From b7ff375ac6577edbbed3296c5b93ca999cca2ca8 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Wed, 12 Apr 2023 13:06:37 -0700
Subject: [PATCH] Fix PKA build error with SP sign. Fix U5/H5/H7 hashing, which
 require a workaround to write an extra 32-bit to flush FIFO before
 save/restore.

---
 wolfcrypt/src/port/st/stm32.c     | 12 +++++++++++-
 wolfssl/wolfcrypt/port/st/stm32.h |  7 +++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/wolfcrypt/src/port/st/stm32.c b/wolfcrypt/src/port/st/stm32.c
index 3da7d90ee..c0208127e 100644
--- a/wolfcrypt/src/port/st/stm32.c
+++ b/wolfcrypt/src/port/st/stm32.c
@@ -312,6 +312,13 @@ int wc_Stm32_Hash_Update(STM32_HASH_Context* stmCtx, word32 algo,
     }
 
     if (wroteToFifo) {
+    #ifdef STM32_HASH_FIFO_WORKAROUND
+        /* If we wrote a block send one more 32-bit to FIFO to trigger start.
+         * The save/restore feature cannot leave 16 deep FIFO filled. */
+        wc_Stm32_Hash_Data(stmCtx, 4);
+        stmCtx->fifoBytes += 4;
+    #endif
+
         /* make sure hash operation is done */
         ret = wc_Stm32_Hash_WaitDone(stmCtx);
 
@@ -868,7 +875,10 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
     res = mp_read_unsigned_bin(R->x, Gxbin, size);
     if (res == MP_OKAY) {
         res = mp_read_unsigned_bin(R->y, Gybin, size);
-#ifndef WOLFSSL_SP_MATH
+
+#if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
+    ((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+        defined(WOLFSSL_SP_INT_NEGATIVE))
         /* if k is negative, we compute the multiplication with abs(-k)
          * with result (x, y) and modify the result to (x, -y)
          */
diff --git a/wolfssl/wolfcrypt/port/st/stm32.h b/wolfssl/wolfcrypt/port/st/stm32.h
index 05d9d6423..f441072e8 100644
--- a/wolfssl/wolfcrypt/port/st/stm32.h
+++ b/wolfssl/wolfcrypt/port/st/stm32.h
@@ -71,6 +71,13 @@
 #define STM32_HASH_REG_SIZE  4
 #define STM32_HASH_FIFO_SIZE 16 /* FIFO is 16 deep 32-bits wide */
 
+#if (defined(WOLFSSL_STM32U5) || defined(WOLFSSL_STM32H5) || \
+    defined(WOLFSSL_STM32H7)) && !defined(NO_STM32_HASH_FIFO_WORKAROUND)
+    /* workaround for hash FIFO to write one extra to finalize */
+    #undef  STM32_HASH_FIFO_WORKAROUND
+    #define STM32_HASH_FIFO_WORKAROUND
+#endif
+
 
 /* STM32 Hash Context */
 typedef struct {