Fix hard coded values in TSIP ECC verify. Fix issues with tab indentation and spelling.

IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h

@@ -584,7 +584,7 @@ Turn on timer debugging (used when CPU cycles not available)
     #define WOLFSSL_BASE16
 #else
     #if defined(USE_CERT_BUFFERS_2048)
-    	/* Be sure to include in app when using example certs: */
+        /* Be sure to include in app when using example certs: */
         /* #include <wolfssl/certs_test.h>                     */
         #define CTX_CA_CERT          ca_cert_der_2048
         #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
@@ -605,7 +605,7 @@ Turn on timer debugging (used when CPU cycles not available)
         #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
 
     #elif defined(USE_CERT_BUFFERS_1024)
-    	/* Be sure to include in app when using example certs: */
+        /* Be sure to include in app when using example certs: */
         /* #include <wolfssl/certs_test.h>                     */
         #define CTX_CA_CERT          ca_cert_der_1024
         #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_1024

IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h

@@ -705,7 +705,7 @@ Turn on timer debugging (used when CPU cycles not available)
     #define WOLFSSL_BASE16
 #else
     #if defined(USE_CERT_BUFFERS_2048)
-    	/* Be sure to include in app when using example certs: */
+        /* Be sure to include in app when using example certs: */
         /* #include <wolfssl/certs_test.h>                     */
         #define CTX_CA_CERT          ca_cert_der_2048
         #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
@@ -726,7 +726,7 @@ Turn on timer debugging (used when CPU cycles not available)
         #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
 
     #elif defined(USE_CERT_BUFFERS_1024)
-    	/* Be sure to include in app when using example certs: */
+        /* Be sure to include in app when using example certs: */
         /* #include <wolfssl/certs_test.h>                     */
         #define CTX_CA_CERT          ca_cert_der_1024
         #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_1024

IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h

@@ -132,7 +132,7 @@
 #define WOLFSSL_SHA384
 
 #if defined(CONFIG_IDF_TARGET_ESP8266)
-	/* Some known low-memory devices have features not enabled by default. */
+    /* Some known low-memory devices have features not enabled by default. */
 #else
     /* when you want to use SHA512 */
     #define WOLFSSL_SHA512
@@ -140,7 +140,7 @@
     /* when you want to use SHA3 */
     #define WOLFSSL_SHA3
 
-	/* ED25519 requires SHA512 */
+    /* ED25519 requires SHA512 */
     #define HAVE_ED25519
 
     #define HAVE_ECC

IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h

@@ -705,7 +705,7 @@ Turn on timer debugging (used when CPU cycles not available)
     #define WOLFSSL_BASE16
 #else
     #if defined(USE_CERT_BUFFERS_2048)
-    	/* Be sure to include in app when using example certs: */
+        /* Be sure to include in app when using example certs: */
         /* #include <wolfssl/certs_test.h>                     */
         #define CTX_CA_CERT          ca_cert_der_2048
         #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
@@ -726,7 +726,7 @@ Turn on timer debugging (used when CPU cycles not available)
         #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
 
     #elif defined(USE_CERT_BUFFERS_1024)
-    	/* Be sure to include in app when using example certs: */
+        /* Be sure to include in app when using example certs: */
         /* #include <wolfssl/certs_test.h>                     */
         #define CTX_CA_CERT          ca_cert_der_1024
         #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_1024

IDE/GCC-ARM/Header/user_settings.h

@@ -250,10 +250,10 @@ extern "C" {
 /* AES */
 #undef NO_AES
 #if 1
-	#undef  HAVE_AES_CBC
-	#define HAVE_AES_CBC
+    #undef  HAVE_AES_CBC
+    #define HAVE_AES_CBC
 
-	#undef  HAVE_AESGCM
+    #undef  HAVE_AESGCM
     #define HAVE_AESGCM
 
     /* GCM Method: GCM_SMALL, GCM_WORD32 or GCM_TABLE */

IDE/HEXAGON/user_settings.h

@@ -13,25 +13,25 @@
 #define USE_FAST_MATH
 #define TFM_TIMING_RESISTANT
 #ifdef HAVE_ECC
-	#define ECC_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
 #endif
 #ifndef NO_RSA
-	#define WC_RSA_BLINDING
+    #define WC_RSA_BLINDING
 #endif
 
