -931,9 +938,11 @@ read_record_header:
      * otherwise read it ourselves manually in order to support SSLv2
      * ClientHello, which doesn't use the same record layer format.
      */
+    renegotiating = 0;
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    renegotiating = ( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE );
 #endif
+    if( !renegotiating )
     {
         if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 )
         {

From 4a28563e84946423ea1ae6c67d9de918d68b3708 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 18:30:10 +0100
Subject: [PATCH 05/19] Refactor macro-spanning ifs in ssl_client.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_client.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/library/ssl_client.c b/library/ssl_client.c
index e7453d5730..08cb3421e6 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -376,9 +376,11 @@ static int ssl_write_client_hello_cipher_suites(
     /*
      * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
      */
+    int renegotiating = 0;
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    renegotiating = ( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE );
 #endif
+    if( !renegotiating )
     {
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding EMPTY_RENEGOTIATION_INFO_SCSV" ) );
         MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
@@ -790,9 +792,11 @@ static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl )
      * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
      * generate and include a Session ID in the TLS ClientHello."
      */
+        int renegotiating = 0;
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-        if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+        renegotiating = ( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE );
 #endif
+        if( !renegotiating )
         {
             if( ( ssl->session_negotiate->ticket != NULL ) &&
                 ( ssl->session_negotiate->ticket_len != 0 ) )

From 10be134d8ef1e08862e1e2884dde3926e1435d0c Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 18:31:25 +0100
Subject: [PATCH 06/19] Refactor macro-spanning if in ssl_msg.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_msg.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index dbef29b3f9..f48f9f1b33 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -3851,8 +3851,8 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
 
             if( ssl_record_is_in_progress( ssl ) == 0 )
             {
+                int dtls_have_buffered = 0;
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-                int have_buffered = 0;
 
                 /* We only check for buffered messages if the
                  * current datagram is fully consumed. */
@@ -3860,11 +3860,11 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
                     ssl_next_record_is_in_datagram( ssl ) == 0 )
                 {
                     if( ssl_load_buffered_message( ssl ) == 0 )
-                        have_buffered = 1;
+                        dtls_have_buffered = 1;
                 }
 
-                if( have_buffered == 0 )
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
+                if( dtls_have_buffered == 0 )
                 {
                     ret = ssl_get_next_record( ssl );
                     if( ret == MBEDTLS_ERR_SSL_CONTINUE_PROCESSING )

From 21b89761f899c9b40f03500c98910b855a5fe831 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 18:34:28 +0100
Subject: [PATCH 07/19] Refactor macro-spanning if in ssl_tls13_server.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_tls13_server.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 6591ecba00..f61c634b26 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -680,11 +680,13 @@ static int ssl_tls13_write_server_pre_shared_key_ext( mbedtls_ssl_context *ssl,
 
     *olen = 0;
 
+    int not_using_psk = 0;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
+    not_using_psk = ( mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) );
 #else
-    if( ssl->handshake->psk == NULL )
+    not_using_psk = ( ssl->handshake->psk == NULL );
 #endif
+    if( not_using_psk )
     {
         /* We shouldn't have called this extension writer unless we've
          * chosen to use a PSK. */

From 687262ca7d735499627ca09e66196b51c1bb1147 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 17:54:57 +0100
Subject: [PATCH 08/19] Refactor macro-spanning if in sha256.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/sha256.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/sha256.c b/library/sha256.c
index 4819ba3ad1..a20a3e96d0 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -665,9 +665,11 @@ int mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
     MBEDTLS_PUT_UINT32_BE( ctx->state[5], output, 20 );
     MBEDTLS_PUT_UINT32_BE( ctx->state[6], output, 24 );
 
+    int truncated = 0;
 #if defined(MBEDTLS_SHA224_C)
-    if( ctx->is224 == 0 )
+    truncated = ctx->is224;
 #endif
+    if( !truncated )
         MBEDTLS_PUT_UINT32_BE( ctx->state[7], output, 28 );
 
     return( 0 );

From 2788f6b6685c8c0e41e7ee57e788a07b99edfb43 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 18:45:09 +0100
Subject: [PATCH 09/19] Refactor macro-spanning if in sha512.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/sha512.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/sha512.c b/library/sha512.c
index f96580db52..9be05cb7ee 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -820,9 +820,11 @@ int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
     sha512_put_uint64_be( ctx->state[4], output, 32 );
     sha512_put_uint64_be( ctx->state[5], output, 40 );
 
