Просмотр исходного кода

fix formatting infractions in the ports (hard tabs, trailing whitespace, C++ comments, stray Unicode including numerous homoglyphs).

Daniel Pouzzner 6 месяцев назад
Родитель
Сommit
e862c85db4
35 измененных файлов с 437 добавлено и 434 удалено
  1. 17 17
      wolfcrypt/src/port/Espressif/esp32_mp.c
  2. 1 1
      wolfcrypt/src/port/Renesas/renesas_common.c
  3. 20 20
      wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c
  4. 38 38
      wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c
  5. 13 13
      wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c
  6. 9 9
      wolfcrypt/src/port/Renesas/renesas_fspsm_util.c
  7. 7 7
      wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
  8. 40 40
      wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
  9. 11 11
      wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
  10. 132 130
      wolfcrypt/src/port/Renesas/renesas_tsip_util.c
  11. 1 1
      wolfcrypt/src/port/af_alg/wc_afalg.c
  12. 8 8
      wolfcrypt/src/port/atmel/atmel.c
  13. 1 1
      wolfcrypt/src/port/caam/caam_driver.c
  14. 3 2
      wolfcrypt/src/port/caam/caam_qnx.c
  15. 1 1
      wolfcrypt/src/port/caam/wolfcaam_hash.c
  16. 1 1
      wolfcrypt/src/port/caam/wolfcaam_init.c
  17. 9 9
      wolfcrypt/src/port/cuda/aes-cuda.cu
  18. 4 4
      wolfcrypt/src/port/intel/quickassist_sync.c
  19. 5 5
      wolfcrypt/src/port/iotsafe/iotsafe.c
  20. 1 1
      wolfcrypt/src/port/maxim/maxq10xx.c
  21. 16 16
      wolfcrypt/src/port/nxp/ksdk_port.c
  22. 1 1
      wolfcrypt/src/port/nxp/se050_port.c
  23. 1 1
      wolfcrypt/src/port/pic32/pic32mz-crypt.c
  24. 1 1
      wolfcrypt/src/port/st/stsafe.c
  25. 2 2
      wolfcrypt/src/port/ti/ti-hash.c
  26. 3 3
      wolfcrypt/src/port/xilinx/xil-aesgcm.c
  27. 1 1
      wolfcrypt/src/port/xilinx/xil-versal-glue.c
  28. 3 3
      wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
  29. 2 2
      wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h
  30. 35 35
      wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
  31. 6 6
      wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
  32. 2 2
      wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
  33. 4 4
      wolfssl/wolfcrypt/port/caam/wolfcaam.h
  34. 1 1
      wolfssl/wolfcrypt/port/liboqs/liboqs.h
  35. 37 37
      wolfssl/wolfcrypt/port/nxp/ksdk_port.h

+ 17 - 17
wolfcrypt/src/port/Espressif/esp32_mp.c

@@ -23,15 +23,15 @@
  * See ESP32 Technical Reference Manual - RSA Accelerator Chapter
  *
  * esp_mp_exptmod()  Large Number Modular Exponentiation Z = X^Y mod M
- * esp_mp_mulmod()   Large Number Modular Multiplication Z = X × Y mod M
- * esp_mp_mul()      Large Number Multiplication         Z = X × Y
+ * esp_mp_mulmod()   Large Number Modular Multiplication Z = X * Y mod M
+ * esp_mp_mul()      Large Number Multiplication         Z = X * Y
  *
  * The ESP32 RSA Accelerator supports operand lengths of:
- * N  {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096} bits. The bit length
+ * N in {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096} bits. The bit length
  * of arguments Z, X, Y , M, and r can be any one from the N set, but all
  * numbers in a calculation must be of the same length.
  *
- * The bit length of M is always 32.
+ * The bit length of M' is always 32.
  *
  * Also, beware: "we have uint32_t == unsigned long for both Xtensa and RISC-V"
  * see https://github.com/espressif/esp-idf/issues/9511#issuecomment-1207342464
@@ -1285,8 +1285,8 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
     Zs = Xs + Ys;
 
     /* RSA Accelerator only supports Large Number Multiplication
-     * with operand length N = 32 × x,
-     * where x  {1, 2, 3, . . . , 64} */
+     * with operand length N = 32 * x,
+     * where x in {1, 2, 3, . . . , 64} */
     if (Xs > 64 || Ys > 64) {
         return MP_HW_FALLBACK; /* TODO add count metric on size fallback */
     }
@@ -1334,7 +1334,7 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
 
     /* Y (left-extend)
      * Accelerator supports large-number multiplication with only
-     * four operand lengths of N  {512, 1024, 1536, 2048} */
+     * four operand lengths of N in {512, 1024, 1536, 2048} */
     left_pad_offset = maxWords_sz << 2;
     if (left_pad_offset <= 512 >> 3) {
         left_pad_offset = 512 >> 3; /* 64 bytes (16 words) */
@@ -1583,10 +1583,10 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
          *    0 => no interrupt; 1 => interrupt on completion. */
         DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
         /* 2. Write number of words required for result. */
-        /* see 21.3.3 Write (/N16  1) to the RSA_MODE_REG register */
+        /* see 21.3.3 Write (/N16 - 1) to the RSA_MODE_REG register */
         DPORT_REG_WRITE(RSA_MODE_REG, (hwWords_sz * 2 - 1));
 
-        /* 3. Write Xi and Yi for ∈ {0, 1, . . . , n − 1} to memory blocks
+        /* 3. Write Xi and Yi for {0, 1, . . . , n - 1} to memory blocks
          * RSA_X_MEM and RSA_Z_MEM
          * Maximum is 64 words (64*8*4 = 2048 bits) */
         esp_mpint_to_memblock(RSA_X_MEM,
@@ -1796,7 +1796,7 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
  *
  * See 24.3.3 of the ESP32 Technical Reference Manual
  *
- * Z = X × Y mod M */
+ * Z = X * Y mod M */
 int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
 {
     struct esp_mp_helper mph[1]; /* we'll save some values in this mp helper */
@@ -1839,7 +1839,7 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
     /* do we have an even moduli? */
     if ((M->dp[0] & 1) == 0) {
 #ifndef NO_ESP_MP_MUL_EVEN_ALT_CALC
-        /*  Z = X × Y mod M in mixed HW & SW*/
+        /*  Z = X * Y mod M in mixed HW & SW*/
         ret = esp_mp_mul(X, Y, tmpZ); /* HW X * Y */
         if (ret == MP_OKAY) {
             /* z = tmpZ mod M, 0 <= Z < M */
@@ -1973,13 +1973,13 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
     *    or until the RSA_INTR interrupt is generated.
     *    (Or until the INTER interrupt is generated.)
     * 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
-    * 7. Write Yi (i ∈ [0, n) ∩ N) to RSA_X_MEM
+    * 7. Write Yi (i in [0, n) intersect N) to RSA_X_MEM
     *    Users need to write to the memory block only according to the length
     *    of the number. Data beyond this length is ignored.
     * 8. Write 1 to RSA_MULT_START_REG
     * 9. Wait for the second operation to be completed.
     *    Poll INTERRUPT_REG until it reads 1.
-    * 10. Read the Zi (i ∈ [0, n) ∩ N) from RSA_Z_MEM
+    * 10. Read the Zi (i in [0, n) intersect N) from RSA_Z_MEM
     * 11. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
     *
     * post: Release the HW engine
@@ -2500,15 +2500,15 @@ int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
  *  ESP32S3, Section 20.3.1, https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf
  *
  * The operation is based on Montgomery multiplication. Aside from the
- * arguments X, Y , and M, two additional ones are needed —r and M′
+ * arguments X, Y , and M, two additional ones are needed -r and M'
 .* These arguments are calculated in advance by software.
 .*
-.* The RSA Accelerator supports operand lengths of N  {512, 1024, 1536, 2048,
-.* 2560, 3072, 3584, 4096} bits on the ESP32 and N  [32, 4096] bits
+.* The RSA Accelerator supports operand lengths of N in {512, 1024, 1536, 2048,
+.* 2560, 3072, 3584, 4096} bits on the ESP32 and N in [32, 4096] bits
  * on the ESP32s3.
 .* The bit length of arguments Z, X, Y , M, and r can be any one from
  * the N set, but all numbers in a calculation must be of the same length.
-.* The bit length of M is always 32.
+.* The bit length of M' is always 32.
 .*
  * Z = (X ^ Y) mod M   : Espressif generic notation
  * Y = (G ^ X) mod P   : wolfSSL DH reference notation */

+ 1 - 1
wolfcrypt/src/port/Renesas/renesas_common.c

@@ -59,7 +59,7 @@ static int gdevId = 7890;           /* initial dev Id for Crypt Callback */
     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
 FSPSM_ST    *gCbCtx[MAX_FSPSM_CBINDEX];
 #elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-	    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+            defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 #define FSPSM_ST       TsipUserCtx;
 #define MAX_FSPSM_CBINDEX 5
 TsipUserCtx *gCbCtx[MAX_FSPSM_CBINDEX];

+ 20 - 20
wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c

@@ -72,7 +72,7 @@ typedef fsp_err_t (*aesGcmDecFinalFn)
 
 #if defined(WOLFSSL_RENESAS_RSIP)
 /* wrapper for Gcm encrypt init */
-static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h, 
+static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h,
                                         FSPSM_AES_PWKEY k, uint8_t* iv,
                                         uint32_t iv_l)
 {
@@ -81,8 +81,8 @@ static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h,
                                             (uint8_t* const)iv, iv_l);
 }
 /* wrapper for Gcm encrypt update */
-static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h, 
-        uint8_t* p_plain, uint8_t* p_cipher, uint32_t plain_length, 
+static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h,
+        uint8_t* p_plain, uint8_t* p_cipher, uint32_t plain_length,
         uint8_t* p_add, uint32_t add_len)
 {
     (void) h;
@@ -93,8 +93,8 @@ static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h,
                                       (uint32_t const) add_len);
 }
 /* wrapper for Gcm encrypt final */
-static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h, 
-                                        uint8_t* p_cipher, uint32_t* c_len, 
+static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h,
+                                        uint8_t* p_cipher, uint32_t* c_len,
                                         uint8_t* p_atag)
 {
     (void) h;
@@ -103,7 +103,7 @@ static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h,
                                       (uint8_t* const) p_atag);
 }
 /* wrapper for Gcm decrypt init */
-static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h, 
+static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h,
                                 FSPSM_AES_PWKEY k, uint8_t* iv, uint32_t iv_l)
 {
     (void) h;
@@ -111,8 +111,8 @@ static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h,
                                                     (uint8_t* const)iv, iv_l);
 }
 /* wrapper for Gcm decrypt update */
-static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h, 
-        uint8_t* p_cipher, uint8_t* p_plain, uint32_t c_length, 
+static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h,
+        uint8_t* p_cipher, uint8_t* p_plain, uint32_t c_length,
         uint8_t* p_add, uint32_t add_len)
 {
     (void) h;
@@ -123,8 +123,8 @@ static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h,
                                       (uint32_t const) add_len);
 }
 /* wrapper for Gcm decrypt final */
-static fsp_err_t _R_RSIP_AES_GCM_DecryptFinal(FSPSM_AESGCM_HANDLE* h, 
-                                        uint8_t* p_plain, uint32_t* plain_len, 
+static fsp_err_t _R_RSIP_AES_GCM_DecryptFinal(FSPSM_AESGCM_HANDLE* h,
+                                        uint8_t* p_plain, uint32_t* plain_len,
                                         uint8_t* p_atag, uint32_t atag_len)
 {
     (void) h;
@@ -241,7 +241,7 @@ WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
     FSPSM_AES_PWKEY      key_client_aes = NULL;
     FSPSM_AES_PWKEY      key_server_aes = NULL;
     (void) key_server_aes;
-    
+
     /* sanity check */
     if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
         return BAD_FUNC_ARG;
@@ -282,7 +282,7 @@ WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
         aTagBuf   = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
                                                         DYNAMIC_TYPE_AES);
 
-        if ((sz > 0 && plainBuf == NULL) || 
+        if ((sz > 0 && plainBuf == NULL) ||
             ((sz + delta) > 0 && cipherBuf == NULL) || aTagBuf == NULL) {
             WOLFSSL_MSG("wc_fspsm_AesGcmEncrypt: buffer allocation failed");
             ret = -1;
@@ -293,7 +293,7 @@ WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
             XMEMSET((void*)cipherBuf, 0, sz + delta);
             XMEMSET((void*)authTag,   0, authTagSz);
         }
-        
+
       #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
        if (ret == 0 &&
            info->keyflgs_tls.bits.session_key_set == 1) {
@@ -310,7 +310,7 @@ WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
                 XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
                 return MEMORY_E;
             }
-            
+
             ret = FSPSM_SESSIONKEY_GEN_FUNC(
                     info->cipher,
                     (uint32_t*)info->masterSecret,
@@ -514,7 +514,7 @@ WOLFSSL_LOCAL int  wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
                 XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
                 return MEMORY_E;
             }
-            
+
             ret = FSPSM_SESSIONKEY_GEN_FUNC(
                     info->cipher,
                     (uint32_t*)info->masterSecret,
@@ -547,7 +547,7 @@ WOLFSSL_LOCAL int  wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
                 ret = -1;
             }
         }
-        
+
         if (ret == 0) {
             /* since key_index has iv and ivSz in it, no need to pass them init
              * func. Pass NULL and 0 as 3rd and 4th parameter respectively.
@@ -769,7 +769,7 @@ WOLFSSL_LOCAL void wc_fspsm_Aesfree(Aes* aes)
     }
 #else
     if (aes->ctx.wrapped_key) {
-        /* aes ctx just points user created wrapped key 
+        /* aes ctx just points user created wrapped key
          * in the case of CryptOnly Mode
          * therefore, it just sets pointing to NULL.
          * user key should be freed by owner(user)
@@ -785,8 +785,8 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
 {
     (void) userKey;
     (void) dir;
-    
-    if (aes == NULL || userKey == NULL || 
+
+    if (aes == NULL || userKey == NULL ||
             !((keylen == 16) || (keylen == 32))) {
         return BAD_FUNC_ARG;
     }
@@ -806,7 +806,7 @@ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
     aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)userKey;
     aes->keylen = (int)keylen;
     aes->ctx.keySize = keylen;
-    
+
     return wc_AesSetIV(aes, iv);
 }
 #endif