 #if 1
-	#define WOLFSSL_HAVE_SP_RSA
-	#define WOLFSSL_HAVE_SP_ECC
-	#define WOLFSSL_SP_MATH
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_ECC
+    #define WOLFSSL_SP_MATH
 
-	#if 1
-		/* ARM NEON instructions */
-		#define WOLFSSL_SP_ARM64_ASM
-	#endif
-	#if 1
-		/* Use DSP */
-		#define WOLFSSL_DSP
-	#endif
+    #if 1
+        /* ARM NEON instructions */
+        #define WOLFSSL_SP_ARM64_ASM
+    #endif
+    #if 1
+        /* Use DSP */
+        #define WOLFSSL_DSP
+    #endif
 #endif
 
 #endif

IDE/M68K/README.md

@@ -34,7 +34,7 @@ BUILD_C
 RSA 2048 public 7.619 ops/sec
 RSA 2048 private 0.276 ops/sec
 
-###Building testwolfcryt/benchmark
+###Building testwolfcrypt/benchmark
 To build either testwolfcrypt or benchmark first build wolfssl.a, place it in
 $(NBROOT)/lib and then cd into the respective directory. Running "make" will
 then create a .s19 application that can be ran on the board.

IDE/MCUEXPRESSO/RT1170/user_settings.h

@@ -53,7 +53,7 @@
 /* using the RTC */
 //#define NO_ASN_TIME
 #ifndef NO_ASN_TIME
-	#define FREESCALE_SNVS_RTC
+    #define FREESCALE_SNVS_RTC
 #endif
 
 #define NO_CRYPT_TEST
@@ -64,19 +64,19 @@
     #include <stdarg.h>
     static void myPrintf(const char* fmt, ...)
     {
-	    int ret;
-	    char line[150];
-	    va_list ap;
+        int ret;
+        char line[150];
+        va_list ap;
 
-	    va_start(ap, fmt);
-	    ret = vsnprintf(line, sizeof(line), fmt, ap);
-	    line[sizeof(line)-1] = '\0';
+        va_start(ap, fmt);
+        ret = vsnprintf(line, sizeof(line), fmt, ap);
+        line[sizeof(line)-1] = '\0';
 
-	    DbgConsole_Printf("%s", line);
+        DbgConsole_Printf("%s", line);
 
-	    /* add CR on newlines */
-	    if (ret > 0 && line[ret-1] == '\n') {
-	        DbgConsole_Printf("\r");
+        /* add CR on newlines */
+        if (ret > 0 && line[ret-1] == '\n') {
+            DbgConsole_Printf("\r");
         }
     }
     #define XPRINTF myPrintf

IDE/MCUEXPRESSO/user_settings.h

@@ -40,19 +40,19 @@
     #include <stdarg.h>
     static void myPrintf(const char* fmt, ...)
     {
-	    int ret;
-	    char line[150];
-	    va_list ap;
+        int ret;
+        char line[150];
+        va_list ap;
 
-	    va_start(ap, fmt);
-	    ret = vsnprintf(line, sizeof(line), fmt, ap);
-	    line[sizeof(line)-1] = '\0';
+        va_start(ap, fmt);
+        ret = vsnprintf(line, sizeof(line), fmt, ap);
+        line[sizeof(line)-1] = '\0';
 
-	    DbgConsole_Printf("%s", line);
+        DbgConsole_Printf("%s", line);
 
-	    /* add CR on newlines */
-	    if (ret > 0 && line[ret-1] == '\n') {
-	        DbgConsole_Printf("\r");
+        /* add CR on newlines */
+        if (ret > 0 && line[ret-1] == '\n') {
+            DbgConsole_Printf("\r");
         }
     }
     #define XPRINTF myPrintf
@@ -70,9 +70,9 @@
 #define USE_FAST_MATH
 #ifdef USE_FAST_MATH
     /* big enough for even 4096 bit RSA key */
-	#define FP_MAX_BITS 8192
-	#define TFM_TIMING_RESISTANT
-	#define ECC_TIMING_RESISTANT
+    #define FP_MAX_BITS 8192
+    #define TFM_TIMING_RESISTANT
+    #define ECC_TIMING_RESISTANT
     #define ALT_ECC_SIZE
 #endif
 