+    int truncated = 0;
 #if defined(MBEDTLS_SHA384_C)
-    if( ctx->is384 == 0 )
+    truncated = ctx->is384;
 #endif
+    if( !truncated )
     {
         sha512_put_uint64_be( ctx->state[6], output, 48 );
         sha512_put_uint64_be( ctx->state[7], output, 56 );

From 8a7629fd0ffc0709eb47cdaf4607e76f35fc009b Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 18:57:57 +0100
Subject: [PATCH 10/19] Refactor macro-spanning if in asn1write.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/asn1write.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/library/asn1write.c b/library/asn1write.c
index 053dbb669f..6c2a71f004 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -78,9 +78,11 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_
         return( 4 );
     }
 
+    int len_valid = 1;
 #if SIZE_MAX > 0xFFFFFFFF
-    if( len <= 0xFFFFFFFF )
+    len_valid = ( len <= 0xFFFFFFFF );
 #endif
+    if( len_valid )
     {
         if( *p - start < 5 )
             return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
@@ -92,10 +94,10 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_
         *--(*p) = 0x84;
         return( 5 );
     }
-
-#if SIZE_MAX > 0xFFFFFFFF
-    return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-#endif
+    else
+    {
+        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    }
 }
 
 int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start, unsigned char tag )

From fc735dffd600808fb998141274c8323e98bfb79f Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 19:11:04 +0100
Subject: [PATCH 11/19] Refactor macro-spanning ifs in ecp.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ecp.c | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/library/ecp.c b/library/ecp.c
index 009be61fc5..2cec0a0b0c 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -2287,12 +2287,14 @@ cleanup:
         mbedtls_free( T );
     }
 
-    /* don't free R while in progress in case R == P */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
-#endif
+    int should_free_R = 0;
     /* prevent caller from using invalid value */
-    if( ret != 0 )
+    should_free_R = ( ret != 0 );
+#if defined(MBEDTLS_ECP_RESTARTABLE)
+    /* don't free R while in progress in case R == P */
+    should_free_R = should_free_R && ( ret != MBEDTLS_ERR_ECP_IN_PROGRESS );
+#endif
+    if( should_free_R )
         mbedtls_ecp_point_free( R );
 
     ECP_RS_LEAVE( rsm );
@@ -2537,10 +2539,12 @@ static int ecp_mul_restartable_internal( mbedtls_ecp_group *grp, mbedtls_ecp_poi
         MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
 #endif /* MBEDTLS_ECP_INTERNAL_ALT */
 
+    int restarting = 0;
 #if defined(MBEDTLS_ECP_RESTARTABLE)
-    /* skip argument check when restarting */
-    if( rs_ctx == NULL || rs_ctx->rsm == NULL )
+    restarting = ( rs_ctx != NULL && rs_ctx->rsm != NULL );
 #endif
+    /* skip argument check when restarting */
+    if( !restarting )
     {
         /* check_privkey is free */
         MBEDTLS_ECP_BUDGET( MBEDTLS_ECP_OPS_CHK );

From 91e20a0580b811cbb398b7a9e8d2a9fc26145858 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Thu, 6 Oct 2022 19:11:28 +0100
Subject: [PATCH 12/19] Refactor macro-spanning ifs in ecdh.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ecdh.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/ecdh.c b/library/ecdh.c
index 35ab1b7044..c9c2e06bd1 100644
--- a/library/ecdh.c
+++ b/library/ecdh.c
@@ -71,10 +71,12 @@ static int ecdh_gen_public_restartable( mbedtls_ecp_group *grp,
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    /* If multiplication is in progress, we already generated a privkey */
+    int restarting = 0;
 #if defined(MBEDTLS_ECP_RESTARTABLE)
-    if( rs_ctx == NULL || rs_ctx->rsm == NULL )
+    restarting = ( rs_ctx != NULL && rs_ctx->rsm != NULL );
 #endif
+    /* If multiplication is in progress, we already generated a privkey */
+    if( !restarting )
         MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, d, f_rng, p_rng ) );
 
     MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, Q, d, &grp->G,

From f160ef1dd1b9888555a16f7d0883f603bb40e4cb Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Mon, 24 Oct 2022 13:11:38 +0100
Subject: [PATCH 13/19] Refactor macro-spanning if in ssl_client2.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 programs/ssl/ssl_client2.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 6377162b2d..2060c8c177 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1732,15 +1732,17 @@ int main( int argc, char *argv[] )
             if( ret != 0 )
                 break;
         }
-        if( ret == 0 )
 #endif /* MBEDTLS_PEM_PARSE_C */
-        for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
+        if( ret == 0 )
         {
-            ret = mbedtls_x509_crt_parse_der( &cacert,
-                         (const unsigned char *) mbedtls_test_cas_der[i],
-                         mbedtls_test_cas_der_len[i] );
-            if( ret != 0 )
-                break;
+            for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
+            {
+                ret = mbedtls_x509_crt_parse_der( &cacert,
+                             (const unsigned char *) mbedtls_test_cas_der[i],
+                             mbedtls_test_cas_der_len[i] );
+                if( ret != 0 )
+                    break;
+            }
         }
     }
     if( ret < 0 )