+ 38 - 38
wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c

@@ -40,7 +40,7 @@
 extern FSPSM_INSTANCE   gFSPSM_ctrl;
 #endif
 
-/* Set Ctx pointer to NULL. 
+/* Set Ctx pointer to NULL.
  * A created wrapped key should be freed by user
  *
  * key    RsaKey object
@@ -122,23 +122,23 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
                     struct WC_RNG* rng)
 {
     int ret;
-    
+
     FSPSM_RSA_DATA plain;
     FSPSM_RSA_DATA cipher;
-    
+
     int keySize;
-    
+
     (void) key;
     (void) rng;
-    
+
     /* sanity check */
     if (in == NULL || out == NULL ||
       ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
         return BAD_FUNC_ARG;
     }
-    
+
     keySize = (int)key->ctx.keySz;
-    
+
     if (keySize == 0) {
         WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
                                                         "1024 or 2048 bits.");
@@ -147,7 +147,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
 
     if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (type == RSA_PUBLIC_ENCRYPT) {
-            
+
             plain.pdata = (byte*)in;
             plain.data_length = inLen;
             cipher.pdata = out;
@@ -169,7 +169,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
             plain.data_length = *outLen;
             cipher.pdata = (byte*)in;
             cipher.data_length = inLen;
-            
+
             if (keySize == 1024) {
                 ret = FSPSM_RSA1024_PKCSDEC_FUNC(&cipher, &plain,
                             (FSPSM_RSA1024_WPI_KEY*)
@@ -181,7 +181,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
                                 key->ctx.wrapped_pri2048_key, &outLen);
             }
         }
-        
+
         wc_fspsm_hw_unlock();
     }
     return ret;
@@ -189,7 +189,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
 
 /* Perform Rsa sign by FSP SM
  * Assumes to be called by Crypt Callback
- * 
+ *
  * in     Buffer to hold plaintext
  * inLen  Length of plaintext in bytes
  * out    Buffer to hold generated signature
@@ -198,40 +198,40 @@ WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
  * ctx    The callback context
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
- 
+
 WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
                     word32* outLen, struct RsaKey* key, void* ctx)
 {
     int ret;
-    
+
     FSPSM_RSA_DATA message_hash;
     FSPSM_RSA_DATA signature;
     FSPSM_ST    *info = (FSPSM_ST*)ctx;
     int keySize;
-    
+
     /* sanity check */
     if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL ||
       ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
         return BAD_FUNC_ARG;
     }
-    
+
     keySize = (int)key->ctx.keySz;
-    
+
     message_hash.pdata = (byte *)in;
     message_hash.data_length = inLen;
-    message_hash.data_type = 
+    message_hash.data_type =
             info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
     signature.pdata = out;
     signature.data_length = (word32*)outLen;
-    
+
     #if defined(WOLFSSL_RENESAS_RSIP)
-    message_hash.hash_type = signature.hash_type = 
+    message_hash.hash_type = signature.hash_type =
                 info->hash_type;   /* hash type */
     #endif
-    
+
     if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (keySize == 1024) {
-            
+
             ret = FSPSM_RSA1024_SIGN_FUNC(&message_hash,
                         &signature,
                         (FSPSM_RSA1024_WPI_KEY *)
@@ -239,23 +239,23 @@ WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
                         HW_SCE_RSA_HASH_SHA256);
         }
         else {
-            
+
             ret = FSPSM_RSA2048_SIGN_FUNC(&message_hash,
                         &signature,
                         (FSPSM_RSA2048_WPI_KEY *)
                                     key->ctx.wrapped_pri2048_key,
                         HW_SCE_RSA_HASH_SHA256);
         }
-        
+
         wc_fspsm_hw_unlock();
     }
-    
+
     return ret;
 }
 
 /* Perform Rsa verify by FSP SM
  * Assumes to be called by Crypt Callback
- * 
+ *
  * in     Buffer to hold plaintext
  * inLen  Length of plaintext in bytes
  * out    Buffer to hold generated signature
@@ -264,40 +264,40 @@ WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
  * ctx    The callback context
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
- 
+
 WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
                     word32* outLen,struct RsaKey* key, void* ctx)
 {
     int ret;
-    
+
     FSPSM_RSA_DATA message_hash;
     FSPSM_RSA_DATA signature;
     FSPSM_ST    *info = (FSPSM_ST*)ctx;
     int keySize;
-    
+
     (void) key;
-    
+
     /* sanity check */
     if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL ||
       ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
         return BAD_FUNC_ARG;
     }
-    
+
     keySize = (int)key->ctx.keySz;
-    
-    
+
+
     message_hash.pdata =(byte*)in;
     message_hash.data_length = inLen;
-    message_hash.data_type = 
+    message_hash.data_type =
             info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
-    
+
     signature.pdata = out;
     signature.data_length = (word32*)outLen;
     #if defined(WOLFSSL_RENESAS_RSIP)
-    message_hash.hash_type = signature.hash_type = 
+    message_hash.hash_type = signature.hash_type =
                 info->hash_type;   /* hash type */
     #endif
-    
+
     if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (keySize == 1024) {
             ret = FSPSM_RSA1024_VRY_FUNC(&signature,
@@ -307,7 +307,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
                   HW_SCE_RSA_HASH_SHA256);
         }
         else {
-                ret = FSPSM_RSA2048_VRY_FUNC(&signature, 
+                ret = FSPSM_RSA2048_VRY_FUNC(&signature,
                     &message_hash,
                     (FSPSM_RSA2048_WPB_KEY *)
                          key->ctx.wrapped_pub2048_key,
@@ -315,7 +315,7 @@ WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
         }
         wc_fspsm_hw_unlock();
     }
-    
+
     return ret;
 }
 

+ 13 - 13
wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c

@@ -149,14 +149,14 @@ static int FSPSM_HashInit(wolfssl_FSPSM_Hash* hash, void* heap, int devId,
     XMEMSET(hash, 0, sizeof(wolfssl_FSPSM_Hash));
     hash->sha_type = sha_type;
     hash->heap = heap;
-    
+
 #if defined(WOLFSSL_RENESAS_SCEPROTECT)
     hash->len  = 0;
     hash->used = 0;
     hash->msg  = NULL;
-    
+
 #elif defined(WOLFSSL_RENESAS_RSIP)
-    
+
     switch(hash->sha_type) {
     case FSPSM_SHA1:
         Init = FSPSM_SHA1_Init;
@@ -244,7 +244,7 @@ static int FSPSM_HashUpdate(wolfssl_FSPSM_Hash* hash,
     XMEMCPY(hash->msg + hash->used, data , sz);
     hash->used += sz;
 #elif defined(WOLFSSL_RENESAS_RSIP)
-    
+
     switch(hash->sha_type) {
     case FSPSM_SHA1:
         Update = FSPSM_SHA1_Up;
@@ -309,7 +309,7 @@ static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
         Final = FSPSM_SHA256_Final;
     } else
         return BAD_FUNC_ARG;
-    
+
     wc_fspsm_hw_lock();
 
     if (Init(&handle) == FSP_SUCCESS) {
@@ -328,7 +328,7 @@ static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
         }
     }
     wc_fspsm_hw_unlock();
-    
+
 #elif defined(WOLFSSL_RENESAS_RSIP)
     switch(hash->sha_type) {
     case FSPSM_SHA1:
@@ -355,7 +355,7 @@ static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
     default:
         return BAD_FUNC_ARG;
     }
-    
+
     wc_fspsm_hw_lock();
     ret = Final(&hash->handle, out, (uint32_t*)&sz);
     if (ret != FSP_SUCCESS) {
@@ -380,7 +380,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
     fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
     uint32_t sz = 0;
     (void) outSz;
-    
+
 #if defined(WOLFSSL_RENESAS_SCEPROTECT)
     FSPSM_SHA_HANDLE handle;
     fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
@@ -401,7 +401,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
         Final = FSPSM_SHA256_Final;
     } else
         return BAD_FUNC_ARG;
-    
+
     wc_fspsm_hw_lock();
     if (Init(&handle) == FSP_SUCCESS) {
         ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
@@ -419,7 +419,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
         }
     }
     wc_fspsm_hw_unlock();
-    
+
 #elif defined(WOLFSSL_RENESAS_RSIP)
     switch(hash->sha_type) {
     case FSPSM_SHA1:
@@ -446,8 +446,8 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
     default:
         return BAD_FUNC_ARG;
     }
-    
-    
+
+
     if(FSPSM_HashCopy(hash, &hashCopy) != 0) {
         WOLFSSL_MSG("ShaCopy operation failed");
         WOLFSSL_ERROR(WC_HW_E);
@@ -461,7 +461,7 @@ static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
         ret = WC_HW_E;
     }
     wc_fspsm_hw_unlock();
-    
+
 #endif
 
     return ret;

+ 9 - 9
wolfcrypt/src/port/Renesas/renesas_fspsm_util.c

@@ -135,7 +135,7 @@ WOLFSSL_LOCAL int wc_fspsm_Open()
         if (ret != FSP_SUCCESS) {
             WOLFSSL_MSG("RENESAS SCE Open failed");
         }
-        
+
     #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
         if (ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
 
@@ -184,7 +184,7 @@ WOLFSSL_LOCAL void wc_fspsm_Close()
 }
 
 #define RANDGEN_WORDS  4
-WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 sz) 
+WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 sz)
 {
     /* Generate PRNG based on NIST SP800-90A AES CTR-DRBG */
     int ret = 0;
@@ -384,7 +384,7 @@ WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(WOLFSSL* ssl, const uint8_t* sig,
 
 #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
-    
+
 /* Callback for ECC shared secret */
 WOLFSSL_LOCAL int fspsm_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         uint8_t* pubKeyDer, unsigned int* pubKeySz,
@@ -723,7 +723,7 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
     Ciphers *dec;
     FSPSM_HMAC_WKEY key_client_mac;
     FSPSM_HMAC_WKEY key_server_mac;
-    
+
     FSPSM_AES_PWKEY key_client_aes = NULL;
     FSPSM_AES_PWKEY key_server_aes = NULL;
 
@@ -752,7 +752,7 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
             if (key_client_aes == NULL || key_server_aes == NULL) {
                 return MEMORY_E;
             }
-            
+
             ret = FSPSM_SESSIONKEY_GEN_FUNC(
                     GetSceCipherSuite(
                         ssl->options.cipherSuite0,
@@ -802,7 +802,7 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
                         return MEMORY_E;
                     }
                     XMEMSET(dec->aes, 0, sizeof(Aes));
-                    
+
                     dec->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
                                             (sizeof(FSPSM_AES_WKEY),
                                             aes->heap, DYNAMIC_TYPE_AE);
@@ -853,15 +853,15 @@ WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
             /* marked as session key is set */
             cbInfo->keyflgs_tls.bits.session_key_set = 1;
         }
-        
+
         if (key_client_aes)
             XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
         if (key_server_aes)
             XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
-        
+
         /* unlock hw */
         wc_fspsm_hw_unlock();
-        
+
     }
     else {
         WOLFSSL_LEAVE("hw lock failed", ret);

+ 7 - 7
wolfcrypt/src/port/Renesas/renesas_tsip_aes.c

@@ -86,9 +86,9 @@ typedef e_tsip_err_t (*Tls13AesDecFinalFn)
 
 
 /*  encrypt plain data.
- *  
+ *
  *  return cipher data size on success, negative value on failure.
- *         CRYPTOCB_UNAVAILABLE may be returned.   
+ *         CRYPTOCB_UNAVAILABLE may be returned.
  */
 WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
                             struct WOLFSSL* ssl,
@@ -166,7 +166,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
                                     cs,
                                     key,
                                     sz);
- 
+
         if (err != TSIP_SUCCESS) {
             WOLFSSL_MSG("R_TSIP_Tls13DecryptUpdate error");
             ret = WC_HW_E;
@@ -236,7 +236,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
 /* decrypt encrypted handshake data for TLSv1.3
  * AES-GCM or AES-CCM can be used
  * return 0 on success, otherwise on error.
- */ 
+ */
 WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
                             struct WOLFSSL* ssl,
                             byte* output,
@@ -627,7 +627,7 @@ int wc_tsip_AesGcmEncrypt(
     uint8_t* aadBuf    = NULL;
     const uint8_t* iv_l = NULL;
     uint32_t ivSz_l = 0;
-    
+
     tsip_aes_key_index_t key_client_aes;
     TsipUserCtx *userCtx;
 
@@ -722,10 +722,10 @@ int wc_tsip_AesGcmEncrypt(
                  XMEMCPY(&key_client_aes, &userCtx->user_aes128_key_index,
                         sizeof(tsip_aes_key_index_t));
             }
-            
+
             iv_l = iv;
             ivSz_l = ivSz;
-            
+
         }
 
         if (ret == 0) {

+ 40 - 40
wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c

@@ -18,7 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
- 
+
 #include <wolfssl/wolfcrypt/settings.h>
 