IDE/MDK-ARM/MDK-ARM/wolfSSL/wolfssl_MDK_ARM.h

@@ -78,7 +78,7 @@ typedef int socklen_t ;
 #define tcp_listen      wolfssl_tcp_listen
 #define tcp_select     wolfssl_tcp_select
 
-extern int wolfssl_connect(int sd,  const  struct sockaddr* sa, 	int sz) ;
+extern int wolfssl_connect(int sd,  const  struct sockaddr* sa, int sz) ;
 extern int wolfssl_accept(int sd, struct sockaddr*addr, socklen_t *addrlen);
 extern int wolfssl_recv(int sd, void *buf, size_t len, int flags);
 extern int wolfssl_send(int sd, const void *buf, size_t len, int flags);

IDE/MSVS-2019-AZSPHERE/user_settings.h

@@ -31,9 +31,9 @@
     #ifndef SERVER_IP
         #define SERVER_IP "192.168.1.200" /* Local Test Server IP */
     #endif
-	#ifndef DEFAULT_PORT
-		#define DEFAULT_PORT 11111
-	#endif
+    #ifndef DEFAULT_PORT
+        #define DEFAULT_PORT 11111
+    #endif
     #define CERT         ca_cert_der_2048
     #define SIZEOF_CERT  sizeof_ca_cert_der_2048
     static const char msg[] = "Are you listening wolfSSL Server?";
@@ -41,9 +41,9 @@
     #ifndef SERVER_IP
         #define SERVER_IP "www.wolfssl.com"
     #endif
-	#ifndef DEFAULT_PORT
-		#define DEFAULT_PORT 443
-	#endif
+    #ifndef DEFAULT_PORT
+        #define DEFAULT_PORT 443
+    #endif
     #define CERT         wolfssl_website_root_ca
     #define SIZEOF_CERT  sizeof_wolfssl_website_root_ca
     static const char msg[] = "GET /index.html HTTP/1.1\r\n\r\n";

IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h

@@ -245,7 +245,7 @@
      */
     #define WOLFSSL_RENESAS_TSIP_TLS
 
-	#if !defined(NO_RENESAS_TSIP_CRYPT)
+    #if !defined(NO_RENESAS_TSIP_CRYPT)
         #define HAVE_PK_CALLBACKS
         #define WOLF_CRYPTO_CB
         #if defined(WOLFSSL_RENESAS_TSIP_TLS)

IDE/STM32Cube/wolfssl_example.h

@@ -27,7 +27,7 @@
 #endif
 
 #ifndef WOLFSSL_USER_SETTINGS
-	#include <wolfssl/options.h>
+    #include <wolfssl/options.h>
 #endif
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>

IDE/VS-AZURE-SPHERE/user_settings.h

@@ -7,9 +7,9 @@
     #ifndef SERVER_IP
         #define SERVER_IP "192.168.1.200" /* Local Test Server IP */
     #endif
-	#ifndef DEFAULT_PORT
-		#define DEFAULT_PORT 11111
-	#endif
+    #ifndef DEFAULT_PORT
+        #define DEFAULT_PORT 11111
+    #endif
     #define CERT         ca_cert_der_2048
     #define SIZEOF_CERT  sizeof_ca_cert_der_2048
     static const char msg[] = "Are you listening wolfSSL Server?";
@@ -17,9 +17,9 @@
     #ifndef SERVER_IP
         #define SERVER_IP "www.wolfssl.com"
     #endif
-	#ifndef DEFAULT_PORT
-		#define DEFAULT_PORT 443
-	#endif
+    #ifndef DEFAULT_PORT
+        #define DEFAULT_PORT 443
+    #endif
     #define CERT         wolfssl_website_root_ca
     #define SIZEOF_CERT  sizeof_wolfssl_website_root_ca
     static const char msg[] = "GET /index.html HTTP/1.1\r\n\r\n";

IDE/iotsafe/devices.h

@@ -95,8 +95,8 @@
 #define FLASH_ACR_LATENCY_MASK (0x03)
 
