From bda44eda4a7ebff6a83344be9ae5cc090bda0789 Mon Sep 17 00:00:00 2001
From: Daniele Lacamera <dan@danielinux.net>
Date: Thu, 2 Nov 2023 14:25:25 +0100
Subject: [PATCH] IoT-SAFE: allow for 4B ID fields

---
 IDE/iotsafe/memory-tls.c                 |  5 ++++-
 IDE/iotsafe/user_settings.h              | 16 +++++++++++++++-
 wolfssl/wolfcrypt/port/iotsafe/iotsafe.h |  5 +++++
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/IDE/iotsafe/memory-tls.c b/IDE/iotsafe/memory-tls.c
index eff9f384d..96d921686 100644
--- a/IDE/iotsafe/memory-tls.c
+++ b/IDE/iotsafe/memory-tls.c
@@ -146,9 +146,12 @@ static int client_loop(void)
     #if (IOTSAFE_ID_SIZE == 1)
     byte cert_file_id, privkey_id, keypair_id, peer_pubkey_id, peer_cert_id, serv_cert_id;
     byte ca_cert_id;
-    #else
+    #elif (IOTSAFE_ID_SIZE == 2)
     word16 cert_file_id, privkey_id, keypair_id, peer_pubkey_id, peer_cert_id, serv_cert_id;
     word16 ca_cert_id;
+    #else
+    word32 cert_file_id, privkey_id, keypair_id, peer_pubkey_id, peer_cert_id, serv_cert_id;
+    word32 ca_cert_id;
     #endif
     cert_file_id = CRT_CLIENT_FILE_ID;
     privkey_id = PRIVKEY_ID;
diff --git a/IDE/iotsafe/user_settings.h b/IDE/iotsafe/user_settings.h
index f483b2cf2..3852464e8 100644
--- a/IDE/iotsafe/user_settings.h
+++ b/IDE/iotsafe/user_settings.h
@@ -34,7 +34,21 @@
  *   - Default: one-byte ID sim, with hardcoded server certificate
  */
 
-#ifdef TWO_BYTES_ID_DEMO
+#if defined(FOUR_BYTES_ID_DEMO)
+    #define IOTSAFE_ID_SIZE 2
+    #define CRT_CLIENT_FILE_ID  0xABCD3430     /* pre-provisioned */
+    #define CRT_SERVER_FILE_ID  0xABCD3330
+    #define PRIVKEY_ID          0xABCD3230     /* pre-provisioned */
+    #define ECDH_KEYPAIR_ID     0xABCD3330
+    #define PEER_PUBKEY_ID      0xABCD3730
+    #define PEER_CERT_ID        0xABCD3430
+
+    /* In this version of the demo, the server certificate is
+     * stored in a buffer, while the CA is read from a file slot in IoT-SAFE
+     */
+    #define SOFT_SERVER_CERT
+
+#elif defined(TWO_BYTES_ID_DEMO)
     #define IOTSAFE_ID_SIZE 2
     #define CRT_CLIENT_FILE_ID  0x3430     /* pre-provisioned */
     #define CRT_SERVER_FILE_ID  0x3330
diff --git a/wolfssl/wolfcrypt/port/iotsafe/iotsafe.h b/wolfssl/wolfcrypt/port/iotsafe/iotsafe.h
index 8f452ce6a..ba4d3bd7e 100644
--- a/wolfssl/wolfcrypt/port/iotsafe/iotsafe.h
+++ b/wolfssl/wolfcrypt/port/iotsafe/iotsafe.h
@@ -93,6 +93,11 @@ struct wc_IOTSAFE {
     word16 ecdh_keypair_slot;
     word16 peer_pubkey_slot;
     word16 peer_cert_slot;
+#elif (IOTSAFE_ID_SIZE == 4)
+    word32 privkey_id;
+    word32 ecdh_keypair_slot;
+    word32 peer_pubkey_slot;
+    word32 peer_cert_slot;
 #else
 #error "IOTSAFE: ID_SIZE not supported"
 #endif