 #if !defined(NO_RSA) && \
@@ -63,54 +63,54 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
         if (size == 1024) {
             tsip_pair1024_key =
             (tsip_rsa1024_key_pair_index_t*)XMALLOC(
-                sizeof(tsip_rsa1024_key_pair_index_t), NULL, 
+                sizeof(tsip_rsa1024_key_pair_index_t), NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
             if (tsip_pair1024_key == NULL)
                 return MEMORY_E;
-                
+
             ret = R_TSIP_GenerateRsa1024RandomKeyIndex(tsip_pair1024_key);
         }
         else if (size == 2048) {
             tsip_pair2048_key =
             (tsip_rsa2048_key_pair_index_t*)XMALLOC(
-                sizeof(tsip_rsa2048_key_pair_index_t), NULL, 
+                sizeof(tsip_rsa2048_key_pair_index_t), NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
             if (tsip_pair2048_key == NULL)
                 return MEMORY_E;
-                
+
             ret = R_TSIP_GenerateRsa2048RandomKeyIndex(tsip_pair2048_key);
         }
         else
             return CRYPTOCB_UNAVAILABLE;
-            
+
         if (ret == TSIP_SUCCESS) {
             if (size == 1024) {
                 if (info->rsa1024pri_keyIdx != NULL) {
-                    XFREE(info->rsa1024pri_keyIdx, NULL, 
+                    XFREE(info->rsa1024pri_keyIdx, NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                 }
                 if (info->rsa1024pub_keyIdx != NULL) {
-                    XFREE(info->rsa1024pub_keyIdx, NULL, 
+                    XFREE(info->rsa1024pub_keyIdx, NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                info->rsa1024pri_keyIdx = 
+                info->rsa1024pri_keyIdx =
                 (tsip_rsa1024_private_key_index_t*)XMALLOC(
-                    sizeof(tsip_rsa1024_private_key_index_t), NULL, 
+                    sizeof(tsip_rsa1024_private_key_index_t), NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
-                    
+
                 if (info->rsa1024pri_keyIdx == NULL) {
                     XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
-                
+
                 info->rsa1024pub_keyIdx =
                 (tsip_rsa1024_public_key_index_t*)XMALLOC(
-                    sizeof(tsip_rsa1024_public_key_index_t), NULL, 
+                    sizeof(tsip_rsa1024_public_key_index_t), NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
-                    
+
                 if (info->rsa1024pub_keyIdx == NULL) {
                     XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    XFREE(info->rsa1024pri_keyIdx, 0, 
+                    XFREE(info->rsa1024pri_keyIdx, 0,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
@@ -118,63 +118,63 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
                 XMEMCPY(info->rsa1024pri_keyIdx,
                                     &tsip_pair1024_key->private,
                                     sizeof(tsip_rsa1024_private_key_index_t));
-                XMEMCPY(info->rsa1024pub_keyIdx, 
+                XMEMCPY(info->rsa1024pub_keyIdx,
                                     &tsip_pair1024_key->public,
                                     sizeof(tsip_rsa1024_public_key_index_t));
                 XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                
+
                 info->keyflgs_crypt.bits.rsapri1024_key_set = 1;
                 info->keyflgs_crypt.bits.rsapub1024_key_set = 1;
             }
             else if (size == 2048) {
                 if (info->rsa2048pri_keyIdx != NULL) {
-                    XFREE(info->rsa2048pri_keyIdx, NULL, 
+                    XFREE(info->rsa2048pri_keyIdx, NULL,
                                     DYNAMIC_TYPE_RSA_BUFFER);
                 }
                 if (info->rsa2048pub_keyIdx != NULL) {
-                    XFREE(info->rsa2048pub_keyIdx, NULL, 
+                    XFREE(info->rsa2048pub_keyIdx, NULL,
                                     DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                info->rsa2048pri_keyIdx = 
+                info->rsa2048pri_keyIdx =
                 (tsip_rsa2048_private_key_index_t*)XMALLOC(
-                    sizeof(tsip_rsa2048_private_key_index_t), NULL, 
+                    sizeof(tsip_rsa2048_private_key_index_t), NULL,
                                     DYNAMIC_TYPE_RSA_BUFFER);
-                    
+
                 if (info->rsa2048pri_keyIdx == NULL) {
                     XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
-                
+
                 info->rsa2048pub_keyIdx =
                 (tsip_rsa2048_public_key_index_t*)XMALLOC(
-                    sizeof(tsip_rsa2048_public_key_index_t), NULL, 
+                    sizeof(tsip_rsa2048_public_key_index_t), NULL,
                                     DYNAMIC_TYPE_RSA_BUFFER);
-                    
+
                 if (info->rsa2048pub_keyIdx == NULL) {
                     XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    XFREE(info->rsa2048pri_keyIdx, 0, 
+                    XFREE(info->rsa2048pri_keyIdx, 0,
                                     DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
                 /* copy generated key pair and free malloced key */
-                XMEMCPY(info->rsa2048pri_keyIdx, 
+                XMEMCPY(info->rsa2048pri_keyIdx,
                             &tsip_pair2048_key->private,
                             sizeof(tsip_rsa2048_private_key_index_t));
-                XMEMCPY(info->rsa2048pub_keyIdx, 
+                XMEMCPY(info->rsa2048pub_keyIdx,
                             &tsip_pair2048_key->public,
                             sizeof(tsip_rsa2048_public_key_index_t));
                 XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                
+
                 info->keyflgs_crypt.bits.rsapri2048_key_set = 1;
                 info->keyflgs_crypt.bits.rsapub2048_key_set = 1;
-                
+
             }
         }
         else {
             WOLFSSL_MSG("Failed to generate key pair by TSIP");
             return CRYPTOCB_UNAVAILABLE;
         }
-        
+
         tsip_hw_unlock();
     }
 
@@ -184,7 +184,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
 
 /* Perform Rsa verify by TSIP
  * Assumes to be called by Crypt Callback
- * 
+ *
  * in     Buffer to hold plaintext
  * inLen  Length of plaintext in bytes
  * out    Buffer to hold generated signature
@@ -193,7 +193,7 @@ WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
  * ctx    The callback context
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
- 
+
 WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
 {
     int ret = 0;
@@ -201,13 +201,13 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
     tsip_rsa_byte_data_t hashData, sigData;
 
     uint8_t  tsip_hash_type;
-    
-    
+
+
     /* sanity check */
     if (info == NULL || tuc == NULL){
         return BAD_FUNC_ARG;
     }
-    
+
     if (ret == 0) {
        if (tuc->sing_hash_type == md5_mac)
            tsip_hash_type = R_TSIP_RSA_HASH_MD5;
@@ -218,7 +218,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
        else
            ret = CRYPTOCB_UNAVAILABLE;
     }
-    
+
     switch (tuc->wrappedKeyType) {
         case TSIP_KEY_TYPE_RSA1024:
             if (tuc->keyflgs_crypt.bits.rsapub1024_key_set != 1)
@@ -226,7 +226,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
                 ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
 
                 WOLFSSL_MSG("tsip rsa private key 1024 not set");
-                if (ret != 0) 
+                if (ret != 0)
                     ret = CRYPTOCB_UNAVAILABLE;
 
             }
@@ -237,7 +237,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
                 ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
 
                 WOLFSSL_MSG("tsip rsa private key 1024 not set");
-                if (ret != 0) 
+                if (ret != 0)
                     ret = CRYPTOCB_UNAVAILABLE;
             }
             break;
@@ -294,7 +294,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
             tsip_hw_unlock();
         }
     }
-    
+
     return ret;
 }
 #endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */

+ 11 - 11
wolfcrypt/src/port/Renesas/renesas_tsip_sha.c

@@ -64,7 +64,7 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR)
             isTLS13 = 1;
 
@@ -136,8 +136,8 @@ WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac)
 
 
 
-/* store handshake message for later hash or hmac operation. 
- * 
+/* store handshake message for later hash or hmac operation.
+ *
  */
 WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data,
                                                                 int sz)
@@ -154,7 +154,7 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data,
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR)
             isTLS13 = 1;
 
@@ -164,7 +164,7 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data,
             ret = CRYPTOCB_UNAVAILABLE;
         }
     }
-    /* should work until handshake is done */ 
+    /* should work until handshake is done */
     if (ret == 0) {
         if (ssl->options.handShakeDone) {
             WOLFSSL_MSG("handshake is done.");
@@ -195,12 +195,12 @@ WOLFSSL_LOCAL int tsip_StoreMessage(struct WOLFSSL* ssl, const byte* data,
 
         bag = &(tuc->messageBag);
 
-        if (bag->msgIdx +1 > MAX_MSGBAG_MESSAGES || 
+        if (bag->msgIdx +1 > MAX_MSGBAG_MESSAGES ||
             bag->buffIdx + sz > MSGBAG_SIZE) {
             WOLFSSL_MSG("Capacity over error in tsip_StoreMessage");
             ret = MEMORY_E;
         }
-    
+
         XMEMCPY(bag->buff + bag->buffIdx, data, sz);
         bag->msgTypes[bag->msgIdx++] = *data;   /* store message type */
         bag->buffIdx += sz;
@@ -229,7 +229,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash,
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR)
             isTLS13 = 1;
 
@@ -246,14 +246,14 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash,
         }
         bag = &(tuc->messageBag);
     }
-    
+
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
 
             err = R_TSIP_Sha256Init(&handle);
 
             if (err == TSIP_SUCCESS) {
-                err = R_TSIP_Sha256Update(&handle, (uint8_t*)bag->buff, 
+                err = R_TSIP_Sha256Update(&handle, (uint8_t*)bag->buff,
                                                                 bag->buffIdx);
             }
             if (err == TSIP_SUCCESS) {
@@ -309,7 +309,7 @@ static int TSIPHashInit(wolfssl_TSIP_Hash* hash, void* heap, int devId,
     else {
         hash->heap = heap;
     }
-    
+
     hash->len  = 0;
     hash->used = 0;
     hash->msg  = NULL;

+ 132 - 130
wolfcrypt/src/port/Renesas/renesas_tsip_util.c

@@ -239,7 +239,7 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
 /* Obsolete function. Use tsip_use_PrivateKey_buffer instead.
  * Set client encrypted private key data.
  * parameters:
- * key      Renesas Secure Flash Programmer generated key. 
+ * key      Renesas Secure Flash Programmer generated key.
  * keyType  0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
  * return   0 on success, others on failure.
  */
@@ -253,7 +253,7 @@ WOLFSSL_API int  tsip_set_clientPrivateKeyEnc(const byte* encKey, int keyType)
         g_user_key_info.encrypted_user_private_key      = (uint8_t*)encKey;
         g_user_key_info.encrypted_user_private_key_type = keyType;
     }
-    
+
     WOLFSSL_LEAVE("tsip_set_clientPrivateKeyEnc", ret);
     return ret;
 }
@@ -299,7 +299,7 @@ WOLFSSL_LOCAL int tsip_TlsCleanup(struct WOLFSSL* ssl)
 
     /* free stored messages */
     tsipFlushMessages(ssl);
-    
+
     return ret;
 }
 
@@ -322,12 +322,12 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
     TsipUserCtx*    tuc = NULL;
 
     WOLFSSL_ENTER("tsip_Tls13GenEccKeyPair");
-    
+
     if (ssl == NULL || kse == NULL)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -383,7 +383,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
         ecckey = (ecc_key*)kse->key;
         ret = wc_ecc_set_curve(ecckey, kse->keyLen, curveId);
     }
-    
+
     kse->pubKey[0] = ECC_POINT_UNCOMP;
 
     /* generate ecc key pair with TSIP */
@@ -428,9 +428,9 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
 #if defined(WOLFSSL_TLS13)
 /* generate shared secret(pre-master secret)
  * get peer's raw ECDHE public key from KeyShareEntry.
- * The pre-master secret generated by TSIP is stored into 
+ * The pre-master secret generated by TSIP is stored into
  * TsipUserCtx.sharedSecret13Idx as TSIP specific format.
- * 
+ *
  * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
  * expecting to fallback to S/W, other negative values on error.
  */
@@ -448,7 +448,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -468,7 +468,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -530,7 +530,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -539,7 +539,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
             tuc->EarlySecret_set = 1;
         }
     }
-    
+
     WOLFSSL_LEAVE("tsip_Tls13DeriveEarlySecret", ret);
     return ret;
 }
@@ -552,7 +552,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveEarlySecret(struct WOLFSSL* ssl)
  * get pre-master secret stored in TsipUserCtx.sharedSecret13Idx.
  * Derived handshake secret is stored into TsipUserCtx.handshakeSecret13Idx
  * as tsip specific format.
- * 
+ *
  * return 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
  * expecting to fallback to S/W, other negative values on error.
  */
@@ -568,7 +568,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -580,7 +580,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -597,7 +597,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveHandshakeSecret(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
- 
+
             tuc->HandshakeSecret_set = 0;
 
             err = R_TSIP_Tls13GenerateHandshakeSecret(
@@ -640,7 +640,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -651,7 +651,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -673,9 +673,9 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
- 
+
             tuc->HandshakeClientTrafficKey_set = 0;
-           
+
             err = R_TSIP_Tls13GenerateClientHandshakeTrafficKey(
                     &(tuc->handle13),
                     TSIP_TLS13_MODE_FULL_HANDSHAKE,
@@ -687,7 +687,7 @@ static int tsipTls13DeriveClientHandshakeKeys(struct WOLFSSL* ssl)
             if (err != TSIP_SUCCESS) {
                 WOLFSSL_MSG(
                     "R_TSIP_Tls13GenerateClientHandshakeTrafficKey error");
-                ret = WC_HW_E;                    
+                ret = WC_HW_E;
             }
 