From 3f44e5b11a140bb62dc45df9c9cae2c7b1a4dfd4 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Mon, 24 Oct 2022 13:12:19 +0100
Subject: [PATCH 14/19] Refactor macro-spanning if in ssl_server2.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 programs/ssl/ssl_server2.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 7526bc6cf5..5f84f9fc30 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2537,15 +2537,17 @@ int main( int argc, char *argv[] )
             if( ret != 0 )
                 break;
         }
-        if( ret == 0 )
 #endif /* MBEDTLS_PEM_PARSE_C */
-        for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
+        if( ret == 0 )
         {
-            ret = mbedtls_x509_crt_parse_der( &cacert,
-                         (const unsigned char *) mbedtls_test_cas_der[i],
-                         mbedtls_test_cas_der_len[i] );
-            if( ret != 0 )
-                break;
+            for( i = 0; mbedtls_test_cas_der[i] != NULL; i++ )
+            {
+                ret = mbedtls_x509_crt_parse_der( &cacert,
+                             (const unsigned char *) mbedtls_test_cas_der[i],
+                             mbedtls_test_cas_der_len[i] );
+                if( ret != 0 )
+                    break;
+            }
         }
     }
     if( ret < 0 )

From 059848ff23682e04773145ff72807feb2155d2da Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 25 Oct 2022 10:16:45 +0100
Subject: [PATCH 15/19] Minor changes to asn1write.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/asn1write.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/library/asn1write.c b/library/asn1write.c
index 6c2a71f004..ee743d84e1 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -78,11 +78,11 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_
         return( 4 );
     }
 
-    int len_valid = 1;
+    int len_is_valid = 1;
 #if SIZE_MAX > 0xFFFFFFFF
-    len_valid = ( len <= 0xFFFFFFFF );
+    len_is_valid = ( len <= 0xFFFFFFFF );
 #endif
-    if( len_valid )
+    if( len_is_valid )
     {
         if( *p - start < 5 )
             return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
@@ -94,10 +94,8 @@ int mbedtls_asn1_write_len( unsigned char **p, const unsigned char *start, size_
         *--(*p) = 0x84;
         return( 5 );
     }
-    else
-    {
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-    }
+
+    return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
 }
 
 int mbedtls_asn1_write_tag( unsigned char **p, const unsigned char *start, unsigned char tag )

From 9b0eb90131d97974cd82d0f1addcdbc34278caef Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 25 Oct 2022 10:23:34 +0100
Subject: [PATCH 16/19] Rename ARIA_SELF_TEST_IF_FAIL

Change to ARIA_SELF_TEST_ASSERT

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/aria.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/library/aria.c b/library/aria.c
index 43ca762e11..f3c15dabba 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -895,7 +895,7 @@ static const uint8_t aria_test2_ctr_ct[3][48] =         // CTR ciphertext
 };
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
-#define ARIA_SELF_TEST_IF_FAIL( cond )                  \
+#define ARIA_SELF_TEST_ASSERT( cond )                   \
         do {                                            \
             if( cond ) {                                \
                 if( verbose )                           \
@@ -939,7 +939,7 @@ int mbedtls_aria_self_test( int verbose )
             mbedtls_printf( "  ARIA-ECB-%d (enc): ", 128 + 64 * i );
         mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i );
         mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk );
-        ARIA_SELF_TEST_IF_FAIL(
+        ARIA_SELF_TEST_ASSERT(
                 memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE )
                 != 0 );
 
@@ -948,7 +948,7 @@ int mbedtls_aria_self_test( int verbose )
             mbedtls_printf( "  ARIA-ECB-%d (dec): ", 128 + 64 * i );
         mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i );
         mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk );
-        ARIA_SELF_TEST_IF_FAIL(
+        ARIA_SELF_TEST_ASSERT(
                 memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE )
                 != 0 );
     }
@@ -969,7 +969,7 @@ int mbedtls_aria_self_test( int verbose )
         memset( buf, 0x55, sizeof( buf ) );
         mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
             aria_test2_pt, buf );
-        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_cbc_ct[i], 48 )
+        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cbc_ct[i], 48 )
                 != 0 );
 
