Documentation and code comment cleanups:

* Update documentation for signing with `--no-sign`, as the key argument should not be supplied.
* Recommend `make keysclean` instead of distclean on keys mismatch.
* Renesas headings/readme link and white-space.

README.md

@@ -280,8 +280,8 @@ USE_LOCAL_WOLFSSL=/usr/local pip3 install .
 
 2. Key algorithm mismatch:
 
-The error `Key algorithm mismatch. Remove old keys via 'make distclean'` indicates the current `.config` `SIGN` algorithm does not match what is in the generated `src/keystore.c` file.
-Use `make keysclean` or `make distclean` to delete keys and regenerate.
+The error `Key algorithm mismatch. Remove old keys via 'make keysclean'` indicates the current `.config` `SIGN` algorithm does not match what is in the generated `src/keystore.c` file.
+Use `make keysclean` to delete keys and regenerate.
 
 
 ## Release Notes

docs/Signing.md

@@ -100,8 +100,8 @@ file is in this format.
 file is in this format.
 
   * `--no-sign` Disable secure boot signature verification. No signature
-    verification is performed in the bootloader, and the KEY.DER argument is
-    ignored.
+    verification is performed in the bootloader, and the KEY.DER argument should
+    not be supplied.
 
 #### Hash digest options
 

docs/Targets.md

@@ -1515,7 +1515,9 @@ make test-sim-internal-flash-with-update
 # it should print 2
 ./wolfboot.elf success get_version
 ```
-## renesas-rx72n
+
+
+## Renesas RX72N
 
 This example for `Renesas RX72N` demonstrates simple secure firmware update by wolfBoot. A sample application v1 is
 securely updated to v2. Both versions behave the same except displaying its version of v1 or v2.
@@ -1543,9 +1545,10 @@ Flash Allocation:
 
 ```
 
-Detailed steps can be found at [Readme](../IDE/Renesas/e2studio/RX72N/Readme.md).
+Detailed steps can be found at [Readme.md](../IDE/Renesas/e2studio/RX72N/Readme.md).
 
-## renesas-ra6m4
+
+## Renesas RA6M4
 
 This example for `Renesas RA6M4` demonstrates a simple secure firmware update by wolfBoot. A sample application v1 is
 securely updated to v2. Both versions behave the same except displaying its version of v1 or v2.
@@ -1571,7 +1574,7 @@ Flash Allocation:
 0x000F0000: Swap sector
 ```
 
-Detailed steps can be found at [Readme](../IDE/Renesas/e2studio/RA6M4/Readme.md).
+Detailed steps can be found at [Readme.md](../IDE/Renesas/e2studio/RA6M4/Readme.md).
 
 
 ## Intel x86_64 with Intel FSP support

include/loader.h

@@ -74,6 +74,7 @@ void wolfBoot_start(void);
 
 #if defined(ARCH_ARM) && defined(WOLFBOOT_ARMORED)
 
+/* attempt to jump 5 times to self, causing loop that cannot be glitched past */
 #define wolfBoot_panic() \
     asm volatile("b ."); \
     asm volatile("b .-2"); \

tools/keytools/keygen.c

@@ -111,7 +111,7 @@ const char Cfile_Banner[]="/* Keystore file for wolfBoot, automatically generate
              #endif
              "#ifdef WOLFBOOT_NO_SIGN\n\t#define NUM_PUBKEYS 0\n#else\n\n"
              "#if (KEYSTORE_PUBKEY_SIZE != KEYSTORE_PUBKEY_SIZE_%s)\n\t"
-             "#error Key algorithm mismatch. Remove old keys via 'make distclean'\n"
+             "#error Key algorithm mismatch. Remove old keys via 'make keysclean'\n"
              "#else\n";
 
 const char Store_hdr[] = "#define NUM_PUBKEYS %d\nconst struct keystore_slot PubKeys[NUM_PUBKEYS] = {\n\n";

tools/keytools/keygen.py

@@ -139,7 +139,7 @@ Cfile_Banner="/* Keystore file for wolfBoot, automatically generated. Do not edi
              "\n#include <stdint.h>\n#include \"wolfboot/wolfboot.h\"\n" \
              "#ifdef WOLFBOOT_NO_SIGN\n\t#define NUM_PUBKEYS 0\n#else\n\n" \
              "#if (KEYSTORE_PUBKEY_SIZE != KEYSTORE_PUBKEY_SIZE_%s)\n\t" \
-             "#error Key algorithm mismatch. Remove old keys via 'make distclean'\n" \
+             "#error Key algorithm mismatch. Remove old keys via 'make keysclean'\n" \
              "#else\n"