             /* key derivation succeeded */
@@ -724,7 +724,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -735,7 +735,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -757,7 +757,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
- 
+
             tuc->HandshakeServerTrafficKey_set = 0;
 
             err = R_TSIP_Tls13GenerateServerHandshakeTrafficKey(
@@ -773,7 +773,7 @@ static int tsipTls13DeriveServerHandshakeKeys(struct WOLFSSL* ssl)
                     "R_TSIP_Tls13GenerateServerHandshakeTrafficKey error");
                 ret = WC_HW_E;
             }
-            
+
             /* key derivation succeeded */
             if (ret == 0) {
                 tuc->HandshakeServerTrafficKey_set = 1;
@@ -808,7 +808,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -819,7 +819,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -841,7 +841,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
- 
+
             tuc->ServerTrafficSecret_set   = 0;
             tuc->ClientTrafficSecret_set   = 0;
             tuc->ServerWriteTrafficKey_set = 0;
@@ -862,7 +862,7 @@ static int tsipTls13DeriveTrafficKeys(struct WOLFSSL* ssl)
                     "R_TSIP_Tls13GenerateApplicationTrafficKey error");
                 ret = WC_HW_E;
             }
-            
+
             /* key derivation succeeded */
             if (ret == 0) {
                 tuc->ServerTrafficSecret_set   = 1;
@@ -899,7 +899,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -910,7 +910,7 @@ static int tsipTls13UpdateClientTrafficKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -971,7 +971,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -982,7 +982,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -1042,7 +1042,7 @@ static int tsipTls13UpdateServerTrafficKeys(struct WOLFSSL* ssl)
  * side   ENCRYPT_SIDE_ONLY: when only encryption secret needs to be derived.
  *        DECRYPT_SIDE_ONLY: when only decryption secret needs to be derived.
  *        ENCRYPT_AND_DECRYPT_SIDE: when both secret needs to be derived.
- * 
+ *
  * returns 0 on success, CRYPTOCB_UNAVAILABLE when tsip can not handle and is
  * expecting to fallback to S/W, other negative values on error.
  */
@@ -1142,7 +1142,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -1152,7 +1152,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
     }
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -1160,7 +1160,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
     }
     if (ret == 0) {
         /* make sure handshake secret and verify data has been set by TSIP */
-        if (!tuc->HandshakeSecret_set || 
+        if (!tuc->HandshakeSecret_set ||
             !tuc->HandshakeVerifiedData_set) {
             WOLFSSL_MSG("TSIP wasn't involved in the key-exchange.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -1168,7 +1168,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
     }
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
- 
+
             tuc->MasterSecret_set = 0;
 
             err = R_TSIP_Tls13GenerateMasterSecret(
@@ -1183,7 +1183,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
                     "R_TSIP_Tls13GenerateMasterSecret( error");
                 ret = WC_HW_E;
             }
-            
+
             if (ret == 0) {
                 tuc->MasterSecret_set = 1;
             }
@@ -1206,7 +1206,7 @@ WOLFSSL_LOCAL int tsip_Tls13DeriveMasterSecret(struct WOLFSSL* ssl)
 /* verify handshake
  * ssl     WOLFSSL object
  * hash    buffer holding decrypted finished message content from server.
- * 
+ *
  */
 static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
                                     const byte* hash)/*finished message*/
@@ -1223,7 +1223,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -1234,7 +1234,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -1255,7 +1255,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
 
     if (ret == 0) {
         if ((ret = tsip_hw_lock()) == 0) {
-            
+
             tuc->HandshakeVerifiedData_set = 0;
 
             err = R_TSIP_Tls13ServerHandshakeVerification(
@@ -1271,7 +1271,7 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
             }
             else if (err != TSIP_SUCCESS) {
                 WOLFSSL_MSG("R_TSIP_Tls13ServerHandshakeVerification error");
-                ret = WC_HW_E;                    
+                ret = WC_HW_E;
             }
             if (ret == 0) {
                 WOLFSSL_MSG("Verified handshake");
@@ -1294,9 +1294,9 @@ static int tsipTls13VerifyHandshake(struct WOLFSSL* ssl,
 
 #if defined(WOLFSSL_TLS13)
 /* handles finished message from server.
- * verify hmac in the message. Also output verify data to 
+ * verify hmac in the message. Also output verify data to
  * TsipUserCtx.verifyDataIdx, which is used for deriving master secret.
- * 
+ *
  *  ssl       WOLFSSL object
  *  input     the buffer holding decrypted finished message, type and padding
  *  inOutIdx  On entry, the index into the message content of Finished.
@@ -1348,7 +1348,7 @@ WOLFSSL_LOCAL int tsip_Tls13HandleFinished(
  * inSz        The size of the handshake message (including message header).
  * type        The real content type being put after the message data.
  * hashOutput  Whether to hash the unencrypted record data.
- * returns     the size of the record including header, CRYPTOCB_UNAVAILABLE 
+ * returns     the size of the record including header, CRYPTOCB_UNAVAILABLE
  *             when tsip can not handle and is expecting to fallback to S/W,
  *             other negative values on error.
  */
@@ -1365,7 +1365,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
     int isTLS13 = 0;
     RecordLayerHeader* rl = NULL;
     (void)outSz;
-    
+
     WOLFSSL_ENTER("tsip_Tls13BuildMessage");
 
     if (ssl == NULL || output == NULL || input == NULL) {
@@ -1373,7 +1373,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
     }
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR) {
             isTLS13 = 1;
         }
@@ -1421,7 +1421,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
         /* The real record content type goes at the end of the data. */
         output[RECORD_HEADER_SZ + inSz] = (byte)type;
 
-        ret = tsip_Tls13AesEncrypt(ssl, 
+        ret = tsip_Tls13AesEncrypt(ssl,
                            output + RECORD_HEADER_SZ, /* output */
                            output + RECORD_HEADER_SZ, /* plain message */
                            inSz + 1); /* plain data size(= inSz + 1 for type) */
@@ -1440,7 +1440,7 @@ WOLFSSL_LOCAL int tsip_Tls13BuildMessage(struct WOLFSSL* ssl,
 
 #if defined(WOLFSSL_TLS13)
 /* Send finished message to the server.
- * 
+ *
  * ssl     WOLFSSL object
  * output  buffer to output packet, including packet header and finished message
  * outSz   buffer size of output
@@ -1466,7 +1466,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished(
     if (ssl == NULL || output == NULL || input == NULL || outSz == 0) {
         ret  = BAD_FUNC_ARG;
     }
-    
+
     if (ret == 0) {
         finishedSz  = ssl->specs.hash_size;
 
@@ -1485,7 +1485,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished(
                                      output, outSz,
                                      input, headerSz + finishedSz,
                                      handshake, hashOut);
-    
+
         if (recordSz > 0) {
             ssl->options.clientState    = CLIENT_FINISHED_COMPLETE;
             ssl->options.handShakeState = HANDSHAKE_DONE;
@@ -1515,7 +1515,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendFinished(
  * return    0 on success, CRYPTOCB_UNAVAILABLE when TSIP can not handle,
  *           other negative values on error.
  */
-WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, 
+WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
                                             const byte* input, word32* inOutIdx,
                                             word32 totalSz)
 {
@@ -1528,7 +1528,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
     e_tsip_err_t  err = TSIP_SUCCESS;
     TsipUserCtx*  tuc = NULL;
     e_tsip_tls13_signature_scheme_type_t sig_scheme;
-    
+
     WOLFSSL_ENTER("tsip_Tls13CertificateVerify");
 
 
@@ -1576,7 +1576,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
 
     if (ret == 0) {
         /* get user context for TSIP */
-        tuc = ssl->RenesasUserCtx;    
+        tuc = ssl->RenesasUserCtx;
         if (tuc == NULL) {
             WOLFSSL_MSG("TsipUserCtx is not set to ssl.");
             ret = CRYPTOCB_UNAVAILABLE;
@@ -1596,7 +1596,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
 
         idx = 0;
         ForceZero(sigData, sizeof(tuc->sigDataCertVerify));
-        XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, 
+        XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE,
                                                 TSIP_SIGNING_DATA_PREFIX_SZ);
 
         idx += TSIP_SIGNING_DATA_PREFIX_SZ;
@@ -1605,7 +1605,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
         idx += TSIP_CERT_VFY_LABEL_SZ;
         ret = tsip_GetMessageSha256(ssl, &sigData[idx], &messageSz);
     }
- 
+
     if (ret == 0) {
 
         if ((ret = tsip_hw_lock()) == 0) {
@@ -1617,7 +1617,7 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
                         totalSz);
 
             if (err == TSIP_SUCCESS) {
-                
+
                 *inOutIdx += totalSz;
                 *inOutIdx += ssl->keys.padSz;
                 ssl->options.peerAuthGood = 1;
@@ -1650,17 +1650,17 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
 /* Send the TLS v1.3 CertificateVerify message. A part of the message is
  * processed by TSIP for acceleration.
  *
- * Prior to this function call, the appropriate key-pair should be set via 
- * tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS APIs. 
- * Those key pair can be generated by the tool named 
+ * Prior to this function call, the appropriate key-pair should be set via
+ * tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS APIs.
+ * Those key pair can be generated by the tool named
  * "Renesas secure flash programmer".
  * When RSA certificate is used, both public and private keys should be set.
  * The public key is used for self-verify the generated certificateVerify
  * message. When ECC certificate is used, the self-verify will be performed only
  * WOLFSSL_CHECK_SIG_FAULTS is defined.
- * 
- * Returns 0 on success, CRYPTOCB_UNAVAILABLE when the required key is not 
- * provided or unsupported algo is specified and otherwise failure. 
+ *
+ * Returns 0 on success, CRYPTOCB_UNAVAILABLE when the required key is not
+ * provided or unsupported algo is specified and otherwise failure.
  */
 WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
 {
@@ -1693,7 +1693,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
     }
 
     if (ret == 0) {
-        if (ssl->version.major == SSLv3_MAJOR && 
+        if (ssl->version.major == SSLv3_MAJOR &&
             ssl->version.minor == TLSv1_3_MINOR)
             isTLS13 = 1;
 
@@ -1702,7 +1702,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
             ret = CRYPTOCB_UNAVAILABLE;
         }
     }
-    
+
     if (ret == 0) {
         /* get user context for TSIP */
         tuc = ssl->RenesasUserCtx;
@@ -1712,10 +1712,10 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
     }
 
     if (ret == 0) {
-        #if !defined(NO_RSA) 
+        #if !defined(NO_RSA)
         if (ssl->options.haveRSA)
             isRsa = 1;
-        else 
+        else
         #endif
         #ifdef HAVE_ECC
         if (ssl->options.haveECC)
@@ -1746,7 +1746,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
         }
     }
 
-    if (ret == 0) {    
+    if (ret == 0) {
         /* get message hash */
         ForceZero(hash, sizeof(hash));
         ret = tsip_GetMessageSha256(ssl, hash, (int*)&hashSz);
@@ -1777,7 +1777,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
                             TSIP_TLS13_SIGNATURE_SCHEME_RSA_PSS_RSAE_SHA256,
                                                 hash,
                                                 message + HANDSHAKE_HEADER_SZ,
-                                                &messageSz); 
+                                                &messageSz);
             }
             else {
                 err = R_TSIP_Tls13CertificateVerifyGenerate(
@@ -1785,7 +1785,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
                             TSIP_TLS13_SIGNATURE_SCHEME_ECDSA_SECP256R1_SHA256,
                                                 hash,
                                                 message + HANDSHAKE_HEADER_SZ,
-                                                &messageSz); 
+                                                &messageSz);
             }
             if (err != TSIP_SUCCESS) {
                 WOLFSSL_MSG("failed to make certificate verify message");
@@ -1816,7 +1816,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
             }
         }
         else {
-#if defined(WOLFSSL_CHECK_SIG_FAULTS)    
+#if defined(WOLFSSL_CHECK_SIG_FAULTS)
             if (!tuc->ClientEccP256PubKey_set) {
                 ret = NO_PRIVATE_KEY;
             }
@@ -1829,7 +1829,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
 
         idx = 0;
         ForceZero(sigData, sizeof(tuc->sigDataCertVerify));
-        XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE, 
+        XMEMSET(sigData, TSIP_SIGNING_DATA_PREFIX_BYTE,
                                                 TSIP_SIGNING_DATA_PREFIX_SZ);
 
         idx += TSIP_SIGNING_DATA_PREFIX_SZ;
@@ -1842,9 +1842,9 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
     if (ret == 0) {
         /* extract signature data from generated CertificateVerify message */
         if (!isRsa) {
-#if defined(WOLFSSL_CHECK_SIG_FAULTS)            
-            idx = 4; 
-            derSig = message + 
+#if defined(WOLFSSL_CHECK_SIG_FAULTS)
+            idx = 4;
+            derSig = message +
                         HANDSHAKE_HEADER_SZ + HASH_SIG_SIZE + VERIFY_HEADER;
             if (derSig[idx] == 0x00)
                 idx++;
@@ -1907,8 +1907,8 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
         ((HandShakeHeader*)message)->type = certificate_verify;
 
         c32to24(messageSz, ((HandShakeHeader*)message)->length);
-        
-        recordSz = tsip_Tls13BuildMessage(ssl, output, 0, message, 
+
+        recordSz = tsip_Tls13BuildMessage(ssl, output, 0, message,
                                           messageSz + HANDSHAKE_HEADER_SZ,
                                                              handshake, 1);
 