         /* Test CBC decryption */
@@ -980,7 +980,7 @@ int mbedtls_aria_self_test( int verbose )
         memset( buf, 0xAA, sizeof( buf ) );
         mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
             aria_test2_cbc_ct[i], buf );
-        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_pt, 48 ) != 0 );
+        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );
@@ -999,7 +999,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
             aria_test2_pt, buf );
-        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 );
+        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 );
 
         /* Test CFB decryption */
         if( verbose )
@@ -1010,7 +1010,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
             iv, aria_test2_cfb_ct[i], buf );
-        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_pt, 48 ) != 0 );
+        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );
@@ -1028,7 +1028,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
             aria_test2_pt, buf );
-        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 );
+        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 );
 
         /* Test CTR decryption */
         if( verbose )
@@ -1039,7 +1039,7 @@ int mbedtls_aria_self_test( int verbose )
         j = 0;
         mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
             aria_test2_ctr_ct[i], buf );
-        ARIA_SELF_TEST_IF_FAIL( memcmp( buf, aria_test2_pt, 48 ) != 0 );
+        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
     }
     if( verbose )
         mbedtls_printf( "\n" );

From 6e11687ba58a205792af927f02529f380dd0043f Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 25 Oct 2022 10:32:08 +0100
Subject: [PATCH 17/19] Minor improvements to ecp.c changes

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ecp.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/ecp.c b/library/ecp.c
index 2cec0a0b0c..8326aa138c 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -2287,12 +2287,12 @@ cleanup:
         mbedtls_free( T );
     }
 
-    int should_free_R = 0;
     /* prevent caller from using invalid value */
-    should_free_R = ( ret != 0 );
+    int should_free_R = ( ret != 0 );
 #if defined(MBEDTLS_ECP_RESTARTABLE)
     /* don't free R while in progress in case R == P */
-    should_free_R = should_free_R && ( ret != MBEDTLS_ERR_ECP_IN_PROGRESS );
+    if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+        should_free_R = 0;
 #endif
     if( should_free_R )
         mbedtls_ecp_point_free( R );

From 7aee0ec0ba11c3c74002ccd63b1181fee6f576e4 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 25 Oct 2022 10:38:25 +0100
Subject: [PATCH 18/19] Minor improvements in ssl_client.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_client.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/ssl_client.c b/library/ssl_client.c
index 08cb3421e6..bfa1c747b1 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -794,7 +794,8 @@ static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl )
      */
         int renegotiating = 0;
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-        renegotiating = ( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE );
+        if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+            renegotiating = 1;
 #endif
         if( !renegotiating )
         {

From 3a334c2edcd16b184d3a83a0b84e6ad1cfe8e404 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 25 Oct 2022 10:53:44 +0100
Subject: [PATCH 19/19] Minor improvements to ssl_tls12_server.c

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/ssl_tls12_server.c | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index fcf8e9a06e..d4760a3a63 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -714,13 +714,13 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
 #endif
         list = ssl->conf->key_cert;
 
-    int pk_alg_none = 0;
+    int pk_alg_is_none = 0;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    pk_alg_none = ( pk_alg == PSA_ALG_NONE );
+    pk_alg_is_none = ( pk_alg == PSA_ALG_NONE );
 #else
-    pk_alg_none = ( pk_alg == MBEDTLS_PK_NONE );
+    pk_alg_is_none = ( pk_alg == MBEDTLS_PK_NONE );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
-    if( pk_alg_none )
+    if( pk_alg_is_none )
         return( 0 );
 
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) );
@@ -737,21 +737,21 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
         MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate",
                           cur->cert );
 
-        int key_type_mismatch = 0;
+        int key_type_matches = 0;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
-        key_type_mismatch = ( ( ssl->conf->f_async_sign_start == NULL &&
-                    ssl->conf->f_async_decrypt_start == NULL &&
-                    ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) ||
-                ! mbedtls_pk_can_do_ext( &cur->cert->pk, pk_alg, pk_usage ) );
+        key_type_matches = ( ( ssl->conf->f_async_sign_start != NULL ||
+                    ssl->conf->f_async_decrypt_start != NULL ||
+                    mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) ) &&
+                mbedtls_pk_can_do_ext( &cur->cert->pk, pk_alg, pk_usage ) );
 #else
-        key_type_mismatch = (
-                ! mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) );
+        key_type_matches = (
+                mbedtls_pk_can_do_ext( cur->key, pk_alg, pk_usage ) );
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 #else
-        key_type_mismatch = ( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) );
+        key_type_matches = mbedtls_pk_can_do( &cur->cert->pk, pk_alg );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
-        if( key_type_mismatch )
+        if( !key_type_matches )
         {
             MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) );
             continue;