 /* RCC: Periph enable flags */
-#define USART1_APB2_CLOCK_ER_VAL 	(1 << 14)
-#define USART2_APB1_CLOCK_ER_VAL 	(1 << 17)
+#define USART1_APB2_CLOCK_ER_VAL    (1 << 14)
+#define USART2_APB1_CLOCK_ER_VAL    (1 << 17)
 #define PWR_APB1_CLOCK_ER_VAL       (1 << 28)
 #define GPIOA_AHB2_CLOCK_ER_VAL     (1 << 0)
 #define GPIOB_AHB2_CLOCK_ER_VAL     (1 << 1)
@@ -208,11 +208,11 @@
 #define SYSTICK_CALIB   (*(volatile uint32_t *)(SYSTICK_BASE + 0x0C))
 
 
-/* STMod+ connector pinout 
+/* STMod+ connector pinout
  *
  * Connector            STM32L4
  * pins                 pins
- * 
+ *
  * 1      11            PG11    PH2
  * 2      12            PB6     PB2
  * 3      13            PG10    PA4
@@ -243,7 +243,7 @@ void stmod_modem_disable(void);
 /* inline functions for GPIO */
 static inline void gpio_set(uint32_t port, uint32_t pin)
 {
-    GPIO_BSSR(port) |= (1 << pin);   
+    GPIO_BSSR(port) |= (1 << pin);
 }
 
 static inline void gpio_clear(uint32_t port, uint32_t pin)

mqx/wolfssl_client/Sources/main.h

@@ -15,7 +15,7 @@
 
 #include <wolfssl/ssl.h>
 
-#define MAIN_TASK 	1
+#define MAIN_TASK 1
 
 extern void Main_task(uint32_t);
 extern void setup_ethernet(void);
@@ -34,10 +34,10 @@ static inline void err_sys(const char* msg)
         _mqx_exit(1);
 }
 
-/* PPP device must be set manually and 
+/* PPP device must be set manually and
  * must be different from the default IO channel (BSP_DEFAULT_IO_CHANNEL)
  */
-#define PPP_DEVICE      "ittyb:" 
+#define PPP_DEVICE      "ittyb:"
 
 /*
  * Define PPP_DEVICE_DUN only when using PPP to communicate
@@ -54,7 +54,7 @@ static inline void err_sys(const char* msg)
     #define ENET_IPMASK   IPADDR(255,255,255,0)
 #endif
 
-#define GATE_IPADDR		  IPADDR(192,168,1,1)
+#define GATE_IPADDR       IPADDR(192,168,1,1)
 
 #endif /* __main_h_ */
 

wolfcrypt/src/port/Renesas/renesas_tsip_util.c

@@ -2672,6 +2672,7 @@ WOLFSSL_LOCAL int tsip_Open(void)
         if (ret != TSIP_SUCCESS) {
             WOLFSSL_MSG("RENESAS TSIP Open failed");
         }
+
     #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
 
@@ -2698,11 +2699,13 @@ WOLFSSL_LOCAL int tsip_Open(void)
                 if (ret != TSIP_SUCCESS) {
                     WOLFSSL_MSG("R_TSIP_(Re)Open: NG");
                 }
-                    /* init vars */
+
+                /* init vars */
                 g_CAscm_Idx = (uint32_t)-1;
             }
         }
     #endif
+
 #elif defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=106)
 
         ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
@@ -2732,7 +2735,8 @@ WOLFSSL_LOCAL int tsip_Open(void)
                 if (ret != TSIP_SUCCESS) {
                     WOLFSSL_MSG("R_TSIP_(Re)Open failed");
                 }
-                 /* init vars */
+
+                /* init vars */
                 g_CAscm_Idx = (uint32_t)-1;
             }
         }
@@ -4037,7 +4041,7 @@ WOLFSSL_LOCAL int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
     tsip_ecdsa_byte_data_t hashData, sigData;
     /* hard coding largest digest size, since WC_MAX_DIGEST_SZ could be 32
      * if using SHA2-256 with ECDSA SECP384R1 */
-    uint8_t hash[48];
+    uint8_t hash[TSIP_MAX_ECC_BYTES];
 
     WOLFSSL_ENTER("tsip_VerifyEcdsa");
 