@@ -2114,8 +2114,8 @@ int wc_tsip_RsaVerify(
  *   key    buffer holding peer's public key (NOT used in this function)
  *   keySz  public key size((NOT used in this function))
  *   result address of the variable to output result
- *   ctx    context 
- *  return 0 on success, CRYPTOCB_UNAVAILABLE in case TSIP cannot handle 
+ *   ctx    context
+ *  return 0 on success, CRYPTOCB_UNAVAILABLE in case TSIP cannot handle
  */
 int wc_tsip_EccVerify(
         WOLFSSL*  ssl,
@@ -2138,8 +2138,8 @@ int wc_tsip_EccVerify(
         return CRYPTOCB_UNAVAILABLE;
     }
 
-    /* in TLS1.3 */ 
-    if (ssl->version.major == SSLv3_MAJOR && 
+    /* in TLS1.3 */
+    if (ssl->version.major == SSLv3_MAJOR &&
         ssl->version.minor == TLSv1_3_MINOR) {
         WOLFSSL_LEAVE("wc_tsip_EccVerify", CRYPTOCB_UNAVAILABLE);
         return CRYPTOCB_UNAVAILABLE;
@@ -2261,7 +2261,7 @@ WOLFSSL_API void tsip_set_callbacks(WOLFSSL_CTX* ctx)
 #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */
     wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL);
     /* Set ssl-> options.sendVerify to SEND_CERT by the following two
-     * registrations. This will allow the client certificate to be sent to 
+     * registrations. This will allow the client certificate to be sent to
      * the server even if the private key is empty. The two callbacks do
      * virtually nothing.
      */
@@ -2307,7 +2307,7 @@ WOLFSSL_API int tsip_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
     wolfSSL_SetRsaSignCtx(ssl, user_ctx);
     wolfSSL_SetGenPreMasterCtx(ssl, user_ctx);
     wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
-#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)    
+#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)
     wolfSSL_SetVerifyMacCtx(ssl, user_ctx);
 #endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_AEAD_ONLY */
     /* set up crypt callback */
@@ -2367,7 +2367,7 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
     if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) {
         WOLFSSL_MSG("Missing some key materials used for import" );
         return CRYPTOCB_UNAVAILABLE;
-    } 
+    }
 
     if (ret == 0) {
         if (keyType != tuc->wrappedKeyType) {
@@ -2381,7 +2381,7 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
 
             #if !defined(NO_RSA)
             case TSIP_KEY_TYPE_RSA2048:
-                
+
                 tuc->ClientRsa2048PrivKey_set = 0;
                 err = R_TSIP_GenerateRsa2048PrivateKeyIndex(
                                     provisioning_key, iv, (uint8_t*)encPrivKey,
@@ -2396,7 +2396,7 @@ static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
             #endif
 
             case TSIP_KEY_TYPE_RSA4096:
-                /* not supported as of TSIPv1.15 */ 
+                /* not supported as of TSIPv1.15 */
                 ret = CRYPTOCB_UNAVAILABLE;
                 break;
 
@@ -2458,7 +2458,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
     if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) {
         WOLFSSL_MSG("Missing some key materials used for import" );
         return CRYPTOCB_UNAVAILABLE;
-    } 
+    }
 
     if (ret == 0) {
         if (keyType != tuc->wrappedKeyType) {
@@ -2469,7 +2469,7 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
 
     if ((ret = tsip_hw_lock()) == 0) {
         switch(keyType) {
-            
+
         #if !defined(NO_RSA)
             case TSIP_KEY_TYPE_RSA2048:
             #if defined(WOLFSSL_RENESAS_TSIP_TLS)
@@ -2479,10 +2479,10 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
                     XFREE(tuc->rsa2048pub_keyIdx, NULL,
                                     DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                
+
                 tuc->rsa2048pub_keyIdx =
                 (tsip_rsa2048_public_key_index_t*)XMALLOC(
-                    sizeof(tsip_rsa2048_public_key_index_t), NULL, 
+                    sizeof(tsip_rsa2048_public_key_index_t), NULL,
                                     DYNAMIC_TYPE_RSA_BUFFER);
                 if (tuc->rsa2048pub_keyIdx == NULL) {
                     return MEMORY_E;
@@ -2508,14 +2508,14 @@ WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
                 }
                 break;
         #endif
-            
+
         #if !defined(NO_RSA)
             case TSIP_KEY_TYPE_RSA4096:
-                /* not supported as of TSIPv1.15 */ 
+                /* not supported as of TSIPv1.15 */
                 ret = CRYPTOCB_UNAVAILABLE;
                 break;
         #endif
-            
+
         #if defined(HAVE_ECC) && \
             defined(WOLFSSL_RENESAS_TSIP_TLS)
             case TSIP_KEY_TYPE_ECDSAP256:
@@ -3101,7 +3101,7 @@ int wc_tsip_generateVerifyData(
         WOLFSSL_LEAVE("tsip_generateVerifyData", BAD_FUNC_ARG);
         return BAD_FUNC_ARG;
     }
-    if (XSTRNCMP((const char*)side, (const char*)kTlsServerFinStr, 
+    if (XSTRNCMP((const char*)side, (const char*)kTlsServerFinStr,
                                                 FINISHED_LABEL_SZ) == 0) {
         l_side = R_TSIP_TLS_GENERATE_SERVER_VERIFY;
     }
@@ -3667,14 +3667,14 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
 
     WOLFSSL_ENTER("tsip_SignRsaPkcs");
 
-    if (info == NULL || tuc == NULL 
+    if (info == NULL || tuc == NULL
     #ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
     || tuc->ssl == NULL
     #endif
     ) {
             ret = BAD_FUNC_ARG;
     }
-    
+
 #ifdef WOLFSSL_RENESAS_TSIP_TLS
     if (ret == 0) {
         ssl = tuc->ssl;
@@ -3690,7 +3690,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
         ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
     }
 
-    
+
     if (ret == 0) {
         if (ssl->options.hashAlgo == md5_mac)
             tsip_hash_type = R_TSIP_RSA_HASH_MD5;
@@ -3703,7 +3703,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
     }
 #else
     (void)ssl;
-    
+
     if (ret == 0) {
        if (tuc->sing_hash_type == md5_mac)
            tsip_hash_type = R_TSIP_RSA_HASH_MD5;
@@ -3714,7 +3714,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
        else
            ret = CRYPTOCB_UNAVAILABLE;
     }
-    
+
     switch (tuc->wrappedKeyType) {
         case TSIP_KEY_TYPE_RSA1024:
             if (tuc->keyflgs_crypt.bits.rsapri1024_key_set != 1)
@@ -3735,9 +3735,9 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
             ret = CRYPTOCB_UNAVAILABLE;
             break;
     }
-    
+
 #endif
-    
+
     if (ret == 0) {
        #ifdef WOLFSSL_RENESAS_TSIP_TLS
         hashData.pdata      = (uint8_t*)ssl->buffers.digest.buffer;
@@ -3762,7 +3762,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
                                                 tsip_hash_type);
 
                     if (err != TSIP_SUCCESS) {
-                        ret = WC_HW_E; 
+                        ret = WC_HW_E;
                     }
                     break;
             #endif
@@ -3779,7 +3779,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
                                                 tsip_hash_type);
 
                     if (err != TSIP_SUCCESS) {
-                        ret = WC_HW_E; 
+                        ret = WC_HW_E;
                     }
                     break;
 
@@ -3807,7 +3807,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
 
 #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_TSIP_TLS)
 WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
-                        WOLFSSL* ssl, 
+                        WOLFSSL* ssl,
                         unsigned char* sig, unsigned int sigSz,
                         unsigned char** out,
                         const unsigned char* keyDer, unsigned int keySz,
@@ -3842,7 +3842,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
         /* import public key_index from wrapped key */
         ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
     }
-    
+
     if (ret == 0) {
         if (ssl->options.hashAlgo == md5_mac)
             tsip_hash_type = R_TSIP_RSA_HASH_MD5;
@@ -3852,7 +3852,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
             tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
         else {
             ret = CRYPTOCB_UNAVAILABLE;
-        } 
+        }
     }
 
     if (ret == 0) {
@@ -3863,7 +3863,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
         if ((ret = tsip_hw_lock()) == 0) {
 
             switch (tuc->wrappedKeyType) {
-                
+
                 case TSIP_KEY_TYPE_RSA2048:
                     sigData.data_length = 256;
                     err = R_TSIP_RsassaPkcs2048SignatureVerification(
@@ -3904,7 +3904,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
 
 #if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
 /*   Perform signing with the client's ECC private key on hash value of messages
- *   exchanged with server. 
+ *   exchanged with server.
  *
  * parameters
  *   info->pk.eccsign.in    : the buffer holding hash value of messages
@@ -3951,33 +3951,33 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
         /* import private key_index from wrapped key */
         ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
     }
- 
+
     if (ret == 0) {
         hashData.pdata      = (uint8_t*)info->pk.eccsign.in;
         hashData.data_type  = 1;
         sigData.pdata       = (uint8_t*)info->pk.eccsign.out;
         sigData.data_length = 0; /* signature size will be returned here */
 
-        if ((ret = tsip_hw_lock()) == 0) {        
+        if ((ret = tsip_hw_lock()) == 0) {
             switch (tuc->wrappedKeyType) {
 
                 #if defined(HAVE_ECC)
                 case TSIP_KEY_TYPE_ECDSAP256:
                     offsetForWork = R_TSIP_ECDSA_DATA_BYTE_SIZE + 32;
-                    if (*(info->pk.eccsign.outlen) < 
+                    if (*(info->pk.eccsign.outlen) <
                                 R_TSIP_ECDSA_DATA_BYTE_SIZE + offsetForWork) {
                         ret = BUFFER_E;
                         break;
                     }
 
-                    sigData.pdata = (uint8_t*)info->pk.eccsign.out + 
+                    sigData.pdata = (uint8_t*)info->pk.eccsign.out +
                                                             offsetForWork;
                     err = R_TSIP_EcdsaP256SignatureGenerate(
                                                 &hashData, &sigData,
                                                 &tuc->EcdsaP256PrivateKeyIdx);
                     if (err != TSIP_SUCCESS) {
                         ret = WC_HW_E;
-                        break; 
+                        break;
                     }
 
                     out = info->pk.eccsign.out;
@@ -3991,7 +3991,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
                     /* encode ASN sequence */
                     out[idx++] = ASN_SEQUENCE | ASN_CONSTRUCTED;
                     out[idx++] = sz;
-                    
+
                     /* copy r part */
                     out[idx++] = ASN_INTEGER;
                     out[idx++] = rSz;
@@ -4006,7 +4006,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
                     if (sSz > R_TSIP_ECDSA_DATA_BYTE_SIZE / 2)
                         out[idx++] = 0x00;
                     XMEMCPY(&out[idx], sig, R_TSIP_ECDSA_DATA_BYTE_SIZE / 2);
-                
+
                     /* out size */
                     *(info->pk.eccsign.outlen) = ASN_TAG_SZ + 1 + sz;
                     break;
@@ -4047,20 +4047,22 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
 
 #ifdef WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG
 
-/* err
- * e_tsip_err
+#if 0
+   /* this is here for documentation purposes. */
+   enum e_tsip_err {
     TSIP_SUCCESS = 0,
-    TSIP_ERR_SELF_CHECK1,  // Self-check 1 fail or TSIP function internal err.
-    TSIP_ERR_RESOURCE_CONFLICT, // A resource conflict occurred.
-    TSIP_ERR_SELF_CHECK2,       // Self-check 2 fail.
-    TSIP_ERR_KEY_SET,           // setting the invalid key.
-    TSIP_ERR_AUTHENTICATION,    // Authentication failed.
-    TSIP_ERR_CALLBACK_UNREGIST, // Callback function is not registered.
-    TSIP_ERR_PARAMETER,         // Illegal Input data.
-    TSIP_ERR_PROHIBIT_FUNCTION, // An invalid function call occurred.
- *  TSIP_RESUME_FIRMWARE_GENERATE_MAC,
-                  // There is a continuation of R_TSIP_GenerateFirmwareMAC.
-*/
+    TSIP_ERR_SELF_CHECK1,       /* Self-check 1 fail or TSIP function internal err. */
+    TSIP_ERR_RESOURCE_CONFLICT, /* A resource conflict occurred. */
+    TSIP_ERR_SELF_CHECK2,       /* Self-check 2 fail. */
+    TSIP_ERR_KEY_SET,           /* setting the invalid key. */
+    TSIP_ERR_AUTHENTICATION,    /* Authentication failed. */
+    TSIP_ERR_CALLBACK_UNREGIST, /* Callback function is not registered. */
+    TSIP_ERR_PARAMETER,         /* Illegal Input data. */
+    TSIP_ERR_PROHIBIT_FUNCTION, /* An invalid function call occurred. */
+    TSIP_RESUME_FIRMWARE_GENERATE_MAC
+                  /* There is a continuation of R_TSIP_GenerateFirmwareMAC. */
+   };
+#endif
 
 static void hexdump(const uint8_t* in, uint32_t len)
 {

+ 1 - 1
wolfcrypt/src/port/af_alg/wc_afalg.c

@@ -40,7 +40,7 @@ void wc_Afalg_SockAddr(struct sockaddr_alg* in, const char* type, const char* na
     int nameSz = (int)XSTRLEN(name) + 1; /* +1 for null terminator */
 
     if (typeSz > (int)sizeof(in->salg_type) ||
-		    nameSz > (int)sizeof(in->salg_name)) {
+                    nameSz > (int)sizeof(in->salg_name)) {
         WOLFSSL_MSG("type or name was too large");
         return;
     }

+ 8 - 8
wolfcrypt/src/port/atmel/atmel.c

@@ -136,7 +136,7 @@ int atmel_get_random_number(uint32_t count, uint8_t* rand_out)
 
 int atmel_get_random_block(unsigned char* output, unsigned int sz)
 {
-	return atmel_get_random_number((uint32_t)sz, (uint8_t*)output);
+        return atmel_get_random_number((uint32_t)sz, (uint8_t*)output);
 }
 
 #if defined(WOLFSSL_ATMEL) && defined(WOLFSSL_ATMEL_TIME)
@@ -148,12 +148,12 @@ long atmel_get_curr_time_and_date(long* tm)
 {
     long rt = 0;
 
-	/* Get current time */
+        /* Get current time */
     struct rtc_calendar_time rtcTime;
     const int monthDay[] = {0,31,59,90,120,151,181,212,243,273,304,334};
     int month, year, yearLeap;
 
-	rtc_calendar_get_time(_rtc_instance[0], &rtcTime);
+        rtc_calendar_get_time(_rtc_instance[0], &rtcTime);
 
     /* Convert rtc_calendar_time to seconds since UTC */
     month = rtcTime.month % 12;
@@ -359,7 +359,7 @@ int atmel_get_enc_key_default(byte* enckey, word16 keysize)
 static int atmel_init_enc_key(void)
 {
     int ret;
-	uint8_t read_key[ATECC_KEY_SIZE];
+        uint8_t read_key[ATECC_KEY_SIZE];
     uint8_t writeBlock = 0;
     uint8_t writeOffset = 0;
     int slotId;
@@ -388,7 +388,7 @@ static int atmel_init_enc_key(void)
     ForceZero(read_key, sizeof(read_key));
     ret = atmel_ecc_translate_err(ret);
 
-	return ret;
+        return ret;
 }
 #endif
 
@@ -497,7 +497,7 @@ int atmel_init(void)
     extern ATCAIfaceCfg atecc608_0_init_data;
     #endif
 #endif
-    
+
     if (!mAtcaInitDone) {
         ATCA_STATUS status;
         int i;
@@ -940,7 +940,7 @@ exit:
     return ret;
 }
 
-static int atcatls_set_certificates(WOLFSSL_CTX *ctx) 
+static int atcatls_set_certificates(WOLFSSL_CTX *ctx)
 {
     #ifndef ATCATLS_SIGNER_CERT_MAX_SIZE
         #define ATCATLS_SIGNER_CERT_MAX_SIZE 0x250
@@ -966,7 +966,7 @@ static int atcatls_set_certificates(WOLFSSL_CTX *ctx)
     uint8_t signerPubKeyBuffer[ATCATLS_PUBKEY_BUFF_MAX_SIZE];
 #endif
 
-#ifdef WOLFSSL_ATECC_TNGTLS	
+#ifdef WOLFSSL_ATECC_TNGTLS
     ret = tng_atcacert_max_signer_cert_size(&signerCertSize);
     if (ret != ATCACERT_E_SUCCESS) {
     #ifdef WOLFSSL_ATECC_DEBUG

+ 1 - 1
wolfcrypt/src/port/caam/caam_driver.c

@@ -129,7 +129,7 @@ static Error caamDebugDesc(struct DescStruct* desc)
     }
 
 
-    //D0JQCR_LS
+    /* D0JQCR_LS */
     printf("Next command to be executed = 0x%08X\n", CAAM_READ(0x8804));
     printf("Desc          = 0x%08X\n", desc->caam->ring.Desc);
 

+ 3 - 2
wolfcrypt/src/port/caam/caam_qnx.c

@@ -1641,8 +1641,9 @@ int io_close_ocb(resmgr_context_t *ctp, void *reserved, RESMGR_OCB_T *ocb)
 #if 0
 static int getSupported(char* in)
 {
-        //printf("CAAM Status [0x%8.8x]   = 0x%8.8x\n",
-        //    CAAM_STATUS, WC_CAAM_READ(CAAM_STATUS));
+        /* printf("CAAM Status [0x%8.8x]   = 0x%8.8x\n",
+         *    CAAM_STATUS, WC_CAAM_READ(CAAM_STATUS));
+         */
         printf("CAAM Version MS Register [0x%8.8x]  = 0x%8.8x\n",
             CAAM_VERSION_MS, CAAM_READ(CAAM_VERSION_MS));
         printf("CAAM Version LS Register [0x%8.8x]  = 0x%8.8x\n",

+ 1 - 1
wolfcrypt/src/port/caam/wolfcaam_hash.c

@@ -26,7 +26,7 @@
 #include <wolfssl/wolfcrypt/settings.h>
 
 #if defined(WOLFSSL_CAAM) && defined(WOLFSSL_CAAM_HASH) \
-	&& !defined(WOLFSSL_IMXRT1170_CAAM)
+        && !defined(WOLFSSL_IMXRT1170_CAAM)
 
 #include <wolfssl/wolfcrypt/logging.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>

+ 1 - 1
wolfcrypt/src/port/caam/wolfcaam_init.c

@@ -694,7 +694,7 @@ int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out, word32* outSz)
 }
 #endif /* WOLFSSL_CAAM_BLOB */
 
-/* outSz gets set to key size plus 16 for mac and padding 
+/* outSz gets set to key size plus 16 for mac and padding
  * return 0 on success
  */
 int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz, int flag)

+ 9 - 9
wolfcrypt/src/port/cuda/aes-cuda.cu

@@ -77,7 +77,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     #define WOLFSSL_MISC_INCLUDED
     #define WOLFSSL_HAVE_MIN
     #define WOLFSSL_HAVE_MAX
-//    #include <wolfcrypt/src/misc.c>
+/*    #include <wolfcrypt/src/misc.c> */
 #endif
 /* This routine performs a left circular arithmetic shift of <x> by <y> value. */
 
@@ -992,23 +992,23 @@ void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
     cudaError_t ret = cudaSuccess;
 
 #ifdef WC_AES_C_DYNAMIC_FALLBACK
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMalloc(&rk_GPU, sizeof(aes->key_C_fallback));
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMemcpy(rk_GPU, aes->key_C_fallback, sizeof(aes->key_C_fallback), cudaMemcpyDefault);
 #else
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMalloc(&rk_GPU, sizeof(aes->key));
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMemcpy(rk_GPU, aes->key, sizeof(aes->key), cudaMemcpyDefault);
 #endif
 
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMalloc(&in_GPU, sz);
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMemcpy(in_GPU, in, sz, cudaMemcpyDefault);
 
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMalloc(&out_GPU, sz);
 
     if ( ret == cudaSuccess ) {
@@ -1017,7 +1017,7 @@ void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
         AesEncrypt_C_CUDA<<<numBlocks,blockSize>>>(rk_GPU, in_GPU, out_GPU, aes->rounds >> 1, sz / AES_BLOCK_SIZE);
     }
 
-    if ( ret == cudaSuccess ) 
+    if ( ret == cudaSuccess )
         ret = cudaMemcpy(out, out_GPU, sz, cudaMemcpyDefault);
 
     cudaFree(in_GPU);

+ 4 - 4
wolfcrypt/src/port/intel/quickassist_sync.c

@@ -144,9 +144,9 @@ typedef void (*IntelQaFreeFunc)(struct IntelQaDev*);
 
 /* QuickAssist device */
 typedef struct IntelQaDev {
-	CpaInstanceHandle handle;
+        CpaInstanceHandle handle;
     int devId;
-	void* heap;
+        void* heap;
 
     /* callback return info */
     int ret;
@@ -220,7 +220,7 @@ static int IntelQaGetCyInstanceCount(void);
 
 #ifdef WOLF_CRYPTO_CB
     static int IntelQaSymSync_CryptoDevCb(int, struct wc_CryptoInfo*,
-			void*);
+                        void*);
 #endif /* WOLF_CRYPTO_CB */
 
 
@@ -423,7 +423,7 @@ int IntelQaHardwareStart(const char* process_name, int limitDevAccess)
 
 #ifdef QAT_DEBUG
     /* optionally enable debugging */
-    //osalLogLevelSet(8);
+    /* osalLogLevelSet(8); */
 #endif
 
     status = cpaCyGetNumInstances(&g_numInstances);

+ 5 - 5
wolfcrypt/src/port/iotsafe/iotsafe.c

@@ -612,7 +612,7 @@ static int iotsafe_parse_public_key(char* resp, int len, ecc_key *key)
 /* Execute GEN_KEYPAIR on the IoT-SAFE applet.
  *
  * Return -1 on error; 0 if the operation is successful, but
- * the generated public key was not yet stored in `key`; 1 if 
+ * the generated public key was not yet stored in `key`; 1 if
  * the operation is successful and the public key was found in the
  * command response and copied to the `key` structure, if not NULL.
  */
@@ -1089,11 +1089,11 @@ static int wolfIoT_hkdf_extract(byte* prk, const byte* salt, word32 saltLen,
                 localSalt = tmp;
             }
     }
-    
-    ret = iotsafe_hkdf_extract(prk, localSalt, saltLen, ikm, ikmLen, digest);    
+
+    ret = iotsafe_hkdf_extract(prk, localSalt, saltLen, ikm, ikmLen, digest);
     (void)ctx;
     return ret;
-}       
+}
 #endif
 
 static int wolfIoT_ecc_sign(WOLFSSL* ssl,
@@ -1573,7 +1573,7 @@ int wolfSSL_CTX_iotsafe_enable(WOLFSSL_CTX *ctx)
     WOLFSSL_MSG("ECC callbacks set to IoT_safe interface");
     #endif
     #ifndef NO_RSA
-    /* wolfSSL_CTX_SetRsaSignCb(wolfIoT_rsa_sign);  // TODO: RSA callbacks */
+    /* wolfSSL_CTX_SetRsaSignCb(wolfIoT_rsa_sign); */ /* TODO: RSA callbacks */
     #endif
 #else
     (void)ctx;

+ 1 - 1
wolfcrypt/src/port/maxim/maxq10xx.c

@@ -56,7 +56,7 @@ void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen);
 #endif /* MAXQ_DEBUG */
 
 #if defined(USE_WINDOWS_API)
-# define maxq_CryptHwMutexTryLock()	(0)
+# define maxq_CryptHwMutexTryLock() 0
 #endif
 
 #define AES_KEY_ID_START      (0x2000)

+ 16 - 16
wolfcrypt/src/port/nxp/ksdk_port.c

@@ -105,7 +105,7 @@ static int ltc_get_lsb_bin_from_mp_int(uint8_t *dst, mp_int *A, uint16_t *psz)
 #else
     res = mp_to_unsigned_bin(A, dst);
     if (res == MP_OKAY) {
-        ltc_reverse_array(dst, sz); 
+        ltc_reverse_array(dst, sz);
     }
 #endif
     *psz = sz;
@@ -134,7 +134,7 @@ int mp_mul(mp_int *A, mp_int *B, mp_int *C)
     szA = mp_unsigned_bin_size(A);
     szB = mp_unsigned_bin_size(B);
 
-    /* if unsigned mul can fit into LTC PKHA let's use it, otherwise call 
+    /* if unsigned mul can fit into LTC PKHA let's use it, otherwise call
      * software mul */
     if ((szA <= LTC_MAX_INT_BYTES / 2) && (szB <= LTC_MAX_INT_BYTES / 2)) {
         uint8_t *ptrA = (uint8_t*)XMALLOC(LTC_MAX_INT_BYTES, NULL,
@@ -264,7 +264,7 @@ int mp_mod(mp_int *a, mp_int *b, mp_int *c)
                 {
                     ltc_reverse_array(ptrC, sizeC);
                     res = mp_read_unsigned_bin(c, ptrC, sizeC);
-                
+
 #if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \
       defined(WOLFSSL_SP_INT_NEGATIVE)
                     /* fix sign */
@@ -341,10 +341,10 @@ int mp_invmod(mp_int *a, mp_int *b, mp_int *c)
             res = ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA);
             if (res == MP_OKAY)
                 res = ltc_get_lsb_bin_from_mp_int(ptrB, b, &sizeB);
-            
+
             /* if a >= b then reduce */
             /* TODO: Perhaps always do mod reduce depending on hardware performance */
-            if (res == MP_OKAY && 
+            if (res == MP_OKAY &&
                         LTC_PKHA_CompareBigNum(ptrA, sizeA, ptrB, sizeB) >= 0) {
                 if (LTC_PKHA_ModRed(LTC_BASE, ptrA, sizeA, ptrB, sizeB,
                     ptrA, &sizeA, kLTC_PKHA_IntegerArith) != kStatus_Success) {
@@ -411,7 +411,7 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
     int res = MP_OKAY;
     status_t status;
     int szA, szB, szC;
-    
+
 #ifdef ENABLE_NXPLTC_TESTS
     mp_int t;
     mp_init(&t);
@@ -543,8 +543,8 @@ int ltc_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int useConstTime)
     szX = mp_unsigned_bin_size(X);
     szP = mp_unsigned_bin_size(P);
 
-    if ((szG <= LTC_MAX_INT_BYTES) && 
-        (szX <= LTC_MAX_INT_BYTES) && 
+    if ((szG <= LTC_MAX_INT_BYTES) &&
+        (szX <= LTC_MAX_INT_BYTES) &&
         (szP <= LTC_MAX_INT_BYTES))
     {
         uint16_t sizeG, sizeX, sizeP, sizeY;
@@ -563,9 +563,9 @@ int ltc_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int useConstTime)
 
             /* if G >= P then reduce */
             /* TODO: Perhaps always do mod reduce depending on hardware performance */
-            if (res == MP_OKAY && 
+            if (res == MP_OKAY &&
                         LTC_PKHA_CompareBigNum(ptrG, sizeG, ptrP, sizeP) >= 0) {
-                res = LTC_PKHA_ModRed(LTC_BASE, 
+                res = LTC_PKHA_ModRed(LTC_BASE,
                     ptrG, sizeG,
                     ptrP, sizeP,
                     ptrG, &sizeG, kLTC_PKHA_IntegerArith);
@@ -602,7 +602,7 @@ int ltc_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int useConstTime)
         }
         if (ptrG) {
             XFREE(ptrG, NULL, DYNAMIC_TYPE_BIGINT);
-        }        
+        }
     }
     else {
 #if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE)
@@ -678,7 +678,7 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
             res = ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA);
         }
         if (res == MP_OKAY) {
-            if (LTC_PKHA_PrimalityTest(LTC_BASE, 
+            if (LTC_PKHA_PrimalityTest(LTC_BASE,
                 ptrB, sizeB,             /* seed */
                 (uint8_t*)&t, sizeof(t), /* trials */
                 ptrA, sizeA,             /* candidate */
@@ -726,7 +726,7 @@ int mp_prime_is_prime(mp_int* a, int t, int* result)
 #if defined(HAVE_ECC) && defined(FREESCALE_LTC_ECC)
 
 /* convert from mp_int to LTC integer, as array of bytes of size sz.
- * if mp_int has less bytes than sz, add zero bytes at most significant byte 
+ * if mp_int has less bytes than sz, add zero bytes at most significant byte
  *   positions.
  * This is when for example modulus is 32 bytes (P-256 curve)
  * and mp_int has only 31 bytes, we add leading zeros
@@ -763,7 +763,7 @@ static int ltc_get_from_mp_int(uint8_t *dst, mp_int *a, int sz)
     return res;
 }
 
-/* ECC specs in lsbyte at lowest address format for direct use by LTC PKHA 
+/* ECC specs in lsbyte at lowest address format for direct use by LTC PKHA
  * driver functions */
 #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
 #define ECC192
@@ -1196,7 +1196,7 @@ static const uint8_t invThree[32] = {
 /*
  *
  * finds square root in finite field when modulus congruent to 5 modulo 8
- * this is fixed to curve25519 modulus 2^255 - 19 which is congruent to 
+ * this is fixed to curve25519 modulus 2^255 - 19 which is congruent to
  * 5 modulo 8.
  *
  * This function solves equation: res^2 = a mod (2^255 - 19)
@@ -1914,7 +1914,7 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey,
     return status;
 }
 
-/* LSByte first of Ed25519 parameter l = 2^252 + 
+/* LSByte first of Ed25519 parameter l = 2^252 +
  *   27742317777372353535851937790883648493 */
 static const uint8_t l_coefEdDSA[] = {
     0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7,

+ 1 - 1
wolfcrypt/src/port/nxp/se050_port.c

@@ -266,7 +266,7 @@ int se050_hash_copy(SE050_HASH_Context* src, SE050_HASH_Context* dst)
 
 int se050_hash_update(SE050_HASH_Context* se050Ctx, const byte* data, word32 len)
 {
-	byte* tmp = NULL;
+        byte* tmp = NULL;
 
     if (se050Ctx == NULL || (len > 0 && data == NULL)) {
         return BAD_FUNC_ARG;

+ 1 - 1
wolfcrypt/src/port/pic32/pic32mz-crypt.c

@@ -365,7 +365,7 @@ static void reset_engine(int algo)
 static void update_engine(const byte *input, word32 len, word32 *hash)
 {
     int total;
-    
+
     gLHDesc.bd[gLHDesc.currBd].UPDPTR = KVA_TO_PA(hash);
 
     /* Add the data to the current buffer. If the buffer fills, start processing it

+ 1 - 1
wolfcrypt/src/port/st/stsafe.c

@@ -539,7 +539,7 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
                 &otherKeyY[0], (word32*)&otherKeyY_len);
             if (rc == 0) {
                 /* Compute shared secret */
-            	*info->pk.ecdh.outlen = 0;
+                *info->pk.ecdh.outlen = 0;
                 rc = stsafe_interface_shared_secret(
         #ifdef WOLFSSL_STSAFE_TAKES_SLOT
                     STSAFE_A_SLOT_0,

+ 2 - 2
wolfcrypt/src/port/ti/ti-hash.c

@@ -203,7 +203,7 @@ WOLFSSL_API int wc_Md5GetHash(Md5* md5, byte* hash)
 
 WOLFSSL_API int wc_Md5Copy(Md5* src, Md5* dst)
 {
-	return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
+        return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
 }
 
 WOLFSSL_API int wc_Md5Hash(const byte*data, word32 len, byte* hash)
@@ -249,7 +249,7 @@ WOLFSSL_API int wc_ShaGetHash(Sha* sha, byte* hash)
 
 WOLFSSL_API int wc_ShaCopy(Sha* src, Sha* dst)
 {
-	return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
+        return hashCopy((wolfssl_TI_Hash *)src, (wolfssl_TI_Hash *)dst);
 }
 
 WOLFSSL_API int wc_ShaHash(const byte*data, word32 len, byte* hash)

+ 3 - 3
wolfcrypt/src/port/xilinx/xil-aesgcm.c

@@ -87,9 +87,9 @@ static WC_INLINE int aligned_xmalloc(byte** buf, byte** aligned, void* heap, wor
 
 static WC_INLINE void aligned_xfree(void* buf, void* heap)
 {
-	if (buf == NULL)
-		return;
-	XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
+        if (buf == NULL)
+                return;
+        XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
 }
 
 static WC_INLINE int check_keysize(word32 len)

+ 1 - 1
wolfcrypt/src/port/xilinx/xil-versal-glue.c

@@ -78,7 +78,7 @@ int wc_InitXsecure(wc_Xsecure* xsec)
 /**
    Convert Xilinx specific error to string
 
-   err	The error to convert
+   err  The error to convert
 
    Returns a pointer to a string (always, never returns NULL).
  */

+ 3 - 3
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h

@@ -200,7 +200,7 @@ enum {
 **   Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED.
 **
 ** NO_ESP_MP_MUL_EVEN_ALT_CALC
-**   Used during Z = X × Y mod M
+**   Used during Z = X * Y mod M
 **   By default, even moduli use a two step HW esp_mp_mul with SW mp_mod.
 **   Enable this to instead fall back to pure software mp_mulmod.
 **
@@ -820,8 +820,8 @@ extern "C"
     /* Non-FIFO read may not be needed in chip revision v3.0. */
     #define ESP_EM__READ_NON_FIFO_REG    {DPORT_SEQUENCE_REG_READ(0x3FF40078);}
 
-    /* When the CPU frequency is 160 MHz, add six �nop� between two consecutive
-    ** FIFO reads. When the CPU frequency is 240 MHz, add seven �nop� between
+    /* When the CPU frequency is 160 MHz, add six nops between two consecutive
+    ** FIFO reads. When the CPU frequency is 240 MHz, add seven nops between
     ** two consecutive FIFO reads.  See 3.16 */
     #if defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80)
         #define ESP_EM__3_16 { \

+ 2 - 2
wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h

@@ -123,7 +123,7 @@ WOLFSSL_LOCAL int     wc_fspsm_Open();
 WOLFSSL_LOCAL void    wc_fspsm_Close();
 WOLFSSL_LOCAL int     wc_fspsm_hw_lock();
 WOLFSSL_LOCAL void    wc_fspsm_hw_unlock( void );
-WOLFSSL_LOCAL int     wc_fspsm_usable(const struct WOLFSSL *ssl, 
+WOLFSSL_LOCAL int     wc_fspsm_usable(const struct WOLFSSL *ssl,
                                     uint8_t session_key_generated);
 
 typedef struct {
@@ -319,7 +319,7 @@ WOLFSSL_API int  FSPSM_CALLBACK_CTX_FUNC(struct WOLFSSL* ssl, void* user_ctx);
 WOLFSSL_API void FSPSM_INFORM_CERT_SIGN(const uint8_t *sign);
 
 
-#endif  /* WOLFSSL_RENESAS_FSPSM_TLS && 
+#endif  /* WOLFSSL_RENESAS_FSPSM_TLS &&
          * !WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY */
 
 typedef struct FSPSM_RSA_CTX {

+ 35 - 35
wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h

@@ -32,7 +32,7 @@
 
 #if defined(WOLFSSL_RENESAS_TSIP) || \
     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
-    #include "r_tsip_rx_if.h"    
+    #include "r_tsip_rx_if.h"
 #endif
 
 
@@ -93,7 +93,7 @@ typedef enum {
     #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
     TSIP_KEY_TYPE_RSA1024      = 3,
     #endif
-    
+
 } wolfssl_TSIP_KEY_TYPE;
 
 struct WOLFSSL;
@@ -101,11 +101,11 @@ struct KeyShareEntry;
 
 /*  MsgBag stands for message bag and acts as a buffer for holding plain text
  *  handshake messages exchanged between client and server.
- *  MsgBag was introduced as a workaround for the TSIP's limitation that TSIP 
+ *  MsgBag was introduced as a workaround for the TSIP's limitation that TSIP
  *  can not process multiple hash algorithms at the same time. If the
- *  limitation is resolved in a future TSIP, MsgBag should be removed.    
+ *  limitation is resolved in a future TSIP, MsgBag should be removed.
  *  The contents in this MsgBag is used for transcript hashing. The hash value
- *  is used for the key derivation and Finished-message. 
+ *  is used for the key derivation and Finished-message.
  *  The capacity of the MsgBag is defined as MSGBAG_SIZE and the actual
  *  size is 8KB. The size should be large enough to hold all the handshake
  *  messages including the server and client certificate messages.
@@ -121,9 +121,9 @@ typedef struct MsgBag
 } MsgBag;
 
 #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
- 
+
  typedef void* renesas_tsip_key;
- 
+
  /* flags Crypt Only */
  struct tsip_keyflgs_cryt {
     uint8_t aes256_key_set:1;
@@ -147,7 +147,7 @@ typedef struct TsipUserCtx {
 
     /* public key index for verification of RootCA cert */
     uint32_t                user_key_id;
-    
+
     /* WOLFSSL object associated with */
     struct WOLFSSL*         ssl;
     struct WOLFSSL_CTX*     ctx;
@@ -183,10 +183,10 @@ typedef struct TsipUserCtx {
 
     /* ECDHE pre-master secret */
     tsip_tls13_ephemeral_shared_secret_key_index_t     sharedSecret13Idx;
-    
+
     /* Handshake secret for Tls13 handshake */
     tsip_tls13_ephemeral_handshake_secret_key_index_t  handshakeSecret13Idx;
-    
+
     /* the key to decrypt server-finished message */
     tsip_tls13_ephemeral_server_finished_key_index_t   serverFinished13Idx;
 
@@ -226,12 +226,12 @@ typedef struct TsipUserCtx {
     /* signature data area for TLS1.3 CertificateVerify message  */
     byte                             sigDataCertVerify[TSIP_TLS_MAX_SIGDATA_SZ];
 
-    
+
 #if (WOLFSSL_RENESAS_TSIP_VER >=109)
     /* out from R_SCE_TLS_ServerKeyExchangeVerify */
     uint32_t encrypted_ephemeral_ecdh_public_key[ENCRYPTED_ECDHE_PUBKEY_SZ];
-    
-    /* ephemeral ECDH pubkey index 
+
+    /* ephemeral ECDH pubkey index
      * got from R_TSIP_GenerateTlsP256EccKeyIndex.
      * Input to R_TSIP_TlsGeneratePreMasterSecretWithEccP256Key.
      */
@@ -251,33 +251,33 @@ typedef struct TsipUserCtx {
 #endif /* WOLFSSL_RENESAS_TSIP_TLS */
 /* for tsip crypt only mode */
 #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
-    
+
     renesas_tsip_key    rsa1024pri_keyIdx;
     renesas_tsip_key    rsa1024pub_keyIdx;
     renesas_tsip_key    rsa2048pri_keyIdx;
     renesas_tsip_key    rsa2048pub_keyIdx;
-    
+
     /* sign/verify hash type :
      * md5, sha1 or sha256
      */
     int sing_hash_type;
-    
+
     /* flags shows status if tsip keys are installed */
     union {
         uint8_t chr;
         struct tsip_keyflgs_cryt bits;
     } keyflgs_crypt;
-    
+
 #endif
     /* installed key handling */
     tsip_aes_key_index_t user_aes256_key_index;
     uint8_t user_aes256_key_set:1;
     tsip_aes_key_index_t user_aes128_key_index;
     uint8_t user_aes128_key_set:1;
-    
+
     /* TSIP defined cipher suite number */
     uint32_t    tsip_cipher;
-    
+
     /* flags */
 #ifdef WOLFSSL_RENESAS_TSIP_TLS
     #if !defined(NO_RSA)
@@ -315,7 +315,7 @@ typedef TsipUserCtx user_PKCbInfo;
 
 typedef struct
 {
-    TsipUserCtx* userCtx; 
+    TsipUserCtx* userCtx;
 } TsipPKCbInfo;
 
 
@@ -387,12 +387,12 @@ WOLFSSL_API void tsip_inform_user_keys_ex(
     byte*       provisioning_key,   /* key got from DLM server */
     byte*       iv,                 /* iv used for public key  */
     byte*       encrypted_public_key,/*RSA2048 or ECDSAp256 public key*/
-    word32      public_key_type);   /* 0: RSA-2048 2:ECDSA P-256 */    
+    word32      public_key_type);   /* 0: RSA-2048 2:ECDSA P-256 */
 
 #else
 
 WOLFSSL_API void tsip_inform_user_keys(
-    byte*       encrypted_session_key, 
+    byte*       encrypted_session_key,
     byte*       iv,
     byte*       encrypted_user_tls_key);
 
@@ -404,7 +404,7 @@ WOLFSSL_API void tsip_inform_user_keys(
 WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc);
 
 WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
-                        WOLFSSL* ssl, 
+                        WOLFSSL* ssl,
                         unsigned char* sig, unsigned int sigSz,
                         unsigned char** out,
                         const unsigned char* keyDer, unsigned int keySz,
@@ -427,7 +427,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash,
 
 WOLFSSL_LOCAL int tsip_Tls13GetHmacMessages(struct WOLFSSL* ssl, byte* mac);
 
-WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(struct WOLFSSL* ssl, 
+WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(struct WOLFSSL* ssl,
                                                 struct KeyShareEntry* kse);
 
 WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
@@ -466,13 +466,13 @@ WOLFSSL_LOCAL int tsip_Tls13VerifyHandshake(struct WOLFSSL* ssl,
                                                const byte* input, byte* hash,
                                                word32* pHashSz);
 
-WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(struct WOLFSSL* ssl, 
+WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(struct WOLFSSL* ssl,
                                     byte* output, const byte* input, word16 sz);
 
 WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(struct WOLFSSL* ssl,
                                     byte* output, const byte* input, word16 sz);
 
-WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl, 
+WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
                                             const byte* input, word32* inOutIdx,
                                             word32 totalSz);
 
@@ -483,7 +483,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(struct WOLFSSL*ssl);
 
 
 #if (WOLFSSL_RENESAS_TSIP_VER >=109)
-WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, struct wc_CryptoInfo* info, 
+WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, struct wc_CryptoInfo* info,
                                                                     void* ctx);
 WOLFSSL_LOCAL int wc_tsip_generateMasterSecretEx(
         byte        cipherSuiteFirst,
@@ -530,7 +530,7 @@ WOLFSSL_LOCAL int wc_tsip_RsaVerify(
         void* ctx);
 
 WOLFSSL_LOCAL int wc_tsip_EccVerify(
-        WOLFSSL*  ssl, 
+        WOLFSSL*  ssl,
         const byte* sig,    word32  sigSz,
         const byte* hash,   word32  hashSz,
         const byte* key,    word32  keySz,
@@ -553,7 +553,7 @@ WOLFSSL_LOCAL int wc_tsip_AesCbcDecrypt(
         byte*       out,
         const byte* in,
         word32      sz);
- 
+
 WOLFSSL_LOCAL int wc_tsip_AesGcmEncrypt(
         Aes* aes, byte* out,
         const byte* in, word32 sz,
@@ -561,7 +561,7 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmEncrypt(
               byte* authTag, word32 authTagSz,
         const byte* authIn, word32 authInSz,
         void* ctx);
-            
+
 WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
         Aes* aes, byte* out,
         const byte* in, word32 sz,
@@ -572,17 +572,17 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
 #endif /* NO_AES */
 WOLFSSL_LOCAL int wc_tsip_ShaXHmacVerify(
         const WOLFSSL *ssl,
-        const byte* message, 
+        const byte* message,
         word32      messageSz,
         word32      macSz,
         word32      content);
 
 WOLFSSL_LOCAL int wc_tsip_Sha1HmacGenerate(
         const WOLFSSL *ssl,
-        const byte* myInner, 
+        const byte* myInner,
         word32      innerSz,
         const byte* in,
-        word32      sz, 
+        word32      sz,
         byte*       digest);
 
 WOLFSSL_LOCAL int wc_tsip_Sha256HmacGenerate(
@@ -605,7 +605,7 @@ WOLFSSL_LOCAL int  tsip_usable(const WOLFSSL *ssl,
                                 uint8_t session_key_generated);
 
 WOLFSSL_LOCAL void tsip_inform_sflash_signedcacert(
-        const byte* ps_flash, 
+        const byte* ps_flash,
         const byte* psigned_ca_cert,
             word32  len);
 
@@ -636,7 +636,7 @@ WOLFSSL_LOCAL int  wc_tsip_generateSessionKey(
         int             devId);
 
 WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx);
-WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, 
+WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info,
                                                 TsipUserCtx* tuc);
 
 WOLFSSL_LOCAL int  wc_tsip_GenerateRandBlock(byte* output, word32 size);

+ 6 - 6
wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h

@@ -36,12 +36,12 @@ WOLFSSL_LOCAL int Renesas_cmn_EccSignCb(WOLFSSL* ssl,
                                 const unsigned char* keyDer, unsigned int keySz,
                                 void* ctx);
 WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(WOLFSSL* ssl, void* ctx);
-WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl, 
+WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl,
                                 byte *premaster, word32 preSz, void* ctx);
-WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in, 
+WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in,
        unsigned int inSz, unsigned char* out, word32* outSz,
        const unsigned char* keyDer, unsigned int keySz, void* ctx);
-WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message, 
+WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message,
                     word32 messageSz, word32 macSz, word32 content, void* ctx);
 WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
         unsigned int sigSz, const unsigned char* hash, unsigned int hashSz,
@@ -55,7 +55,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
                                 unsigned char** out,
                                 const unsigned char* keyDer, unsigned int keySz,
                                 void* ctx);
-                                
+
 WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in,
              word32 sz, int padSz, int content, int verify, int epochOrder);
 WOLFSSL_LOCAL int Renesas_cmn_usable(const WOLFSSL *ssl, byte seskey_gennerated);
@@ -71,8 +71,8 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigne
 WOLFSSL_LOCAL void* Renesas_cmn_GetCbCtxBydevId(int devId);
 int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx);
 void wc_CryptoCb_CleanupRenesasCmn(int* id);
-int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, 
-        word32 key_n_start, word32 key_n_len, word32 key_e_start, 
+int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
+        word32 key_n_start, word32 key_n_len, word32 key_e_start,
         word32 key_e_len, word32 cm_row);
 WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl);
 WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx);

+ 2 - 2
wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h

@@ -19,7 +19,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
- 
+
 #ifndef __RENESAS_TSIP_TYPES_H__
 #define __RENESAS_TSIP_TYPES_H__
 
@@ -48,7 +48,7 @@ typedef struct {
 #if defined(WOLF_CRYPTO_CB)
     word32 flags;
     int devId;
-#endif    
+#endif
 } wolfssl_TSIP_Hash;
 
 /* RAW hash function APIs are not implemented with TSIP */

+ 4 - 4
wolfssl/wolfcrypt/port/caam/wolfcaam.h

@@ -36,7 +36,7 @@
 
 #if defined(WOLFSSL_IMX6_CAAM) || defined(WOLFSSL_IMX6_CAAM_RNG) || \
     defined(WOLFSSL_QNX_CAAM) || defined(WOLFSSL_SECO_CAAM) || \
-	defined(WOLFSSL_IMXRT1170_CAAM)
+        defined(WOLFSSL_IMXRT1170_CAAM)
 
 
 /* unique devId for CAAM use on crypto callbacks */
@@ -75,9 +75,9 @@ WOLFSSL_LOCAL int caamWriteToPartition(CAAM_ADDRESS addr, const unsigned char* i
 WOLFSSL_LOCAL int caamReadPartition(CAAM_ADDRESS addr, unsigned char* out, int outSz);
 
 WOLFSSL_API int wc_caamOpenBlob(byte* data, word32 dataSz, byte* out,
-	word32* outSz);
+        word32* outSz);
 WOLFSSL_API int wc_caamCreateBlob(byte* data, word32 dataSz, byte* out,
-	word32* outSz);
+        word32* outSz);
 
 WOLFSSL_API int wc_caamOpenBlob_ex(byte* data, word32 dataSz, byte* out,
         word32* outSz, int type, byte* mod, word32 modSz);
@@ -97,7 +97,7 @@ WOLFSSL_API int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz,
 #define WC_CAAM_MAX_ENTROPY 44
 
 #if !defined(WOLFSSL_QNX_CAAM) && !defined(WOLFSSL_SECO_CAAM) && \
-	!defined(WOLFSSL_IMXRT1170_CAAM)
+        !defined(WOLFSSL_IMXRT1170_CAAM)
     WOLFSSL_API int wc_caamSetResource(IODevice ioDev);
     #ifndef WC_CAAM_READ
         #define WC_CAAM_READ(reg)      wc_caamReadRegister((reg))

+ 1 - 1
wolfssl/wolfcrypt/port/liboqs/liboqs.h

@@ -43,7 +43,7 @@ implementations for Post-Quantum cryptography algorithms.
 #if defined(HAVE_LIBOQS)
 
 #include "oqs/oqs.h"
-    
+
 
 int wolfSSL_liboqsInit(void);
 

+ 37 - 37
wolfssl/wolfcrypt/port/nxp/ksdk_port.h

@@ -34,13 +34,13 @@ int ksdk_port_init(void);
 
 /* software algorithm, by wolfcrypt */
 #if defined(FREESCALE_LTC_TFM)
-	int wolfcrypt_mp_mul(mp_int *A, mp_int *B, mp_int *C);
-	int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c);
-	int wolfcrypt_mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-	int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c);
-	int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c);
-	int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y);
-	int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng);
+        int wolfcrypt_mp_mul(mp_int *A, mp_int *B, mp_int *C);
+        int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c);
+        int wolfcrypt_mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
+        int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c);
+        int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c);
+        int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y);
+        int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng);
 
     /* Exported mp_mulmod function */
     int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
@@ -48,40 +48,40 @@ int ksdk_port_init(void);
 #endif /* FREESCALE_LTC_TFM */
 
 #if defined(FREESCALE_LTC_ECC)
-	#include "fsl_ltc.h"
+        #include "fsl_ltc.h"
 
-	typedef enum _fsl_ltc_ecc_coordinate_system
-	{
-	    kLTC_Weierstrass = 0U, /*< Point coordinates on an elliptic curve in Weierstrass form */
-	    kLTC_Curve25519 = 1U,  /*< Point coordinates on an Curve25519 elliptic curve in Montgomery form */
-	    kLTC_Ed25519 = 2U,     /*< Point coordinates on an Ed25519 elliptic curve in twisted Edwards form */
-	} fsl_ltc_ecc_coordinate_system_t;
+        typedef enum _fsl_ltc_ecc_coordinate_system
+        {
+            kLTC_Weierstrass = 0U, /*< Point coordinates on an elliptic curve in Weierstrass form */
+            kLTC_Curve25519 = 1U,  /*< Point coordinates on an Curve25519 elliptic curve in Montgomery form */
+            kLTC_Ed25519 = 2U,     /*< Point coordinates on an Ed25519 elliptic curve in twisted Edwards form */
+        } fsl_ltc_ecc_coordinate_system_t;
 
-	int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m);
+        int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m);
 
-	#ifdef HAVE_CURVE25519
-		int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
-		const ECPoint *nxp_ltc_curve25519_GetBasePoint(void);
-		status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
-		status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
-		status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint);
-	#endif
+        #ifdef HAVE_CURVE25519
+                int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type);
+                const ECPoint *nxp_ltc_curve25519_GetBasePoint(void);
+                status_t LTC_PKHA_Curve25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
+                status_t LTC_PKHA_WeierstrassToCurve25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
+                status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint);
+        #endif
 
-	#ifdef HAVE_ED25519
-		status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
-		status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
-		status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn,
-		                                   const uint8_t *N,
-		                                   size_t sizeN,
-		                                   ltc_pkha_ecc_point_t *ltcPointOut,
-		                                   fsl_ltc_ecc_coordinate_system_t typeOut);
-		const ltc_pkha_ecc_point_t *LTC_PKHA_Ed25519_BasePoint(void);
-		status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySize, ltc_pkha_ecc_point_t *ltcPointOut);
-		status_t LTC_PKHA_sc_reduce(uint8_t *a);
-		status_t LTC_PKHA_sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, const uint8_t *c);
-		status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, const unsigned char *b, ed25519_key *key);
-		status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn, uint8_t *p);
-	#endif
+        #ifdef HAVE_ED25519
+                status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
+                status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, ltc_pkha_ecc_point_t *ltcPointOut);
+                status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn,
+                                                   const uint8_t *N,
+                                                   size_t sizeN,
+                                                   ltc_pkha_ecc_point_t *ltcPointOut,
+                                                   fsl_ltc_ecc_coordinate_system_t typeOut);
+                const ltc_pkha_ecc_point_t *LTC_PKHA_Ed25519_BasePoint(void);
+                status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, size_t pubKeySize, ltc_pkha_ecc_point_t *ltcPointOut);
+                status_t LTC_PKHA_sc_reduce(uint8_t *a);
+                status_t LTC_PKHA_sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, const uint8_t *c);
+                status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, const unsigned char *b, ed25519_key *key);
+                status_t LTC_PKHA_Ed25519_Compress(const ltc_pkha_ecc_point_t *ltcPointIn, uint8_t *p);
+        #endif
 
 #endif /* FREESCALE_LTC_ECC */