@@ -4053,6 +4057,7 @@ WOLFSSL_LOCAL int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
     }
 
     if (ret == 0) {
+        int curveSz = info->pk.eccverify.key->dp->size;
         hashData.pdata      = (uint8_t*)hash;
         hashData.data_type  = tuc->keyflgs_crypt.bits.message_type;
         sigData.pdata       = (uint8_t*)info->pk.eccverify.sig;
@@ -4063,8 +4068,9 @@ WOLFSSL_LOCAL int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
             #if !defined(NO_ECC256)
                 case TSIP_KEY_TYPE_ECDSAP256:
                     /* zero pad or truncate */
-                    hashData.data_length = tsip_HashPad(32, hash,
-                        info->pk.eccverify.hash, info->pk.eccverify.hashlen);
+                    hashData.data_length = tsip_HashPad(curveSz,
+                        hash, info->pk.eccverify.hash,
+                        info->pk.eccverify.hashlen);
 
                     err = R_TSIP_EcdsaP256SignatureVerification(&sigData,
                         &hashData, &tuc->eccpub_keyIdx);
@@ -4081,8 +4087,9 @@ WOLFSSL_LOCAL int tsip_VerifyEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
             #if defined(HAVE_ECC384)
                 case TSIP_KEY_TYPE_ECDSAP384:
                     /* zero pad or truncate */
-                    hashData.data_length = tsip_HashPad(48, hash,
-                        info->pk.eccverify.hash, info->pk.eccverify.hashlen);
+                    hashData.data_length = tsip_HashPad(curveSz,
+                        hash, info->pk.eccverify.hash,
+                        info->pk.eccverify.hashlen);
 
                     err = R_TSIP_EcdsaP384SignatureVerification(&sigData,
                         &hashData, &tuc->eccpub_keyIdx);

wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h

@@ -31,7 +31,7 @@
 
     #define FSPSM_W_KEYVAR          renesas_sce_wrappedkey
     #define FSPSM_tls_flg_ST        sce_keyflgs_tls
-    #define FSPSM_key_flg_ST        sce_keyflgs_cryt
+    #define FSPSM_key_flg_ST        sce_keyflgs_crypt
     #define FSPSM_tag_ST            tagUser_SCEPKCbInfo
     #define FSPSM_ST                User_SCEPKCbInfo
     #define FSPSM_ST_PKC            SCE_PKCbInfo
@@ -171,7 +171,7 @@
     /* structure, type so on */
     #define FSPSM_W_KEYVAR          renesas_rsip_wrappedkey
     #define FSPSM_tls_flg_ST        rsip_keyflgs_tls
-    #define FSPSM_key_flg_ST        rsip_keyflgs_cryt
+    #define FSPSM_key_flg_ST        rsip_keyflgs_crypt
     #define FSPSM_tag_ST            tagUser_RSIPPKCbInfo
     #define FSPSM_ST                User_RSIPPKCbInfo
     #define FSPSM_ST_PKC            RSIP_PKCbInfo

wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h

@@ -59,7 +59,7 @@ extern "C" {
 typedef enum {
     WOLFSSL_TSIP_NOERROR = 0,
     WOLFSSL_TSIP_ILLEGAL_CIPHERSUITE = 0xffffffff,
-}wolfssl_tsip_error_number;
+} wolfssl_tsip_error_number;
 
 typedef enum {
     tsip_Key_SESSION = 1,
@@ -92,6 +92,8 @@ enum {
     TSIP_TLS_VERIFY_DATA_WD_SZ = 8,
     TSIP_TLS_MAX_SIGDATA_SZ    = 130,
     TSIP_TEMP_WORK_SIZE        = 128,
+
+    TSIP_MAX_ECC_BYTES         = 48,
 };
 
 typedef enum {
@@ -133,7 +135,7 @@ typedef struct MsgBag
 
 #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
 /* flags Crypt Only */
-struct tsip_keyflgs_cryt {
+struct tsip_keyflgs_crypt {
     uint32_t aes256_key_set:1;
     uint32_t aes128_key_set:1;
     uint32_t rsapri2048_key_set:1;
@@ -319,7 +321,7 @@ typedef struct TsipUserCtx {
     /* flags shows status if tsip keys are installed */
     union {
         uint32_t chr;
-        struct tsip_keyflgs_cryt bits;
+        struct tsip_keyflgs_crypt bits;
     } keyflgs_crypt;
 #endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */