mbedtls: Update to upstream version 2.28.3

Rediff patch from PR 1453, lstrlenW is no longer used upstream so
that part of the patch was dropped.

thirdparty/README.md

@@ -365,7 +365,7 @@ Files extracted from upstream source:
 ## mbedtls
 
 - Upstream: https://github.com/Mbed-TLS/mbedtls
-- Version: 2.18.2 (89f040a5c938985c5f30728baed21e49d0846a53, 2022)
+- Version: 2.18.3 (981743de6fcdbe672e482b6fd724d31d0a0d2476, 2023)
 - License: Apache 2.0
 
 File extracted from upstream release tarball:
@@ -373,7 +373,7 @@ File extracted from upstream release tarball:
 - All `*.h` from `include/mbedtls/` to `thirdparty/mbedtls/include/mbedtls/` except `config_psa.h` and `psa_util.h`.
 - All `*.c` and `*.h` from `library/` to `thirdparty/mbedtls/library/` except those starting with `psa_*`.
 - The `LICENSE` file.
-- Applied the patch in `patches/1453.diff` (upstream PR:
+- Applied the patch in `patches/1453.diff` to fix UWP build (upstream PR:
   https://github.com/ARMmbed/mbedtls/pull/1453).
   Applied the patch in `patches/windows-arm64-hardclock.diff`
 - Added 2 files `godot_core_mbedtls_platform.c` and `godot_core_mbedtls_config.h`

thirdparty/mbedtls/include/mbedtls/aes.h

@@ -72,7 +72,7 @@
 /** AES hardware accelerator failed. */
 #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED                   -0x0025
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -88,8 +88,7 @@ extern "C" {
 /**
  * \brief The AES context-type definition.
  */
-typedef struct mbedtls_aes_context
-{
+typedef struct mbedtls_aes_context {
     int nr;                     /*!< The number of rounds. */
     uint32_t *rk;               /*!< AES round keys. */
     uint32_t buf[68];           /*!< Unaligned data buffer. This buffer can
@@ -107,8 +106,7 @@ mbedtls_aes_context;
 /**
  * \brief The AES XTS context-type definition.
  */
-typedef struct mbedtls_aes_xts_context
-{
+typedef struct mbedtls_aes_xts_context {
     mbedtls_aes_context crypt; /*!< The AES context to use for AES block
                                         encryption or decryption. */
     mbedtls_aes_context tweak; /*!< The AES context used for tweak
@@ -128,7 +126,7 @@ typedef struct mbedtls_aes_xts_context
  *
  * \param ctx      The AES context to initialize. This must not be \c NULL.
  */
-void mbedtls_aes_init( mbedtls_aes_context *ctx );
+void mbedtls_aes_init(mbedtls_aes_context *ctx);
 
 /**
  * \brief          This function releases and clears the specified AES context.
@@ -137,7 +135,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx );
  *                 If this is \c NULL, this function does nothing.
  *                 Otherwise, the context must have been at least initialized.
  */
-void mbedtls_aes_free( mbedtls_aes_context *ctx );
+void mbedtls_aes_free(mbedtls_aes_context *ctx);
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
 /**
@@ -148,7 +146,7 @@ void mbedtls_aes_free( mbedtls_aes_context *ctx );
  *
  * \param ctx      The AES XTS context to initialize. This must not be \c NULL.
  */
-void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
+void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
 
 /**
  * \brief          This function releases and clears the specified AES XTS context.
@@ -157,7 +155,7 @@ void mbedtls_aes_xts_init( mbedtls_aes_xts_context *ctx );
  *                 If this is \c NULL, this function does nothing.
  *                 Otherwise, the context must have been at least initialized.
  */
-void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
+void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
 
 /**
@@ -176,8 +174,8 @@ void mbedtls_aes_xts_free( mbedtls_aes_xts_context *ctx );
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
-                    unsigned int keybits );
+int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
+                           unsigned int keybits);
 
 /**
  * \brief          This function sets the decryption key.
@@ -195,8 +193,8 @@ int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
-                    unsigned int keybits );
+int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
+                           unsigned int keybits);
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
 /**
@@ -216,9 +214,9 @@ int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
-                                const unsigned char *key,
-                                unsigned int keybits );
+int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
+                               const unsigned char *key,
+                               unsigned int keybits);
 
 /**
  * \brief          This function prepares an XTS context for decryption and
@@ -237,9 +235,9 @@ int mbedtls_aes_xts_setkey_enc( mbedtls_aes_xts_context *ctx,
  * \return         #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
-                                const unsigned char *key,
-                                unsigned int keybits );
+int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
+                               const unsigned char *key,
+                               unsigned int keybits);
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
 
 /**
@@ -266,10 +264,10 @@ int mbedtls_aes_xts_setkey_dec( mbedtls_aes_xts_context *ctx,
  * \return         \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
-                    int mode,
-                    const unsigned char input[16],
-                    unsigned char output[16] );
+int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
+                          int mode,
+                          const unsigned char input[16],
+                          unsigned char output[16]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -314,12 +312,12 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
  *                 on failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output );
+int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
+                          int mode,
+                          size_t length,
+                          unsigned char iv[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
@@ -359,12 +357,12 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
  *                     length is larger than 2^20 blocks (16 MiB).
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
-                           int mode,
-                           size_t length,
-                           const unsigned char data_unit[16],
-                           const unsigned char *input,
-                           unsigned char *output );
+int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
+                          int mode,
+                          size_t length,
+                          const unsigned char data_unit[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_XTS */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -408,13 +406,13 @@ int mbedtls_aes_crypt_xts( mbedtls_aes_xts_context *ctx,
  * \return         \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
+                             int mode,
+                             size_t length,
+                             size_t *iv_off,
+                             unsigned char iv[16],
+                             const unsigned char *input,
+                             unsigned char *output);
 
 /**
  * \brief This function performs an AES-CFB8 encryption or decryption
@@ -453,12 +451,12 @@ int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
  * \return         \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output );
+int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[16],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /*MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_OFB)
@@ -508,12 +506,12 @@ int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
  * \return         \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
+                          size_t length,
+                          size_t *iv_off,
+                          unsigned char iv[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 
 #endif /* MBEDTLS_CIPHER_MODE_OFB */
 
@@ -591,13 +589,13 @@ int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
  * \return                 \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
+                          size_t length,
+                          size_t *nc_off,
+                          unsigned char nonce_counter[16],
+                          unsigned char stream_block[16],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 /**
@@ -612,9 +610,9 @@ int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
  * \return          \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
-                                  const unsigned char input[16],
-                                  unsigned char output[16] );
+int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16]);
 
 /**
  * \brief           Internal AES block decryption function. This is only
@@ -628,9 +626,9 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
  * \return          \c 0 on success.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
-                                  const unsigned char input[16],
-                                  unsigned char output[16] );
+int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
+                                 const unsigned char input[16],
+                                 unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -648,9 +646,9 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
  * \param input     Plaintext block.
  * \param output    Output (ciphertext) block.
  */
-MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
-                                             const unsigned char input[16],
-                                             unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
+                                            const unsigned char input[16],
+                                            unsigned char output[16]);
 
 /**
  * \brief           Deprecated internal AES block decryption function
@@ -662,9 +660,9 @@ MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
  * \param input     Ciphertext block.
  * \param output    Output (plaintext) block.
  */
-MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
-                                             const unsigned char input[16],
-                                             unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
+                                            const unsigned char input[16],
+                                            unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -678,7 +676,7 @@ MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
  * \return         \c 1 on failure.
  */
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_aes_self_test( int verbose );
+int mbedtls_aes_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/aesni.h

@@ -36,13 +36,49 @@
 #define MBEDTLS_AESNI_AES      0x02000000u
 #define MBEDTLS_AESNI_CLMUL    0x00000002u
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) &&  \
-    ( defined(__amd64__) || defined(__x86_64__) )   &&  \
-    ! defined(MBEDTLS_HAVE_X86_64)
+/* Can we do AESNI with inline assembly?
+ * (Only implemented with gas syntax, only for 64-bit.)
+ */
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+    (defined(__amd64__) || defined(__x86_64__))   &&  \
+    !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
 #endif
 
+#if defined(MBEDTLS_AESNI_C)
+
+/* Can we do AESNI with intrinsics?
+ * (Only implemented with certain compilers, only for certain targets.)
+ *
+ * NOTE: MBEDTLS_AESNI_HAVE_INTRINSICS and MBEDTLS_AESNI_HAVE_CODE are internal
+ *       macros that may change in future releases.
+ */
+#undef MBEDTLS_AESNI_HAVE_INTRINSICS
+#if defined(_MSC_VER)
+/* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support
+ * VS 2013 and up for other reasons anyway, so no need to check the version. */
+#define MBEDTLS_AESNI_HAVE_INTRINSICS
+#endif
+/* GCC-like compilers: currently, we only support intrinsics if the requisite
+ * target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2`
+ * or `clang -maes -mpclmul`). */
+#if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__)
+#define MBEDTLS_AESNI_HAVE_INTRINSICS
+#endif
+
+/* Choose the implementation of AESNI, if one is available. */
+#undef MBEDTLS_AESNI_HAVE_CODE
+/* To minimize disruption when releasing the intrinsics-based implementation,
+ * favor the assembly-based implementation if it's available. We intend to
+ * revise this in a later release of Mbed TLS 3.x. In the long run, we will
+ * likely remove the assembly implementation. */
 #if defined(MBEDTLS_HAVE_X86_64)
+#define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
+#elif defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
+#define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
+#endif
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
 
 #ifdef __cplusplus
 extern "C" {
@@ -59,7 +95,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-int mbedtls_aesni_has_support( unsigned int what );
+int mbedtls_aesni_has_support(unsigned int what);
 
 /**
  * \brief          Internal AES-NI AES-ECB block encryption and decryption
@@ -74,10 +110,10 @@ int mbedtls_aesni_has_support( unsigned int what );
  *
  * \return         0 on success (cannot fail)
  */
-int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
-                             int mode,
-                             const unsigned char input[16],
-                             unsigned char output[16] );
+int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
+                            int mode,
+                            const unsigned char input[16],
+                            unsigned char output[16]);
 
 /**
  * \brief          Internal GCM multiplication: c = a * b in GF(2^128)
@@ -92,9 +128,9 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
  * \note           Both operands and result are bit strings interpreted as
  *                 elements of GF(2^128) as per the GCM spec.
  */
-void mbedtls_aesni_gcm_mult( unsigned char c[16],
-                             const unsigned char a[16],
-                             const unsigned char b[16] );
+void mbedtls_aesni_gcm_mult(unsigned char c[16],
+                            const unsigned char a[16],
+                            const unsigned char b[16]);
 
 /**
  * \brief           Internal round key inversion. This function computes
@@ -107,9 +143,9 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
  * \param fwdkey    Original round keys (for encryption)
  * \param nr        Number of rounds (that is, number of round keys minus one)
  */
-void mbedtls_aesni_inverse_key( unsigned char *invkey,
-                                const unsigned char *fwdkey,
-                                int nr );
+void mbedtls_aesni_inverse_key(unsigned char *invkey,
+                               const unsigned char *fwdkey,
+                               int nr);
 
 /**
  * \brief           Internal key expansion for encryption
@@ -123,14 +159,15 @@ void mbedtls_aesni_inverse_key( unsigned char *invkey,
  *
  * \return          0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
  */
-int mbedtls_aesni_setkey_enc( unsigned char *rk,
-                              const unsigned char *key,
-                              size_t bits );
+int mbedtls_aesni_setkey_enc(unsigned char *rk,
+                             const unsigned char *key,
+                             size_t bits);
 
 #ifdef __cplusplus
 }
 #endif
 
-#endif /* MBEDTLS_HAVE_X86_64 */
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
+#endif  /* MBEDTLS_AESNI_C */
 
 #endif /* MBEDTLS_AESNI_H */

thirdparty/mbedtls/include/mbedtls/arc4.h

@@ -53,8 +53,7 @@ extern "C" {
  *            security risk. We recommend considering stronger ciphers instead.
  *
  */
-typedef struct mbedtls_arc4_context
-{
+typedef struct mbedtls_arc4_context {
     int x;                      /*!< permutation index */
     int y;                      /*!< permutation index */
     unsigned char m[256];       /*!< permutation table */
@@ -75,7 +74,7 @@ mbedtls_arc4_context;
  *                 instead.
  *
  */
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
+void mbedtls_arc4_init(mbedtls_arc4_context *ctx);
 
 /**
  * \brief          Clear ARC4 context
@@ -87,7 +86,7 @@ void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
  *                 instead.
  *
  */
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
+void mbedtls_arc4_free(mbedtls_arc4_context *ctx);
 
 /**
  * \brief          ARC4 key schedule
@@ -101,8 +100,8 @@ void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
  *                 instead.
  *
  */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
-                 unsigned int keylen );
+void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key,
+                        unsigned int keylen);
 
 /**
  * \brief          ARC4 cipher function
@@ -119,8 +118,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
  *                 instead.
  *
  */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
-                unsigned char *output );
+int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
+                       unsigned char *output);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -134,7 +133,7 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned
  *                 instead.
  *
  */
-int mbedtls_arc4_self_test( int verbose );
+int mbedtls_arc4_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/aria.h

@@ -48,7 +48,7 @@
 #define MBEDTLS_ARIA_MAX_KEYSIZE 32 /**< Maximum size of an ARIA key in bytes. */
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x005C )
+#define MBEDTLS_ERR_ARIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x005C)
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 /** Bad input data. */
 #define MBEDTLS_ERR_ARIA_BAD_INPUT_DATA -0x005C
@@ -76,8 +76,7 @@ extern "C" {
 /**
  * \brief The ARIA context-type definition.
  */
-typedef struct mbedtls_aria_context
-{
+typedef struct mbedtls_aria_context {
     unsigned char nr;           /*!< The number of rounds (12, 14 or 16) */
     /*! The ARIA round keys. */
     uint32_t rk[MBEDTLS_ARIA_MAX_ROUNDS + 1][MBEDTLS_ARIA_BLOCKSIZE / 4];
@@ -96,7 +95,7 @@ mbedtls_aria_context;
  *
  * \param ctx      The ARIA context to initialize. This must not be \c NULL.
  */
-void mbedtls_aria_init( mbedtls_aria_context *ctx );
+void mbedtls_aria_init(mbedtls_aria_context *ctx);
 
 /**
  * \brief          This function releases and clears the specified ARIA context.
@@ -105,7 +104,7 @@ void mbedtls_aria_init( mbedtls_aria_context *ctx );
  *                 case this function returns immediately. If it is not \c NULL,
  *                 it must point to an initialized ARIA context.
  */
-void mbedtls_aria_free( mbedtls_aria_context *ctx );
+void mbedtls_aria_free(mbedtls_aria_context *ctx);
 
 /**
  * \brief          This function sets the encryption key.
@@ -122,9 +121,9 @@ void mbedtls_aria_free( mbedtls_aria_context *ctx );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
-                             const unsigned char *key,
-                             unsigned int keybits );
+int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
+                            const unsigned char *key,
+                            unsigned int keybits);
 
 /**
  * \brief          This function sets the decryption key.
@@ -141,9 +140,9 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
-                             const unsigned char *key,
-                             unsigned int keybits );
+int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
+                            const unsigned char *key,
+                            unsigned int keybits);
 
 /**
  * \brief          This function performs an ARIA single-block encryption or
@@ -165,9 +164,9 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
-                            const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] );
+int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
+                           const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char output[MBEDTLS_ARIA_BLOCKSIZE]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -211,12 +210,12 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
-                            int mode,
-                            size_t length,
-                            unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output );
+int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -261,13 +260,13 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
-                               int mode,
-                               size_t length,
-                               size_t *iv_off,
-                               unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                               const unsigned char *input,
-                               unsigned char *output );
+int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
+                              int mode,
+                              size_t length,
+                              size_t *iv_off,
+                              unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                              const unsigned char *input,
+                              unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -348,13 +347,13 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
  * \return                 \c 0 on success.
  * \return                 A negative error code on failure.
  */
-int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
-                            size_t length,
-                            size_t *nc_off,
-                            unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output );
+int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
+                           size_t length,
+                           size_t *nc_off,
+                           unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -363,7 +362,7 @@ int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
  *
  * \return         \c 0 on success, or \c 1 on failure.
  */
-int mbedtls_aria_self_test( int verbose );
+int mbedtls_aria_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/asn1.h

@@ -97,15 +97,15 @@
 
 /* Slightly smaller way to check if tag is a string tag
  * compared to canonical implementation. */
-#define MBEDTLS_ASN1_IS_STRING_TAG( tag )                                     \
-    ( ( tag ) < 32u && (                                                      \
-        ( ( 1u << ( tag ) ) & ( ( 1u << MBEDTLS_ASN1_BMP_STRING )       |     \
-                                ( 1u << MBEDTLS_ASN1_UTF8_STRING )      |     \
-                                ( 1u << MBEDTLS_ASN1_T61_STRING )       |     \
-                                ( 1u << MBEDTLS_ASN1_IA5_STRING )       |     \
-                                ( 1u << MBEDTLS_ASN1_UNIVERSAL_STRING ) |     \
-                                ( 1u << MBEDTLS_ASN1_PRINTABLE_STRING ) |     \
-                                ( 1u << MBEDTLS_ASN1_BIT_STRING ) ) ) != 0 ) )
+#define MBEDTLS_ASN1_IS_STRING_TAG(tag)                                     \
+    ((tag) < 32u && (                                                      \
+         ((1u << (tag)) & ((1u << MBEDTLS_ASN1_BMP_STRING)       |     \
+                           (1u << MBEDTLS_ASN1_UTF8_STRING)      |     \
+                           (1u << MBEDTLS_ASN1_T61_STRING)       |     \
+                           (1u << MBEDTLS_ASN1_IA5_STRING)       |     \
+                           (1u << MBEDTLS_ASN1_UNIVERSAL_STRING) |     \
+                           (1u << MBEDTLS_ASN1_PRINTABLE_STRING) |     \
+                           (1u << MBEDTLS_ASN1_BIT_STRING))) != 0))
 
 /*
  * Bit masks for each of the components of an ASN.1 tag as specified in
@@ -133,12 +133,12 @@
  * 'unsigned char *oid' here!
  */
 #define MBEDTLS_OID_CMP(oid_str, oid_buf)                                   \
-        ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) ||                \
-          memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 )
+    ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len) ||                \
+     memcmp((oid_str), (oid_buf)->p, (oid_buf)->len) != 0)
 
 #define MBEDTLS_OID_CMP_RAW(oid_str, oid_buf, oid_buf_len)              \
-        ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len) ) ||             \
-          memcmp( (oid_str), (oid_buf), (oid_buf_len) ) != 0 )
+    ((MBEDTLS_OID_SIZE(oid_str) != (oid_buf_len)) ||             \
+     memcmp((oid_str), (oid_buf), (oid_buf_len)) != 0)
 
 #ifdef __cplusplus
 extern "C" {
@@ -152,8 +152,7 @@ extern "C" {
 /**
  * Type-length-value structure that allows for ASN1 using DER.
  */
-typedef struct mbedtls_asn1_buf
-{
+typedef struct mbedtls_asn1_buf {
     int tag;                /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
     size_t len;             /**< ASN1 length, in octets. */
     unsigned char *p;       /**< ASN1 data, e.g. in ASCII. */
@@ -163,8 +162,7 @@ mbedtls_asn1_buf;
 /**
  * Container for ASN1 bit strings.
  */
-typedef struct mbedtls_asn1_bitstring
-{
+typedef struct mbedtls_asn1_bitstring {
     size_t len;                 /**< ASN1 length, in octets. */
     unsigned char unused_bits;  /**< Number of unused bits at the end of the string */
     unsigned char *p;           /**< Raw ASN1 data for the bit string */
@@ -174,8 +172,7 @@ mbedtls_asn1_bitstring;
 /**
  * Container for a sequence of ASN.1 items
  */
-typedef struct mbedtls_asn1_sequence
-{
+typedef struct mbedtls_asn1_sequence {
     mbedtls_asn1_buf buf;                   /**< Buffer containing the given ASN.1 item. */
     struct mbedtls_asn1_sequence *next;    /**< The next entry in the sequence. */
 }
@@ -184,8 +181,7 @@ mbedtls_asn1_sequence;
 /**
  * Container for a sequence or list of 'named' ASN.1 data items
  */
-typedef struct mbedtls_asn1_named_data
-{
+typedef struct mbedtls_asn1_named_data {
     mbedtls_asn1_buf oid;                   /**< The object identifier. */
     mbedtls_asn1_buf val;                   /**< The named value. */
     struct mbedtls_asn1_named_data *next;  /**< The next entry in the sequence. */
@@ -211,9 +207,9 @@ mbedtls_asn1_named_data;
  *              would end beyond \p end.
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
  */
-int mbedtls_asn1_get_len( unsigned char **p,
-                          const unsigned char *end,
-                          size_t *len );
+int mbedtls_asn1_get_len(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len);
 
 /**
  * \brief       Get the tag and length of the element.
@@ -236,9 +232,9 @@ int mbedtls_asn1_get_len( unsigned char **p,
  *              would end beyond \p end.
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the length is unparsable.
  */
-int mbedtls_asn1_get_tag( unsigned char **p,
-                          const unsigned char *end,
-                          size_t *len, int tag );
+int mbedtls_asn1_get_tag(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len, int tag);
 
 /**
  * \brief       Retrieve a boolean ASN.1 tag and its value.
@@ -255,9 +251,9 @@ int mbedtls_asn1_get_tag( unsigned char **p,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 BOOLEAN.
  */
-int mbedtls_asn1_get_bool( unsigned char **p,
-                           const unsigned char *end,
-                           int *val );
+int mbedtls_asn1_get_bool(unsigned char **p,
+                          const unsigned char *end,
+                          int *val);
 
 /**
  * \brief       Retrieve an integer ASN.1 tag and its value.
@@ -276,9 +272,9 @@ int mbedtls_asn1_get_bool( unsigned char **p,
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
  *              not fit in an \c int.
  */
-int mbedtls_asn1_get_int( unsigned char **p,
-                          const unsigned char *end,
-                          int *val );
+int mbedtls_asn1_get_int(unsigned char **p,
+                         const unsigned char *end,
+                         int *val);
 
 /**
  * \brief       Retrieve an enumerated ASN.1 tag and its value.
@@ -297,9 +293,9 @@ int mbedtls_asn1_get_int( unsigned char **p,
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
  *              not fit in an \c int.
  */
-int mbedtls_asn1_get_enum( unsigned char **p,
-                           const unsigned char *end,
-                           int *val );
+int mbedtls_asn1_get_enum(unsigned char **p,
+                          const unsigned char *end,
+                          int *val);
 
 /**
  * \brief       Retrieve a bitstring ASN.1 tag and its value.
@@ -318,8 +314,8 @@ int mbedtls_asn1_get_enum( unsigned char **p,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 BIT STRING.
  */
-int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
-                                mbedtls_asn1_bitstring *bs );
+int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
+                               mbedtls_asn1_bitstring *bs);
 
 /**
  * \brief       Retrieve a bitstring ASN.1 tag without unused bits and its
@@ -339,9 +335,9 @@ int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 BIT STRING.
  */
-int mbedtls_asn1_get_bitstring_null( unsigned char **p,
-                                     const unsigned char *end,
-                                     size_t *len );
+int mbedtls_asn1_get_bitstring_null(unsigned char **p,
+                                    const unsigned char *end,
+                                    size_t *len);
 
 /**
  * \brief       Parses and splits an ASN.1 "SEQUENCE OF <tag>".
@@ -390,10 +386,10 @@ int mbedtls_asn1_get_bitstring_null( unsigned char **p,
  * \return      An ASN.1 error code if the input does not start with
  *              a valid ASN.1 SEQUENCE.
  */
-int mbedtls_asn1_get_sequence_of( unsigned char **p,
-                                  const unsigned char *end,
-                                  mbedtls_asn1_sequence *cur,
-                                  int tag );
+int mbedtls_asn1_get_sequence_of(unsigned char **p,
+                                 const unsigned char *end,
+                                 mbedtls_asn1_sequence *cur,
+                                 int tag);
 /**
  * \brief          Free a heap-allocated linked list presentation of
  *                 an ASN.1 sequence, including the first element.
@@ -415,7 +411,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
  *                 be \c NULL, in which case this functions returns
  *                 immediately.
  */
-void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq );
+void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq);
 
 /**
  * \brief                Traverse an ASN.1 SEQUENCE container and
@@ -507,9 +503,9 @@ int mbedtls_asn1_traverse_sequence_of(
     const unsigned char *end,
     unsigned char tag_must_mask, unsigned char tag_must_val,
     unsigned char tag_may_mask, unsigned char tag_may_val,
-    int (*cb)( void *ctx, int tag,
-               unsigned char* start, size_t len ),
-    void *ctx );
+    int (*cb)(void *ctx, int tag,
+              unsigned char *start, size_t len),
+    void *ctx);
 
 #if defined(MBEDTLS_BIGNUM_C)
 /**
@@ -530,9 +526,9 @@ int mbedtls_asn1_traverse_sequence_of(
  *              not fit in an \c int.
  * \return      An MPI error code if the parsed value is too large.
  */
-int mbedtls_asn1_get_mpi( unsigned char **p,
-                          const unsigned char *end,
-                          mbedtls_mpi *X );
+int mbedtls_asn1_get_mpi(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_mpi *X);
 #endif /* MBEDTLS_BIGNUM_C */
 
 /**
@@ -551,9 +547,9 @@ int mbedtls_asn1_get_mpi( unsigned char **p,
  *
  * \return      0 if successful or a specific ASN.1 or MPI error code.
  */
-int mbedtls_asn1_get_alg( unsigned char **p,
-                  const unsigned char *end,
-                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
+int mbedtls_asn1_get_alg(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params);
 
 /**
  * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
@@ -570,9 +566,9 @@ int mbedtls_asn1_get_alg( unsigned char **p,
  *
  * \return      0 if successful or a specific ASN.1 or MPI error code.
  */
-int mbedtls_asn1_get_alg_null( unsigned char **p,
-                       const unsigned char *end,
-                       mbedtls_asn1_buf *alg );
+int mbedtls_asn1_get_alg_null(unsigned char **p,
+                              const unsigned char *end,
+                              mbedtls_asn1_buf *alg);
 
 /**
  * \brief       Find a specific named_data entry in a sequence or list based on
@@ -584,8 +580,8 @@ int mbedtls_asn1_get_alg_null( unsigned char **p,
  *
  * \return      NULL if not found, or a pointer to the existing entry.
  */
-mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
-                                       const char *oid, size_t len );
+mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list,
+                                                      const char *oid, size_t len);
 
 /**
  * \brief       Free a mbedtls_asn1_named_data entry
@@ -594,7 +590,7 @@ mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *
  *              This function calls mbedtls_free() on
  *              `entry->oid.p` and `entry->val.p`.
  */
-void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
+void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *entry);
 
 /**
  * \brief       Free all entries in a mbedtls_asn1_named_data list.
@@ -604,7 +600,7 @@ void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
  *              mbedtls_free() on each list element and
  *              sets \c *head to \c NULL.
  */
-void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
+void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head);
 
 /** \} name Functions to parse ASN.1 data structures */
 /** \} addtogroup asn1_module */

thirdparty/mbedtls/include/mbedtls/asn1write.h

@@ -33,11 +33,11 @@
 #define MBEDTLS_ASN1_CHK_ADD(g, f)                      \
     do                                                  \
     {                                                   \
-        if( ( ret = (f) ) < 0 )                         \
-            return( ret );                              \
+        if ((ret = (f)) < 0)                         \
+        return ret;                              \
         else                                            \
-            (g) += ret;                                 \
-    } while( 0 )
+        (g) += ret;                                 \
+    } while (0)
 
 #ifdef __cplusplus
 extern "C" {
@@ -55,8 +55,8 @@ extern "C" {
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start,
-                            size_t len );
+int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start,
+                           size_t len);
 /**
  * \brief           Write an ASN.1 tag in ASN.1 format.
  *
@@ -69,8 +69,8 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
-                            unsigned char tag );
+int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start,
+                           unsigned char tag);
 
 /**
  * \brief           Write raw buffer data.
@@ -85,8 +85,8 @@ int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
-                                   const unsigned char *buf, size_t size );
+int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start,
+                                  const unsigned char *buf, size_t size);
 
 #if defined(MBEDTLS_BIGNUM_C)
 /**
@@ -103,8 +103,8 @@ int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start,
-                            const mbedtls_mpi *X );
+int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start,
+                           const mbedtls_mpi *X);
 #endif /* MBEDTLS_BIGNUM_C */
 
 /**
@@ -119,7 +119,7 @@ int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
+int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start);
 
 /**
  * \brief           Write an OID tag (#MBEDTLS_ASN1_OID) and data
@@ -135,8 +135,8 @@ int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
-                            const char *oid, size_t oid_len );
+int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len);
 
 /**
  * \brief           Write an AlgorithmIdentifier sequence in ASN.1 format.
@@ -153,10 +153,10 @@ int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
-                                             unsigned char *start,
-                                             const char *oid, size_t oid_len,
-                                             size_t par_len );
+int mbedtls_asn1_write_algorithm_identifier(unsigned char **p,
+                                            unsigned char *start,
+                                            const char *oid, size_t oid_len,
+                                            size_t par_len);
 
 /**
  * \brief           Write a boolean tag (#MBEDTLS_ASN1_BOOLEAN) and value
@@ -171,8 +171,8 @@ int mbedtls_asn1_write_algorithm_identifier( unsigned char **p,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start,
-                             int boolean );
+int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start,
+                            int boolean);
 
 /**
  * \brief           Write an int tag (#MBEDTLS_ASN1_INTEGER) and value
@@ -188,7 +188,7 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
+int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val);
 
 /**
  * \brief           Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value
@@ -203,7 +203,7 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
  * \return          The number of bytes written to \p p on success.
  * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val );
+int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val);
 
 /**
  * \brief           Write a string in ASN.1 format using a specific
@@ -222,9 +222,9 @@ int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val );
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start,
-                                      int tag, const char *text,
-                                      size_t text_len );
+int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start,
+                                     int tag, const char *text,
+                                     size_t text_len);
 
 /**
  * \brief           Write a string in ASN.1 format using the PrintableString
@@ -241,9 +241,9 @@ int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_printable_string( unsigned char **p,
-                                         unsigned char *start,
-                                         const char *text, size_t text_len );
+int mbedtls_asn1_write_printable_string(unsigned char **p,
+                                        unsigned char *start,
+                                        const char *text, size_t text_len);
 
 /**
  * \brief           Write a UTF8 string in ASN.1 format using the UTF8String
@@ -260,8 +260,8 @@ int mbedtls_asn1_write_printable_string( unsigned char **p,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
-                                    const char *text, size_t text_len );
+int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start,
+                                   const char *text, size_t text_len);
 
 /**
  * \brief           Write a string in ASN.1 format using the IA5String
@@ -278,8 +278,8 @@ int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
-                                   const char *text, size_t text_len );
+int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start,
+                                  const char *text, size_t text_len);
 
 /**
  * \brief           Write a bitstring tag (#MBEDTLS_ASN1_BIT_STRING) and
@@ -295,8 +295,8 @@ int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
-                                  const unsigned char *buf, size_t bits );
+int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start,
+                                 const unsigned char *buf, size_t bits);
 
 /**
  * \brief           This function writes a named bitstring tag
@@ -315,10 +315,10 @@ int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_named_bitstring( unsigned char **p,
-                                        unsigned char *start,
-                                        const unsigned char *buf,
-                                        size_t bits );
+int mbedtls_asn1_write_named_bitstring(unsigned char **p,
+                                       unsigned char *start,
+                                       const unsigned char *buf,
+                                       size_t bits);
 
 /**
  * \brief           Write an octet string tag (#MBEDTLS_ASN1_OCTET_STRING)
@@ -334,8 +334,8 @@ int mbedtls_asn1_write_named_bitstring( unsigned char **p,
  * \return          The number of bytes written to \p p on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
-                                     const unsigned char *buf, size_t size );
+int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start,
+                                    const unsigned char *buf, size_t size);
 
 /**
  * \brief           Create or find a specific named_data entry for writing in a
@@ -358,10 +358,10 @@ int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
  * \return          A pointer to the new / existing entry on success.
  * \return          \c NULL if if there was a memory allocation error.
  */
-mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list,
-                                        const char *oid, size_t oid_len,
-                                        const unsigned char *val,
-                                        size_t val_len );
+mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(mbedtls_asn1_named_data **list,
+                                                       const char *oid, size_t oid_len,
+                                                       const unsigned char *val,
+                                                       size_t val_len);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/base64.h

@@ -58,8 +58,8 @@ extern "C" {
  * \note           Call this function with dlen = 0 to obtain the
  *                 required buffer size in *olen
  */
-int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen );
+int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen);
 
 /**
  * \brief          Decode a base64-formatted buffer
@@ -78,8 +78,8 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
  * \note           Call this function with *dst = NULL or dlen = 0 to obtain
  *                 the required buffer size in *olen
  */
-int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen );
+int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -87,7 +87,7 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_base64_self_test( int verbose );
+int mbedtls_base64_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/bignum.h

@@ -55,9 +55,9 @@
 #define MBEDTLS_MPI_CHK(f)       \
     do                           \
     {                            \
-        if( ( ret = (f) ) != 0 ) \
-            goto cleanup;        \
-    } while( 0 )
+        if ((ret = (f)) != 0) \
+        goto cleanup;        \
+    } while (0)
 
 /*
  * Maximum size MPIs are allowed to grow to in number of limbs.
@@ -66,7 +66,7 @@
 
 #if !defined(MBEDTLS_MPI_WINDOW_SIZE)
 /*
- * Maximum window size used for modular exponentiation. Default: 6
+ * Maximum window size used for modular exponentiation. Default: 2
  * Minimum value: 1. Maximum value: 6.
  *
  * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
@@ -74,7 +74,7 @@
  *
  * Reduction in size, reduces speed.
  */
-#define MBEDTLS_MPI_WINDOW_SIZE                           6        /**< Maximum window size used. */
+#define MBEDTLS_MPI_WINDOW_SIZE                           2        /**< Maximum window size used. */
 #endif /* !MBEDTLS_MPI_WINDOW_SIZE */
 
 #if !defined(MBEDTLS_MPI_MAX_SIZE)
@@ -88,7 +88,7 @@
 #define MBEDTLS_MPI_MAX_SIZE                              1024     /**< Maximum number of bytes for usable MPIs. */
 #endif /* !MBEDTLS_MPI_MAX_SIZE */
 
-#define MBEDTLS_MPI_MAX_BITS                              ( 8 * MBEDTLS_MPI_MAX_SIZE )    /**< Maximum number of bits for usable MPIs. */
+#define MBEDTLS_MPI_MAX_BITS                              (8 * MBEDTLS_MPI_MAX_SIZE)      /**< Maximum number of bits for usable MPIs. */
 
 /*
  * When reading from files with mbedtls_mpi_read_file() and writing to files with
@@ -108,9 +108,11 @@
  *  MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
  *                                LabelSize + 6
  */
-#define MBEDTLS_MPI_MAX_BITS_SCALE100          ( 100 * MBEDTLS_MPI_MAX_BITS )
+#define MBEDTLS_MPI_MAX_BITS_SCALE100          (100 * MBEDTLS_MPI_MAX_BITS)
 #define MBEDTLS_LN_2_DIV_LN_10_SCALE100                 332
-#define MBEDTLS_MPI_RW_BUFFER_SIZE             ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 )
+#define MBEDTLS_MPI_RW_BUFFER_SIZE             (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \
+                                                  MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \
+                                                 MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6)
 
 /*
  * Define the base integer type, architecture-wise.
@@ -124,60 +126,60 @@
  */
 #if !defined(MBEDTLS_HAVE_INT32)
     #if defined(_MSC_VER) && defined(_M_AMD64)
-        /* Always choose 64-bit when using MSC */
+/* Always choose 64-bit when using MSC */
         #if !defined(MBEDTLS_HAVE_INT64)
             #define MBEDTLS_HAVE_INT64
         #endif /* !MBEDTLS_HAVE_INT64 */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
     #elif defined(__GNUC__) && (                         \
-        defined(__amd64__) || defined(__x86_64__)     || \
-        defined(__ppc64__) || defined(__powerpc64__)  || \
-        defined(__ia64__)  || defined(__alpha__)      || \
-        ( defined(__sparc__) && defined(__arch64__) ) || \
-        defined(__s390x__) || defined(__mips64)       || \
-        defined(__aarch64__) )
+    defined(__amd64__) || defined(__x86_64__)     || \
+    defined(__ppc64__) || defined(__powerpc64__)  || \
+    defined(__ia64__)  || defined(__alpha__)      || \
+    (defined(__sparc__) && defined(__arch64__)) || \
+    defined(__s390x__) || defined(__mips64)       || \
+    defined(__aarch64__))
         #if !defined(MBEDTLS_HAVE_INT64)
             #define MBEDTLS_HAVE_INT64
         #endif /* MBEDTLS_HAVE_INT64 */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
         #if !defined(MBEDTLS_NO_UDBL_DIVISION)
-            /* mbedtls_t_udbl defined as 128-bit unsigned int */
-            typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
+/* mbedtls_t_udbl defined as 128-bit unsigned int */
+typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
             #define MBEDTLS_HAVE_UDBL
         #endif /* !MBEDTLS_NO_UDBL_DIVISION */
     #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
-        /*
-         * __ARMCC_VERSION is defined for both armcc and armclang and
-         * __aarch64__ is only defined by armclang when compiling 64-bit code
-         */
+/*
+ * __ARMCC_VERSION is defined for both armcc and armclang and
+ * __aarch64__ is only defined by armclang when compiling 64-bit code
+ */
         #if !defined(MBEDTLS_HAVE_INT64)
             #define MBEDTLS_HAVE_INT64
         #endif /* !MBEDTLS_HAVE_INT64 */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
         #if !defined(MBEDTLS_NO_UDBL_DIVISION)
-            /* mbedtls_t_udbl defined as 128-bit unsigned int */
-            typedef __uint128_t mbedtls_t_udbl;
+/* mbedtls_t_udbl defined as 128-bit unsigned int */
+typedef __uint128_t mbedtls_t_udbl;
             #define MBEDTLS_HAVE_UDBL
         #endif /* !MBEDTLS_NO_UDBL_DIVISION */
     #elif defined(MBEDTLS_HAVE_INT64)
-        /* Force 64-bit integers with unknown compiler */
-        typedef  int64_t mbedtls_mpi_sint;
-        typedef uint64_t mbedtls_mpi_uint;
+/* Force 64-bit integers with unknown compiler */
+typedef  int64_t mbedtls_mpi_sint;
+typedef uint64_t mbedtls_mpi_uint;
     #endif
 #endif /* !MBEDTLS_HAVE_INT32 */
 
 #if !defined(MBEDTLS_HAVE_INT64)
-    /* Default to 32-bit compilation */
+/* Default to 32-bit compilation */
     #if !defined(MBEDTLS_HAVE_INT32)
         #define MBEDTLS_HAVE_INT32
     #endif /* !MBEDTLS_HAVE_INT32 */
-    typedef  int32_t mbedtls_mpi_sint;
-    typedef uint32_t mbedtls_mpi_uint;
+typedef  int32_t mbedtls_mpi_sint;
+typedef uint32_t mbedtls_mpi_uint;
     #if !defined(MBEDTLS_NO_UDBL_DIVISION)
-        typedef uint64_t mbedtls_t_udbl;
+typedef uint64_t mbedtls_t_udbl;
         #define MBEDTLS_HAVE_UDBL
     #endif /* !MBEDTLS_NO_UDBL_DIVISION */
 #endif /* !MBEDTLS_HAVE_INT64 */
@@ -203,8 +205,7 @@ extern "C" {
 /**
  * \brief          MPI structure
  */
-typedef struct mbedtls_mpi
-{
+typedef struct mbedtls_mpi {
     /** Sign: -1 if the mpi is negative, 1 otherwise.
      *
      * The number 0 must be represented with `s = +1`. Although many library
@@ -237,7 +238,7 @@ mbedtls_mpi;
  *
  * \param X         The MPI context to initialize. This must not be \c NULL.
  */
-void mbedtls_mpi_init( mbedtls_mpi *X );
+void mbedtls_mpi_init(mbedtls_mpi *X);
 
 /**
  * \brief          This function frees the components of an MPI context.
@@ -246,7 +247,7 @@ void mbedtls_mpi_init( mbedtls_mpi *X );
  *                 in which case this function is a no-op. If it is
  *                 not \c NULL, it must point to an initialized MPI.
  */
-void mbedtls_mpi_free( mbedtls_mpi *X );
+void mbedtls_mpi_free(mbedtls_mpi *X);
 
 /**
  * \brief          Enlarge an MPI to the specified number of limbs.
@@ -261,7 +262,7 @@ void mbedtls_mpi_free( mbedtls_mpi *X );
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
+int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs);
 
 /**
  * \brief          This function resizes an MPI downwards, keeping at least the
@@ -278,7 +279,7 @@ int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
  *                 (this can only happen when resizing up).
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
+int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs);
 
 /**
  * \brief          Make a copy of an MPI.
@@ -293,7 +294,7 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
+int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y);
 
 /**
  * \brief          Swap the contents of two MPIs.
@@ -301,7 +302,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
  * \param X        The first MPI. It must be initialized.
  * \param Y        The second MPI. It must be initialized.
  */
-void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
+void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y);
 
 /**
  * \brief          Perform a safe conditional copy of MPI which doesn't
@@ -331,7 +332,7 @@ void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign );
+int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign);
 
 /**
  * \brief          Perform a safe conditional swap which doesn't
@@ -360,7 +361,7 @@ int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned
  * \return         Another negative error code on other kinds of failure.
  *
  */
-int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap );
+int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap);
 
 /**
  * \brief          Store integer value in MPI.
@@ -372,7 +373,7 @@ int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char sw
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
+int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z);
 
 /**
  * \brief          Get a specific bit from an MPI.
@@ -384,7 +385,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
  *                 of \c X is unset or set.
  * \return         A negative error code on failure.
  */
-int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
+int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos);
 
 /**
  * \brief          Modify a specific bit in an MPI.
@@ -401,7 +402,7 @@ int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
+int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val);
 
 /**
  * \brief          Return the number of bits of value \c 0 before the
@@ -415,7 +416,7 @@ int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
  * \return         The number of bits of value \c 0 before the least significant
  *                 bit of value \c 1 in \p X.
  */
-size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
+size_t mbedtls_mpi_lsb(const mbedtls_mpi *X);
 
 /**
  * \brief          Return the number of bits up to and including the most
@@ -429,7 +430,7 @@ size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
  * \return         The number of bits up to and including the most
  *                 significant bit of value \c 1.
  */
-size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
+size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X);
 
 /**
  * \brief          Return the total size of an MPI value in bytes.
@@ -444,7 +445,7 @@ size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
  * \return         The least number of bytes capable of storing
  *                 the absolute value of \p X.
  */
-size_t mbedtls_mpi_size( const mbedtls_mpi *X );
+size_t mbedtls_mpi_size(const mbedtls_mpi *X);
 
 /**
  * \brief          Import an MPI from an ASCII string.
@@ -456,7 +457,7 @@ size_t mbedtls_mpi_size( const mbedtls_mpi *X );
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
+int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s);
 
 /**
  * \brief          Export an MPI to an ASCII string.
@@ -480,8 +481,8 @@ int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
  *                 size of \p buf required for a successful call.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
-                              char *buf, size_t buflen, size_t *olen );
+int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
+                             char *buf, size_t buflen, size_t *olen);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -505,7 +506,7 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
  *                 is too small.
  * \return         Another negative error code on failure.
  */
-int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
+int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin);
 
 /**
  * \brief          Export an MPI into an opened file.
@@ -522,8 +523,8 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
-                            int radix, FILE *fout );
+int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
+                           int radix, FILE *fout);
 #endif /* MBEDTLS_FS_IO */
 
 /**
@@ -538,8 +539,8 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
-                             size_t buflen );
+int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
+                            size_t buflen);
 
 /**
  * \brief          Import X from unsigned binary data, little endian
@@ -553,8 +554,8 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
-                                const unsigned char *buf, size_t buflen );
+int mbedtls_mpi_read_binary_le(mbedtls_mpi *X,
+                               const unsigned char *buf, size_t buflen);
 
 /**
  * \brief          Export X into unsigned binary data, big endian.
@@ -571,8 +572,8 @@ int mbedtls_mpi_read_binary_le( mbedtls_mpi *X,
  *                 large enough to hold the value of \p X.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
-                              size_t buflen );
+int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf,
+                             size_t buflen);
 
 /**
  * \brief          Export X into unsigned binary data, little endian.
@@ -589,8 +590,8 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf,
  *                 large enough to hold the value of \p X.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
-                                 unsigned char *buf, size_t buflen );
+int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X,
+                                unsigned char *buf, size_t buflen);
 
 /**
  * \brief          Perform a left-shift on an MPI: X <<= count
@@ -602,7 +603,7 @@ int mbedtls_mpi_write_binary_le( const mbedtls_mpi *X,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
+int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count);
 
 /**
  * \brief          Perform a right-shift on an MPI: X >>= count
@@ -614,7 +615,7 @@ int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
+int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count);
 
 /**
  * \brief          Compare the absolute values of two MPIs.
@@ -626,7 +627,7 @@ int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
  * \return         \c -1 if `|X|` is lesser than `|Y|`.
  * \return         \c 0 if `|X|` is equal to `|Y|`.
  */
-int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
+int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y);
 
 /**
  * \brief          Compare two MPIs.
@@ -638,7 +639,7 @@ int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
  * \return         \c -1 if \p X is lesser than \p Y.
  * \return         \c 0 if \p X is equal to \p Y.
  */
-int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
+int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y);
 
 /**
  * \brief          Check if an MPI is less than the other in constant time.
@@ -655,8 +656,8 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
  * \return         MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
  *                 the two input MPIs is not the same.
  */
-int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
-        unsigned *ret );
+int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y,
+                          unsigned *ret);
 
 /**
  * \brief          Compare an MPI with an integer.
@@ -668,7 +669,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
  * \return         \c -1 if \p X is lesser than \p z.
  * \return         \c 0 if \p X is equal to \p z.
  */
-int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
+int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z);
 
 /**
  * \brief          Perform an unsigned addition of MPIs: X = |A| + |B|
@@ -681,8 +682,8 @@ int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform an unsigned subtraction of MPIs: X = |A| - |B|
@@ -696,8 +697,8 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         Another negative error code on different kinds of failure.
  *
  */
-int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform a signed addition of MPIs: X = A + B
@@ -710,8 +711,8 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform a signed subtraction of MPIs: X = A - B
@@ -724,8 +725,8 @@ int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform a signed addition of an MPI and an integer: X = A + b
@@ -738,8 +739,8 @@ int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
+int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
 
 /**
  * \brief          Perform a signed subtraction of an MPI and an integer:
@@ -753,8 +754,8 @@ int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
+int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
 
 /**
  * \brief          Perform a multiplication of two MPIs: X = A * B
@@ -768,8 +769,8 @@ int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         Another negative error code on different kinds of failure.
  *
  */
-int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform a multiplication of an MPI with an unsigned integer:
@@ -784,8 +785,8 @@ int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         Another negative error code on different kinds of failure.
  *
  */
-int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         mbedtls_mpi_uint b );
+int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        mbedtls_mpi_uint b);
 
 /**
  * \brief          Perform a division with remainder of two MPIs:
@@ -805,8 +806,8 @@ int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform a division with remainder of an MPI by an integer:
@@ -826,8 +827,8 @@ int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
+int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
 
 /**
  * \brief          Perform a modular reduction. R = A mod B
@@ -846,8 +847,8 @@ int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A,
  * \return         Another negative error code on different kinds of failure.
  *
  */
-int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
-                         const mbedtls_mpi *B );
+int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A,
+                        const mbedtls_mpi *B);
 
 /**
  * \brief          Perform a modular reduction with respect to an integer.
@@ -865,8 +866,8 @@ int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
-                         mbedtls_mpi_sint b );
+int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
+                        mbedtls_mpi_sint b);
 
 /**
  * \brief          Perform a sliding-window exponentiation: X = A^E mod N
@@ -895,9 +896,9 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A,
  * \return         Another negative error code on different kinds of failures.
  *
  */
-int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *E, const mbedtls_mpi *N,
-                         mbedtls_mpi *prec_RR );
+int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *E, const mbedtls_mpi *N,
+                        mbedtls_mpi *prec_RR);
 
 /**
  * \brief          Fill an MPI with a number of random bytes.
@@ -916,9 +917,9 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
  *                 as a big-endian representation of an MPI; this can
  *                 be relevant in applications like deterministic ECDSA.
  */
-int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /** Generate a random number uniformly in a range.
  *
@@ -952,11 +953,11 @@ int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
  *                 for all usual cryptographic applications.
  * \return         Another negative error code on failure.
  */
-int mbedtls_mpi_random( mbedtls_mpi *X,
-                        mbedtls_mpi_sint min,
-                        const mbedtls_mpi *N,
-                        int (*f_rng)(void *, unsigned char *, size_t),
-                        void *p_rng );
+int mbedtls_mpi_random(mbedtls_mpi *X,
+                       mbedtls_mpi_sint min,
+                       const mbedtls_mpi *N,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng);
 
 /**
  * \brief          Compute the greatest common divisor: G = gcd(A, B)
@@ -969,8 +970,8 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
  * \return         Another negative error code on different kinds of failure.
  */
-int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
-                     const mbedtls_mpi *B );
+int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A,
+                    const mbedtls_mpi *B);
 
 /**
  * \brief          Compute the modular inverse: X = A^-1 mod N
@@ -988,8 +989,8 @@ int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
  *                 with respect to \p N.
  */
-int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
-                         const mbedtls_mpi *N );
+int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
+                        const mbedtls_mpi *N);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -1016,9 +1017,9 @@ int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
  * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
  * \return         Another negative error code on other kinds of failure.
  */
-MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
-                          int (*f_rng)(void *, unsigned char *, size_t),
-                          void *p_rng );
+MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime(const mbedtls_mpi *X,
+                                            int (*f_rng)(void *, unsigned char *, size_t),
+                                            void *p_rng);
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
@@ -1049,9 +1050,9 @@ MBEDTLS_DEPRECATED int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
  * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
  * \return         Another negative error code on other kinds of failure.
  */
-int mbedtls_mpi_is_prime_ext( const mbedtls_mpi *X, int rounds,
-                              int (*f_rng)(void *, unsigned char *, size_t),
-                              void *p_rng );
+int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 /**
  * \brief Flags for mbedtls_mpi_gen_prime()
  *
@@ -1082,9 +1083,9 @@ typedef enum {
  * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
  *                 \c 3 and #MBEDTLS_MPI_MAX_BITS.
  */
-int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
-                   int (*f_rng)(void *, unsigned char *, size_t),
-                   void *p_rng );
+int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
+                          int (*f_rng)(void *, unsigned char *, size_t),
+                          void *p_rng);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -1093,7 +1094,7 @@ int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_mpi_self_test( int verbose );
+int mbedtls_mpi_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/blowfish.h

@@ -41,7 +41,7 @@
 #define MBEDTLS_BLOWFISH_BLOCKSIZE   8          /* Blowfish uses 64 bit blocks */
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0016 )
+#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0016)
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 /** Bad input data. */
 #define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016
@@ -65,8 +65,7 @@ extern "C" {
 /**
  * \brief          Blowfish context structure
  */
-typedef struct mbedtls_blowfish_context
-{
+typedef struct mbedtls_blowfish_context {
     uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2];    /*!<  Blowfish round keys    */
     uint32_t S[4][256];                 /*!<  key dependent S-boxes  */
 }
@@ -82,7 +81,7 @@ mbedtls_blowfish_context;
  * \param ctx      The Blowfish context to be initialized.
  *                 This must not be \c NULL.
  */
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
+void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx);
 
 /**
  * \brief          Clear a Blowfish context.
@@ -92,7 +91,7 @@ void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
  *                 returns immediately. If it is not \c NULL, it must
  *                 point to an initialized Blowfish context.
  */
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
+void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx);
 
 /**
  * \brief          Perform a Blowfish key schedule operation.
@@ -106,8 +105,8 @@ void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
-                     unsigned int keybits );
+int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx, const unsigned char *key,
+                            unsigned int keybits);
 
 /**
  * \brief          Perform a Blowfish-ECB block encryption/decryption operation.
@@ -125,10 +124,10 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
-                        int mode,
-                        const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
+int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -159,12 +158,12 @@ int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
-                        int mode,
-                        size_t length,
-                        unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        const unsigned char *input,
-                        unsigned char *output );
+int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -199,13 +198,13 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
-                          int mode,
-                          size_t length,
-                          size_t *iv_off,
-                          unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                          const unsigned char *input,
-                          unsigned char *output );
+int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx,
+                                 int mode,
+                                 size_t length,
+                                 size_t *iv_off,
+                                 unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                                 const unsigned char *input,
+                                 unsigned char *output);
 #endif /*MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -272,13 +271,13 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
  * \return              \c 0 if successful.
  * \return              A negative error code on failure.
  */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
-                        size_t length,
-                        size_t *nc_off,
-                        unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                        const unsigned char *input,
-                        unsigned char *output );
+int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/bn_mul.h

@@ -51,39 +51,40 @@
  */
 #if defined(MBEDTLS_HAVE_INT32)
 
-#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d )               \
-    ( (mbedtls_mpi_uint) (a) <<  0 ) |                        \
-    ( (mbedtls_mpi_uint) (b) <<  8 ) |                        \
-    ( (mbedtls_mpi_uint) (c) << 16 ) |                        \
-    ( (mbedtls_mpi_uint) (d) << 24 )
+#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d)               \
+    ((mbedtls_mpi_uint) (a) <<  0) |                        \
+    ((mbedtls_mpi_uint) (b) <<  8) |                        \
+    ((mbedtls_mpi_uint) (c) << 16) |                        \
+    ((mbedtls_mpi_uint) (d) << 24)
 
-#define MBEDTLS_BYTES_TO_T_UINT_2( a, b )                   \
-    MBEDTLS_BYTES_TO_T_UINT_4( a, b, 0, 0 )
+#define MBEDTLS_BYTES_TO_T_UINT_2(a, b)                   \
+    MBEDTLS_BYTES_TO_T_UINT_4(a, b, 0, 0)
 
-#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
-    MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d ),                \
-    MBEDTLS_BYTES_TO_T_UINT_4( e, f, g, h )
+#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h) \
+    MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d),                \
+    MBEDTLS_BYTES_TO_T_UINT_4(e, f, g, h)
 
 #else /* 64-bits */
 
-#define MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h )   \
-    ( (mbedtls_mpi_uint) (a) <<  0 ) |                        \
-    ( (mbedtls_mpi_uint) (b) <<  8 ) |                        \
-    ( (mbedtls_mpi_uint) (c) << 16 ) |                        \
-    ( (mbedtls_mpi_uint) (d) << 24 ) |                        \
-    ( (mbedtls_mpi_uint) (e) << 32 ) |                        \
-    ( (mbedtls_mpi_uint) (f) << 40 ) |                        \
-    ( (mbedtls_mpi_uint) (g) << 48 ) |                        \
-    ( (mbedtls_mpi_uint) (h) << 56 )
+#define MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, e, f, g, h)   \
+    ((mbedtls_mpi_uint) (a) <<  0) |                        \
+    ((mbedtls_mpi_uint) (b) <<  8) |                        \
+    ((mbedtls_mpi_uint) (c) << 16) |                        \
+    ((mbedtls_mpi_uint) (d) << 24) |                        \
+    ((mbedtls_mpi_uint) (e) << 32) |                        \
+    ((mbedtls_mpi_uint) (f) << 40) |                        \
+    ((mbedtls_mpi_uint) (g) << 48) |                        \
+    ((mbedtls_mpi_uint) (h) << 56)
 
-#define MBEDTLS_BYTES_TO_T_UINT_4( a, b, c, d )             \
-    MBEDTLS_BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
+#define MBEDTLS_BYTES_TO_T_UINT_4(a, b, c, d)             \
+    MBEDTLS_BYTES_TO_T_UINT_8(a, b, c, d, 0, 0, 0, 0)
 
-#define MBEDTLS_BYTES_TO_T_UINT_2( a, b )                   \
-    MBEDTLS_BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 )
+#define MBEDTLS_BYTES_TO_T_UINT_2(a, b)                   \
+    MBEDTLS_BYTES_TO_T_UINT_8(a, b, 0, 0, 0, 0, 0, 0)
 
 #endif /* bits in mbedtls_mpi_uint */
 
+/* *INDENT-OFF* */
 #if defined(MBEDTLS_HAVE_ASM)
 
 #ifndef asm
@@ -1001,4 +1002,5 @@
 #endif /* C (generic)  */
 #endif /* C (longlong) */
 
+/* *INDENT-ON* */
 #endif /* bn_mul.h */

thirdparty/mbedtls/include/mbedtls/camellia.h

@@ -37,7 +37,7 @@
 #define MBEDTLS_CAMELLIA_DECRYPT     0
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
-#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( -0x0024 )
+#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH   MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(-0x0024)
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 /** Bad input data. */
 #define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024
@@ -61,8 +61,7 @@ extern "C" {
 /**
  * \brief          CAMELLIA context structure
  */
-typedef struct mbedtls_camellia_context
-{
+typedef struct mbedtls_camellia_context {
     int nr;                     /*!<  number of rounds  */
     uint32_t rk[68];            /*!<  CAMELLIA round keys    */
 }
@@ -78,7 +77,7 @@ mbedtls_camellia_context;
  * \param ctx      The CAMELLIA context to be initialized.
  *                 This must not be \c NULL.
  */
-void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
+void mbedtls_camellia_init(mbedtls_camellia_context *ctx);
 
 /**
  * \brief          Clear a CAMELLIA context.
@@ -87,7 +86,7 @@ void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
  *                 in which case this function returns immediately. If it is not
  *                 \c NULL, it must be initialized.
  */
-void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
+void mbedtls_camellia_free(mbedtls_camellia_context *ctx);
 
 /**
  * \brief          Perform a CAMELLIA key schedule operation for encryption.
@@ -101,9 +100,9 @@ void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits );
+int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits);
 
 /**
  * \brief          Perform a CAMELLIA key schedule operation for decryption.
@@ -117,9 +116,9 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits );
+int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits);
 
 /**
  * \brief          Perform a CAMELLIA-ECB block encryption/decryption operation.
@@ -136,10 +135,10 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
-                    int mode,
-                    const unsigned char input[16],
-                    unsigned char output[16] );
+int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
+                               int mode,
+                               const unsigned char input[16],
+                               unsigned char output[16]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -170,12 +169,12 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[16],
-                    const unsigned char *input,
-                    unsigned char *output );
+int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[16],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
@@ -216,13 +215,13 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
+                                  int mode,
+                                  size_t length,
+                                  size_t *iv_off,
+                                  unsigned char iv[16],
+                                  const unsigned char *input,
+                                  unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
@@ -300,13 +299,13 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
  * \return              \c 0 if successful.
  * \return              A negative error code on failure.
  */
-int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[16],
+                               unsigned char stream_block[16],
+                               const unsigned char *input,
+                               unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -316,7 +315,7 @@ int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_camellia_self_test( int verbose );
+int mbedtls_camellia_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/ccm.h

@@ -76,8 +76,7 @@ extern "C" {
  * \brief    The CCM context-type definition. The CCM context is passed
  *           to the APIs called.
  */
-typedef struct mbedtls_ccm_context
-{
+typedef struct mbedtls_ccm_context {
     mbedtls_cipher_context_t cipher_ctx;    /*!< The cipher context used. */
 }
 mbedtls_ccm_context;
@@ -93,7 +92,7 @@ mbedtls_ccm_context;
  *
  * \param ctx       The CCM context to initialize. This must not be \c NULL.
  */
-void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
+void mbedtls_ccm_init(mbedtls_ccm_context *ctx);
 
 /**
  * \brief           This function initializes the CCM context set in the
@@ -108,10 +107,10 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
-int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits );
+int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits);
 
 /**
  * \brief   This function releases and clears the specified CCM context
@@ -120,7 +119,7 @@ int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
  * \param ctx       The CCM context to clear. If this is \c NULL, the function
  *                  has no effect. Otherwise, this must be initialized.
  */
-void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
+void mbedtls_ccm_free(mbedtls_ccm_context *ctx);
 
 /**
  * \brief           This function encrypts a buffer using CCM.
@@ -158,11 +157,11 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
-int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                const unsigned char *iv, size_t iv_len,
+                                const unsigned char *add, size_t add_len,
+                                const unsigned char *input, unsigned char *output,
+                                unsigned char *tag, size_t tag_len);
 
 /**
  * \brief           This function encrypts a buffer using CCM*.
@@ -206,11 +205,11 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
  * \return          \c 0 on success.
  * \return          A CCM or cipher-specific error code on failure.
  */
-int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                     const unsigned char *iv, size_t iv_len,
+                                     const unsigned char *add, size_t add_len,
+                                     const unsigned char *input, unsigned char *output,
+                                     unsigned char *tag, size_t tag_len);
 
 /**
  * \brief           This function performs a CCM authenticated decryption of a
@@ -243,11 +242,11 @@ int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
  * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
  * \return          A cipher-specific error code on calculation failure.
  */
-int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                             const unsigned char *iv, size_t iv_len,
+                             const unsigned char *add, size_t add_len,
+                             const unsigned char *input, unsigned char *output,
+                             const unsigned char *tag, size_t tag_len);
 
 /**
  * \brief           This function performs a CCM* authenticated decryption of a
@@ -288,11 +287,11 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
  * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
  * \return          A cipher-specific error code on calculation failure.
  */
-int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len );
+int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                                  const unsigned char *iv, size_t iv_len,
+                                  const unsigned char *add, size_t add_len,
+                                  const unsigned char *input, unsigned char *output,
+                                  const unsigned char *tag, size_t tag_len);
 
 #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
 /**
@@ -301,7 +300,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_ccm_self_test( int verbose );
+int mbedtls_ccm_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/certs.h

@@ -37,11 +37,11 @@ extern "C" {
 /* List of all PEM-encoded CA certificates, terminated by NULL;
  * PEM encoded if MBEDTLS_PEM_PARSE_C is enabled, DER encoded
  * otherwise. */
-extern const char * mbedtls_test_cas[];
+extern const char *mbedtls_test_cas[];
 extern const size_t mbedtls_test_cas_len[];
 
 /* List of all DER-encoded CA certificates, terminated by NULL */
-extern const unsigned char * mbedtls_test_cas_der[];
+extern const unsigned char *mbedtls_test_cas_der[];
 extern const size_t mbedtls_test_cas_der_len[];
 
 #if defined(MBEDTLS_PEM_PARSE_C)
@@ -112,9 +112,9 @@ extern const size_t mbedtls_test_ca_crt_rsa_len;
 /* Config-dependent dispatch between EC and RSA
  * (RSA if enabled, otherwise EC) */
 
-extern const char * mbedtls_test_ca_crt;
-extern const char * mbedtls_test_ca_key;
-extern const char * mbedtls_test_ca_pwd;
+extern const char *mbedtls_test_ca_crt;
+extern const char *mbedtls_test_ca_key;
+extern const char *mbedtls_test_ca_pwd;
 extern const size_t mbedtls_test_ca_crt_len;
 extern const size_t mbedtls_test_ca_key_len;
 extern const size_t mbedtls_test_ca_pwd_len;
@@ -181,9 +181,9 @@ extern const size_t mbedtls_test_srv_crt_rsa_len;
 /* Config-dependent dispatch between EC and RSA
  * (RSA if enabled, otherwise EC) */
 
-extern const char * mbedtls_test_srv_crt;
-extern const char * mbedtls_test_srv_key;
-extern const char * mbedtls_test_srv_pwd;
+extern const char *mbedtls_test_srv_crt;
+extern const char *mbedtls_test_srv_key;
+extern const char *mbedtls_test_srv_pwd;
 extern const size_t mbedtls_test_srv_crt_len;
 extern const size_t mbedtls_test_srv_key_len;
 extern const size_t mbedtls_test_srv_pwd_len;
@@ -236,9 +236,9 @@ extern const size_t mbedtls_test_cli_crt_rsa_len;
 /* Config-dependent dispatch between EC and RSA
  * (RSA if enabled, otherwise EC) */
 
-extern const char * mbedtls_test_cli_crt;
-extern const char * mbedtls_test_cli_key;
-extern const char * mbedtls_test_cli_pwd;
+extern const char *mbedtls_test_cli_crt;
+extern const char *mbedtls_test_cli_key;
+extern const char *mbedtls_test_cli_pwd;
 extern const size_t mbedtls_test_cli_crt_len;
 extern const size_t mbedtls_test_cli_key_len;
 extern const size_t mbedtls_test_cli_pwd_len;

thirdparty/mbedtls/include/mbedtls/chacha20.h

@@ -60,8 +60,7 @@ extern "C" {
 
 #if !defined(MBEDTLS_CHACHA20_ALT)
 
-typedef struct mbedtls_chacha20_context
-{
+typedef struct mbedtls_chacha20_context {
     uint32_t state[16];          /*! The state (before round operations). */
     uint8_t  keystream8[64];     /*! Leftover keystream bytes. */
     size_t keystream_bytes_used; /*! Number of keystream bytes already used. */
@@ -87,7 +86,7 @@ mbedtls_chacha20_context;
  * \param ctx       The ChaCha20 context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
+void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx);
 
 /**
  * \brief           This function releases and clears the specified
@@ -98,7 +97,7 @@ void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
  *                  \c NULL, it must point to an initialized context.
  *
  */
-void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
+void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx);
 
 /**
  * \brief           This function sets the encryption/decryption key.
@@ -116,8 +115,8 @@ void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
  * \return          \c 0 on success.
  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
  */
-int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
-                             const unsigned char key[32] );
+int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
+                            const unsigned char key[32]);
 
 /**
  * \brief           This function sets the nonce and initial counter value.
@@ -138,9 +137,9 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
  *                  NULL.
  */
-int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
-                             const unsigned char nonce[12],
-                             uint32_t counter );
+int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
+                            const unsigned char nonce[12],
+                            uint32_t counter);
 
 /**
  * \brief           This function encrypts or decrypts data.
@@ -171,10 +170,10 @@ int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
-                             size_t size,
-                             const unsigned char *input,
-                             unsigned char *output );
+int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
+                            size_t size,
+                            const unsigned char *input,
+                            unsigned char *output);
 
 /**
  * \brief           This function encrypts or decrypts data with ChaCha20 and
@@ -204,12 +203,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chacha20_crypt( const unsigned char key[32],
-                            const unsigned char nonce[12],
-                            uint32_t counter,
-                            size_t size,
-                            const unsigned char* input,
-                            unsigned char* output );
+int mbedtls_chacha20_crypt(const unsigned char key[32],
+                           const unsigned char nonce[12],
+                           uint32_t counter,
+                           size_t size,
+                           const unsigned char *input,
+                           unsigned char *output);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -218,7 +217,7 @@ int mbedtls_chacha20_crypt( const unsigned char key[32],
  * \return          \c 0 on success.
  * \return          \c 1 on failure.
  */
-int mbedtls_chacha20_self_test( int verbose );
+int mbedtls_chacha20_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/chachapoly.h

@@ -50,8 +50,7 @@
 extern "C" {
 #endif
 
-typedef enum
-{
+typedef enum {
     MBEDTLS_CHACHAPOLY_ENCRYPT,     /**< The mode value for performing encryption. */
     MBEDTLS_CHACHAPOLY_DECRYPT      /**< The mode value for performing decryption. */
 }
@@ -61,8 +60,7 @@ mbedtls_chachapoly_mode_t;
 
 #include "mbedtls/chacha20.h"
 
-typedef struct mbedtls_chachapoly_context
-{
+typedef struct mbedtls_chachapoly_context {
     mbedtls_chacha20_context chacha20_ctx;  /**< The ChaCha20 context. */
     mbedtls_poly1305_context poly1305_ctx;  /**< The Poly1305 context. */
     uint64_t aad_len;                       /**< The length (bytes) of the Additional Authenticated Data. */
@@ -118,7 +116,7 @@ mbedtls_chachapoly_context;
  *
  * \param ctx       The ChachaPoly context to initialize. Must not be \c NULL.
  */
-void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
+void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx);
 
 /**
  * \brief           This function releases and clears the specified
@@ -127,7 +125,7 @@ void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx );
  * \param ctx       The ChachaPoly context to clear. This may be \c NULL, in which
  *                  case this function is a no-op.
  */
-void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
+void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx);
 
 /**
  * \brief           This function sets the ChaCha20-Poly1305
@@ -140,8 +138,8 @@ void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx );
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
-                               const unsigned char key[32] );
+int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
+                              const unsigned char key[32]);
 
 /**
  * \brief           This function starts a ChaCha20-Poly1305 encryption or
@@ -168,9 +166,9 @@ int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
-                               const unsigned char nonce[12],
-                               mbedtls_chachapoly_mode_t mode );
+int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
+                              const unsigned char nonce[12],
+                              mbedtls_chachapoly_mode_t mode);
 
 /**
  * \brief           This function feeds additional data to be authenticated
@@ -211,9 +209,9 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
  *                  if the operations has not been started or has been
  *                  finished, or if the AAD has been finished.
  */
-int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
-                                   const unsigned char *aad,
-                                   size_t aad_len );
+int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
+                                  const unsigned char *aad,
+                                  size_t aad_len);
 
 /**
  * \brief           Thus function feeds data to be encrypted or decrypted
@@ -246,10 +244,10 @@ int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
  *                  finished.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
-                               size_t len,
-                               const unsigned char *input,
-                               unsigned char *output );
+int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
+                              size_t len,
+                              const unsigned char *input,
+                              unsigned char *output);
 
 /**
  * \brief           This function finished the ChaCha20-Poly1305 operation and
@@ -267,8 +265,8 @@ int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
  *                  finished.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
-                               unsigned char mac[16] );
+int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
+                              unsigned char mac[16]);
 
 /**
  * \brief           This function performs a complete ChaCha20-Poly1305
@@ -299,14 +297,14 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
-                                        size_t length,
-                                        const unsigned char nonce[12],
-                                        const unsigned char *aad,
-                                        size_t aad_len,
-                                        const unsigned char *input,
-                                        unsigned char *output,
-                                        unsigned char tag[16] );
+int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
+                                       size_t length,
+                                       const unsigned char nonce[12],
+                                       const unsigned char *aad,
+                                       size_t aad_len,
+                                       const unsigned char *input,
+                                       unsigned char *output,
+                                       unsigned char tag[16]);
 
 /**
  * \brief           This function performs a complete ChaCha20-Poly1305
@@ -333,14 +331,14 @@ int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
  *                  if the data was not authentic.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
-                                     size_t length,
-                                     const unsigned char nonce[12],
-                                     const unsigned char *aad,
-                                     size_t aad_len,
-                                     const unsigned char tag[16],
-                                     const unsigned char *input,
-                                     unsigned char *output );
+int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
+                                    size_t length,
+                                    const unsigned char nonce[12],
+                                    const unsigned char *aad,
+                                    size_t aad_len,
+                                    const unsigned char tag[16],
+                                    const unsigned char *input,
+                                    unsigned char *output);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -349,7 +347,7 @@ int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
  * \return          \c 0 on success.
  * \return          \c 1 on failure.
  */
-int mbedtls_chachapoly_self_test( int verbose );
+int mbedtls_chachapoly_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/check_config.h

@@ -28,6 +28,7 @@
 #ifndef MBEDTLS_CHECK_CONFIG_H
 #define MBEDTLS_CHECK_CONFIG_H
 
+/* *INDENT-OFF* */
 /*
  * We assume CHAR_BIT is 8 in many places. In practice, this is true on our
  * target platforms, so not an issue, but let's just be extra sure.
@@ -68,10 +69,6 @@
 #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense"
 #endif
 
-#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM)
-#error "MBEDTLS_AESNI_C defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
 #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
 #endif
@@ -143,6 +140,11 @@
 #error "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED defined, but MBEDTLS_ECDH_LEGACY_CONTEXT not disabled"
 #endif
 
+#if defined(MBEDTLS_ECP_RESTARTABLE)           && \
+    !defined(MBEDTLS_ECP_C)
+#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
 #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
 #endif
@@ -955,4 +957,5 @@
  */
 typedef int mbedtls_iso_c_forbids_empty_translation_units;
 
+/* *INDENT-ON* */
 #endif /* MBEDTLS_CHECK_CONFIG_H */

thirdparty/mbedtls/include/mbedtls/cipher.h

@@ -49,7 +49,7 @@
 #define MBEDTLS_CIPHER_MODE_STREAM
 #endif
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -83,16 +83,16 @@ extern "C" {
 /**
  * \brief     Supported cipher types.
  *
- * \warning   RC4 and DES are considered weak ciphers and their use
- *            constitutes a security risk. Arm recommends considering stronger
+ * \warning   RC4 and DES/3DES are considered weak ciphers and their use
+ *            constitutes a security risk. We recommend considering stronger
  *            ciphers instead.
  */
 typedef enum {
     MBEDTLS_CIPHER_ID_NONE = 0,  /**< Placeholder to mark the end of cipher ID lists. */
     MBEDTLS_CIPHER_ID_NULL,      /**< The identity cipher, treated as a stream cipher. */
     MBEDTLS_CIPHER_ID_AES,       /**< The AES cipher. */
-    MBEDTLS_CIPHER_ID_DES,       /**< The DES cipher. */
-    MBEDTLS_CIPHER_ID_3DES,      /**< The Triple DES cipher. */
+    MBEDTLS_CIPHER_ID_DES,       /**< The DES cipher. \warning DES is considered weak. */
+    MBEDTLS_CIPHER_ID_3DES,      /**< The Triple DES cipher. \warning 3DES is considered weak. */
     MBEDTLS_CIPHER_ID_CAMELLIA,  /**< The Camellia cipher. */
     MBEDTLS_CIPHER_ID_BLOWFISH,  /**< The Blowfish cipher. */
     MBEDTLS_CIPHER_ID_ARC4,      /**< The RC4 cipher. */
@@ -103,8 +103,8 @@ typedef enum {
 /**
  * \brief     Supported {cipher type, cipher mode} pairs.
  *
- * \warning   RC4 and DES are considered weak ciphers and their use
- *            constitutes a security risk. Arm recommends considering stronger
+ * \warning   RC4 and DES/3DES are considered weak ciphers and their use
+ *            constitutes a security risk. We recommend considering stronger
  *            ciphers instead.
  */
 typedef enum {
@@ -140,12 +140,12 @@ typedef enum {
     MBEDTLS_CIPHER_CAMELLIA_128_GCM,     /**< Camellia cipher with 128-bit GCM mode. */
     MBEDTLS_CIPHER_CAMELLIA_192_GCM,     /**< Camellia cipher with 192-bit GCM mode. */
     MBEDTLS_CIPHER_CAMELLIA_256_GCM,     /**< Camellia cipher with 256-bit GCM mode. */
-    MBEDTLS_CIPHER_DES_ECB,              /**< DES cipher with ECB mode. */
-    MBEDTLS_CIPHER_DES_CBC,              /**< DES cipher with CBC mode. */
-    MBEDTLS_CIPHER_DES_EDE_ECB,          /**< DES cipher with EDE ECB mode. */
-    MBEDTLS_CIPHER_DES_EDE_CBC,          /**< DES cipher with EDE CBC mode. */
-    MBEDTLS_CIPHER_DES_EDE3_ECB,         /**< DES cipher with EDE3 ECB mode. */
-    MBEDTLS_CIPHER_DES_EDE3_CBC,         /**< DES cipher with EDE3 CBC mode. */
+    MBEDTLS_CIPHER_DES_ECB,              /**< DES cipher with ECB mode. \warning DES is considered weak. */
+    MBEDTLS_CIPHER_DES_CBC,              /**< DES cipher with CBC mode. \warning DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE_ECB,          /**< DES cipher with EDE ECB mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE_CBC,          /**< DES cipher with EDE CBC mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE3_ECB,         /**< DES cipher with EDE3 ECB mode. \warning 3DES is considered weak. */
+    MBEDTLS_CIPHER_DES_EDE3_CBC,         /**< DES cipher with EDE3 CBC mode. \warning 3DES is considered weak. */
     MBEDTLS_CIPHER_BLOWFISH_ECB,         /**< Blowfish cipher with ECB mode. */
     MBEDTLS_CIPHER_BLOWFISH_CBC,         /**< Blowfish cipher with CBC mode. */
     MBEDTLS_CIPHER_BLOWFISH_CFB64,       /**< Blowfish cipher with CFB64 mode. */
@@ -226,11 +226,11 @@ typedef enum {
 enum {
     /** Undefined key length. */
     MBEDTLS_KEY_LENGTH_NONE = 0,
-    /** Key length, in bits (including parity), for DES keys. */
+    /** Key length, in bits (including parity), for DES keys. \warning DES is considered weak. */
     MBEDTLS_KEY_LENGTH_DES  = 64,
-    /** Key length in bits, including parity, for DES in two-key EDE. */
+    /** Key length in bits, including parity, for DES in two-key EDE. \warning 3DES is considered weak. */
     MBEDTLS_KEY_LENGTH_DES_EDE = 128,
-    /** Key length in bits, including parity, for DES in three-key EDE. */
+    /** Key length in bits, including parity, for DES in three-key EDE. \warning 3DES is considered weak. */
     MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
 };
 
@@ -273,8 +273,7 @@ typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
  * Cipher information. Allows calling cipher functions
  * in a generic way.
  */
-typedef struct mbedtls_cipher_info_t
-{
+typedef struct mbedtls_cipher_info_t {
     /** Full cipher identifier. For example,
      * MBEDTLS_CIPHER_AES_256_CBC.
      */
@@ -290,7 +289,7 @@ typedef struct mbedtls_cipher_info_t
     unsigned int key_bitlen;
 
     /** Name of the cipher. */
-    const char * name;
+    const char *name;
 
     /** IV or nonce size, in Bytes.
      * For ciphers that accept variable IV sizes,
@@ -315,8 +314,7 @@ typedef struct mbedtls_cipher_info_t
 /**
  * Generic cipher context.
  */
-typedef struct mbedtls_cipher_context_t
-{
+typedef struct mbedtls_cipher_context_t {
     /** Information about the associated cipher. */
     const mbedtls_cipher_info_t *cipher_info;
 
@@ -332,8 +330,8 @@ typedef struct mbedtls_cipher_context_t
     /** Padding functions to use, if relevant for
      * the specific cipher mode.
      */
-    void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
-    int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
+    void (*add_padding)(unsigned char *output, size_t olen, size_t data_len);
+    int (*get_padding)(unsigned char *input, size_t ilen, size_t *data_len);
 #endif
 
     /** Buffer for input that has not been processed yet. */
@@ -383,7 +381,7 @@ typedef struct mbedtls_cipher_context_t
  * \return      A statically-allocated array of cipher identifiers
  *              of type cipher_type_t. The last entry is zero.
  */
-const int *mbedtls_cipher_list( void );
+const int *mbedtls_cipher_list(void);
 
 /**
  * \brief               This function retrieves the cipher-information
@@ -396,7 +394,7 @@ const int *mbedtls_cipher_list( void );
  *                      given \p cipher_name.
  * \return              \c NULL if the associated cipher information is not found.
  */
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(const char *cipher_name);
 
 /**
  * \brief               This function retrieves the cipher-information
@@ -408,7 +406,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher
  *                      given \p cipher_type.
  * \return              \c NULL if the associated cipher information is not found.
  */
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type);
 
 /**
  * \brief               This function retrieves the cipher-information
@@ -424,16 +422,16 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher
  *                      given \p cipher_id.
  * \return              \c NULL if the associated cipher information is not found.
  */
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
-                                              int key_bitlen,
-                                              const mbedtls_cipher_mode_t mode );
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id,
+                                                             int key_bitlen,
+                                                             const mbedtls_cipher_mode_t mode);
 
 /**
  * \brief               This function initializes a \p cipher_context as NONE.
  *
  * \param ctx           The context to be initialized. This must not be \c NULL.
  */
-void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
+void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx);
 
 /**
  * \brief               This function frees and clears the cipher-specific
@@ -444,7 +442,7 @@ void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
  *                      function has no effect, otherwise this must point to an
  *                      initialized context.
  */
-void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
+void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx);
 
 
 /**
@@ -464,8 +462,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
  * In future versions, the caller will be required to call
  * mbedtls_cipher_init() on the structure first.
  */
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
-                          const mbedtls_cipher_info_t *cipher_info );
+int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx,
+                         const mbedtls_cipher_info_t *cipher_info);
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /**
@@ -489,9 +487,9 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
  * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
  *                      cipher-specific context fails.
  */
-int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
-                              const mbedtls_cipher_info_t *cipher_info,
-                              size_t taglen );
+int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx,
+                             const mbedtls_cipher_info_t *cipher_info,
+                             size_t taglen);
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /**
@@ -503,11 +501,12 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
  * \return       \c 0 if \p ctx has not been initialized.
  */
 static inline unsigned int mbedtls_cipher_get_block_size(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
-    if( ctx->cipher_info == NULL )
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+    if (ctx->cipher_info == NULL) {
         return 0;
+    }
 
     return ctx->cipher_info->block_size;
 }
@@ -522,11 +521,12 @@ static inline unsigned int mbedtls_cipher_get_block_size(
  * \return       #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
  */
 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE );
-    if( ctx->cipher_info == NULL )
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE);
+    if (ctx->cipher_info == NULL) {
         return MBEDTLS_MODE_NONE;
+    }
 
     return ctx->cipher_info->mode;
 }
@@ -542,14 +542,16 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
  * \return      The actual size if an IV has been set.
  */
 static inline int mbedtls_cipher_get_iv_size(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
-    if( ctx->cipher_info == NULL )
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+    if (ctx->cipher_info == NULL) {
         return 0;
+    }
 
-    if( ctx->iv_size != 0 )
+    if (ctx->iv_size != 0) {
         return (int) ctx->iv_size;
+    }
 
     return (int) ctx->cipher_info->iv_size;
 }
@@ -563,12 +565,13 @@ static inline int mbedtls_cipher_get_iv_size(
  * \return              #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
  */
 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
     MBEDTLS_INTERNAL_VALIDATE_RET(
-        ctx != NULL, MBEDTLS_CIPHER_NONE );
-    if( ctx->cipher_info == NULL )
+        ctx != NULL, MBEDTLS_CIPHER_NONE);
+    if (ctx->cipher_info == NULL) {
         return MBEDTLS_CIPHER_NONE;
+    }
 
     return ctx->cipher_info->type;
 }
@@ -583,11 +586,12 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
  * \return              NULL if \p ctx has not been not initialized.
  */
 static inline const char *mbedtls_cipher_get_name(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
-    MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
-    if( ctx->cipher_info == NULL )
+    MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0);
+    if (ctx->cipher_info == NULL) {
         return 0;
+    }
 
     return ctx->cipher_info->name;
 }
@@ -602,12 +606,13 @@ static inline const char *mbedtls_cipher_get_name(
  *                      initialized.
  */
 static inline int mbedtls_cipher_get_key_bitlen(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
     MBEDTLS_INTERNAL_VALIDATE_RET(
-        ctx != NULL, MBEDTLS_KEY_LENGTH_NONE );
-    if( ctx->cipher_info == NULL )
+        ctx != NULL, MBEDTLS_KEY_LENGTH_NONE);
+    if (ctx->cipher_info == NULL) {
         return MBEDTLS_KEY_LENGTH_NONE;
+    }
 
     return (int) ctx->cipher_info->key_bitlen;
 }
@@ -621,12 +626,13 @@ static inline int mbedtls_cipher_get_key_bitlen(
  * \return         #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
  */
 static inline mbedtls_operation_t mbedtls_cipher_get_operation(
-    const mbedtls_cipher_context_t *ctx )
+    const mbedtls_cipher_context_t *ctx)
 {
     MBEDTLS_INTERNAL_VALIDATE_RET(
-        ctx != NULL, MBEDTLS_OPERATION_NONE );
-    if( ctx->cipher_info == NULL )
+        ctx != NULL, MBEDTLS_OPERATION_NONE);
+    if (ctx->cipher_info == NULL) {
         return MBEDTLS_OPERATION_NONE;
+    }
 
     return ctx->operation;
 }
@@ -647,10 +653,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation(
  *                      parameter-verification failure.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *key,
-                           int key_bitlen,
-                           const mbedtls_operation_t operation );
+int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *key,
+                          int key_bitlen,
+                          const mbedtls_operation_t operation);
 
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
 /**
@@ -669,8 +675,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
  * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
  *                      does not support padding.
  */
-int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
-                                     mbedtls_cipher_padding_t mode );
+int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx,
+                                    mbedtls_cipher_padding_t mode);
 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
 
 /**
@@ -691,9 +697,9 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
  * \return          #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
  *                  parameter-verification failure.
  */
-int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *iv,
-                           size_t iv_len );
+int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *iv,
+                          size_t iv_len);
 
 /**
  * \brief         This function resets the cipher state.
@@ -704,7 +710,7 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
  * \return        #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
  *                parameter-verification failure.
  */
-int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
+int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx);
 
 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
 /**
@@ -721,8 +727,8 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
  * \return              \c 0 on success.
  * \return              A specific error code on failure.
  */
-int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
-                      const unsigned char *ad, size_t ad_len );
+int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx,
+                             const unsigned char *ad, size_t ad_len);
 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
 
 /**
@@ -759,10 +765,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
  *                      unsupported mode for a cipher.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
-                           const unsigned char *input,
-                           size_t ilen, unsigned char *output,
-                           size_t *olen );
+int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx,
+                          const unsigned char *input,
+                          size_t ilen, unsigned char *output,
+                          size_t *olen);
 
 /**
  * \brief               The generic cipher finalization function. If data still
@@ -786,8 +792,8 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
  *                      while decrypting.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
-                   unsigned char *output, size_t *olen );
+int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx,
+                          unsigned char *output, size_t *olen);
 
 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
 /**
@@ -806,8 +812,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
  * \return              \c 0 on success.
  * \return              A specific error code on failure.
  */
-int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
-                      unsigned char *tag, size_t tag_len );
+int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx,
+                             unsigned char *tag, size_t tag_len);
 
 /**
  * \brief               This function checks the tag for AEAD ciphers.
@@ -822,8 +828,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
  * \return              \c 0 on success.
  * \return              A specific error code on failure.
  */
-int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
-                      const unsigned char *tag, size_t tag_len );
+int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx,
+                             const unsigned char *tag, size_t tag_len);
 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
 
 /**
@@ -859,13 +865,13 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
  *                      while decrypting.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
-                  const unsigned char *iv, size_t iv_len,
-                  const unsigned char *input, size_t ilen,
-                  unsigned char *output, size_t *olen );
+int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen);
 
 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -917,13 +923,13 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
  *                      parameter-verification failure.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         unsigned char *tag, size_t tag_len )
-                         MBEDTLS_DEPRECATED;
+int MBEDTLS_DEPRECATED mbedtls_cipher_auth_encrypt(
+    mbedtls_cipher_context_t *ctx,
+    const unsigned char *iv, size_t iv_len,
+    const unsigned char *ad, size_t ad_len,
+    const unsigned char *input, size_t ilen,
+    unsigned char *output, size_t *olen,
+    unsigned char *tag, size_t tag_len);
 
 /**
  * \brief               The generic authenticated decryption (AEAD) function.
@@ -976,13 +982,13 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
  * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen,
-                         const unsigned char *tag, size_t tag_len )
-                         MBEDTLS_DEPRECATED;
+int MBEDTLS_DEPRECATED mbedtls_cipher_auth_decrypt(
+    mbedtls_cipher_context_t *ctx,
+    const unsigned char *iv, size_t iv_len,
+    const unsigned char *ad, size_t ad_len,
+    const unsigned char *input, size_t ilen,
+    unsigned char *output, size_t *olen,
+    const unsigned char *tag, size_t tag_len);
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
@@ -1032,12 +1038,12 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
  *                      parameter-verification failure.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t output_len,
-                         size_t *olen, size_t tag_len );
+int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx,
+                                    const unsigned char *iv, size_t iv_len,
+                                    const unsigned char *ad, size_t ad_len,
+                                    const unsigned char *input, size_t ilen,
+                                    unsigned char *output, size_t output_len,
+                                    size_t *olen, size_t tag_len);
 
 /**
  * \brief               The authenticated encryption (AEAD/NIST_KW) function.
@@ -1088,12 +1094,12 @@ int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
  * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *ad, size_t ad_len,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t output_len,
-                         size_t *olen, size_t tag_len );
+int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx,
+                                    const unsigned char *iv, size_t iv_len,
+                                    const unsigned char *ad, size_t ad_len,
+                                    const unsigned char *input, size_t ilen,
+                                    unsigned char *output, size_t output_len,
+                                    size_t *olen, size_t tag_len);
 #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/cipher_internal.h

@@ -43,82 +43,79 @@ extern "C" {
 /**
  * Base cipher information. The non-mode specific functions and values.
  */
-struct mbedtls_cipher_base_t
-{
+struct mbedtls_cipher_base_t {
     /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
     mbedtls_cipher_id_t cipher;
 
     /** Encrypt using ECB */
-    int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
-                     const unsigned char *input, unsigned char *output );
+    int (*ecb_func)(void *ctx, mbedtls_operation_t mode,
+                    const unsigned char *input, unsigned char *output);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     /** Encrypt using CBC */
-    int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
-                     unsigned char *iv, const unsigned char *input,
-                     unsigned char *output );
+    int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length,
+                    unsigned char *iv, const unsigned char *input,
+                    unsigned char *output);
 #endif
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
     /** Encrypt using CFB (Full length) */
-    int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
-                     unsigned char *iv, const unsigned char *input,
-                     unsigned char *output );
+    int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
+                    unsigned char *iv, const unsigned char *input,
+                    unsigned char *output);
 #endif
 
 #if defined(MBEDTLS_CIPHER_MODE_OFB)
     /** Encrypt using OFB (Full length) */
-    int (*ofb_func)( void *ctx, size_t length, size_t *iv_off,
-                     unsigned char *iv,
-                     const unsigned char *input,
-                     unsigned char *output );
+    int (*ofb_func)(void *ctx, size_t length, size_t *iv_off,
+                    unsigned char *iv,
+                    const unsigned char *input,
+                    unsigned char *output);
 #endif
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
     /** Encrypt using CTR */
-    int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
-                     unsigned char *nonce_counter, unsigned char *stream_block,
-                     const unsigned char *input, unsigned char *output );
+    int (*ctr_func)(void *ctx, size_t length, size_t *nc_off,
+                    unsigned char *nonce_counter, unsigned char *stream_block,
+                    const unsigned char *input, unsigned char *output);
 #endif
 
 #if defined(MBEDTLS_CIPHER_MODE_XTS)
     /** Encrypt or decrypt using XTS. */
-    int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length,
-                     const unsigned char data_unit[16],
-                     const unsigned char *input, unsigned char *output );
+    int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length,
+                    const unsigned char data_unit[16],
+                    const unsigned char *input, unsigned char *output);
 #endif
 
 #if defined(MBEDTLS_CIPHER_MODE_STREAM)
     /** Encrypt using STREAM */
-    int (*stream_func)( void *ctx, size_t length,
-                        const unsigned char *input, unsigned char *output );
+    int (*stream_func)(void *ctx, size_t length,
+                       const unsigned char *input, unsigned char *output);
 #endif
 
     /** Set key for encryption purposes */
-    int (*setkey_enc_func)( void *ctx, const unsigned char *key,
-                            unsigned int key_bitlen );
+    int (*setkey_enc_func)(void *ctx, const unsigned char *key,
+                           unsigned int key_bitlen);
 
     /** Set key for decryption purposes */
-    int (*setkey_dec_func)( void *ctx, const unsigned char *key,
-                            unsigned int key_bitlen);
+    int (*setkey_dec_func)(void *ctx, const unsigned char *key,
+                           unsigned int key_bitlen);
 
     /** Allocate a new context */
-    void * (*ctx_alloc_func)( void );
+    void * (*ctx_alloc_func)(void);
 
     /** Free the given context */
-    void (*ctx_free_func)( void *ctx );
+    void (*ctx_free_func)(void *ctx);
 
 };
 
-typedef struct
-{
+typedef struct {
     mbedtls_cipher_type_t type;
     const mbedtls_cipher_info_t *info;
 } mbedtls_cipher_definition_t;
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-typedef enum
-{
+typedef enum {
     MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
     MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
                                   /* use raw key material internally imported */
@@ -131,8 +128,7 @@ typedef enum
                                       /* destroyed when the context is freed. */
 } mbedtls_cipher_psa_key_ownership;
 
-typedef struct
-{
+typedef struct {
     psa_algorithm_t alg;
     psa_key_id_t slot;
     mbedtls_cipher_psa_key_ownership slot_state;

thirdparty/mbedtls/include/mbedtls/cmac.h

@@ -56,8 +56,7 @@ extern "C" {
 /**
  * The CMAC context structure.
  */
-struct mbedtls_cmac_context_t
-{
+struct mbedtls_cmac_context_t {
     /** The internal state of the CMAC algorithm.  */
     unsigned char       state[MBEDTLS_CIPHER_BLKSIZE_MAX];
 
@@ -103,8 +102,8 @@ struct mbedtls_cmac_context_t
  * \return              \c 0 on success.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *key, size_t keybits );
+int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *key, size_t keybits);
 
 /**
  * \brief               This function feeds an input buffer into an ongoing CMAC
@@ -128,8 +127,8 @@ int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
  * \return             #MBEDTLS_ERR_MD_BAD_INPUT_DATA
  *                     if parameter verification fails.
  */
-int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *input, size_t ilen );
+int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *input, size_t ilen);
 
 /**
  * \brief               This function finishes an ongoing CMAC operation, and
@@ -147,8 +146,8 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
  * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
  *                      if parameter verification fails.
  */
-int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
-                                unsigned char *output );
+int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
+                               unsigned char *output);
 
 /**
  * \brief               This function starts a new CMAC operation with the same
@@ -166,7 +165,7 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
  * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
  *                      if parameter verification fails.
  */
-int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
+int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx);
 
 /**
  * \brief               This function calculates the full generic CMAC
@@ -195,10 +194,10 @@ int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
  * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
  *                      if parameter verification fails.
  */
-int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
-                         const unsigned char *key, size_t keylen,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output );
+int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
+                        const unsigned char *key, size_t keylen,
+                        const unsigned char *input, size_t ilen,
+                        unsigned char *output);
 
 #if defined(MBEDTLS_AES_C)
 /**
@@ -218,12 +217,12 @@ int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
  *
  * \return          \c 0 on success.
  */
-int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
-                              const unsigned char *input, size_t in_len,
-                              unsigned char output[16] );
+int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_len,
+                             const unsigned char *input, size_t in_len,
+                             unsigned char output[16]);
 #endif /* MBEDTLS_AES_C */
 
-#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
+#if defined(MBEDTLS_SELF_TEST) && (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C))
 /**
  * \brief          The CMAC checkup routine.
  *
@@ -237,7 +236,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_cmac_self_test( int verbose );
+int mbedtls_cmac_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/compat-1.3.h

@@ -29,7 +29,7 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #warning "Including compat-1.3.h is deprecated"
@@ -597,7 +597,8 @@
 #define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
 #endif
 #if defined MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
-#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION \
+    MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
 #endif
 #if defined MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
 #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
@@ -1382,8 +1383,8 @@
 #define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED
 #define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED
 #define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED
-#define SSL_BUFFER_LEN ( ( ( MBEDTLS_SSL_IN_BUFFER_LEN ) < ( MBEDTLS_SSL_OUT_BUFFER_LEN ) ) \
-                         ? ( MBEDTLS_SSL_IN_BUFFER_LEN ) : ( MBEDTLS_SSL_OUT_BUFFER_LEN ) )
+#define SSL_BUFFER_LEN (((MBEDTLS_SSL_IN_BUFFER_LEN) < (MBEDTLS_SSL_OUT_BUFFER_LEN)) \
+                         ? (MBEDTLS_SSL_IN_BUFFER_LEN) : (MBEDTLS_SSL_OUT_BUFFER_LEN))
 #define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES
 #define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT
 #define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
@@ -1554,10 +1555,14 @@
 #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
 #define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
 #define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
-#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
 #define TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
 #define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
 #define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
@@ -1565,8 +1570,10 @@
 #define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
 #define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
-#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
 #define TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
 #define TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
 #define TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
@@ -1578,10 +1585,14 @@
 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 #define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
 #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
-#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 \
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
@@ -1591,10 +1602,14 @@
 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
 #define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
 #define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
-#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 \
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
 #define TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
 #define TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
 #define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
@@ -2492,7 +2507,8 @@
 #define x509write_crt_free mbedtls_x509write_crt_free
 #define x509write_crt_init mbedtls_x509write_crt_init
 #define x509write_crt_pem mbedtls_x509write_crt_pem
-#define x509write_crt_set_authority_key_identifier mbedtls_x509write_crt_set_authority_key_identifier
+#define x509write_crt_set_authority_key_identifier \
+    mbedtls_x509write_crt_set_authority_key_identifier
 #define x509write_crt_set_basic_constraints mbedtls_x509write_crt_set_basic_constraints
 #define x509write_crt_set_extension mbedtls_x509write_crt_set_extension
 #define x509write_crt_set_issuer_key mbedtls_x509write_crt_set_issuer_key

thirdparty/mbedtls/include/mbedtls/config.h

@@ -51,7 +51,7 @@
  *      include/mbedtls/bn_mul.h
  *
  * Required by:
- *      MBEDTLS_AESNI_C
+ *      MBEDTLS_AESNI_C (on some platforms)
  *      MBEDTLS_PADLOCK_C
  *
  * Comment to disable the use of assembly code.
@@ -859,12 +859,37 @@
  * This is useful in non-threaded environments if you want to avoid blocking
  * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
  *
- * Uncomment this macro to enable restartable ECC computations.
+ * This option:
+ * - Adds xxx_restartable() variants of existing operations in the
+ *   following modules, with corresponding restart context types:
+ *   - ECP (for Short Weierstrass curves only): scalar multiplication (mul),
+ *     linear combination (muladd);
+ *   - ECDSA: signature generation & verification;
+ *   - PK: signature generation & verification;
+ *   - X509: certificate chain verification.
+ * - Adds mbedtls_ecdh_enable_restart() in the ECDH module.
+ * - Changes the behaviour of TLS 1.2 clients (not servers) when using the
+ *   ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC
+ *   computations restartable:
+ *   - ECDH operations from the key exchange, only for Short Weierstrass
+ *     curves;
+ *   - verification of the server's key exchange signature;
+ *   - verification of the server's certificate chain;
+ *   - generation of the client's signature if client authentication is used,
+ *     with an ECC key/certificate.
+ *
+ * \note  In the cases above, the usual SSL/TLS functions, such as
+ *        mbedtls_ssl_handshake(), can now return
+ *        MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS.
  *
  * \note  This option only works with the default software implementation of
  *        elliptic curve functionality. It is incompatible with
- *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT
- *        and MBEDTLS_ECDH_LEGACY_CONTEXT.
+ *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT,
+ *        MBEDTLS_ECDH_LEGACY_CONTEXT, and MBEDTLS_USE_PSA_CRYPTO.
+ *
+ * Requires: MBEDTLS_ECP_C
+ *
+ * Uncomment this macro to enable restartable ECC computations.
  */
 //#define MBEDTLS_ECP_RESTARTABLE
 
@@ -2319,14 +2344,32 @@
 /**
  * \def MBEDTLS_AESNI_C
  *
- * Enable AES-NI support on x86-64.
+ * Enable AES-NI support on x86-64 or x86-32.
+ *
+ * \note AESNI is only supported with certain compilers and target options:
+ * - Visual Studio 2013: supported.
+ * - GCC, x86-64, target not explicitly supporting AESNI:
+ *   requires MBEDTLS_HAVE_ASM.
+ * - GCC, x86-32, target not explicitly supporting AESNI:
+ *   not supported.
+ * - GCC, x86-64 or x86-32, target supporting AESNI: supported.
+ *   For this assembly-less implementation, you must currently compile
+ *   `library/aesni.c` and `library/aes.c` with machine options to enable
+ *   SSE2 and AESNI instructions: `gcc -msse2 -maes -mpclmul` or
+ *   `clang -maes -mpclmul`.
+ * - Non-x86 targets: this option is silently ignored.
+ * - Other compilers: this option is silently ignored.
+ *
+ * \note
+ * Above, "GCC" includes compatible compilers such as Clang.
+ * The limitations on target support are likely to be relaxed in the future.
  *
  * Module:  library/aesni.c
  * Caller:  library/aes.c
  *
- * Requires: MBEDTLS_HAVE_ASM
+ * Requires: MBEDTLS_HAVE_ASM (on some platforms, see note)
  *
- * This modules adds support for the AES-NI instructions on x86-64
+ * This modules adds support for the AES-NI instructions on x86.
  */
 #define MBEDTLS_AESNI_C
 
@@ -2740,7 +2783,7 @@
  *
  * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
  *
- * \warning   DES is considered a weak cipher and its use constitutes a
+ * \warning   DES/3DES are considered weak ciphers and their use constitutes a
  *            security risk. We recommend considering stronger ciphers instead.
  */
 #define MBEDTLS_DES_C
@@ -3724,7 +3767,7 @@
  * comment in the specific module. */
 
 /* MPI / BIGNUM options */
-//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum window size used. */
+//#define MBEDTLS_MPI_WINDOW_SIZE            2 /**< Maximum window size used. */
 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
 
 /* CTR_DRBG options */

thirdparty/mbedtls/include/mbedtls/constant_time.h

@@ -38,8 +38,8 @@
  * \return      Zero if the content of the two buffer is the same,
  *              otherwise non-zero.
  */
-int mbedtls_ct_memcmp( const void *a,
-                       const void *b,
-                       size_t n );
+int mbedtls_ct_memcmp(const void *a,
+                      const void *b,
+                      size_t n);
 
 #endif /* MBEDTLS_CONSTANT_TIME_H */

thirdparty/mbedtls/include/mbedtls/ctr_drbg.h

@@ -80,8 +80,8 @@
  */
 #endif
 
-#define MBEDTLS_CTR_DRBG_KEYBITS            ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */
-#define MBEDTLS_CTR_DRBG_SEEDLEN            ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */
+#define MBEDTLS_CTR_DRBG_KEYBITS            (MBEDTLS_CTR_DRBG_KEYSIZE * 8)   /**< The key size for the DRBG operation, in bits. */
+#define MBEDTLS_CTR_DRBG_SEEDLEN            (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE)   /**< The seed length, calculated as (counter + AES key). */
 
 /**
  * \name SECTION: Module settings
@@ -164,14 +164,13 @@ extern "C" {
  * the entropy source does not provide enough material to form a nonce.
  * See the documentation of mbedtls_ctr_drbg_seed() for more information.
  */
-#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2
+#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
 #endif
 
 /**
  * \brief          The CTR_DRBG context structure.
  */
-typedef struct mbedtls_ctr_drbg_context
-{
+typedef struct mbedtls_ctr_drbg_context {
     unsigned char counter[16];  /*!< The counter (V). */
     int reseed_counter;         /*!< The reseed counter.
                                  * This is the number of requests that have
@@ -199,7 +198,7 @@ typedef struct mbedtls_ctr_drbg_context
      * Callbacks (Entropy)
      */
     int (*f_entropy)(void *, unsigned char *, size_t);
-                                /*!< The entropy callback function. */
+    /*!< The entropy callback function. */
 
     void *p_entropy;            /*!< The context for the entropy function. */
 
@@ -228,7 +227,7 @@ mbedtls_ctr_drbg_context;
  *
  * \param ctx           The CTR_DRBG context to initialize.
  */
-void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
+void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx);
 
 /**
  * \brief               This function seeds and sets up the CTR_DRBG
@@ -329,11 +328,11 @@ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
  * \return              \c 0 on success.
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
  */
-int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
-                   int (*f_entropy)(void *, unsigned char *, size_t),
-                   void *p_entropy,
-                   const unsigned char *custom,
-                   size_t len );
+int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx,
+                          int (*f_entropy)(void *, unsigned char *, size_t),
+                          void *p_entropy,
+                          const unsigned char *custom,
+                          size_t len);
 
 /**
  * \brief               This function resets CTR_DRBG context to the state immediately
@@ -341,7 +340,7 @@ int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
  *
  * \param ctx           The CTR_DRBG context to clear.
  */
-void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
+void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx);
 
 /**
  * \brief               This function turns prediction resistance on or off.
@@ -356,8 +355,8 @@ void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
  * \param ctx           The CTR_DRBG context.
  * \param resistance    #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
  */
-void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
-                                         int resistance );
+void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx,
+                                                int resistance);
 
 /**
  * \brief               This function sets the amount of entropy grabbed on each
@@ -383,8 +382,8 @@ void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
  *                      and at most the maximum length accepted by the
  *                      entropy function that is set in the context.
  */
-void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
-                               size_t len );
+void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx,
+                                      size_t len);
 
 /**
  * \brief               This function sets the amount of entropy grabbed
@@ -405,8 +404,8 @@ void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
  *                      if the initial seeding has already taken place.
  */
-int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
-                                    size_t len );
+int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx,
+                                   size_t len);
 
 /**
  * \brief               This function sets the reseed interval.
@@ -420,8 +419,8 @@ int mbedtls_ctr_drbg_set_nonce_len( mbedtls_ctr_drbg_context *ctx,
  * \param ctx           The CTR_DRBG context.
  * \param interval      The reseed interval.
  */
-void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
-                                   int interval );
+void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx,
+                                          int interval);
 
 /**
  * \brief               This function reseeds the CTR_DRBG context, that is
@@ -443,8 +442,8 @@ void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
  * \return              \c 0 on success.
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
  */
-int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
-                     const unsigned char *additional, size_t len );
+int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx,
+                            const unsigned char *additional, size_t len);
 
 /**
  * \brief              This function updates the state of the CTR_DRBG context.
@@ -466,9 +465,9 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
  *                     #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
  * \return             An error from the underlying AES cipher on failure.
  */
-int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
-                                 const unsigned char *additional,
-                                 size_t add_len );
+int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx,
+                                const unsigned char *additional,
+                                size_t add_len);
 
 /**
  * \brief   This function updates a CTR_DRBG instance with additional
@@ -501,9 +500,9 @@ int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
  * \return    #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
  *            #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
  */
-int mbedtls_ctr_drbg_random_with_add( void *p_rng,
-                              unsigned char *output, size_t output_len,
-                              const unsigned char *additional, size_t add_len );
+int mbedtls_ctr_drbg_random_with_add(void *p_rng,
+                                     unsigned char *output, size_t output_len,
+                                     const unsigned char *additional, size_t add_len);
 
 /**
  * \brief   This function uses CTR_DRBG to generate random data.
@@ -529,11 +528,11 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng,
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
  *                      #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
  */
-int mbedtls_ctr_drbg_random( void *p_rng,
-                     unsigned char *output, size_t output_len );
+int mbedtls_ctr_drbg_random(void *p_rng,
+                            unsigned char *output, size_t output_len);
 
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -557,7 +556,7 @@ int mbedtls_ctr_drbg_random( void *p_rng,
 MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(
     mbedtls_ctr_drbg_context *ctx,
     const unsigned char *additional,
-    size_t add_len );
+    size_t add_len);
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
@@ -573,7 +572,7 @@ MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(
  * \return              #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed
  *                      failure.
  */
-int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
 
 /**
  * \brief               This function reads and updates a seed file. The seed
@@ -589,7 +588,7 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
  * \return              #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing
  *                      seed file is too large.
  */
-int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -600,7 +599,7 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
  * \return              \c 0 on success.
  * \return              \c 1 on failure.
  */
-int mbedtls_ctr_drbg_self_test( int verbose );
+int mbedtls_ctr_drbg_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/debug.h

@@ -36,47 +36,47 @@
 
 #if defined(MBEDTLS_DEBUG_C)
 
-#define MBEDTLS_DEBUG_STRIP_PARENS( ... )   __VA_ARGS__
+#define MBEDTLS_DEBUG_STRIP_PARENS(...)   __VA_ARGS__
 
-#define MBEDTLS_SSL_DEBUG_MSG( level, args )                    \
-    mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__,    \
-                             MBEDTLS_DEBUG_STRIP_PARENS args )
+#define MBEDTLS_SSL_DEBUG_MSG(level, args)                    \
+    mbedtls_debug_print_msg(ssl, level, __FILE__, __LINE__,    \
+                            MBEDTLS_DEBUG_STRIP_PARENS args)
 
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )                \
-    mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret )
+#define MBEDTLS_SSL_DEBUG_RET(level, text, ret)                \
+    mbedtls_debug_print_ret(ssl, level, __FILE__, __LINE__, text, ret)
 
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )           \
-    mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len )
+#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)           \
+    mbedtls_debug_print_buf(ssl, level, __FILE__, __LINE__, text, buf, len)
 
 #if defined(MBEDTLS_BIGNUM_C)
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )                  \
-    mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X )
+#define MBEDTLS_SSL_DEBUG_MPI(level, text, X)                  \
+    mbedtls_debug_print_mpi(ssl, level, __FILE__, __LINE__, text, X)
 #endif
 
 #if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )                  \
-    mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X )
+#define MBEDTLS_SSL_DEBUG_ECP(level, text, X)                  \
+    mbedtls_debug_print_ecp(ssl, level, __FILE__, __LINE__, text, X)
 #endif
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )                \
-    mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)                \
+    mbedtls_debug_print_crt(ssl, level, __FILE__, __LINE__, text, crt)
 #endif
 
 #if defined(MBEDTLS_ECDH_C)
-#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr )               \
-    mbedtls_debug_printf_ecdh( ssl, level, __FILE__, __LINE__, ecdh, attr )
+#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)               \
+    mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr)
 #endif
 
 #else /* MBEDTLS_DEBUG_C */
 
-#define MBEDTLS_SSL_DEBUG_MSG( level, args )            do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )       do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )  do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )         do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )         do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )       do { } while( 0 )
-#define MBEDTLS_SSL_DEBUG_ECDH( level, ecdh, attr )     do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_MSG(level, args)            do { } while (0)
+#define MBEDTLS_SSL_DEBUG_RET(level, text, ret)       do { } while (0)
+#define MBEDTLS_SSL_DEBUG_BUF(level, text, buf, len)  do { } while (0)
+#define MBEDTLS_SSL_DEBUG_MPI(level, text, X)         do { } while (0)
+#define MBEDTLS_SSL_DEBUG_ECP(level, text, X)         do { } while (0)
+#define MBEDTLS_SSL_DEBUG_CRT(level, text, crt)       do { } while (0)
+#define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr)     do { } while (0)
 
 #endif /* MBEDTLS_DEBUG_C */
 
@@ -96,7 +96,7 @@
 #if __has_attribute(format)
 #if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1
 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)    \
-    __attribute__((__format__ (gnu_printf, string_index, first_to_check)))
+    __attribute__((__format__(gnu_printf, string_index, first_to_check)))
 #else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */
 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)    \
     __attribute__((format(printf, string_index, first_to_check)))
@@ -124,10 +124,12 @@
    #include <inttypes.h>
    #define MBEDTLS_PRINTF_SIZET     PRIuPTR
    #define MBEDTLS_PRINTF_LONGLONG  "I64d"
-#else /* (defined(__MINGW32__)  && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+#else \
+    /* (defined(__MINGW32__)  && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
    #define MBEDTLS_PRINTF_SIZET     "zu"
    #define MBEDTLS_PRINTF_LONGLONG  "lld"
-#endif /* (defined(__MINGW32__)  && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+#endif \
+    /* (defined(__MINGW32__)  && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
 
 #ifdef __cplusplus
 extern "C" {
@@ -148,7 +150,7 @@ extern "C" {
  *                              - 3 Informational
  *                              - 4 Verbose
  */
-void mbedtls_debug_set_threshold( int threshold );
+void mbedtls_debug_set_threshold(int threshold);
 
 /**
  * \brief    Print a message to the debug output. This function is always used
@@ -165,9 +167,9 @@ void mbedtls_debug_set_threshold( int threshold );
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
-                              const char *file, int line,
-                              const char *format, ... ) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
+void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6);
 
 /**
  * \brief   Print the return value of a function to the debug output. This
@@ -184,9 +186,9 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, int ret );
+void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, int ret);
 
 /**
  * \brief   Output a buffer of size len bytes to the debug output. This function
@@ -205,9 +207,9 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line, const char *text,
-                      const unsigned char *buf, size_t len );
+void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line, const char *text,
+                             const unsigned char *buf, size_t len);
 
 #if defined(MBEDTLS_BIGNUM_C)
 /**
@@ -226,9 +228,9 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_mpi *X );
+void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_mpi *X);
 #endif
 
 #if defined(MBEDTLS_ECP_C)
@@ -248,9 +250,9 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_ecp_point *X );
+void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_ecp_point *X);
 #endif
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -269,14 +271,13 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
-                      const char *file, int line,
-                      const char *text, const mbedtls_x509_crt *crt );
+void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
+                             const char *file, int line,
+                             const char *text, const mbedtls_x509_crt *crt);
 #endif
 
 #if defined(MBEDTLS_ECDH_C)
-typedef enum
-{
+typedef enum {
     MBEDTLS_DEBUG_ECDH_Q,
     MBEDTLS_DEBUG_ECDH_QP,
     MBEDTLS_DEBUG_ECDH_Z,
@@ -298,10 +299,10 @@ typedef enum
  * \attention       This function is intended for INTERNAL usage within the
  *                  library only.
  */
-void mbedtls_debug_printf_ecdh( const mbedtls_ssl_context *ssl, int level,
-                                const char *file, int line,
-                                const mbedtls_ecdh_context *ecdh,
-                                mbedtls_debug_ecdh_attr attr );
+void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
+                               const char *file, int line,
+                               const mbedtls_ecdh_context *ecdh,
+                               mbedtls_debug_ecdh_attr attr);
 #endif
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/des.h

@@ -3,7 +3,7 @@
  *
  * \brief DES block cipher
  *
- * \warning   DES is considered a weak cipher and its use constitutes a
+ * \warning   DES/3DES are considered weak ciphers and their use constitutes a
  *            security risk. We recommend considering stronger ciphers
  *            instead.
  */
@@ -60,21 +60,23 @@ extern "C" {
 /**
  * \brief          DES context structure
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
-typedef struct mbedtls_des_context
-{
+typedef struct mbedtls_des_context {
     uint32_t sk[32];            /*!<  DES subkeys       */
 }
 mbedtls_des_context;
 
 /**
  * \brief          Triple-DES context structure
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
-typedef struct mbedtls_des3_context
-{
+typedef struct mbedtls_des3_context {
     uint32_t sk[96];            /*!<  3DES subkeys      */
 }
 mbedtls_des3_context;
@@ -88,36 +90,44 @@ mbedtls_des3_context;
  *
  * \param ctx      DES context to be initialized
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
-void mbedtls_des_init( mbedtls_des_context *ctx );
+void mbedtls_des_init(mbedtls_des_context *ctx);
 
 /**
  * \brief          Clear DES context
  *
  * \param ctx      DES context to be cleared
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
-void mbedtls_des_free( mbedtls_des_context *ctx );
+void mbedtls_des_free(mbedtls_des_context *ctx);
 
 /**
  * \brief          Initialize Triple-DES context
  *
  * \param ctx      DES3 context to be initialized
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
-void mbedtls_des3_init( mbedtls_des3_context *ctx );
+void mbedtls_des3_init(mbedtls_des3_context *ctx);
 
 /**
  * \brief          Clear Triple-DES context
  *
  * \param ctx      DES3 context to be cleared
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
-void mbedtls_des3_free( mbedtls_des3_context *ctx );
+void mbedtls_des3_free(mbedtls_des3_context *ctx);
 
 /**
  * \brief          Set key parity on the given key to odd.
@@ -127,11 +137,11 @@ void mbedtls_des3_free( mbedtls_des3_context *ctx );
  *
  * \param key      8-byte secret key
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
-void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
 
 /**
  * \brief          Check that key parity on the given key is odd.
@@ -143,12 +153,12 @@ void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
  *
  * \return         0 is parity was ok, 1 if parity was not correct.
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
 
 /**
  * \brief          Check that key is not a weak or semi-weak DES key
@@ -157,12 +167,12 @@ int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SI
  *
  * \return         0 if no weak key was found, 1 if a weak key was identified.
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
 
 /**
  * \brief          DES key schedule (56-bit, encryption)
@@ -172,12 +182,12 @@ int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
  *
  * \return         0
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
 
 /**
  * \brief          DES key schedule (56-bit, decryption)
@@ -187,12 +197,12 @@ int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MB
  *
  * \return         0
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
 
 /**
  * \brief          Triple-DES key schedule (112-bit, encryption)
@@ -201,10 +211,14 @@ int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MB
  * \param key      16-byte secret key
  *
  * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
+int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
 
 /**
  * \brief          Triple-DES key schedule (112-bit, decryption)
@@ -213,10 +227,14 @@ int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
  * \param key      16-byte secret key
  *
  * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
+int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
 
 /**
  * \brief          Triple-DES key schedule (168-bit, encryption)
@@ -225,10 +243,14 @@ int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
  * \param key      24-byte secret key
  *
  * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
+int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
 
 /**
  * \brief          Triple-DES key schedule (168-bit, decryption)
@@ -237,10 +259,14 @@ int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
  * \param key      24-byte secret key
  *
  * \return         0
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
-                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
+int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
+                             const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
 
 /**
  * \brief          DES-ECB block encryption/decryption
@@ -251,14 +277,14 @@ int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
  *
  * \return         0 if successful
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
-                    const unsigned char input[8],
-                    unsigned char output[8] );
+int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
+                          const unsigned char input[8],
+                          unsigned char output[8]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -279,17 +305,17 @@ int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
  * \param input    buffer holding the input data
  * \param output   buffer holding the output data
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[8],
-                    const unsigned char *input,
-                    unsigned char *output );
+int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
+                          int mode,
+                          size_t length,
+                          unsigned char iv[8],
+                          const unsigned char *input,
+                          unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 /**
@@ -300,11 +326,15 @@ int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
  * \param output   64-bit output block
  *
  * \return         0 if successful
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
-                     const unsigned char input[8],
-                     unsigned char output[8] );
+int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
+                           const unsigned char input[8],
+                           unsigned char output[8]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -326,14 +356,18 @@ int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
  * \param output   buffer holding the output data
  *
  * \return         0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
+ *
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
-                     int mode,
-                     size_t length,
-                     unsigned char iv[8],
-                     const unsigned char *input,
-                     unsigned char *output );
+int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[8],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 /**
@@ -344,12 +378,12 @@ int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
  * \param SK       Round keys
  * \param key      Base key
  *
- * \warning        DES is considered a weak cipher and its use constitutes a
+ * \warning        DES/3DES are considered weak ciphers and their use constitutes a
  *                 security risk. We recommend considering stronger ciphers
  *                 instead.
  */
-void mbedtls_des_setkey( uint32_t SK[32],
-                         const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+void mbedtls_des_setkey(uint32_t SK[32],
+                        const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -359,7 +393,7 @@ void mbedtls_des_setkey( uint32_t SK[32],
  * \return         0 if successful, or 1 if the test failed
  */
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_des_self_test( int verbose );
+int mbedtls_des_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/dhm.h

@@ -108,8 +108,7 @@ extern "C" {
 /**
  * \brief          The DHM context structure.
  */
-typedef struct mbedtls_dhm_context
-{
+typedef struct mbedtls_dhm_context {
     size_t len;         /*!<  The size of \p P in Bytes. */
     mbedtls_mpi P;      /*!<  The prime modulus. */
     mbedtls_mpi G;      /*!<  The generator. */
@@ -133,7 +132,7 @@ mbedtls_dhm_context;
  *
  * \param ctx      The DHM context to initialize.
  */
-void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
+void mbedtls_dhm_init(mbedtls_dhm_context *ctx);
 
 /**
  * \brief          This function parses the DHM parameters in a
@@ -157,9 +156,9 @@ void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
  */
-int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
-                             unsigned char **p,
-                             const unsigned char *end );
+int mbedtls_dhm_read_params(mbedtls_dhm_context *ctx,
+                            unsigned char **p,
+                            const unsigned char *end);
 
 /**
  * \brief          This function generates a DHM key pair and exports its
@@ -193,10 +192,10 @@ int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
  */
-int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
-                     unsigned char *output, size_t *olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size,
+                            unsigned char *output, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief          This function sets the prime modulus and generator.
@@ -213,9 +212,9 @@ int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
  * \return         \c 0 if successful.
  * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
  */
-int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
-                           const mbedtls_mpi *P,
-                           const mbedtls_mpi *G );
+int mbedtls_dhm_set_group(mbedtls_dhm_context *ctx,
+                          const mbedtls_mpi *P,
+                          const mbedtls_mpi *G);
 
 /**
  * \brief          This function imports the raw public value of the peer.
@@ -233,8 +232,8 @@ int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
  */
-int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
-                     const unsigned char *input, size_t ilen );
+int mbedtls_dhm_read_public(mbedtls_dhm_context *ctx,
+                            const unsigned char *input, size_t ilen);
 
 /**
  * \brief          This function creates a DHM key pair and exports
@@ -260,10 +259,10 @@ int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_DHM_XXX error code on failure.
  */
-int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
-                     unsigned char *output, size_t olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_dhm_make_public(mbedtls_dhm_context *ctx, int x_size,
+                            unsigned char *output, size_t olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief          This function derives and exports the shared secret
@@ -291,10 +290,10 @@ int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
  * \return              \c 0 on success.
  * \return              An \c MBEDTLS_ERR_DHM_XXX error code on failure.
  */
-int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
-                     unsigned char *output, size_t output_size, size_t *olen,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_dhm_calc_secret(mbedtls_dhm_context *ctx,
+                            unsigned char *output, size_t output_size, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief          This function frees and clears the components
@@ -304,7 +303,7 @@ int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
  *                 in which case this function is a no-op. If it is not \c NULL,
  *                 it must point to an initialized DHM context.
  */
-void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
+void mbedtls_dhm_free(mbedtls_dhm_context *ctx);
 
 #if defined(MBEDTLS_ASN1_PARSE_C)
 /**
@@ -321,8 +320,8 @@ void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
  * \return            An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX error
  *                    code on failure.
  */
-int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
-                           size_t dhminlen );
+int mbedtls_dhm_parse_dhm(mbedtls_dhm_context *dhm, const unsigned char *dhmin,
+                          size_t dhminlen);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -337,7 +336,7 @@ int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
  * \return         An \c MBEDTLS_ERR_DHM_XXX or \c MBEDTLS_ERR_PEM_XXX
  *                 error code on failure.
  */
-int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
+int mbedtls_dhm_parse_dhmfile(mbedtls_dhm_context *dhm, const char *path);
 #endif /* MBEDTLS_FS_IO */
 #endif /* MBEDTLS_ASN1_PARSE_C */
 
@@ -349,7 +348,7 @@ int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_dhm_self_test( int verbose );
+int mbedtls_dhm_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 #ifdef __cplusplus
@@ -426,7 +425,7 @@ int mbedtls_dhm_self_test( int verbose );
         "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"      \
         "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"      \
         "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"      \
-        "CF9DE5384E71B81C0AC4DFFE0C10E64F" )
+        "CF9DE5384E71B81C0AC4DFFE0C10E64F")
 
 /**
  * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
@@ -445,7 +444,7 @@ int mbedtls_dhm_self_test( int verbose );
         "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"      \
         "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"      \
         "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"      \
-        "81BC087F2A7065B384B890D3191F2BFA" )
+        "81BC087F2A7065B384B890D3191F2BFA")
 
 /**
  * The hexadecimal presentation of the prime underlying the 2048-bit MODP
@@ -470,7 +469,7 @@ int mbedtls_dhm_self_test( int verbose );
         "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
         "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
         "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
-        "15728E5A8AACAA68FFFFFFFFFFFFFFFF" )
+        "15728E5A8AACAA68FFFFFFFFFFFFFFFF")
 
 /**
  * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
@@ -478,7 +477,7 @@ int mbedtls_dhm_self_test( int verbose );
  * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
  */
 #define MBEDTLS_DHM_RFC3526_MODP_2048_G                         \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
+    MBEDTLS_DEPRECATED_STRING_CONSTANT("02")
 
 /**
  * The hexadecimal presentation of the prime underlying the 3072-bit MODP
@@ -502,7 +501,7 @@ int mbedtls_dhm_self_test( int verbose );
         "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"      \
         "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"      \
         "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"      \
-        "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" )
+        "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF")
 
 /**
  * The hexadecimal presentation of the chosen generator of the 3072-bit MODP
@@ -510,7 +509,7 @@ int mbedtls_dhm_self_test( int verbose );
  * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
  */
 #define MBEDTLS_DHM_RFC3526_MODP_3072_G                      \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
+    MBEDTLS_DEPRECATED_STRING_CONSTANT("02")
 
 /**
  * The hexadecimal presentation of the prime underlying the 4096-bit MODP
@@ -540,7 +539,7 @@ int mbedtls_dhm_self_test( int verbose );
         "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"   \
         "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"   \
         "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199"   \
-        "FFFFFFFFFFFFFFFF" )
+        "FFFFFFFFFFFFFFFF")
 
 /**
  * The hexadecimal presentation of the chosen generator of the 4096-bit MODP
@@ -548,7 +547,7 @@ int mbedtls_dhm_self_test( int verbose );
  * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
  */
 #define MBEDTLS_DHM_RFC3526_MODP_4096_G                      \
-    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
+    MBEDTLS_DEPRECATED_STRING_CONSTANT("02")
 
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -557,546 +556,546 @@ int mbedtls_dhm_self_test( int verbose );
  */
 
 #define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
-     0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
-     0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
-     0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
-     0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
-     0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
-     0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
-     0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
-     0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
-     0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
-     0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
-     0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
-     0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
-     0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
-     0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
-     0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
-     0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
-     0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
-     0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
-     0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
-     0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
-     0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
-     0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
-     0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
-     0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
-     0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
-     0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
-     0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
-     0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
-     0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN {       \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
-    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
-    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
-    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
-    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
-    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
-    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
-    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
-    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
-    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
-    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
-    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
-    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
-    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
-    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
-    0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
-    0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
-    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
-    0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
-    0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
-    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
-    0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
-    0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
-    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
-    0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
-    0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
-    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
-    0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
-    0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
-    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
-    0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
-    0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
-    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
-    0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
-    0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
-    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
-    0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
-    0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
-    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
-    0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
-    0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
-    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
-    0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
-    0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
-    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
-    0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN  {       \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,  \
-    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,  \
-    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,  \
-    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,  \
-    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,  \
-    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,  \
-    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,  \
-    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,  \
-    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,  \
-    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,  \
-    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,  \
-    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,  \
-    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,  \
-    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,  \
-    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,  \
-    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,  \
-    0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,  \
-    0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,  \
-    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,  \
-    0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,  \
-    0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,  \
-    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,  \
-    0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,  \
-    0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,  \
-    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,  \
-    0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,  \
-    0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,  \
-    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,  \
-    0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,  \
-    0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,  \
-    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,  \
-    0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,  \
-    0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,  \
-    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,  \
-    0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,  \
-    0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,  \
-    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,  \
-    0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,  \
-    0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,  \
-    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,  \
-    0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,  \
-    0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,  \
-    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,  \
-    0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,  \
-    0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,  \
-    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,  \
-    0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,  \
-    0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,  \
-    0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,  \
-    0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,  \
-    0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,  \
-    0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,  \
-    0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,  \
-    0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,  \
-    0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,  \
-    0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,  \
-    0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,  \
-    0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,  \
-    0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,  \
-    0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,  \
-    0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,  \
-    0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,  \
-    0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,  \
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,  \
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,  \
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,  \
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,  \
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,  \
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,  \
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,  \
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,  \
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,  \
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,  \
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,  \
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,  \
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,  \
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,  \
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,  \
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,  \
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,  \
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,  \
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,  \
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,  \
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,  \
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,  \
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,  \
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,  \
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,  \
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,  \
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,  \
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,  \
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,  \
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,  \
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,  \
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,  \
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,  \
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,  \
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,  \
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,  \
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,  \
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,  \
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,  \
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,  \
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,  \
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,  \
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,  \
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,  \
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,  \
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,  \
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,  \
+        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,  \
+        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,  \
+        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,  \
+        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,  \
+        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,  \
+        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,  \
+        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,  \
+        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,  \
+        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,  \
+        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,  \
+        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,  \
+        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,  \
+        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,  \
+        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,  \
+        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,  \
+        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,  \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
-     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
-     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
-     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
-     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
-     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
-     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
-     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
-     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
-     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
-     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
-     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
-     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
-     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
-     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
-     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
-     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+        0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+        0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+        0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+        0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+        0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+        0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+        0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+        0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+        0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+        0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+        0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+        0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+        0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+        0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+        0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+        0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
-     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
-     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
-     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
-     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
-     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
-     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
-     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
-     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
-     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
-     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
-     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
-     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
-     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
-     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
-     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
-     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
-     0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
-     0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
-     0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
-     0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
-     0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
-     0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
-     0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
-     0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
-     0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
-     0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
-     0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
-     0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
-     0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
-     0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
-     0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
-     0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
-     0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
-     0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
-     0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
-     0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
-     0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
-     0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
-     0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
-     0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
-     0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
-     0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
-     0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
-     0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
-     0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
-     0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
-     0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
-     0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+        0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+        0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+        0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+        0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+        0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+        0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+        0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+        0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+        0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+        0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+        0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+        0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+        0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+        0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+        0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+        0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+        0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+        0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+        0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+        0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+        0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+        0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+        0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+        0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+        0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+        0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+        0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+        0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+        0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+        0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+        0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+        0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+        0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+        0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+        0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+        0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+        0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+        0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+        0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+        0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+        0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+        0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+        0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+        0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+        0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+        0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+        0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+        0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN {        \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
-     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
-     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
-     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
-     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
-     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
-     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
-     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
-     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
-     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
-     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
-     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
-     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
-     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
-     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
-     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
-     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
-     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
-     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
-     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
-     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
-     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
-     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
-     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
-     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
-     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
-     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
-     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
-     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
-     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
-     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
-     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
-     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
-     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
-     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
-     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
-     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
-     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
-     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
-     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
-     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
-     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
-     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
-     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
-     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
-     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
-     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
-     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
-     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
-     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
-     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
-     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
-     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
-     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
-     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
-     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
-     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
-     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
-     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
-     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
-     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
-     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
-     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
-     0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
-     0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
-     0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
-     0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
-     0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
-     0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
-     0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
-     0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
-     0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
-     0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
-     0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
-     0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
-     0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
-     0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
-     0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
-     0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
-     0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
-     0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
-     0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
-     0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
-     0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
-     0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
-     0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
-     0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
-     0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
-     0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
-     0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
-     0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
-     0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
-     0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
-     0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
-     0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
-     0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
-     0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
-     0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
-     0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
-     0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
-     0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
-     0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
-     0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
-     0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
-     0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
-     0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
-     0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
-     0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
-     0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
-     0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
-     0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
-     0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
-     0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
-     0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
-     0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
-     0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
-     0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
-     0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
-     0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
-     0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
-     0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
-     0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
-     0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
-     0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
-     0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
-     0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
-     0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+        0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+        0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+        0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+        0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+        0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+        0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+        0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+        0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+        0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+        0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+        0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+        0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+        0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+        0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+        0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+        0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+        0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+        0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+        0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+        0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+        0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+        0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+        0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+        0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+        0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+        0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+        0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+        0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+        0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+        0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+        0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+        0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+        0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+        0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+        0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+        0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+        0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+        0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+        0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+        0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+        0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+        0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+        0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+        0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+        0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+        0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+        0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+        0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+        0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+        0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+        0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+        0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+        0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+        0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+        0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+        0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+        0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+        0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+        0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+        0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+        0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+        0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+        0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+        0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+        0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+        0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+        0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+        0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+        0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+        0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+        0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+        0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+        0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+        0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+        0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+        0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+        0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+        0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+        0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+        0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+        0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+        0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+        0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+        0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+        0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+        0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+        0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+        0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
+        0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
+        0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
+        0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
+        0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
+        0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
+        0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
+        0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
+        0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
+        0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
+        0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
+        0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
+        0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
+        0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
+        0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
+        0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
+        0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
+        0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
+        0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
+        0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
+        0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
+        0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
+        0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
+        0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
+        0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
+        0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
+        0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
+        0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
+        0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
+        0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
+        0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
+        0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
+        0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
 
 #define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 }
 

thirdparty/mbedtls/include/mbedtls/ecdh.h

@@ -52,8 +52,7 @@ extern "C" {
 /**
  * Defines the source of the imported EC key.
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECDH_OURS,   /**< Our key. */
     MBEDTLS_ECDH_THEIRS, /**< The key of the peer. */
 } mbedtls_ecdh_side;
@@ -65,8 +64,7 @@ typedef enum
  * Later versions of the library may add new variants, therefore users should
  * not make any assumptions about them.
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECDH_VARIANT_NONE = 0,   /*!< Implementation not defined. */
     MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0,/*!< The default Mbed TLS implementation */
 #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
@@ -81,8 +79,7 @@ typedef enum
  * should not make any assumptions about the structure of
  * mbedtls_ecdh_context_mbed.
  */
-typedef struct mbedtls_ecdh_context_mbed
-{
+typedef struct mbedtls_ecdh_context_mbed {
     mbedtls_ecp_group grp;   /*!< The elliptic curve used. */
     mbedtls_mpi d;           /*!< The private key. */
     mbedtls_ecp_point Q;     /*!< The public key. */
@@ -101,8 +98,7 @@ typedef struct mbedtls_ecdh_context_mbed
  *                  should not be shared between multiple threads.
  * \brief           The ECDH context structure.
  */
-typedef struct mbedtls_ecdh_context
-{
+typedef struct mbedtls_ecdh_context {
 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
     mbedtls_ecp_group grp;   /*!< The elliptic curve used. */
     mbedtls_mpi d;           /*!< The private key. */
@@ -119,24 +115,23 @@ typedef struct mbedtls_ecdh_context
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 #else
     uint8_t point_format;       /*!< The format of point export in TLS messages
-                                  as defined in RFC 4492. */
+                                   as defined in RFC 4492. */
     mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */
     mbedtls_ecdh_variant var;   /*!< The ECDH implementation/structure used. */
-    union
-    {
+    union {
         mbedtls_ecdh_context_mbed   mbed_ecdh;
 #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
         mbedtls_ecdh_context_everest everest_ecdh;
 #endif
     } ctx;                      /*!< Implementation-specific context. The
-                                  context in use is specified by the \c var
-                                  field. */
+                                   context in use is specified by the \c var
+                                   field. */
 #if defined(MBEDTLS_ECP_RESTARTABLE)
     uint8_t restart_enabled;    /*!< The flag for restartable mode. Functions of
-                                  an alternative implementation not supporting
-                                  restartable mode must return
-                                  MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
-                                  if this flag is set. */
+                                   an alternative implementation not supporting
+                                   restartable mode must return
+                                   MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error
+                                   if this flag is set. */
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 #endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */
 }
@@ -149,7 +144,7 @@ mbedtls_ecdh_context;
  *
  * \return         \c 1 if the group can be used, \c 0 otherwise
  */
-int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
+int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid);
 
 /**
  * \brief           This function generates an ECDH keypair on an elliptic
@@ -176,9 +171,9 @@ int mbedtls_ecdh_can_do( mbedtls_ecp_group_id gid );
  * \return          Another \c MBEDTLS_ERR_ECP_XXX or
  *                  \c MBEDTLS_MPI_XXX error code on failure.
  */
-int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief           This function computes the shared secret.
@@ -214,17 +209,17 @@ int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp
  * \return          Another \c MBEDTLS_ERR_ECP_XXX or
  *                  \c MBEDTLS_MPI_XXX error code on failure.
  */
-int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
-                         const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
+int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z,
+                                const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng);
 
 /**
  * \brief           This function initializes an ECDH context.
  *
  * \param ctx       The ECDH context to initialize. This must not be \c NULL.
  */
-void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_init(mbedtls_ecdh_context *ctx);
 
 /**
  * \brief           This function sets up the ECDH context with the information
@@ -242,8 +237,8 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
  *
  * \return          \c 0 on success.
  */
-int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
-                        mbedtls_ecp_group_id grp_id );
+int mbedtls_ecdh_setup(mbedtls_ecdh_context *ctx,
+                       mbedtls_ecp_group_id grp_id);
 
 /**
  * \brief           This function frees a context.
@@ -252,7 +247,7 @@ int mbedtls_ecdh_setup( mbedtls_ecdh_context *ctx,
  *                  case this function does nothing. If it is not \c NULL,
  *                  it must point to an initialized ECDH context.
  */
-void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_free(mbedtls_ecdh_context *ctx);
 
 /**
  * \brief           This function generates an EC key pair and exports its
@@ -279,10 +274,10 @@ void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
-                      unsigned char *buf, size_t blen,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ecdh_make_params(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 /**
  * \brief           This function parses the ECDHE parameters in a
@@ -308,9 +303,9 @@ int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
  * \return          An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
-                              const unsigned char **buf,
-                              const unsigned char *end );
+int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx,
+                             const unsigned char **buf,
+                             const unsigned char *end);
 
 /**
  * \brief           This function sets up an ECDH context from an EC key.
@@ -331,9 +326,9 @@ int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  *
  */
-int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
-                             const mbedtls_ecp_keypair *key,
-                             mbedtls_ecdh_side side );
+int mbedtls_ecdh_get_params(mbedtls_ecdh_context *ctx,
+                            const mbedtls_ecp_keypair *key,
+                            mbedtls_ecdh_side side);
 
 /**
  * \brief           This function generates a public key and exports it
@@ -361,10 +356,10 @@ int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx,
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
-                      unsigned char *buf, size_t blen,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ecdh_make_public(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 /**
  * \brief       This function parses and processes the ECDHE payload of a
@@ -385,8 +380,8 @@ int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
  * \return      \c 0 on success.
  * \return      An \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
-                              const unsigned char *buf, size_t blen );
+int mbedtls_ecdh_read_public(mbedtls_ecdh_context *ctx,
+                             const unsigned char *buf, size_t blen);
 
 /**
  * \brief           This function derives and exports the shared secret.
@@ -418,10 +413,10 @@ int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another \c MBEDTLS_ERR_ECP_XXX error code on failure.
  */
-int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
-                      unsigned char *buf, size_t blen,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ecdh_calc_secret(mbedtls_ecdh_context *ctx, size_t *olen,
+                             unsigned char *buf, size_t blen,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -436,7 +431,7 @@ int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
  *
  * \param ctx       The ECDH context to use. This must be initialized.
  */
-void mbedtls_ecdh_enable_restart( mbedtls_ecdh_context *ctx );
+void mbedtls_ecdh_enable_restart(mbedtls_ecdh_context *ctx);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/ecdsa.h

@@ -56,13 +56,13 @@
  *
  * For each of r and s, the value (V) may include an extra initial "0" bit.
  */
-#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits )                               \
-    ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) +              \
-      /*T,L of r,s*/        2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) +     \
-      /*V of r,s*/                ( ( bits ) + 8 ) / 8 ) )
+#define MBEDTLS_ECDSA_MAX_SIG_LEN(bits)                               \
+    (/*T,L of SEQUENCE*/ ((bits) >= 61 * 8 ? 3 : 2) +              \
+     /*T,L of r,s*/ 2 * (((bits) >= 127 * 8 ? 3 : 2) +     \
+                         /*V of r,s*/ ((bits) + 8) / 8))
 
 /** The maximal size of an ECDSA signature in Bytes. */
-#define MBEDTLS_ECDSA_MAX_LEN  MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS )
+#define MBEDTLS_ECDSA_MAX_LEN  MBEDTLS_ECDSA_MAX_SIG_LEN(MBEDTLS_ECP_MAX_BITS)
 
 #ifdef __cplusplus
 extern "C" {
@@ -105,8 +105,7 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx;
 /**
  * \brief           General context for resuming ECDSA operations
  */
-typedef struct
-{
+typedef struct {
     mbedtls_ecp_restart_ctx ecp;        /*!<  base context for ECP restart and
                                               shared administrative info    */
     mbedtls_ecdsa_restart_ver_ctx *ver; /*!<  ecdsa_verify() sub-context    */
@@ -131,7 +130,7 @@ typedef void mbedtls_ecdsa_restart_ctx;
  *
  * \return         \c 1 if the group can be used, \c 0 otherwise
  */
-int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
+int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid);
 
 /**
  * \brief           This function computes the ECDSA signature of a
@@ -169,12 +168,12 @@ int mbedtls_ecdsa_can_do( mbedtls_ecp_group_id gid );
  * \return          An \c MBEDTLS_ERR_ECP_XXX
  *                  or \c MBEDTLS_MPI_XXX error code on failure.
  */
-int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
-                const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                       const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -228,10 +227,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
  *                  error code on failure.
  */
-int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
-                            mbedtls_mpi *s, const mbedtls_mpi *d,
-                            const unsigned char *buf, size_t blen,
-                            mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
+int mbedtls_ecdsa_sign_det(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+                           mbedtls_mpi *s, const mbedtls_mpi *d,
+                           const unsigned char *buf, size_t blen,
+                           mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED;
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -274,12 +273,12 @@ int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
  *                  error code on failure.
  */
-int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
-                            mbedtls_mpi *s, const mbedtls_mpi *d,
-                            const unsigned char *buf, size_t blen,
-                            mbedtls_md_type_t md_alg,
-                            int (*f_rng_blind)(void *, unsigned char *, size_t),
-                            void *p_rng_blind );
+int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r,
+                               mbedtls_mpi *s, const mbedtls_mpi *d,
+                               const unsigned char *buf, size_t blen,
+                               mbedtls_md_type_t md_alg,
+                               int (*f_rng_blind)(void *, unsigned char *, size_t),
+                               void *p_rng_blind);
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
 
 /**
@@ -312,10 +311,10 @@ int mbedtls_ecdsa_sign_det_ext( mbedtls_ecp_group *grp, mbedtls_mpi *r,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
  *                  error code on failure.
  */
-int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
-                          const unsigned char *buf, size_t blen,
-                          const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
-                          const mbedtls_mpi *s);
+int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp,
+                         const unsigned char *buf, size_t blen,
+                         const mbedtls_ecp_point *Q, const mbedtls_mpi *r,
+                         const mbedtls_mpi *s);
 
 /**
  * \brief           This function computes the ECDSA signature and writes it
@@ -365,12 +364,12 @@ int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
  *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
-                                   mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hlen,
-                           unsigned char *sig, size_t *slen,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng );
+int mbedtls_ecdsa_write_signature(mbedtls_ecdsa_context *ctx,
+                                  mbedtls_md_type_t md_alg,
+                                  const unsigned char *hash, size_t hlen,
+                                  unsigned char *sig, size_t *slen,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng);
 
 /**
  * \brief           This function computes the ECDSA signature and writes it
@@ -411,16 +410,16 @@ int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx,
  * \return          Another \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
  *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
-                           mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hlen,
-                           unsigned char *sig, size_t *slen,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng,
-                           mbedtls_ecdsa_restart_ctx *rs_ctx );
+int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx,
+                                              mbedtls_md_type_t md_alg,
+                                              const unsigned char *hash, size_t hlen,
+                                              unsigned char *sig, size_t *slen,
+                                              int (*f_rng)(void *, unsigned char *, size_t),
+                                              void *p_rng,
+                                              mbedtls_ecdsa_restart_ctx *rs_ctx);
 
 #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -469,10 +468,10 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
  * \return          An \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
  *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
  */
-int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
-                               const unsigned char *hash, size_t hlen,
-                               unsigned char *sig, size_t *slen,
-                               mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
+int mbedtls_ecdsa_write_signature_det(mbedtls_ecdsa_context *ctx,
+                                      const unsigned char *hash, size_t hlen,
+                                      unsigned char *sig, size_t *slen,
+                                      mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED;
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
@@ -504,9 +503,9 @@ int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
  *                  error code on failure for any other reason.
  */
-int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
-                          const unsigned char *hash, size_t hlen,
-                          const unsigned char *sig, size_t slen );
+int mbedtls_ecdsa_read_signature(mbedtls_ecdsa_context *ctx,
+                                 const unsigned char *hash, size_t hlen,
+                                 const unsigned char *sig, size_t slen);
 
 /**
  * \brief           This function reads and verifies an ECDSA signature,
@@ -539,10 +538,10 @@ int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
  * \return          Another \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
  *                  error code on failure for any other reason.
  */
-int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
-                          const unsigned char *hash, size_t hlen,
-                          const unsigned char *sig, size_t slen,
-                          mbedtls_ecdsa_restart_ctx *rs_ctx );
+int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx,
+                                             const unsigned char *hash, size_t hlen,
+                                             const unsigned char *sig, size_t slen,
+                                             mbedtls_ecdsa_restart_ctx *rs_ctx);
 
 /**
  * \brief          This function generates an ECDSA keypair on the given curve.
@@ -560,8 +559,8 @@ int mbedtls_ecdsa_read_signature_restartable( mbedtls_ecdsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_ECP_XXX code on failure.
  */
-int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
-                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
+                         int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           This function sets up an ECDSA context from an EC key pair.
@@ -578,8 +577,8 @@ int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_ECP_XXX code on failure.
  */
-int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
-                                const mbedtls_ecp_keypair *key );
+int mbedtls_ecdsa_from_keypair(mbedtls_ecdsa_context *ctx,
+                               const mbedtls_ecp_keypair *key);
 
 /**
  * \brief           This function initializes an ECDSA context.
@@ -587,7 +586,7 @@ int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx,
  * \param ctx       The ECDSA context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
+void mbedtls_ecdsa_init(mbedtls_ecdsa_context *ctx);
 
 /**
  * \brief           This function frees an ECDSA context.
@@ -596,7 +595,7 @@ void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
  *                  in which case this function does nothing. If it
  *                  is not \c NULL, it must be initialized.
  */
-void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
+void mbedtls_ecdsa_free(mbedtls_ecdsa_context *ctx);
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -605,7 +604,7 @@ void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
  * \param ctx       The restart context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
+void mbedtls_ecdsa_restart_init(mbedtls_ecdsa_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context.
@@ -614,7 +613,7 @@ void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx );
  *                  in which case this function does nothing. If it
  *                  is not \c NULL, it must be initialized.
  */
-void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx );
+void mbedtls_ecdsa_restart_free(mbedtls_ecdsa_restart_ctx *ctx);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/ecjpake.h

@@ -71,8 +71,7 @@ typedef enum {
  * convention from the Thread v1.0 spec. Correspondence is indicated in the
  * description as a pair C: client name, S: server name
  */
-typedef struct mbedtls_ecjpake_context
-{
+typedef struct mbedtls_ecjpake_context {
     const mbedtls_md_info_t *md_info;   /**< Hash to use                    */
     mbedtls_ecp_group grp;              /**< Elliptic curve                 */
     mbedtls_ecjpake_role role;          /**< Are we client or server?       */
@@ -100,7 +99,7 @@ typedef struct mbedtls_ecjpake_context
  * \param ctx       The ECJPAKE context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
+void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx);
 
 /**
  * \brief           Set up an ECJPAKE context for use.
@@ -123,12 +122,12 @@ void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
-                           mbedtls_ecjpake_role role,
-                           mbedtls_md_type_t hash,
-                           mbedtls_ecp_group_id curve,
-                           const unsigned char *secret,
-                           size_t len );
+int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx,
+                          mbedtls_ecjpake_role role,
+                          mbedtls_md_type_t hash,
+                          mbedtls_ecp_group_id curve,
+                          const unsigned char *secret,
+                          size_t len);
 
 /**
  * \brief           Check if an ECJPAKE context is ready for use.
@@ -139,7 +138,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if the context is ready for use.
  * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise.
  */
-int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
+int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx);
 
 /**
  * \brief           Generate and write the first round message
@@ -160,10 +159,10 @@ int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng );
+int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx,
+                                    unsigned char *buf, size_t len, size_t *olen,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng);
 
 /**
  * \brief           Read and process the first round message
@@ -179,9 +178,9 @@ int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
-                                    const unsigned char *buf,
-                                    size_t len );
+int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx,
+                                   const unsigned char *buf,
+                                   size_t len);
 
 /**
  * \brief           Generate and write the second round message
@@ -201,10 +200,10 @@ int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng );
+int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx,
+                                    unsigned char *buf, size_t len, size_t *olen,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng);
 
 /**
  * \brief           Read and process the second round message
@@ -219,9 +218,9 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
-                                    const unsigned char *buf,
-                                    size_t len );
+int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx,
+                                   const unsigned char *buf,
+                                   size_t len);
 
 /**
  * \brief           Derive the shared secret
@@ -241,10 +240,10 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
  * \return          \c 0 if successful.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
-                            unsigned char *buf, size_t len, size_t *olen,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng );
+int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx,
+                                  unsigned char *buf, size_t len, size_t *olen,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng);
 
 /**
  * \brief           This clears an ECJPAKE context and frees any
@@ -254,7 +253,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
  *                  in which case this function does nothing. If it is not
  *                  \c NULL, it must point to an initialized ECJPAKE context.
  */
-void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
+void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -263,7 +262,7 @@ void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_ecjpake_self_test( int verbose );
+int mbedtls_ecjpake_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/ecp.h

@@ -117,8 +117,7 @@ extern "C" {
  * - Add the curve to the ecp_supported_curves array in ecp.c.
  * - Add the curve to applicable profiles in x509_crt.c if applicable.
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECP_DP_NONE = 0,       /*!< Curve not defined. */
     MBEDTLS_ECP_DP_SECP192R1,      /*!< Domain parameters for the 192-bit curve defined by FIPS 186-4 and SEC1. */
     MBEDTLS_ECP_DP_SECP224R1,      /*!< Domain parameters for the 224-bit curve defined by FIPS 186-4 and SEC1. */
@@ -145,8 +144,7 @@ typedef enum
 /*
  * Curve types
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_ECP_TYPE_NONE = 0,
     MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS,    /* y^2 = x^3 + a x + b      */
     MBEDTLS_ECP_TYPE_MONTGOMERY,           /* y^2 = x^3 + a x^2 + x    */
@@ -155,8 +153,7 @@ typedef enum
 /**
  * Curve information, for use by other modules.
  */
-typedef struct mbedtls_ecp_curve_info
-{
+typedef struct mbedtls_ecp_curve_info {
     mbedtls_ecp_group_id grp_id;    /*!< An internal identifier. */
     uint16_t tls_id;                /*!< The TLS NamedCurve identifier. */
     uint16_t bit_size;              /*!< The curve size in bits. */
@@ -174,8 +171,7 @@ typedef struct mbedtls_ecp_curve_info
  *                  Otherwise, \p X and \p Y are its standard (affine)
  *                  coordinates.
  */
-typedef struct mbedtls_ecp_point
-{
+typedef struct mbedtls_ecp_point {
     mbedtls_mpi X;          /*!< The X coordinate of the ECP point. */
     mbedtls_mpi Y;          /*!< The Y coordinate of the ECP point. */
     mbedtls_mpi Z;          /*!< The Z coordinate of the ECP point. */
@@ -257,8 +253,7 @@ mbedtls_ecp_point;
  *              identical.
  *
  */
-typedef struct mbedtls_ecp_group
-{
+typedef struct mbedtls_ecp_group {
     mbedtls_ecp_group_id id;    /*!< An internal group identifier. */
     mbedtls_mpi P;              /*!< The prime modulus of the base field. */
     mbedtls_mpi A;              /*!< For Short Weierstrass: \p A in the equation. For
@@ -309,8 +304,8 @@ mbedtls_ecp_group;
 #define MBEDTLS_ECP_MAX_BITS 1
 #endif
 
-#define MBEDTLS_ECP_MAX_BYTES    ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
-#define MBEDTLS_ECP_MAX_PT_LEN   ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
+#define MBEDTLS_ECP_MAX_BYTES    ((MBEDTLS_ECP_MAX_BITS + 7) / 8)
+#define MBEDTLS_ECP_MAX_PT_LEN   (2 * MBEDTLS_ECP_MAX_BYTES + 1)
 
 #if !defined(MBEDTLS_ECP_WINDOW_SIZE)
 /*
@@ -376,8 +371,7 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx;
 /**
  * \brief           General context for resuming ECC operations
  */
-typedef struct
-{
+typedef struct {
     unsigned ops_done;                  /*!<  current ops count             */
     unsigned depth;                     /*!<  call depth (0 = top-level)    */
     mbedtls_ecp_restart_mul_ctx *rsm;   /*!<  ecp_mul_comb() sub-context    */
@@ -403,18 +397,18 @@ typedef struct
  * \return          \c 0 if doing \p ops basic ops is still allowed,
  * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS otherwise.
  */
-int mbedtls_ecp_check_budget( const mbedtls_ecp_group *grp,
-                              mbedtls_ecp_restart_ctx *rs_ctx,
-                              unsigned ops );
+int mbedtls_ecp_check_budget(const mbedtls_ecp_group *grp,
+                             mbedtls_ecp_restart_ctx *rs_ctx,
+                             unsigned ops);
 
 /* Utility macro for checking and updating ops budget */
-#define MBEDTLS_ECP_BUDGET( ops )   \
-    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, rs_ctx, \
-                                               (unsigned) (ops) ) );
+#define MBEDTLS_ECP_BUDGET(ops)   \
+    MBEDTLS_MPI_CHK(mbedtls_ecp_check_budget(grp, rs_ctx, \
+                                             (unsigned) (ops)));
 
 #else /* MBEDTLS_ECP_RESTARTABLE */
 
-#define MBEDTLS_ECP_BUDGET( ops )   /* no-op; for compatibility */
+#define MBEDTLS_ECP_BUDGET(ops)     /* no-op; for compatibility */
 
 /* We want to declare restartable versions of existing functions anyway */
 typedef void mbedtls_ecp_restart_ctx;
@@ -429,8 +423,7 @@ typedef void mbedtls_ecp_restart_ctx;
  * \note    Members are deliberately in the same order as in the
  *          ::mbedtls_ecdsa_context structure.
  */
-typedef struct mbedtls_ecp_keypair
-{
+typedef struct mbedtls_ecp_keypair {
     mbedtls_ecp_group grp;      /*!<  Elliptic curve and base point     */
     mbedtls_mpi d;              /*!<  our secret value                  */
     mbedtls_ecp_point Q;        /*!<  our public value                  */
@@ -506,7 +499,7 @@ mbedtls_ecp_keypair;
  *
  * \note            This setting is currently ignored by Curve25519.
  */
-void mbedtls_ecp_set_max_ops( unsigned max_ops );
+void mbedtls_ecp_set_max_ops(unsigned max_ops);
 
 /**
  * \brief           Check if restart is enabled (max_ops != 0)
@@ -514,13 +507,13 @@ void mbedtls_ecp_set_max_ops( unsigned max_ops );
  * \return          \c 0 if \c max_ops == 0 (restart disabled)
  * \return          \c 1 otherwise (restart enabled)
  */
-int mbedtls_ecp_restart_is_enabled( void );
+int mbedtls_ecp_restart_is_enabled(void);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 /*
  * Get the type of a curve
  */
-mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
+mbedtls_ecp_curve_type mbedtls_ecp_get_type(const mbedtls_ecp_group *grp);
 
 /**
  * \brief           This function retrieves the information defined in
@@ -534,7 +527,7 @@ mbedtls_ecp_curve_type mbedtls_ecp_get_type( const mbedtls_ecp_group *grp );
  *
  * \return          A statically allocated array. The last entry is 0.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list(void);
 
 /**
  * \brief           This function retrieves the list of internal group
@@ -550,7 +543,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
  * \return          A statically allocated array,
  *                  terminated with MBEDTLS_ECP_DP_NONE.
  */
-const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
+const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list(void);
 
 /**
  * \brief           This function retrieves curve information from an internal
@@ -561,7 +554,7 @@ const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
  * \return          The associated curve information on success.
  * \return          NULL on failure.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id(mbedtls_ecp_group_id grp_id);
 
 /**
  * \brief           This function retrieves curve information from a TLS
@@ -572,7 +565,7 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_gr
  * \return          The associated curve information on success.
  * \return          NULL on failure.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id(uint16_t tls_id);
 
 /**
  * \brief           This function retrieves curve information from a
@@ -583,14 +576,14 @@ const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_i
  * \return          The associated curve information on success.
  * \return          NULL on failure.
  */
-const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name );
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name(const char *name);
 
 /**
  * \brief           This function initializes a point as zero.
  *
  * \param pt        The point to initialize.
  */
-void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
+void mbedtls_ecp_point_init(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function initializes an ECP group context
@@ -601,21 +594,21 @@ void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
  *                  mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
  *                  functions.
  */
-void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
+void mbedtls_ecp_group_init(mbedtls_ecp_group *grp);
 
 /**
  * \brief           This function initializes a key pair as an invalid one.
  *
  * \param key       The key pair to initialize.
  */
-void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key );
+void mbedtls_ecp_keypair_init(mbedtls_ecp_keypair *key);
 
 /**
  * \brief           This function frees the components of a point.
  *
  * \param pt        The point to free.
  */
-void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
+void mbedtls_ecp_point_free(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function frees the components of an ECP group.
@@ -624,7 +617,7 @@ void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
  *                  case this function returns immediately. If it is not
  *                  \c NULL, it must point to an initialized ECP group.
  */
-void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
+void mbedtls_ecp_group_free(mbedtls_ecp_group *grp);
 
 /**
  * \brief           This function frees the components of a key pair.
@@ -633,7 +626,7 @@ void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
  *                  case this function returns immediately. If it is not
  *                  \c NULL, it must point to an initialized ECP key pair.
  */
-void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
+void mbedtls_ecp_keypair_free(mbedtls_ecp_keypair *key);
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -642,7 +635,7 @@ void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
  * \param ctx       The restart context to initialize. This must
  *                  not be \c NULL.
  */
-void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
+void mbedtls_ecp_restart_init(mbedtls_ecp_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context.
@@ -651,7 +644,7 @@ void mbedtls_ecp_restart_init( mbedtls_ecp_restart_ctx *ctx );
  *                  case this function returns immediately. If it is not
  *                  \c NULL, it must point to an initialized restart context.
  */
-void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
+void mbedtls_ecp_restart_free(mbedtls_ecp_restart_ctx *ctx);
 #endif /* MBEDTLS_ECP_RESTARTABLE */
 
 /**
@@ -665,7 +658,7 @@ void mbedtls_ecp_restart_free( mbedtls_ecp_restart_ctx *ctx );
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code for other kinds of failure.
  */
-int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
+int mbedtls_ecp_copy(mbedtls_ecp_point *P, const mbedtls_ecp_point *Q);
 
 /**
  * \brief           This function copies the contents of group \p src into
@@ -678,8 +671,8 @@ int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
-                            const mbedtls_ecp_group *src );
+int mbedtls_ecp_group_copy(mbedtls_ecp_group *dst,
+                           const mbedtls_ecp_group *src);
 
 /**
  * \brief           This function sets a point to the point at infinity.
@@ -690,7 +683,7 @@ int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst,
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
+int mbedtls_ecp_set_zero(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function checks if a point is the point at infinity.
@@ -701,7 +694,7 @@ int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
  * \return          \c 0 if the point is non-zero.
  * \return          A negative error code on failure.
  */
-int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
+int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function compares two points.
@@ -715,8 +708,8 @@ int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
  * \return          \c 0 if the points are equal.
  * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the points are not equal.
  */
-int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
-                           const mbedtls_ecp_point *Q );
+int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P,
+                          const mbedtls_ecp_point *Q);
 
 /**
  * \brief           This function imports a non-zero point from two ASCII
@@ -730,8 +723,8 @@ int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
  * \return          \c 0 on success.
  * \return          An \c MBEDTLS_ERR_MPI_XXX error code on failure.
  */
-int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
-                           const char *x, const char *y );
+int mbedtls_ecp_point_read_string(mbedtls_ecp_point *P, int radix,
+                                  const char *x, const char *y);
 
 /**
  * \brief           This function exports a point into unsigned binary data.
@@ -758,10 +751,10 @@ int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
  *                  or the export for the given group is not implemented.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
-                                    const mbedtls_ecp_point *P,
-                                    int format, size_t *olen,
-                                    unsigned char *buf, size_t buflen );
+int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp,
+                                   const mbedtls_ecp_point *P,
+                                   int format, size_t *olen,
+                                   unsigned char *buf, size_t buflen);
 
 /**
  * \brief           This function imports a point from unsigned binary data.
@@ -785,9 +778,9 @@ int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp,
  * \return          #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the import for the
  *                  given group is not implemented.
  */
-int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
-                                   mbedtls_ecp_point *P,
-                                   const unsigned char *buf, size_t ilen );
+int mbedtls_ecp_point_read_binary(const mbedtls_ecp_group *grp,
+                                  mbedtls_ecp_point *P,
+                                  const unsigned char *buf, size_t ilen);
 
 /**
  * \brief           This function imports a point from a TLS ECPoint record.
@@ -807,9 +800,9 @@ int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp,
  *                  failure.
  * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid.
  */
-int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
-                                mbedtls_ecp_point *pt,
-                                const unsigned char **buf, size_t len );
+int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp,
+                               mbedtls_ecp_point *pt,
+                               const unsigned char **buf, size_t len);
 
 /**
  * \brief           This function exports a point as a TLS ECPoint record
@@ -833,10 +826,10 @@ int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp,
  *                  is too small to hold the exported point.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
-                                 const mbedtls_ecp_point *pt,
-                                 int format, size_t *olen,
-                                 unsigned char *buf, size_t blen );
+int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp,
+                                const mbedtls_ecp_point *pt,
+                                int format, size_t *olen,
+                                unsigned char *buf, size_t blen);
 
 /**
  * \brief           This function sets up an ECP group context
@@ -855,7 +848,7 @@ int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp,
  *                  correspond to a known group.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
+int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id);
 
 /**
  * \brief           This function sets up an ECP group context from a TLS
@@ -874,8 +867,8 @@ int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
  *                  recognized.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
-                                const unsigned char **buf, size_t len );
+int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp,
+                               const unsigned char **buf, size_t len);
 
 /**
  * \brief           This function extracts an elliptic curve group ID from a
@@ -895,9 +888,9 @@ int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp,
  *                  recognized.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
-                                   const unsigned char **buf,
-                                   size_t len );
+int mbedtls_ecp_tls_read_group_id(mbedtls_ecp_group_id *grp,
+                                  const unsigned char **buf,
+                                  size_t len);
 /**
  * \brief           This function exports an elliptic curve as a TLS
  *                  ECParameters record as defined in RFC 4492, Section 5.4.
@@ -916,9 +909,9 @@ int mbedtls_ecp_tls_read_group_id( mbedtls_ecp_group_id *grp,
  *                  buffer is too small to hold the exported group.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
-                                 size_t *olen,
-                                 unsigned char *buf, size_t blen );
+int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp,
+                                size_t *olen,
+                                unsigned char *buf, size_t blen);
 
 /**
  * \brief           This function performs a scalar multiplication of a point
@@ -956,9 +949,9 @@ int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp,
  * \return          #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                    const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           This function performs multiplication of a point by
@@ -990,10 +983,10 @@ int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             mbedtls_ecp_restart_ctx *rs_ctx );
+int mbedtls_ecp_mul_restartable(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                                const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                mbedtls_ecp_restart_ctx *rs_ctx);
 
 #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
 /**
@@ -1031,9 +1024,9 @@ int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
  *                  designate a short Weierstrass curve.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
+int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                       const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                       const mbedtls_mpi *n, const mbedtls_ecp_point *Q);
 
 /**
  * \brief           This function performs multiplication and addition of two
@@ -1076,10 +1069,10 @@ int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
  * \return          Another negative error code on other kinds of failure.
  */
 int mbedtls_ecp_muladd_restartable(
-             mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
-             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
-             const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
-             mbedtls_ecp_restart_ctx *rs_ctx );
+    mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+    const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+    const mbedtls_mpi *n, const mbedtls_ecp_point *Q,
+    mbedtls_ecp_restart_ctx *rs_ctx);
 #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
 
 /**
@@ -1109,8 +1102,8 @@ int mbedtls_ecp_muladd_restartable(
  *                  a valid public key for the given curve.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
-                              const mbedtls_ecp_point *pt );
+int mbedtls_ecp_check_pubkey(const mbedtls_ecp_group *grp,
+                             const mbedtls_ecp_point *pt);
 
 /**
  * \brief           This function checks that an \p mbedtls_mpi is a
@@ -1131,8 +1124,8 @@ int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp,
  *                  private key for the given curve.
  * \return          Another negative error code on other kinds of failure.
  */
-int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
-                               const mbedtls_mpi *d );
+int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
+                              const mbedtls_mpi *d);
 
 /**
  * \brief           This function generates a private key.
@@ -1149,10 +1142,10 @@ int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
-                     mbedtls_mpi *d,
-                     int (*f_rng)(void *, unsigned char *, size_t),
-                     void *p_rng );
+int mbedtls_ecp_gen_privkey(const mbedtls_ecp_group *grp,
+                            mbedtls_mpi *d,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief           This function generates a keypair with a configurable base
@@ -1181,11 +1174,11 @@ int mbedtls_ecp_gen_privkey( const mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
-                                  const mbedtls_ecp_point *G,
-                                  mbedtls_mpi *d, mbedtls_ecp_point *Q,
-                                  int (*f_rng)(void *, unsigned char *, size_t),
-                                  void *p_rng );
+int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp,
+                                 const mbedtls_ecp_point *G,
+                                 mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng);
 
 /**
  * \brief           This function generates an ECP keypair.
@@ -1210,10 +1203,10 @@ int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
-                             mbedtls_ecp_point *Q,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng );
+int mbedtls_ecp_gen_keypair(mbedtls_ecp_group *grp, mbedtls_mpi *d,
+                            mbedtls_ecp_point *Q,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 
 /**
  * \brief           This function generates an ECP key.
@@ -1228,9 +1221,9 @@ int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code
  *                  on failure.
  */
-int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
+int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng);
 
 /**
  * \brief           This function reads an elliptic curve private key.
@@ -1250,8 +1243,8 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
  *                  the group is not implemented.
  * \return          Another negative error code on different kinds of failure.
  */
-int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
-                          const unsigned char *buf, size_t buflen );
+int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                         const unsigned char *buf, size_t buflen);
 
 /**
  * \brief           This function exports an elliptic curve private key.
@@ -1269,8 +1262,8 @@ int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
  *                  the group is not implemented.
  * \return          Another negative error code on different kinds of failure.
  */
-int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
-                           unsigned char *buf, size_t buflen );
+int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key,
+                          unsigned char *buf, size_t buflen);
 
 /**
  * \brief           This function checks that the keypair objects
@@ -1289,8 +1282,8 @@ int mbedtls_ecp_write_key( mbedtls_ecp_keypair *key,
  * \return          An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX
  *                  error code on calculation failure.
  */
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
-                                const mbedtls_ecp_keypair *prv );
+int mbedtls_ecp_check_pub_priv(const mbedtls_ecp_keypair *pub,
+                               const mbedtls_ecp_keypair *prv);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -1300,7 +1293,7 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_ecp_self_test( int verbose );
+int mbedtls_ecp_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/ecp_internal.h

@@ -76,7 +76,7 @@
  *
  * \return          Non-zero if successful.
  */
-unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp );
+unsigned char mbedtls_internal_ecp_grp_capable(const mbedtls_ecp_group *grp);
 
 /**
  * \brief           Initialise the Elliptic Curve Point module extension.
@@ -93,7 +93,7 @@ unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp );
  *
  * \return          0 if successful.
  */
-int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp );
+int mbedtls_internal_ecp_init(const mbedtls_ecp_group *grp);
 
 /**
  * \brief           Frees and deallocates the Elliptic Curve Point module
@@ -101,7 +101,7 @@ int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp );
  *
  * \param grp       The pointer to the group the module was initialised for.
  */
-void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp );
+void mbedtls_internal_ecp_free(const mbedtls_ecp_group *grp);
 
 #if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED)
 
@@ -121,9 +121,11 @@ void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp );
  *
  * \return          0 if successful.
  */
-int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t),
-        void *p_rng );
+int mbedtls_internal_ecp_randomize_jac(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *pt, int (*f_rng)(void *,
+                                                                           unsigned char *,
+                                                                           size_t),
+                                       void *p_rng);
 #endif
 
 #if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
@@ -166,9 +168,9 @@ int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp,
  *
  * \return          0 if successful.
  */
-int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
-        const mbedtls_ecp_point *Q );
+int mbedtls_internal_ecp_add_mixed(const mbedtls_ecp_group *grp,
+                                   mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
+                                   const mbedtls_ecp_point *Q);
 #endif
 
 /**
@@ -191,8 +193,8 @@ int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp,
  * \return          0 if successful.
  */
 #if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
-int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *R, const mbedtls_ecp_point *P );
+int mbedtls_internal_ecp_double_jac(const mbedtls_ecp_group *grp,
+                                    mbedtls_ecp_point *R, const mbedtls_ecp_point *P);
 #endif
 
 /**
@@ -221,8 +223,8 @@ int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp,
  *                      an error if one of the points is zero.
  */
 #if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
-int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *T[], size_t t_len );
+int mbedtls_internal_ecp_normalize_jac_many(const mbedtls_ecp_group *grp,
+                                            mbedtls_ecp_point *T[], size_t t_len);
 #endif
 
 /**
@@ -239,8 +241,8 @@ int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
  * \return          0 if successful.
  */
 #if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
-int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *pt );
+int mbedtls_internal_ecp_normalize_jac(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *pt);
 #endif
 
 #endif /* MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED */
@@ -248,9 +250,12 @@ int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp,
 #if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
 
 #if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
-int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *R, mbedtls_ecp_point *S, const mbedtls_ecp_point *P,
-        const mbedtls_ecp_point *Q, const mbedtls_mpi *d );
+int mbedtls_internal_ecp_double_add_mxz(const mbedtls_ecp_group *grp,
+                                        mbedtls_ecp_point *R,
+                                        mbedtls_ecp_point *S,
+                                        const mbedtls_ecp_point *P,
+                                        const mbedtls_ecp_point *Q,
+                                        const mbedtls_mpi *d);
 #endif
 
 /**
@@ -269,9 +274,11 @@ int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
  * \return          0 if successful
  */
 #if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
-int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t),
-        void *p_rng );
+int mbedtls_internal_ecp_randomize_mxz(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *P, int (*f_rng)(void *,
+                                                                          unsigned char *,
+                                                                          size_t),
+                                       void *p_rng);
 #endif
 
 /**
@@ -285,8 +292,8 @@ int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp,
  * \return          0 if successful
  */
 #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
-int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp,
-        mbedtls_ecp_point *P );
+int mbedtls_internal_ecp_normalize_mxz(const mbedtls_ecp_group *grp,
+                                       mbedtls_ecp_point *P);
 #endif
 
 #endif /* MBEDTLS_ECP_MONTGOMERY_ENABLED */
@@ -294,4 +301,3 @@ int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp,
 #endif /* MBEDTLS_ECP_INTERNAL_ALT */
 
 #endif /* ecp_internal.h */
-

thirdparty/mbedtls/include/mbedtls/entropy.h

@@ -105,15 +105,14 @@ extern "C" {
  *                  MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
  */
 typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
-                            size_t *olen);
+                                            size_t *olen);
 
 /**
  * \brief           Entropy source state
  */
-typedef struct mbedtls_entropy_source_state
-{
+typedef struct mbedtls_entropy_source_state {
     mbedtls_entropy_f_source_ptr    f_source;   /**< The entropy source callback */
-    void *          p_source;   /**< The callback data pointer */
+    void *p_source;             /**< The callback data pointer */
     size_t          size;       /**< Amount received in bytes */
     size_t          threshold;  /**< Minimum bytes required before release */
     int             strong;     /**< Is the source strong? */
@@ -123,8 +122,7 @@ mbedtls_entropy_source_state;
 /**
  * \brief           Entropy context structure
  */
-typedef struct mbedtls_entropy_context
-{
+typedef struct mbedtls_entropy_context {
     int accumulator_started; /* 0 after init.
                               * 1 after the first update.
                               * -1 after free. */
@@ -152,14 +150,14 @@ mbedtls_entropy_context;
  *
  * \param ctx       Entropy context to initialize
  */
-void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
+void mbedtls_entropy_init(mbedtls_entropy_context *ctx);
 
 /**
  * \brief           Free the data in the context
  *
  * \param ctx       Entropy context to free
  */
-void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
+void mbedtls_entropy_free(mbedtls_entropy_context *ctx);
 
 /**
  * \brief           Adds an entropy source to poll
@@ -178,9 +176,9 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
  *
  * \return          0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
  */
-int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
-                        mbedtls_entropy_f_source_ptr f_source, void *p_source,
-                        size_t threshold, int strong );
+int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
+                               mbedtls_entropy_f_source_ptr f_source, void *p_source,
+                               size_t threshold, int strong);
 
 /**
  * \brief           Trigger an extra gather poll for the accumulator
@@ -190,7 +188,7 @@ int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
  *
  * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
+int mbedtls_entropy_gather(mbedtls_entropy_context *ctx);
 
 /**
  * \brief           Retrieve entropy from the accumulator
@@ -203,7 +201,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
  *
  * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
+int mbedtls_entropy_func(void *data, unsigned char *output, size_t len);
 
 /**
  * \brief           Add data to the accumulator manually
@@ -215,8 +213,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
  *
  * \return          0 if successful
  */
-int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
-                           const unsigned char *data, size_t len );
+int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
+                                  const unsigned char *data, size_t len);
 
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
 /**
@@ -227,7 +225,7 @@ int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
  *
  * \return          0 if successful
  */
-int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
+int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx);
 #endif /* MBEDTLS_ENTROPY_NV_SEED */
 
 #if defined(MBEDTLS_FS_IO)
@@ -241,7 +239,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
  *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
  *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
+int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path);
 
 /**
  * \brief               Read and update a seed file. Seed is added to this
@@ -255,7 +253,7 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
  *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
  *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
  */
-int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
+int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -267,7 +265,7 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_entropy_self_test( int verbose );
+int mbedtls_entropy_self_test(int verbose);
 
 #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
 /**
@@ -283,7 +281,7 @@ int mbedtls_entropy_self_test( int verbose );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_entropy_source_self_test( int verbose );
+int mbedtls_entropy_source_self_test(int verbose);
 #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/entropy_poll.h

@@ -48,16 +48,16 @@ extern "C" {
  * \brief           Entropy poll callback that provides 0 entropy.
  */
 #if defined(MBEDTLS_TEST_NULL_ENTROPY)
-    int mbedtls_null_entropy_poll( void *data,
-                                unsigned char *output, size_t len, size_t *olen );
+int mbedtls_null_entropy_poll(void *data,
+                              unsigned char *output, size_t len, size_t *olen);
 #endif
 
 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
 /**
  * \brief           Platform-specific entropy poll callback
  */
-int mbedtls_platform_entropy_poll( void *data,
-                           unsigned char *output, size_t len, size_t *olen );
+int mbedtls_platform_entropy_poll(void *data,
+                                  unsigned char *output, size_t len, size_t *olen);
 #endif
 
 #if defined(MBEDTLS_HAVEGE_C)
@@ -66,16 +66,16 @@ int mbedtls_platform_entropy_poll( void *data,
  *
  * Requires an HAVEGE state as its data pointer.
  */
-int mbedtls_havege_poll( void *data,
-                 unsigned char *output, size_t len, size_t *olen );
+int mbedtls_havege_poll(void *data,
+                        unsigned char *output, size_t len, size_t *olen);
 #endif
 
 #if defined(MBEDTLS_TIMING_C)
 /**
  * \brief           mbedtls_timing_hardclock-based entropy poll callback
  */
-int mbedtls_hardclock_poll( void *data,
-                    unsigned char *output, size_t len, size_t *olen );
+int mbedtls_hardclock_poll(void *data,
+                           unsigned char *output, size_t len, size_t *olen);
 #endif
 
 #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
@@ -87,8 +87,8 @@ int mbedtls_hardclock_poll( void *data,
  *
  * \note            This must accept NULL as its first argument.
  */
-int mbedtls_hardware_poll( void *data,
-                           unsigned char *output, size_t len, size_t *olen );
+int mbedtls_hardware_poll(void *data,
+                          unsigned char *output, size_t len, size_t *olen);
 #endif
 
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
@@ -97,8 +97,8 @@ int mbedtls_hardware_poll( void *data,
  *
  * \note            This must accept NULL as its first argument.
  */
-int mbedtls_nv_seed_poll( void *data,
-                          unsigned char *output, size_t len, size_t *olen );
+int mbedtls_nv_seed_poll(void *data,
+                         unsigned char *output, size_t len, size_t *olen);
 #endif
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/error.h

@@ -30,7 +30,7 @@
 
 #include <stddef.h>
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -127,15 +127,15 @@ extern "C" {
  *        Wrapper macro for mbedtls_error_add(). See that function for
  *        more details.
  */
-#define MBEDTLS_ERROR_ADD( high, low ) \
-        mbedtls_error_add( high, low, __FILE__, __LINE__ )
+#define MBEDTLS_ERROR_ADD(high, low) \
+    mbedtls_error_add(high, low, __FILE__, __LINE__)
 
 #if defined(MBEDTLS_TEST_HOOKS)
 /**
  * \brief Testing hook called before adding/combining two error codes together.
  *        Only used when invasive testing is enabled via MBEDTLS_TEST_HOOKS.
  */
-extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
+extern void (*mbedtls_test_hook_error_add)(int, int, const char *, int);
 #endif
 
 /**
@@ -156,17 +156,18 @@ extern void (*mbedtls_test_hook_error_add)( int, int, const char *, int );
  * \param file      file where this error code addition occurred.
  * \param line      line where this error code addition occurred.
  */
-static inline int mbedtls_error_add( int high, int low,
-                                     const char *file, int line )
+static inline int mbedtls_error_add(int high, int low,
+                                    const char *file, int line)
 {
 #if defined(MBEDTLS_TEST_HOOKS)
-    if( *mbedtls_test_hook_error_add != NULL )
-        ( *mbedtls_test_hook_error_add )( high, low, file, line );
+    if (*mbedtls_test_hook_error_add != NULL) {
+        (*mbedtls_test_hook_error_add)(high, low, file, line);
+    }
 #endif
-    (void)file;
-    (void)line;
+    (void) file;
+    (void) line;
 
-    return( high + low );
+    return high + low;
 }
 
 /**
@@ -178,7 +179,7 @@ static inline int mbedtls_error_add( int high, int low,
  * \param buffer    buffer to place representation in
  * \param buflen    length of the buffer
  */
-void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
+void mbedtls_strerror(int errnum, char *buffer, size_t buflen);
 
 /**
  * \brief Translate the high-level part of an Mbed TLS error code into a string
@@ -193,7 +194,7 @@ void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
  * \return The string representation of the error code, or \c NULL if the error
  *         code is unknown.
  */
-const char * mbedtls_high_level_strerr( int error_code );
+const char *mbedtls_high_level_strerr(int error_code);
 
 /**
  * \brief Translate the low-level part of an Mbed TLS error code into a string
@@ -208,7 +209,7 @@ const char * mbedtls_high_level_strerr( int error_code );
  * \return The string representation of the error code, or \c NULL if the error
  *         code is unknown.
  */
-const char * mbedtls_low_level_strerr( int error_code );
+const char *mbedtls_low_level_strerr(int error_code);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/gcm.h

@@ -63,8 +63,7 @@ extern "C" {
 /**
  * \brief          The GCM context structure.
  */
-typedef struct mbedtls_gcm_context
-{
+typedef struct mbedtls_gcm_context {
     mbedtls_cipher_context_t cipher_ctx;  /*!< The cipher context used. */
     uint64_t HL[16];                      /*!< Precalculated HTable low. */
     uint64_t HH[16];                      /*!< Precalculated HTable high. */
@@ -74,8 +73,8 @@ typedef struct mbedtls_gcm_context
     unsigned char y[16];                  /*!< The Y working value. */
     unsigned char buf[16];                /*!< The buf working value. */
     int mode;                             /*!< The operation to perform:
-                                               #MBEDTLS_GCM_ENCRYPT or
-                                               #MBEDTLS_GCM_DECRYPT. */
+                                           #MBEDTLS_GCM_ENCRYPT or
+                                           #MBEDTLS_GCM_DECRYPT. */
 }
 mbedtls_gcm_context;
 
@@ -94,7 +93,7 @@ mbedtls_gcm_context;
  *
  * \param ctx       The GCM context to initialize. This must not be \c NULL.
  */
-void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
+void mbedtls_gcm_init(mbedtls_gcm_context *ctx);
 
 /**
  * \brief           This function associates a GCM context with a
@@ -112,10 +111,10 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
  * \return          \c 0 on success.
  * \return          A cipher-specific error code on failure.
  */
-int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits );
+int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits);
 
 /**
  * \brief           This function performs GCM encryption or decryption of a buffer.
@@ -168,17 +167,17 @@ int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
  *                  not valid or a cipher-specific error code if the encryption
  *                  or decryption failed.
  */
-int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
-                       int mode,
-                       size_t length,
-                       const unsigned char *iv,
-                       size_t iv_len,
-                       const unsigned char *add,
-                       size_t add_len,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t tag_len,
-                       unsigned char *tag );
+int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx,
+                              int mode,
+                              size_t length,
+                              const unsigned char *iv,
+                              size_t iv_len,
+                              const unsigned char *add,
+                              size_t add_len,
+                              const unsigned char *input,
+                              unsigned char *output,
+                              size_t tag_len,
+                              unsigned char *tag);
 
 /**
  * \brief           This function performs a GCM authenticated decryption of a
@@ -213,16 +212,16 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
  *                  not valid or a cipher-specific error code if the decryption
  *                  failed.
  */
-int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
-                      size_t length,
-                      const unsigned char *iv,
-                      size_t iv_len,
-                      const unsigned char *add,
-                      size_t add_len,
-                      const unsigned char *tag,
-                      size_t tag_len,
-                      const unsigned char *input,
-                      unsigned char *output );
+int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx,
+                             size_t length,
+                             const unsigned char *iv,
+                             size_t iv_len,
+                             const unsigned char *add,
+                             size_t add_len,
+                             const unsigned char *tag,
+                             size_t tag_len,
+                             const unsigned char *input,
+                             unsigned char *output);
 
 /**
  * \brief           This function starts a GCM encryption or decryption
@@ -241,12 +240,12 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
  *
  * \return          \c 0 on success.
  */
-int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
-                int mode,
-                const unsigned char *iv,
-                size_t iv_len,
-                const unsigned char *add,
-                size_t add_len );
+int mbedtls_gcm_starts(mbedtls_gcm_context *ctx,
+                       int mode,
+                       const unsigned char *iv,
+                       size_t iv_len,
+                       const unsigned char *add,
+                       size_t add_len);
 
 /**
  * \brief           This function feeds an input buffer into an ongoing GCM
@@ -273,10 +272,10 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
  */
-int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
-                size_t length,
-                const unsigned char *input,
-                unsigned char *output );
+int mbedtls_gcm_update(mbedtls_gcm_context *ctx,
+                       size_t length,
+                       const unsigned char *input,
+                       unsigned char *output);
 
 /**
  * \brief           This function finishes the GCM operation and generates
@@ -294,9 +293,9 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
  * \return          \c 0 on success.
  * \return          #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
  */
-int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
-                unsigned char *tag,
-                size_t tag_len );
+int mbedtls_gcm_finish(mbedtls_gcm_context *ctx,
+                       unsigned char *tag,
+                       size_t tag_len);
 
 /**
  * \brief           This function clears a GCM context and the underlying
@@ -305,7 +304,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
  * \param ctx       The GCM context to clear. If this is \c NULL, the call has
  *                  no effect. Otherwise, this must be initialized.
  */
-void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
+void mbedtls_gcm_free(mbedtls_gcm_context *ctx);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -315,7 +314,7 @@ void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_gcm_self_test( int verbose );
+int mbedtls_gcm_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/havege.h

@@ -40,8 +40,7 @@ extern "C" {
 /**
  * \brief          HAVEGE state structure
  */
-typedef struct mbedtls_havege_state
-{
+typedef struct mbedtls_havege_state {
     uint32_t PT1, PT2, offset[2];
     uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
     uint32_t WALK[8192];
@@ -53,14 +52,14 @@ mbedtls_havege_state;
  *
  * \param hs       HAVEGE state to be initialized
  */
-void mbedtls_havege_init( mbedtls_havege_state *hs );
+void mbedtls_havege_init(mbedtls_havege_state *hs);
 
 /**
  * \brief          Clear HAVEGE state
  *
  * \param hs       HAVEGE state to be cleared
  */
-void mbedtls_havege_free( mbedtls_havege_state *hs );
+void mbedtls_havege_free(mbedtls_havege_state *hs);
 
 /**
  * \brief          HAVEGE rand function
@@ -71,7 +70,7 @@ void mbedtls_havege_free( mbedtls_havege_state *hs );
  *
  * \return         0
  */
-int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len );
+int mbedtls_havege_random(void *p_rng, unsigned char *output, size_t len);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/hkdf.h

@@ -69,10 +69,10 @@ extern "C" {
  *  \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
  *          MD layer.
  */
-int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
-                  size_t salt_len, const unsigned char *ikm, size_t ikm_len,
-                  const unsigned char *info, size_t info_len,
-                  unsigned char *okm, size_t okm_len );
+int mbedtls_hkdf(const mbedtls_md_info_t *md, const unsigned char *salt,
+                 size_t salt_len, const unsigned char *ikm, size_t ikm_len,
+                 const unsigned char *info, size_t info_len,
+                 unsigned char *okm, size_t okm_len);
 
 /**
  *  \brief  Take the input keying material \p ikm and extract from it a
@@ -98,10 +98,10 @@ int mbedtls_hkdf( const mbedtls_md_info_t *md, const unsigned char *salt,
  *  \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
  *          MD layer.
  */
-int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
-                          const unsigned char *salt, size_t salt_len,
-                          const unsigned char *ikm, size_t ikm_len,
-                          unsigned char *prk );
+int mbedtls_hkdf_extract(const mbedtls_md_info_t *md,
+                         const unsigned char *salt, size_t salt_len,
+                         const unsigned char *ikm, size_t ikm_len,
+                         unsigned char *prk);
 
 /**
  *  \brief  Expand the supplied \p prk into several additional pseudorandom
@@ -129,9 +129,9 @@ int mbedtls_hkdf_extract( const mbedtls_md_info_t *md,
  *  \return An MBEDTLS_ERR_MD_* error for errors returned from the underlying
  *          MD layer.
  */
-int mbedtls_hkdf_expand( const mbedtls_md_info_t *md, const unsigned char *prk,
-                         size_t prk_len, const unsigned char *info,
-                         size_t info_len, unsigned char *okm, size_t okm_len );
+int mbedtls_hkdf_expand(const mbedtls_md_info_t *md, const unsigned char *prk,
+                        size_t prk_len, const unsigned char *info,
+                        size_t info_len, unsigned char *okm, size_t okm_len);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/hmac_drbg.h

@@ -86,8 +86,7 @@ extern "C" {
 /**
  * HMAC_DRBG context.
  */
-typedef struct mbedtls_hmac_drbg_context
-{
+typedef struct mbedtls_hmac_drbg_context {
     /* Working state: the key K is not stored explicitly,
      * but is implied by the HMAC context */
     mbedtls_md_context_t md_ctx;                    /*!< HMAC context (inc. K)  */
@@ -129,7 +128,7 @@ typedef struct mbedtls_hmac_drbg_context
  *
  * \param ctx           HMAC_DRBG context to be initialized.
  */
-void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
+void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
 
 /**
  * \brief               HMAC_DRBG initial seeding.
@@ -199,12 +198,12 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
  * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
  *                      if the call to \p f_entropy failed.
  */
-int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
-                    const mbedtls_md_info_t * md_info,
-                    int (*f_entropy)(void *, unsigned char *, size_t),
-                    void *p_entropy,
-                    const unsigned char *custom,
-                    size_t len );
+int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
+                           const mbedtls_md_info_t *md_info,
+                           int (*f_entropy)(void *, unsigned char *, size_t),
+                           void *p_entropy,
+                           const unsigned char *custom,
+                           size_t len);
 
 /**
  * \brief               Initialisation of simplified HMAC_DRBG (never reseeds).
@@ -234,9 +233,9 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
  * \return              #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
  *                      memory to allocate context data.
  */
-int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
-                        const mbedtls_md_info_t * md_info,
-                        const unsigned char *data, size_t data_len );
+int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
+                               const mbedtls_md_info_t *md_info,
+                               const unsigned char *data, size_t data_len);
 
 /**
  * \brief               This function turns prediction resistance on or off.
@@ -251,8 +250,8 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
  * \param ctx           The HMAC_DRBG context.
  * \param resistance    #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
  */
-void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
-                                          int resistance );
+void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
+                                                 int resistance);
 
 /**
  * \brief               This function sets the amount of entropy grabbed on each
@@ -263,8 +262,8 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx
  * \param ctx           The HMAC_DRBG context.
  * \param len           The amount of entropy to grab, in bytes.
  */
-void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
-                                size_t len );
+void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx,
+                                       size_t len);
 
 /**
  * \brief               Set the reseed interval.
@@ -278,8 +277,8 @@ void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
  * \param ctx           The HMAC_DRBG context.
  * \param interval      The reseed interval.
  */
-void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
-                                    int interval );
+void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx,
+                                           int interval);
 
 /**
  * \brief               This function updates the state of the HMAC_DRBG context.
@@ -298,8 +297,8 @@ void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
  * \return              \c 0 on success, or an error from the underlying
  *                      hash calculation.
  */
-int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
-                       const unsigned char *additional, size_t add_len );
+int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx,
+                                 const unsigned char *additional, size_t add_len);
 
 /**
  * \brief               This function reseeds the HMAC_DRBG context, that is
@@ -325,8 +324,8 @@ int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
  * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
  *                      if a call to the entropy function failed.
  */
-int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
-                      const unsigned char *additional, size_t len );
+int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
+                             const unsigned char *additional, size_t len);
 
 /**
  * \brief   This function updates an HMAC_DRBG instance with additional
@@ -359,10 +358,10 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
  * \return              #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
  *                      \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
  */
-int mbedtls_hmac_drbg_random_with_add( void *p_rng,
-                               unsigned char *output, size_t output_len,
-                               const unsigned char *additional,
-                               size_t add_len );
+int mbedtls_hmac_drbg_random_with_add(void *p_rng,
+                                      unsigned char *output, size_t output_len,
+                                      const unsigned char *additional,
+                                      size_t add_len);
 
 /**
  * \brief   This function uses HMAC_DRBG to generate random data.
@@ -391,7 +390,7 @@ int mbedtls_hmac_drbg_random_with_add( void *p_rng,
  * \return              #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
  *                      \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
  */
-int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
+int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
 
 /**
  * \brief               This function resets HMAC_DRBG context to the state immediately
@@ -399,9 +398,9 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len
  *
  * \param ctx           The HMAC_DRBG context to free.
  */
-void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
+void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx);
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -421,7 +420,7 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
  */
 MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update(
     mbedtls_hmac_drbg_context *ctx,
-    const unsigned char *additional, size_t add_len );
+    const unsigned char *additional, size_t add_len);
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
@@ -437,7 +436,7 @@ MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update(
  * \return              #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
  *                      failure.
  */
-int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
+int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
 
 /**
  * \brief               This function reads and updates a seed file. The seed
@@ -453,7 +452,7 @@ int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const cha
  * \return              #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
  *                      seed file is too large.
  */
-int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
+int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 
@@ -464,7 +463,7 @@ int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const ch
  * \return              \c 0 if successful.
  * \return              \c 1 if the test failed.
  */
-int mbedtls_hmac_drbg_self_test( int verbose );
+int mbedtls_hmac_drbg_self_test(int verbose);
 #endif
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/md.h

@@ -1,4 +1,4 @@
- /**
+/**
  * \file md.h
  *
  * \brief This file contains the generic message-digest wrapper.
@@ -92,8 +92,7 @@ typedef struct mbedtls_md_info_t mbedtls_md_info_t;
 /**
  * The generic message-digest context.
  */
-typedef struct mbedtls_md_context_t
-{
+typedef struct mbedtls_md_context_t {
     /** Information about the associated message digest. */
     const mbedtls_md_info_t *md_info;
 
@@ -115,7 +114,7 @@ typedef struct mbedtls_md_context_t
  *                  message-digest enumeration #mbedtls_md_type_t.
  *                  The last entry is 0.
  */
-const int *mbedtls_md_list( void );
+const int *mbedtls_md_list(void);
 
 /**
  * \brief           This function returns the message-digest information
@@ -126,7 +125,7 @@ const int *mbedtls_md_list( void );
  * \return          The message-digest information associated with \p md_name.
  * \return          NULL if the associated message-digest information is not found.
  */
-const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
+const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name);
 
 /**
  * \brief           This function returns the message-digest information
@@ -137,7 +136,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
  * \return          The message-digest information associated with \p md_type.
  * \return          NULL if the associated message-digest information is not found.
  */
-const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
+const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type);
 
 /**
  * \brief           This function initializes a message-digest context without
@@ -147,7 +146,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
  *                  context for mbedtls_md_setup() for binding it to a
  *                  message-digest algorithm.
  */
-void mbedtls_md_init( mbedtls_md_context_t *ctx );
+void mbedtls_md_init(mbedtls_md_context_t *ctx);
 
 /**
  * \brief           This function clears the internal structure of \p ctx and
@@ -162,9 +161,9 @@ void mbedtls_md_init( mbedtls_md_context_t *ctx );
  *                  You must not call this function if you have not called
  *                  mbedtls_md_init().
  */
-void mbedtls_md_free( mbedtls_md_context_t *ctx );
+void mbedtls_md_free(mbedtls_md_context_t *ctx);
 
-#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED    __attribute__((deprecated))
 #else
@@ -188,7 +187,8 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
  *                  failure.
  * \return          #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
  */
-int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
+int mbedtls_md_init_ctx(mbedtls_md_context_t *ctx,
+                        const mbedtls_md_info_t *md_info) MBEDTLS_DEPRECATED;
 #undef MBEDTLS_DEPRECATED
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -212,7 +212,7 @@ int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_
  * \return          #MBEDTLS_ERR_MD_ALLOC_FAILED on memory-allocation failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
+int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac);
 
 /**
  * \brief           This function clones the state of a message-digest
@@ -234,8 +234,8 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf
  * \return          #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_clone( mbedtls_md_context_t *dst,
-                      const mbedtls_md_context_t *src );
+int mbedtls_md_clone(mbedtls_md_context_t *dst,
+                     const mbedtls_md_context_t *src);
 
 /**
  * \brief           This function extracts the message-digest size from the
@@ -246,7 +246,7 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst,
  *
  * \return          The size of the message-digest output in Bytes.
  */
-unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
+unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
 
 /**
  * \brief           This function extracts the message-digest type from the
@@ -257,7 +257,7 @@ unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
  *
  * \return          The type of the message digest.
  */
-mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
+mbedtls_md_type_t mbedtls_md_get_type(const mbedtls_md_info_t *md_info);
 
 /**
  * \brief           This function extracts the message-digest name from the
@@ -268,7 +268,7 @@ mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
  *
  * \return          The name of the message digest.
  */
-const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
+const char *mbedtls_md_get_name(const mbedtls_md_info_t *md_info);
 
 /**
  * \brief           This function starts a message-digest computation.
@@ -284,7 +284,7 @@ const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_starts( mbedtls_md_context_t *ctx );
+int mbedtls_md_starts(mbedtls_md_context_t *ctx);
 
 /**
  * \brief           This function feeds an input buffer into an ongoing
@@ -303,7 +303,7 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx );
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
+int mbedtls_md_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen);
 
 /**
  * \brief           This function finishes the digest operation,
@@ -324,7 +324,7 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
+int mbedtls_md_finish(mbedtls_md_context_t *ctx, unsigned char *output);
 
 /**
  * \brief          This function calculates the message-digest of a buffer,
@@ -345,8 +345,8 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
  *                 failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
-        unsigned char *output );
+int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+               unsigned char *output);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -367,8 +367,8 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si
  * \return         #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
-                     unsigned char *output );
+int mbedtls_md_file(const mbedtls_md_info_t *md_info, const char *path,
+                    unsigned char *output);
 #endif /* MBEDTLS_FS_IO */
 
 /**
@@ -390,8 +390,8 @@ int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
-                    size_t keylen );
+int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key,
+                           size_t keylen);
 
 /**
  * \brief           This function feeds an input buffer into an ongoing HMAC
@@ -413,8 +413,8 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
-                    size_t ilen );
+int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief           This function finishes the HMAC operation, and writes
@@ -435,7 +435,7 @@ int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *inpu
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
+int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output);
 
 /**
  * \brief           This function prepares to authenticate a new message with
@@ -453,7 +453,7 @@ int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
  *                  failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
+int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx);
 
 /**
  * \brief          This function calculates the full generic HMAC
@@ -478,13 +478,13 @@ int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
  *                 failure.
  */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output );
+int mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output);
 
 /* Internal use */
 MBEDTLS_CHECK_RETURN_TYPICAL
-int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
+int mbedtls_md_process(mbedtls_md_context_t *ctx, const unsigned char *data);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/md2.h

@@ -55,8 +55,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_md2_context
-{
+typedef struct mbedtls_md2_context {
     unsigned char cksum[16];    /*!< checksum of the data block */
     unsigned char state[48];    /*!< intermediate digest state  */
     unsigned char buffer[16];   /*!< data block being processed */
@@ -78,7 +77,7 @@ mbedtls_md2_context;
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md2_init( mbedtls_md2_context *ctx );
+void mbedtls_md2_init(mbedtls_md2_context *ctx);
 
 /**
  * \brief          Clear MD2 context
@@ -90,7 +89,7 @@ void mbedtls_md2_init( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md2_free( mbedtls_md2_context *ctx );
+void mbedtls_md2_free(mbedtls_md2_context *ctx);
 
 /**
  * \brief          Clone (the state of) an MD2 context
@@ -103,8 +102,8 @@ void mbedtls_md2_free( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
-                        const mbedtls_md2_context *src );
+void mbedtls_md2_clone(mbedtls_md2_context *dst,
+                       const mbedtls_md2_context *src);
 
 /**
  * \brief          MD2 context setup
@@ -118,7 +117,7 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
+int mbedtls_md2_starts_ret(mbedtls_md2_context *ctx);
 
 /**
  * \brief          MD2 process buffer
@@ -134,9 +133,9 @@ int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen );
+int mbedtls_md2_update_ret(mbedtls_md2_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief          MD2 final digest
@@ -151,8 +150,8 @@ int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
-                            unsigned char output[16] );
+int mbedtls_md2_finish_ret(mbedtls_md2_context *ctx,
+                           unsigned char output[16]);
 
 /**
  * \brief          MD2 process data block (internal use only)
@@ -166,7 +165,7 @@ int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
+int mbedtls_internal_md2_process(mbedtls_md2_context *ctx);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -186,7 +185,7 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md2_starts(mbedtls_md2_context *ctx);
 
 /**
  * \brief          MD2 process buffer
@@ -202,9 +201,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_starts( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx,
-                                            const unsigned char *input,
-                                            size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_md2_update(mbedtls_md2_context *ctx,
+                                           const unsigned char *input,
+                                           size_t ilen);
 
 /**
  * \brief          MD2 final digest
@@ -219,8 +218,8 @@ MBEDTLS_DEPRECATED void mbedtls_md2_update( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx,
-                                            unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md2_finish(mbedtls_md2_context *ctx,
+                                           unsigned char output[16]);
 
 /**
  * \brief          MD2 process data block (internal use only)
@@ -234,7 +233,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2_finish( mbedtls_md2_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md2_process(mbedtls_md2_context *ctx);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -251,9 +250,9 @@ MBEDTLS_DEPRECATED void mbedtls_md2_process( mbedtls_md2_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] );
+int mbedtls_md2_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -275,9 +274,9 @@ int mbedtls_md2_ret( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
-                                     size_t ilen,
-                                     unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md2(const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -294,7 +293,7 @@ MBEDTLS_DEPRECATED void mbedtls_md2( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md2_self_test( int verbose );
+int mbedtls_md2_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/md4.h

@@ -56,8 +56,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_md4_context
-{
+typedef struct mbedtls_md4_context {
     uint32_t total[2];          /*!< number of bytes processed  */
     uint32_t state[4];          /*!< intermediate digest state  */
     unsigned char buffer[64];   /*!< data block being processed */
@@ -78,7 +77,7 @@ mbedtls_md4_context;
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md4_init( mbedtls_md4_context *ctx );
+void mbedtls_md4_init(mbedtls_md4_context *ctx);
 
 /**
  * \brief          Clear MD4 context
@@ -90,7 +89,7 @@ void mbedtls_md4_init( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md4_free( mbedtls_md4_context *ctx );
+void mbedtls_md4_free(mbedtls_md4_context *ctx);
 
 /**
  * \brief          Clone (the state of) an MD4 context
@@ -103,8 +102,8 @@ void mbedtls_md4_free( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
-                        const mbedtls_md4_context *src );
+void mbedtls_md4_clone(mbedtls_md4_context *dst,
+                       const mbedtls_md4_context *src);
 
 /**
  * \brief          MD4 context setup
@@ -117,7 +116,7 @@ void mbedtls_md4_clone( mbedtls_md4_context *dst,
  *                 constitutes a security risk. We recommend considering
  *                 stronger message digests instead.
  */
-int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
+int mbedtls_md4_starts_ret(mbedtls_md4_context *ctx);
 
 /**
  * \brief          MD4 process buffer
@@ -133,9 +132,9 @@ int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen );
+int mbedtls_md4_update_ret(mbedtls_md4_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief          MD4 final digest
@@ -150,8 +149,8 @@ int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
-                            unsigned char output[16] );
+int mbedtls_md4_finish_ret(mbedtls_md4_context *ctx,
+                           unsigned char output[16]);
 
 /**
  * \brief          MD4 process data block (internal use only)
@@ -166,8 +165,8 @@ int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
-                                  const unsigned char data[64] );
+int mbedtls_internal_md4_process(mbedtls_md4_context *ctx,
+                                 const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -187,7 +186,7 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md4_starts(mbedtls_md4_context *ctx);
 
 /**
  * \brief          MD4 process buffer
@@ -203,9 +202,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_starts( mbedtls_md4_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
-                                            const unsigned char *input,
-                                            size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_md4_update(mbedtls_md4_context *ctx,
+                                           const unsigned char *input,
+                                           size_t ilen);
 
 /**
  * \brief          MD4 final digest
@@ -220,8 +219,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_update( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
-                                            unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md4_finish(mbedtls_md4_context *ctx,
+                                           unsigned char output[16]);
 
 /**
  * \brief          MD4 process data block (internal use only)
@@ -236,8 +235,8 @@ MBEDTLS_DEPRECATED void mbedtls_md4_finish( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
-                                             const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_md4_process(mbedtls_md4_context *ctx,
+                                            const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -256,9 +255,9 @@ MBEDTLS_DEPRECATED void mbedtls_md4_process( mbedtls_md4_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] );
+int mbedtls_md4_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -280,9 +279,9 @@ int mbedtls_md4_ret( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
-                                     size_t ilen,
-                                     unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md4(const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -299,7 +298,7 @@ MBEDTLS_DEPRECATED void mbedtls_md4( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md4_self_test( int verbose );
+int mbedtls_md4_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/md5.h

@@ -55,8 +55,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_md5_context
-{
+typedef struct mbedtls_md5_context {
     uint32_t total[2];          /*!< number of bytes processed  */
     uint32_t state[4];          /*!< intermediate digest state  */
     unsigned char buffer[64];   /*!< data block being processed */
@@ -77,7 +76,7 @@ mbedtls_md5_context;
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md5_init( mbedtls_md5_context *ctx );
+void mbedtls_md5_init(mbedtls_md5_context *ctx);
 
 /**
  * \brief          Clear MD5 context
@@ -89,7 +88,7 @@ void mbedtls_md5_init( mbedtls_md5_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md5_free( mbedtls_md5_context *ctx );
+void mbedtls_md5_free(mbedtls_md5_context *ctx);
 
 /**
  * \brief          Clone (the state of) an MD5 context
@@ -102,8 +101,8 @@ void mbedtls_md5_free( mbedtls_md5_context *ctx );
  *                 stronger message digests instead.
  *
  */
-void mbedtls_md5_clone( mbedtls_md5_context *dst,
-                        const mbedtls_md5_context *src );
+void mbedtls_md5_clone(mbedtls_md5_context *dst,
+                       const mbedtls_md5_context *src);
 
 /**
  * \brief          MD5 context setup
@@ -117,7 +116,7 @@ void mbedtls_md5_clone( mbedtls_md5_context *dst,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
+int mbedtls_md5_starts_ret(mbedtls_md5_context *ctx);
 
 /**
  * \brief          MD5 process buffer
@@ -133,9 +132,9 @@ int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
-                            const unsigned char *input,
-                            size_t ilen );
+int mbedtls_md5_update_ret(mbedtls_md5_context *ctx,
+                           const unsigned char *input,
+                           size_t ilen);
 
 /**
  * \brief          MD5 final digest
@@ -150,8 +149,8 @@ int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
-                            unsigned char output[16] );
+int mbedtls_md5_finish_ret(mbedtls_md5_context *ctx,
+                           unsigned char output[16]);
 
 /**
  * \brief          MD5 process data block (internal use only)
@@ -166,8 +165,8 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
-                                  const unsigned char data[64] );
+int mbedtls_internal_md5_process(mbedtls_md5_context *ctx,
+                                 const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -187,7 +186,7 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_md5_starts(mbedtls_md5_context *ctx);
 
 /**
  * \brief          MD5 process buffer
@@ -203,9 +202,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_starts( mbedtls_md5_context *ctx );
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
-                                            const unsigned char *input,
-                                            size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_md5_update(mbedtls_md5_context *ctx,
+                                           const unsigned char *input,
+                                           size_t ilen);
 
 /**
  * \brief          MD5 final digest
@@ -220,8 +219,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_update( mbedtls_md5_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
-                                            unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md5_finish(mbedtls_md5_context *ctx,
+                                           unsigned char output[16]);
 
 /**
  * \brief          MD5 process data block (internal use only)
@@ -236,8 +235,8 @@ MBEDTLS_DEPRECATED void mbedtls_md5_finish( mbedtls_md5_context *ctx,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx,
-                                             const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_md5_process(mbedtls_md5_context *ctx,
+                                            const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -256,9 +255,9 @@ MBEDTLS_DEPRECATED void mbedtls_md5_process( mbedtls_md5_context *ctx,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md5_ret( const unsigned char *input,
-                     size_t ilen,
-                     unsigned char output[16] );
+int mbedtls_md5_ret(const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[16]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -280,9 +279,9 @@ int mbedtls_md5_ret( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
-                                     size_t ilen,
-                                     unsigned char output[16] );
+MBEDTLS_DEPRECATED void mbedtls_md5(const unsigned char *input,
+                                    size_t ilen,
+                                    unsigned char output[16]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -299,7 +298,7 @@ MBEDTLS_DEPRECATED void mbedtls_md5( const unsigned char *input,
  *                 stronger message digests instead.
  *
  */
-int mbedtls_md5_self_test( int verbose );
+int mbedtls_md5_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/md_internal.h

@@ -42,10 +42,9 @@ extern "C" {
  * Message digest information.
  * Allows message digest functions to be called in a generic way.
  */
-struct mbedtls_md_info_t
-{
+struct mbedtls_md_info_t {
     /** Name of the message digest */
-    const char * name;
+    const char *name;
 
     /** Digest identifier */
     mbedtls_md_type_t type;

thirdparty/mbedtls/include/mbedtls/memory_buffer_alloc.h

@@ -47,7 +47,8 @@
 #define MBEDTLS_MEMORY_VERIFY_NONE         0
 #define MBEDTLS_MEMORY_VERIFY_ALLOC        (1 << 0)
 #define MBEDTLS_MEMORY_VERIFY_FREE         (1 << 1)
-#define MBEDTLS_MEMORY_VERIFY_ALWAYS       (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE)
+#define MBEDTLS_MEMORY_VERIFY_ALWAYS       (MBEDTLS_MEMORY_VERIFY_ALLOC | \
+                                            MBEDTLS_MEMORY_VERIFY_FREE)
 
 #ifdef __cplusplus
 extern "C" {
@@ -68,12 +69,12 @@ extern "C" {
  * \param buf   buffer to use as heap
  * \param len   size of the buffer
  */
-void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len );
+void mbedtls_memory_buffer_alloc_init(unsigned char *buf, size_t len);
 
 /**
  * \brief   Free the mutex for thread-safety and clear remaining memory
  */
-void mbedtls_memory_buffer_alloc_free( void );
+void mbedtls_memory_buffer_alloc_free(void);
 
 /**
  * \brief   Determine when the allocator should automatically verify the state
@@ -83,7 +84,7 @@ void mbedtls_memory_buffer_alloc_free( void );
  * \param verify    One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
  *                  MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
  */
-void mbedtls_memory_buffer_set_verify( int verify );
+void mbedtls_memory_buffer_set_verify(int verify);
 
 #if defined(MBEDTLS_MEMORY_DEBUG)
 /**
@@ -92,7 +93,7 @@ void mbedtls_memory_buffer_set_verify( int verify );
  *          Prints out a list of 'still allocated' blocks and their stack
  *          trace if MBEDTLS_MEMORY_BACKTRACE is defined.
  */
-void mbedtls_memory_buffer_alloc_status( void );
+void mbedtls_memory_buffer_alloc_status(void);
 
 /**
  * \brief   Get the peak heap usage so far
@@ -102,12 +103,12 @@ void mbedtls_memory_buffer_alloc_status( void );
  *                      into smaller blocks but larger than the requested size.
  * \param max_blocks    Peak number of blocks in use, including free and used
  */
-void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
+void mbedtls_memory_buffer_alloc_max_get(size_t *max_used, size_t *max_blocks);
 
 /**
  * \brief   Reset peak statistics
  */
-void mbedtls_memory_buffer_alloc_max_reset( void );
+void mbedtls_memory_buffer_alloc_max_reset(void);
 
 /**
  * \brief   Get the current heap usage
@@ -117,7 +118,7 @@ void mbedtls_memory_buffer_alloc_max_reset( void );
  *                      into smaller blocks but larger than the requested size.
  * \param cur_blocks    Current number of blocks in use, including free and used
  */
-void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
+void mbedtls_memory_buffer_alloc_cur_get(size_t *cur_used, size_t *cur_blocks);
 #endif /* MBEDTLS_MEMORY_DEBUG */
 
 /**
@@ -131,7 +132,7 @@ void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
  *
  * \return             0 if verified, 1 otherwise
  */
-int mbedtls_memory_buffer_alloc_verify( void );
+int mbedtls_memory_buffer_alloc_verify(void);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -139,7 +140,7 @@ int mbedtls_memory_buffer_alloc_verify( void );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_memory_buffer_alloc_self_test( int verbose );
+int mbedtls_memory_buffer_alloc_self_test(int verbose);
 #endif
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/net_sockets.h

@@ -95,8 +95,7 @@ extern "C" {
  * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
  * structures for hand-made UDP demultiplexing).
  */
-typedef struct mbedtls_net_context
-{
+typedef struct mbedtls_net_context {
     int fd;             /**< The underlying file descriptor                 */
 }
 mbedtls_net_context;
@@ -107,7 +106,7 @@ mbedtls_net_context;
  *
  * \param ctx      Context to initialize
  */
-void mbedtls_net_init( mbedtls_net_context *ctx );
+void mbedtls_net_init(mbedtls_net_context *ctx);
 
 /**
  * \brief          Initiate a connection with host:port in the given protocol
@@ -124,7 +123,7 @@ void mbedtls_net_init( mbedtls_net_context *ctx );
  *
  * \note           Sets the socket in connected mode even with UDP.
  */
-int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto );
+int mbedtls_net_connect(mbedtls_net_context *ctx, const char *host, const char *port, int proto);
 
 /**
  * \brief          Create a receiving socket on bind_ip:port in the chosen
@@ -144,7 +143,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char
  * \note           Regardless of the protocol, opens the sockets and binds it.
  *                 In addition, make the socket listening if protocol is TCP.
  */
-int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto );
+int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto);
 
 /**
  * \brief           Accept a connection from a remote client
@@ -164,9 +163,9 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char
  *                  MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
  *                  non-blocking and accept() would block.
  */
-int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
-                        mbedtls_net_context *client_ctx,
-                        void *client_ip, size_t buf_size, size_t *ip_len );
+int mbedtls_net_accept(mbedtls_net_context *bind_ctx,
+                       mbedtls_net_context *client_ctx,
+                       void *client_ip, size_t buf_size, size_t *ip_len);
 
 /**
  * \brief          Check and wait for the context to be ready for read/write
@@ -193,7 +192,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
  * \return         Bitmask composed of MBEDTLS_NET_POLL_READ/WRITE
  *                 on success or timeout, or a negative return code otherwise.
  */
-int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout );
+int mbedtls_net_poll(mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout);
 
 /**
  * \brief          Set the socket blocking
@@ -202,7 +201,7 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout );
  *
  * \return         0 if successful, or a non-zero error code
  */
-int mbedtls_net_set_block( mbedtls_net_context *ctx );
+int mbedtls_net_set_block(mbedtls_net_context *ctx);
 
 /**
  * \brief          Set the socket non-blocking
@@ -211,7 +210,7 @@ int mbedtls_net_set_block( mbedtls_net_context *ctx );
  *
  * \return         0 if successful, or a non-zero error code
  */
-int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
+int mbedtls_net_set_nonblock(mbedtls_net_context *ctx);
 
 /**
  * \brief          Portable usleep helper
@@ -221,7 +220,7 @@ int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
  * \note           Real amount of time slept will not be less than
  *                 select()'s timeout granularity (typically, 10ms).
  */
-void mbedtls_net_usleep( unsigned long usec );
+void mbedtls_net_usleep(unsigned long usec);
 
 /**
  * \brief          Read at most 'len' characters. If no error occurs,
@@ -235,7 +234,7 @@ void mbedtls_net_usleep( unsigned long usec );
  *                 or a non-zero error code; with a non-blocking socket,
  *                 MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
  */
-int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
+int mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len);
 
 /**
  * \brief          Write at most 'len' characters. If no error occurs,
@@ -249,7 +248,7 @@ int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
  *                 or a non-zero error code; with a non-blocking socket,
  *                 MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
  */
-int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
+int mbedtls_net_send(void *ctx, const unsigned char *buf, size_t len);
 
 /**
  * \brief          Read at most 'len' characters, blocking for at most
@@ -277,22 +276,22 @@ int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
  *                 non-blocking. Handling timeouts with non-blocking reads
  *                 requires a different strategy.
  */
-int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
-                      uint32_t timeout );
+int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
+                             uint32_t timeout);
 
 /**
  * \brief          Closes down the connection and free associated data
  *
  * \param ctx      The context to close
  */
-void mbedtls_net_close( mbedtls_net_context *ctx );
+void mbedtls_net_close(mbedtls_net_context *ctx);
 
 /**
  * \brief          Gracefully shutdown the connection and free associated data
  *
  * \param ctx      The context to free
  */
-void mbedtls_net_free( mbedtls_net_context *ctx );
+void mbedtls_net_free(mbedtls_net_context *ctx);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/nist_kw.h

@@ -47,8 +47,7 @@
 extern "C" {
 #endif
 
-typedef enum
-{
+typedef enum {
     MBEDTLS_KW_MODE_KW = 0,
     MBEDTLS_KW_MODE_KWP = 1
 } mbedtls_nist_kw_mode_t;
@@ -80,7 +79,7 @@ typedef struct {
  * \param ctx       The key wrapping context to initialize.
  *
  */
-void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
+void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx);
 
 /**
  * \brief           This function initializes the key wrapping context set in the
@@ -98,11 +97,11 @@ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx );
  *                  which are not supported.
  * \return          cipher-specific error code on failure of the underlying cipher.
  */
-int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
-                            mbedtls_cipher_id_t cipher,
-                            const unsigned char *key,
-                            unsigned int keybits,
-                            const int is_wrap );
+int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,
+                           mbedtls_cipher_id_t cipher,
+                           const unsigned char *key,
+                           unsigned int keybits,
+                           const int is_wrap);
 
 /**
  * \brief   This function releases and clears the specified key wrapping context
@@ -110,7 +109,7 @@ int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx,
  *
  * \param ctx       The key wrapping context to clear.
  */
-void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
+void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx);
 
 /**
  * \brief           This function encrypts a buffer using key wrapping.
@@ -133,9 +132,9 @@ void mbedtls_nist_kw_free( mbedtls_nist_kw_context *ctx );
  * \return          \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.
  * \return          cipher-specific error code on failure of the underlying cipher.
  */
-int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
-                          const unsigned char *input, size_t in_len,
-                          unsigned char *output, size_t* out_len, size_t out_size );
+int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+                         const unsigned char *input, size_t in_len,
+                         unsigned char *output, size_t *out_len, size_t out_size);
 
 /**
  * \brief           This function decrypts a buffer using key wrapping.
@@ -160,9 +159,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t m
  * \return          \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.
  * \return          cipher-specific error code on failure of the underlying cipher.
  */
-int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
-                            const unsigned char *input, size_t in_len,
-                            unsigned char *output, size_t* out_len, size_t out_size);
+int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,
+                           const unsigned char *input, size_t in_len,
+                           unsigned char *output, size_t *out_len, size_t out_size);
 
 
 #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
@@ -172,7 +171,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_nist_kw_self_test( int verbose );
+int mbedtls_nist_kw_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/oid.h

@@ -82,10 +82,10 @@
 #define MBEDTLS_OID_COUNTRY_US                  "\x86\x48"      /* {us(840)} */
 #define MBEDTLS_OID_ORG_RSA_DATA_SECURITY       "\x86\xf7\x0d"  /* {rsadsi(113549)} */
 #define MBEDTLS_OID_RSA_COMPANY                 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
-                                        MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
+        MBEDTLS_OID_ORG_RSA_DATA_SECURITY                                 /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
 #define MBEDTLS_OID_ORG_ANSI_X9_62              "\xce\x3d" /* ansi-X9-62(10045) */
 #define MBEDTLS_OID_ANSI_X9_62                  MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
-                                        MBEDTLS_OID_ORG_ANSI_X9_62
+        MBEDTLS_OID_ORG_ANSI_X9_62
 
 /*
  * ISO Identified organization OID parts
@@ -96,15 +96,18 @@
 #define MBEDTLS_OID_OIW_SECSIG_ALG              MBEDTLS_OID_OIW_SECSIG "\x02"
 #define MBEDTLS_OID_OIW_SECSIG_SHA1             MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
 #define MBEDTLS_OID_ORG_CERTICOM                "\x81\x04"  /* certicom(132) */
-#define MBEDTLS_OID_CERTICOM                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM
+#define MBEDTLS_OID_CERTICOM                    MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_ORG_CERTICOM
 #define MBEDTLS_OID_ORG_TELETRUST               "\x24" /* teletrust(36) */
-#define MBEDTLS_OID_TELETRUST                   MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST
+#define MBEDTLS_OID_TELETRUST                   MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_ORG_TELETRUST
 
 /*
  * ISO ITU OID parts
  */
 #define MBEDTLS_OID_ORGANIZATION                "\x01"          /* {organization(1)} */
-#define MBEDTLS_OID_ISO_ITU_US_ORG              MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
+#define MBEDTLS_OID_ISO_ITU_US_ORG              MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US \
+        MBEDTLS_OID_ORGANIZATION                                                                                            /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
 
 #define MBEDTLS_OID_ORG_GOV                     "\x65"          /* {gov(101)} */
 #define MBEDTLS_OID_GOV                         MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
@@ -122,7 +125,8 @@
  * { iso(1) identified-organization(3) dod(6) internet(1)
  *                      security(5) mechanisms(5) pkix(7) }
  */
-#define MBEDTLS_OID_INTERNET                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01"
+#define MBEDTLS_OID_INTERNET                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD \
+    "\x01"
 #define MBEDTLS_OID_PKIX                        MBEDTLS_OID_INTERNET "\x05\x05\x07"
 
 /*
@@ -254,7 +258,8 @@
 #define MBEDTLS_OID_DIGEST_ALG_MD2              MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
 #define MBEDTLS_OID_DIGEST_ALG_MD4              MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
 #define MBEDTLS_OID_DIGEST_ALG_MD5              MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
-#define MBEDTLS_OID_DIGEST_ALG_SHA1             MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA1             MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_OIW_SECSIG_SHA1                                                                        /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
 #define MBEDTLS_OID_DIGEST_ALG_SHA224           MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
 #define MBEDTLS_OID_DIGEST_ALG_SHA256           MBEDTLS_OID_NIST_ALG "\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
 
@@ -277,7 +282,8 @@
 /*
  * Encryption algorithms
  */
-#define MBEDTLS_OID_DES_CBC                     MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
+#define MBEDTLS_OID_DES_CBC                     MBEDTLS_OID_ISO_IDENTIFIED_ORG \
+        MBEDTLS_OID_OIW_SECSIG_ALG "\x07"                                                                        /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
 #define MBEDTLS_OID_DES_EDE3_CBC                MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
 #define MBEDTLS_OID_AES                         MBEDTLS_OID_NIST_ALG "\x01" /** aes OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithm(4) 1 } */
 
@@ -439,8 +445,7 @@ extern "C" {
 /**
  * \brief Base OID descriptor structure
  */
-typedef struct mbedtls_oid_descriptor_t
-{
+typedef struct mbedtls_oid_descriptor_t {
     const char *asn1;               /*!< OID ASN.1 representation       */
     size_t asn1_len;                /*!< length of asn1                 */
     const char *name;               /*!< official name (e.g. from RFC)  */
@@ -458,7 +463,7 @@ typedef struct mbedtls_oid_descriptor_t
  * \return          Length of the string written (excluding final NULL) or
  *                  MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
  */
-int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid );
+int mbedtls_oid_get_numeric_string(char *buf, size_t size, const mbedtls_asn1_buf *oid);
 
 /**
  * \brief          Translate an X.509 extension OID into local values
@@ -468,7 +473,7 @@ int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_b
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
+int mbedtls_oid_get_x509_ext_type(const mbedtls_asn1_buf *oid, int *ext_type);
 
 /**
  * \brief          Translate an X.509 attribute type OID into the short name
@@ -479,7 +484,7 @@ int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name );
+int mbedtls_oid_get_attr_short_name(const mbedtls_asn1_buf *oid, const char **short_name);
 
 /**
  * \brief          Translate PublicKeyAlgorithm OID into pk_type
@@ -489,7 +494,7 @@ int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **s
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg );
+int mbedtls_oid_get_pk_alg(const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg);
 
 /**
  * \brief          Translate pk_type into PublicKeyAlgorithm OID
@@ -500,8 +505,8 @@ int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_a
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
-                           const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_pk_alg(mbedtls_pk_type_t pk_alg,
+                                  const char **oid, size_t *olen);
 
 #if defined(MBEDTLS_ECP_C)
 /**
@@ -512,7 +517,7 @@ int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id );
+int mbedtls_oid_get_ec_grp(const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id);
 
 /**
  * \brief          Translate EC group identifier into NamedCurve OID
@@ -523,8 +528,8 @@ int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *g
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
-                           const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_ec_grp(mbedtls_ecp_group_id grp_id,
+                                  const char **oid, size_t *olen);
 #endif /* MBEDTLS_ECP_C */
 
 #if defined(MBEDTLS_MD_C)
@@ -537,8 +542,8 @@ int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
-                     mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg );
+int mbedtls_oid_get_sig_alg(const mbedtls_asn1_buf *oid,
+                            mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
 
 /**
  * \brief          Translate SignatureAlgorithm OID into description
@@ -548,7 +553,7 @@ int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_sig_alg_desc(const mbedtls_asn1_buf *oid, const char **desc);
 
 /**
  * \brief          Translate md_type and pk_type into SignatureAlgorithm OID
@@ -560,8 +565,8 @@ int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
-                            const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_sig_alg(mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                                   const char **oid, size_t *olen);
 
 /**
  * \brief          Translate hash algorithm OID into md_type
@@ -571,7 +576,7 @@ int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg );
+int mbedtls_oid_get_md_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg);
 
 /**
  * \brief          Translate hmac algorithm OID into md_type
@@ -581,7 +586,7 @@ int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_a
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac );
+int mbedtls_oid_get_md_hmac(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_hmac);
 #endif /* MBEDTLS_MD_C */
 
 /**
@@ -592,7 +597,7 @@ int mbedtls_oid_get_md_hmac( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_extended_key_usage(const mbedtls_asn1_buf *oid, const char **desc);
 
 /**
  * \brief          Translate certificate policies OID into description
@@ -602,7 +607,7 @@ int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const char **desc );
+int mbedtls_oid_get_certificate_policies(const mbedtls_asn1_buf *oid, const char **desc);
 
 /**
  * \brief          Translate md_type into hash algorithm OID
@@ -613,7 +618,7 @@ int mbedtls_oid_get_certificate_policies( const mbedtls_asn1_buf *oid, const cha
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen );
+int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t *olen);
 
 #if defined(MBEDTLS_CIPHER_C)
 /**
@@ -624,7 +629,7 @@ int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg );
+int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg);
 #endif /* MBEDTLS_CIPHER_C */
 
 #if defined(MBEDTLS_PKCS12_C)
@@ -638,8 +643,8 @@ int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type
  *
  * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
  */
-int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
-                            mbedtls_cipher_type_t *cipher_alg );
+int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
+                                   mbedtls_cipher_type_t *cipher_alg);
 #endif /* MBEDTLS_PKCS12_C */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/padlock.h

@@ -74,7 +74,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-int mbedtls_padlock_has_support( int feature );
+int mbedtls_padlock_has_support(int feature);
 
 /**
  * \brief          Internal PadLock AES-ECB block en(de)cryption
@@ -89,10 +89,10 @@ int mbedtls_padlock_has_support( int feature );
  *
  * \return         0 if success, 1 if operation failed
  */
-int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
-                               int mode,
-                               const unsigned char input[16],
-                               unsigned char output[16] );
+int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx,
+                              int mode,
+                              const unsigned char input[16],
+                              unsigned char output[16]);
 
 /**
  * \brief          Internal PadLock AES-CBC buffer en(de)cryption
@@ -109,12 +109,12 @@ int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
  *
  * \return         0 if success, 1 if operation failed
  */
-int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
-                               int mode,
-                               size_t length,
-                               unsigned char iv[16],
-                               const unsigned char *input,
-                               unsigned char *output );
+int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx,
+                              int mode,
+                              size_t length,
+                              unsigned char iv[16],
+                              const unsigned char *input,
+                              unsigned char *output);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/pem.h

@@ -64,8 +64,7 @@ extern "C" {
 /**
  * \brief       PEM context structure
  */
-typedef struct mbedtls_pem_context
-{
+typedef struct mbedtls_pem_context {
     unsigned char *buf;     /*!< buffer for decoded data             */
     size_t buflen;          /*!< length of the buffer                */
     unsigned char *info;    /*!< buffer for extra header information */
@@ -77,7 +76,7 @@ mbedtls_pem_context;
  *
  * \param ctx   context to be initialized
  */
-void mbedtls_pem_init( mbedtls_pem_context *ctx );
+void mbedtls_pem_init(mbedtls_pem_context *ctx);
 
 /**
  * \brief       Read a buffer for PEM information and store the resulting
@@ -101,17 +100,17 @@ void mbedtls_pem_init( mbedtls_pem_context *ctx );
  *
  * \return          0 on success, or a specific PEM error code
  */
-int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
-                     const unsigned char *data,
-                     const unsigned char *pwd,
-                     size_t pwdlen, size_t *use_len );
+int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const char *footer,
+                            const unsigned char *data,
+                            const unsigned char *pwd,
+                            size_t pwdlen, size_t *use_len);
 
 /**
  * \brief       PEM context memory freeing
  *
  * \param ctx   context to be freed
  */
-void mbedtls_pem_free( mbedtls_pem_context *ctx );
+void mbedtls_pem_free(mbedtls_pem_context *ctx);
 #endif /* MBEDTLS_PEM_PARSE_C */
 
 #if defined(MBEDTLS_PEM_WRITE_C)
@@ -141,9 +140,9 @@ void mbedtls_pem_free( mbedtls_pem_context *ctx );
  *                  the required minimum size of \p buf.
  * \return          Another PEM or BASE64 error code on other kinds of failure.
  */
-int mbedtls_pem_write_buffer( const char *header, const char *footer,
-                      const unsigned char *der_data, size_t der_len,
-                      unsigned char *buf, size_t buf_len, size_t *olen );
+int mbedtls_pem_write_buffer(const char *header, const char *footer,
+                             const unsigned char *der_data, size_t der_len,
+                             unsigned char *buf, size_t buf_len, size_t *olen);
 #endif /* MBEDTLS_PEM_WRITE_C */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/pk.h

@@ -47,7 +47,7 @@
 #include "psa/crypto.h"
 #endif
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -107,8 +107,7 @@ typedef enum {
  * \brief           Options for RSASSA-PSS signature verification.
  *                  See \c mbedtls_rsa_rsassa_pss_verify_ext()
  */
-typedef struct mbedtls_pk_rsassa_pss_options
-{
+typedef struct mbedtls_pk_rsassa_pss_options {
     mbedtls_md_type_t mgf1_hash_id;
     int expected_salt_len;
 
@@ -128,7 +127,7 @@ typedef struct mbedtls_pk_rsassa_pss_options
  */
 #define MBEDTLS_PK_SIGNATURE_MAX_SIZE 0
 
-#if ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT) ) && \
+#if (defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_RSA_ALT_SUPPORT)) && \
     MBEDTLS_MPI_MAX_SIZE > MBEDTLS_PK_SIGNATURE_MAX_SIZE
 /* For RSA, the signature can be as large as the bignum module allows.
  * For RSA_ALT, the signature size is not necessarily tied to what the
@@ -162,15 +161,14 @@ typedef struct mbedtls_pk_rsassa_pss_options
  * types, lengths (represented by up to 2 bytes), and potential leading
  * zeros of the INTEGERs and the SEQUENCE. */
 #undef MBEDTLS_PK_SIGNATURE_MAX_SIZE
-#define MBEDTLS_PK_SIGNATURE_MAX_SIZE ( PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11 )
+#define MBEDTLS_PK_SIGNATURE_MAX_SIZE (PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE + 11)
 #endif
 #endif /* defined(MBEDTLS_USE_PSA_CRYPTO) */
 
 /**
  * \brief           Types for interfacing with the debug module
  */
-typedef enum
-{
+typedef enum {
     MBEDTLS_PK_DEBUG_NONE = 0,
     MBEDTLS_PK_DEBUG_MPI,
     MBEDTLS_PK_DEBUG_ECP,
@@ -179,8 +177,7 @@ typedef enum
 /**
  * \brief           Item to send to the debug module
  */
-typedef struct mbedtls_pk_debug_item
-{
+typedef struct mbedtls_pk_debug_item {
     mbedtls_pk_debug_type type;
     const char *name;
     void *value;
@@ -197,20 +194,18 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
 /**
  * \brief           Public key container
  */
-typedef struct mbedtls_pk_context
-{
-    const mbedtls_pk_info_t *   pk_info; /**< Public key information         */
-    void *                      pk_ctx;  /**< Underlying public key context  */
+typedef struct mbedtls_pk_context {
+    const mbedtls_pk_info_t *pk_info;    /**< Public key information         */
+    void *pk_ctx;                        /**< Underlying public key context  */
 } mbedtls_pk_context;
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
 /**
  * \brief           Context for resuming operations
  */
-typedef struct
-{
-    const mbedtls_pk_info_t *   pk_info; /**< Public key information         */
-    void *                      rs_ctx;  /**< Underlying restart context     */
+typedef struct {
+    const mbedtls_pk_info_t *pk_info;    /**< Public key information         */
+    void *rs_ctx;                        /**< Underlying restart context     */
 } mbedtls_pk_restart_ctx;
 #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
 /* Now we can declare functions that take a pointer to that */
@@ -221,14 +216,16 @@ typedef void mbedtls_pk_restart_ctx;
 /**
  * \brief           Types for RSA-alt abstraction
  */
-typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
-                    const unsigned char *input, unsigned char *output,
-                    size_t output_max_len );
-typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                    int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
-                    const unsigned char *hash, unsigned char *sig );
-typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
+typedef int (*mbedtls_pk_rsa_alt_decrypt_func)(void *ctx, int mode, size_t *olen,
+                                               const unsigned char *input, unsigned char *output,
+                                               size_t output_max_len);
+typedef int (*mbedtls_pk_rsa_alt_sign_func)(void *ctx,
+                                            int (*f_rng)(void *, unsigned char *, size_t),
+                                            void *p_rng,
+                                            int mode, mbedtls_md_type_t md_alg,
+                                            unsigned int hashlen,
+                                            const unsigned char *hash, unsigned char *sig);
+typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)(void *ctx);
 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
 
 /**
@@ -238,7 +235,7 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
  *
  * \return          The PK info associated with the type or NULL if not found.
  */
-const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
+const mbedtls_pk_info_t *mbedtls_pk_info_from_type(mbedtls_pk_type_t pk_type);
 
 /**
  * \brief           Initialize a #mbedtls_pk_context (as NONE).
@@ -246,7 +243,7 @@ const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
  * \param ctx       The context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_pk_init( mbedtls_pk_context *ctx );
+void mbedtls_pk_init(mbedtls_pk_context *ctx);
 
 /**
  * \brief           Free the components of a #mbedtls_pk_context.
@@ -259,7 +256,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx );
  *                  PSA key and you still need to call psa_destroy_key()
  *                  independently if you want to destroy that key.
  */
-void mbedtls_pk_free( mbedtls_pk_context *ctx );
+void mbedtls_pk_free(mbedtls_pk_context *ctx);
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
 /**
@@ -268,7 +265,7 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx );
  * \param ctx       The context to initialize.
  *                  This must not be \c NULL.
  */
-void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
+void mbedtls_pk_restart_init(mbedtls_pk_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context
@@ -276,7 +273,7 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx );
  * \param ctx       The context to clear. It must have been initialized.
  *                  If this is \c NULL, this function does nothing.
  */
-void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
+void mbedtls_pk_restart_free(mbedtls_pk_restart_ctx *ctx);
 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
 
 /**
@@ -294,7 +291,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
  * \note            For contexts holding an RSA-alt key, use
  *                  \c mbedtls_pk_setup_rsa_alt() instead.
  */
-int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
+int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /**
@@ -325,8 +322,8 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
  *                  ECC key pair.
  * \return          #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
  */
-int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
-                             const psa_key_id_t key );
+int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
+                            const psa_key_id_t key);
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
@@ -345,10 +342,10 @@ int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx,
  *
  * \note            This function replaces \c mbedtls_pk_setup() for RSA-alt.
  */
-int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
-                         mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
-                         mbedtls_pk_rsa_alt_sign_func sign_func,
-                         mbedtls_pk_rsa_alt_key_len_func key_len_func );
+int mbedtls_pk_setup_rsa_alt(mbedtls_pk_context *ctx, void *key,
+                             mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
+                             mbedtls_pk_rsa_alt_sign_func sign_func,
+                             mbedtls_pk_rsa_alt_key_len_func key_len_func);
 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
 
 /**
@@ -358,7 +355,7 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
  *
  * \return          Key size in bits, or 0 on error
  */
-size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
+size_t mbedtls_pk_get_bitlen(const mbedtls_pk_context *ctx);
 
 /**
  * \brief           Get the length in bytes of the underlying key
@@ -367,9 +364,9 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
  *
  * \return          Key length in bytes, or 0 on error
  */
-static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
+static inline size_t mbedtls_pk_get_len(const mbedtls_pk_context *ctx)
 {
-    return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
+    return (mbedtls_pk_get_bitlen(ctx) + 7) / 8;
 }
 
 /**
@@ -384,7 +381,7 @@ static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
  *                  been initialized but not set up, or that has been
  *                  cleared with mbedtls_pk_free().
  */
-int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
+int mbedtls_pk_can_do(const mbedtls_pk_context *ctx, mbedtls_pk_type_t type);
 
 /**
  * \brief           Verify signature (including padding if relevant).
@@ -405,14 +402,19 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
  *                  Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
  *                  to verify RSASSA_PSS signatures.
  *
+ * \note            If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                  subsystem must have been initialized by calling
+ *                  psa_crypto_init() before calling this function,
+ *                  if the key might be an ECC (ECDSA) key.
+ *
  * \note            If hash_len is 0, then the length associated with md_alg
  *                  is used instead, or an error returned if it is invalid.
  *
  * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
  */
-int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-               const unsigned char *hash, size_t hash_len,
-               const unsigned char *sig, size_t sig_len );
+int mbedtls_pk_verify(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                      const unsigned char *hash, size_t hash_len,
+                      const unsigned char *sig, size_t sig_len);
 
 /**
  * \brief           Restartable version of \c mbedtls_pk_verify()
@@ -434,11 +436,11 @@ int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  */
-int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
-               mbedtls_md_type_t md_alg,
-               const unsigned char *hash, size_t hash_len,
-               const unsigned char *sig, size_t sig_len,
-               mbedtls_pk_restart_ctx *rs_ctx );
+int mbedtls_pk_verify_restartable(mbedtls_pk_context *ctx,
+                                  mbedtls_md_type_t md_alg,
+                                  const unsigned char *hash, size_t hash_len,
+                                  const unsigned char *sig, size_t sig_len,
+                                  mbedtls_pk_restart_ctx *rs_ctx);
 
 /**
  * \brief           Verify signature, with options.
@@ -469,10 +471,10 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
  *                  to a mbedtls_pk_rsassa_pss_options structure,
  *                  otherwise it must be NULL.
  */
-int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
-                   mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   const unsigned char *sig, size_t sig_len );
+int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
+                          mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                          const unsigned char *hash, size_t hash_len,
+                          const unsigned char *sig, size_t sig_len);
 
 /**
  * \brief           Make signature, including padding if relevant.
@@ -504,10 +506,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
  * \note            For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
  *                  For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
  */
-int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
-             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                    const unsigned char *hash, size_t hash_len,
+                    unsigned char *sig, size_t *sig_len,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           Restartable version of \c mbedtls_pk_sign()
@@ -537,12 +539,12 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
  * \return          #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
  *                  operations was reached: see \c mbedtls_ecp_set_max_ops().
  */
-int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
-             mbedtls_md_type_t md_alg,
-             const unsigned char *hash, size_t hash_len,
-             unsigned char *sig, size_t *sig_len,
-             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-             mbedtls_pk_restart_ctx *rs_ctx );
+int mbedtls_pk_sign_restartable(mbedtls_pk_context *ctx,
+                                mbedtls_md_type_t md_alg,
+                                const unsigned char *hash, size_t hash_len,
+                                unsigned char *sig, size_t *sig_len,
+                                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                                mbedtls_pk_restart_ctx *rs_ctx);
 
 /**
  * \brief           Decrypt message (including padding if relevant).
@@ -561,10 +563,10 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
  *
  * \return          0 on success, or a specific error code.
  */
-int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output, size_t *olen, size_t osize,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_decrypt(mbedtls_pk_context *ctx,
+                       const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen, size_t osize,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           Encrypt message (including padding if relevant).
@@ -582,10 +584,10 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
  *
  * \return          0 on success, or a specific error code.
  */
-int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
-                const unsigned char *input, size_t ilen,
-                unsigned char *output, size_t *olen, size_t osize,
-                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+int mbedtls_pk_encrypt(mbedtls_pk_context *ctx,
+                       const unsigned char *input, size_t ilen,
+                       unsigned char *output, size_t *olen, size_t osize,
+                       int (*f_rng)(void *, unsigned char *, size_t), void *p_rng);
 
 /**
  * \brief           Check if a public-private pair of keys matches.
@@ -599,7 +601,7 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
  * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
  * \return          Another non-zero value if the keys do not match.
  */
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
+int mbedtls_pk_check_pair(const mbedtls_pk_context *pub, const mbedtls_pk_context *prv);
 
 /**
  * \brief           Export debug information
@@ -609,7 +611,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte
  *
  * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
  */
-int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
+int mbedtls_pk_debug(const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items);
 
 /**
  * \brief           Access the type name
@@ -618,7 +620,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item
  *
  * \return          Type name on success, or "invalid PK"
  */
-const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
+const char *mbedtls_pk_get_name(const mbedtls_pk_context *ctx);
 
 /**
  * \brief           Get the key type
@@ -628,7 +630,7 @@ const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
  * \return          Type on success.
  * \return          #MBEDTLS_PK_NONE for a context that has not been set up.
  */
-mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
+mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx);
 
 #if defined(MBEDTLS_RSA_C)
 /**
@@ -641,14 +643,13 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
  *
  * \return The internal RSA context held by the PK context, or NULL.
  */
-static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
+static inline mbedtls_rsa_context *mbedtls_pk_rsa(const mbedtls_pk_context pk)
 {
-    switch( mbedtls_pk_get_type( &pk ) )
-    {
+    switch (mbedtls_pk_get_type(&pk)) {
         case MBEDTLS_PK_RSA:
-            return( (mbedtls_rsa_context *) (pk).pk_ctx );
+            return (mbedtls_rsa_context *) (pk).pk_ctx;
         default:
-            return( NULL );
+            return NULL;
     }
 }
 #endif /* MBEDTLS_RSA_C */
@@ -665,16 +666,15 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
  *
  * \return The internal EC context held by the PK context, or NULL.
  */
-static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
+static inline mbedtls_ecp_keypair *mbedtls_pk_ec(const mbedtls_pk_context pk)
 {
-    switch( mbedtls_pk_get_type( &pk ) )
-    {
+    switch (mbedtls_pk_get_type(&pk)) {
         case MBEDTLS_PK_ECKEY:
         case MBEDTLS_PK_ECKEY_DH:
         case MBEDTLS_PK_ECDSA:
-            return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
+            return (mbedtls_ecp_keypair *) (pk).pk_ctx;
         default:
-            return( NULL );
+            return NULL;
     }
 }
 #endif /* MBEDTLS_ECP_C */
@@ -709,9 +709,9 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
  *
  * \return          0 if successful, or a specific PK or PEM error code
  */
-int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
-                  const unsigned char *key, size_t keylen,
-                  const unsigned char *pwd, size_t pwdlen );
+int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
+                         const unsigned char *key, size_t keylen,
+                         const unsigned char *pwd, size_t pwdlen);
 
 /** \ingroup pk_module */
 /**
@@ -735,8 +735,8 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
  *
  * \return          0 if successful, or a specific PK or PEM error code
  */
-int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
-                         const unsigned char *key, size_t keylen );
+int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx,
+                                const unsigned char *key, size_t keylen);
 
 #if defined(MBEDTLS_FS_IO)
 /** \ingroup pk_module */
@@ -760,8 +760,8 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
  *
  * \return          0 if successful, or a specific PK or PEM error code
  */
-int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
-                      const char *path, const char *password );
+int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx,
+                             const char *path, const char *password);
 
 /** \ingroup pk_module */
 /**
@@ -780,7 +780,7 @@ int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
  *
  * \return          0 if successful, or a specific PK or PEM error code
  */
-int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
+int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path);
 #endif /* MBEDTLS_FS_IO */
 #endif /* MBEDTLS_PK_PARSE_C */
 
@@ -798,7 +798,7 @@ int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path )
  * \return          length of data written if successful, or a specific
  *                  error code
  */
-int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_key_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
 
 /**
  * \brief           Write a public key to a SubjectPublicKeyInfo DER structure
@@ -813,7 +813,7 @@ int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_
  * \return          length of data written if successful, or a specific
  *                  error code
  */
-int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_pubkey_der(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
 
 #if defined(MBEDTLS_PEM_WRITE_C)
 /**
@@ -826,7 +826,7 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, si
  *
  * \return          0 if successful, or a specific error code
  */
-int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_pubkey_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
 
 /**
  * \brief           Write a private key to a PKCS#1 or SEC1 PEM string
@@ -838,7 +838,7 @@ int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, si
  *
  * \return          0 if successful, or a specific error code
  */
-int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+int mbedtls_pk_write_key_pem(mbedtls_pk_context *ctx, unsigned char *buf, size_t size);
 #endif /* MBEDTLS_PEM_WRITE_C */
 #endif /* MBEDTLS_PK_WRITE_C */
 
@@ -858,8 +858,8 @@ int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_
  *
  * \return          0 if successful, or a specific PK error code
  */
-int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
-                        mbedtls_pk_context *pk );
+int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end,
+                               mbedtls_pk_context *pk);
 #endif /* MBEDTLS_PK_PARSE_C */
 
 #if defined(MBEDTLS_PK_WRITE_C)
@@ -873,8 +873,8 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
  *
  * \return          the length written or a negative error code
  */
-int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
-                     const mbedtls_pk_context *key );
+int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
+                            const mbedtls_pk_context *key);
 #endif /* MBEDTLS_PK_WRITE_C */
 
 /*
@@ -882,7 +882,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
  * know you do.
  */
 #if defined(MBEDTLS_FS_IO)
-int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
+int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n);
 #endif
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -906,9 +906,9 @@ int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
  * \return          \c 0 if successful.
  * \return          An Mbed TLS error code otherwise.
  */
-int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
-                               psa_key_id_t *key,
-                               psa_algorithm_t hash_alg );
+int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
+                              psa_key_id_t *key,
+                              psa_algorithm_t hash_alg);
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/pk_internal.h

@@ -31,8 +31,7 @@
 
 #include "mbedtls/pk.h"
 
-struct mbedtls_pk_info_t
-{
+struct mbedtls_pk_info_t {
     /** Public key type */
     mbedtls_pk_type_t type;
 
@@ -40,75 +39,74 @@ struct mbedtls_pk_info_t
     const char *name;
 
     /** Get key size in bits */
-    size_t (*get_bitlen)( const void * );
+    size_t (*get_bitlen)(const void *);
 
     /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
-    int (*can_do)( mbedtls_pk_type_t type );
+    int (*can_do)(mbedtls_pk_type_t type);
 
     /** Verify signature */
-    int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg,
-                        const unsigned char *hash, size_t hash_len,
-                        const unsigned char *sig, size_t sig_len );
+    int (*verify_func)(void *ctx, mbedtls_md_type_t md_alg,
+                       const unsigned char *hash, size_t hash_len,
+                       const unsigned char *sig, size_t sig_len);
 
     /** Make signature */
-    int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg,
-                      const unsigned char *hash, size_t hash_len,
-                      unsigned char *sig, size_t *sig_len,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+    int (*sign_func)(void *ctx, mbedtls_md_type_t md_alg,
+                     const unsigned char *hash, size_t hash_len,
+                     unsigned char *sig, size_t *sig_len,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng);
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
     /** Verify signature (restartable) */
-    int (*verify_rs_func)( void *ctx, mbedtls_md_type_t md_alg,
-                           const unsigned char *hash, size_t hash_len,
-                           const unsigned char *sig, size_t sig_len,
-                           void *rs_ctx );
+    int (*verify_rs_func)(void *ctx, mbedtls_md_type_t md_alg,
+                          const unsigned char *hash, size_t hash_len,
+                          const unsigned char *sig, size_t sig_len,
+                          void *rs_ctx);
 
     /** Make signature (restartable) */
-    int (*sign_rs_func)( void *ctx, mbedtls_md_type_t md_alg,
-                         const unsigned char *hash, size_t hash_len,
-                         unsigned char *sig, size_t *sig_len,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng, void *rs_ctx );
+    int (*sign_rs_func)(void *ctx, mbedtls_md_type_t md_alg,
+                        const unsigned char *hash, size_t hash_len,
+                        unsigned char *sig, size_t *sig_len,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng, void *rs_ctx);
 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
 
     /** Decrypt message */
-    int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen, size_t osize,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
+    int (*decrypt_func)(void *ctx, const unsigned char *input, size_t ilen,
+                        unsigned char *output, size_t *olen, size_t osize,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng);
 
     /** Encrypt message */
-    int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
-                         unsigned char *output, size_t *olen, size_t osize,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng );
+    int (*encrypt_func)(void *ctx, const unsigned char *input, size_t ilen,
+                        unsigned char *output, size_t *olen, size_t osize,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng);
 
     /** Check public-private key pair */
-    int (*check_pair_func)( const void *pub, const void *prv );
+    int (*check_pair_func)(const void *pub, const void *prv);
 
     /** Allocate a new context */
-    void * (*ctx_alloc_func)( void );
+    void * (*ctx_alloc_func)(void);
 
     /** Free the given context */
-    void (*ctx_free_func)( void *ctx );
+    void (*ctx_free_func)(void *ctx);
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
     /** Allocate the restart context */
-    void * (*rs_alloc_func)( void );
+    void *(*rs_alloc_func)(void);
 
     /** Free the restart context */
-    void (*rs_free_func)( void *rs_ctx );
+    void (*rs_free_func)(void *rs_ctx);
 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
 
     /** Interface with the debug module */
-    void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );
+    void (*debug_func)(const void *ctx, mbedtls_pk_debug_item *items);
 
 };
 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
 /* Container for RSA-alt */
-typedef struct
-{
+typedef struct {
     void *key;
     mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
     mbedtls_pk_rsa_alt_sign_func sign_func;

thirdparty/mbedtls/include/mbedtls/pkcs11.h

@@ -36,7 +36,7 @@
 
 #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -50,10 +50,9 @@ extern "C" {
 /**
  * Context for PKCS #11 private keys.
  */
-typedef struct mbedtls_pkcs11_context
-{
-        pkcs11h_certificate_t pkcs11h_cert;
-        int len;
+typedef struct mbedtls_pkcs11_context {
+    pkcs11h_certificate_t pkcs11h_cert;
+    int len;
 } mbedtls_pkcs11_context;
 
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -69,7 +68,7 @@ typedef struct mbedtls_pkcs11_context
  * \deprecated          This function is deprecated and will be removed in a
  *                      future version of the library.
  */
-MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx);
 
 /**
  * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate.
@@ -82,8 +81,8 @@ MBEDTLS_DEPRECATED void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
  *
  * \return              0 on success.
  */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert,
-                                        pkcs11h_certificate_t pkcs11h_cert );
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert,
+                                                     pkcs11h_certificate_t pkcs11h_cert);
 
 /**
  * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the
@@ -99,8 +98,8 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert,
  * \return              0 on success
  */
 MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind(
-                                        mbedtls_pkcs11_context *priv_key,
-                                        pkcs11h_certificate_t pkcs11_cert );
+    mbedtls_pkcs11_context *priv_key,
+    pkcs11h_certificate_t pkcs11_cert);
 
 /**
  * Free the contents of the given private key context. Note that the structure
@@ -112,7 +111,7 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_priv_key_bind(
  * \param priv_key      Private key structure to cleanup
  */
 MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free(
-                                            mbedtls_pkcs11_context *priv_key );
+    mbedtls_pkcs11_context *priv_key);
 
 /**
  * \brief          Do an RSA private key decrypt, then remove the message
@@ -134,11 +133,11 @@ MBEDTLS_DEPRECATED void mbedtls_pkcs11_priv_key_free(
  *                 of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
  *                 an error is thrown.
  */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
-                                               int mode, size_t *olen,
-                                               const unsigned char *input,
-                                               unsigned char *output,
-                                               size_t output_max_len );
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx,
+                                              int mode, size_t *olen,
+                                              const unsigned char *input,
+                                              unsigned char *output,
+                                              size_t output_max_len);
 
 /**
  * \brief          Do a private RSA to sign a message digest
@@ -159,12 +158,12 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
  * \note           The "sig" buffer must be as large as the size
  *                 of ctx->N (eg. 128 bytes if RSA-1024 is used).
  */
-MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
-                                            int mode,
-                                            mbedtls_md_type_t md_alg,
-                                            unsigned int hashlen,
-                                            const unsigned char *hash,
-                                            unsigned char *sig );
+MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx,
+                                           int mode,
+                                           mbedtls_md_type_t md_alg,
+                                           unsigned int hashlen,
+                                           const unsigned char *hash,
+                                           unsigned char *sig);
 
 /**
  * SSL/TLS wrappers for PKCS#11 functions
@@ -172,13 +171,15 @@ MBEDTLS_DEPRECATED int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
  * \deprecated     This function is deprecated and will be removed in a future
  *                 version of the library.
  */
-MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx,
-                            int mode, size_t *olen,
-                            const unsigned char *input, unsigned char *output,
-                            size_t output_max_len )
+MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt(void *ctx,
+                                                                int mode,
+                                                                size_t *olen,
+                                                                const unsigned char *input,
+                                                                unsigned char *output,
+                                                                size_t output_max_len)
 {
-    return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
-                           output_max_len );
+    return mbedtls_pkcs11_decrypt((mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
+                                  output_max_len);
 }
 
 /**
@@ -207,15 +208,21 @@ MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx,
  *                 <code>ctx->N</code>. For example, 128 bytes if RSA-1024 is
  *                 used.
  */
-MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-                    int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
-                    const unsigned char *hash, unsigned char *sig )
+MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign(void *ctx,
+                                                             int (*f_rng)(void *,
+                                                                          unsigned char *,
+                                                                          size_t),
+                                                             void *p_rng,
+                                                             int mode,
+                                                             mbedtls_md_type_t md_alg,
+                                                             unsigned int hashlen,
+                                                             const unsigned char *hash,
+                                                             unsigned char *sig)
 {
     ((void) f_rng);
     ((void) p_rng);
-    return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
-                        hashlen, hash, sig );
+    return mbedtls_pkcs11_sign((mbedtls_pkcs11_context *) ctx, mode, md_alg,
+                               hashlen, hash, sig);
 }
 
 /**
@@ -228,9 +235,9 @@ MBEDTLS_DEPRECATED static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
  *
  * \return         The length of the private key.
  */
-MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
+MBEDTLS_DEPRECATED static inline size_t mbedtls_ssl_pkcs11_key_len(void *ctx)
 {
-    return ( (mbedtls_pkcs11_context *) ctx )->len;
+    return ((mbedtls_pkcs11_context *) ctx)->len;
 }
 
 #undef MBEDTLS_DEPRECATED

thirdparty/mbedtls/include/mbedtls/pkcs12.h

@@ -70,10 +70,10 @@ extern "C" {
  *
  * \return           0 if successful, or a MBEDTLS_ERR_XXX code
  */
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
-                             const unsigned char *pwd,  size_t pwdlen,
-                             const unsigned char *input, size_t len,
-                             unsigned char *output );
+int mbedtls_pkcs12_pbe_sha1_rc4_128(mbedtls_asn1_buf *pbe_params, int mode,
+                                    const unsigned char *pwd,  size_t pwdlen,
+                                    const unsigned char *input, size_t len,
+                                    unsigned char *output);
 
 /**
  * \brief            PKCS12 Password Based function (encryption / decryption)
@@ -93,11 +93,11 @@ int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
  *
  * \return           0 if successful, or a MBEDTLS_ERR_XXX code
  */
-int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
-                mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
-                const unsigned char *pwd,  size_t pwdlen,
-                const unsigned char *input, size_t len,
-                unsigned char *output );
+int mbedtls_pkcs12_pbe(mbedtls_asn1_buf *pbe_params, int mode,
+                       mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                       const unsigned char *pwd,  size_t pwdlen,
+                       const unsigned char *input, size_t len,
+                       unsigned char *output);
 
 #endif /* MBEDTLS_ASN1_PARSE_C */
 
@@ -128,10 +128,10 @@ int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
  *
  * \return          0 if successful, or a MD, BIGNUM type error.
  */
-int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
-                       const unsigned char *pwd, size_t pwdlen,
-                       const unsigned char *salt, size_t saltlen,
-                       mbedtls_md_type_t mbedtls_md, int id, int iterations );
+int mbedtls_pkcs12_derivation(unsigned char *data, size_t datalen,
+                              const unsigned char *pwd, size_t pwdlen,
+                              const unsigned char *salt, size_t saltlen,
+                              mbedtls_md_type_t mbedtls_md, int id, int iterations);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/pkcs5.h

@@ -67,10 +67,10 @@ extern "C" {
  *
  * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
  */
-int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
-                 const unsigned char *pwd,  size_t pwdlen,
-                 const unsigned char *data, size_t datalen,
-                 unsigned char *output );
+int mbedtls_pkcs5_pbes2(const mbedtls_asn1_buf *pbe_params, int mode,
+                        const unsigned char *pwd,  size_t pwdlen,
+                        const unsigned char *data, size_t datalen,
+                        unsigned char *output);
 
 #endif /* MBEDTLS_ASN1_PARSE_C */
 
@@ -88,10 +88,10 @@ int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
  *
  * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
  */
-int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
-                       size_t plen, const unsigned char *salt, size_t slen,
-                       unsigned int iteration_count,
-                       uint32_t key_length, unsigned char *output );
+int mbedtls_pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password,
+                              size_t plen, const unsigned char *salt, size_t slen,
+                              unsigned int iteration_count,
+                              uint32_t key_length, unsigned char *output);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -100,7 +100,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_pkcs5_self_test( int verbose );
+int mbedtls_pkcs5_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/platform.h

@@ -149,8 +149,8 @@ extern "C" {
 #else
 /* For size_t */
 #include <stddef.h>
-extern void *mbedtls_calloc( size_t n, size_t size );
-extern void mbedtls_free( void *ptr );
+extern void *mbedtls_calloc(size_t n, size_t size);
+extern void mbedtls_free(void *ptr);
 
 /**
  * \brief               This function dynamically sets the memory-management
@@ -161,8 +161,8 @@ extern void mbedtls_free( void *ptr );
  *
  * \return              \c 0.
  */
-int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
-                              void (*free_func)( void * ) );
+int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
+                                     void (*free_func)(void *));
 #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
 #else /* !MBEDTLS_PLATFORM_MEMORY */
 #define mbedtls_free       free
@@ -175,7 +175,7 @@ int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
 #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
 /* We need FILE * */
 #include <stdio.h>
-extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
+extern int (*mbedtls_fprintf)(FILE *stream, const char *format, ...);
 
 /**
  * \brief                This function dynamically configures the fprintf
@@ -186,8 +186,8 @@ extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
  *
  * \return               \c 0.
  */
-int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
-                                               ... ) );
+int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *stream, const char *,
+                                                     ...));
 #else
 #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
 #define mbedtls_fprintf    MBEDTLS_PLATFORM_FPRINTF_MACRO
@@ -200,7 +200,7 @@ int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char
  * The function pointers for printf
  */
 #if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
-extern int (*mbedtls_printf)( const char *format, ... );
+extern int (*mbedtls_printf)(const char *format, ...);
 
 /**
  * \brief               This function dynamically configures the snprintf
@@ -211,7 +211,7 @@ extern int (*mbedtls_printf)( const char *format, ... );
  *
  * \return              \c 0 on success.
  */
-int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
+int mbedtls_platform_set_printf(int (*printf_func)(const char *, ...));
 #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
 #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
 #define mbedtls_printf     MBEDTLS_PLATFORM_PRINTF_MACRO
@@ -231,11 +231,11 @@ int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
  */
 #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF)
 /* For Windows (inc. MSYS2), we provide our own fixed implementation */
-int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... );
+int mbedtls_platform_win32_snprintf(char *s, size_t n, const char *fmt, ...);
 #endif
 
 #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
-extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
+extern int (*mbedtls_snprintf)(char *s, size_t n, const char *format, ...);
 
 /**
  * \brief                 This function allows configuring a custom
@@ -245,8 +245,8 @@ extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
  *
  * \return                \c 0 on success.
  */
-int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
-                                                 const char * format, ... ) );
+int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
+                                                       const char *format, ...));
 #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
 #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
 #define mbedtls_snprintf   MBEDTLS_PLATFORM_SNPRINTF_MACRO
@@ -267,12 +267,12 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
 #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF)
 #include <stdarg.h>
 /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */
-int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg );
+int mbedtls_platform_win32_vsnprintf(char *s, size_t n, const char *fmt, va_list arg);
 #endif
 
 #if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT)
 #include <stdarg.h>
-extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_list arg );
+extern int (*mbedtls_vsnprintf)(char *s, size_t n, const char *format, va_list arg);
 
 /**
  * \brief   Set your own snprintf function pointer
@@ -281,8 +281,8 @@ extern int (*mbedtls_vsnprintf)( char * s, size_t n, const char * format, va_lis
  *
  * \return  \c 0
  */
-int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
-                                                 const char * format, va_list arg ) );
+int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
+                                                         const char *format, va_list arg));
 #else /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */
 #if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
 #define mbedtls_vsnprintf   MBEDTLS_PLATFORM_VSNPRINTF_MACRO
@@ -295,7 +295,7 @@ int mbedtls_platform_set_vsnprintf( int (*vsnprintf_func)( char * s, size_t n,
  * The function pointers for exit
  */
 #if defined(MBEDTLS_PLATFORM_EXIT_ALT)
-extern void (*mbedtls_exit)( int status );
+extern void (*mbedtls_exit)(int status);
 
 /**
  * \brief             This function dynamically configures the exit
@@ -306,7 +306,7 @@ extern void (*mbedtls_exit)( int status );
  *
  * \return            \c 0 on success.
  */
-int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
+int mbedtls_platform_set_exit(void (*exit_func)(int status));
 #else
 #if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
 #define mbedtls_exit   MBEDTLS_PLATFORM_EXIT_MACRO
@@ -338,13 +338,13 @@ int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
 #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
 /* Internal standard platform definitions */
-int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len );
-int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len );
+int mbedtls_platform_std_nv_seed_read(unsigned char *buf, size_t buf_len);
+int mbedtls_platform_std_nv_seed_write(unsigned char *buf, size_t buf_len);
 #endif
 
 #if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
-extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len );
-extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
+extern int (*mbedtls_nv_seed_read)(unsigned char *buf, size_t buf_len);
+extern int (*mbedtls_nv_seed_write)(unsigned char *buf, size_t buf_len);
 
 /**
  * \brief   This function allows configuring custom seed file writing and
@@ -356,9 +356,9 @@ extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
  * \return  \c 0 on success.
  */
 int mbedtls_platform_set_nv_seed(
-            int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ),
-            int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len )
-            );
+    int (*nv_seed_read_func)(unsigned char *buf, size_t buf_len),
+    int (*nv_seed_write_func)(unsigned char *buf, size_t buf_len)
+    );
 #else
 #if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
     defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
@@ -379,8 +379,7 @@ int mbedtls_platform_set_nv_seed(
  * \note    This structure may be used to assist platform-specific
  *          setup or teardown operations.
  */
-typedef struct mbedtls_platform_context
-{
+typedef struct mbedtls_platform_context {
     char dummy; /**< A placeholder member, as empty structs are not portable. */
 }
 mbedtls_platform_context;
@@ -404,7 +403,7 @@ mbedtls_platform_context;
  *
  * \return  \c 0 on success.
  */
-int mbedtls_platform_setup( mbedtls_platform_context *ctx );
+int mbedtls_platform_setup(mbedtls_platform_context *ctx);
 /**
  * \brief   This function performs any platform teardown operations.
  *
@@ -419,7 +418,7 @@ int mbedtls_platform_setup( mbedtls_platform_context *ctx );
  * \param   ctx     The platform context.
  *
  */
-void mbedtls_platform_teardown( mbedtls_platform_context *ctx );
+void mbedtls_platform_teardown(mbedtls_platform_context *ctx);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/platform_time.h

@@ -47,7 +47,7 @@ typedef time_t mbedtls_time_t;
  * The function pointers for time
  */
 #if defined(MBEDTLS_PLATFORM_TIME_ALT)
-extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
+extern mbedtls_time_t (*mbedtls_time)(mbedtls_time_t *time);
 
 /**
  * \brief   Set your own time function pointer
@@ -56,7 +56,7 @@ extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
  *
  * \return              0
  */
-int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) );
+int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *time));
 #else
 #if defined(MBEDTLS_PLATFORM_TIME_MACRO)
 #define mbedtls_time    MBEDTLS_PLATFORM_TIME_MACRO

thirdparty/mbedtls/include/mbedtls/platform_util.h

@@ -56,12 +56,12 @@ extern "C" {
 #define MBEDTLS_PARAM_FAILED_ALT
 
 #elif defined(MBEDTLS_CHECK_PARAMS_ASSERT)
-#define MBEDTLS_PARAM_FAILED( cond ) assert( cond )
+#define MBEDTLS_PARAM_FAILED(cond) assert(cond)
 #define MBEDTLS_PARAM_FAILED_ALT
 
 #else /* MBEDTLS_PARAM_FAILED */
-#define MBEDTLS_PARAM_FAILED( cond ) \
-    mbedtls_param_failed( #cond, __FILE__, __LINE__ )
+#define MBEDTLS_PARAM_FAILED(cond) \
+    mbedtls_param_failed( #cond, __FILE__, __LINE__)
 
 /**
  * \brief       User supplied callback function for parameter validation failure.
@@ -78,36 +78,36 @@ extern "C" {
  * \param file  The file where the assertion failed.
  * \param line  The line in the file where the assertion failed.
  */
-void mbedtls_param_failed( const char *failure_condition,
-                           const char *file,
-                           int line );
+void mbedtls_param_failed(const char *failure_condition,
+                          const char *file,
+                          int line);
 #endif /* MBEDTLS_PARAM_FAILED */
 
 /* Internal macro meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret )  \
+#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret)  \
     do {                                            \
-        if( !(cond) )                               \
+        if (!(cond))                               \
         {                                           \
-            MBEDTLS_PARAM_FAILED( cond );           \
-            return( ret );                          \
+            MBEDTLS_PARAM_FAILED(cond);           \
+            return ret;                          \
         }                                           \
-    } while( 0 )
+    } while (0)
 
 /* Internal macro meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE( cond )           \
+#define MBEDTLS_INTERNAL_VALIDATE(cond)           \
     do {                                            \
-        if( !(cond) )                               \
+        if (!(cond))                               \
         {                                           \
-            MBEDTLS_PARAM_FAILED( cond );           \
+            MBEDTLS_PARAM_FAILED(cond);           \
             return;                                 \
         }                                           \
-    } while( 0 )
+    } while (0)
 
 #else /* MBEDTLS_CHECK_PARAMS */
 
 /* Internal macros meant to be called only from within the library. */
-#define MBEDTLS_INTERNAL_VALIDATE_RET( cond, ret )  do { } while( 0 )
-#define MBEDTLS_INTERNAL_VALIDATE( cond )           do { } while( 0 )
+#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret)  do { } while (0)
+#define MBEDTLS_INTERNAL_VALIDATE(cond)           do { } while (0)
 
 #endif /* MBEDTLS_CHECK_PARAMS */
 
@@ -119,16 +119,16 @@ void mbedtls_param_failed( const char *failure_condition,
  * it, too. We might want to move all these definitions here at
  * some point for uniformity. */
 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
-MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_string_constant_t;
-#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL )       \
-    ( (mbedtls_deprecated_string_constant_t) ( VAL ) )
+MBEDTLS_DEPRECATED typedef char const *mbedtls_deprecated_string_constant_t;
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL)       \
+    ((mbedtls_deprecated_string_constant_t) (VAL))
 MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
-#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL )       \
-    ( (mbedtls_deprecated_numeric_constant_t) ( VAL ) )
+#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL)       \
+    ((mbedtls_deprecated_numeric_constant_t) (VAL))
 #undef MBEDTLS_DEPRECATED
 #else /* MBEDTLS_DEPRECATED_WARNING */
-#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL
-#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( VAL ) VAL
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT(VAL) VAL
+#define MBEDTLS_DEPRECATED_NUMERIC_CONSTANT(VAL) VAL
 #endif /* MBEDTLS_DEPRECATED_WARNING */
 #endif /* MBEDTLS_DEPRECATED_REMOVED */
 
@@ -218,7 +218,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
  * https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
  * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425#c34
  */
-#define MBEDTLS_IGNORE_RETURN(result) ( (void) !( result ) )
+#define MBEDTLS_IGNORE_RETURN(result) ((void) !(result))
 #endif
 
 /**
@@ -243,7 +243,7 @@ MBEDTLS_DEPRECATED typedef int mbedtls_deprecated_numeric_constant_t;
  * \param len   Length of the buffer in bytes
  *
  */
-void mbedtls_platform_zeroize( void *buf, size_t len );
+void mbedtls_platform_zeroize(void *buf, size_t len);
 
 #if defined(MBEDTLS_HAVE_TIME_DATE)
 /**
@@ -272,8 +272,8 @@ void mbedtls_platform_zeroize( void *buf, size_t len );
  * \return      Pointer to an object of type struct tm on success, otherwise
  *              NULL
  */
-struct tm *mbedtls_platform_gmtime_r( const mbedtls_time_t *tt,
-                                      struct tm *tm_buf );
+struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt,
+                                     struct tm *tm_buf);
 #endif /* MBEDTLS_HAVE_TIME_DATE */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/poly1305.h

@@ -60,8 +60,7 @@ extern "C" {
 
 #if !defined(MBEDTLS_POLY1305_ALT)
 
-typedef struct mbedtls_poly1305_context
-{
+typedef struct mbedtls_poly1305_context {
     uint32_t r[4];      /** The value for 'r' (low 128 bits of the key). */
     uint32_t s[4];      /** The value for 's' (high 128 bits of the key). */
     uint32_t acc[5];    /** The accumulator number. */
@@ -89,7 +88,7 @@ mbedtls_poly1305_context;
  * \param ctx       The Poly1305 context to initialize. This must
  *                  not be \c NULL.
  */
-void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
+void mbedtls_poly1305_init(mbedtls_poly1305_context *ctx);
 
 /**
  * \brief           This function releases and clears the specified
@@ -99,7 +98,7 @@ void mbedtls_poly1305_init( mbedtls_poly1305_context *ctx );
  *                  case this function is a no-op. If it is not \c NULL, it must
  *                  point to an initialized Poly1305 context.
  */
-void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
+void mbedtls_poly1305_free(mbedtls_poly1305_context *ctx);
 
 /**
  * \brief           This function sets the one-time authentication key.
@@ -114,8 +113,8 @@ void mbedtls_poly1305_free( mbedtls_poly1305_context *ctx );
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
-                             const unsigned char key[32] );
+int mbedtls_poly1305_starts(mbedtls_poly1305_context *ctx,
+                            const unsigned char key[32]);
 
 /**
  * \brief           This functions feeds an input buffer into an ongoing
@@ -135,9 +134,9 @@ int mbedtls_poly1305_starts( mbedtls_poly1305_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
-                             const unsigned char *input,
-                             size_t ilen );
+int mbedtls_poly1305_update(mbedtls_poly1305_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen);
 
 /**
  * \brief           This function generates the Poly1305 Message
@@ -151,8 +150,8 @@ int mbedtls_poly1305_update( mbedtls_poly1305_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
-                             unsigned char mac[16] );
+int mbedtls_poly1305_finish(mbedtls_poly1305_context *ctx,
+                            unsigned char mac[16]);
 
 /**
  * \brief           This function calculates the Poly1305 MAC of the input
@@ -172,10 +171,10 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx,
  * \return          \c 0 on success.
  * \return          A negative error code on failure.
  */
-int mbedtls_poly1305_mac( const unsigned char key[32],
-                          const unsigned char *input,
-                          size_t ilen,
-                          unsigned char mac[16] );
+int mbedtls_poly1305_mac(const unsigned char key[32],
+                         const unsigned char *input,
+                         size_t ilen,
+                         unsigned char mac[16]);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -184,7 +183,7 @@ int mbedtls_poly1305_mac( const unsigned char key[32],
  * \return          \c 0 on success.
  * \return          \c 1 on failure.
  */
-int mbedtls_poly1305_self_test( int verbose );
+int mbedtls_poly1305_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/ripemd160.h

@@ -47,8 +47,7 @@ extern "C" {
 /**
  * \brief          RIPEMD-160 context structure
  */
-typedef struct mbedtls_ripemd160_context
-{
+typedef struct mbedtls_ripemd160_context {
     uint32_t total[2];          /*!< number of bytes processed  */
     uint32_t state[5];          /*!< intermediate digest state  */
     unsigned char buffer[64];   /*!< data block being processed */
@@ -64,14 +63,14 @@ mbedtls_ripemd160_context;
  *
  * \param ctx      RIPEMD-160 context to be initialized
  */
-void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx );
+void mbedtls_ripemd160_init(mbedtls_ripemd160_context *ctx);
 
 /**
  * \brief          Clear RIPEMD-160 context
  *
  * \param ctx      RIPEMD-160 context to be cleared
  */
-void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
+void mbedtls_ripemd160_free(mbedtls_ripemd160_context *ctx);
 
 /**
  * \brief          Clone (the state of) a RIPEMD-160 context
@@ -79,8 +78,8 @@ void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
  * \param dst      The destination context
  * \param src      The context to be cloned
  */
-void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
-                        const mbedtls_ripemd160_context *src );
+void mbedtls_ripemd160_clone(mbedtls_ripemd160_context *dst,
+                             const mbedtls_ripemd160_context *src);
 
 /**
  * \brief          RIPEMD-160 context setup
@@ -89,7 +88,7 @@ void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
  *
  * \return         0 if successful
  */
-int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
+int mbedtls_ripemd160_starts_ret(mbedtls_ripemd160_context *ctx);
 
 /**
  * \brief          RIPEMD-160 process buffer
@@ -100,9 +99,9 @@ int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
  *
  * \return         0 if successful
  */
-int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
-                                  const unsigned char *input,
-                                  size_t ilen );
+int mbedtls_ripemd160_update_ret(mbedtls_ripemd160_context *ctx,
+                                 const unsigned char *input,
+                                 size_t ilen);
 
 /**
  * \brief          RIPEMD-160 final digest
@@ -112,8 +111,8 @@ int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
  *
  * \return         0 if successful
  */
-int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
-                                  unsigned char output[20] );
+int mbedtls_ripemd160_finish_ret(mbedtls_ripemd160_context *ctx,
+                                 unsigned char output[20]);
 
 /**
  * \brief          RIPEMD-160 process data block (internal use only)
@@ -123,8 +122,8 @@ int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
  *
  * \return         0 if successful
  */
-int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
-                                        const unsigned char data[64] );
+int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx,
+                                       const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -140,7 +139,7 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
  * \param ctx      context to be initialized
  */
 MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts(
-                                            mbedtls_ripemd160_context *ctx );
+    mbedtls_ripemd160_context *ctx);
 
 /**
  * \brief          RIPEMD-160 process buffer
@@ -152,9 +151,9 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_starts(
  * \param ilen     length of the input data
  */
 MBEDTLS_DEPRECATED void mbedtls_ripemd160_update(
-                                                mbedtls_ripemd160_context *ctx,
-                                                const unsigned char *input,
-                                                size_t ilen );
+    mbedtls_ripemd160_context *ctx,
+    const unsigned char *input,
+    size_t ilen);
 
 /**
  * \brief          RIPEMD-160 final digest
@@ -165,8 +164,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_update(
  * \param output   RIPEMD-160 checksum result
  */
 MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish(
-                                                mbedtls_ripemd160_context *ctx,
-                                                unsigned char output[20] );
+    mbedtls_ripemd160_context *ctx,
+    unsigned char output[20]);
 
 /**
  * \brief          RIPEMD-160 process data block (internal use only)
@@ -177,8 +176,8 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_finish(
  * \param data     buffer holding one block of data
  */
 MBEDTLS_DEPRECATED void mbedtls_ripemd160_process(
-                                            mbedtls_ripemd160_context *ctx,
-                                            const unsigned char data[64] );
+    mbedtls_ripemd160_context *ctx,
+    const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -192,9 +191,9 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160_process(
  *
  * \return         0 if successful
  */
-int mbedtls_ripemd160_ret( const unsigned char *input,
-                           size_t ilen,
-                           unsigned char output[20] );
+int mbedtls_ripemd160_ret(const unsigned char *input,
+                          size_t ilen,
+                          unsigned char output[20]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -211,9 +210,9 @@ int mbedtls_ripemd160_ret( const unsigned char *input,
  * \param ilen     length of the input data
  * \param output   RIPEMD-160 checksum result
  */
-MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
-                                           size_t ilen,
-                                           unsigned char output[20] );
+MBEDTLS_DEPRECATED void mbedtls_ripemd160(const unsigned char *input,
+                                          size_t ilen,
+                                          unsigned char output[20]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -225,7 +224,7 @@ MBEDTLS_DEPRECATED void mbedtls_ripemd160( const unsigned char *input,
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_ripemd160_self_test( int verbose );
+int mbedtls_ripemd160_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/rsa.h

@@ -106,8 +106,7 @@ extern "C" {
  *          is deprecated. All manipulation should instead be done through
  *          the public interface functions.
  */
-typedef struct mbedtls_rsa_context
-{
+typedef struct mbedtls_rsa_context {
     int ver;                    /*!<  Reserved for internal purposes.
                                  *    Do not set this field in application
                                  *    code. Its meaning might change without
@@ -134,8 +133,8 @@ typedef struct mbedtls_rsa_context
     mbedtls_mpi Vf;             /*!<  The cached un-blinding value. */
 
     int padding;                /*!< Selects padding mode:
-                                     #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
-                                     #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
+                                 #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
+                                 #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
     int hash_id;                /*!< Hash identifier of mbedtls_md_type_t type,
                                      as specified in md.h for use in the MGF
                                      mask generating function used in the
@@ -178,9 +177,9 @@ mbedtls_rsa_context;
  *                 \p padding is #MBEDTLS_RSA_PKCS_V21. It is unused
  *                 otherwise.
  */
-void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
-                       int padding,
-                       int hash_id );
+void mbedtls_rsa_init(mbedtls_rsa_context *ctx,
+                      int padding,
+                      int hash_id);
 
 /**
  * \brief          This function imports a set of core parameters into an
@@ -211,10 +210,10 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         A non-zero error code on failure.
  */
-int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
-                        const mbedtls_mpi *N,
-                        const mbedtls_mpi *P, const mbedtls_mpi *Q,
-                        const mbedtls_mpi *D, const mbedtls_mpi *E );
+int mbedtls_rsa_import(mbedtls_rsa_context *ctx,
+                       const mbedtls_mpi *N,
+                       const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                       const mbedtls_mpi *D, const mbedtls_mpi *E);
 
 /**
  * \brief          This function imports core RSA parameters, in raw big-endian
@@ -250,12 +249,12 @@ int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         A non-zero error code on failure.
  */
-int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
-                            unsigned char const *N, size_t N_len,
-                            unsigned char const *P, size_t P_len,
-                            unsigned char const *Q, size_t Q_len,
-                            unsigned char const *D, size_t D_len,
-                            unsigned char const *E, size_t E_len );
+int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx,
+                           unsigned char const *N, size_t N_len,
+                           unsigned char const *P, size_t P_len,
+                           unsigned char const *Q, size_t Q_len,
+                           unsigned char const *D, size_t D_len,
+                           unsigned char const *E, size_t E_len);
 
 /**
  * \brief          This function completes an RSA context from
@@ -289,7 +288,7 @@ int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
  *                 failed.
  *
  */
-int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
+int mbedtls_rsa_complete(mbedtls_rsa_context *ctx);
 
 /**
  * \brief          This function exports the core parameters of an RSA key.
@@ -331,9 +330,9 @@ int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
  * \return         A non-zero return code on any other failure.
  *
  */
-int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
-                        mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
-                        mbedtls_mpi *D, mbedtls_mpi *E );
+int mbedtls_rsa_export(const mbedtls_rsa_context *ctx,
+                       mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
+                       mbedtls_mpi *D, mbedtls_mpi *E);
 
 /**
  * \brief          This function exports core parameters of an RSA key
@@ -382,12 +381,12 @@ int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
  *                 functionality or because of security policies.
  * \return         A non-zero return code on any other failure.
  */
-int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
-                            unsigned char *N, size_t N_len,
-                            unsigned char *P, size_t P_len,
-                            unsigned char *Q, size_t Q_len,
-                            unsigned char *D, size_t D_len,
-                            unsigned char *E, size_t E_len );
+int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx,
+                           unsigned char *N, size_t N_len,
+                           unsigned char *P, size_t P_len,
+                           unsigned char *Q, size_t Q_len,
+                           unsigned char *D, size_t D_len,
+                           unsigned char *E, size_t E_len);
 
 /**
  * \brief          This function exports CRT parameters of a private RSA key.
@@ -408,8 +407,8 @@ int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
  * \return         A non-zero error code on failure.
  *
  */
-int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
-                            mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
+int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx,
+                           mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
 
 /**
  * \brief          This function sets padding for an already initialized RSA
@@ -420,8 +419,8 @@ int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
  *                 #MBEDTLS_RSA_PKCS_V15 or #MBEDTLS_RSA_PKCS_V21.
  * \param hash_id  The #MBEDTLS_RSA_PKCS_V21 hash identifier.
  */
-void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
-                              int hash_id );
+void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
+                             int hash_id);
 
 /**
  * \brief          This function retrieves the length of RSA modulus in Bytes.
@@ -431,7 +430,7 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
  * \return         The length of the RSA modulus in Bytes.
  *
  */
-size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
+size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx);
 
 /**
  * \brief          This function generates an RSA keypair.
@@ -451,10 +450,10 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         unsigned int nbits, int exponent );
+int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        unsigned int nbits, int exponent);
 
 /**
  * \brief          This function checks if a context contains at least an RSA
@@ -470,7 +469,7 @@ int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  *
  */
-int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
+int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx);
 
 /**
  * \brief      This function checks if a context contains an RSA private key
@@ -508,7 +507,7 @@ int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
  * \return     \c 0 on success.
  * \return     An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
+int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx);
 
 /**
  * \brief          This function checks a public-private RSA key pair.
@@ -521,8 +520,8 @@ int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
-                                const mbedtls_rsa_context *prv );
+int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
+                               const mbedtls_rsa_context *prv);
 
 /**
  * \brief          This function performs an RSA public key operation.
@@ -543,9 +542,9 @@ int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
-                const unsigned char *input,
-                unsigned char *output );
+int mbedtls_rsa_public(mbedtls_rsa_context *ctx,
+                       const unsigned char *input,
+                       unsigned char *output);
 
 /**
  * \brief          This function performs an RSA private key operation.
@@ -578,11 +577,11 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  *
  */
-int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
-                 int (*f_rng)(void *, unsigned char *, size_t),
-                 void *p_rng,
-                 const unsigned char *input,
-                 unsigned char *output );
+int mbedtls_rsa_private(mbedtls_rsa_context *ctx,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng,
+                        const unsigned char *input,
+                        unsigned char *output);
 
 /**
  * \brief          This function adds the message padding, then performs an RSA
@@ -623,12 +622,12 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng,
-                       int mode, size_t ilen,
-                       const unsigned char *input,
-                       unsigned char *output );
+int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng,
+                              int mode, size_t ilen,
+                              const unsigned char *input,
+                              unsigned char *output);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 encryption operation
@@ -664,12 +663,12 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode, size_t ilen,
-                                 const unsigned char *input,
-                                 unsigned char *output );
+int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode, size_t ilen,
+                                        const unsigned char *input,
+                                        unsigned char *output);
 
 /**
  * \brief            This function performs a PKCS#1 v2.1 OAEP encryption
@@ -709,14 +708,14 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
  * \return           \c 0 on success.
  * \return           An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng,
-                            int mode,
-                            const unsigned char *label, size_t label_len,
-                            size_t ilen,
-                            const unsigned char *input,
-                            unsigned char *output );
+int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx,
+                                   int (*f_rng)(void *, unsigned char *, size_t),
+                                   void *p_rng,
+                                   int mode,
+                                   const unsigned char *label, size_t label_len,
+                                   size_t ilen,
+                                   const unsigned char *input,
+                                   unsigned char *output);
 
 /**
  * \brief          This function performs an RSA operation, then removes the
@@ -762,13 +761,13 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng,
-                       int mode, size_t *olen,
-                       const unsigned char *input,
-                       unsigned char *output,
-                       size_t output_max_len );
+int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng,
+                              int mode, size_t *olen,
+                              const unsigned char *input,
+                              unsigned char *output,
+                              size_t output_max_len);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 decryption
@@ -812,13 +811,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  *
  */
-int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode, size_t *olen,
-                                 const unsigned char *input,
-                                 unsigned char *output,
-                                 size_t output_max_len );
+int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode, size_t *olen,
+                                        const unsigned char *input,
+                                        unsigned char *output,
+                                        size_t output_max_len);
 
 /**
  * \brief            This function performs a PKCS#1 v2.1 OAEP decryption
@@ -866,15 +865,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
-                            int (*f_rng)(void *, unsigned char *, size_t),
-                            void *p_rng,
-                            int mode,
-                            const unsigned char *label, size_t label_len,
-                            size_t *olen,
-                            const unsigned char *input,
-                            unsigned char *output,
-                            size_t output_max_len );
+int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx,
+                                   int (*f_rng)(void *, unsigned char *, size_t),
+                                   void *p_rng,
+                                   int mode,
+                                   const unsigned char *label, size_t label_len,
+                                   size_t *olen,
+                                   const unsigned char *input,
+                                   unsigned char *output,
+                                   size_t output_max_len);
 
 /**
  * \brief          This function performs a private RSA operation to sign
@@ -926,14 +925,14 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
-                    int (*f_rng)(void *, unsigned char *, size_t),
-                    void *p_rng,
-                    int mode,
-                    mbedtls_md_type_t md_alg,
-                    unsigned int hashlen,
-                    const unsigned char *hash,
-                    unsigned char *sig );
+int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng,
+                           int mode,
+                           mbedtls_md_type_t md_alg,
+                           unsigned int hashlen,
+                           const unsigned char *hash,
+                           unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 signature
@@ -974,14 +973,14 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng,
-                               int mode,
-                               mbedtls_md_type_t md_alg,
-                               unsigned int hashlen,
-                               const unsigned char *hash,
-                               unsigned char *sig );
+int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      int mode,
+                                      mbedtls_md_type_t md_alg,
+                                      unsigned int hashlen,
+                                      const unsigned char *hash,
+                                      unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS signature
@@ -1029,14 +1028,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         mbedtls_md_type_t md_alg,
-                         unsigned int hashlen,
-                         const unsigned char *hash,
-                         int saltlen,
-                         unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx,
+                                    int (*f_rng)(void *, unsigned char *, size_t),
+                                    void *p_rng,
+                                    mbedtls_md_type_t md_alg,
+                                    unsigned int hashlen,
+                                    const unsigned char *hash,
+                                    int saltlen,
+                                    unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS signature
@@ -1093,14 +1092,14 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the signing operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
-                         int (*f_rng)(void *, unsigned char *, size_t),
-                         void *p_rng,
-                         int mode,
-                         mbedtls_md_type_t md_alg,
-                         unsigned int hashlen,
-                         const unsigned char *hash,
-                         unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng,
+                                int mode,
+                                mbedtls_md_type_t md_alg,
+                                unsigned int hashlen,
+                                const unsigned char *hash,
+                                unsigned char *sig);
 
 /**
  * \brief          This function performs a public RSA operation and checks
@@ -1146,14 +1145,14 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng,
-                      int mode,
-                      mbedtls_md_type_t md_alg,
-                      unsigned int hashlen,
-                      const unsigned char *hash,
-                      const unsigned char *sig );
+int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng,
+                             int mode,
+                             mbedtls_md_type_t md_alg,
+                             unsigned int hashlen,
+                             const unsigned char *hash,
+                             const unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v1.5 verification
@@ -1192,14 +1191,14 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng,
-                                 int mode,
-                                 mbedtls_md_type_t md_alg,
-                                 unsigned int hashlen,
-                                 const unsigned char *hash,
-                                 const unsigned char *sig );
+int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx,
+                                        int (*f_rng)(void *, unsigned char *, size_t),
+                                        void *p_rng,
+                                        int mode,
+                                        mbedtls_md_type_t md_alg,
+                                        unsigned int hashlen,
+                                        const unsigned char *hash,
+                                        const unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS verification
@@ -1248,14 +1247,14 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
-                           int (*f_rng)(void *, unsigned char *, size_t),
-                           void *p_rng,
-                           int mode,
-                           mbedtls_md_type_t md_alg,
-                           unsigned int hashlen,
-                           const unsigned char *hash,
-                           const unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx,
+                                  int (*f_rng)(void *, unsigned char *, size_t),
+                                  void *p_rng,
+                                  int mode,
+                                  mbedtls_md_type_t md_alg,
+                                  unsigned int hashlen,
+                                  const unsigned char *hash,
+                                  const unsigned char *sig);
 
 /**
  * \brief          This function performs a PKCS#1 v2.1 PSS verification
@@ -1301,16 +1300,16 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
  * \return         \c 0 if the verify operation was successful.
  * \return         An \c MBEDTLS_ERR_RSA_XXX error code on failure.
  */
-int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
-                               int (*f_rng)(void *, unsigned char *, size_t),
-                               void *p_rng,
-                               int mode,
-                               mbedtls_md_type_t md_alg,
-                               unsigned int hashlen,
-                               const unsigned char *hash,
-                               mbedtls_md_type_t mgf1_hash_id,
-                               int expected_salt_len,
-                               const unsigned char *sig );
+int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx,
+                                      int (*f_rng)(void *, unsigned char *, size_t),
+                                      void *p_rng,
+                                      int mode,
+                                      mbedtls_md_type_t md_alg,
+                                      unsigned int hashlen,
+                                      const unsigned char *hash,
+                                      mbedtls_md_type_t mgf1_hash_id,
+                                      int expected_salt_len,
+                                      const unsigned char *sig);
 
 /**
  * \brief          This function copies the components of an RSA context.
@@ -1321,7 +1320,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
  * \return         \c 0 on success.
  * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
  */
-int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
+int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src);
 
 /**
  * \brief          This function frees the components of an RSA key.
@@ -1330,7 +1329,7 @@ int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
  *                 this function is a no-op. If it is not \c NULL, it must
  *                 point to an initialized RSA context.
  */
-void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
+void mbedtls_rsa_free(mbedtls_rsa_context *ctx);
 
 #if defined(MBEDTLS_SELF_TEST)
 
@@ -1340,7 +1339,7 @@ void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_rsa_self_test( int verbose );
+int mbedtls_rsa_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/rsa_internal.h

@@ -92,9 +92,9 @@ extern "C" {
  *                 use the helper function \c mbedtls_rsa_validate_params.
  *
  */
-int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E,
-                               mbedtls_mpi const *D,
-                               mbedtls_mpi *P, mbedtls_mpi *Q );
+int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N, mbedtls_mpi const *E,
+                              mbedtls_mpi const *D,
+                              mbedtls_mpi *P, mbedtls_mpi *Q);
 
 /**
  * \brief          Compute RSA private exponent from
@@ -117,10 +117,10 @@ int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E,
  * \note           This function does not check whether P and Q are primes.
  *
  */
-int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
-                                         mbedtls_mpi const *Q,
-                                         mbedtls_mpi const *E,
-                                         mbedtls_mpi *D );
+int mbedtls_rsa_deduce_private_exponent(mbedtls_mpi const *P,
+                                        mbedtls_mpi const *Q,
+                                        mbedtls_mpi const *E,
+                                        mbedtls_mpi *D);
 
 
 /**
@@ -143,9 +143,9 @@ int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
  *                 prime and whether D is a valid private exponent.
  *
  */
-int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
-                            const mbedtls_mpi *D, mbedtls_mpi *DP,
-                            mbedtls_mpi *DQ, mbedtls_mpi *QP );
+int mbedtls_rsa_deduce_crt(const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                           const mbedtls_mpi *D, mbedtls_mpi *DP,
+                           mbedtls_mpi *DQ, mbedtls_mpi *QP);
 
 
 /**
@@ -178,11 +178,11 @@ int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
  *                 to perform specific checks only. E.g., calling it with
  *                 (-,P,-,-,-) and a PRNG amounts to a primality check for P.
  */
-int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
-                                 const mbedtls_mpi *Q, const mbedtls_mpi *D,
-                                 const mbedtls_mpi *E,
-                                 int (*f_rng)(void *, unsigned char *, size_t),
-                                 void *p_rng );
+int mbedtls_rsa_validate_params(const mbedtls_mpi *N, const mbedtls_mpi *P,
+                                const mbedtls_mpi *Q, const mbedtls_mpi *D,
+                                const mbedtls_mpi *E,
+                                int (*f_rng)(void *, unsigned char *, size_t),
+                                void *p_rng);
 
 /**
  * \brief          Check validity of RSA CRT parameters
@@ -213,9 +213,9 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
  *                 to perform specific checks only. E.g., calling it with the
  *                 parameters (P, -, D, DP, -, -) will check DP = D mod P-1.
  */
-int mbedtls_rsa_validate_crt( const mbedtls_mpi *P,  const mbedtls_mpi *Q,
-                              const mbedtls_mpi *D,  const mbedtls_mpi *DP,
-                              const mbedtls_mpi *DQ, const mbedtls_mpi *QP );
+int mbedtls_rsa_validate_crt(const mbedtls_mpi *P,  const mbedtls_mpi *Q,
+                             const mbedtls_mpi *D,  const mbedtls_mpi *DP,
+                             const mbedtls_mpi *DQ, const mbedtls_mpi *QP);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/sha1.h

@@ -60,8 +60,7 @@ extern "C" {
  *                 stronger message digests instead.
  *
  */
-typedef struct mbedtls_sha1_context
-{
+typedef struct mbedtls_sha1_context {
     uint32_t total[2];          /*!< The number of Bytes processed.  */
     uint32_t state[5];          /*!< The intermediate digest state.  */
     unsigned char buffer[64];   /*!< The data block being processed. */
@@ -83,7 +82,7 @@ mbedtls_sha1_context;
  *                 This must not be \c NULL.
  *
  */
-void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
+void mbedtls_sha1_init(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function clears a SHA-1 context.
@@ -98,7 +97,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
  *                 SHA-1 context.
  *
  */
-void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
+void mbedtls_sha1_free(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function clones the state of a SHA-1 context.
@@ -111,8 +110,8 @@ void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
  * \param src      The SHA-1 context to clone from. This must be initialized.
  *
  */
-void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
-                         const mbedtls_sha1_context *src );
+void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
+                        const mbedtls_sha1_context *src);
 
 /**
  * \brief          This function starts a SHA-1 checksum calculation.
@@ -127,7 +126,7 @@ void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
  * \return         A negative error code on failure.
  *
  */
-int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
+int mbedtls_sha1_starts_ret(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing SHA-1
@@ -146,9 +145,9 @@ int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
-                             const unsigned char *input,
-                             size_t ilen );
+int mbedtls_sha1_update_ret(mbedtls_sha1_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-1 operation, and writes
@@ -166,8 +165,8 @@ int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
-                             unsigned char output[20] );
+int mbedtls_sha1_finish_ret(mbedtls_sha1_context *ctx,
+                            unsigned char output[20]);
 
 /**
  * \brief          SHA-1 process data block (internal use only).
@@ -184,8 +183,8 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
  * \return         A negative error code on failure.
  *
  */
-int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
-                                   const unsigned char data[64] );
+int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx,
+                                  const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -205,7 +204,7 @@ int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
  * \param ctx      The SHA-1 context to initialize. This must be initialized.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
+MBEDTLS_DEPRECATED void mbedtls_sha1_starts(mbedtls_sha1_context *ctx);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing SHA-1
@@ -224,9 +223,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
  * \param ilen     The length of the input data \p input in Bytes.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
-                                             const unsigned char *input,
-                                             size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_sha1_update(mbedtls_sha1_context *ctx,
+                                            const unsigned char *input,
+                                            size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-1 operation, and writes
@@ -243,8 +242,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_update( mbedtls_sha1_context *ctx,
  * \param output   The SHA-1 checksum result.
  *                 This must be a writable buffer of length \c 20 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
-                                             unsigned char output[20] );
+MBEDTLS_DEPRECATED void mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
+                                            unsigned char output[20]);
 
 /**
  * \brief          SHA-1 process data block (internal use only).
@@ -260,8 +259,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
  *                 This must be a readable buffer of length \c 64 bytes.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
-                                              const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_sha1_process(mbedtls_sha1_context *ctx,
+                                             const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -289,9 +288,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha1_process( mbedtls_sha1_context *ctx,
  * \return         A negative error code on failure.
  *
  */
-int mbedtls_sha1_ret( const unsigned char *input,
-                      size_t ilen,
-                      unsigned char output[20] );
+int mbedtls_sha1_ret(const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[20]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -321,9 +320,9 @@ int mbedtls_sha1_ret( const unsigned char *input,
  *                 buffer of size \c 20 Bytes.
  *
  */
-MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
-                                      size_t ilen,
-                                      unsigned char output[20] );
+MBEDTLS_DEPRECATED void mbedtls_sha1(const unsigned char *input,
+                                     size_t ilen,
+                                     unsigned char output[20]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -341,7 +340,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha1( const unsigned char *input,
  * \return         \c 1 on failure.
  *
  */
-int mbedtls_sha1_self_test( int verbose );
+int mbedtls_sha1_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/sha256.h

@@ -55,8 +55,7 @@ extern "C" {
  *                 checksum calculations. The choice between these two is
  *                 made in the call to mbedtls_sha256_starts_ret().
  */
-typedef struct mbedtls_sha256_context
-{
+typedef struct mbedtls_sha256_context {
     uint32_t total[2];          /*!< The number of Bytes processed.  */
     uint32_t state[8];          /*!< The intermediate digest state.  */
     unsigned char buffer[64];   /*!< The data block being processed. */
@@ -74,7 +73,7 @@ mbedtls_sha256_context;
  *
  * \param ctx      The SHA-256 context to initialize. This must not be \c NULL.
  */
-void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
+void mbedtls_sha256_init(mbedtls_sha256_context *ctx);
 
 /**
  * \brief          This function clears a SHA-256 context.
@@ -83,7 +82,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
  *                 case this function returns immediately. If it is not \c NULL,
  *                 it must point to an initialized SHA-256 context.
  */
-void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
+void mbedtls_sha256_free(mbedtls_sha256_context *ctx);
 
 /**
  * \brief          This function clones the state of a SHA-256 context.
@@ -91,8 +90,8 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
  * \param dst      The destination context. This must be initialized.
  * \param src      The context to clone. This must be initialized.
  */
-void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
-                           const mbedtls_sha256_context *src );
+void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
+                          const mbedtls_sha256_context *src);
 
 /**
  * \brief          This function starts a SHA-224 or SHA-256 checksum
@@ -105,7 +104,7 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
+int mbedtls_sha256_starts_ret(mbedtls_sha256_context *ctx, int is224);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -120,9 +119,9 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
-                               const unsigned char *input,
-                               size_t ilen );
+int mbedtls_sha256_update_ret(mbedtls_sha256_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-256 operation, and writes
@@ -136,8 +135,8 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
-                               unsigned char output[32] );
+int mbedtls_sha256_finish_ret(mbedtls_sha256_context *ctx,
+                              unsigned char output[32]);
 
 /**
  * \brief          This function processes a single data block within
@@ -151,8 +150,8 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
-                                     const unsigned char data[64] );
+int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx,
+                                    const unsigned char data[64]);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -170,8 +169,8 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
  * \param is224    Determines which function to use. This must be
  *                 either \c 0 for SHA-256, or \c 1 for SHA-224.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
-                                               int is224 );
+MBEDTLS_DEPRECATED void mbedtls_sha256_starts(mbedtls_sha256_context *ctx,
+                                              int is224);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -185,9 +184,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_starts( mbedtls_sha256_context *ctx,
  *                 buffer of length \p ilen Bytes.
  * \param ilen     The length of the input data in Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
-                                               const unsigned char *input,
-                                               size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_sha256_update(mbedtls_sha256_context *ctx,
+                                              const unsigned char *input,
+                                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-256 operation, and writes
@@ -200,8 +199,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_update( mbedtls_sha256_context *ctx,
  * \param output   The SHA-224 or SHA-256 checksum result. This must be
  *                 a writable buffer of length \c 32 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
-                                               unsigned char output[32] );
+MBEDTLS_DEPRECATED void mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
+                                              unsigned char output[32]);
 
 /**
  * \brief          This function processes a single data block within
@@ -214,8 +213,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
  * \param data     The buffer holding one block of data. This must be
  *                 a readable buffer of size \c 64 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
-                                                const unsigned char data[64] );
+MBEDTLS_DEPRECATED void mbedtls_sha256_process(mbedtls_sha256_context *ctx,
+                                               const unsigned char data[64]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -241,10 +240,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha256_process( mbedtls_sha256_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha256_ret( const unsigned char *input,
-                        size_t ilen,
-                        unsigned char output[32],
-                        int is224 );
+int mbedtls_sha256_ret(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[32],
+                       int is224);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -273,10 +272,10 @@ int mbedtls_sha256_ret( const unsigned char *input,
  * \param is224    Determines which function to use. This must be either
  *                 \c 0 for SHA-256, or \c 1 for SHA-224.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
-                                        size_t ilen,
-                                        unsigned char output[32],
-                                        int is224 );
+MBEDTLS_DEPRECATED void mbedtls_sha256(const unsigned char *input,
+                                       size_t ilen,
+                                       unsigned char output[32],
+                                       int is224);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -289,7 +288,7 @@ MBEDTLS_DEPRECATED void mbedtls_sha256( const unsigned char *input,
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_sha256_self_test( int verbose );
+int mbedtls_sha256_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/include/mbedtls/sha512.h

@@ -54,8 +54,7 @@ extern "C" {
  *                 checksum calculations. The choice between these two is
  *                 made in the call to mbedtls_sha512_starts_ret().
  */
-typedef struct mbedtls_sha512_context
-{
+typedef struct mbedtls_sha512_context {
     uint64_t total[2];          /*!< The number of Bytes processed. */
     uint64_t state[8];          /*!< The intermediate digest state. */
     unsigned char buffer[128];  /*!< The data block being processed. */
@@ -76,7 +75,7 @@ mbedtls_sha512_context;
  * \param ctx      The SHA-512 context to initialize. This must
  *                 not be \c NULL.
  */
-void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
+void mbedtls_sha512_init(mbedtls_sha512_context *ctx);
 
 /**
  * \brief          This function clears a SHA-512 context.
@@ -86,7 +85,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
  *                 is not \c NULL, it must point to an initialized
  *                 SHA-512 context.
  */
-void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
+void mbedtls_sha512_free(mbedtls_sha512_context *ctx);
 
 /**
  * \brief          This function clones the state of a SHA-512 context.
@@ -94,8 +93,8 @@ void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
  * \param dst      The destination context. This must be initialized.
  * \param src      The context to clone. This must be initialized.
  */
-void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
-                           const mbedtls_sha512_context *src );
+void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
+                          const mbedtls_sha512_context *src);
 
 /**
  * \brief          This function starts a SHA-384 or SHA-512 checksum
@@ -112,7 +111,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
+int mbedtls_sha512_starts_ret(mbedtls_sha512_context *ctx, int is384);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -127,9 +126,9 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
-                    const unsigned char *input,
-                    size_t ilen );
+int mbedtls_sha512_update_ret(mbedtls_sha512_context *ctx,
+                              const unsigned char *input,
+                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-512 operation, and writes
@@ -143,8 +142,8 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
-                               unsigned char output[64] );
+int mbedtls_sha512_finish_ret(mbedtls_sha512_context *ctx,
+                              unsigned char output[64]);
 
 /**
  * \brief          This function processes a single data block within
@@ -158,8 +157,8 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
-                                     const unsigned char data[128] );
+int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx,
+                                    const unsigned char data[128]);
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
 #define MBEDTLS_DEPRECATED      __attribute__((deprecated))
@@ -179,8 +178,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
  * \note           When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must
  *                 be \c 0, or the function will fail to work.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
-                                               int is384 );
+MBEDTLS_DEPRECATED void mbedtls_sha512_starts(mbedtls_sha512_context *ctx,
+                                              int is384);
 
 /**
  * \brief          This function feeds an input buffer into an ongoing
@@ -194,9 +193,9 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_starts( mbedtls_sha512_context *ctx,
  *                 buffer of length \p ilen Bytes.
  * \param ilen     The length of the input data in Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
-                                               const unsigned char *input,
-                                               size_t ilen );
+MBEDTLS_DEPRECATED void mbedtls_sha512_update(mbedtls_sha512_context *ctx,
+                                              const unsigned char *input,
+                                              size_t ilen);
 
 /**
  * \brief          This function finishes the SHA-512 operation, and writes
@@ -209,8 +208,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_update( mbedtls_sha512_context *ctx,
  * \param output   The SHA-384 or SHA-512 checksum result. This must
  *                 be a writable buffer of size \c 64 Bytes.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
-                                               unsigned char output[64] );
+MBEDTLS_DEPRECATED void mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
+                                              unsigned char output[64]);
 
 /**
  * \brief          This function processes a single data block within
@@ -224,8 +223,8 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
  *                 a readable buffer of length \c 128 Bytes.
  */
 MBEDTLS_DEPRECATED void mbedtls_sha512_process(
-                                            mbedtls_sha512_context *ctx,
-                                            const unsigned char data[128] );
+    mbedtls_sha512_context *ctx,
+    const unsigned char data[128]);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
@@ -255,10 +254,10 @@ MBEDTLS_DEPRECATED void mbedtls_sha512_process(
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-int mbedtls_sha512_ret( const unsigned char *input,
-                        size_t ilen,
-                        unsigned char output[64],
-                        int is384 );
+int mbedtls_sha512_ret(const unsigned char *input,
+                       size_t ilen,
+                       unsigned char output[64],
+                       int is384);
 
 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
 #if defined(MBEDTLS_DEPRECATED_WARNING)
@@ -290,23 +289,23 @@ int mbedtls_sha512_ret( const unsigned char *input,
  * \note           When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must
  *                 be \c 0, or the function will fail to work.
  */
-MBEDTLS_DEPRECATED void mbedtls_sha512( const unsigned char *input,
-                                        size_t ilen,
-                                        unsigned char output[64],
-                                        int is384 );
+MBEDTLS_DEPRECATED void mbedtls_sha512(const unsigned char *input,
+                                       size_t ilen,
+                                       unsigned char output[64],
+                                       int is384);
 
 #undef MBEDTLS_DEPRECATED
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
 #if defined(MBEDTLS_SELF_TEST)
 
- /**
+/**
  * \brief          The SHA-384 or SHA-512 checkup routine.
  *
  * \return         \c 0 on success.
  * \return         \c 1 on failure.
  */
-int mbedtls_sha512_self_test( int verbose );
+int mbedtls_sha512_self_test(int verbose);
 #endif /* MBEDTLS_SELF_TEST */
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/ssl_cache.h

@@ -62,8 +62,7 @@ typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
 /**
  * \brief   This structure is used for storing cache entries
  */
-struct mbedtls_ssl_cache_entry
-{
+struct mbedtls_ssl_cache_entry {
 #if defined(MBEDTLS_HAVE_TIME)
     mbedtls_time_t timestamp;           /*!< entry timestamp    */
 #endif
@@ -78,8 +77,7 @@ struct mbedtls_ssl_cache_entry
 /**
  * \brief Cache context
  */
-struct mbedtls_ssl_cache_context
-{
+struct mbedtls_ssl_cache_context {
     mbedtls_ssl_cache_entry *chain;     /*!< start of the chain     */
     int timeout;                /*!< cache entry timeout    */
     int max_entries;            /*!< maximum entries        */
@@ -93,7 +91,7 @@ struct mbedtls_ssl_cache_context
  *
  * \param cache    SSL cache context
  */
-void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
+void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache);
 
 /**
  * \brief          Cache get callback implementation
@@ -102,7 +100,7 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
  * \param data     SSL cache context
  * \param session  session to retrieve entry for
  */
-int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
+int mbedtls_ssl_cache_get(void *data, mbedtls_ssl_session *session);
 
 /**
  * \brief          Cache set callback implementation
@@ -111,7 +109,7 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
  * \param data     SSL cache context
  * \param session  session to store entry for
  */
-int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
+int mbedtls_ssl_cache_set(void *data, const mbedtls_ssl_session *session);
 
 #if defined(MBEDTLS_HAVE_TIME)
 /**
@@ -123,7 +121,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
  * \param cache    SSL cache context
  * \param timeout  cache entry timeout in seconds
  */
-void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
+void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout);
 #endif /* MBEDTLS_HAVE_TIME */
 
 /**
@@ -133,14 +131,14 @@ void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeou
  * \param cache    SSL cache context
  * \param max      cache entry maximum
  */
-void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
+void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max);
 
 /**
  * \brief          Free referenced items in a cache context and clear memory
  *
  * \param cache    SSL cache context
  */
-void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
+void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/ssl_ciphersuites.h

@@ -385,10 +385,9 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
 /**
  * \brief   This structure is used for storing ciphersuite information
  */
-struct mbedtls_ssl_ciphersuite_t
-{
+struct mbedtls_ssl_ciphersuite_t {
     int id;
-    const char * name;
+    const char *name;
 
     mbedtls_cipher_type_t cipher;
     mbedtls_md_type_t mac;
@@ -402,92 +401,87 @@ struct mbedtls_ssl_ciphersuite_t
     unsigned char flags;
 };
 
-const int *mbedtls_ssl_list_ciphersuites( void );
+const int *mbedtls_ssl_list_ciphersuites(void);
 
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
-const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name);
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id);
 
 #if defined(MBEDTLS_PK_C)
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
-mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
 #endif
 
-int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
-int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
+int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
+int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_PSK:
         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
 
-static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 
-static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_RSA:
         case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
@@ -495,56 +489,54 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
-static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
+static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
+    const mbedtls_ssl_ciphersuite_t *info)
 {
-    switch( info->key_exchange )
-    {
+    switch (info->key_exchange) {
         case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
         case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
-            return( 1 );
+            return 1;
 
         default:
-            return( 0 );
+            return 0;
     }
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */

thirdparty/mbedtls/include/mbedtls/ssl_cookie.h

@@ -54,8 +54,7 @@ extern "C" {
 /**
  * \brief          Context for the default cookie functions.
  */
-typedef struct mbedtls_ssl_cookie_ctx
-{
+typedef struct mbedtls_ssl_cookie_ctx {
     mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
 #if !defined(MBEDTLS_HAVE_TIME)
     unsigned long   serial;     /*!< serial number for expiration   */
@@ -71,14 +70,14 @@ typedef struct mbedtls_ssl_cookie_ctx
 /**
  * \brief          Initialize cookie context
  */
-void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
+void mbedtls_ssl_cookie_init(mbedtls_ssl_cookie_ctx *ctx);
 
 /**
  * \brief          Setup cookie context (generate keys)
  */
-int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
-                      int (*f_rng)(void *, unsigned char *, size_t),
-                      void *p_rng );
+int mbedtls_ssl_cookie_setup(mbedtls_ssl_cookie_ctx *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng);
 
 /**
  * \brief          Set expiration delay for cookies
@@ -89,12 +88,12 @@ int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
  *                 issued in the meantime.
  *                 0 to disable expiration (NOT recommended)
  */
-void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
+void mbedtls_ssl_cookie_set_timeout(mbedtls_ssl_cookie_ctx *ctx, unsigned long delay);
 
 /**
  * \brief          Free cookie context
  */
-void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
+void mbedtls_ssl_cookie_free(mbedtls_ssl_cookie_ctx *ctx);
 
 /**
  * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t

thirdparty/mbedtls/include/mbedtls/ssl_internal.h

@@ -60,7 +60,7 @@
 #include "mbedtls/psa_util.h"
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -146,19 +146,19 @@
 
 /* This macro determines whether CBC is supported. */
 #if defined(MBEDTLS_CIPHER_MODE_CBC) &&                               \
-    ( defined(MBEDTLS_AES_C)      ||                                  \
-      defined(MBEDTLS_CAMELLIA_C) ||                                  \
-      defined(MBEDTLS_ARIA_C)     ||                                  \
-      defined(MBEDTLS_DES_C) )
+    (defined(MBEDTLS_AES_C)      ||                                  \
+    defined(MBEDTLS_CAMELLIA_C) ||                                  \
+    defined(MBEDTLS_ARIA_C)     ||                                  \
+    defined(MBEDTLS_DES_C))
 #define MBEDTLS_SSL_SOME_SUITES_USE_CBC
 #endif
 
 /* This macro determines whether the CBC construct used in TLS 1.0-1.2 (as
  * opposed to the very different CBC construct used in SSLv3) is supported. */
 #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \
-    ( defined(MBEDTLS_SSL_PROTO_TLS1) ||        \
-      defined(MBEDTLS_SSL_PROTO_TLS1_1) ||      \
-      defined(MBEDTLS_SSL_PROTO_TLS1_2) )
+    (defined(MBEDTLS_SSL_PROTO_TLS1) ||        \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1) ||      \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2))
 #define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC
 #endif
 
@@ -193,18 +193,18 @@
 #define MBEDTLS_SSL_MAX_CID_EXPANSION        0
 #endif
 
-#define MBEDTLS_SSL_PAYLOAD_OVERHEAD ( MBEDTLS_SSL_COMPRESSION_ADD +    \
-                                       MBEDTLS_MAX_IV_LENGTH +          \
-                                       MBEDTLS_SSL_MAC_ADD +            \
-                                       MBEDTLS_SSL_PADDING_ADD +        \
-                                       MBEDTLS_SSL_MAX_CID_EXPANSION    \
-                                       )
+#define MBEDTLS_SSL_PAYLOAD_OVERHEAD (MBEDTLS_SSL_COMPRESSION_ADD +    \
+                                      MBEDTLS_MAX_IV_LENGTH +          \
+                                      MBEDTLS_SSL_MAC_ADD +            \
+                                      MBEDTLS_SSL_PADDING_ADD +        \
+                                      MBEDTLS_SSL_MAX_CID_EXPANSION    \
+                                      )
 
-#define MBEDTLS_SSL_IN_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
-                                     ( MBEDTLS_SSL_IN_CONTENT_LEN ) )
+#define MBEDTLS_SSL_IN_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
+                                    (MBEDTLS_SSL_IN_CONTENT_LEN))
 
-#define MBEDTLS_SSL_OUT_PAYLOAD_LEN ( MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
-                                      ( MBEDTLS_SSL_OUT_CONTENT_LEN ) )
+#define MBEDTLS_SSL_OUT_PAYLOAD_LEN (MBEDTLS_SSL_PAYLOAD_OVERHEAD + \
+                                     (MBEDTLS_SSL_OUT_CONTENT_LEN))
 
 /* The maximum number of buffered handshake messages. */
 #define MBEDTLS_SSL_MAX_BUFFERED_HS 4
@@ -215,8 +215,8 @@
  */
 #define MBEDTLS_TLS_EXT_ADV_CONTENT_LEN (                            \
         (MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN)   \
-        ? ( MBEDTLS_SSL_OUT_CONTENT_LEN )                            \
-        : ( MBEDTLS_SSL_IN_CONTENT_LEN )                             \
+        ? (MBEDTLS_SSL_OUT_CONTENT_LEN)                            \
+        : (MBEDTLS_SSL_IN_CONTENT_LEN)                             \
         )
 
 /* Maximum size in bytes of list in sig-hash algorithm ext., RFC 5246 */
@@ -234,11 +234,13 @@
 #endif
 
 #if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
-#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
+#error \
+    "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
 #endif
 
 #if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN
-#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
+#error \
+    "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN."
 #endif
 
 #if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048
@@ -258,44 +260,44 @@
 
 #if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
 #define MBEDTLS_SSL_IN_BUFFER_LEN  \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) )
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN))
 #else
 #define MBEDTLS_SSL_IN_BUFFER_LEN  \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) \
-      + ( MBEDTLS_SSL_CID_IN_LEN_MAX ) )
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_IN_PAYLOAD_LEN) \
+     + (MBEDTLS_SSL_CID_IN_LEN_MAX))
 #endif
 
 #if !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
 #define MBEDTLS_SSL_OUT_BUFFER_LEN  \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) )
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN))
 #else
 #define MBEDTLS_SSL_OUT_BUFFER_LEN                               \
-    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN )    \
-      + ( MBEDTLS_SSL_CID_OUT_LEN_MAX ) )
+    ((MBEDTLS_SSL_HEADER_LEN) + (MBEDTLS_SSL_OUT_PAYLOAD_LEN)    \
+     + (MBEDTLS_SSL_CID_OUT_LEN_MAX))
 #endif
 
 #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH)
-static inline size_t mbedtls_ssl_get_output_buflen( const mbedtls_ssl_context *ctx )
+static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx)
 {
-#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    return mbedtls_ssl_get_output_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
-               + MBEDTLS_SSL_CID_OUT_LEN_MAX;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    return mbedtls_ssl_get_output_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+           + MBEDTLS_SSL_CID_OUT_LEN_MAX;
 #else
-    return mbedtls_ssl_get_output_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
+    return mbedtls_ssl_get_output_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
 #endif
 }
 
-static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ctx )
+static inline size_t mbedtls_ssl_get_input_buflen(const mbedtls_ssl_context *ctx)
 {
-#if defined (MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    return mbedtls_ssl_get_input_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
-               + MBEDTLS_SSL_CID_IN_LEN_MAX;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    return mbedtls_ssl_get_input_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD
+           + MBEDTLS_SSL_CID_IN_LEN_MAX;
 #else
-    return mbedtls_ssl_get_input_max_frag_len( ctx )
-               + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
+    return mbedtls_ssl_get_input_max_frag_len(ctx)
+           + MBEDTLS_SSL_HEADER_LEN + MBEDTLS_SSL_PAYLOAD_OVERHEAD;
 #endif
 }
 #endif
@@ -303,7 +305,7 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct
 #ifdef MBEDTLS_ZLIB_SUPPORT
 /* Compression buffer holds both IN and OUT buffers, so should be size of the larger */
 #define MBEDTLS_SSL_COMPRESS_BUFFER_LEN (                               \
-        ( MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN )      \
+        (MBEDTLS_SSL_IN_BUFFER_LEN > MBEDTLS_SSL_OUT_BUFFER_LEN)      \
         ? MBEDTLS_SSL_IN_BUFFER_LEN                                     \
         : MBEDTLS_SSL_OUT_BUFFER_LEN                                    \
         )
@@ -328,10 +330,10 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct
  * \return       Zero if the needed space is available in the buffer, non-zero
  *               otherwise.
  */
-static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
-                                           const uint8_t *end, size_t need )
+static inline int mbedtls_ssl_chk_buf_ptr(const uint8_t *cur,
+                                          const uint8_t *end, size_t need)
 {
-    return( ( cur > end ) || ( need > (size_t)( end - cur ) ) );
+    return (cur > end) || (need > (size_t) (end - cur));
 }
 
 /**
@@ -344,13 +346,13 @@ static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
  * \param need   Needed space in bytes.
  *
  */
-#define MBEDTLS_SSL_CHK_BUF_PTR( cur, end, need )                        \
+#define MBEDTLS_SSL_CHK_BUF_PTR(cur, end, need)                        \
     do {                                                                 \
-        if( mbedtls_ssl_chk_buf_ptr( ( cur ), ( end ), ( need ) ) != 0 ) \
+        if (mbedtls_ssl_chk_buf_ptr((cur), (end), (need)) != 0) \
         {                                                                \
-            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );                  \
+            return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;                  \
         }                                                                \
-    } while( 0 )
+    } while (0)
 
 #ifdef __cplusplus
 extern "C" {
@@ -361,8 +363,7 @@ extern "C" {
 /*
  * Abstraction for a grid of allowed signature-hash-algorithm pairs.
  */
-struct mbedtls_ssl_sig_hash_set_t
-{
+struct mbedtls_ssl_sig_hash_set_t {
     /* At the moment, we only need to remember a single suitable
      * hash algorithm per signature algorithm. As long as that's
      * the case - and we don't need a general lookup function -
@@ -374,10 +375,10 @@ struct mbedtls_ssl_sig_hash_set_t
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
           MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
-typedef int  mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen,
-                                     const char *label,
-                                     const unsigned char *random, size_t rlen,
-                                     unsigned char *dstbuf, size_t dlen );
+typedef int  mbedtls_ssl_tls_prf_cb(const unsigned char *secret, size_t slen,
+                                    const char *label,
+                                    const unsigned char *random, size_t rlen,
+                                    unsigned char *dstbuf, size_t dlen);
 
 /* cipher.h exports the maximum IV, key and block length from
  * all ciphers enabled in the config, regardless of whether those
@@ -403,16 +404,15 @@ typedef int  mbedtls_ssl_tls_prf_cb( const unsigned char *secret, size_t slen,
  * \brief   The data structure holding the cryptographic material (key and IV)
  *          used for record protection in TLS 1.3.
  */
-struct mbedtls_ssl_key_set
-{
+struct mbedtls_ssl_key_set {
     /*! The key for client->server records. */
-    unsigned char client_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ];
+    unsigned char client_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH];
     /*! The key for server->client records. */
-    unsigned char server_write_key[ MBEDTLS_SSL_MAX_KEY_LENGTH ];
+    unsigned char server_write_key[MBEDTLS_SSL_MAX_KEY_LENGTH];
     /*! The IV  for client->server records. */
-    unsigned char client_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ];
+    unsigned char client_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH];
     /*! The IV  for server->client records. */
-    unsigned char server_write_iv[ MBEDTLS_SSL_MAX_IV_LENGTH ];
+    unsigned char server_write_iv[MBEDTLS_SSL_MAX_IV_LENGTH];
 
     size_t key_len; /*!< The length of client_write_key and
                      *   server_write_key, in Bytes. */
@@ -424,8 +424,7 @@ typedef struct mbedtls_ssl_key_set mbedtls_ssl_key_set;
 /*
  * This structure contains the parameters only needed during handshake.
  */
-struct mbedtls_ssl_handshake_params
-{
+struct mbedtls_ssl_handshake_params {
     /*
      * Handshake specific crypto variables
      */
@@ -544,16 +543,14 @@ struct mbedtls_ssl_handshake_params
 #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-    struct
-    {
+    struct {
         size_t total_bytes_buffered; /*!< Cumulative size of heap allocated
                                       *   buffers used for message buffering. */
 
         uint8_t seen_ccs;               /*!< Indicates if a CCS message has
                                          *   been seen in the current flight. */
 
-        struct mbedtls_ssl_hs_buffer
-        {
+        struct mbedtls_ssl_hs_buffer {
             unsigned is_valid      : 1;
             unsigned is_fragmented : 1;
             unsigned is_complete   : 1;
@@ -561,8 +558,7 @@ struct mbedtls_ssl_handshake_params
             size_t data_len;
         } hs[MBEDTLS_SSL_MAX_BUFFERED_HS];
 
-        struct
-        {
+        struct {
             unsigned char *data;
             size_t len;
             unsigned epoch;
@@ -585,7 +581,7 @@ struct mbedtls_ssl_handshake_params
     unsigned int in_flight_start_seq;   /*!<  Minimum message sequence in the
                                               flight being received          */
     mbedtls_ssl_transform *alt_transform_out;   /*!<  Alternative transform for
-                                              resending messages             */
+                                                   resending messages             */
     unsigned char alt_out_ctr[8];       /*!<  Alternative record epoch/counter
                                               for resending messages         */
 
@@ -596,7 +592,7 @@ struct mbedtls_ssl_handshake_params
                          *   has been negotiated. Possible values are
                          *   #MBEDTLS_SSL_CID_ENABLED and
                          *   #MBEDTLS_SSL_CID_DISABLED. */
-    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
+    unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];   /*! The peer's CID */
     uint8_t peer_cid_len;                                  /*!< The length of
                                                             *   \c peer_cid.  */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@@ -631,7 +627,7 @@ struct mbedtls_ssl_handshake_params
 
     unsigned char randbytes[64];        /*!<  random bytes            */
     unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
-                                        /*!<  premaster secret        */
+    /*!<  premaster secret        */
 
 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
     /** Asynchronous operation context. This field is meant for use by the
@@ -744,8 +740,7 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
  *   in other transformations.
  *
  */
-struct mbedtls_ssl_transform
-{
+struct mbedtls_ssl_transform {
     /*
      * Session specific crypto layer
      */
@@ -782,8 +777,8 @@ struct mbedtls_ssl_transform
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
     uint8_t in_cid_len;
     uint8_t out_cid_len;
-    unsigned char in_cid [ MBEDTLS_SSL_CID_IN_LEN_MAX ];
-    unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
+    unsigned char in_cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
+    unsigned char out_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 
     /*
@@ -806,13 +801,13 @@ struct mbedtls_ssl_transform
  * Equivalently, return 0 if a separate MAC is used, 1 otherwise.
  */
 static inline int mbedtls_ssl_transform_uses_aead(
-        const mbedtls_ssl_transform *transform )
+    const mbedtls_ssl_transform *transform)
 {
 #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-    return( transform->maclen == 0 && transform->taglen != 0 );
+    return transform->maclen == 0 && transform->taglen != 0;
 #else
     (void) transform;
-    return( 1 );
+    return 1;
 #endif
 }
 
@@ -842,8 +837,7 @@ static inline int mbedtls_ssl_transform_uses_aead(
 #define MBEDTLS_SSL_CID_LEN_MAX MBEDTLS_SSL_CID_IN_LEN_MAX
 #endif
 
-typedef struct
-{
+typedef struct {
     uint8_t ctr[8];         /* In TLS:  The implicit record sequence number.
                              * In DTLS: The 2-byte epoch followed by
                              *          the 6-byte sequence number.
@@ -866,7 +860,7 @@ typedef struct
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
     uint8_t cid_len;        /* Length of the CID (0 if not present)          */
-    unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID                 */
+    unsigned char cid[MBEDTLS_SSL_CID_LEN_MAX];   /* The CID                 */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 } mbedtls_record;
 
@@ -874,8 +868,7 @@ typedef struct
 /*
  * List of certificate + private key pairs
  */
-struct mbedtls_ssl_key_cert
-{
+struct mbedtls_ssl_key_cert {
     mbedtls_x509_crt *cert;                 /*!< cert                       */
     mbedtls_pk_context *key;                /*!< private key                */
     mbedtls_ssl_key_cert *next;             /*!< next key/cert pair         */
@@ -886,8 +879,7 @@ struct mbedtls_ssl_key_cert
 /*
  * List of handshake messages kept around for resending
  */
-struct mbedtls_ssl_flight_item
-{
+struct mbedtls_ssl_flight_item {
     unsigned char *p;       /*!< message, including handshake headers   */
     size_t len;             /*!< length of p                            */
     unsigned char type;     /*!< type of the message: handshake or CCS  */
@@ -899,20 +891,20 @@ struct mbedtls_ssl_flight_item
     defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 
 /* Find an entry in a signature-hash set matching a given hash algorithm. */
-mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set,
-                                                 mbedtls_pk_type_t sig_alg );
+mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find(mbedtls_ssl_sig_hash_set_t *set,
+                                                mbedtls_pk_type_t sig_alg);
 /* Add a signature-hash-pair to a signature-hash set */
-void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set,
-                                   mbedtls_pk_type_t sig_alg,
-                                   mbedtls_md_type_t md_alg );
+void mbedtls_ssl_sig_hash_set_add(mbedtls_ssl_sig_hash_set_t *set,
+                                  mbedtls_pk_type_t sig_alg,
+                                  mbedtls_md_type_t md_alg);
 /* Allow exactly one hash algorithm for each signature. */
-void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set,
-                                          mbedtls_md_type_t md_alg );
+void mbedtls_ssl_sig_hash_set_const_hash(mbedtls_ssl_sig_hash_set_t *set,
+                                         mbedtls_md_type_t md_alg);
 
 /* Setup an empty signature-hash set */
-static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set )
+static inline void mbedtls_ssl_sig_hash_set_init(mbedtls_ssl_sig_hash_set_t *set)
 {
-    mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE );
+    mbedtls_ssl_sig_hash_set_const_hash(set, MBEDTLS_MD_NONE);
 }
 
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
@@ -924,7 +916,7 @@ static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *se
  *
  * \param transform SSL transform context
  */
-void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform );
+void mbedtls_ssl_transform_free(mbedtls_ssl_transform *transform);
 
 /**
  * \brief           Free referenced items in an SSL handshake context and clear
@@ -932,26 +924,26 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform );
  *
  * \param ssl       SSL context
  */
-void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_handshake_free(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_client_step(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_server_step(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context *ssl);
 
-void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_reset_checksum(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_derive_keys(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handle_message_type(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_update_handshake_status(mbedtls_ssl_context *ssl);
 
 /**
  * \brief       Update record layer
@@ -1030,39 +1022,39 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
  *
  */
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
-                             unsigned update_hs_digest );
+int mbedtls_ssl_read_record(mbedtls_ssl_context *ssl,
+                            unsigned update_hs_digest);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
+int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_handshake_msg(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush );
+int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, uint8_t force_flush);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_flush_output(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_parse_certificate(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_parse_change_cipher_spec(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_change_cipher_spec(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_parse_finished(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl);
 
-void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
-                            const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
+void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,
+                                   const mbedtls_ssl_ciphersuite_t *ciphersuite_info);
 
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
+int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex);
 
 /**
  * Get the first defined PSK by order of precedence:
@@ -1070,29 +1062,22 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
  * 2. static PSK configured by \c mbedtls_ssl_conf_psk()
  * Return a code and update the pair (PSK, PSK length) passed to this function
  */
-static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl,
-    const unsigned char **psk, size_t *psk_len )
+static inline int mbedtls_ssl_get_psk(const mbedtls_ssl_context *ssl,
+                                      const unsigned char **psk, size_t *psk_len)
 {
-    if( ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0 )
-    {
+    if (ssl->handshake->psk != NULL && ssl->handshake->psk_len > 0) {
         *psk = ssl->handshake->psk;
         *psk_len = ssl->handshake->psk_len;
-    }
-
-    else if( ssl->conf->psk != NULL && ssl->conf->psk_len > 0 )
-    {
+    } else if (ssl->conf->psk != NULL && ssl->conf->psk_len > 0) {
         *psk = ssl->conf->psk;
         *psk_len = ssl->conf->psk_len;
-    }
-
-    else
-    {
+    } else {
         *psk = NULL;
         *psk_len = 0;
-        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+        return MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED;
     }
 
-    return( 0 );
+    return 0;
 }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -1104,50 +1089,51 @@ static inline int mbedtls_ssl_get_psk( const mbedtls_ssl_context *ssl,
  * Return an opaque PSK
  */
 static inline psa_key_id_t mbedtls_ssl_get_opaque_psk(
-    const mbedtls_ssl_context *ssl )
+    const mbedtls_ssl_context *ssl)
 {
-    if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
-        return( ssl->handshake->psk_opaque );
+    if (!mbedtls_svc_key_id_is_null(ssl->handshake->psk_opaque)) {
+        return ssl->handshake->psk_opaque;
+    }
 
-    if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
-        return( ssl->conf->psk_opaque );
+    if (!mbedtls_svc_key_id_is_null(ssl->conf->psk_opaque)) {
+        return ssl->conf->psk_opaque;
+    }
 
-    return( MBEDTLS_SVC_KEY_ID_INIT );
+    return MBEDTLS_SVC_KEY_ID_INIT;
 }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
 
 #if defined(MBEDTLS_PK_C)
-unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
-unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type );
-mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
+unsigned char mbedtls_ssl_sig_from_pk(mbedtls_pk_context *pk);
+unsigned char mbedtls_ssl_sig_from_pk_alg(mbedtls_pk_type_t type);
+mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig(unsigned char sig);
 #endif
 
-mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
-unsigned char mbedtls_ssl_hash_from_md_alg( int md );
+mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash(unsigned char hash);
+unsigned char mbedtls_ssl_hash_from_md_alg(int md);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
+int mbedtls_ssl_set_calc_verify_md(mbedtls_ssl_context *ssl, int md);
 
 #if defined(MBEDTLS_ECP_C)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
+int mbedtls_ssl_check_curve(const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id );
+int mbedtls_ssl_check_curve_tls_id(const mbedtls_ssl_context *ssl, uint16_t tls_id);
 #endif
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
-                                mbedtls_md_type_t md );
+int mbedtls_ssl_check_sig_hash(const mbedtls_ssl_context *ssl,
+                               mbedtls_md_type_t md);
 #endif
 
 #if defined(MBEDTLS_SSL_DTLS_SRTP)
 static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
-                                                    ( const uint16_t srtp_profile_value )
+    (const uint16_t srtp_profile_value)
 {
-    switch( srtp_profile_value )
-    {
+    switch (srtp_profile_value) {
         case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
         case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
         case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
@@ -1155,33 +1141,35 @@ static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
             return srtp_profile_value;
         default: break;
     }
-    return( MBEDTLS_TLS_SRTP_UNSET );
+    return MBEDTLS_TLS_SRTP_UNSET;
 }
 #endif
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
-static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
+static inline mbedtls_pk_context *mbedtls_ssl_own_key(mbedtls_ssl_context *ssl)
 {
     mbedtls_ssl_key_cert *key_cert;
 
-    if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
+    if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) {
         key_cert = ssl->handshake->key_cert;
-    else
+    } else {
         key_cert = ssl->conf->key_cert;
+    }
 
-    return( key_cert == NULL ? NULL : key_cert->key );
+    return key_cert == NULL ? NULL : key_cert->key;
 }
 
-static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
+static inline mbedtls_x509_crt *mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl)
 {
     mbedtls_ssl_key_cert *key_cert;
 
-    if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
+    if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) {
         key_cert = ssl->handshake->key_cert;
-    else
+    } else {
         key_cert = ssl->conf->key_cert;
+    }
 
-    return( key_cert == NULL ? NULL : key_cert->cert );
+    return key_cert == NULL ? NULL : key_cert->cert;
 }
 
 /*
@@ -1194,77 +1182,76 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
  * Return 0 if everything is OK, -1 if not.
  */
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
-                          const mbedtls_ssl_ciphersuite_t *ciphersuite,
-                          int cert_endpoint,
-                          uint32_t *flags );
+int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert,
+                                 const mbedtls_ssl_ciphersuite_t *ciphersuite,
+                                 int cert_endpoint,
+                                 uint32_t *flags);
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
-void mbedtls_ssl_write_version( int major, int minor, int transport,
-                        unsigned char ver[2] );
-void mbedtls_ssl_read_version( int *major, int *minor, int transport,
-                       const unsigned char ver[2] );
+void mbedtls_ssl_write_version(int major, int minor, int transport,
+                               unsigned char ver[2]);
+void mbedtls_ssl_read_version(int *major, int *minor, int transport,
+                              const unsigned char ver[2]);
 
-static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl )
+static inline size_t mbedtls_ssl_in_hdr_len(const mbedtls_ssl_context *ssl)
 {
 #if !defined(MBEDTLS_SSL_PROTO_DTLS)
     ((void) ssl);
 #endif
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        return( 13 );
-    }
-    else
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 13;
+    } else
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
     {
-        return( 5 );
+        return 5;
     }
 }
 
-static inline size_t mbedtls_ssl_out_hdr_len( const mbedtls_ssl_context *ssl )
+static inline size_t mbedtls_ssl_out_hdr_len(const mbedtls_ssl_context *ssl)
 {
-    return( (size_t) ( ssl->out_iv - ssl->out_hdr ) );
+    return (size_t) (ssl->out_iv - ssl->out_hdr);
 }
 
-static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
+static inline size_t mbedtls_ssl_hs_hdr_len(const mbedtls_ssl_context *ssl)
 {
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 12 );
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 12;
+    }
 #else
     ((void) ssl);
 #endif
-    return( 4 );
+    return 4;
 }
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_recv_flight_completed(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_resend(mbedtls_ssl_context *ssl);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl);
 #endif
 
 /* Visible for testing purposes only */
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context const *ssl );
-void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_dtls_replay_check(mbedtls_ssl_context const *ssl);
+void mbedtls_ssl_dtls_replay_update(mbedtls_ssl_context *ssl);
 #endif
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_session_copy( mbedtls_ssl_session *dst,
-                              const mbedtls_ssl_session *src );
+int mbedtls_ssl_session_copy(mbedtls_ssl_session *dst,
+                             const mbedtls_ssl_session *src);
 
 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
     defined(MBEDTLS_SSL_PROTO_TLS1_1)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
-                                        unsigned char *output,
-                                        unsigned char *data, size_t data_len );
+int mbedtls_ssl_get_key_exchange_md_ssl_tls(mbedtls_ssl_context *ssl,
+                                            unsigned char *output,
+                                            unsigned char *data, size_t data_len);
 #endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
           MBEDTLS_SSL_PROTO_TLS1_1 */
 
@@ -1272,10 +1259,10 @@ int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
     defined(MBEDTLS_SSL_PROTO_TLS1_2)
 /* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
-                                            unsigned char *hash, size_t *hashlen,
-                                            unsigned char *data, size_t data_len,
-                                            mbedtls_md_type_t md_alg );
+int mbedtls_ssl_get_key_exchange_md_tls1_2(mbedtls_ssl_context *ssl,
+                                           unsigned char *hash, size_t *hashlen,
+                                           unsigned char *data, size_t data_len,
+                                           mbedtls_md_type_t md_alg);
 #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
           MBEDTLS_SSL_PROTO_TLS1_2 */
 
@@ -1283,70 +1270,71 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
 }
 #endif
 
-void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform );
+void mbedtls_ssl_transform_init(mbedtls_ssl_transform *transform);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
-                             mbedtls_ssl_transform *transform,
-                             mbedtls_record *rec,
-                             int (*f_rng)(void *, unsigned char *, size_t),
-                             void *p_rng );
+int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl,
+                            mbedtls_ssl_transform *transform,
+                            mbedtls_record *rec,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
-                             mbedtls_ssl_transform *transform,
-                             mbedtls_record *rec );
+int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl,
+                            mbedtls_ssl_transform *transform,
+                            mbedtls_record *rec);
 
 /* Length of the "epoch" field in the record header */
-static inline size_t mbedtls_ssl_ep_len( const mbedtls_ssl_context *ssl )
+static inline size_t mbedtls_ssl_ep_len(const mbedtls_ssl_context *ssl)
 {
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        return( 2 );
+    if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
+        return 2;
+    }
 #else
     ((void) ssl);
 #endif
-    return( 0 );
+    return 0;
 }
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_resend_hello_request( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_resend_hello_request(mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
-void mbedtls_ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs );
+void mbedtls_ssl_set_timer(mbedtls_ssl_context *ssl, uint32_t millisecs);
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_check_timer(mbedtls_ssl_context *ssl);
 
-void mbedtls_ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
-                              mbedtls_ssl_transform *transform );
-void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_reset_in_out_pointers(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_update_out_pointers(mbedtls_ssl_context *ssl,
+                                     mbedtls_ssl_transform *transform);
+void mbedtls_ssl_update_in_pointers(mbedtls_ssl_context *ssl);
 
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );
+int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial);
 
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_dtls_replay_reset(mbedtls_ssl_context *ssl);
 #endif
 
-void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_handshake_wrapup_free_hs_transform(mbedtls_ssl_context *ssl);
 
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
 MBEDTLS_CHECK_RETURN_CRITICAL
-int mbedtls_ssl_start_renegotiation( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_start_renegotiation(mbedtls_ssl_context *ssl);
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-size_t mbedtls_ssl_get_current_mtu( const mbedtls_ssl_context *ssl );
-void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl );
-void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight );
+size_t mbedtls_ssl_get_current_mtu(const mbedtls_ssl_context *ssl);
+void mbedtls_ssl_buffering_free(mbedtls_ssl_context *ssl);
+void mbedtls_ssl_flight_free(mbedtls_ssl_flight_item *flight);
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
 #if defined(MBEDTLS_TEST_HOOKS)
 int mbedtls_ssl_check_dtls_clihlo_cookie(
-                          mbedtls_ssl_context *ssl,
-                          const unsigned char *cli_id, size_t cli_id_len,
-                          const unsigned char *in, size_t in_len,
-                          unsigned char *obuf, size_t buf_len, size_t *olen );
+    mbedtls_ssl_context *ssl,
+    const unsigned char *cli_id, size_t cli_id_len,
+    const unsigned char *in, size_t in_len,
+    unsigned char *obuf, size_t buf_len, size_t *olen);
 #endif
 
 #endif /* ssl_internal.h */

thirdparty/mbedtls/include/mbedtls/ssl_ticket.h

@@ -48,8 +48,7 @@ extern "C" {
 /**
  * \brief   Information for session ticket protection
  */
-typedef struct mbedtls_ssl_ticket_key
-{
+typedef struct mbedtls_ssl_ticket_key {
     unsigned char name[4];          /*!< random key identifier              */
     uint32_t generation_time;       /*!< key generation timestamp (seconds) */
     mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
@@ -59,8 +58,7 @@ mbedtls_ssl_ticket_key;
 /**
  * \brief   Context for session ticket handling functions
  */
-typedef struct mbedtls_ssl_ticket_context
-{
+typedef struct mbedtls_ssl_ticket_context {
     mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
     unsigned char active;           /*!< index of the currently active key  */
 
@@ -83,7 +81,7 @@ mbedtls_ssl_ticket_context;
  *
  * \param ctx       Context to be initialized
  */
-void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
+void mbedtls_ssl_ticket_init(mbedtls_ssl_ticket_context *ctx);
 
 /**
  * \brief           Prepare context to be actually used
@@ -107,10 +105,10 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
  * \return          0 if successful,
  *                  or a specific MBEDTLS_ERR_XXX error code
  */
-int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
-    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
-    mbedtls_cipher_type_t cipher,
-    uint32_t lifetime );
+int mbedtls_ssl_ticket_setup(mbedtls_ssl_ticket_context *ctx,
+                             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                             mbedtls_cipher_type_t cipher,
+                             uint32_t lifetime);
 
 /**
  * \brief           Implementation of the ticket write callback
@@ -131,7 +129,7 @@ mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
  *
  * \param ctx       Context to be cleaned up
  */
-void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
+void mbedtls_ssl_ticket_free(mbedtls_ssl_ticket_context *ctx);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/threading.h

@@ -46,8 +46,7 @@ extern "C" {
 
 #if defined(MBEDTLS_THREADING_PTHREAD)
 #include <pthread.h>
-typedef struct mbedtls_threading_mutex_t
-{
+typedef struct mbedtls_threading_mutex_t {
     pthread_mutex_t mutex;
     /* is_valid is 0 after a failed init or a free, and nonzero after a
      * successful init. This field is not considered part of the public
@@ -78,15 +77,15 @@ typedef struct mbedtls_threading_mutex_t
  * \param mutex_lock    the lock function implementation
  * \param mutex_unlock  the unlock function implementation
  */
-void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ),
-                       void (*mutex_free)( mbedtls_threading_mutex_t * ),
-                       int (*mutex_lock)( mbedtls_threading_mutex_t * ),
-                       int (*mutex_unlock)( mbedtls_threading_mutex_t * ) );
+void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *),
+                               void (*mutex_free)(mbedtls_threading_mutex_t *),
+                               int (*mutex_lock)(mbedtls_threading_mutex_t *),
+                               int (*mutex_unlock)(mbedtls_threading_mutex_t *));
 
 /**
  * \brief               Free global mutexes.
  */
-void mbedtls_threading_free_alt( void );
+void mbedtls_threading_free_alt(void);
 #endif /* MBEDTLS_THREADING_ALT */
 
 #if defined(MBEDTLS_THREADING_C)
@@ -95,10 +94,10 @@ void mbedtls_threading_free_alt( void );
  *
  * All these functions are expected to work or the result will be undefined.
  */
-extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex );
-extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex );
-extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex );
-extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex );
+extern void (*mbedtls_mutex_init)(mbedtls_threading_mutex_t *mutex);
+extern void (*mbedtls_mutex_free)(mbedtls_threading_mutex_t *mutex);
+extern int (*mbedtls_mutex_lock)(mbedtls_threading_mutex_t *mutex);
+extern int (*mbedtls_mutex_unlock)(mbedtls_threading_mutex_t *mutex);
 
 /*
  * Global mutexes

thirdparty/mbedtls/include/mbedtls/timing.h

@@ -41,16 +41,14 @@ extern "C" {
 /**
  * \brief          timer structure
  */
-struct mbedtls_timing_hr_time
-{
+struct mbedtls_timing_hr_time {
     unsigned char opaque[32];
 };
 
 /**
  * \brief          Context for mbedtls_timing_set/get_delay()
  */
-typedef struct mbedtls_timing_delay_context
-{
+typedef struct mbedtls_timing_delay_context {
     struct mbedtls_timing_hr_time   timer;
     uint32_t                        int_ms;
     uint32_t                        fin_ms;
@@ -72,7 +70,7 @@ extern volatile int mbedtls_timing_alarmed;
  * \note           This value starts at an unspecified origin and
  *                 may wrap around.
  */
-unsigned long mbedtls_timing_hardclock( void );
+unsigned long mbedtls_timing_hardclock(void);
 
 /**
  * \brief          Return the elapsed time in milliseconds
@@ -91,7 +89,7 @@ unsigned long mbedtls_timing_hardclock( void );
  *                 get_timer(0) }` the value time1+time2 is only approximately
  *                 the delay since the first reset.
  */
-unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
+unsigned long mbedtls_timing_get_timer(struct mbedtls_timing_hr_time *val, int reset);
 
 /**
  * \brief          Setup an alarm clock
@@ -103,7 +101,7 @@ unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int
  *                 context, this means one for the whole process, not one per
  *                 thread.
  */
-void mbedtls_set_alarm( int seconds );
+void mbedtls_set_alarm(int seconds);
 
 /**
  * \brief          Set a pair of delays to watch
@@ -119,7 +117,7 @@ void mbedtls_set_alarm( int seconds );
  * \note           To set a single delay, either use \c mbedtls_timing_set_timer
  *                 directly or use this function with int_ms == fin_ms.
  */
-void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
+void mbedtls_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms);
 
 /**
  * \brief          Get the status of delays
@@ -133,7 +131,7 @@ void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
  *                  1 if only the intermediate delay is passed,
  *                  2 if the final delay is passed.
  */
-int mbedtls_timing_get_delay( void *data );
+int mbedtls_timing_get_delay(void *data);
 
 #if defined(MBEDTLS_SELF_TEST)
 /**
@@ -141,7 +139,7 @@ int mbedtls_timing_get_delay( void *data );
  *
  * \return         0 if successful, or 1 if a test failed
  */
-int mbedtls_timing_self_test( int verbose );
+int mbedtls_timing_self_test(int verbose);
 #endif
 
 #ifdef __cplusplus

thirdparty/mbedtls/include/mbedtls/version.h

@@ -38,16 +38,16 @@
  */
 #define MBEDTLS_VERSION_MAJOR  2
 #define MBEDTLS_VERSION_MINOR  28
-#define MBEDTLS_VERSION_PATCH  2
+#define MBEDTLS_VERSION_PATCH  3
 
 /**
  * The single version number has the following structure:
  *    MMNNPP00
  *    Major version | Minor version | Patch version
  */
-#define MBEDTLS_VERSION_NUMBER         0x021C0200
-#define MBEDTLS_VERSION_STRING         "2.28.2"
-#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.28.2"
+#define MBEDTLS_VERSION_NUMBER         0x021C0300
+#define MBEDTLS_VERSION_STRING         "2.28.3"
+#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.28.3"
 
 #if defined(MBEDTLS_VERSION_C)
 
@@ -61,7 +61,7 @@ extern "C" {
  * \return          The constructed version number in the format
  *                  MMNNPP00 (Major, Minor, Patch).
  */
-unsigned int mbedtls_version_get_number( void );
+unsigned int mbedtls_version_get_number(void);
 
 /**
  * Get the version string ("x.y.z").
@@ -69,7 +69,7 @@ unsigned int mbedtls_version_get_number( void );
  * \param string    The string that will receive the value.
  *                  (Should be at least 9 bytes in size)
  */
-void mbedtls_version_get_string( char *string );
+void mbedtls_version_get_string(char *string);
 
 /**
  * Get the full version string ("mbed TLS x.y.z").
@@ -80,7 +80,7 @@ void mbedtls_version_get_string( char *string );
  *                  (So the buffer should be at least 18 bytes to receive this
  *                  version string).
  */
-void mbedtls_version_get_string_full( char *string );
+void mbedtls_version_get_string_full(char *string);
 
 /**
  * \brief           Check if support for a feature was compiled into this
@@ -99,7 +99,7 @@ void mbedtls_version_get_string_full( char *string );
  *                  -2 if support for feature checking as a whole was not
  *                  compiled in.
  */
-int mbedtls_version_check_feature( const char *feature );
+int mbedtls_version_check_feature(const char *feature);
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/x509.h

@@ -247,8 +247,7 @@ typedef mbedtls_asn1_named_data mbedtls_x509_name;
 typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
 
 /** Container for date and time (precision in seconds). */
-typedef struct mbedtls_x509_time
-{
+typedef struct mbedtls_x509_time {
     int year, mon, day;         /**< Date. */
     int hour, min, sec;         /**< Time. */
 }
@@ -267,7 +266,7 @@ mbedtls_x509_time;
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
+int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn);
 
 /**
  * \brief          Store the certificate serial in printable form into buf;
@@ -280,7 +279,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial );
+int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial);
 
 /**
  * \brief          Check a given mbedtls_x509_time against the system time
@@ -294,7 +293,7 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se
  * \return         1 if the given time is in the past or an error occurred,
  *                 0 otherwise.
  */
-int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
+int mbedtls_x509_time_is_past(const mbedtls_x509_time *to);
 
 /**
  * \brief          Check a given mbedtls_x509_time against the system time
@@ -308,7 +307,7 @@ int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
  * \return         1 if the given time is in the future or an error occurred,
  *                 0 otherwise.
  */
-int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
+int mbedtls_x509_time_is_future(const mbedtls_x509_time *from);
 
 /** \} addtogroup x509_module */
 
@@ -319,7 +318,7 @@ int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_x509_self_test( int verbose );
+int mbedtls_x509_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 
@@ -327,51 +326,51 @@ int mbedtls_x509_self_test( int verbose );
  * Internal module functions. You probably do not want to use these unless you
  * know you do.
  */
-int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
-                   mbedtls_x509_name *cur );
-int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
-                       mbedtls_x509_buf *alg );
-int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
-                  mbedtls_x509_buf *alg, mbedtls_x509_buf *params );
+int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
+                          mbedtls_x509_name *cur);
+int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end,
+                              mbedtls_x509_buf *alg);
+int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end,
+                         mbedtls_x509_buf *alg, mbedtls_x509_buf *params);
 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
-                                mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
-                                int *salt_len );
+int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params,
+                                       mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
+                                       int *salt_len);
 #endif
-int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig );
-int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
-                      mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
-                      void **sig_opts );
-int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
-                   mbedtls_x509_time *t );
-int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
-                     mbedtls_x509_buf *serial );
-int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
-                  mbedtls_x509_buf *ext, int tag );
-int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
-                       mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
-                       const void *sig_opts );
-int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name );
-int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
-int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
-                        int critical, const unsigned char *val,
-                        size_t val_len );
-int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
-                           mbedtls_asn1_named_data *first );
-int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
-                      mbedtls_asn1_named_data *first );
-int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
-                    const char *oid, size_t oid_len,
-                    unsigned char *sig, size_t size );
+int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
+int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+                             mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
+                             void **sig_opts);
+int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
+                          mbedtls_x509_time *t);
+int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
+                            mbedtls_x509_buf *serial);
+int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end,
+                         mbedtls_x509_buf *ext, int tag);
+int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+                              mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                              const void *sig_opts);
+int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
+int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name);
+int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+                               int critical, const unsigned char *val,
+                               size_t val_len);
+int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start,
+                                  mbedtls_asn1_named_data *first);
+int mbedtls_x509_write_names(unsigned char **p, unsigned char *start,
+                             mbedtls_asn1_named_data *first);
+int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len,
+                           unsigned char *sig, size_t size);
 
 #define MBEDTLS_X509_SAFE_SNPRINTF                          \
     do {                                                    \
-        if( ret < 0 || (size_t) ret >= n )                  \
-            return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );    \
-                                                            \
+        if (ret < 0 || (size_t) ret >= n)                  \
+        return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;    \
+                                                          \
         n -= (size_t) ret;                                  \
         p += (size_t) ret;                                  \
-    } while( 0 )
+    } while (0)
 
 #ifdef __cplusplus
 }

thirdparty/mbedtls/include/mbedtls/x509_crl.h

@@ -47,8 +47,7 @@ extern "C" {
  * Certificate revocation list entry.
  * Contains the CA-specific serial numbers and revocation dates.
  */
-typedef struct mbedtls_x509_crl_entry
-{
+typedef struct mbedtls_x509_crl_entry {
     mbedtls_x509_buf raw;
 
     mbedtls_x509_buf serial;
@@ -65,8 +64,7 @@ mbedtls_x509_crl_entry;
  * Certificate revocation list structure.
  * Every CRL may have multiple entries.
  */
-typedef struct mbedtls_x509_crl
-{
+typedef struct mbedtls_x509_crl {
     mbedtls_x509_buf raw;           /**< The raw certificate data (DER). */
     mbedtls_x509_buf tbs;           /**< The raw certificate body (DER). The part that is To Be Signed. */
 
@@ -97,6 +95,10 @@ mbedtls_x509_crl;
 /**
  * \brief          Parse a DER-encoded CRL and append it to the chained list
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    points to the start of the chain
  * \param buf      buffer holding the CRL data in DER format
  * \param buflen   size of the buffer
@@ -104,13 +106,17 @@ mbedtls_x509_crl;
  *
  * \return         0 if successful, or a specific X509 or PEM error code
  */
-int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
-                        const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain,
+                               const unsigned char *buf, size_t buflen);
 /**
  * \brief          Parse one or more CRLs and append them to the chained list
  *
  * \note           Multiple CRLs are accepted only if using PEM format
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    points to the start of the chain
  * \param buf      buffer holding the CRL data in PEM or DER format
  * \param buflen   size of the buffer
@@ -118,7 +124,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
  *
  * \return         0 if successful, or a specific X509 or PEM error code
  */
-int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crl_parse(mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -126,12 +132,16 @@ int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, s
  *
  * \note           Multiple CRLs are accepted only if using PEM format
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    points to the start of the chain
  * \param path     filename to read the CRLs from (in PEM or DER encoding)
  *
  * \return         0 if successful, or a specific X509 or PEM error code
  */
-int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
+int mbedtls_x509_crl_parse_file(mbedtls_x509_crl *chain, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 /**
@@ -145,22 +155,22 @@ int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_crl *crl );
+int mbedtls_x509_crl_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_crl *crl);
 
 /**
  * \brief          Initialize a CRL (chain)
  *
  * \param crl      CRL chain to initialize
  */
-void mbedtls_x509_crl_init( mbedtls_x509_crl *crl );
+void mbedtls_x509_crl_init(mbedtls_x509_crl *crl);
 
 /**
  * \brief          Unallocate all CRL data
  *
  * \param crl      CRL chain to free
  */
-void mbedtls_x509_crl_free( mbedtls_x509_crl *crl );
+void mbedtls_x509_crl_free(mbedtls_x509_crl *crl);
 
 /** \} name Structures and functions for parsing CRLs */
 /** \} addtogroup x509_module */

thirdparty/mbedtls/include/mbedtls/x509_crt.h

@@ -49,8 +49,7 @@ extern "C" {
 /**
  * Container for an X.509 certificate. The certificate may be chained.
  */
-typedef struct mbedtls_x509_crt
-{
+typedef struct mbedtls_x509_crt {
     int own_buffer;                     /**< Indicates if \c raw is owned
                                          *   by the structure or not.        */
     mbedtls_x509_buf raw;               /**< The raw certificate data (DER). */
@@ -104,24 +103,21 @@ mbedtls_x509_crt;
  *      type-id    OBJECT IDENTIFIER,
  *      value      [0] EXPLICIT ANY DEFINED BY type-id }
  */
-typedef struct mbedtls_x509_san_other_name
-{
+typedef struct mbedtls_x509_san_other_name {
     /**
      * The type_id is an OID as defined in RFC 5280.
      * To check the value of the type id, you should use
      * \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
      */
     mbedtls_x509_buf type_id;                   /**< The type id. */
-    union
-    {
+    union {
         /**
          * From RFC 4108 section 5:
          * HardwareModuleName ::= SEQUENCE {
          *                         hwType OBJECT IDENTIFIER,
          *                         hwSerialNum OCTET STRING }
          */
-        struct
-        {
+        struct {
             mbedtls_x509_buf oid;               /**< The object identifier. */
             mbedtls_x509_buf val;               /**< The named value. */
         }
@@ -134,8 +130,7 @@ mbedtls_x509_san_other_name;
 /**
  * A structure for holding the parsed Subject Alternative Name, according to type
  */
-typedef struct mbedtls_x509_subject_alternative_name
-{
+typedef struct mbedtls_x509_subject_alternative_name {
     int type;                              /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
     union {
         mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
@@ -149,15 +144,14 @@ mbedtls_x509_subject_alternative_name;
  * Build flag from an algorithm/curve identifier (pk, md, ecp)
  * Since 0 is always XXX_NONE, ignore it.
  */
-#define MBEDTLS_X509_ID_FLAG( id )   ( 1 << ( (id) - 1 ) )
+#define MBEDTLS_X509_ID_FLAG(id)   (1 << ((id) - 1))
 
 /**
  * Security profile for certificate verification.
  *
  * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
  */
-typedef struct mbedtls_x509_crt_profile
-{
+typedef struct mbedtls_x509_crt_profile {
     uint32_t allowed_mds;       /**< MDs for signatures         */
     uint32_t allowed_pks;       /**< PK algs for public keys;
                                  *   this applies to all certificates
@@ -174,15 +168,14 @@ mbedtls_x509_crt_profile;
 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN   15
 
-#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN )
+#if !defined(MBEDTLS_X509_MAX_FILE_PATH_LEN)
 #define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
 #endif
 
 /**
  * Container for writing a certificate (CRT)
  */
-typedef struct mbedtls_x509write_cert
-{
+typedef struct mbedtls_x509write_cert {
     int version;
     mbedtls_mpi serial;
     mbedtls_pk_context *subject_key;
@@ -207,13 +200,12 @@ typedef struct {
 /**
  * Max size of verification chain: end-entity + intermediates + trusted root
  */
-#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE  ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
+#define MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE  (MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2)
 
 /**
  * Verification chain as built by \c mbedtls_crt_verify_chain()
  */
-typedef struct
-{
+typedef struct {
     mbedtls_x509_crt_verify_chain_item items[MBEDTLS_X509_MAX_VERIFY_CHAIN_SIZE];
     unsigned len;
 
@@ -231,8 +223,7 @@ typedef struct
 /**
  * \brief       Context for resuming X.509 verify operations
  */
-typedef struct
-{
+typedef struct {
     /* for check_signature() */
     mbedtls_pk_restart_ctx pk;
 
@@ -292,6 +283,10 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
  * \brief          Parse a single DER formatted certificate and add it
  *                 to the end of the provided chained list.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    The pointer to the start of the CRT chain to attach to.
  *                 When parsing the first CRT in a chain, this should point
  *                 to an instance of ::mbedtls_x509_crt initialized through
@@ -308,9 +303,9 @@ extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
-                                const unsigned char *buf,
-                                size_t buflen );
+int mbedtls_x509_crt_parse_der(mbedtls_x509_crt *chain,
+                               const unsigned char *buf,
+                               size_t buflen);
 
 /**
  * \brief          The type of certificate extension callbacks.
@@ -342,17 +337,21 @@ int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain,
  * \return         \c 0 on success.
  * \return         A negative error code on failure.
  */
-typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
-                                          mbedtls_x509_crt const *crt,
-                                          mbedtls_x509_buf const *oid,
-                                          int critical,
-                                          const unsigned char *p,
-                                          const unsigned char *end );
+typedef int (*mbedtls_x509_crt_ext_cb_t)(void *p_ctx,
+                                         mbedtls_x509_crt const *crt,
+                                         mbedtls_x509_buf const *oid,
+                                         int critical,
+                                         const unsigned char *p,
+                                         const unsigned char *end);
 
 /**
  * \brief            Parse a single DER formatted certificate and add it
  *                   to the end of the provided chained list.
  *
+ * \note             If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                   subsystem must have been initialized by calling
+ *                   psa_crypto_init() before calling this function.
+ *
  * \param chain      The pointer to the start of the CRT chain to attach to.
  *                   When parsing the first CRT in a chain, this should point
  *                   to an instance of ::mbedtls_x509_crt initialized through
@@ -389,12 +388,12 @@ typedef int (*mbedtls_x509_crt_ext_cb_t)( void *p_ctx,
  * \return           \c 0 if successful.
  * \return           A negative error code on failure.
  */
-int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
-                                            const unsigned char *buf,
-                                            size_t buflen,
-                                            int make_copy,
-                                            mbedtls_x509_crt_ext_cb_t cb,
-                                            void *p_ctx );
+int mbedtls_x509_crt_parse_der_with_ext_cb(mbedtls_x509_crt *chain,
+                                           const unsigned char *buf,
+                                           size_t buflen,
+                                           int make_copy,
+                                           mbedtls_x509_crt_ext_cb_t cb,
+                                           void *p_ctx);
 
 /**
  * \brief          Parse a single DER formatted certificate and add it
@@ -403,6 +402,10 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
  *                 temporary ownership of the CRT buffer until the CRT
  *                 is destroyed.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    The pointer to the start of the CRT chain to attach to.
  *                 When parsing the first CRT in a chain, this should point
  *                 to an instance of ::mbedtls_x509_crt initialized through
@@ -423,9 +426,9 @@ int mbedtls_x509_crt_parse_der_with_ext_cb( mbedtls_x509_crt *chain,
  * \return         \c 0 if successful.
  * \return         A negative error code on failure.
  */
-int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
-                                       const unsigned char *buf,
-                                       size_t buflen );
+int mbedtls_x509_crt_parse_der_nocopy(mbedtls_x509_crt *chain,
+                                      const unsigned char *buf,
+                                      size_t buflen);
 
 /**
  * \brief          Parse one DER-encoded or one or more concatenated PEM-encoded
@@ -443,6 +446,10 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
  *                 long as the certificates are enclosed in the PEM specific
  *                 '-----{BEGIN/END} CERTIFICATE-----' delimiters.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    The chain to which to add the parsed certificates.
  * \param buf      The buffer holding the certificate data in PEM or DER format.
  *                 For certificates in PEM encoding, this may be a concatenation
@@ -457,7 +464,7 @@ int mbedtls_x509_crt_parse_der_nocopy( mbedtls_x509_crt *chain,
  * \return         A negative X509 or PEM error code otherwise.
  *
  */
-int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_crt_parse(mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -467,13 +474,17 @@ int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, s
  *                 of failed certificates it encountered. If none complete
  *                 correctly, the first error is returned.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param chain    points to the start of the chain
  * \param path     filename to read the certificates from
  *
  * \return         0 if all certificates parsed successfully, a positive number
  *                 if partly successful or a specific X509 or PEM error code
  */
-int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
+int mbedtls_x509_crt_parse_file(mbedtls_x509_crt *chain, const char *path);
 
 /**
  * \brief          Load one or more certificate files from a path and add them
@@ -488,7 +499,7 @@ int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
  * \return         0 if all certificates parsed successfully, a positive number
  *                 if partly successful or a specific X509 or PEM error code
  */
-int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
+int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path);
 
 #endif /* MBEDTLS_FS_IO */
 /**
@@ -518,8 +529,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
  *                 SAN type.
  * \return         Another negative value for any other failure.
  */
-int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
-                                         mbedtls_x509_subject_alternative_name *san );
+int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
+                                        mbedtls_x509_subject_alternative_name *san);
 /**
  * \brief          Returns an informational string about the
  *                 certificate.
@@ -532,8 +543,8 @@ int mbedtls_x509_parse_subject_alt_name( const mbedtls_x509_buf *san_buf,
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_crt *crt );
+int mbedtls_x509_crt_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_crt *crt);
 
 /**
  * \brief          Returns an informational string about the
@@ -547,8 +558,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
-                          uint32_t flags );
+int mbedtls_x509_crt_verify_info(char *buf, size_t size, const char *prefix,
+                                 uint32_t flags);
 
 /**
  * \brief          Verify a chain of certificates.
@@ -616,12 +627,12 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
  * \return         Another negative error code in case of a fatal error
  *                 encountered during the verification process.
  */
-int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+int mbedtls_x509_crt_verify(mbedtls_x509_crt *crt,
+                            mbedtls_x509_crt *trust_ca,
+                            mbedtls_x509_crl *ca_crl,
+                            const char *cn, uint32_t *flags,
+                            int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                            void *p_vrfy);
 
 /**
  * \brief          Verify a chain of certificates with respect to
@@ -657,13 +668,13 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
  * \return         Another negative error code in case of a fatal error
  *                 encountered during the verification process.
  */
-int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+int mbedtls_x509_crt_verify_with_profile(mbedtls_x509_crt *crt,
+                                         mbedtls_x509_crt *trust_ca,
+                                         mbedtls_x509_crl *ca_crl,
+                                         const mbedtls_x509_crt_profile *profile,
+                                         const char *cn, uint32_t *flags,
+                                         int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                         void *p_vrfy);
 
 /**
  * \brief          Restartable version of \c mbedtls_crt_verify_with_profile()
@@ -691,14 +702,14 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
  * \return         #MBEDTLS_ERR_ECP_IN_PROGRESS if maximum number of
  *                 operations was reached: see \c mbedtls_ecp_set_max_ops().
  */
-int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt *trust_ca,
-                     mbedtls_x509_crl *ca_crl,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy,
-                     mbedtls_x509_crt_restart_ctx *rs_ctx );
+int mbedtls_x509_crt_verify_restartable(mbedtls_x509_crt *crt,
+                                        mbedtls_x509_crt *trust_ca,
+                                        mbedtls_x509_crl *ca_crl,
+                                        const mbedtls_x509_crt_profile *profile,
+                                        const char *cn, uint32_t *flags,
+                                        int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                        void *p_vrfy,
+                                        mbedtls_x509_crt_restart_ctx *rs_ctx);
 
 /**
  * \brief               The type of trusted certificate callbacks.
@@ -730,9 +741,9 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
  *                      to the caller.
  * \return              A negative error code on failure.
  */
-typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
-                                         mbedtls_x509_crt const *child,
-                                         mbedtls_x509_crt **candidate_cas );
+typedef int (*mbedtls_x509_crt_ca_cb_t)(void *p_ctx,
+                                        mbedtls_x509_crt const *child,
+                                        mbedtls_x509_crt **candidate_cas);
 
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
 /**
@@ -757,13 +768,13 @@ typedef int (*mbedtls_x509_crt_ca_cb_t)( void *p_ctx,
  *
  * \return         See \c mbedtls_crt_verify_with_profile().
  */
-int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
-                     mbedtls_x509_crt_ca_cb_t f_ca_cb,
-                     void *p_ca_cb,
-                     const mbedtls_x509_crt_profile *profile,
-                     const char *cn, uint32_t *flags,
-                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
-                     void *p_vrfy );
+int mbedtls_x509_crt_verify_with_ca_cb(mbedtls_x509_crt *crt,
+                                       mbedtls_x509_crt_ca_cb_t f_ca_cb,
+                                       void *p_ca_cb,
+                                       const mbedtls_x509_crt_profile *profile,
+                                       const char *cn, uint32_t *flags,
+                                       int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                                       void *p_vrfy);
 
 #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */
 
@@ -789,8 +800,8 @@ int mbedtls_x509_crt_verify_with_ca_cb( mbedtls_x509_crt *crt,
  *                 (intermediate) CAs the keyUsage extension is automatically
  *                 checked by \c mbedtls_x509_crt_verify().
  */
-int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
-                                      unsigned int usage );
+int mbedtls_x509_crt_check_key_usage(const mbedtls_x509_crt *crt,
+                                     unsigned int usage);
 #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */
 
 #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
@@ -807,9 +818,9 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
  *
  * \note            Usually only makes sense on leaf certificates.
  */
-int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
-                                               const char *usage_oid,
-                                               size_t usage_len );
+int mbedtls_x509_crt_check_extended_key_usage(const mbedtls_x509_crt *crt,
+                                              const char *usage_oid,
+                                              size_t usage_len);
 #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
 
 #if defined(MBEDTLS_X509_CRL_PARSE_C)
@@ -822,7 +833,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
  * \return         1 if the certificate is revoked, 0 otherwise
  *
  */
-int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl );
+int mbedtls_x509_crt_is_revoked(const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl);
 #endif /* MBEDTLS_X509_CRL_PARSE_C */
 
 /**
@@ -830,25 +841,25 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509
  *
  * \param crt      Certificate chain to initialize
  */
-void mbedtls_x509_crt_init( mbedtls_x509_crt *crt );
+void mbedtls_x509_crt_init(mbedtls_x509_crt *crt);
 
 /**
  * \brief          Unallocate all certificate data
  *
  * \param crt      Certificate chain to free
  */
-void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
+void mbedtls_x509_crt_free(mbedtls_x509_crt *crt);
 
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
 /**
  * \brief           Initialize a restart context
  */
-void mbedtls_x509_crt_restart_init( mbedtls_x509_crt_restart_ctx *ctx );
+void mbedtls_x509_crt_restart_init(mbedtls_x509_crt_restart_ctx *ctx);
 
 /**
  * \brief           Free the components of a restart context
  */
-void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
+void mbedtls_x509_crt_restart_free(mbedtls_x509_crt_restart_ctx *ctx);
 #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
@@ -860,7 +871,7 @@ void mbedtls_x509_crt_restart_free( mbedtls_x509_crt_restart_ctx *ctx );
  *
  * \param ctx       CRT context to initialize
  */
-void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
+void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx);
 
 /**
  * \brief           Set the version for a Certificate
@@ -870,7 +881,7 @@ void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
  * \param version   version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
  *                                  MBEDTLS_X509_CRT_VERSION_3)
  */
-void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version );
+void mbedtls_x509write_crt_set_version(mbedtls_x509write_cert *ctx, int version);
 
 /**
  * \brief           Set the serial number for a Certificate.
@@ -880,7 +891,7 @@ void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version
  *
  * \return          0 if successful
  */
-int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial );
+int mbedtls_x509write_crt_set_serial(mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial);
 
 /**
  * \brief           Set the validity period for a Certificate
@@ -896,8 +907,8 @@ int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls
  * \return          0 if timestamp was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
-                                const char *not_after );
+int mbedtls_x509write_crt_set_validity(mbedtls_x509write_cert *ctx, const char *not_before,
+                                       const char *not_after);
 
 /**
  * \brief           Set the issuer name for a Certificate
@@ -911,8 +922,8 @@ int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char
  * \return          0 if issuer name was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
-                                   const char *issuer_name );
+int mbedtls_x509write_crt_set_issuer_name(mbedtls_x509write_cert *ctx,
+                                          const char *issuer_name);
 
 /**
  * \brief           Set the subject name for a Certificate
@@ -926,8 +937,8 @@ int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
  * \return          0 if subject name was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
-                                    const char *subject_name );
+int mbedtls_x509write_crt_set_subject_name(mbedtls_x509write_cert *ctx,
+                                           const char *subject_name);
 
 /**
  * \brief           Set the subject public key for the certificate
@@ -935,7 +946,7 @@ int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
  * \param ctx       CRT context to use
  * \param key       public key to include
  */
-void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_crt_set_subject_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
 
 /**
  * \brief           Set the issuer key used for signing the certificate
@@ -943,7 +954,7 @@ void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls
  * \param ctx       CRT context to use
  * \param key       private key to sign with
  */
-void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_crt_set_issuer_key(mbedtls_x509write_cert *ctx, mbedtls_pk_context *key);
 
 /**
  * \brief           Set the MD algorithm to use for the signature
@@ -952,7 +963,7 @@ void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_
  * \param ctx       CRT context to use
  * \param md_alg    MD algorithm to use
  */
-void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg );
+void mbedtls_x509write_crt_set_md_alg(mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg);
 
 /**
  * \brief           Generic function to add to or replace an extension in the
@@ -967,10 +978,10 @@ void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_t
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
-                                 const char *oid, size_t oid_len,
-                                 int critical,
-                                 const unsigned char *val, size_t val_len );
+int mbedtls_x509write_crt_set_extension(mbedtls_x509write_cert *ctx,
+                                        const char *oid, size_t oid_len,
+                                        int critical,
+                                        const unsigned char *val, size_t val_len);
 
 /**
  * \brief           Set the basicConstraints extension for a CRT
@@ -983,8 +994,8 @@ int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
-                                         int is_ca, int max_pathlen );
+int mbedtls_x509write_crt_set_basic_constraints(mbedtls_x509write_cert *ctx,
+                                                int is_ca, int max_pathlen);
 
 #if defined(MBEDTLS_SHA1_C)
 /**
@@ -996,7 +1007,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx );
+int mbedtls_x509write_crt_set_subject_key_identifier(mbedtls_x509write_cert *ctx);
 
 /**
  * \brief           Set the authorityKeyIdentifier extension for a CRT
@@ -1007,7 +1018,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
+int mbedtls_x509write_crt_set_authority_key_identifier(mbedtls_x509write_cert *ctx);
 #endif /* MBEDTLS_SHA1_C */
 
 /**
@@ -1019,8 +1030,8 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
  *
  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
-                                         unsigned int key_usage );
+int mbedtls_x509write_crt_set_key_usage(mbedtls_x509write_cert *ctx,
+                                        unsigned int key_usage);
 
 /**
  * \brief           Set the Netscape Cert Type flags
@@ -1031,15 +1042,15 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
  *
  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
-                                    unsigned char ns_cert_type );
+int mbedtls_x509write_crt_set_ns_cert_type(mbedtls_x509write_cert *ctx,
+                                           unsigned char ns_cert_type);
 
 /**
  * \brief           Free the contents of a CRT write context
  *
  * \param ctx       CRT context to free
  */
-void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
+void mbedtls_x509write_crt_free(mbedtls_x509write_cert *ctx);
 
 /**
  * \brief           Write a built up certificate to a X509 DER structure
@@ -1061,9 +1072,9 @@ void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
  *                  for countermeasures against timing attacks).
  *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
+int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
 
 #if defined(MBEDTLS_PEM_WRITE_C)
 /**
@@ -1082,9 +1093,9 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
  *                  for countermeasures against timing attacks).
  *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
+int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
 #endif /* MBEDTLS_PEM_WRITE_C */
 #endif /* MBEDTLS_X509_CRT_WRITE_C */
 

thirdparty/mbedtls/include/mbedtls/x509_csr.h

@@ -46,8 +46,7 @@ extern "C" {
 /**
  * Certificate Signing Request (CSR) structure.
  */
-typedef struct mbedtls_x509_csr
-{
+typedef struct mbedtls_x509_csr {
     mbedtls_x509_buf raw;           /**< The raw CSR data (DER). */
     mbedtls_x509_buf cri;           /**< The raw CertificateRequestInfo body (DER). */
 
@@ -69,8 +68,7 @@ mbedtls_x509_csr;
 /**
  * Container for writing a CSR
  */
-typedef struct mbedtls_x509write_csr
-{
+typedef struct mbedtls_x509write_csr {
     mbedtls_pk_context *key;
     mbedtls_asn1_named_data *subject;
     mbedtls_md_type_t md_alg;
@@ -84,20 +82,28 @@ mbedtls_x509write_csr;
  *
  * \note           CSR attributes (if any) are currently silently ignored.
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param csr      CSR context to fill
  * \param buf      buffer holding the CRL data
  * \param buflen   size of the buffer
  *
  * \return         0 if successful, or a specific X509 error code
  */
-int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
-                        const unsigned char *buf, size_t buflen );
+int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
+                               const unsigned char *buf, size_t buflen);
 
 /**
  * \brief          Load a Certificate Signing Request (CSR), DER or PEM format
  *
  * \note           See notes for \c mbedtls_x509_csr_parse_der()
  *
+ * \note           If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto
+ *                 subsystem must have been initialized by calling
+ *                 psa_crypto_init() before calling this function.
+ *
  * \param csr      CSR context to fill
  * \param buf      buffer holding the CRL data
  * \param buflen   size of the buffer
@@ -105,7 +111,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
  *
  * \return         0 if successful, or a specific X509 or PEM error code
  */
-int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen );
+int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen);
 
 #if defined(MBEDTLS_FS_IO)
 /**
@@ -118,7 +124,7 @@ int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, siz
  *
  * \return         0 if successful, or a specific X509 or PEM error code
  */
-int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
+int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path);
 #endif /* MBEDTLS_FS_IO */
 
 /**
@@ -133,22 +139,22 @@ int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
  * \return         The length of the string written (not including the
  *                 terminated nul byte), or a negative error code.
  */
-int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
-                   const mbedtls_x509_csr *csr );
+int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
+                          const mbedtls_x509_csr *csr);
 
 /**
  * \brief          Initialize a CSR
  *
  * \param csr      CSR to initialize
  */
-void mbedtls_x509_csr_init( mbedtls_x509_csr *csr );
+void mbedtls_x509_csr_init(mbedtls_x509_csr *csr);
 
 /**
  * \brief          Unallocate all CSR data
  *
  * \param csr      CSR to free
  */
-void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
+void mbedtls_x509_csr_free(mbedtls_x509_csr *csr);
 #endif /* MBEDTLS_X509_CSR_PARSE_C */
 
 /** \} name Structures and functions for X.509 Certificate Signing Requests (CSR) */
@@ -159,7 +165,7 @@ void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
  *
  * \param ctx       CSR context to initialize
  */
-void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
+void mbedtls_x509write_csr_init(mbedtls_x509write_csr *ctx);
 
 /**
  * \brief           Set the subject name for a CSR
@@ -173,8 +179,8 @@ void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
  * \return          0 if subject name was parsed successfully, or
  *                  a specific error code
  */
-int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
-                                    const char *subject_name );
+int mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr *ctx,
+                                           const char *subject_name);
 
 /**
  * \brief           Set the key for a CSR (public key will be included,
@@ -183,7 +189,7 @@ int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
  * \param ctx       CSR context to use
  * \param key       Asymmetric key to include
  */
-void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key );
+void mbedtls_x509write_csr_set_key(mbedtls_x509write_csr *ctx, mbedtls_pk_context *key);
 
 /**
  * \brief           Set the MD algorithm to use for the signature
@@ -192,7 +198,7 @@ void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_conte
  * \param ctx       CSR context to use
  * \param md_alg    MD algorithm to use
  */
-void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg );
+void mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg);
 
 /**
  * \brief           Set the Key Usage Extension flags
@@ -211,7 +217,7 @@ void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_ty
  *                  #MBEDTLS_X509_KU_DECIPHER_ONLY) cannot be set using this
  *                  function.
  */
-int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
+int mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr *ctx, unsigned char key_usage);
 
 /**
  * \brief           Set the Netscape Cert Type flags
@@ -222,8 +228,8 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch
  *
  * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
-                                    unsigned char ns_cert_type );
+int mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr *ctx,
+                                           unsigned char ns_cert_type);
 
 /**
  * \brief           Generic function to add to or replace an extension in the
@@ -237,16 +243,16 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
  *
  * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
  */
-int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
-                                 const char *oid, size_t oid_len,
-                                 const unsigned char *val, size_t val_len );
+int mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr *ctx,
+                                        const char *oid, size_t oid_len,
+                                        const unsigned char *val, size_t val_len);
 
 /**
  * \brief           Free the contents of a CSR context
  *
  * \param ctx       CSR context to free
  */
-void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
+void mbedtls_x509write_csr_free(mbedtls_x509write_csr *ctx);
 
 /**
  * \brief           Write a CSR (Certificate Signing Request) to a
@@ -269,9 +275,9 @@ void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
  *                  for countermeasures against timing attacks).
  *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
+int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
 
 #if defined(MBEDTLS_PEM_WRITE_C)
 /**
@@ -291,9 +297,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
  *                  for countermeasures against timing attacks).
  *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
-                       int (*f_rng)(void *, unsigned char *, size_t),
-                       void *p_rng );
+int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng);
 #endif /* MBEDTLS_PEM_WRITE_C */
 #endif /* MBEDTLS_X509_CSR_WRITE_C */
 

thirdparty/mbedtls/include/mbedtls/xtea.h

@@ -52,8 +52,7 @@ extern "C" {
 /**
  * \brief          XTEA context structure
  */
-typedef struct mbedtls_xtea_context
-{
+typedef struct mbedtls_xtea_context {
     uint32_t k[4];       /*!< key */
 }
 mbedtls_xtea_context;
@@ -67,14 +66,14 @@ mbedtls_xtea_context;
  *
  * \param ctx      XTEA context to be initialized
  */
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
+void mbedtls_xtea_init(mbedtls_xtea_context *ctx);
 
 /**
  * \brief          Clear XTEA context
  *
  * \param ctx      XTEA context to be cleared
  */
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
+void mbedtls_xtea_free(mbedtls_xtea_context *ctx);
 
 /**
  * \brief          XTEA key schedule
@@ -82,7 +81,7 @@ void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
  * \param ctx      XTEA context to be initialized
  * \param key      the secret key
  */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
+void mbedtls_xtea_setup(mbedtls_xtea_context *ctx, const unsigned char key[16]);
 
 /**
  * \brief          XTEA cipher function
@@ -94,10 +93,10 @@ void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16]
  *
  * \return         0 if successful
  */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
-                    int mode,
-                    const unsigned char input[8],
-                    unsigned char output[8] );
+int mbedtls_xtea_crypt_ecb(mbedtls_xtea_context *ctx,
+                           int mode,
+                           const unsigned char input[8],
+                           unsigned char output[8]);
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /**
@@ -113,12 +112,12 @@ int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
  * \return         0 if successful,
  *                 MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
  */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[8],
-                    const unsigned char *input,
-                    unsigned char *output);
+int mbedtls_xtea_crypt_cbc(mbedtls_xtea_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[8],
+                           const unsigned char *input,
+                           unsigned char *output);
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -128,7 +127,7 @@ int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
  *
  * \return         0 if successful, or 1 if the test failed
  */
-int mbedtls_xtea_self_test( int verbose );
+int mbedtls_xtea_self_test(int verbose);
 
 #endif /* MBEDTLS_SELF_TEST */
 

thirdparty/mbedtls/library/aesni.c

@@ -18,51 +18,391 @@
  */
 
 /*
- * [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set
- * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
+ * [AES-WP] https://www.intel.com/content/www/us/en/developer/articles/tool/intel-advanced-encryption-standard-aes-instructions-set.html
+ * [CLMUL-WP] https://www.intel.com/content/www/us/en/develop/download/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode.html
  */
 
 #include "common.h"
 
 #if defined(MBEDTLS_AESNI_C)
 
-#if defined(__has_feature)
-#if __has_feature(memory_sanitizer)
-#warning "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code."
-#endif
-#endif
-
 #include "mbedtls/aesni.h"
 
 #include <string.h>
 
+/* *INDENT-OFF* */
 #ifndef asm
 #define asm __asm
 #endif
+/* *INDENT-ON* */
+
+#if defined(MBEDTLS_AESNI_HAVE_CODE)
 
-#if defined(MBEDTLS_HAVE_X86_64)
+#if MBEDTLS_AESNI_HAVE_CODE == 2
+#if !defined(_WIN32)
+#include <cpuid.h>
+#endif
+#include <immintrin.h>
+#endif
 
 /*
  * AES-NI support detection routine
  */
-int mbedtls_aesni_has_support( unsigned int what )
+int mbedtls_aesni_has_support(unsigned int what)
 {
     static int done = 0;
     static unsigned int c = 0;
 
-    if( ! done )
-    {
-        asm( "movl  $1, %%eax   \n\t"
+    if (!done) {
+#if MBEDTLS_AESNI_HAVE_CODE == 2
+        static unsigned info[4] = { 0, 0, 0, 0 };
+#if defined(_MSC_VER)
+        __cpuid(info, 1);
+#else
+        __cpuid(1, info[0], info[1], info[2], info[3]);
+#endif
+        c = info[2];
+#else /* AESNI using asm */
+        asm ("movl  $1, %%eax   \n\t"
              "cpuid             \n\t"
              : "=c" (c)
              :
-             : "eax", "ebx", "edx" );
+             : "eax", "ebx", "edx");
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
         done = 1;
     }
 
-    return( ( c & what ) != 0 );
+    return (c & what) != 0;
 }
 
+#if MBEDTLS_AESNI_HAVE_CODE == 2
+
+/*
+ * AES-NI AES-ECB block en(de)cryption
+ */
+int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
+                            int mode,
+                            const unsigned char input[16],
+                            unsigned char output[16])
+{
+    const __m128i *rk = (const __m128i *) (ctx->rk);
+    unsigned nr = ctx->nr; // Number of remaining rounds
+
+    // Load round key 0
+    __m128i state;
+    memcpy(&state, input, 16);
+    state = _mm_xor_si128(state, rk[0]);  // state ^= *rk;
+    ++rk;
+    --nr;
+
+    if (mode == 0) {
+        while (nr != 0) {
+            state = _mm_aesdec_si128(state, *rk);
+            ++rk;
+            --nr;
+        }
+        state = _mm_aesdeclast_si128(state, *rk);
+    } else {
+        while (nr != 0) {
+            state = _mm_aesenc_si128(state, *rk);
+            ++rk;
+            --nr;
+        }
+        state = _mm_aesenclast_si128(state, *rk);
+    }
+
+    memcpy(output, &state, 16);
+    return 0;
+}
+
+/*
+ * GCM multiplication: c = a times b in GF(2^128)
+ * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
+ */
+
+static void gcm_clmul(const __m128i aa, const __m128i bb,
+                      __m128i *cc, __m128i *dd)
+{
+    /*
+     * Caryless multiplication dd:cc = aa * bb
+     * using [CLMUL-WP] algorithm 1 (p. 12).
+     */
+    *cc = _mm_clmulepi64_si128(aa, bb, 0x00); // a0*b0 = c1:c0
+    *dd = _mm_clmulepi64_si128(aa, bb, 0x11); // a1*b1 = d1:d0
+    __m128i ee = _mm_clmulepi64_si128(aa, bb, 0x10); // a0*b1 = e1:e0
+    __m128i ff = _mm_clmulepi64_si128(aa, bb, 0x01); // a1*b0 = f1:f0
+    ff = _mm_xor_si128(ff, ee);                      // e1+f1:e0+f0
+    ee = ff;                                         // e1+f1:e0+f0
+    ff = _mm_srli_si128(ff, 8);                      // 0:e1+f1
+    ee = _mm_slli_si128(ee, 8);                      // e0+f0:0
+    *dd = _mm_xor_si128(*dd, ff);                    // d1:d0+e1+f1
+    *cc = _mm_xor_si128(*cc, ee);                    // c1+e0+f0:c0
+}
+
+static void gcm_shift(__m128i *cc, __m128i *dd)
+{
+    /* [CMUCL-WP] Algorithm 5 Step 1: shift cc:dd one bit to the left,
+     * taking advantage of [CLMUL-WP] eq 27 (p. 18). */
+    //                                        // *cc = r1:r0
+    //                                        // *dd = r3:r2
+    __m128i cc_lo = _mm_slli_epi64(*cc, 1);   // r1<<1:r0<<1
+    __m128i dd_lo = _mm_slli_epi64(*dd, 1);   // r3<<1:r2<<1
+    __m128i cc_hi = _mm_srli_epi64(*cc, 63);  // r1>>63:r0>>63
+    __m128i dd_hi = _mm_srli_epi64(*dd, 63);  // r3>>63:r2>>63
+    __m128i xmm5 = _mm_srli_si128(cc_hi, 8);  // 0:r1>>63
+    cc_hi = _mm_slli_si128(cc_hi, 8);         // r0>>63:0
+    dd_hi = _mm_slli_si128(dd_hi, 8);         // 0:r1>>63
+
+    *cc = _mm_or_si128(cc_lo, cc_hi);         // r1<<1|r0>>63:r0<<1
+    *dd = _mm_or_si128(_mm_or_si128(dd_lo, dd_hi), xmm5); // r3<<1|r2>>62:r2<<1|r1>>63
+}
+
+static __m128i gcm_reduce(__m128i xx)
+{
+    //                                            // xx = x1:x0
+    /* [CLMUL-WP] Algorithm 5 Step 2 */
+    __m128i aa = _mm_slli_epi64(xx, 63);          // x1<<63:x0<<63 = stuff:a
+    __m128i bb = _mm_slli_epi64(xx, 62);          // x1<<62:x0<<62 = stuff:b
+    __m128i cc = _mm_slli_epi64(xx, 57);          // x1<<57:x0<<57 = stuff:c
+    __m128i dd = _mm_slli_si128(_mm_xor_si128(_mm_xor_si128(aa, bb), cc), 8); // a+b+c:0
+    return _mm_xor_si128(dd, xx);                 // x1+a+b+c:x0 = d:x0
+}
+
+static __m128i gcm_mix(__m128i dx)
+{
+    /* [CLMUL-WP] Algorithm 5 Steps 3 and 4 */
+    __m128i ee = _mm_srli_epi64(dx, 1);           // e1:x0>>1 = e1:e0'
+    __m128i ff = _mm_srli_epi64(dx, 2);           // f1:x0>>2 = f1:f0'
+    __m128i gg = _mm_srli_epi64(dx, 7);           // g1:x0>>7 = g1:g0'
+
+    // e0'+f0'+g0' is almost e0+f0+g0, except for some missing
+    // bits carried from d. Now get those bits back in.
+    __m128i eh = _mm_slli_epi64(dx, 63);          // d<<63:stuff
+    __m128i fh = _mm_slli_epi64(dx, 62);          // d<<62:stuff
+    __m128i gh = _mm_slli_epi64(dx, 57);          // d<<57:stuff
+    __m128i hh = _mm_srli_si128(_mm_xor_si128(_mm_xor_si128(eh, fh), gh), 8); // 0:missing bits of d
+
+    return _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(ee, ff), gg), hh), dx);
+}
+
+void mbedtls_aesni_gcm_mult(unsigned char c[16],
+                            const unsigned char a[16],
+                            const unsigned char b[16])
+{
+    __m128i aa, bb, cc, dd;
+
+    /* The inputs are in big-endian order, so byte-reverse them */
+    for (size_t i = 0; i < 16; i++) {
+        ((uint8_t *) &aa)[i] = a[15 - i];
+        ((uint8_t *) &bb)[i] = b[15 - i];
+    }
+
+    gcm_clmul(aa, bb, &cc, &dd);
+    gcm_shift(&cc, &dd);
+    /*
+     * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
+     * using [CLMUL-WP] algorithm 5 (p. 18).
+     * Currently dd:cc holds x3:x2:x1:x0 (already shifted).
+     */
+    __m128i dx = gcm_reduce(cc);
+    __m128i xh = gcm_mix(dx);
+    cc = _mm_xor_si128(xh, dd); // x3+h1:x2+h0
+
+    /* Now byte-reverse the outputs */
+    for (size_t i = 0; i < 16; i++) {
+        c[i] = ((uint8_t *) &cc)[15 - i];
+    }
+
+    return;
+}
+
+/*
+ * Compute decryption round keys from encryption round keys
+ */
+void mbedtls_aesni_inverse_key(unsigned char *invkey,
+                               const unsigned char *fwdkey, int nr)
+{
+    __m128i *ik = (__m128i *) invkey;
+    const __m128i *fk = (const __m128i *) fwdkey + nr;
+
+    *ik = *fk;
+    for (--fk, ++ik; fk > (const __m128i *) fwdkey; --fk, ++ik) {
+        *ik = _mm_aesimc_si128(*fk);
+    }
+    *ik = *fk;
+}
+
+/*
+ * Key expansion, 128-bit case
+ */
+static __m128i aesni_set_rk_128(__m128i state, __m128i xword)
+{
+    /*
+     * Finish generating the next round key.
+     *
+     * On entry state is r3:r2:r1:r0 and xword is X:stuff:stuff:stuff
+     * with X = rot( sub( r3 ) ) ^ RCON (obtained with AESKEYGENASSIST).
+     *
+     * On exit, xword is r7:r6:r5:r4
+     * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3
+     * and this is returned, to be written to the round key buffer.
+     */
+    xword = _mm_shuffle_epi32(xword, 0xff);   // X:X:X:X
+    xword = _mm_xor_si128(xword, state);      // X+r3:X+r2:X+r1:r4
+    state = _mm_slli_si128(state, 4);         // r2:r1:r0:0
+    xword = _mm_xor_si128(xword, state);      // X+r3+r2:X+r2+r1:r5:r4
+    state = _mm_slli_si128(state, 4);         // r1:r0:0:0
+    xword = _mm_xor_si128(xword, state);      // X+r3+r2+r1:r6:r5:r4
+    state = _mm_slli_si128(state, 4);         // r0:0:0:0
+    state = _mm_xor_si128(xword, state);      // r7:r6:r5:r4
+    return state;
+}
+
+static void aesni_setkey_enc_128(unsigned char *rk_bytes,
+                                 const unsigned char *key)
+{
+    __m128i *rk = (__m128i *) rk_bytes;
+
+    memcpy(&rk[0], key, 16);
+    rk[1] = aesni_set_rk_128(rk[0], _mm_aeskeygenassist_si128(rk[0], 0x01));
+    rk[2] = aesni_set_rk_128(rk[1], _mm_aeskeygenassist_si128(rk[1], 0x02));
+    rk[3] = aesni_set_rk_128(rk[2], _mm_aeskeygenassist_si128(rk[2], 0x04));
+    rk[4] = aesni_set_rk_128(rk[3], _mm_aeskeygenassist_si128(rk[3], 0x08));
+    rk[5] = aesni_set_rk_128(rk[4], _mm_aeskeygenassist_si128(rk[4], 0x10));
+    rk[6] = aesni_set_rk_128(rk[5], _mm_aeskeygenassist_si128(rk[5], 0x20));
+    rk[7] = aesni_set_rk_128(rk[6], _mm_aeskeygenassist_si128(rk[6], 0x40));
+    rk[8] = aesni_set_rk_128(rk[7], _mm_aeskeygenassist_si128(rk[7], 0x80));
+    rk[9] = aesni_set_rk_128(rk[8], _mm_aeskeygenassist_si128(rk[8], 0x1B));
+    rk[10] = aesni_set_rk_128(rk[9], _mm_aeskeygenassist_si128(rk[9], 0x36));
+}
+
+/*
+ * Key expansion, 192-bit case
+ */
+static void aesni_set_rk_192(__m128i *state0, __m128i *state1, __m128i xword,
+                             unsigned char *rk)
+{
+    /*
+     * Finish generating the next 6 quarter-keys.
+     *
+     * On entry state0 is r3:r2:r1:r0, state1 is stuff:stuff:r5:r4
+     * and xword is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON
+     * (obtained with AESKEYGENASSIST).
+     *
+     * On exit, state0 is r9:r8:r7:r6 and state1 is stuff:stuff:r11:r10
+     * and those are written to the round key buffer.
+     */
+    xword = _mm_shuffle_epi32(xword, 0x55);   // X:X:X:X
+    xword = _mm_xor_si128(xword, *state0);    // X+r3:X+r2:X+r1:X+r0
+    *state0 = _mm_slli_si128(*state0, 4);     // r2:r1:r0:0
+    xword = _mm_xor_si128(xword, *state0);    // X+r3+r2:X+r2+r1:X+r1+r0:X+r0
+    *state0 = _mm_slli_si128(*state0, 4);     // r1:r0:0:0
+    xword = _mm_xor_si128(xword, *state0);    // X+r3+r2+r1:X+r2+r1+r0:X+r1+r0:X+r0
+    *state0 = _mm_slli_si128(*state0, 4);     // r0:0:0:0
+    xword = _mm_xor_si128(xword, *state0);    // X+r3+r2+r1+r0:X+r2+r1+r0:X+r1+r0:X+r0
+    *state0 = xword;                          // = r9:r8:r7:r6
+
+    xword = _mm_shuffle_epi32(xword, 0xff);   // r9:r9:r9:r9
+    xword = _mm_xor_si128(xword, *state1);    // stuff:stuff:r9+r5:r9+r4
+    *state1 = _mm_slli_si128(*state1, 4);     // stuff:stuff:r4:0
+    xword = _mm_xor_si128(xword, *state1);    // stuff:stuff:r9+r5+r4:r9+r4
+    *state1 = xword;                          // = stuff:stuff:r11:r10
+
+    /* Store state0 and the low half of state1 into rk, which is conceptually
+     * an array of 24-byte elements. Since 24 is not a multiple of 16,
+     * rk is not necessarily aligned so just `*rk = *state0` doesn't work. */
+    memcpy(rk, state0, 16);
+    memcpy(rk + 16, state1, 8);
+}
+
+static void aesni_setkey_enc_192(unsigned char *rk,
+                                 const unsigned char *key)
+{
+    /* First round: use original key */
+    memcpy(rk, key, 24);
+    /* aes.c guarantees that rk is aligned on a 16-byte boundary. */
+    __m128i state0 = ((__m128i *) rk)[0];
+    __m128i state1 = _mm_loadl_epi64(((__m128i *) rk) + 1);
+
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x01), rk + 24 * 1);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x02), rk + 24 * 2);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x04), rk + 24 * 3);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x08), rk + 24 * 4);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x10), rk + 24 * 5);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x20), rk + 24 * 6);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x40), rk + 24 * 7);
+    aesni_set_rk_192(&state0, &state1, _mm_aeskeygenassist_si128(state1, 0x80), rk + 24 * 8);
+}
+
+/*
+ * Key expansion, 256-bit case
+ */
+static void aesni_set_rk_256(__m128i state0, __m128i state1, __m128i xword,
+                             __m128i *rk0, __m128i *rk1)
+{
+    /*
+     * Finish generating the next two round keys.
+     *
+     * On entry state0 is r3:r2:r1:r0, state1 is r7:r6:r5:r4 and
+     * xword is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON
+     * (obtained with AESKEYGENASSIST).
+     *
+     * On exit, *rk0 is r11:r10:r9:r8 and *rk1 is r15:r14:r13:r12
+     */
+    xword = _mm_shuffle_epi32(xword, 0xff);
+    xword = _mm_xor_si128(xword, state0);
+    state0 = _mm_slli_si128(state0, 4);
+    xword = _mm_xor_si128(xword, state0);
+    state0 = _mm_slli_si128(state0, 4);
+    xword = _mm_xor_si128(xword, state0);
+    state0 = _mm_slli_si128(state0, 4);
+    state0 = _mm_xor_si128(state0, xword);
+    *rk0 = state0;
+
+    /* Set xword to stuff:Y:stuff:stuff with Y = subword( r11 )
+     * and proceed to generate next round key from there */
+    xword = _mm_aeskeygenassist_si128(state0, 0x00);
+    xword = _mm_shuffle_epi32(xword, 0xaa);
+    xword = _mm_xor_si128(xword, state1);
+    state1 = _mm_slli_si128(state1, 4);
+    xword = _mm_xor_si128(xword, state1);
+    state1 = _mm_slli_si128(state1, 4);
+    xword = _mm_xor_si128(xword, state1);
+    state1 = _mm_slli_si128(state1, 4);
+    state1 = _mm_xor_si128(state1, xword);
+    *rk1 = state1;
+}
+
+static void aesni_setkey_enc_256(unsigned char *rk_bytes,
+                                 const unsigned char *key)
+{
+    __m128i *rk = (__m128i *) rk_bytes;
+
+    memcpy(&rk[0], key, 16);
+    memcpy(&rk[1], key + 16, 16);
+
+    /*
+     * Main "loop" - Generating one more key than necessary,
+     * see definition of mbedtls_aes_context.buf
+     */
+    aesni_set_rk_256(rk[0], rk[1], _mm_aeskeygenassist_si128(rk[1], 0x01), &rk[2], &rk[3]);
+    aesni_set_rk_256(rk[2], rk[3], _mm_aeskeygenassist_si128(rk[3], 0x02), &rk[4], &rk[5]);
+    aesni_set_rk_256(rk[4], rk[5], _mm_aeskeygenassist_si128(rk[5], 0x04), &rk[6], &rk[7]);
+    aesni_set_rk_256(rk[6], rk[7], _mm_aeskeygenassist_si128(rk[7], 0x08), &rk[8], &rk[9]);
+    aesni_set_rk_256(rk[8], rk[9], _mm_aeskeygenassist_si128(rk[9], 0x10), &rk[10], &rk[11]);
+    aesni_set_rk_256(rk[10], rk[11], _mm_aeskeygenassist_si128(rk[11], 0x20), &rk[12], &rk[13]);
+    aesni_set_rk_256(rk[12], rk[13], _mm_aeskeygenassist_si128(rk[13], 0x40), &rk[14], &rk[15]);
+}
+
+#else /* MBEDTLS_AESNI_HAVE_CODE == 1 */
+
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+#warning \
+    "MBEDTLS_AESNI_C is known to cause spurious error reports with some memory sanitizers as they do not understand the assembly code."
+#endif
+#endif
+
 /*
  * Binutils needs to be at least 2.19 to support AES-NI instructions.
  * Unfortunately, a lot of users have a lower version now (2014-04).
@@ -73,13 +413,13 @@ int mbedtls_aesni_has_support( unsigned int what )
  * Operand macros are in gas order (src, dst) as opposed to Intel order
  * (dst, src) in order to blend better into the surrounding assembly code.
  */
-#define AESDEC      ".byte 0x66,0x0F,0x38,0xDE,"
-#define AESDECLAST  ".byte 0x66,0x0F,0x38,0xDF,"
-#define AESENC      ".byte 0x66,0x0F,0x38,0xDC,"
-#define AESENCLAST  ".byte 0x66,0x0F,0x38,0xDD,"
-#define AESIMC      ".byte 0x66,0x0F,0x38,0xDB,"
-#define AESKEYGENA  ".byte 0x66,0x0F,0x3A,0xDF,"
-#define PCLMULQDQ   ".byte 0x66,0x0F,0x3A,0x44,"
+#define AESDEC(regs)      ".byte 0x66,0x0F,0x38,0xDE," regs "\n\t"
+#define AESDECLAST(regs)  ".byte 0x66,0x0F,0x38,0xDF," regs "\n\t"
+#define AESENC(regs)      ".byte 0x66,0x0F,0x38,0xDC," regs "\n\t"
+#define AESENCLAST(regs)  ".byte 0x66,0x0F,0x38,0xDD," regs "\n\t"
+#define AESIMC(regs)      ".byte 0x66,0x0F,0x38,0xDB," regs "\n\t"
+#define AESKEYGENA(regs, imm)  ".byte 0x66,0x0F,0x3A,0xDF," regs "," imm "\n\t"
+#define PCLMULQDQ(regs, imm)   ".byte 0x66,0x0F,0x3A,0x44," regs "," imm "\n\t"
 
 #define xmm0_xmm0   "0xC0"
 #define xmm0_xmm1   "0xC8"
@@ -92,12 +432,12 @@ int mbedtls_aesni_has_support( unsigned int what )
 /*
  * AES-NI AES-ECB block en(de)cryption
  */
-int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
-                     int mode,
-                     const unsigned char input[16],
-                     unsigned char output[16] )
+int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx,
+                            int mode,
+                            const unsigned char input[16],
+                            unsigned char output[16])
 {
-    asm( "movdqu    (%3), %%xmm0    \n\t" // load input
+    asm ("movdqu    (%3), %%xmm0    \n\t" // load input
          "movdqu    (%1), %%xmm1    \n\t" // load round key 0
          "pxor      %%xmm1, %%xmm0  \n\t" // round 0
          "add       $16, %1         \n\t" // point to next round key
@@ -107,65 +447,64 @@ int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
 
          "1:                        \n\t" // encryption loop
          "movdqu    (%1), %%xmm1    \n\t" // load round key
-         AESENC     xmm1_xmm0      "\n\t" // do round
+         AESENC(xmm1_xmm0)                // do round
          "add       $16, %1         \n\t" // point to next round key
          "subl      $1, %0          \n\t" // loop
          "jnz       1b              \n\t"
          "movdqu    (%1), %%xmm1    \n\t" // load round key
-         AESENCLAST xmm1_xmm0      "\n\t" // last round
+         AESENCLAST(xmm1_xmm0)            // last round
          "jmp       3f              \n\t"
 
          "2:                        \n\t" // decryption loop
          "movdqu    (%1), %%xmm1    \n\t"
-         AESDEC     xmm1_xmm0      "\n\t" // do round
+         AESDEC(xmm1_xmm0)                // do round
          "add       $16, %1         \n\t"
          "subl      $1, %0          \n\t"
          "jnz       2b              \n\t"
          "movdqu    (%1), %%xmm1    \n\t" // load round key
-         AESDECLAST xmm1_xmm0      "\n\t" // last round
+         AESDECLAST(xmm1_xmm0)            // last round
 
          "3:                        \n\t"
          "movdqu    %%xmm0, (%4)    \n\t" // export output
          :
          : "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output)
-         : "memory", "cc", "xmm0", "xmm1" );
+         : "memory", "cc", "xmm0", "xmm1");
 
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * GCM multiplication: c = a times b in GF(2^128)
  * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
  */
-void mbedtls_aesni_gcm_mult( unsigned char c[16],
-                     const unsigned char a[16],
-                     const unsigned char b[16] )
+void mbedtls_aesni_gcm_mult(unsigned char c[16],
+                            const unsigned char a[16],
+                            const unsigned char b[16])
 {
     unsigned char aa[16], bb[16], cc[16];
     size_t i;
 
     /* The inputs are in big-endian order, so byte-reverse them */
-    for( i = 0; i < 16; i++ )
-    {
+    for (i = 0; i < 16; i++) {
         aa[i] = a[15 - i];
         bb[i] = b[15 - i];
     }
 
-    asm( "movdqu (%0), %%xmm0               \n\t" // a1:a0
+    asm ("movdqu (%0), %%xmm0               \n\t" // a1:a0
          "movdqu (%1), %%xmm1               \n\t" // b1:b0
 
          /*
           * Caryless multiplication xmm2:xmm1 = xmm0 * xmm1
-          * using [CLMUL-WP] algorithm 1 (p. 13).
+          * using [CLMUL-WP] algorithm 1 (p. 12).
           */
          "movdqa %%xmm1, %%xmm2             \n\t" // copy of b1:b0
          "movdqa %%xmm1, %%xmm3             \n\t" // same
          "movdqa %%xmm1, %%xmm4             \n\t" // same
-         PCLMULQDQ xmm0_xmm1 ",0x00         \n\t" // a0*b0 = c1:c0
-         PCLMULQDQ xmm0_xmm2 ",0x11         \n\t" // a1*b1 = d1:d0
-         PCLMULQDQ xmm0_xmm3 ",0x10         \n\t" // a0*b1 = e1:e0
-         PCLMULQDQ xmm0_xmm4 ",0x01         \n\t" // a1*b0 = f1:f0
+         PCLMULQDQ(xmm0_xmm1, "0x00")             // a0*b0 = c1:c0
+         PCLMULQDQ(xmm0_xmm2, "0x11")             // a1*b1 = d1:d0
+         PCLMULQDQ(xmm0_xmm3, "0x10")             // a0*b1 = e1:e0
+         PCLMULQDQ(xmm0_xmm4, "0x01")             // a1*b0 = f1:f0
          "pxor %%xmm3, %%xmm4               \n\t" // e1+f1:e0+f0
          "movdqa %%xmm4, %%xmm3             \n\t" // same
          "psrldq $8, %%xmm4                 \n\t" // 0:e1+f1
@@ -175,7 +514,7 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
 
          /*
           * Now shift the result one bit to the left,
-          * taking advantage of [CLMUL-WP] eq 27 (p. 20)
+          * taking advantage of [CLMUL-WP] eq 27 (p. 18)
           */
          "movdqa %%xmm1, %%xmm3             \n\t" // r1:r0
          "movdqa %%xmm2, %%xmm4             \n\t" // r3:r2
@@ -193,7 +532,7 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
 
          /*
           * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
-          * using [CLMUL-WP] algorithm 5 (p. 20).
+          * using [CLMUL-WP] algorithm 5 (p. 18).
           * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted).
           */
          /* Step 2 (1) */
@@ -237,11 +576,12 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
          "movdqu %%xmm0, (%2)               \n\t" // done
          :
          : "r" (aa), "r" (bb), "r" (cc)
-         : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" );
+         : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5");
 
     /* Now byte-reverse the outputs */
-    for( i = 0; i < 16; i++ )
+    for (i = 0; i < 16; i++) {
         c[i] = cc[15 - i];
+    }
 
     return;
 }
@@ -249,32 +589,33 @@ void mbedtls_aesni_gcm_mult( unsigned char c[16],
 /*
  * Compute decryption round keys from encryption round keys
  */
-void mbedtls_aesni_inverse_key( unsigned char *invkey,
-                        const unsigned char *fwdkey, int nr )
+void mbedtls_aesni_inverse_key(unsigned char *invkey,
+                               const unsigned char *fwdkey, int nr)
 {
     unsigned char *ik = invkey;
     const unsigned char *fk = fwdkey + 16 * nr;
 
-    memcpy( ik, fk, 16 );
+    memcpy(ik, fk, 16);
 
-    for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 )
-        asm( "movdqu (%0), %%xmm0       \n\t"
-             AESIMC  xmm0_xmm0         "\n\t"
+    for (fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16) {
+        asm ("movdqu (%0), %%xmm0       \n\t"
+             AESIMC(xmm0_xmm0)
              "movdqu %%xmm0, (%1)       \n\t"
              :
              : "r" (fk), "r" (ik)
-             : "memory", "xmm0" );
+             : "memory", "xmm0");
+    }
 
-    memcpy( ik, fk, 16 );
+    memcpy(ik, fk, 16);
 }
 
 /*
  * Key expansion, 128-bit case
  */
-static void aesni_setkey_enc_128( unsigned char *rk,
-                                  const unsigned char *key )
+static void aesni_setkey_enc_128(unsigned char *rk,
+                                 const unsigned char *key)
 {
-    asm( "movdqu (%1), %%xmm0               \n\t" // copy the original key
+    asm ("movdqu (%1), %%xmm0               \n\t" // copy the original key
          "movdqu %%xmm0, (%0)               \n\t" // as round key 0
          "jmp 2f                            \n\t" // skip auxiliary routine
 
@@ -303,28 +644,28 @@ static void aesni_setkey_enc_128( unsigned char *rk,
 
          /* Main "loop" */
          "2:                                \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x01        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x02        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x04        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x08        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x10        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x20        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x40        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x80        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x1B        \n\tcall 1b \n\t"
-         AESKEYGENA xmm0_xmm1 ",0x36        \n\tcall 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x01")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x02")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x04")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x08")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x10")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x20")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x40")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x80")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x1B")      "call 1b \n\t"
+         AESKEYGENA(xmm0_xmm1, "0x36")      "call 1b \n\t"
          :
          : "r" (rk), "r" (key)
-         : "memory", "cc", "0" );
+         : "memory", "cc", "0");
 }
 
 /*
  * Key expansion, 192-bit case
  */
-static void aesni_setkey_enc_192( unsigned char *rk,
-                                  const unsigned char *key )
+static void aesni_setkey_enc_192(unsigned char *rk,
+                                 const unsigned char *key)
 {
-    asm( "movdqu (%1), %%xmm0   \n\t" // copy original round key
+    asm ("movdqu (%1), %%xmm0   \n\t" // copy original round key
          "movdqu %%xmm0, (%0)   \n\t"
          "add $16, %0           \n\t"
          "movq 16(%1), %%xmm1   \n\t"
@@ -361,27 +702,27 @@ static void aesni_setkey_enc_192( unsigned char *rk,
          "ret                           \n\t"
 
          "2:                            \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x01    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x02    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x04    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x08    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x10    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x20    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x40    \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x80    \n\tcall 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x01")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x02")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x04")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x08")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x10")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x20")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x40")  "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x80")  "call 1b \n\t"
 
          :
          : "r" (rk), "r" (key)
-         : "memory", "cc", "0" );
+         : "memory", "cc", "0");
 }
 
 /*
  * Key expansion, 256-bit case
  */
-static void aesni_setkey_enc_256( unsigned char *rk,
-                                  const unsigned char *key )
+static void aesni_setkey_enc_256(unsigned char *rk,
+                                 const unsigned char *key)
 {
-    asm( "movdqu (%1), %%xmm0           \n\t"
+    asm ("movdqu (%1), %%xmm0           \n\t"
          "movdqu %%xmm0, (%0)           \n\t"
          "add $16, %0                   \n\t"
          "movdqu 16(%1), %%xmm1         \n\t"
@@ -411,7 +752,7 @@ static void aesni_setkey_enc_256( unsigned char *rk,
 
          /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
           * and proceed to generate next round key from there */
-         AESKEYGENA xmm0_xmm2 ",0x00        \n\t"
+         AESKEYGENA(xmm0_xmm2, "0x00")
          "pshufd $0xaa, %%xmm2, %%xmm2      \n\t"
          "pxor %%xmm1, %%xmm2               \n\t"
          "pslldq $4, %%xmm1                 \n\t"
@@ -429,36 +770,37 @@ static void aesni_setkey_enc_256( unsigned char *rk,
           * see definition of mbedtls_aes_context.buf
           */
          "2:                                \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x01        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x02        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x04        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x08        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x10        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x20        \n\tcall 1b \n\t"
-         AESKEYGENA xmm1_xmm2 ",0x40        \n\tcall 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x01")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x02")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x04")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x08")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x10")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x20")      "call 1b \n\t"
+         AESKEYGENA(xmm1_xmm2, "0x40")      "call 1b \n\t"
          :
          : "r" (rk), "r" (key)
-         : "memory", "cc", "0" );
+         : "memory", "cc", "0");
 }
 
+#endif  /* MBEDTLS_AESNI_HAVE_CODE */
+
 /*
  * Key expansion, wrapper
  */
-int mbedtls_aesni_setkey_enc( unsigned char *rk,
-                      const unsigned char *key,
-                      size_t bits )
+int mbedtls_aesni_setkey_enc(unsigned char *rk,
+                             const unsigned char *key,
+                             size_t bits)
 {
-    switch( bits )
-    {
-        case 128: aesni_setkey_enc_128( rk, key ); break;
-        case 192: aesni_setkey_enc_192( rk, key ); break;
-        case 256: aesni_setkey_enc_256( rk, key ); break;
-        default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
+    switch (bits) {
+        case 128: aesni_setkey_enc_128(rk, key); break;
+        case 192: aesni_setkey_enc_192(rk, key); break;
+        case 256: aesni_setkey_enc_256(rk, key); break;
+        default: return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH;
     }
 
-    return( 0 );
+    return 0;
 }
 
-#endif /* MBEDTLS_HAVE_X86_64 */
+#endif /* MBEDTLS_AESNI_HAVE_CODE */
 
 #endif /* MBEDTLS_AESNI_C */

thirdparty/mbedtls/library/arc4.c

@@ -35,24 +35,25 @@
 
 #if !defined(MBEDTLS_ARC4_ALT)
 
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
+void mbedtls_arc4_init(mbedtls_arc4_context *ctx)
 {
-    memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
+    memset(ctx, 0, sizeof(mbedtls_arc4_context));
 }
 
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
+void mbedtls_arc4_free(mbedtls_arc4_context *ctx)
 {
-    if( ctx == NULL )
+    if (ctx == NULL) {
         return;
+    }
 
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_arc4_context));
 }
 
 /*
  * ARC4 key schedule
  */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
-                 unsigned int keylen )
+void mbedtls_arc4_setup(mbedtls_arc4_context *ctx, const unsigned char *key,
+                        unsigned int keylen)
 {
     int i, j, a;
     unsigned int k;
@@ -62,17 +63,19 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
     ctx->y = 0;
     m = ctx->m;
 
-    for( i = 0; i < 256; i++ )
+    for (i = 0; i < 256; i++) {
         m[i] = (unsigned char) i;
+    }
 
     j = k = 0;
 
-    for( i = 0; i < 256; i++, k++ )
-    {
-        if( k >= keylen ) k = 0;
+    for (i = 0; i < 256; i++, k++) {
+        if (k >= keylen) {
+            k = 0;
+        }
 
         a = m[i];
-        j = ( j + a + key[k] ) & 0xFF;
+        j = (j + a + key[k]) & 0xFF;
         m[i] = m[j];
         m[j] = (unsigned char) a;
     }
@@ -81,8 +84,8 @@ void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
 /*
  * ARC4 cipher function
  */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
-                unsigned char *output )
+int mbedtls_arc4_crypt(mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
+                       unsigned char *output)
 {
     int x, y, a, b;
     size_t i;
@@ -92,22 +95,21 @@ int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned
     y = ctx->y;
     m = ctx->m;
 
-    for( i = 0; i < length; i++ )
-    {
-        x = ( x + 1 ) & 0xFF; a = m[x];
-        y = ( y + a ) & 0xFF; b = m[y];
+    for (i = 0; i < length; i++) {
+        x = (x + 1) & 0xFF; a = m[x];
+        y = (y + a) & 0xFF; b = m[y];
 
         m[x] = (unsigned char) b;
         m[y] = (unsigned char) a;
 
         output[i] = (unsigned char)
-            ( input[i] ^ m[(unsigned char)( a + b )] );
+                    (input[i] ^ m[(unsigned char) (a + b)]);
     }
 
     ctx->x = x;
     ctx->y = y;
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* !MBEDTLS_ARC4_ALT */
@@ -142,45 +144,47 @@ static const unsigned char arc4_test_ct[3][8] =
 /*
  * Checkup routine
  */
-int mbedtls_arc4_self_test( int verbose )
+int mbedtls_arc4_self_test(int verbose)
 {
     int i, ret = 0;
     unsigned char ibuf[8];
     unsigned char obuf[8];
     mbedtls_arc4_context ctx;
 
-    mbedtls_arc4_init( &ctx );
+    mbedtls_arc4_init(&ctx);
 
-    for( i = 0; i < 3; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  ARC4 test #%d: ", i + 1 );
+    for (i = 0; i < 3; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  ARC4 test #%d: ", i + 1);
+        }
 
-        memcpy( ibuf, arc4_test_pt[i], 8 );
+        memcpy(ibuf, arc4_test_pt[i], 8);
 
-        mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
-        mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
+        mbedtls_arc4_setup(&ctx, arc4_test_key[i], 8);
+        mbedtls_arc4_crypt(&ctx, 8, ibuf, obuf);
 
-        if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
+        if (memcmp(obuf, arc4_test_ct[i], 8) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
 
             ret = 1;
             goto exit;
         }
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
 exit:
-    mbedtls_arc4_free( &ctx );
+    mbedtls_arc4_free(&ctx);
 
-    return( ret );
+    return ret;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/aria.c

@@ -38,10 +38,10 @@
 #include "mbedtls/platform_util.h"
 
 /* Parameter validation macros */
-#define ARIA_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA )
-#define ARIA_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
+#define ARIA_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA)
+#define ARIA_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
 
 /*
  * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes
@@ -55,30 +55,30 @@
 #if defined(__arm__) /* rev16 available from v6 up */
 /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
 #if defined(__GNUC__) && \
-    ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \
+    (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \
     __ARM_ARCH >= 6
-static inline uint32_t aria_p1( uint32_t x )
+static inline uint32_t aria_p1(uint32_t x)
 {
     uint32_t r;
-    __asm( "rev16 %0, %1" : "=l" (r) : "l" (x) );
-    return( r );
+    __asm("rev16 %0, %1" : "=l" (r) : "l" (x));
+    return r;
 }
 #define ARIA_P1 aria_p1
 #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
-    ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 )
-static inline uint32_t aria_p1( uint32_t x )
+    (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3)
+static inline uint32_t aria_p1(uint32_t x)
 {
     uint32_t r;
-    __asm( "rev16 r, x" );
-    return( r );
+    __asm("rev16 r, x");
+    return r;
 }
 #define ARIA_P1 aria_p1
 #endif
 #endif /* arm */
 #if defined(__GNUC__) && \
-    defined(__i386__) || defined(__amd64__) || defined( __x86_64__)
+    defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
 /* I couldn't find an Intel equivalent of rev16, so two instructions */
-#define ARIA_P1(x) ARIA_P2( ARIA_P3( x ) )
+#define ARIA_P1(x) ARIA_P2(ARIA_P3(x))
 #endif /* x86 gnuc */
 #endif /* MBEDTLS_HAVE_ASM && GNUC */
 #if !defined(ARIA_P1)
@@ -106,38 +106,38 @@ static inline uint32_t aria_p1( uint32_t x )
 #if defined(__arm__) /* rev available from v6 up */
 /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
 #if defined(__GNUC__) && \
-    ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 ) && \
+    (!defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000) && \
     __ARM_ARCH >= 6
-static inline uint32_t aria_p3( uint32_t x )
+static inline uint32_t aria_p3(uint32_t x)
 {
     uint32_t r;
-    __asm( "rev %0, %1" : "=l" (r) : "l" (x) );
-    return( r );
+    __asm("rev %0, %1" : "=l" (r) : "l" (x));
+    return r;
 }
 #define ARIA_P3 aria_p3
 #elif defined(__ARMCC_VERSION) && __ARMCC_VERSION < 6000000 && \
-    ( __TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3 )
-static inline uint32_t aria_p3( uint32_t x )
+    (__TARGET_ARCH_ARM >= 6 || __TARGET_ARCH_THUMB >= 3)
+static inline uint32_t aria_p3(uint32_t x)
 {
     uint32_t r;
-    __asm( "rev r, x" );
-    return( r );
+    __asm("rev r, x");
+    return r;
 }
 #define ARIA_P3 aria_p3
 #endif
 #endif /* arm */
 #if defined(__GNUC__) && \
-    defined(__i386__) || defined(__amd64__) || defined( __x86_64__)
-static inline uint32_t aria_p3( uint32_t x )
+    defined(__i386__) || defined(__amd64__) || defined(__x86_64__)
+static inline uint32_t aria_p3(uint32_t x)
 {
-    __asm( "bswap %0" : "=r" (x) : "0" (x) );
-    return( x );
+    __asm("bswap %0" : "=r" (x) : "0" (x));
+    return x;
 }
 #define ARIA_P3 aria_p3
 #endif /* x86 gnuc */
 #endif /* MBEDTLS_HAVE_ASM && GNUC */
 #if !defined(ARIA_P3)
-#define ARIA_P3(x) ARIA_P2( ARIA_P1 ( x ) )
+#define ARIA_P3(x) ARIA_P2(ARIA_P1(x))
 #endif
 
 /*
@@ -163,28 +163,28 @@ static inline uint32_t aria_p3( uint32_t x )
  * half of App. B.1 in [1] in terms of 4-byte operators P1, P2, P3 and P4.
  * The implementation below uses only P1 and P2 as they are sufficient.
  */
-static inline void aria_a( uint32_t *a, uint32_t *b,
-                           uint32_t *c, uint32_t *d )
+static inline void aria_a(uint32_t *a, uint32_t *b,
+                          uint32_t *c, uint32_t *d)
 {
     uint32_t ta, tb, tc;
     ta  =  *b;                      // 4567
     *b  =  *a;                      // 0123
-    *a  =  ARIA_P2( ta );           // 6745
-    tb  =  ARIA_P2( *d );           // efcd
-    *d  =  ARIA_P1( *c );           // 98ba
-    *c  =  ARIA_P1( tb );           // fedc
+    *a  =  ARIA_P2(ta);             // 6745
+    tb  =  ARIA_P2(*d);             // efcd
+    *d  =  ARIA_P1(*c);             // 98ba
+    *c  =  ARIA_P1(tb);             // fedc
     ta  ^= *d;                      // 4567+98ba
-    tc  =  ARIA_P2( *b );           // 2301
-    ta  =  ARIA_P1( ta ) ^ tc ^ *c; // 2301+5476+89ab+fedc
-    tb  ^= ARIA_P2( *d );           // ba98+efcd
-    tc  ^= ARIA_P1( *a );           // 2301+7654
+    tc  =  ARIA_P2(*b);             // 2301
+    ta  =  ARIA_P1(ta) ^ tc ^ *c;   // 2301+5476+89ab+fedc
+    tb  ^= ARIA_P2(*d);             // ba98+efcd
+    tc  ^= ARIA_P1(*a);             // 2301+7654
     *b  ^= ta ^ tb;                 // 0123+2301+5476+89ab+ba98+efcd+fedc OUT
-    tb  =  ARIA_P2( tb ) ^ ta;      // 2301+5476+89ab+98ba+cdef+fedc
-    *a  ^= ARIA_P1( tb );           // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT
-    ta  =  ARIA_P2( ta );           // 0123+7654+ab89+dcfe
-    *d  ^= ARIA_P1( ta ) ^ tc;      // 1032+2301+6745+7654+98ba+ba98+cdef OUT
-    tc  =  ARIA_P2( tc );           // 0123+5476
-    *c  ^= ARIA_P1( tc ) ^ ta;      // 0123+1032+4567+7654+ab89+dcfe+fedc OUT
+    tb  =  ARIA_P2(tb) ^ ta;        // 2301+5476+89ab+98ba+cdef+fedc
+    *a  ^= ARIA_P1(tb);             // 3210+4567+6745+89ab+98ba+dcfe+efcd OUT
+    ta  =  ARIA_P2(ta);             // 0123+7654+ab89+dcfe
+    *d  ^= ARIA_P1(ta) ^ tc;        // 1032+2301+6745+7654+98ba+ba98+cdef OUT
+    tc  =  ARIA_P2(tc);             // 0123+5476
+    *c  ^= ARIA_P1(tc) ^ ta;        // 0123+1032+4567+7654+ab89+dcfe+fedc OUT
 }
 
 /*
@@ -195,27 +195,27 @@ static inline void aria_a( uint32_t *a, uint32_t *b,
  * By passing sb1, sb2, is1, is2 as S-Boxes you get SL1
  * By passing is1, is2, sb1, sb2 as S-Boxes you get SL2
  */
-static inline void aria_sl( uint32_t *a, uint32_t *b,
-                            uint32_t *c, uint32_t *d,
-                            const uint8_t sa[256], const uint8_t sb[256],
-                            const uint8_t sc[256], const uint8_t sd[256] )
+static inline void aria_sl(uint32_t *a, uint32_t *b,
+                           uint32_t *c, uint32_t *d,
+                           const uint8_t sa[256], const uint8_t sb[256],
+                           const uint8_t sc[256], const uint8_t sd[256])
 {
-    *a = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *a ) ]       ) ^
-         (((uint32_t) sb[ MBEDTLS_BYTE_1( *a ) ]) <<  8) ^
-         (((uint32_t) sc[ MBEDTLS_BYTE_2( *a ) ]) << 16) ^
-         (((uint32_t) sd[ MBEDTLS_BYTE_3( *a ) ]) << 24);
-    *b = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *b ) ]       ) ^
-         (((uint32_t) sb[ MBEDTLS_BYTE_1( *b ) ]) <<  8) ^
-         (((uint32_t) sc[ MBEDTLS_BYTE_2( *b ) ]) << 16) ^
-         (((uint32_t) sd[ MBEDTLS_BYTE_3( *b ) ]) << 24);
-    *c = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *c ) ]       ) ^
-         (((uint32_t) sb[ MBEDTLS_BYTE_1( *c ) ]) <<  8) ^
-         (((uint32_t) sc[ MBEDTLS_BYTE_2( *c ) ]) << 16) ^
-         (((uint32_t) sd[ MBEDTLS_BYTE_3( *c ) ]) << 24);
-    *d = ( (uint32_t) sa[ MBEDTLS_BYTE_0( *d ) ]       ) ^
-         (((uint32_t) sb[ MBEDTLS_BYTE_1( *d ) ]) <<  8) ^
-         (((uint32_t) sc[ MBEDTLS_BYTE_2( *d ) ]) << 16) ^
-         (((uint32_t) sd[ MBEDTLS_BYTE_3( *d ) ]) << 24);
+    *a = ((uint32_t) sa[MBEDTLS_BYTE_0(*a)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*a)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*a)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*a)]) << 24);
+    *b = ((uint32_t) sa[MBEDTLS_BYTE_0(*b)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*b)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*b)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*b)]) << 24);
+    *c = ((uint32_t) sa[MBEDTLS_BYTE_0(*c)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*c)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*c)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*c)]) << 24);
+    *d = ((uint32_t) sa[MBEDTLS_BYTE_0(*d)]) ^
+         (((uint32_t) sb[MBEDTLS_BYTE_1(*d)]) <<  8) ^
+         (((uint32_t) sc[MBEDTLS_BYTE_2(*d)]) << 16) ^
+         (((uint32_t) sd[MBEDTLS_BYTE_3(*d)]) << 24);
 }
 
 /*
@@ -328,8 +328,8 @@ static const uint8_t aria_is2[256] =
 /*
  * Helper for key schedule: r = FO( p, k ) ^ x
  */
-static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
-                         const uint32_t k[4], const uint32_t x[4] )
+static void aria_fo_xor(uint32_t r[4], const uint32_t p[4],
+                        const uint32_t k[4], const uint32_t x[4])
 {
     uint32_t a, b, c, d;
 
@@ -338,8 +338,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
     c = p[2] ^ k[2];
     d = p[3] ^ k[3];
 
-    aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 );
-    aria_a( &a, &b, &c, &d );
+    aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
+    aria_a(&a, &b, &c, &d);
 
     r[0] = a ^ x[0];
     r[1] = b ^ x[1];
@@ -350,8 +350,8 @@ static void aria_fo_xor( uint32_t r[4], const uint32_t p[4],
 /*
  * Helper for key schedule: r = FE( p, k ) ^ x
  */
-static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
-                         const uint32_t k[4], const uint32_t x[4] )
+static void aria_fe_xor(uint32_t r[4], const uint32_t p[4],
+                        const uint32_t k[4], const uint32_t x[4])
 {
     uint32_t a, b, c, d;
 
@@ -360,8 +360,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
     c = p[2] ^ k[2];
     d = p[3] ^ k[3];
 
-    aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 );
-    aria_a( &a, &b, &c, &d );
+    aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
+    aria_a(&a, &b, &c, &d);
 
     r[0] = a ^ x[0];
     r[1] = b ^ x[1];
@@ -376,8 +376,8 @@ static void aria_fe_xor( uint32_t r[4], const uint32_t p[4],
  * MBEDTLS_GET_UINT32_LE / MBEDTLS_PUT_UINT32_LE ) so we need to reverse
  * bytes here.
  */
-static void aria_rot128( uint32_t r[4], const uint32_t a[4],
-                         const uint32_t b[4], uint8_t n )
+static void aria_rot128(uint32_t r[4], const uint32_t a[4],
+                        const uint32_t b[4], uint8_t n)
 {
     uint8_t i, j;
     uint32_t t, u;
@@ -385,15 +385,14 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4],
     const uint8_t n1 = n % 32;              // bit offset
     const uint8_t n2 = n1 ? 32 - n1 : 0;    // reverse bit offset
 
-    j = ( n / 32 ) % 4;                     // initial word offset
-    t = ARIA_P3( b[j] );                    // big endian
-    for( i = 0; i < 4; i++ )
-    {
-        j = ( j + 1 ) % 4;                  // get next word, big endian
-        u = ARIA_P3( b[j] );
+    j = (n / 32) % 4;                       // initial word offset
+    t = ARIA_P3(b[j]);                      // big endian
+    for (i = 0; i < 4; i++) {
+        j = (j + 1) % 4;                    // get next word, big endian
+        u = ARIA_P3(b[j]);
         t <<= n1;                           // rotate
         t |= u >> n2;
-        t = ARIA_P3( t );                   // back to little endian
+        t = ARIA_P3(t);                     // back to little endian
         r[i] = a[i] ^ t;                    // store
         t = u;                              // move to next word
     }
@@ -402,8 +401,8 @@ static void aria_rot128( uint32_t r[4], const uint32_t a[4],
 /*
  * Set encryption key
  */
-int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
-                             const unsigned char *key, unsigned int keybits )
+int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx,
+                            const unsigned char *key, unsigned int keybits)
 {
     /* round constant masks */
     const uint32_t rc[3][4] =
@@ -415,74 +414,71 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx,
 
     int i;
     uint32_t w[4][4], *w2;
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( key != NULL );
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(key != NULL);
 
-    if( keybits != 128 && keybits != 192 && keybits != 256 )
-        return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
+    if (keybits != 128 && keybits != 192 && keybits != 256) {
+        return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
+    }
 
     /* Copy key to W0 (and potential remainder to W1) */
-    w[0][0] = MBEDTLS_GET_UINT32_LE( key,  0 );
-    w[0][1] = MBEDTLS_GET_UINT32_LE( key,  4 );
-    w[0][2] = MBEDTLS_GET_UINT32_LE( key,  8 );
-    w[0][3] = MBEDTLS_GET_UINT32_LE( key, 12 );
-
-    memset( w[1], 0, 16 );
-    if( keybits >= 192 )
-    {
-        w[1][0] = MBEDTLS_GET_UINT32_LE( key, 16 );  // 192 bit key
-        w[1][1] = MBEDTLS_GET_UINT32_LE( key, 20 );
+    w[0][0] = MBEDTLS_GET_UINT32_LE(key,  0);
+    w[0][1] = MBEDTLS_GET_UINT32_LE(key,  4);
+    w[0][2] = MBEDTLS_GET_UINT32_LE(key,  8);
+    w[0][3] = MBEDTLS_GET_UINT32_LE(key, 12);
+
+    memset(w[1], 0, 16);
+    if (keybits >= 192) {
+        w[1][0] = MBEDTLS_GET_UINT32_LE(key, 16);    // 192 bit key
+        w[1][1] = MBEDTLS_GET_UINT32_LE(key, 20);
     }
-    if( keybits == 256 )
-    {
-        w[1][2] = MBEDTLS_GET_UINT32_LE( key, 24 );  // 256 bit key
-        w[1][3] = MBEDTLS_GET_UINT32_LE( key, 28 );
+    if (keybits == 256) {
+        w[1][2] = MBEDTLS_GET_UINT32_LE(key, 24);    // 256 bit key
+        w[1][3] = MBEDTLS_GET_UINT32_LE(key, 28);
     }
 
-    i = ( keybits - 128 ) >> 6;             // index: 0, 1, 2
+    i = (keybits - 128) >> 6;               // index: 0, 1, 2
     ctx->nr = 12 + 2 * i;                   // no. rounds: 12, 14, 16
 
-    aria_fo_xor( w[1], w[0], rc[i], w[1] ); // W1 = FO(W0, CK1) ^ KR
+    aria_fo_xor(w[1], w[0], rc[i], w[1]);   // W1 = FO(W0, CK1) ^ KR
     i = i < 2 ? i + 1 : 0;
-    aria_fe_xor( w[2], w[1], rc[i], w[0] ); // W2 = FE(W1, CK2) ^ W0
+    aria_fe_xor(w[2], w[1], rc[i], w[0]);   // W2 = FE(W1, CK2) ^ W0
     i = i < 2 ? i + 1 : 0;
-    aria_fo_xor( w[3], w[2], rc[i], w[1] ); // W3 = FO(W2, CK3) ^ W1
+    aria_fo_xor(w[3], w[2], rc[i], w[1]);   // W3 = FO(W2, CK3) ^ W1
 
-    for( i = 0; i < 4; i++ )                // create round keys
-    {
+    for (i = 0; i < 4; i++) {               // create round keys
         w2 = w[(i + 1) & 3];
-        aria_rot128( ctx->rk[i     ], w[i], w2, 128 - 19 );
-        aria_rot128( ctx->rk[i +  4], w[i], w2, 128 - 31 );
-        aria_rot128( ctx->rk[i +  8], w[i], w2,       61 );
-        aria_rot128( ctx->rk[i + 12], w[i], w2,       31 );
+        aria_rot128(ctx->rk[i], w[i], w2, 128 - 19);
+        aria_rot128(ctx->rk[i +  4], w[i], w2, 128 - 31);
+        aria_rot128(ctx->rk[i +  8], w[i], w2,       61);
+        aria_rot128(ctx->rk[i + 12], w[i], w2,       31);
     }
-    aria_rot128( ctx->rk[16], w[0], w[1], 19 );
+    aria_rot128(ctx->rk[16], w[0], w[1], 19);
 
     /* w holds enough info to reconstruct the round keys */
-    mbedtls_platform_zeroize( w, sizeof( w ) );
+    mbedtls_platform_zeroize(w, sizeof(w));
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Set decryption key
  */
-int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
-                             const unsigned char *key, unsigned int keybits )
+int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx,
+                            const unsigned char *key, unsigned int keybits)
 {
     int i, j, k, ret;
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( key != NULL );
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(key != NULL);
 
-    ret = mbedtls_aria_setkey_enc( ctx, key, keybits );
-    if( ret != 0 )
-        return( ret );
+    ret = mbedtls_aria_setkey_enc(ctx, key, keybits);
+    if (ret != 0) {
+        return ret;
+    }
 
     /* flip the order of round keys */
-    for( i = 0, j = ctx->nr; i < j; i++, j-- )
-    {
-        for( k = 0; k < 4; k++ )
-        {
+    for (i = 0, j = ctx->nr; i < j; i++, j--) {
+        for (k = 0; k < 4; k++) {
             uint32_t t = ctx->rk[i][k];
             ctx->rk[i][k] = ctx->rk[j][k];
             ctx->rk[j][k] = t;
@@ -490,45 +486,43 @@ int mbedtls_aria_setkey_dec( mbedtls_aria_context *ctx,
     }
 
     /* apply affine transform to middle keys */
-    for( i = 1; i < ctx->nr; i++ )
-    {
-        aria_a( &ctx->rk[i][0], &ctx->rk[i][1],
-                &ctx->rk[i][2], &ctx->rk[i][3] );
+    for (i = 1; i < ctx->nr; i++) {
+        aria_a(&ctx->rk[i][0], &ctx->rk[i][1],
+               &ctx->rk[i][2], &ctx->rk[i][3]);
     }
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Encrypt a block
  */
-int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
-                            const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char output[MBEDTLS_ARIA_BLOCKSIZE] )
+int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx,
+                           const unsigned char input[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char output[MBEDTLS_ARIA_BLOCKSIZE])
 {
     int i;
 
     uint32_t a, b, c, d;
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( input != NULL );
-    ARIA_VALIDATE_RET( output != NULL );
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(input != NULL);
+    ARIA_VALIDATE_RET(output != NULL);
 
-    a = MBEDTLS_GET_UINT32_LE( input,  0 );
-    b = MBEDTLS_GET_UINT32_LE( input,  4 );
-    c = MBEDTLS_GET_UINT32_LE( input,  8 );
-    d = MBEDTLS_GET_UINT32_LE( input, 12 );
+    a = MBEDTLS_GET_UINT32_LE(input,  0);
+    b = MBEDTLS_GET_UINT32_LE(input,  4);
+    c = MBEDTLS_GET_UINT32_LE(input,  8);
+    d = MBEDTLS_GET_UINT32_LE(input, 12);
 
     i = 0;
-    while( 1 )
-    {
+    while (1) {
         a ^= ctx->rk[i][0];
         b ^= ctx->rk[i][1];
         c ^= ctx->rk[i][2];
         d ^= ctx->rk[i][3];
         i++;
 
-        aria_sl( &a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2 );
-        aria_a( &a, &b, &c, &d );
+        aria_sl(&a, &b, &c, &d, aria_sb1, aria_sb2, aria_is1, aria_is2);
+        aria_a(&a, &b, &c, &d);
 
         a ^= ctx->rk[i][0];
         b ^= ctx->rk[i][1];
@@ -536,10 +530,11 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
         d ^= ctx->rk[i][3];
         i++;
 
-        aria_sl( &a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2 );
-        if( i >= ctx->nr )
+        aria_sl(&a, &b, &c, &d, aria_is1, aria_is2, aria_sb1, aria_sb2);
+        if (i >= ctx->nr) {
             break;
-        aria_a( &a, &b, &c, &d );
+        }
+        aria_a(&a, &b, &c, &d);
     }
 
     /* final key mixing */
@@ -548,80 +543,79 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx,
     c ^= ctx->rk[i][2];
     d ^= ctx->rk[i][3];
 
-    MBEDTLS_PUT_UINT32_LE( a, output,  0 );
-    MBEDTLS_PUT_UINT32_LE( b, output,  4 );
-    MBEDTLS_PUT_UINT32_LE( c, output,  8 );
-    MBEDTLS_PUT_UINT32_LE( d, output, 12 );
+    MBEDTLS_PUT_UINT32_LE(a, output,  0);
+    MBEDTLS_PUT_UINT32_LE(b, output,  4);
+    MBEDTLS_PUT_UINT32_LE(c, output,  8);
+    MBEDTLS_PUT_UINT32_LE(d, output, 12);
 
-    return( 0 );
+    return 0;
 }
 
 /* Initialize context */
-void mbedtls_aria_init( mbedtls_aria_context *ctx )
+void mbedtls_aria_init(mbedtls_aria_context *ctx)
 {
-    ARIA_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_aria_context ) );
+    ARIA_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_aria_context));
 }
 
 /* Clear context */
-void mbedtls_aria_free( mbedtls_aria_context *ctx )
+void mbedtls_aria_free(mbedtls_aria_context *ctx)
 {
-    if( ctx == NULL )
+    if (ctx == NULL) {
         return;
+    }
 
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aria_context ) );
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_aria_context));
 }
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /*
  * ARIA-CBC buffer encryption/decryption
  */
-int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
-                            int mode,
-                            size_t length,
-                            unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output )
+int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx,
+                           int mode,
+                           size_t length,
+                           unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output)
 {
     int i;
     unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE];
 
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
-                       mode == MBEDTLS_ARIA_DECRYPT );
-    ARIA_VALIDATE_RET( length == 0 || input  != NULL );
-    ARIA_VALIDATE_RET( length == 0 || output != NULL );
-    ARIA_VALIDATE_RET( iv != NULL );
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
+                      mode == MBEDTLS_ARIA_DECRYPT);
+    ARIA_VALIDATE_RET(length == 0 || input  != NULL);
+    ARIA_VALIDATE_RET(length == 0 || output != NULL);
+    ARIA_VALIDATE_RET(iv != NULL);
 
-    if( length % MBEDTLS_ARIA_BLOCKSIZE )
-        return( MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH );
+    if (length % MBEDTLS_ARIA_BLOCKSIZE) {
+        return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH;
+    }
 
-    if( mode == MBEDTLS_ARIA_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, MBEDTLS_ARIA_BLOCKSIZE );
-            mbedtls_aria_crypt_ecb( ctx, input, output );
+    if (mode == MBEDTLS_ARIA_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, MBEDTLS_ARIA_BLOCKSIZE);
+            mbedtls_aria_crypt_ecb(ctx, input, output);
 
-            for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
+            for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
 
-            memcpy( iv, temp, MBEDTLS_ARIA_BLOCKSIZE );
+            memcpy(iv, temp, MBEDTLS_ARIA_BLOCKSIZE);
 
             input  += MBEDTLS_ARIA_BLOCKSIZE;
             output += MBEDTLS_ARIA_BLOCKSIZE;
             length -= MBEDTLS_ARIA_BLOCKSIZE;
         }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
+    } else {
+        while (length > 0) {
+            for (i = 0; i < MBEDTLS_ARIA_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
 
-            mbedtls_aria_crypt_ecb( ctx, output, output );
-            memcpy( iv, output, MBEDTLS_ARIA_BLOCKSIZE );
+            mbedtls_aria_crypt_ecb(ctx, output, output);
+            memcpy(iv, output, MBEDTLS_ARIA_BLOCKSIZE);
 
             input  += MBEDTLS_ARIA_BLOCKSIZE;
             output += MBEDTLS_ARIA_BLOCKSIZE;
@@ -629,7 +623,7 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
         }
     }
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
@@ -637,63 +631,61 @@ int mbedtls_aria_crypt_cbc( mbedtls_aria_context *ctx,
 /*
  * ARIA-CFB128 buffer encryption/decryption
  */
-int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
-                               int mode,
-                               size_t length,
-                               size_t *iv_off,
-                               unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
-                               const unsigned char *input,
-                               unsigned char *output )
+int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx,
+                              int mode,
+                              size_t length,
+                              size_t *iv_off,
+                              unsigned char iv[MBEDTLS_ARIA_BLOCKSIZE],
+                              const unsigned char *input,
+                              unsigned char *output)
 {
     unsigned char c;
     size_t n;
 
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( mode == MBEDTLS_ARIA_ENCRYPT ||
-                       mode == MBEDTLS_ARIA_DECRYPT );
-    ARIA_VALIDATE_RET( length == 0 || input  != NULL );
-    ARIA_VALIDATE_RET( length == 0 || output != NULL );
-    ARIA_VALIDATE_RET( iv != NULL );
-    ARIA_VALIDATE_RET( iv_off != NULL );
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT ||
+                      mode == MBEDTLS_ARIA_DECRYPT);
+    ARIA_VALIDATE_RET(length == 0 || input  != NULL);
+    ARIA_VALIDATE_RET(length == 0 || output != NULL);
+    ARIA_VALIDATE_RET(iv != NULL);
+    ARIA_VALIDATE_RET(iv_off != NULL);
 
     n = *iv_off;
 
     /* An overly large value of n can lead to an unlimited
      * buffer overflow. Therefore, guard against this
      * outside of parameter validation. */
-    if( n >= MBEDTLS_ARIA_BLOCKSIZE )
-        return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
+    if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
+        return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
+    }
 
-    if( mode == MBEDTLS_ARIA_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_aria_crypt_ecb( ctx, iv, iv );
+    if (mode == MBEDTLS_ARIA_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_aria_crypt_ecb(ctx, iv, iv);
+            }
 
             c = *input++;
             *output++ = c ^ iv[n];
             iv[n] = c;
 
-            n = ( n + 1 ) & 0x0F;
+            n = (n + 1) & 0x0F;
         }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_aria_crypt_ecb( ctx, iv, iv );
+    } else {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_aria_crypt_ecb(ctx, iv, iv);
+            }
 
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
 
-            n = ( n + 1 ) & 0x0F;
+            n = (n + 1) & 0x0F;
         }
     }
 
     *iv_off = n;
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
@@ -701,50 +693,52 @@ int mbedtls_aria_crypt_cfb128( mbedtls_aria_context *ctx,
 /*
  * ARIA-CTR buffer encryption/decryption
  */
-int mbedtls_aria_crypt_ctr( mbedtls_aria_context *ctx,
-                            size_t length,
-                            size_t *nc_off,
-                            unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
-                            unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
-                            const unsigned char *input,
-                            unsigned char *output )
+int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx,
+                           size_t length,
+                           size_t *nc_off,
+                           unsigned char nonce_counter[MBEDTLS_ARIA_BLOCKSIZE],
+                           unsigned char stream_block[MBEDTLS_ARIA_BLOCKSIZE],
+                           const unsigned char *input,
+                           unsigned char *output)
 {
     int c, i;
     size_t n;
 
-    ARIA_VALIDATE_RET( ctx != NULL );
-    ARIA_VALIDATE_RET( length == 0 || input  != NULL );
-    ARIA_VALIDATE_RET( length == 0 || output != NULL );
-    ARIA_VALIDATE_RET( nonce_counter != NULL );
-    ARIA_VALIDATE_RET( stream_block  != NULL );
-    ARIA_VALIDATE_RET( nc_off != NULL );
+    ARIA_VALIDATE_RET(ctx != NULL);
+    ARIA_VALIDATE_RET(length == 0 || input  != NULL);
+    ARIA_VALIDATE_RET(length == 0 || output != NULL);
+    ARIA_VALIDATE_RET(nonce_counter != NULL);
+    ARIA_VALIDATE_RET(stream_block  != NULL);
+    ARIA_VALIDATE_RET(nc_off != NULL);
 
     n = *nc_off;
     /* An overly large value of n can lead to an unlimited
      * buffer overflow. Therefore, guard against this
      * outside of parameter validation. */
-    if( n >= MBEDTLS_ARIA_BLOCKSIZE )
-        return( MBEDTLS_ERR_ARIA_BAD_INPUT_DATA );
+    if (n >= MBEDTLS_ARIA_BLOCKSIZE) {
+        return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA;
+    }
 
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_aria_crypt_ecb( ctx, nonce_counter,
-                                stream_block );
+    while (length--) {
+        if (n == 0) {
+            mbedtls_aria_crypt_ecb(ctx, nonce_counter,
+                                   stream_block);
 
-            for( i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
+            for (i = MBEDTLS_ARIA_BLOCKSIZE; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
                     break;
+                }
+            }
         }
         c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
+        *output++ = (unsigned char) (c ^ stream_block[n]);
 
-        n = ( n + 1 ) & 0x0F;
+        n = (n + 1) & 0x0F;
     }
 
     *nc_off = n;
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 #endif /* !MBEDTLS_ARIA_ALT */
@@ -883,22 +877,22 @@ static const uint8_t aria_test2_ctr_ct[3][48] =         // CTR ciphertext
 };
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
-#define ARIA_SELF_TEST_ASSERT( cond )                   \
-        do {                                            \
-            if( cond ) {                                \
-                if( verbose )                           \
-                    mbedtls_printf( "failed\n" );       \
-                goto exit;                              \
-            } else {                                    \
-                if( verbose )                           \
-                    mbedtls_printf( "passed\n" );       \
-            }                                           \
-        } while( 0 )
+#define ARIA_SELF_TEST_ASSERT(cond)                   \
+    do {                                            \
+        if (cond) {                                \
+            if (verbose)                           \
+            mbedtls_printf("failed\n");       \
+            goto exit;                              \
+        } else {                                    \
+            if (verbose)                           \
+            mbedtls_printf("passed\n");       \
+        }                                           \
+    } while (0)
 
 /*
  * Checkup routine
  */
-int mbedtls_aria_self_test( int verbose )
+int mbedtls_aria_self_test(int verbose)
 {
     int i;
     uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE];
@@ -910,134 +904,142 @@ int mbedtls_aria_self_test( int verbose )
 #endif
 
 #if (defined(MBEDTLS_CIPHER_MODE_CBC) || \
-     defined(MBEDTLS_CIPHER_MODE_CFB) || \
-     defined(MBEDTLS_CIPHER_MODE_CTR))
+    defined(MBEDTLS_CIPHER_MODE_CFB) || \
+    defined(MBEDTLS_CIPHER_MODE_CTR))
     uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE];
 #endif
 
-    mbedtls_aria_init( &ctx );
+    mbedtls_aria_init(&ctx);
 
     /*
      * Test set 1
      */
-    for( i = 0; i < 3; i++ )
-    {
+    for (i = 0; i < 3; i++) {
         /* test ECB encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-ECB-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test1_ecb_key, 128 + 64 * i );
-        mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_pt, blk );
+        if (verbose) {
+            mbedtls_printf("  ARIA-ECB-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test1_ecb_key, 128 + 64 * i);
+        mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_pt, blk);
         ARIA_SELF_TEST_ASSERT(
-                memcmp( blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE )
-                != 0 );
+            memcmp(blk, aria_test1_ecb_ct[i], MBEDTLS_ARIA_BLOCKSIZE)
+            != 0);
 
         /* test ECB decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-ECB-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_dec( &ctx, aria_test1_ecb_key, 128 + 64 * i );
-        mbedtls_aria_crypt_ecb( &ctx, aria_test1_ecb_ct[i], blk );
+        if (verbose) {
+            mbedtls_printf("  ARIA-ECB-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i);
+        mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk);
         ARIA_SELF_TEST_ASSERT(
-                memcmp( blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE )
-                != 0 );
+            memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE)
+            != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
     }
-    if( verbose )
-        mbedtls_printf( "\n" );
 
     /*
      * Test set 2
      */
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
-    for( i = 0; i < 3; i++ )
-    {
+    for (i = 0; i < 3; i++) {
         /* Test CBC encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CBC-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0x55, sizeof( buf ) );
-        mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
-            aria_test2_pt, buf );
-        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cbc_ct[i], 48 )
-                != 0 );
+        if (verbose) {
+            mbedtls_printf("  ARIA-CBC-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0x55, sizeof(buf));
+        mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv,
+                               aria_test2_pt, buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cbc_ct[i], 48)
+                              != 0);
 
         /* Test CBC decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CBC-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0xAA, sizeof( buf ) );
-        mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
-            aria_test2_cbc_ct[i], buf );
-        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
+        if (verbose) {
+            mbedtls_printf("  ARIA-CBC-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_dec(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0xAA, sizeof(buf));
+        mbedtls_aria_crypt_cbc(&ctx, MBEDTLS_ARIA_DECRYPT, 48, iv,
+                               aria_test2_cbc_ct[i], buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
     }
-    if( verbose )
-        mbedtls_printf( "\n" );
 
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
 #if defined(MBEDTLS_CIPHER_MODE_CFB)
-    for( i = 0; i < 3; i++ )
-    {
+    for (i = 0; i < 3; i++) {
         /* Test CFB encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CFB-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0x55, sizeof( buf ) );
+        if (verbose) {
+            mbedtls_printf("  ARIA-CFB-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0x55, sizeof(buf));
         j = 0;
-        mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
-            aria_test2_pt, buf );
-        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_cfb_ct[i], 48 ) != 0 );
+        mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv,
+                                  aria_test2_pt, buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_cfb_ct[i], 48) != 0);
 
         /* Test CFB decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CFB-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE );
-        memset( buf, 0xAA, sizeof( buf ) );
+        if (verbose) {
+            mbedtls_printf("  ARIA-CFB-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memcpy(iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE);
+        memset(buf, 0xAA, sizeof(buf));
         j = 0;
-        mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
-            iv, aria_test2_cfb_ct[i], buf );
-        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
+        mbedtls_aria_crypt_cfb128(&ctx, MBEDTLS_ARIA_DECRYPT, 48, &j,
+                                  iv, aria_test2_cfb_ct[i], buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
     }
-    if( verbose )
-        mbedtls_printf( "\n" );
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
-    for( i = 0; i < 3; i++ )
-    {
+    for (i = 0; i < 3; i++) {
         /* Test CTR encryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CTR-%d (enc): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE );                    // IV = 0
-        memset( buf, 0x55, sizeof( buf ) );
+        if (verbose) {
+            mbedtls_printf("  ARIA-CTR-%d (enc): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE);                      // IV = 0
+        memset(buf, 0x55, sizeof(buf));
         j = 0;
-        mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
-            aria_test2_pt, buf );
-        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_ctr_ct[i], 48 ) != 0 );
+        mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
+                               aria_test2_pt, buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_ctr_ct[i], 48) != 0);
 
         /* Test CTR decryption */
-        if( verbose )
-            mbedtls_printf( "  ARIA-CTR-%d (dec): ", 128 + 64 * i );
-        mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i );
-        memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE );                    // IV = 0
-        memset( buf, 0xAA, sizeof( buf ) );
+        if (verbose) {
+            mbedtls_printf("  ARIA-CTR-%d (dec): ", 128 + 64 * i);
+        }
+        mbedtls_aria_setkey_enc(&ctx, aria_test2_key, 128 + 64 * i);
+        memset(iv, 0, MBEDTLS_ARIA_BLOCKSIZE);                      // IV = 0
+        memset(buf, 0xAA, sizeof(buf));
         j = 0;
-        mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk,
-            aria_test2_ctr_ct[i], buf );
-        ARIA_SELF_TEST_ASSERT( memcmp( buf, aria_test2_pt, 48 ) != 0 );
+        mbedtls_aria_crypt_ctr(&ctx, 48, &j, iv, blk,
+                               aria_test2_ctr_ct[i], buf);
+        ARIA_SELF_TEST_ASSERT(memcmp(buf, aria_test2_pt, 48) != 0);
+    }
+    if (verbose) {
+        mbedtls_printf("\n");
     }
-    if( verbose )
-        mbedtls_printf( "\n" );
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
     ret = 0;
 
 exit:
-    mbedtls_aria_free( &ctx );
-    return( ret );
+    mbedtls_aria_free(&ctx);
+    return ret;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/asn1parse.c

@@ -36,203 +36,219 @@
 /*
  * ASN.1 DER decoding routines
  */
-int mbedtls_asn1_get_len( unsigned char **p,
-                  const unsigned char *end,
-                  size_t *len )
+int mbedtls_asn1_get_len(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len)
 {
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
 
-    if( ( **p & 0x80 ) == 0 )
+    if ((**p & 0x80) == 0) {
         *len = *(*p)++;
-    else
-    {
-        switch( **p & 0x7F )
-        {
-        case 1:
-            if( ( end - *p ) < 2 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = (*p)[1];
-            (*p) += 2;
-            break;
-
-        case 2:
-            if( ( end - *p ) < 3 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
-            (*p) += 3;
-            break;
-
-        case 3:
-            if( ( end - *p ) < 4 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = ( (size_t)(*p)[1] << 16 ) |
-                   ( (size_t)(*p)[2] << 8  ) | (*p)[3];
-            (*p) += 4;
-            break;
-
-        case 4:
-            if( ( end - *p ) < 5 )
-                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
-            *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
-                   ( (size_t)(*p)[3] << 8  ) |           (*p)[4];
-            (*p) += 5;
-            break;
-
-        default:
-            return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    } else {
+        switch (**p & 0x7F) {
+            case 1:
+                if ((end - *p) < 2) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = (*p)[1];
+                (*p) += 2;
+                break;
+
+            case 2:
+                if ((end - *p) < 3) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = ((size_t) (*p)[1] << 8) | (*p)[2];
+                (*p) += 3;
+                break;
+
+            case 3:
+                if ((end - *p) < 4) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = ((size_t) (*p)[1] << 16) |
+                       ((size_t) (*p)[2] << 8) | (*p)[3];
+                (*p) += 4;
+                break;
+
+            case 4:
+                if ((end - *p) < 5) {
+                    return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+                }
+
+                *len = ((size_t) (*p)[1] << 24) | ((size_t) (*p)[2] << 16) |
+                       ((size_t) (*p)[3] << 8) |           (*p)[4];
+                (*p) += 5;
+                break;
+
+            default:
+                return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
         }
     }
 
-    if( *len > (size_t) ( end - *p ) )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    if (*len > (size_t) (end - *p)) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_asn1_get_tag( unsigned char **p,
-                  const unsigned char *end,
-                  size_t *len, int tag )
+int mbedtls_asn1_get_tag(unsigned char **p,
+                         const unsigned char *end,
+                         size_t *len, int tag)
 {
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
 
-    if( **p != tag )
-        return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+    if (**p != tag) {
+        return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
+    }
 
     (*p)++;
 
-    return( mbedtls_asn1_get_len( p, end, len ) );
+    return mbedtls_asn1_get_len(p, end, len);
 }
 
-int mbedtls_asn1_get_bool( unsigned char **p,
-                   const unsigned char *end,
-                   int *val )
+int mbedtls_asn1_get_bool(unsigned char **p,
+                          const unsigned char *end,
+                          int *val)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_BOOLEAN)) != 0) {
+        return ret;
+    }
 
-    if( len != 1 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    if (len != 1) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
 
-    *val = ( **p != 0 ) ? 1 : 0;
+    *val = (**p != 0) ? 1 : 0;
     (*p)++;
 
-    return( 0 );
+    return 0;
 }
 
-static int asn1_get_tagged_int( unsigned char **p,
-                                const unsigned char *end,
-                                int tag, int *val )
+static int asn1_get_tagged_int(unsigned char **p,
+                               const unsigned char *end,
+                               int tag, int *val)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, tag ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, tag)) != 0) {
+        return ret;
+    }
 
     /*
      * len==0 is malformed (0 must be represented as 020100 for INTEGER,
      * or 0A0100 for ENUMERATED tags
      */
-    if( len == 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    if (len == 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
     /* This is a cryptography library. Reject negative integers. */
-    if( ( **p & 0x80 ) != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    if ((**p & 0x80) != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
 
     /* Skip leading zeros. */
-    while( len > 0 && **p == 0 )
-    {
-        ++( *p );
+    while (len > 0 && **p == 0) {
+        ++(*p);
         --len;
     }
 
     /* Reject integers that don't fit in an int. This code assumes that
      * the int type has no padding bit. */
-    if( len > sizeof( int ) )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
-    if( len == sizeof( int ) && ( **p & 0x80 ) != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    if (len > sizeof(int)) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
+    if (len == sizeof(int) && (**p & 0x80) != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
 
     *val = 0;
-    while( len-- > 0 )
-    {
-        *val = ( *val << 8 ) | **p;
+    while (len-- > 0) {
+        *val = (*val << 8) | **p;
         (*p)++;
     }
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_asn1_get_int( unsigned char **p,
-                          const unsigned char *end,
-                          int *val )
+int mbedtls_asn1_get_int(unsigned char **p,
+                         const unsigned char *end,
+                         int *val)
 {
-    return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_INTEGER, val) );
+    return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_INTEGER, val);
 }
 
-int mbedtls_asn1_get_enum( unsigned char **p,
-                           const unsigned char *end,
-                           int *val )
+int mbedtls_asn1_get_enum(unsigned char **p,
+                          const unsigned char *end,
+                          int *val)
 {
-    return( asn1_get_tagged_int( p, end, MBEDTLS_ASN1_ENUMERATED, val) );
+    return asn1_get_tagged_int(p, end, MBEDTLS_ASN1_ENUMERATED, val);
 }
 
 #if defined(MBEDTLS_BIGNUM_C)
-int mbedtls_asn1_get_mpi( unsigned char **p,
-                  const unsigned char *end,
-                  mbedtls_mpi *X )
+int mbedtls_asn1_get_mpi(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_mpi *X)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) {
+        return ret;
+    }
 
-    ret = mbedtls_mpi_read_binary( X, *p, len );
+    ret = mbedtls_mpi_read_binary(X, *p, len);
 
     *p += len;
 
-    return( ret );
+    return ret;
 }
 #endif /* MBEDTLS_BIGNUM_C */
 
-int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
-                        mbedtls_asn1_bitstring *bs)
+int mbedtls_asn1_get_bitstring(unsigned char **p, const unsigned char *end,
+                               mbedtls_asn1_bitstring *bs)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
     /* Certificate type is a single byte bitstring */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
+        return ret;
+    }
 
     /* Check length, subtract one for actual bit string length */
-    if( bs->len < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    if (bs->len < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
     bs->len -= 1;
 
     /* Get number of unused bits, ensure unused bits <= 7 */
     bs->unused_bits = **p;
-    if( bs->unused_bits > 7 )
-        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    if (bs->unused_bits > 7) {
+        return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
+    }
     (*p)++;
 
     /* Get actual bitstring */
     bs->p = *p;
     *p += bs->len;
 
-    if( *p != end )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    if (*p != end) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
 
-    return( 0 );
+    return 0;
 }
 
 /*
@@ -244,105 +260,106 @@ int mbedtls_asn1_traverse_sequence_of(
     const unsigned char *end,
     unsigned char tag_must_mask, unsigned char tag_must_val,
     unsigned char tag_may_mask, unsigned char tag_may_val,
-    int (*cb)( void *ctx, int tag,
-               unsigned char *start, size_t len ),
-    void *ctx )
+    int (*cb)(void *ctx, int tag,
+              unsigned char *start, size_t len),
+    void *ctx)
 {
     int ret;
     size_t len;
 
     /* Get main sequence tag */
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
     }
 
-    if( *p + len != end )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    if (*p + len != end) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
 
-    while( *p < end )
-    {
+    while (*p < end) {
         unsigned char const tag = *(*p)++;
 
-        if( ( tag & tag_must_mask ) != tag_must_val )
-            return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+        if ((tag & tag_must_mask) != tag_must_val) {
+            return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG;
+        }
 
-        if( ( ret = mbedtls_asn1_get_len( p, end, &len ) ) != 0 )
-            return( ret );
+        if ((ret = mbedtls_asn1_get_len(p, end, &len)) != 0) {
+            return ret;
+        }
 
-        if( ( tag & tag_may_mask ) == tag_may_val )
-        {
-            if( cb != NULL )
-            {
-                ret = cb( ctx, tag, *p, len );
-                if( ret != 0 )
-                    return( ret );
+        if ((tag & tag_may_mask) == tag_may_val) {
+            if (cb != NULL) {
+                ret = cb(ctx, tag, *p, len);
+                if (ret != 0) {
+                    return ret;
+                }
             }
         }
 
         *p += len;
     }
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Get a bit string without unused bits
  */
-int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
-                             size_t *len )
+int mbedtls_asn1_get_bitstring_null(unsigned char **p, const unsigned char *end,
+                                    size_t *len)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_BIT_STRING)) != 0) {
+        return ret;
+    }
 
-    if( *len == 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    --( *len );
+    if (*len == 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+    --(*len);
 
-    if( **p != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    ++( *p );
+    if (**p != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
+    ++(*p);
 
-    return( 0 );
+    return 0;
 }
 
-void mbedtls_asn1_sequence_free( mbedtls_asn1_sequence *seq )
+void mbedtls_asn1_sequence_free(mbedtls_asn1_sequence *seq)
 {
-    while( seq != NULL )
-    {
+    while (seq != NULL) {
         mbedtls_asn1_sequence *next = seq->next;
-        mbedtls_platform_zeroize( seq, sizeof( *seq ) );
-        mbedtls_free( seq );
+        mbedtls_platform_zeroize(seq, sizeof(*seq));
+        mbedtls_free(seq);
         seq = next;
     }
 }
 
-typedef struct
-{
+typedef struct {
     int tag;
     mbedtls_asn1_sequence *cur;
 } asn1_get_sequence_of_cb_ctx_t;
 
-static int asn1_get_sequence_of_cb( void *ctx,
-                                    int tag,
-                                    unsigned char *start,
-                                    size_t len )
+static int asn1_get_sequence_of_cb(void *ctx,
+                                   int tag,
+                                   unsigned char *start,
+                                   size_t len)
 {
     asn1_get_sequence_of_cb_ctx_t *cb_ctx =
         (asn1_get_sequence_of_cb_ctx_t *) ctx;
     mbedtls_asn1_sequence *cur =
         cb_ctx->cur;
 
-    if( cur->buf.p != NULL )
-    {
+    if (cur->buf.p != NULL) {
         cur->next =
-            mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
+            mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence));
 
-        if( cur->next == NULL )
-            return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+        if (cur->next == NULL) {
+            return MBEDTLS_ERR_ASN1_ALLOC_FAILED;
+        }
 
         cur = cur->next;
     }
@@ -352,124 +369,128 @@ static int asn1_get_sequence_of_cb( void *ctx,
     cur->buf.tag = tag;
 
     cb_ctx->cur = cur;
-    return( 0 );
+    return 0;
 }
 
 /*
  *  Parses and splits an ASN.1 "SEQUENCE OF <tag>"
  */
-int mbedtls_asn1_get_sequence_of( unsigned char **p,
-                          const unsigned char *end,
-                          mbedtls_asn1_sequence *cur,
-                          int tag)
+int mbedtls_asn1_get_sequence_of(unsigned char **p,
+                                 const unsigned char *end,
+                                 mbedtls_asn1_sequence *cur,
+                                 int tag)
 {
     asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur };
-    memset( cur, 0, sizeof( mbedtls_asn1_sequence ) );
-    return( mbedtls_asn1_traverse_sequence_of(
-                p, end, 0xFF, tag, 0, 0,
-                asn1_get_sequence_of_cb, &cb_ctx ) );
+    memset(cur, 0, sizeof(mbedtls_asn1_sequence));
+    return mbedtls_asn1_traverse_sequence_of(
+        p, end, 0xFF, tag, 0, 0,
+        asn1_get_sequence_of_cb, &cb_ctx);
 }
 
-int mbedtls_asn1_get_alg( unsigned char **p,
-                  const unsigned char *end,
-                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
+int mbedtls_asn1_get_alg(unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
-            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
+        return ret;
+    }
 
-    if( ( end - *p ) < 1 )
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    if ((end - *p) < 1) {
+        return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
+    }
 
     alg->tag = **p;
     end = *p + len;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_tag(p, end, &alg->len, MBEDTLS_ASN1_OID)) != 0) {
+        return ret;
+    }
 
     alg->p = *p;
     *p += alg->len;
 
-    if( *p == end )
-    {
-        mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) );
-        return( 0 );
+    if (*p == end) {
+        mbedtls_platform_zeroize(params, sizeof(mbedtls_asn1_buf));
+        return 0;
     }
 
     params->tag = **p;
     (*p)++;
 
-    if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_len(p, end, &params->len)) != 0) {
+        return ret;
+    }
 
     params->p = *p;
     *p += params->len;
 
-    if( *p != end )
-        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    if (*p != end) {
+        return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+    }
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_asn1_get_alg_null( unsigned char **p,
-                       const unsigned char *end,
-                       mbedtls_asn1_buf *alg )
+int mbedtls_asn1_get_alg_null(unsigned char **p,
+                              const unsigned char *end,
+                              mbedtls_asn1_buf *alg)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     mbedtls_asn1_buf params;
 
-    memset( &params, 0, sizeof(mbedtls_asn1_buf) );
+    memset(&params, 0, sizeof(mbedtls_asn1_buf));
 
-    if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_asn1_get_alg(p, end, alg, &params)) != 0) {
+        return ret;
+    }
 
-    if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
-        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+    if ((params.tag != MBEDTLS_ASN1_NULL && params.tag != 0) || params.len != 0) {
+        return MBEDTLS_ERR_ASN1_INVALID_DATA;
+    }
 
-    return( 0 );
+    return 0;
 }
 
-void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
+void mbedtls_asn1_free_named_data(mbedtls_asn1_named_data *cur)
 {
-    if( cur == NULL )
+    if (cur == NULL) {
         return;
+    }
 
-    mbedtls_free( cur->oid.p );
-    mbedtls_free( cur->val.p );
+    mbedtls_free(cur->oid.p);
+    mbedtls_free(cur->val.p);
 
-    mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
+    mbedtls_platform_zeroize(cur, sizeof(mbedtls_asn1_named_data));
 }
 
-void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
+void mbedtls_asn1_free_named_data_list(mbedtls_asn1_named_data **head)
 {
     mbedtls_asn1_named_data *cur;
 
-    while( ( cur = *head ) != NULL )
-    {
+    while ((cur = *head) != NULL) {
         *head = cur->next;
-        mbedtls_asn1_free_named_data( cur );
-        mbedtls_free( cur );
+        mbedtls_asn1_free_named_data(cur);
+        mbedtls_free(cur);
     }
 }
 
-mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
-                                       const char *oid, size_t len )
+mbedtls_asn1_named_data *mbedtls_asn1_find_named_data(mbedtls_asn1_named_data *list,
+                                                      const char *oid, size_t len)
 {
-    while( list != NULL )
-    {
-        if( list->oid.len == len &&
-            memcmp( list->oid.p, oid, len ) == 0 )
-        {
+    while (list != NULL) {
+        if (list->oid.len == len &&
+            memcmp(list->oid.p, oid, len) == 0) {
             break;
         }
 
         list = list->next;
     }
 
-    return( list );
+    return list;
 }
 
 #endif /* MBEDTLS_ASN1_PARSE_C */

thirdparty/mbedtls/library/asn1write.c

@@ -28,452 +28,454 @@
 
 #include "mbedtls/platform.h"
 
-int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
+int mbedtls_asn1_write_len(unsigned char **p, unsigned char *start, size_t len)
 {
-    if( len < 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (len < 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
 
         *--(*p) = (unsigned char) len;
-        return( 1 );
+        return 1;
     }
 
-    if( len <= 0xFF )
-    {
-        if( *p - start < 2 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (len <= 0xFF) {
+        if (*p - start < 2) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
 
         *--(*p) = (unsigned char) len;
         *--(*p) = 0x81;
-        return( 2 );
+        return 2;
     }
 
-    if( len <= 0xFFFF )
-    {
-        if( *p - start < 3 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (len <= 0xFFFF) {
+        if (*p - start < 3) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
 
-        *--(*p) = MBEDTLS_BYTE_0( len );
-        *--(*p) = MBEDTLS_BYTE_1( len );
+        *--(*p) = MBEDTLS_BYTE_0(len);
+        *--(*p) = MBEDTLS_BYTE_1(len);
         *--(*p) = 0x82;
-        return( 3 );
+        return 3;
     }
 
-    if( len <= 0xFFFFFF )
-    {
-        if( *p - start < 4 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (len <= 0xFFFFFF) {
+        if (*p - start < 4) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
 
-        *--(*p) = MBEDTLS_BYTE_0( len );
-        *--(*p) = MBEDTLS_BYTE_1( len );
-        *--(*p) = MBEDTLS_BYTE_2( len );
+        *--(*p) = MBEDTLS_BYTE_0(len);
+        *--(*p) = MBEDTLS_BYTE_1(len);
+        *--(*p) = MBEDTLS_BYTE_2(len);
         *--(*p) = 0x83;
-        return( 4 );
+        return 4;
     }
 
     int len_is_valid = 1;
 #if SIZE_MAX > 0xFFFFFFFF
-    len_is_valid = ( len <= 0xFFFFFFFF );
+    len_is_valid = (len <= 0xFFFFFFFF);
 #endif
-    if( len_is_valid )
-    {
-        if( *p - start < 5 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = MBEDTLS_BYTE_0( len );
-        *--(*p) = MBEDTLS_BYTE_1( len );
-        *--(*p) = MBEDTLS_BYTE_2( len );
-        *--(*p) = MBEDTLS_BYTE_3( len );
+    if (len_is_valid) {
+        if (*p - start < 5) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
+
+        *--(*p) = MBEDTLS_BYTE_0(len);
+        *--(*p) = MBEDTLS_BYTE_1(len);
+        *--(*p) = MBEDTLS_BYTE_2(len);
+        *--(*p) = MBEDTLS_BYTE_3(len);
         *--(*p) = 0x84;
-        return( 5 );
+        return 5;
     }
 
-    return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    return MBEDTLS_ERR_ASN1_INVALID_LENGTH;
 }
 
-int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
+int mbedtls_asn1_write_tag(unsigned char **p, unsigned char *start, unsigned char tag)
 {
-    if( *p - start < 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (*p - start < 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
 
     *--(*p) = tag;
 
-    return( 1 );
+    return 1;
 }
 
-int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
-                           const unsigned char *buf, size_t size )
+int mbedtls_asn1_write_raw_buffer(unsigned char **p, unsigned char *start,
+                                  const unsigned char *buf, size_t size)
 {
     size_t len = 0;
 
-    if( *p < start || (size_t)( *p - start ) < size )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (*p < start || (size_t) (*p - start) < size) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
 
     len = size;
     (*p) -= len;
-    memcpy( *p, buf, len );
+    memcpy(*p, buf, len);
 
-    return( (int) len );
+    return (int) len;
 }
 
 #if defined(MBEDTLS_BIGNUM_C)
-int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
+int mbedtls_asn1_write_mpi(unsigned char **p, unsigned char *start, const mbedtls_mpi *X)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
     // Write the MPI
     //
-    len = mbedtls_mpi_size( X );
+    len = mbedtls_mpi_size(X);
 
     /* DER represents 0 with a sign bit (0=nonnegative) and 7 value bits, not
      * as 0 digits. We need to end up with 020100, not with 0200. */
-    if( len == 0 )
+    if (len == 0) {
         len = 1;
+    }
 
-    if( *p < start || (size_t)( *p - start ) < len )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (*p < start || (size_t) (*p - start) < len) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
 
     (*p) -= len;
-    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
+    MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(X, *p, len));
 
     // DER format assumes 2s complement for numbers, so the leftmost bit
     // should be 0 for positive numbers and 1 for negative numbers.
     //
-    if( X->s ==1 && **p & 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (X->s == 1 && **p & 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
 
         *--(*p) = 0x00;
         len += 1;
     }
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_INTEGER));
 
     ret = (int) len;
 
 cleanup:
-    return( ret );
+    return ret;
 }
 #endif /* MBEDTLS_BIGNUM_C */
 
-int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
+int mbedtls_asn1_write_null(unsigned char **p, unsigned char *start)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
     // Write NULL
     //
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, 0));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_NULL));
 
-    return( (int) len );
+    return (int) len;
 }
 
-int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
-                    const char *oid, size_t oid_len )
+int mbedtls_asn1_write_oid(unsigned char **p, unsigned char *start,
+                           const char *oid, size_t oid_len)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
-                                  (const unsigned char *) oid, oid_len ) );
-    MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
+                                                            (const unsigned char *) oid, oid_len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OID));
 
-    return( (int) len );
+    return (int) len;
 }
 
-int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
-                                     const char *oid, size_t oid_len,
-                                     size_t par_len )
+int mbedtls_asn1_write_algorithm_identifier(unsigned char **p, unsigned char *start,
+                                            const char *oid, size_t oid_len,
+                                            size_t par_len)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
-    if( par_len == 0 )
-        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
-    else
+    if (par_len == 0) {
+        MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_null(p, start));
+    } else {
         len += par_len;
+    }
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len));
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
-                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
+                                                     MBEDTLS_ASN1_CONSTRUCTED |
+                                                     MBEDTLS_ASN1_SEQUENCE));
 
-    return( (int) len );
+    return (int) len;
 }
 
-int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
+int mbedtls_asn1_write_bool(unsigned char **p, unsigned char *start, int boolean)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
-    if( *p - start < 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (*p - start < 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
 
     *--(*p) = (boolean) ? 255 : 0;
     len++;
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BOOLEAN));
 
-    return( (int) len );
+    return (int) len;
 }
 
-static int asn1_write_tagged_int( unsigned char **p, unsigned char *start, int val, int tag )
+static int asn1_write_tagged_int(unsigned char **p, unsigned char *start, int val, int tag)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
-    do
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    do {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
         len += 1;
         *--(*p) = val & 0xff;
         val >>= 8;
-    }
-    while( val > 0 );
+    } while (val > 0);
 
-    if( **p & 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (**p & 0x80) {
+        if (*p - start < 1) {
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+        }
         *--(*p) = 0x00;
         len += 1;
     }
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
 
-    return( (int) len );
+    return (int) len;
 }
 
-int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
+int mbedtls_asn1_write_int(unsigned char **p, unsigned char *start, int val)
 {
-    return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_INTEGER ) );
+    return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_INTEGER);
 }
 
-int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val )
+int mbedtls_asn1_write_enum(unsigned char **p, unsigned char *start, int val)
 {
-    return( asn1_write_tagged_int( p, start, val, MBEDTLS_ASN1_ENUMERATED ) );
+    return asn1_write_tagged_int(p, start, val, MBEDTLS_ASN1_ENUMERATED);
 }
 
-int mbedtls_asn1_write_tagged_string( unsigned char **p, unsigned char *start, int tag,
-    const char *text, size_t text_len )
+int mbedtls_asn1_write_tagged_string(unsigned char **p, unsigned char *start, int tag,
+                                     const char *text, size_t text_len)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
-        (const unsigned char *) text, text_len ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start,
+                                                            (const unsigned char *) text,
+                                                            text_len));
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, tag ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, tag));
 
-    return( (int) len );
+    return (int) len;
 }
 
-int mbedtls_asn1_write_utf8_string( unsigned char **p, unsigned char *start,
-    const char *text, size_t text_len )
+int mbedtls_asn1_write_utf8_string(unsigned char **p, unsigned char *start,
+                                   const char *text, size_t text_len)
 {
-    return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len) );
+    return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_UTF8_STRING, text, text_len);
 }
 
-int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
-                                 const char *text, size_t text_len )
+int mbedtls_asn1_write_printable_string(unsigned char **p, unsigned char *start,
+                                        const char *text, size_t text_len)
 {
-    return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text, text_len) );
+    return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_PRINTABLE_STRING, text,
+                                            text_len);
 }
 
-int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
-                           const char *text, size_t text_len )
+int mbedtls_asn1_write_ia5_string(unsigned char **p, unsigned char *start,
+                                  const char *text, size_t text_len)
 {
-    return( mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len) );
+    return mbedtls_asn1_write_tagged_string(p, start, MBEDTLS_ASN1_IA5_STRING, text, text_len);
 }
 
-int mbedtls_asn1_write_named_bitstring( unsigned char **p,
-                                        unsigned char *start,
-                                        const unsigned char *buf,
-                                        size_t bits )
+int mbedtls_asn1_write_named_bitstring(unsigned char **p,
+                                       unsigned char *start,
+                                       const unsigned char *buf,
+                                       size_t bits)
 {
     size_t unused_bits, byte_len;
     const unsigned char *cur_byte;
     unsigned char cur_byte_shifted;
     unsigned char bit;
 
-    byte_len = ( bits + 7 ) / 8;
-    unused_bits = ( byte_len * 8 ) - bits;
+    byte_len = (bits + 7) / 8;
+    unused_bits = (byte_len * 8) - bits;
 
     /*
      * Named bitstrings require that trailing 0s are excluded in the encoding
      * of the bitstring. Trailing 0s are considered part of the 'unused' bits
      * when encoding this value in the first content octet
      */
-    if( bits != 0 )
-    {
+    if (bits != 0) {
         cur_byte = buf + byte_len - 1;
         cur_byte_shifted = *cur_byte >> unused_bits;
 
-        for( ; ; )
-        {
+        for (;;) {
             bit = cur_byte_shifted & 0x1;
             cur_byte_shifted >>= 1;
 
-            if( bit != 0 )
+            if (bit != 0) {
                 break;
+            }
 
             bits--;
-            if( bits == 0 )
+            if (bits == 0) {
                 break;
+            }
 
-            if( bits % 8 == 0 )
+            if (bits % 8 == 0) {
                 cur_byte_shifted = *--cur_byte;
+            }
         }
     }
 
-    return( mbedtls_asn1_write_bitstring( p, start, buf, bits ) );
+    return mbedtls_asn1_write_bitstring(p, start, buf, bits);
 }
 
-int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
-                          const unsigned char *buf, size_t bits )
+int mbedtls_asn1_write_bitstring(unsigned char **p, unsigned char *start,
+                                 const unsigned char *buf, size_t bits)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
     size_t unused_bits, byte_len;
 
-    byte_len = ( bits + 7 ) / 8;
-    unused_bits = ( byte_len * 8 ) - bits;
+    byte_len = (bits + 7) / 8;
+    unused_bits = (byte_len * 8) - bits;
 
-    if( *p < start || (size_t)( *p - start ) < byte_len + 1 )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    if (*p < start || (size_t) (*p - start) < byte_len + 1) {
+        return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
+    }
 
     len = byte_len + 1;
 
     /* Write the bitstring. Ensure the unused bits are zeroed */
-    if( byte_len > 0 )
-    {
+    if (byte_len > 0) {
         byte_len--;
-        *--( *p ) = buf[byte_len] & ~( ( 0x1 << unused_bits ) - 1 );
-        ( *p ) -= byte_len;
-        memcpy( *p, buf, byte_len );
+        *--(*p) = buf[byte_len] & ~((0x1 << unused_bits) - 1);
+        (*p) -= byte_len;
+        memcpy(*p, buf, byte_len);
     }
 
     /* Write unused bits */
-    *--( *p ) = (unsigned char)unused_bits;
+    *--(*p) = (unsigned char) unused_bits;
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_BIT_STRING));
 
-    return( (int) len );
+    return (int) len;
 }
 
-int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
-                             const unsigned char *buf, size_t size )
+int mbedtls_asn1_write_octet_string(unsigned char **p, unsigned char *start,
+                                    const unsigned char *buf, size_t size)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t len = 0;
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(p, start, buf, size));
 
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
+    MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_OCTET_STRING));
 
-    return( (int) len );
+    return (int) len;
 }
 
 
 /* This is a copy of the ASN.1 parsing function mbedtls_asn1_find_named_data(),
  * which is replicated to avoid a dependency ASN1_WRITE_C on ASN1_PARSE_C. */
 static mbedtls_asn1_named_data *asn1_find_named_data(
-                                               mbedtls_asn1_named_data *list,
-                                               const char *oid, size_t len )
+    mbedtls_asn1_named_data *list,
+    const char *oid, size_t len)
 {
-    while( list != NULL )
-    {
-        if( list->oid.len == len &&
-            memcmp( list->oid.p, oid, len ) == 0 )
-        {
+    while (list != NULL) {
+        if (list->oid.len == len &&
+            memcmp(list->oid.p, oid, len) == 0) {
             break;
         }
 
         list = list->next;
     }
 
-    return( list );
+    return list;
 }
 
 mbedtls_asn1_named_data *mbedtls_asn1_store_named_data(
-                                        mbedtls_asn1_named_data **head,
-                                        const char *oid, size_t oid_len,
-                                        const unsigned char *val,
-                                        size_t val_len )
+    mbedtls_asn1_named_data **head,
+    const char *oid, size_t oid_len,
+    const unsigned char *val,
+    size_t val_len)
 {
     mbedtls_asn1_named_data *cur;
 
-    if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
-    {
+    if ((cur = asn1_find_named_data(*head, oid, oid_len)) == NULL) {
         // Add new entry if not present yet based on OID
         //
-        cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1,
-                                            sizeof(mbedtls_asn1_named_data) );
-        if( cur == NULL )
-            return( NULL );
+        cur = (mbedtls_asn1_named_data *) mbedtls_calloc(1,
+                                                         sizeof(mbedtls_asn1_named_data));
+        if (cur == NULL) {
+            return NULL;
+        }
 
         cur->oid.len = oid_len;
-        cur->oid.p = mbedtls_calloc( 1, oid_len );
-        if( cur->oid.p == NULL )
-        {
-            mbedtls_free( cur );
-            return( NULL );
+        cur->oid.p = mbedtls_calloc(1, oid_len);
+        if (cur->oid.p == NULL) {
+            mbedtls_free(cur);
+            return NULL;
         }
 
-        memcpy( cur->oid.p, oid, oid_len );
+        memcpy(cur->oid.p, oid, oid_len);
 
         cur->val.len = val_len;
-        if( val_len != 0 )
-        {
-            cur->val.p = mbedtls_calloc( 1, val_len );
-            if( cur->val.p == NULL )
-            {
-                mbedtls_free( cur->oid.p );
-                mbedtls_free( cur );
-                return( NULL );
+        if (val_len != 0) {
+            cur->val.p = mbedtls_calloc(1, val_len);
+            if (cur->val.p == NULL) {
+                mbedtls_free(cur->oid.p);
+                mbedtls_free(cur);
+                return NULL;
             }
         }
 
         cur->next = *head;
         *head = cur;
-    }
-    else if( val_len == 0 )
-    {
-        mbedtls_free( cur->val.p );
+    } else if (val_len == 0) {
+        mbedtls_free(cur->val.p);
         cur->val.p = NULL;
-    }
-    else if( cur->val.len != val_len )
-    {
+    } else if (cur->val.len != val_len) {
         /*
          * Enlarge existing value buffer if needed
          * Preserve old data until the allocation succeeded, to leave list in
          * a consistent state in case allocation fails.
          */
-        void *p = mbedtls_calloc( 1, val_len );
-        if( p == NULL )
-            return( NULL );
+        void *p = mbedtls_calloc(1, val_len);
+        if (p == NULL) {
+            return NULL;
+        }
 
-        mbedtls_free( cur->val.p );
+        mbedtls_free(cur->val.p);
         cur->val.p = p;
         cur->val.len = val_len;
     }
 
-    if( val != NULL && val_len != 0 )
-        memcpy( cur->val.p, val, val_len );
+    if (val != NULL && val_len != 0) {
+        memcpy(cur->val.p, val, val_len);
+    }
 
-    return( cur );
+    return cur;
 }
 #endif /* MBEDTLS_ASN1_WRITE_C */

thirdparty/mbedtls/library/base64.c

@@ -31,68 +31,65 @@
 #include "mbedtls/platform.h"
 #endif /* MBEDTLS_SELF_TEST */
 
-#define BASE64_SIZE_T_MAX   ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
+#define BASE64_SIZE_T_MAX   ((size_t) -1)   /* SIZE_T_MAX is not standard */
 
 /*
  * Encode a buffer into base64 format
  */
-int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen )
+int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen)
 {
     size_t i, n;
     int C1, C2, C3;
     unsigned char *p;
 
-    if( slen == 0 )
-    {
+    if (slen == 0) {
         *olen = 0;
-        return( 0 );
+        return 0;
     }
 
-    n = slen / 3 + ( slen % 3 != 0 );
+    n = slen / 3 + (slen % 3 != 0);
 
-    if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 )
-    {
+    if (n > (BASE64_SIZE_T_MAX - 1) / 4) {
         *olen = BASE64_SIZE_T_MAX;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
     }
 
     n *= 4;
 
-    if( ( dlen < n + 1 ) || ( NULL == dst ) )
-    {
+    if ((dlen < n + 1) || (NULL == dst)) {
         *olen = n + 1;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
     }
 
-    n = ( slen / 3 ) * 3;
+    n = (slen / 3) * 3;
 
-    for( i = 0, p = dst; i < n; i += 3 )
-    {
+    for (i = 0, p = dst; i < n; i += 3) {
         C1 = *src++;
         C2 = *src++;
         C3 = *src++;
 
-        *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F );
-        *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 &  3 ) << 4 ) + ( C2 >> 4 ) )
-                                        & 0x3F );
-        *p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) )
-                                        & 0x3F );
-        *p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F );
+        *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char((((C1 &  3) << 4) + (C2 >> 4))
+                                          & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char((((C2 & 15) << 2) + (C3 >> 6))
+                                          & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char(C3 & 0x3F);
     }
 
-    if( i < slen )
-    {
+    if (i < slen) {
         C1 = *src++;
-        C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
+        C2 = ((i + 1) < slen) ? *src++ : 0;
 
-        *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F );
-        *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
-                                        & 0x3F );
+        *p++ = mbedtls_ct_base64_enc_char((C1 >> 2) & 0x3F);
+        *p++ = mbedtls_ct_base64_enc_char((((C1 & 3) << 4) + (C2 >> 4))
+                                          & 0x3F);
 
-        if( ( i + 1 ) < slen )
-             *p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F );
-        else *p++ = '=';
+        if ((i + 1) < slen) {
+            *p++ = mbedtls_ct_base64_enc_char(((C2 & 15) << 2) & 0x3F);
+        } else {
+            *p++ = '=';
+        }
 
         *p++ = '=';
     }
@@ -100,14 +97,14 @@ int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
     *olen = p - dst;
     *p = 0;
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Decode a base64-formatted buffer
  */
-int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
-                   const unsigned char *src, size_t slen )
+int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
+                          const unsigned char *src, size_t slen)
 {
     size_t i; /* index in source */
     size_t n; /* number of digits or trailing = in source */
@@ -118,92 +115,97 @@ int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
     unsigned char *p;
 
     /* First pass: check for validity and get output length */
-    for( i = n = 0; i < slen; i++ )
-    {
+    for (i = n = 0; i < slen; i++) {
         /* Skip spaces before checking for EOL */
         spaces_present = 0;
-        while( i < slen && src[i] == ' ' )
-        {
+        while (i < slen && src[i] == ' ') {
             ++i;
             spaces_present = 1;
         }
 
         /* Spaces at end of buffer are OK */
-        if( i == slen )
+        if (i == slen) {
             break;
+        }
 
-        if( ( slen - i ) >= 2 &&
-            src[i] == '\r' && src[i + 1] == '\n' )
+        if ((slen - i) >= 2 &&
+            src[i] == '\r' && src[i + 1] == '\n') {
             continue;
+        }
 
-        if( src[i] == '\n' )
+        if (src[i] == '\n') {
             continue;
+        }
 
         /* Space inside a line is an error */
-        if( spaces_present )
-            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-
-        if( src[i] > 127 )
-            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+        if (spaces_present) {
+            return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+        }
 
-        if( src[i] == '=' )
-        {
-            if( ++equals > 2 )
-                return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+        if (src[i] > 127) {
+            return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
         }
-        else
-        {
-            if( equals != 0 )
-                return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
-            if( mbedtls_ct_base64_dec_value( src[i] ) < 0 )
-                return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+
+        if (src[i] == '=') {
+            if (++equals > 2) {
+                return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+            }
+        } else {
+            if (equals != 0) {
+                return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+            }
+            if (mbedtls_ct_base64_dec_value(src[i]) < 0) {
+                return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
+            }
         }
         n++;
     }
 
-    if( n == 0 )
-    {
+    if (n == 0) {
         *olen = 0;
-        return( 0 );
+        return 0;
     }
 
     /* The following expression is to calculate the following formula without
      * risk of integer overflow in n:
      *     n = ( ( n * 6 ) + 7 ) >> 3;
      */
-    n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
+    n = (6 * (n >> 3)) + ((6 * (n & 0x7) + 7) >> 3);
     n -= equals;
 
-    if( dst == NULL || dlen < n )
-    {
+    if (dst == NULL || dlen < n) {
         *olen = n;
-        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+        return MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL;
     }
 
     equals = 0;
-    for( x = 0, p = dst; i > 0; i--, src++ )
-    {
-        if( *src == '\r' || *src == '\n' || *src == ' ' )
+    for (x = 0, p = dst; i > 0; i--, src++) {
+        if (*src == '\r' || *src == '\n' || *src == ' ') {
             continue;
+        }
 
         x = x << 6;
-        if( *src == '=' )
+        if (*src == '=') {
             ++equals;
-        else
-            x |= mbedtls_ct_base64_dec_value( *src );
+        } else {
+            x |= mbedtls_ct_base64_dec_value(*src);
+        }
 
-        if( ++accumulated_digits == 4 )
-        {
+        if (++accumulated_digits == 4) {
             accumulated_digits = 0;
-            *p++ = MBEDTLS_BYTE_2( x );
-            if( equals <= 1 ) *p++ = MBEDTLS_BYTE_1( x );
-            if( equals <= 0 ) *p++ = MBEDTLS_BYTE_0( x );
+            *p++ = MBEDTLS_BYTE_2(x);
+            if (equals <= 1) {
+                *p++ = MBEDTLS_BYTE_1(x);
+            }
+            if (equals <= 0) {
+                *p++ = MBEDTLS_BYTE_0(x);
+            }
         }
     }
 
     *olen = p - dst;
 
-    return( 0 );
+    return 0;
 }
 
 #if defined(MBEDTLS_SELF_TEST)
@@ -227,44 +229,47 @@ static const unsigned char base64_test_enc[] =
 /*
  * Checkup routine
  */
-int mbedtls_base64_self_test( int verbose )
+int mbedtls_base64_self_test(int verbose)
 {
     size_t len;
     const unsigned char *src;
     unsigned char buffer[128];
 
-    if( verbose != 0 )
-        mbedtls_printf( "  Base64 encoding test: " );
+    if (verbose != 0) {
+        mbedtls_printf("  Base64 encoding test: ");
+    }
 
     src = base64_test_dec;
 
-    if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 ||
-         memcmp( base64_test_enc, buffer, 88 ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
+    if (mbedtls_base64_encode(buffer, sizeof(buffer), &len, src, 64) != 0 ||
+        memcmp(base64_test_enc, buffer, 88) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
 
-        return( 1 );
+        return 1;
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n  Base64 decoding test: " );
+    if (verbose != 0) {
+        mbedtls_printf("passed\n  Base64 decoding test: ");
+    }
 
     src = base64_test_enc;
 
-    if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 ||
-         memcmp( base64_test_dec, buffer, 64 ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "failed\n" );
+    if (mbedtls_base64_decode(buffer, sizeof(buffer), &len, src, 88) != 0 ||
+        memcmp(base64_test_dec, buffer, 64) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("failed\n");
+        }
 
-        return( 1 );
+        return 1;
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n\n" );
+    if (verbose != 0) {
+        mbedtls_printf("passed\n\n");
+    }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/blowfish.c

@@ -35,42 +35,42 @@
 #if !defined(MBEDTLS_BLOWFISH_ALT)
 
 /* Parameter validation macros */
-#define BLOWFISH_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA )
-#define BLOWFISH_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
+#define BLOWFISH_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
+#define BLOWFISH_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
 
 static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
-        0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
-        0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
-        0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
-        0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
-        0x9216D5D9L, 0x8979FB1BL
+    0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
+    0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
+    0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
+    0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
+    0x9216D5D9L, 0x8979FB1BL
 };
 
 /* declarations of data at the end of this file */
 static const uint32_t S[4][256];
 
-static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
+static uint32_t F(mbedtls_blowfish_context *ctx, uint32_t x)
 {
-   unsigned short a, b, c, d;
-   uint32_t  y;
-
-   d = MBEDTLS_BYTE_0( x );
-   x >>= 8;
-   c = MBEDTLS_BYTE_0( x );
-   x >>= 8;
-   b = MBEDTLS_BYTE_0( x );
-   x >>= 8;
-   a = MBEDTLS_BYTE_0( x );
-   y = ctx->S[0][a] + ctx->S[1][b];
-   y = y ^ ctx->S[2][c];
-   y = y + ctx->S[3][d];
-
-   return( y );
+    unsigned short a, b, c, d;
+    uint32_t  y;
+
+    d = MBEDTLS_BYTE_0(x);
+    x >>= 8;
+    c = MBEDTLS_BYTE_0(x);
+    x >>= 8;
+    b = MBEDTLS_BYTE_0(x);
+    x >>= 8;
+    a = MBEDTLS_BYTE_0(x);
+    y = ctx->S[0][a] + ctx->S[1][b];
+    y = y ^ ctx->S[2][c];
+    y = y + ctx->S[3][d];
+
+    return y;
 }
 
-static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
+static void blowfish_enc(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr)
 {
     uint32_t  Xl, Xr, temp;
     short i;
@@ -78,10 +78,9 @@ static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t
     Xl = *xl;
     Xr = *xr;
 
-    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
-    {
+    for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i) {
         Xl = Xl ^ ctx->P[i];
-        Xr = F( ctx, Xl ) ^ Xr;
+        Xr = F(ctx, Xl) ^ Xr;
 
         temp = Xl;
         Xl = Xr;
@@ -99,7 +98,7 @@ static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t
     *xr = Xr;
 }
 
-static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
+static void blowfish_dec(mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr)
 {
     uint32_t  Xl, Xr, temp;
     short i;
@@ -107,10 +106,9 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t
     Xl = *xl;
     Xr = *xr;
 
-    for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
-    {
+    for (i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i) {
         Xl = Xl ^ ctx->P[i];
-        Xr = F( ctx, Xl ) ^ Xr;
+        Xr = F(ctx, Xl) ^ Xr;
 
         temp = Xl;
         Xl = Xr;
@@ -128,56 +126,55 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t
     *xr = Xr;
 }
 
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
+void mbedtls_blowfish_init(mbedtls_blowfish_context *ctx)
 {
-    BLOWFISH_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
+    BLOWFISH_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_blowfish_context));
 }
 
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
+void mbedtls_blowfish_free(mbedtls_blowfish_context *ctx)
 {
-    if( ctx == NULL )
+    if (ctx == NULL) {
         return;
+    }
 
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_blowfish_context));
 }
 
 /*
  * Blowfish key schedule
  */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
-                             const unsigned char *key,
-                             unsigned int keybits )
+int mbedtls_blowfish_setkey(mbedtls_blowfish_context *ctx,
+                            const unsigned char *key,
+                            unsigned int keybits)
 {
     unsigned int i, j, k;
     uint32_t data, datal, datar;
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( key != NULL );
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(key != NULL);
 
-    if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS    ||
+    if (keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS    ||
         keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS    ||
-        keybits % 8 != 0 )
-    {
-        return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
+        keybits % 8 != 0) {
+        return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA;
     }
 
     keybits >>= 3;
 
-    for( i = 0; i < 4; i++ )
-    {
-        for( j = 0; j < 256; j++ )
+    for (i = 0; i < 4; i++) {
+        for (j = 0; j < 256; j++) {
             ctx->S[i][j] = S[i][j];
+        }
     }
 
     j = 0;
-    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
-    {
+    for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i) {
         data = 0x00000000;
-        for( k = 0; k < 4; ++k )
-        {
-            data = ( data << 8 ) | key[j++];
-            if( j >= keybits )
+        for (k = 0; k < 4; ++k) {
+            data = (data << 8) | key[j++];
+            if (j >= keybits) {
                 j = 0;
+            }
         }
         ctx->P[i] = P[i] ^ data;
     }
@@ -185,107 +182,99 @@ int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
     datal = 0x00000000;
     datar = 0x00000000;
 
-    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
-    {
-        blowfish_enc( ctx, &datal, &datar );
+    for (i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2) {
+        blowfish_enc(ctx, &datal, &datar);
         ctx->P[i] = datal;
         ctx->P[i + 1] = datar;
     }
 
-    for( i = 0; i < 4; i++ )
-    {
-       for( j = 0; j < 256; j += 2 )
-       {
-            blowfish_enc( ctx, &datal, &datar );
+    for (i = 0; i < 4; i++) {
+        for (j = 0; j < 256; j += 2) {
+            blowfish_enc(ctx, &datal, &datar);
             ctx->S[i][j] = datal;
             ctx->S[i][j + 1] = datar;
         }
     }
-    return( 0 );
+    return 0;
 }
 
 /*
  * Blowfish-ECB block encryption/decryption
  */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
-                    int mode,
-                    const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                    unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
+int mbedtls_blowfish_crypt_ecb(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE])
 {
     uint32_t X0, X1;
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
-                           mode == MBEDTLS_BLOWFISH_DECRYPT );
-    BLOWFISH_VALIDATE_RET( input  != NULL );
-    BLOWFISH_VALIDATE_RET( output != NULL );
-
-    X0 = MBEDTLS_GET_UINT32_BE( input,  0 );
-    X1 = MBEDTLS_GET_UINT32_BE( input,  4 );
-
-    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
-    {
-        blowfish_dec( ctx, &X0, &X1 );
-    }
-    else /* MBEDTLS_BLOWFISH_ENCRYPT */
-    {
-        blowfish_enc( ctx, &X0, &X1 );
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT ||
+                          mode == MBEDTLS_BLOWFISH_DECRYPT);
+    BLOWFISH_VALIDATE_RET(input  != NULL);
+    BLOWFISH_VALIDATE_RET(output != NULL);
+
+    X0 = MBEDTLS_GET_UINT32_BE(input,  0);
+    X1 = MBEDTLS_GET_UINT32_BE(input,  4);
+
+    if (mode == MBEDTLS_BLOWFISH_DECRYPT) {
+        blowfish_dec(ctx, &X0, &X1);
+    } else { /* MBEDTLS_BLOWFISH_ENCRYPT */
+        blowfish_enc(ctx, &X0, &X1);
     }
 
-    MBEDTLS_PUT_UINT32_BE( X0, output,  0 );
-    MBEDTLS_PUT_UINT32_BE( X1, output,  4 );
+    MBEDTLS_PUT_UINT32_BE(X0, output,  0);
+    MBEDTLS_PUT_UINT32_BE(X1, output,  4);
 
-    return( 0 );
+    return 0;
 }
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /*
  * Blowfish-CBC buffer encryption/decryption
  */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
-                    int mode,
-                    size_t length,
-                    unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                    const unsigned char *input,
-                    unsigned char *output )
+int mbedtls_blowfish_crypt_cbc(mbedtls_blowfish_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output)
 {
     int i;
     unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
-                           mode == MBEDTLS_BLOWFISH_DECRYPT );
-    BLOWFISH_VALIDATE_RET( iv != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || input  != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
-    if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
-        return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT ||
+                          mode == MBEDTLS_BLOWFISH_DECRYPT);
+    BLOWFISH_VALIDATE_RET(iv != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || input  != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || output != NULL);
+
+    if (length % MBEDTLS_BLOWFISH_BLOCKSIZE) {
+        return MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH;
+    }
 
-    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
-            mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
+    if (mode == MBEDTLS_BLOWFISH_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE);
+            mbedtls_blowfish_crypt_ecb(ctx, mode, input, output);
 
-            for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
+            for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
 
-            memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
+            memcpy(iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE);
 
             input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
             output += MBEDTLS_BLOWFISH_BLOCKSIZE;
             length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
         }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
+    } else {
+        while (length > 0) {
+            for (i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
 
-            mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
-            memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
+            mbedtls_blowfish_crypt_ecb(ctx, mode, output, output);
+            memcpy(iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE);
 
             input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
             output += MBEDTLS_BLOWFISH_BLOCKSIZE;
@@ -293,7 +282,7 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
         }
     }
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
@@ -301,59 +290,57 @@ int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
 /*
  * Blowfish CFB buffer encryption/decryption
  */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                       const unsigned char *input,
-                       unsigned char *output )
+int mbedtls_blowfish_crypt_cfb64(mbedtls_blowfish_context *ctx,
+                                 int mode,
+                                 size_t length,
+                                 size_t *iv_off,
+                                 unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                                 const unsigned char *input,
+                                 unsigned char *output)
 {
     int c;
     size_t n;
 
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
-                           mode == MBEDTLS_BLOWFISH_DECRYPT );
-    BLOWFISH_VALIDATE_RET( iv     != NULL );
-    BLOWFISH_VALIDATE_RET( iv_off != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || input  != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(mode == MBEDTLS_BLOWFISH_ENCRYPT ||
+                          mode == MBEDTLS_BLOWFISH_DECRYPT);
+    BLOWFISH_VALIDATE_RET(iv     != NULL);
+    BLOWFISH_VALIDATE_RET(iv_off != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || input  != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || output != NULL);
 
     n = *iv_off;
-    if( n >= 8 )
-        return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
+    if (n >= 8) {
+        return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA;
+    }
 
-    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
+    if (mode == MBEDTLS_BLOWFISH_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv);
+            }
 
             c = *input++;
-            *output++ = (unsigned char)( c ^ iv[n] );
+            *output++ = (unsigned char) (c ^ iv[n]);
             iv[n] = (unsigned char) c;
 
-            n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+            n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE;
         }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
+    } else {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv);
+            }
 
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
 
-            n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+            n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE;
         }
     }
 
     *iv_off = n;
 
-    return( 0 );
+    return 0;
 }
 #endif /*MBEDTLS_CIPHER_MODE_CFB */
 
@@ -361,46 +348,48 @@ int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
 /*
  * Blowfish CTR buffer encryption/decryption
  */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                       unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
-                       const unsigned char *input,
-                       unsigned char *output )
+int mbedtls_blowfish_crypt_ctr(mbedtls_blowfish_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                               const unsigned char *input,
+                               unsigned char *output)
 {
     int c, i;
     size_t n;
-    BLOWFISH_VALIDATE_RET( ctx != NULL );
-    BLOWFISH_VALIDATE_RET( nonce_counter != NULL );
-    BLOWFISH_VALIDATE_RET( stream_block  != NULL );
-    BLOWFISH_VALIDATE_RET( nc_off != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || input  != NULL );
-    BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
+    BLOWFISH_VALIDATE_RET(ctx != NULL);
+    BLOWFISH_VALIDATE_RET(nonce_counter != NULL);
+    BLOWFISH_VALIDATE_RET(stream_block  != NULL);
+    BLOWFISH_VALIDATE_RET(nc_off != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || input  != NULL);
+    BLOWFISH_VALIDATE_RET(length == 0 || output != NULL);
 
     n = *nc_off;
-    if( n >= 8 )
-        return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
+    if (n >= 8) {
+        return MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA;
+    }
 
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
-                                stream_block );
+    while (length--) {
+        if (n == 0) {
+            mbedtls_blowfish_crypt_ecb(ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
+                                       stream_block);
 
-            for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
+            for (i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
                     break;
+                }
+            }
         }
         c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
+        *output++ = (unsigned char) (c ^ stream_block[n]);
 
-        n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+        n = (n + 1) % MBEDTLS_BLOWFISH_BLOCKSIZE;
     }
 
     *nc_off = n;
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 

thirdparty/mbedtls/library/camellia.c

@@ -37,10 +37,10 @@
 #if !defined(MBEDTLS_CAMELLIA_ALT)
 
 /* Parameter validation macros */
-#define CAMELLIA_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA )
-#define CAMELLIA_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
+#define CAMELLIA_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
+#define CAMELLIA_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
 
 static const unsigned char SIGMA_CHARS[6][8] =
 {
@@ -56,109 +56,109 @@ static const unsigned char SIGMA_CHARS[6][8] =
 
 static const unsigned char FSb[256] =
 {
-    112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
-     35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
-    134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
-    166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
-    139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
-    223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
-     20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
-    254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
-    170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
-     16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
-    135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
-     82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
-    233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
-    120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
-    114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
-     64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158
+    112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65,
+    35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189,
+    134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26,
+    166, 225, 57, 202, 213, 71, 93, 61, 217,  1, 90, 214, 81, 86, 108, 77,
+    139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153,
+    223, 76, 203, 194, 52, 126, 118,  5, 109, 183, 169, 49, 209, 23,  4, 215,
+    20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34,
+    254, 68, 207, 178, 195, 181, 122, 145, 36,  8, 232, 168, 96, 252, 105, 80,
+    170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210,
+    16, 196,  0, 72, 163, 247, 117, 219, 138,  3, 230, 218,  9, 63, 221, 148,
+    135, 92, 131,  2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226,
+    82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46,
+    233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89,
+    120, 152,  6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250,
+    114,  7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164,
+    64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158
 };
 
 #define SBOX1(n) FSb[(n)]
-#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
-#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
+#define SBOX2(n) (unsigned char) ((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
+#define SBOX3(n) (unsigned char) ((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
 #define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
 
 #else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
 
 static const unsigned char FSb[256] =
 {
- 112, 130,  44, 236, 179,  39, 192, 229, 228, 133,  87,  53, 234,  12, 174,  65,
-  35, 239, 107, 147,  69,  25, 165,  33, 237,  14,  79,  78,  29, 101, 146, 189,
- 134, 184, 175, 143, 124, 235,  31, 206,  62,  48, 220,  95,  94, 197,  11,  26,
- 166, 225,  57, 202, 213,  71,  93,  61, 217,   1,  90, 214,  81,  86, 108,  77,
- 139,  13, 154, 102, 251, 204, 176,  45, 116,  18,  43,  32, 240, 177, 132, 153,
- 223,  76, 203, 194,  52, 126, 118,   5, 109, 183, 169,  49, 209,  23,   4, 215,
-  20,  88,  58,  97, 222,  27,  17,  28,  50,  15, 156,  22,  83,  24, 242,  34,
- 254,  68, 207, 178, 195, 181, 122, 145,  36,   8, 232, 168,  96, 252, 105,  80,
- 170, 208, 160, 125, 161, 137,  98, 151,  84,  91,  30, 149, 224, 255, 100, 210,
-  16, 196,   0,  72, 163, 247, 117, 219, 138,   3, 230, 218,   9,  63, 221, 148,
- 135,  92, 131,   2, 205,  74, 144,  51, 115, 103, 246, 243, 157, 127, 191, 226,
-  82, 155, 216,  38, 200,  55, 198,  59, 129, 150, 111,  75,  19, 190,  99,  46,
- 233, 121, 167, 140, 159, 110, 188, 142,  41, 245, 249, 182,  47, 253, 180,  89,
- 120, 152,   6, 106, 231,  70, 113, 186, 212,  37, 171,  66, 136, 162, 141, 250,
- 114,   7, 185,  85, 248, 238, 172,  10,  54,  73,  42, 104,  60,  56, 241, 164,
- 64,  40, 211, 123, 187, 201,  67, 193,  21, 227, 173, 244, 119, 199, 128, 158
+    112, 130,  44, 236, 179,  39, 192, 229, 228, 133,  87,  53, 234,  12, 174,  65,
+    35, 239, 107, 147,  69,  25, 165,  33, 237,  14,  79,  78,  29, 101, 146, 189,
+    134, 184, 175, 143, 124, 235,  31, 206,  62,  48, 220,  95,  94, 197,  11,  26,
+    166, 225,  57, 202, 213,  71,  93,  61, 217,   1,  90, 214,  81,  86, 108,  77,
+    139,  13, 154, 102, 251, 204, 176,  45, 116,  18,  43,  32, 240, 177, 132, 153,
+    223,  76, 203, 194,  52, 126, 118,   5, 109, 183, 169,  49, 209,  23,   4, 215,
+    20,  88,  58,  97, 222,  27,  17,  28,  50,  15, 156,  22,  83,  24, 242,  34,
+    254,  68, 207, 178, 195, 181, 122, 145,  36,   8, 232, 168,  96, 252, 105,  80,
+    170, 208, 160, 125, 161, 137,  98, 151,  84,  91,  30, 149, 224, 255, 100, 210,
+    16, 196,   0,  72, 163, 247, 117, 219, 138,   3, 230, 218,   9,  63, 221, 148,
+    135,  92, 131,   2, 205,  74, 144,  51, 115, 103, 246, 243, 157, 127, 191, 226,
+    82, 155, 216,  38, 200,  55, 198,  59, 129, 150, 111,  75,  19, 190,  99,  46,
+    233, 121, 167, 140, 159, 110, 188, 142,  41, 245, 249, 182,  47, 253, 180,  89,
+    120, 152,   6, 106, 231,  70, 113, 186, 212,  37, 171,  66, 136, 162, 141, 250,
+    114,   7, 185,  85, 248, 238, 172,  10,  54,  73,  42, 104,  60,  56, 241, 164,
+    64,  40, 211, 123, 187, 201,  67, 193,  21, 227, 173, 244, 119, 199, 128, 158
 };
 
 static const unsigned char FSb2[256] =
 {
- 224,   5,  88, 217, 103,  78, 129, 203, 201,  11, 174, 106, 213,  24,  93, 130,
-  70, 223, 214,  39, 138,  50,  75,  66, 219,  28, 158, 156,  58, 202,  37, 123,
-  13, 113,  95,  31, 248, 215,  62, 157, 124,  96, 185, 190, 188, 139,  22,  52,
-  77, 195, 114, 149, 171, 142, 186, 122, 179,   2, 180, 173, 162, 172, 216, 154,
-  23,  26,  53, 204, 247, 153,  97,  90, 232,  36,  86,  64, 225,  99,   9,  51,
- 191, 152, 151, 133, 104, 252, 236,  10, 218, 111,  83,  98, 163,  46,   8, 175,
-  40, 176, 116, 194, 189,  54,  34,  56, 100,  30,  57,  44, 166,  48, 229,  68,
- 253, 136, 159, 101, 135, 107, 244,  35,  72,  16, 209,  81, 192, 249, 210, 160,
-  85, 161,  65, 250,  67,  19, 196,  47, 168, 182,  60,  43, 193, 255, 200, 165,
-  32, 137,   0, 144,  71, 239, 234, 183,  21,   6, 205, 181,  18, 126, 187,  41,
-  15, 184,   7,   4, 155, 148,  33, 102, 230, 206, 237, 231,  59, 254, 127, 197,
- 164,  55, 177,  76, 145, 110, 141, 118,   3,  45, 222, 150,  38, 125, 198,  92,
- 211, 242,  79,  25,  63, 220, 121,  29,  82, 235, 243, 109,  94, 251, 105, 178,
- 240,  49,  12, 212, 207, 140, 226, 117, 169,  74,  87, 132,  17,  69,  27, 245,
- 228,  14, 115, 170, 241, 221,  89,  20, 108, 146,  84, 208, 120, 112, 227,  73,
- 128,  80, 167, 246, 119, 147, 134, 131,  42, 199,  91, 233, 238, 143,   1,  61
+    224,   5,  88, 217, 103,  78, 129, 203, 201,  11, 174, 106, 213,  24,  93, 130,
+    70, 223, 214,  39, 138,  50,  75,  66, 219,  28, 158, 156,  58, 202,  37, 123,
+    13, 113,  95,  31, 248, 215,  62, 157, 124,  96, 185, 190, 188, 139,  22,  52,
+    77, 195, 114, 149, 171, 142, 186, 122, 179,   2, 180, 173, 162, 172, 216, 154,
+    23,  26,  53, 204, 247, 153,  97,  90, 232,  36,  86,  64, 225,  99,   9,  51,
+    191, 152, 151, 133, 104, 252, 236,  10, 218, 111,  83,  98, 163,  46,   8, 175,
+    40, 176, 116, 194, 189,  54,  34,  56, 100,  30,  57,  44, 166,  48, 229,  68,
+    253, 136, 159, 101, 135, 107, 244,  35,  72,  16, 209,  81, 192, 249, 210, 160,
+    85, 161,  65, 250,  67,  19, 196,  47, 168, 182,  60,  43, 193, 255, 200, 165,
+    32, 137,   0, 144,  71, 239, 234, 183,  21,   6, 205, 181,  18, 126, 187,  41,
+    15, 184,   7,   4, 155, 148,  33, 102, 230, 206, 237, 231,  59, 254, 127, 197,
+    164,  55, 177,  76, 145, 110, 141, 118,   3,  45, 222, 150,  38, 125, 198,  92,
+    211, 242,  79,  25,  63, 220, 121,  29,  82, 235, 243, 109,  94, 251, 105, 178,
+    240,  49,  12, 212, 207, 140, 226, 117, 169,  74,  87, 132,  17,  69,  27, 245,
+    228,  14, 115, 170, 241, 221,  89,  20, 108, 146,  84, 208, 120, 112, 227,  73,
+    128,  80, 167, 246, 119, 147, 134, 131,  42, 199,  91, 233, 238, 143,   1,  61
 };
 
 static const unsigned char FSb3[256] =
 {
-  56,  65,  22, 118, 217, 147,  96, 242, 114, 194, 171, 154, 117,   6,  87, 160,
- 145, 247, 181, 201, 162, 140, 210, 144, 246,   7, 167,  39, 142, 178,  73, 222,
-  67,  92, 215, 199,  62, 245, 143, 103,  31,  24, 110, 175,  47, 226, 133,  13,
-  83, 240, 156, 101, 234, 163, 174, 158, 236, 128,  45, 107, 168,  43,  54, 166,
- 197, 134,  77,  51, 253, 102,  88, 150,  58,   9, 149,  16, 120, 216,  66, 204,
- 239,  38, 229,  97,  26,  63,  59, 130, 182, 219, 212, 152, 232, 139,   2, 235,
-  10,  44,  29, 176, 111, 141, 136,  14,  25, 135,  78,  11, 169,  12, 121,  17,
- 127,  34, 231,  89, 225, 218,  61, 200,  18,   4, 116,  84,  48, 126, 180,  40,
-  85, 104,  80, 190, 208, 196,  49, 203,  42, 173,  15, 202, 112, 255,  50, 105,
-   8,  98,   0,  36, 209, 251, 186, 237,  69, 129, 115, 109, 132, 159, 238,  74,
- 195,  46, 193,   1, 230,  37,  72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
-  41, 205, 108,  19, 100, 155,  99, 157, 192,  75, 183, 165, 137,  95, 177,  23,
- 244, 188, 211,  70, 207,  55,  94,  71, 148, 250, 252,  91, 151, 254,  90, 172,
-  60,  76,   3,  53, 243,  35, 184,  93, 106, 146, 213,  33,  68,  81, 198, 125,
-  57, 131, 220, 170, 124, 119,  86,   5,  27, 164,  21,  52,  30,  28, 248,  82,
-  32,  20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227,  64,  79
+    56,  65,  22, 118, 217, 147,  96, 242, 114, 194, 171, 154, 117,   6,  87, 160,
+    145, 247, 181, 201, 162, 140, 210, 144, 246,   7, 167,  39, 142, 178,  73, 222,
+    67,  92, 215, 199,  62, 245, 143, 103,  31,  24, 110, 175,  47, 226, 133,  13,
+    83, 240, 156, 101, 234, 163, 174, 158, 236, 128,  45, 107, 168,  43,  54, 166,
+    197, 134,  77,  51, 253, 102,  88, 150,  58,   9, 149,  16, 120, 216,  66, 204,
+    239,  38, 229,  97,  26,  63,  59, 130, 182, 219, 212, 152, 232, 139,   2, 235,
+    10,  44,  29, 176, 111, 141, 136,  14,  25, 135,  78,  11, 169,  12, 121,  17,
+    127,  34, 231,  89, 225, 218,  61, 200,  18,   4, 116,  84,  48, 126, 180,  40,
+    85, 104,  80, 190, 208, 196,  49, 203,  42, 173,  15, 202, 112, 255,  50, 105,
+    8,  98,   0,  36, 209, 251, 186, 237,  69, 129, 115, 109, 132, 159, 238,  74,
+    195,  46, 193,   1, 230,  37,  72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
+    41, 205, 108,  19, 100, 155,  99, 157, 192,  75, 183, 165, 137,  95, 177,  23,
+    244, 188, 211,  70, 207,  55,  94,  71, 148, 250, 252,  91, 151, 254,  90, 172,
+    60,  76,   3,  53, 243,  35, 184,  93, 106, 146, 213,  33,  68,  81, 198, 125,
+    57, 131, 220, 170, 124, 119,  86,   5,  27, 164,  21,  52,  30,  28, 248,  82,
+    32,  20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227,  64,  79
 };
 
 static const unsigned char FSb4[256] =
 {
- 112,  44, 179, 192, 228,  87, 234, 174,  35, 107,  69, 165, 237,  79,  29, 146,
- 134, 175, 124,  31,  62, 220,  94,  11, 166,  57, 213,  93, 217,  90,  81, 108,
- 139, 154, 251, 176, 116,  43, 240, 132, 223, 203,  52, 118, 109, 169, 209,   4,
-  20,  58, 222,  17,  50, 156,  83, 242, 254, 207, 195, 122,  36, 232,  96, 105,
- 170, 160, 161,  98,  84,  30, 224, 100,  16,   0, 163, 117, 138, 230,   9, 221,
- 135, 131, 205, 144, 115, 246, 157, 191,  82, 216, 200, 198, 129, 111,  19,  99,
- 233, 167, 159, 188,  41, 249,  47, 180, 120,   6, 231, 113, 212, 171, 136, 141,
- 114, 185, 248, 172,  54,  42,  60, 241,  64, 211, 187,  67,  21, 173, 119, 128,
- 130, 236,  39, 229, 133,  53,  12,  65, 239, 147,  25,  33,  14,  78, 101, 189,
- 184, 143, 235, 206,  48,  95, 197,  26, 225, 202,  71,  61,   1, 214,  86,  77,
-  13, 102, 204,  45,  18,  32, 177, 153,  76, 194, 126,   5, 183,  49,  23, 215,
-  88,  97,  27,  28,  15,  22,  24,  34,  68, 178, 181, 145,   8, 168, 252,  80,
- 208, 125, 137, 151,  91, 149, 255, 210, 196,  72, 247, 219,   3, 218,  63, 148,
-  92,   2,  74,  51, 103, 243, 127, 226, 155,  38,  55,  59, 150,  75, 190,  46,
- 121, 140, 110, 142, 245, 182, 253,  89, 152, 106,  70, 186,  37,  66, 162, 250,
-  7,  85, 238,  10,  73, 104,  56, 164,  40, 123, 201, 193, 227, 244, 199, 158
+    112,  44, 179, 192, 228,  87, 234, 174,  35, 107,  69, 165, 237,  79,  29, 146,
+    134, 175, 124,  31,  62, 220,  94,  11, 166,  57, 213,  93, 217,  90,  81, 108,
+    139, 154, 251, 176, 116,  43, 240, 132, 223, 203,  52, 118, 109, 169, 209,   4,
+    20,  58, 222,  17,  50, 156,  83, 242, 254, 207, 195, 122,  36, 232,  96, 105,
+    170, 160, 161,  98,  84,  30, 224, 100,  16,   0, 163, 117, 138, 230,   9, 221,
+    135, 131, 205, 144, 115, 246, 157, 191,  82, 216, 200, 198, 129, 111,  19,  99,
+    233, 167, 159, 188,  41, 249,  47, 180, 120,   6, 231, 113, 212, 171, 136, 141,
+    114, 185, 248, 172,  54,  42,  60, 241,  64, 211, 187,  67,  21, 173, 119, 128,
+    130, 236,  39, 229, 133,  53,  12,  65, 239, 147,  25,  33,  14,  78, 101, 189,
+    184, 143, 235, 206,  48,  95, 197,  26, 225, 202,  71,  61,   1, 214,  86,  77,
+    13, 102, 204,  45,  18,  32, 177, 153,  76, 194, 126,   5, 183,  49,  23, 215,
+    88,  97,  27,  28,  15,  22,  24,  34,  68, 178, 181, 145,   8, 168, 252,  80,
+    208, 125, 137, 151,  91, 149, 255, 210, 196,  72, 247, 219,   3, 218,  63, 148,
+    92,   2,  74,  51, 103, 243, 127, 226, 155,  38,  55,  59, 150,  75, 190,  46,
+    121, 140, 110, 142, 245, 182, 253,  89, 152, 106,  70, 186,  37,  66, 162, 250,
+    7,  85, 238,  10,  73, 104,  56, 164,  40, 123, 201, 193, 227, 244, 199, 158
 };
 
 #define SBOX1(n) FSb[(n)]
@@ -188,23 +188,23 @@ static const signed char indexes[2][4][20] =
 {
     {
         {  0,  1,  2,  3,  8,  9, 10, 11, 38, 39,
-          36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */
+           36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */
         { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
           -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */
         {  4,  5,  6,  7, 12, 13, 14, 15, 16, 17,
-          18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */
+           18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */
         { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
           -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }  /* KB -> RK */
     },
     {
         {  0,  1,  2,  3, 61, 62, 63, 60, -1, -1,
-          -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */
+           -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */
         { -1, -1, -1, -1,  8,  9, 10, 11, 16, 17,
           18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */
         { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59,
           56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */
         {  4,  5,  6,  7, 65, 66, 67, 64, 20, 21,
-          22, 23, -1, -1, -1, -1, 43, 40, 41, 42 }  /* KB -> RK */
+           22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */
     }
 };
 
@@ -228,57 +228,57 @@ static const signed char transposes[2][20] =
 
 /* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */
 #define ROTL(DEST, SRC, SHIFT)                                      \
-{                                                                   \
-    (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT));   \
-    (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT));   \
-    (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT));   \
-    (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT));   \
-}
+    {                                                                   \
+        (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT));   \
+        (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT));   \
+        (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT));   \
+        (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT));   \
+    }
 
 #define FL(XL, XR, KL, KR)                                          \
-{                                                                   \
-    (XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR);   \
-    (XL) = ((XR) | (KR)) ^ (XL);                                    \
-}
+    {                                                                   \
+        (XR) = ((((XL) &(KL)) << 1) | (((XL) &(KL)) >> 31)) ^ (XR);   \
+        (XL) = ((XR) | (KR)) ^ (XL);                                    \
+    }
 
 #define FLInv(YL, YR, KL, KR)                                       \
-{                                                                   \
-    (YL) = ((YR) | (KR)) ^ (YL);                                    \
-    (YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR);   \
-}
+    {                                                                   \
+        (YL) = ((YR) | (KR)) ^ (YL);                                    \
+        (YR) = ((((YL) &(KL)) << 1) | (((YL) &(KL)) >> 31)) ^ (YR);   \
+    }
 
 #define SHIFT_AND_PLACE(INDEX, OFFSET)                      \
-{                                                           \
-    TK[0] = KC[(OFFSET) * 4 + 0];                           \
-    TK[1] = KC[(OFFSET) * 4 + 1];                           \
-    TK[2] = KC[(OFFSET) * 4 + 2];                           \
-    TK[3] = KC[(OFFSET) * 4 + 3];                           \
+    {                                                           \
+        TK[0] = KC[(OFFSET) * 4 + 0];                           \
+        TK[1] = KC[(OFFSET) * 4 + 1];                           \
+        TK[2] = KC[(OFFSET) * 4 + 2];                           \
+        TK[3] = KC[(OFFSET) * 4 + 3];                           \
                                                             \
-    for( i = 1; i <= 4; i++ )                               \
-        if( shifts[(INDEX)][(OFFSET)][i -1] )               \
-            ROTL(TK + i * 4, TK, ( 15 * i ) % 32);          \
+        for (i = 1; i <= 4; i++)                               \
+        if (shifts[(INDEX)][(OFFSET)][i -1])               \
+        ROTL(TK + i * 4, TK, (15 * i) % 32);          \
                                                             \
-    for( i = 0; i < 20; i++ )                               \
-        if( indexes[(INDEX)][(OFFSET)][i] != -1 ) {         \
-            RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ];    \
+        for (i = 0; i < 20; i++)                               \
+        if (indexes[(INDEX)][(OFFSET)][i] != -1) {         \
+            RK[indexes[(INDEX)][(OFFSET)][i]] = TK[i];    \
         }                                                   \
-}
+    }
 
-static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
-                              uint32_t z[2])
+static void camellia_feistel(const uint32_t x[2], const uint32_t k[2],
+                             uint32_t z[2])
 {
     uint32_t I0, I1;
     I0 = x[0] ^ k[0];
     I1 = x[1] ^ k[1];
 
-    I0 = ((uint32_t) SBOX1( MBEDTLS_BYTE_3( I0 )) << 24) |
-         ((uint32_t) SBOX2( MBEDTLS_BYTE_2( I0 )) << 16) |
-         ((uint32_t) SBOX3( MBEDTLS_BYTE_1( I0 )) <<  8) |
-         ((uint32_t) SBOX4( MBEDTLS_BYTE_0( I0 ))      );
-    I1 = ((uint32_t) SBOX2( MBEDTLS_BYTE_3( I1 )) << 24) |
-         ((uint32_t) SBOX3( MBEDTLS_BYTE_2( I1 )) << 16) |
-         ((uint32_t) SBOX4( MBEDTLS_BYTE_1( I1 )) <<  8) |
-         ((uint32_t) SBOX1( MBEDTLS_BYTE_0( I1 ))      );
+    I0 = ((uint32_t) SBOX1(MBEDTLS_BYTE_3(I0)) << 24) |
+         ((uint32_t) SBOX2(MBEDTLS_BYTE_2(I0)) << 16) |
+         ((uint32_t) SBOX3(MBEDTLS_BYTE_1(I0)) <<  8) |
+         ((uint32_t) SBOX4(MBEDTLS_BYTE_0(I0)));
+    I1 = ((uint32_t) SBOX2(MBEDTLS_BYTE_3(I1)) << 24) |
+         ((uint32_t) SBOX3(MBEDTLS_BYTE_2(I1)) << 16) |
+         ((uint32_t) SBOX4(MBEDTLS_BYTE_1(I1)) <<  8) |
+         ((uint32_t) SBOX1(MBEDTLS_BYTE_0(I1)));
 
     I0 ^= (I1 << 8) | (I1 >> 24);
     I1 ^= (I0 << 16) | (I0 >> 16);
@@ -289,26 +289,27 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
     z[1] ^= I0;
 }
 
-void mbedtls_camellia_init( mbedtls_camellia_context *ctx )
+void mbedtls_camellia_init(mbedtls_camellia_context *ctx)
 {
-    CAMELLIA_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_camellia_context ) );
+    CAMELLIA_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_camellia_context));
 }
 
-void mbedtls_camellia_free( mbedtls_camellia_context *ctx )
+void mbedtls_camellia_free(mbedtls_camellia_context *ctx)
 {
-    if( ctx == NULL )
+    if (ctx == NULL) {
         return;
+    }
 
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_camellia_context ) );
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_camellia_context));
 }
 
 /*
  * Camellia key schedule (encryption)
  */
-int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits )
+int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits)
 {
     int idx;
     size_t i;
@@ -318,68 +319,73 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
     uint32_t KC[16];
     uint32_t TK[20];
 
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( key != NULL );
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(key != NULL);
 
     RK = ctx->rk;
 
-    memset( t, 0, 64 );
-    memset( RK, 0, sizeof(ctx->rk) );
+    memset(t, 0, 64);
+    memset(RK, 0, sizeof(ctx->rk));
 
-    switch( keybits )
-    {
+    switch (keybits) {
         case 128: ctx->nr = 3; idx = 0; break;
         case 192:
         case 256: ctx->nr = 4; idx = 1; break;
-        default : return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA );
+        default: return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
     }
 
-    for( i = 0; i < keybits / 8; ++i )
+    for (i = 0; i < keybits / 8; ++i) {
         t[i] = key[i];
+    }
 
-    if( keybits == 192 ) {
-        for( i = 0; i < 8; i++ )
+    if (keybits == 192) {
+        for (i = 0; i < 8; i++) {
             t[24 + i] = ~t[16 + i];
+        }
     }
 
     /*
      * Prepare SIGMA values
      */
-    for( i = 0; i < 6; i++ ) {
-        SIGMA[i][0] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 0 );
-        SIGMA[i][1] = MBEDTLS_GET_UINT32_BE( SIGMA_CHARS[i], 4 );
+    for (i = 0; i < 6; i++) {
+        SIGMA[i][0] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 0);
+        SIGMA[i][1] = MBEDTLS_GET_UINT32_BE(SIGMA_CHARS[i], 4);
     }
 
     /*
      * Key storage in KC
      * Order: KL, KR, KA, KB
      */
-    memset( KC, 0, sizeof(KC) );
+    memset(KC, 0, sizeof(KC));
 
     /* Store KL, KR */
-    for( i = 0; i < 8; i++ )
-        KC[i] = MBEDTLS_GET_UINT32_BE( t, i * 4 );
+    for (i = 0; i < 8; i++) {
+        KC[i] = MBEDTLS_GET_UINT32_BE(t, i * 4);
+    }
 
     /* Generate KA */
-    for( i = 0; i < 4; ++i )
+    for (i = 0; i < 4; ++i) {
         KC[8 + i] = KC[i] ^ KC[4 + i];
+    }
 
-    camellia_feistel( KC + 8, SIGMA[0], KC + 10 );
-    camellia_feistel( KC + 10, SIGMA[1], KC + 8 );
+    camellia_feistel(KC + 8, SIGMA[0], KC + 10);
+    camellia_feistel(KC + 10, SIGMA[1], KC + 8);
 
-    for( i = 0; i < 4; ++i )
+    for (i = 0; i < 4; ++i) {
         KC[8 + i] ^= KC[i];
+    }
 
-    camellia_feistel( KC + 8, SIGMA[2], KC + 10 );
-    camellia_feistel( KC + 10, SIGMA[3], KC + 8 );
+    camellia_feistel(KC + 8, SIGMA[2], KC + 10);
+    camellia_feistel(KC + 10, SIGMA[3], KC + 8);
 
-    if( keybits > 128 ) {
+    if (keybits > 128) {
         /* Generate KB */
-        for( i = 0; i < 4; ++i )
+        for (i = 0; i < 4; ++i) {
             KC[12 + i] = KC[4 + i] ^ KC[8 + i];
+        }
 
-        camellia_feistel( KC + 12, SIGMA[4], KC + 14 );
-        camellia_feistel( KC + 14, SIGMA[5], KC + 12 );
+        camellia_feistel(KC + 12, SIGMA[4], KC + 14);
+        camellia_feistel(KC + 14, SIGMA[5], KC + 12);
     }
 
     /*
@@ -387,54 +393,55 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx,
      */
 
     /* Manipulating KL */
-    SHIFT_AND_PLACE( idx, 0 );
+    SHIFT_AND_PLACE(idx, 0);
 
     /* Manipulating KR */
-    if( keybits > 128 ) {
-        SHIFT_AND_PLACE( idx, 1 );
+    if (keybits > 128) {
+        SHIFT_AND_PLACE(idx, 1);
     }
 
     /* Manipulating KA */
-    SHIFT_AND_PLACE( idx, 2 );
+    SHIFT_AND_PLACE(idx, 2);
 
     /* Manipulating KB */
-    if( keybits > 128 ) {
-        SHIFT_AND_PLACE( idx, 3 );
+    if (keybits > 128) {
+        SHIFT_AND_PLACE(idx, 3);
     }
 
     /* Do transpositions */
-    for( i = 0; i < 20; i++ ) {
-        if( transposes[idx][i] != -1 ) {
+    for (i = 0; i < 20; i++) {
+        if (transposes[idx][i] != -1) {
             RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
         }
     }
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Camellia key schedule (decryption)
  */
-int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
-                                 const unsigned char *key,
-                                 unsigned int keybits )
+int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx,
+                                const unsigned char *key,
+                                unsigned int keybits)
 {
     int idx, ret;
     size_t i;
     mbedtls_camellia_context cty;
     uint32_t *RK;
     uint32_t *SK;
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( key != NULL );
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(key != NULL);
 
-    mbedtls_camellia_init( &cty );
+    mbedtls_camellia_init(&cty);
 
     /* Also checks keybits */
-    if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 )
+    if ((ret = mbedtls_camellia_setkey_enc(&cty, key, keybits)) != 0) {
         goto exit;
+    }
 
     ctx->nr = cty.nr;
-    idx = ( ctx->nr == 4 );
+    idx = (ctx->nr == 4);
 
     RK = ctx->rk;
     SK = cty.rk + 24 * 2 + 8 * idx * 2;
@@ -444,8 +451,7 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
     *RK++ = *SK++;
     *RK++ = *SK++;
 
-    for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 )
-    {
+    for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4) {
         *RK++ = *SK++;
         *RK++ = *SK++;
     }
@@ -458,58 +464,58 @@ int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx,
     *RK++ = *SK++;
 
 exit:
-    mbedtls_camellia_free( &cty );
+    mbedtls_camellia_free(&cty);
 
-    return( ret );
+    return ret;
 }
 
 /*
  * Camellia-ECB block encryption/decryption
  */
-int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
-                    int mode,
-                    const unsigned char input[16],
-                    unsigned char output[16] )
+int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx,
+                               int mode,
+                               const unsigned char input[16],
+                               unsigned char output[16])
 {
     int NR;
     uint32_t *RK, X[4];
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT ||
-                           mode == MBEDTLS_CAMELLIA_DECRYPT );
-    CAMELLIA_VALIDATE_RET( input  != NULL );
-    CAMELLIA_VALIDATE_RET( output != NULL );
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT ||
+                          mode == MBEDTLS_CAMELLIA_DECRYPT);
+    CAMELLIA_VALIDATE_RET(input  != NULL);
+    CAMELLIA_VALIDATE_RET(output != NULL);
 
-    ( (void) mode );
+    ((void) mode);
 
     NR = ctx->nr;
     RK = ctx->rk;
 
-    X[0] = MBEDTLS_GET_UINT32_BE( input,  0 );
-    X[1] = MBEDTLS_GET_UINT32_BE( input,  4 );
-    X[2] = MBEDTLS_GET_UINT32_BE( input,  8 );
-    X[3] = MBEDTLS_GET_UINT32_BE( input, 12 );
+    X[0] = MBEDTLS_GET_UINT32_BE(input,  0);
+    X[1] = MBEDTLS_GET_UINT32_BE(input,  4);
+    X[2] = MBEDTLS_GET_UINT32_BE(input,  8);
+    X[3] = MBEDTLS_GET_UINT32_BE(input, 12);
 
     X[0] ^= *RK++;
     X[1] ^= *RK++;
     X[2] ^= *RK++;
     X[3] ^= *RK++;
 
-    while( NR ) {
+    while (NR) {
         --NR;
-        camellia_feistel( X, RK, X + 2 );
+        camellia_feistel(X, RK, X + 2);
         RK += 2;
-        camellia_feistel( X + 2, RK, X );
+        camellia_feistel(X + 2, RK, X);
         RK += 2;
-        camellia_feistel( X, RK, X + 2 );
+        camellia_feistel(X, RK, X + 2);
         RK += 2;
-        camellia_feistel( X + 2, RK, X );
+        camellia_feistel(X + 2, RK, X);
         RK += 2;
-        camellia_feistel( X, RK, X + 2 );
+        camellia_feistel(X, RK, X + 2);
         RK += 2;
-        camellia_feistel( X + 2, RK, X );
+        camellia_feistel(X + 2, RK, X);
         RK += 2;
 
-        if( NR ) {
+        if (NR) {
             FL(X[0], X[1], RK[0], RK[1]);
             RK += 2;
             FLInv(X[2], X[3], RK[0], RK[1]);
@@ -522,63 +528,61 @@ int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
     X[0] ^= *RK++;
     X[1] ^= *RK++;
 
-    MBEDTLS_PUT_UINT32_BE( X[2], output,  0 );
-    MBEDTLS_PUT_UINT32_BE( X[3], output,  4 );
-    MBEDTLS_PUT_UINT32_BE( X[0], output,  8 );
-    MBEDTLS_PUT_UINT32_BE( X[1], output, 12 );
+    MBEDTLS_PUT_UINT32_BE(X[2], output,  0);
+    MBEDTLS_PUT_UINT32_BE(X[3], output,  4);
+    MBEDTLS_PUT_UINT32_BE(X[0], output,  8);
+    MBEDTLS_PUT_UINT32_BE(X[1], output, 12);
 
-    return( 0 );
+    return 0;
 }
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
 /*
  * Camellia-CBC buffer encryption/decryption
  */
-int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
-                                int mode,
-                                size_t length,
-                                unsigned char iv[16],
-                                const unsigned char *input,
-                                unsigned char *output )
+int mbedtls_camellia_crypt_cbc(mbedtls_camellia_context *ctx,
+                               int mode,
+                               size_t length,
+                               unsigned char iv[16],
+                               const unsigned char *input,
+                               unsigned char *output)
 {
     int i;
     unsigned char temp[16];
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT ||
-                           mode == MBEDTLS_CAMELLIA_DECRYPT );
-    CAMELLIA_VALIDATE_RET( iv != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || input  != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || output != NULL );
-
-    if( length % 16 )
-        return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT ||
+                          mode == MBEDTLS_CAMELLIA_DECRYPT);
+    CAMELLIA_VALIDATE_RET(iv != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || input  != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || output != NULL);
+
+    if (length % 16) {
+        return MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH;
+    }
 
-    if( mode == MBEDTLS_CAMELLIA_DECRYPT )
-    {
-        while( length > 0 )
-        {
-            memcpy( temp, input, 16 );
-            mbedtls_camellia_crypt_ecb( ctx, mode, input, output );
+    if (mode == MBEDTLS_CAMELLIA_DECRYPT) {
+        while (length > 0) {
+            memcpy(temp, input, 16);
+            mbedtls_camellia_crypt_ecb(ctx, mode, input, output);
 
-            for( i = 0; i < 16; i++ )
-                output[i] = (unsigned char)( output[i] ^ iv[i] );
+            for (i = 0; i < 16; i++) {
+                output[i] = (unsigned char) (output[i] ^ iv[i]);
+            }
 
-            memcpy( iv, temp, 16 );
+            memcpy(iv, temp, 16);
 
             input  += 16;
             output += 16;
             length -= 16;
         }
-    }
-    else
-    {
-        while( length > 0 )
-        {
-            for( i = 0; i < 16; i++ )
-                output[i] = (unsigned char)( input[i] ^ iv[i] );
+    } else {
+        while (length > 0) {
+            for (i = 0; i < 16; i++) {
+                output[i] = (unsigned char) (input[i] ^ iv[i]);
+            }
 
-            mbedtls_camellia_crypt_ecb( ctx, mode, output, output );
-            memcpy( iv, output, 16 );
+            mbedtls_camellia_crypt_ecb(ctx, mode, output, output);
+            memcpy(iv, output, 16);
 
             input  += 16;
             output += 16;
@@ -586,7 +590,7 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
         }
     }
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
@@ -594,58 +598,56 @@ int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
 /*
  * Camellia-CFB128 buffer encryption/decryption
  */
-int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
-                       int mode,
-                       size_t length,
-                       size_t *iv_off,
-                       unsigned char iv[16],
-                       const unsigned char *input,
-                       unsigned char *output )
+int mbedtls_camellia_crypt_cfb128(mbedtls_camellia_context *ctx,
+                                  int mode,
+                                  size_t length,
+                                  size_t *iv_off,
+                                  unsigned char iv[16],
+                                  const unsigned char *input,
+                                  unsigned char *output)
 {
     int c;
     size_t n;
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( mode == MBEDTLS_CAMELLIA_ENCRYPT ||
-                           mode == MBEDTLS_CAMELLIA_DECRYPT );
-    CAMELLIA_VALIDATE_RET( iv     != NULL );
-    CAMELLIA_VALIDATE_RET( iv_off != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || input  != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || output != NULL );
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(mode == MBEDTLS_CAMELLIA_ENCRYPT ||
+                          mode == MBEDTLS_CAMELLIA_DECRYPT);
+    CAMELLIA_VALIDATE_RET(iv     != NULL);
+    CAMELLIA_VALIDATE_RET(iv_off != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || input  != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || output != NULL);
 
     n = *iv_off;
-    if( n >= 16 )
-        return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA );
+    if (n >= 16) {
+        return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
+    }
 
-    if( mode == MBEDTLS_CAMELLIA_DECRYPT )
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
+    if (mode == MBEDTLS_CAMELLIA_DECRYPT) {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv);
+            }
 
             c = *input++;
-            *output++ = (unsigned char)( c ^ iv[n] );
+            *output++ = (unsigned char) (c ^ iv[n]);
             iv[n] = (unsigned char) c;
 
-            n = ( n + 1 ) & 0x0F;
+            n = (n + 1) & 0x0F;
         }
-    }
-    else
-    {
-        while( length-- )
-        {
-            if( n == 0 )
-                mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
+    } else {
+        while (length--) {
+            if (n == 0) {
+                mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv);
+            }
 
-            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
+            iv[n] = *output++ = (unsigned char) (iv[n] ^ *input++);
 
-            n = ( n + 1 ) & 0x0F;
+            n = (n + 1) & 0x0F;
         }
     }
 
     *iv_off = n;
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CFB */
 
@@ -653,46 +655,48 @@ int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
 /*
  * Camellia-CTR buffer encryption/decryption
  */
-int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
-                       size_t length,
-                       size_t *nc_off,
-                       unsigned char nonce_counter[16],
-                       unsigned char stream_block[16],
-                       const unsigned char *input,
-                       unsigned char *output )
+int mbedtls_camellia_crypt_ctr(mbedtls_camellia_context *ctx,
+                               size_t length,
+                               size_t *nc_off,
+                               unsigned char nonce_counter[16],
+                               unsigned char stream_block[16],
+                               const unsigned char *input,
+                               unsigned char *output)
 {
     int c, i;
     size_t n;
-    CAMELLIA_VALIDATE_RET( ctx != NULL );
-    CAMELLIA_VALIDATE_RET( nonce_counter != NULL );
-    CAMELLIA_VALIDATE_RET( stream_block  != NULL );
-    CAMELLIA_VALIDATE_RET( nc_off != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || input  != NULL );
-    CAMELLIA_VALIDATE_RET( length == 0 || output != NULL );
+    CAMELLIA_VALIDATE_RET(ctx != NULL);
+    CAMELLIA_VALIDATE_RET(nonce_counter != NULL);
+    CAMELLIA_VALIDATE_RET(stream_block  != NULL);
+    CAMELLIA_VALIDATE_RET(nc_off != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || input  != NULL);
+    CAMELLIA_VALIDATE_RET(length == 0 || output != NULL);
 
     n = *nc_off;
-    if( n >= 16 )
-        return( MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA );
+    if (n >= 16) {
+        return MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA;
+    }
 
-    while( length-- )
-    {
-        if( n == 0 ) {
-            mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
-                                stream_block );
+    while (length--) {
+        if (n == 0) {
+            mbedtls_camellia_crypt_ecb(ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
+                                       stream_block);
 
-            for( i = 16; i > 0; i-- )
-                if( ++nonce_counter[i - 1] != 0 )
+            for (i = 16; i > 0; i--) {
+                if (++nonce_counter[i - 1] != 0) {
                     break;
+                }
+            }
         }
         c = *input++;
-        *output++ = (unsigned char)( c ^ stream_block[n] );
+        *output++ = (unsigned char) (c ^ stream_block[n]);
 
-        n = ( n + 1 ) & 0x0F;
+        n = (n + 1) & 0x0F;
     }
 
     *nc_off = n;
 
-    return( 0 );
+    return 0;
 }
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 #endif /* !MBEDTLS_CAMELLIA_ALT */
@@ -772,23 +776,23 @@ static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
 
 static const unsigned char camellia_test_cbc_key[3][32] =
 {
-        { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
-          0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }
+    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }
     ,
-        { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
-          0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
-          0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }
+    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }
     ,
-        { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
-          0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
-          0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
-          0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
+    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
 };
 
 static const unsigned char camellia_test_cbc_iv[16] =
 
-    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
+{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+  0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
 ;
 
 static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] =
@@ -891,13 +895,13 @@ static const unsigned char camellia_test_ctr_ct[3][48] =
 };
 
 static const int camellia_test_ctr_len[3] =
-    { 16, 32, 36 };
+{ 16, 32, 36 };
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
 /*
  * Checkup routine
  */
-int mbedtls_camellia_self_test( int verbose )
+int mbedtls_camellia_self_test(int verbose)
 {
     int i, j, u, v;
     unsigned char key[32];
@@ -916,163 +920,167 @@ int mbedtls_camellia_self_test( int verbose )
 
     mbedtls_camellia_context ctx;
 
-    mbedtls_camellia_init( &ctx );
-    memset( key, 0, 32 );
+    mbedtls_camellia_init(&ctx);
+    memset(key, 0, 32);
 
-    for( j = 0; j < 6; j++ ) {
+    for (j = 0; j < 6; j++) {
         u = j >> 1;
-    v = j & 1;
-
-    if( verbose != 0 )
-        mbedtls_printf( "  CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
-                         (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
-
-    for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
-        memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
-
-        if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
-            mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
-            memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
-            memcpy( dst, camellia_test_ecb_plain[i], 16 );
-        } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
-            mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
-            memcpy( src, camellia_test_ecb_plain[i], 16 );
-            memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
+        v = j & 1;
+
+        if (verbose != 0) {
+            mbedtls_printf("  CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
+                           (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
         }
 
-        mbedtls_camellia_crypt_ecb( &ctx, v, src, buf );
+        for (i = 0; i < CAMELLIA_TESTS_ECB; i++) {
+            memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u);
+
+            if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+                mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
+                memcpy(src, camellia_test_ecb_cipher[u][i], 16);
+                memcpy(dst, camellia_test_ecb_plain[i], 16);
+            } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
+                mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
+                memcpy(src, camellia_test_ecb_plain[i], 16);
+                memcpy(dst, camellia_test_ecb_cipher[u][i], 16);
+            }
 
-        if( memcmp( buf, dst, 16 ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-            goto exit;
+            mbedtls_camellia_crypt_ecb(&ctx, v, src, buf);
+
+            if (memcmp(buf, dst, 16) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
+                goto exit;
+            }
         }
-    }
 
-    if( verbose != 0 )
-        mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
     /*
      * CBC mode
      */
-    for( j = 0; j < 6; j++ )
-    {
+    for (j = 0; j < 6; j++) {
         u = j >> 1;
         v = j  & 1;
 
-        if( verbose != 0 )
-            mbedtls_printf( "  CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
-                             ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
+        if (verbose != 0) {
+            mbedtls_printf("  CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
+                           (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
+        }
 
-        memcpy( src, camellia_test_cbc_iv, 16 );
-        memcpy( dst, camellia_test_cbc_iv, 16 );
-        memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u );
+        memcpy(src, camellia_test_cbc_iv, 16);
+        memcpy(dst, camellia_test_cbc_iv, 16);
+        memcpy(key, camellia_test_cbc_key[u], 16 + 8 * u);
 
-        if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
-            mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
+        if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+            mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64);
         } else {
-            mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
+            mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64);
         }
 
-        for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
+        for (i = 0; i < CAMELLIA_TESTS_CBC; i++) {
 
-            if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
-                memcpy( iv , src, 16 );
-                memcpy( src, camellia_test_cbc_cipher[u][i], 16 );
-                memcpy( dst, camellia_test_cbc_plain[i], 16 );
+            if (v == MBEDTLS_CAMELLIA_DECRYPT) {
+                memcpy(iv, src, 16);
+                memcpy(src, camellia_test_cbc_cipher[u][i], 16);
+                memcpy(dst, camellia_test_cbc_plain[i], 16);
             } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
-                memcpy( iv , dst, 16 );
-                memcpy( src, camellia_test_cbc_plain[i], 16 );
-                memcpy( dst, camellia_test_cbc_cipher[u][i], 16 );
+                memcpy(iv, dst, 16);
+                memcpy(src, camellia_test_cbc_plain[i], 16);
+                memcpy(dst, camellia_test_cbc_cipher[u][i], 16);
             }
 
-            mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
+            mbedtls_camellia_crypt_cbc(&ctx, v, 16, iv, src, buf);
 
-            if( memcmp( buf, dst, 16 ) != 0 )
-            {
-                if( verbose != 0 )
-                    mbedtls_printf( "failed\n" );
+            if (memcmp(buf, dst, 16) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
                 goto exit;
             }
         }
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 #endif /* MBEDTLS_CIPHER_MODE_CBC */
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
     /*
      * CTR mode
      */
-    for( i = 0; i < 6; i++ )
-    {
+    for (i = 0; i < 6; i++) {
         u = i >> 1;
         v = i  & 1;
 
-        if( verbose != 0 )
-            mbedtls_printf( "  CAMELLIA-CTR-128 (%s): ",
-                             ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
+        if (verbose != 0) {
+            mbedtls_printf("  CAMELLIA-CTR-128 (%s): ",
+                           (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
+        }
 
-        memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
-        memcpy( key, camellia_test_ctr_key[u], 16 );
+        memcpy(nonce_counter, camellia_test_ctr_nonce_counter[u], 16);
+        memcpy(key, camellia_test_ctr_key[u], 16);
 
         offset = 0;
-        mbedtls_camellia_setkey_enc( &ctx, key, 128 );
+        mbedtls_camellia_setkey_enc(&ctx, key, 128);
 
-        if( v == MBEDTLS_CAMELLIA_DECRYPT )
-        {
+        if (v == MBEDTLS_CAMELLIA_DECRYPT) {
             len = camellia_test_ctr_len[u];
-            memcpy( buf, camellia_test_ctr_ct[u], len );
+            memcpy(buf, camellia_test_ctr_ct[u], len);
 
-            mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
-                                buf, buf );
+            mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block,
+                                       buf, buf);
 
-            if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
-            {
-                if( verbose != 0 )
-                    mbedtls_printf( "failed\n" );
+            if (memcmp(buf, camellia_test_ctr_pt[u], len) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
                 goto exit;
             }
-        }
-        else
-        {
+        } else {
             len = camellia_test_ctr_len[u];
-            memcpy( buf, camellia_test_ctr_pt[u], len );
+            memcpy(buf, camellia_test_ctr_pt[u], len);
 
-            mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
-                                buf, buf );
+            mbedtls_camellia_crypt_ctr(&ctx, len, &offset, nonce_counter, stream_block,
+                                       buf, buf);
 
-            if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
-            {
-                if( verbose != 0 )
-                    mbedtls_printf( "failed\n" );
+            if (memcmp(buf, camellia_test_ctr_ct[u], len) != 0) {
+                if (verbose != 0) {
+                    mbedtls_printf("failed\n");
+                }
                 goto exit;
             }
         }
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 #endif /* MBEDTLS_CIPHER_MODE_CTR */
 
     ret = 0;
 
 exit:
-    mbedtls_camellia_free( &ctx );
-    return( ret );
+    mbedtls_camellia_free(&ctx);
+    return ret;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/ccm.c

@@ -40,10 +40,10 @@
 
 #if !defined(MBEDTLS_CCM_ALT)
 
-#define CCM_VALIDATE_RET( cond ) \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CCM_BAD_INPUT )
-#define CCM_VALIDATE( cond ) \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
+#define CCM_VALIDATE_RET(cond) \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CCM_BAD_INPUT)
+#define CCM_VALIDATE(cond) \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
 
 #define CCM_ENCRYPT 0
 #define CCM_DECRYPT 1
@@ -51,54 +51,57 @@
 /*
  * Initialize context
  */
-void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
+void mbedtls_ccm_init(mbedtls_ccm_context *ctx)
 {
-    CCM_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
+    CCM_VALIDATE(ctx != NULL);
+    memset(ctx, 0, sizeof(mbedtls_ccm_context));
 }
 
-int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
-                        mbedtls_cipher_id_t cipher,
-                        const unsigned char *key,
-                        unsigned int keybits )
+int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx,
+                       mbedtls_cipher_id_t cipher,
+                       const unsigned char *key,
+                       unsigned int keybits)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     const mbedtls_cipher_info_t *cipher_info;
 
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( key != NULL );
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(key != NULL);
 
-    cipher_info = mbedtls_cipher_info_from_values( cipher, keybits,
-                                                   MBEDTLS_MODE_ECB );
-    if( cipher_info == NULL )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+    cipher_info = mbedtls_cipher_info_from_values(cipher, keybits,
+                                                  MBEDTLS_MODE_ECB);
+    if (cipher_info == NULL) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
 
-    if( cipher_info->block_size != 16 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+    if (cipher_info->block_size != 16) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
 
-    mbedtls_cipher_free( &ctx->cipher_ctx );
+    mbedtls_cipher_free(&ctx->cipher_ctx);
 
-    if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
-        return( ret );
+    if ((ret = mbedtls_cipher_setup(&ctx->cipher_ctx, cipher_info)) != 0) {
+        return ret;
+    }
 
-    if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
-                               MBEDTLS_ENCRYPT ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = mbedtls_cipher_setkey(&ctx->cipher_ctx, key, keybits,
+                                     MBEDTLS_ENCRYPT)) != 0) {
+        return ret;
     }
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Free context
  */
-void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
+void mbedtls_ccm_free(mbedtls_ccm_context *ctx)
 {
-    if( ctx == NULL )
+    if (ctx == NULL) {
         return;
-    mbedtls_cipher_free( &ctx->cipher_ctx );
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
+    }
+    mbedtls_cipher_free(&ctx->cipher_ctx);
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context));
 }
 
 /*
@@ -111,38 +114,38 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
  * (Always using b as the source helps the compiler optimise a bit better.)
  */
 #define UPDATE_CBC_MAC                                                      \
-    for( i = 0; i < 16; i++ )                                               \
-        y[i] ^= b[i];                                                       \
+    for (i = 0; i < 16; i++)                                               \
+    y[i] ^= b[i];                                                       \
                                                                             \
-    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
-        return( ret );
+    if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, y, 16, y, &olen)) != 0) \
+    return ret;
 
 /*
  * Encrypt or decrypt a partial block with CTR
  * Warning: using b for temporary storage! src and dst must not be b!
  * This avoids allocating one more 16 bytes buffer while allowing src == dst.
  */
-#define CTR_CRYPT( dst, src, len  )                                            \
+#define CTR_CRYPT(dst, src, len)                                            \
     do                                                                  \
     {                                                                   \
-        if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr,       \
-                                           16, b, &olen ) ) != 0 )      \
+        if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctr,       \
+                                         16, b, &olen)) != 0)      \
         {                                                               \
-            return( ret );                                              \
+            return ret;                                              \
         }                                                               \
-                                                                        \
-        for( i = 0; i < (len); i++ )                                    \
-            (dst)[i] = (src)[i] ^ b[i];                                 \
-    } while( 0 )
+                                                                      \
+        for (i = 0; i < (len); i++)                                    \
+        (dst)[i] = (src)[i] ^ b[i];                                 \
+    } while (0)
 
 /*
  * Authenticated encryption or decryption
  */
-static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
-                           const unsigned char *iv, size_t iv_len,
-                           const unsigned char *add, size_t add_len,
-                           const unsigned char *input, unsigned char *output,
-                           unsigned char *tag, size_t tag_len )
+static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length,
+                          const unsigned char *iv, size_t iv_len,
+                          const unsigned char *add, size_t add_len,
+                          const unsigned char *input, unsigned char *output,
+                          unsigned char *tag, size_t tag_len)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char i;
@@ -161,15 +164,18 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
      *
      * Also, loosen the requirements to enable support for CCM* (IEEE 802.15.4).
      */
-    if( tag_len == 2 || tag_len > 16 || tag_len % 2 != 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+    if (tag_len == 2 || tag_len > 16 || tag_len % 2 != 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
 
     /* Also implies q is within bounds */
-    if( iv_len < 7 || iv_len > 13 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+    if (iv_len < 7 || iv_len > 13) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
 
-    if( add_len >= 0xFF00 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+    if (add_len >= 0xFF00) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
 
     q = 16 - 1 - (unsigned char) iv_len;
 
@@ -186,49 +192,49 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
      * 2 .. 0   q - 1
      */
     b[0] = 0;
-    b[0] |= ( add_len > 0 ) << 6;
-    b[0] |= ( ( tag_len - 2 ) / 2 ) << 3;
+    b[0] |= (add_len > 0) << 6;
+    b[0] |= ((tag_len - 2) / 2) << 3;
     b[0] |= q - 1;
 
-    memcpy( b + 1, iv, iv_len );
+    memcpy(b + 1, iv, iv_len);
 
-    for( i = 0, len_left = length; i < q; i++, len_left >>= 8 )
-        b[15-i] = MBEDTLS_BYTE_0( len_left );
+    for (i = 0, len_left = length; i < q; i++, len_left >>= 8) {
+        b[15-i] = MBEDTLS_BYTE_0(len_left);
+    }
 
-    if( len_left > 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+    if (len_left > 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
 
 
     /* Start CBC-MAC with first block */
-    memset( y, 0, 16 );
+    memset(y, 0, 16);
     UPDATE_CBC_MAC;
 
     /*
      * If there is additional data, update CBC-MAC with
      * add_len, add, 0 (padding to a block boundary)
      */
-    if( add_len > 0 )
-    {
+    if (add_len > 0) {
         size_t use_len;
         len_left = add_len;
         src = add;
 
-        memset( b, 0, 16 );
-        MBEDTLS_PUT_UINT16_BE( add_len, b, 0 );
+        memset(b, 0, 16);
+        MBEDTLS_PUT_UINT16_BE(add_len, b, 0);
 
         use_len = len_left < 16 - 2 ? len_left : 16 - 2;
-        memcpy( b + 2, src, use_len );
+        memcpy(b + 2, src, use_len);
         len_left -= use_len;
         src += use_len;
 
         UPDATE_CBC_MAC;
 
-        while( len_left > 0 )
-        {
+        while (len_left > 0) {
             use_len = len_left > 16 ? 16 : len_left;
 
-            memset( b, 0, 16 );
-            memcpy( b, src, use_len );
+            memset(b, 0, 16);
+            memcpy(b, src, use_len);
             UPDATE_CBC_MAC;
 
             len_left -= use_len;
@@ -247,8 +253,8 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
      * 2 .. 0   q - 1
      */
     ctr[0] = q - 1;
-    memcpy( ctr + 1, iv, iv_len );
-    memset( ctr + 1 + iv_len, 0, q );
+    memcpy(ctr + 1, iv, iv_len);
+    memset(ctr + 1 + iv_len, 0, q);
     ctr[15] = 1;
 
     /*
@@ -261,23 +267,20 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
     src = input;
     dst = output;
 
-    while( len_left > 0 )
-    {
+    while (len_left > 0) {
         size_t use_len = len_left > 16 ? 16 : len_left;
 
-        if( mode == CCM_ENCRYPT )
-        {
-            memset( b, 0, 16 );
-            memcpy( b, src, use_len );
+        if (mode == CCM_ENCRYPT) {
+            memset(b, 0, 16);
+            memcpy(b, src, use_len);
             UPDATE_CBC_MAC;
         }
 
-        CTR_CRYPT( dst, src, use_len );
+        CTR_CRYPT(dst, src, use_len);
 
-        if( mode == CCM_DECRYPT )
-        {
-            memset( b, 0, 16 );
-            memcpy( b, dst, use_len );
+        if (mode == CCM_DECRYPT) {
+            memset(b, 0, 16);
+            memcpy(b, dst, use_len);
             UPDATE_CBC_MAC;
         }
 
@@ -289,120 +292,124 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
          * Increment counter.
          * No need to check for overflow thanks to the length check above.
          */
-        for( i = 0; i < q; i++ )
-            if( ++ctr[15-i] != 0 )
+        for (i = 0; i < q; i++) {
+            if (++ctr[15-i] != 0) {
                 break;
+            }
+        }
     }
 
     /*
      * Authentication: reset counter and crypt/mask internal tag
      */
-    for( i = 0; i < q; i++ )
+    for (i = 0; i < q; i++) {
         ctr[15-i] = 0;
+    }
 
-    CTR_CRYPT( y, y, 16 );
-    memcpy( tag, y, tag_len );
+    CTR_CRYPT(y, y, 16);
+    memcpy(tag, y, tag_len);
 
-    return( 0 );
+    return 0;
 }
 
 /*
  * Authenticated encryption
  */
-int mbedtls_ccm_star_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len )
+int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                     const unsigned char *iv, size_t iv_len,
+                                     const unsigned char *add, size_t add_len,
+                                     const unsigned char *input, unsigned char *output,
+                                     unsigned char *tag, size_t tag_len)
 {
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-    return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len,
-                            add, add_len, input, output, tag, tag_len ) );
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+    return ccm_auth_crypt(ctx, CCM_ENCRYPT, length, iv, iv_len,
+                          add, add_len, input, output, tag, tag_len);
 }
 
-int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
-                         const unsigned char *iv, size_t iv_len,
-                         const unsigned char *add, size_t add_len,
-                         const unsigned char *input, unsigned char *output,
-                         unsigned char *tag, size_t tag_len )
+int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length,
+                                const unsigned char *iv, size_t iv_len,
+                                const unsigned char *add, size_t add_len,
+                                const unsigned char *input, unsigned char *output,
+                                unsigned char *tag, size_t tag_len)
 {
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-    if( tag_len == 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    return( mbedtls_ccm_star_encrypt_and_tag( ctx, length, iv, iv_len, add,
-                add_len, input, output, tag, tag_len ) );
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+    if (tag_len == 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    return mbedtls_ccm_star_encrypt_and_tag(ctx, length, iv, iv_len, add,
+                                            add_len, input, output, tag, tag_len);
 }
 
 /*
  * Authenticated decryption
  */
-int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len )
+int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                                  const unsigned char *iv, size_t iv_len,
+                                  const unsigned char *add, size_t add_len,
+                                  const unsigned char *input, unsigned char *output,
+                                  const unsigned char *tag, size_t tag_len)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char check_tag[16];
     unsigned char i;
     int diff;
 
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
-    if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length,
-                                iv, iv_len, add, add_len,
-                                input, output, check_tag, tag_len ) ) != 0 )
-    {
-        return( ret );
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+
+    if ((ret = ccm_auth_crypt(ctx, CCM_DECRYPT, length,
+                              iv, iv_len, add, add_len,
+                              input, output, check_tag, tag_len)) != 0) {
+        return ret;
     }
 
     /* Check tag in "constant-time" */
-    for( diff = 0, i = 0; i < tag_len; i++ )
+    for (diff = 0, i = 0; i < tag_len; i++) {
         diff |= tag[i] ^ check_tag[i];
+    }
 
-    if( diff != 0 )
-    {
-        mbedtls_platform_zeroize( output, length );
-        return( MBEDTLS_ERR_CCM_AUTH_FAILED );
+    if (diff != 0) {
+        mbedtls_platform_zeroize(output, length);
+        return MBEDTLS_ERR_CCM_AUTH_FAILED;
     }
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
-                      const unsigned char *iv, size_t iv_len,
-                      const unsigned char *add, size_t add_len,
-                      const unsigned char *input, unsigned char *output,
-                      const unsigned char *tag, size_t tag_len )
+int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length,
+                             const unsigned char *iv, size_t iv_len,
+                             const unsigned char *add, size_t add_len,
+                             const unsigned char *input, unsigned char *output,
+                             const unsigned char *tag, size_t tag_len)
 {
-    CCM_VALIDATE_RET( ctx != NULL );
-    CCM_VALIDATE_RET( iv != NULL );
-    CCM_VALIDATE_RET( add_len == 0 || add != NULL );
-    CCM_VALIDATE_RET( length == 0 || input != NULL );
-    CCM_VALIDATE_RET( length == 0 || output != NULL );
-    CCM_VALIDATE_RET( tag_len == 0 || tag != NULL );
-
-    if( tag_len == 0 )
-        return( MBEDTLS_ERR_CCM_BAD_INPUT );
-
-    return( mbedtls_ccm_star_auth_decrypt( ctx, length, iv, iv_len, add,
-                add_len, input, output, tag, tag_len ) );
+    CCM_VALIDATE_RET(ctx != NULL);
+    CCM_VALIDATE_RET(iv != NULL);
+    CCM_VALIDATE_RET(add_len == 0 || add != NULL);
+    CCM_VALIDATE_RET(length == 0 || input != NULL);
+    CCM_VALIDATE_RET(length == 0 || output != NULL);
+    CCM_VALIDATE_RET(tag_len == 0 || tag != NULL);
+
+    if (tag_len == 0) {
+        return MBEDTLS_ERR_CCM_BAD_INPUT;
+    }
+
+    return mbedtls_ccm_star_auth_decrypt(ctx, length, iv, iv_len, add,
+                                         add_len, input, output, tag, tag_len);
 }
 #endif /* !MBEDTLS_CCM_ALT */
 
@@ -439,7 +446,7 @@ static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = {
     0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
 };
 
-static const size_t iv_len_test_data [NB_TESTS] = { 7, 8,  12 };
+static const size_t iv_len_test_data[NB_TESTS] = { 7, 8,  12 };
 static const size_t add_len_test_data[NB_TESTS] = { 8, 16, 20 };
 static const size_t msg_len_test_data[NB_TESTS] = { 4, 16, 24 };
 static const size_t tag_len_test_data[NB_TESTS] = { 4, 6,  8  };
@@ -455,7 +462,7 @@ static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = {
         0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
 };
 
-int mbedtls_ccm_self_test( int verbose )
+int mbedtls_ccm_self_test(int verbose)
 {
     mbedtls_ccm_context ctx;
     /*
@@ -468,70 +475,72 @@ int mbedtls_ccm_self_test( int verbose )
     size_t i;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    mbedtls_ccm_init( &ctx );
+    mbedtls_ccm_init(&ctx);
 
-    if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
-                            8 * sizeof key_test_data ) != 0 )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  CCM: setup failed" );
+    if (mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, key_test_data,
+                           8 * sizeof(key_test_data)) != 0) {
+        if (verbose != 0) {
+            mbedtls_printf("  CCM: setup failed");
+        }
 
-        return( 1 );
+        return 1;
     }
 
-    for( i = 0; i < NB_TESTS; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  CCM-AES #%u: ", (unsigned int) i + 1 );
-
-        memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
-        memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
-        memcpy( plaintext, msg_test_data, msg_len_test_data[i] );
-
-        ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len_test_data[i],
-                                           iv_test_data, iv_len_test_data[i],
-                                           ad_test_data, add_len_test_data[i],
-                                           plaintext, ciphertext,
-                                           ciphertext + msg_len_test_data[i],
-                                           tag_len_test_data[i] );
-
-        if( ret != 0 ||
-            memcmp( ciphertext, res_test_data[i],
-                    msg_len_test_data[i] + tag_len_test_data[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            return( 1 );
+    for (i = 0; i < NB_TESTS; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  CCM-AES #%u: ", (unsigned int) i + 1);
+        }
+
+        memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
+        memset(ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN);
+        memcpy(plaintext, msg_test_data, msg_len_test_data[i]);
+
+        ret = mbedtls_ccm_encrypt_and_tag(&ctx, msg_len_test_data[i],
+                                          iv_test_data, iv_len_test_data[i],
+                                          ad_test_data, add_len_test_data[i],
+                                          plaintext, ciphertext,
+                                          ciphertext + msg_len_test_data[i],
+                                          tag_len_test_data[i]);
+
+        if (ret != 0 ||
+            memcmp(ciphertext, res_test_data[i],
+                   msg_len_test_data[i] + tag_len_test_data[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            return 1;
         }
-        memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
-
-        ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len_test_data[i],
-                                        iv_test_data, iv_len_test_data[i],
-                                        ad_test_data, add_len_test_data[i],
-                                        ciphertext, plaintext,
-                                        ciphertext + msg_len_test_data[i],
-                                        tag_len_test_data[i] );
-
-        if( ret != 0 ||
-            memcmp( plaintext, msg_test_data, msg_len_test_data[i] ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            return( 1 );
+        memset(plaintext, 0, CCM_SELFTEST_PT_MAX_LEN);
+
+        ret = mbedtls_ccm_auth_decrypt(&ctx, msg_len_test_data[i],
+                                       iv_test_data, iv_len_test_data[i],
+                                       ad_test_data, add_len_test_data[i],
+                                       ciphertext, plaintext,
+                                       ciphertext + msg_len_test_data[i],
+                                       tag_len_test_data[i]);
+
+        if (ret != 0 ||
+            memcmp(plaintext, msg_test_data, msg_len_test_data[i]) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
+
+            return 1;
         }
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 
-    mbedtls_ccm_free( &ctx );
+    mbedtls_ccm_free(&ctx);
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */

thirdparty/mbedtls/library/chacha20.c

@@ -37,17 +37,17 @@
 #if !defined(MBEDTLS_CHACHA20_ALT)
 
 /* Parameter validation macros */
-#define CHACHA20_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA )
-#define CHACHA20_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
+#define CHACHA20_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA)
+#define CHACHA20_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
 
-#define ROTL32( value, amount ) \
-    ( (uint32_t) ( (value) << (amount) ) | ( (value) >> ( 32 - (amount) ) ) )
+#define ROTL32(value, amount) \
+    ((uint32_t) ((value) << (amount)) | ((value) >> (32 - (amount))))
 
-#define CHACHA20_CTR_INDEX ( 12U )
+#define CHACHA20_CTR_INDEX (12U)
 
-#define CHACHA20_BLOCK_SIZE_BYTES ( 4U * 16U )
+#define CHACHA20_BLOCK_SIZE_BYTES (4U * 16U)
 
 /**
  * \brief           ChaCha20 quarter round operation.
@@ -64,31 +64,31 @@
  * \param c         The index of 'c' in the state.
  * \param d         The index of 'd' in the state.
  */
-static inline void chacha20_quarter_round( uint32_t state[16],
-                                           size_t a,
-                                           size_t b,
-                                           size_t c,
-                                           size_t d )
+static inline void chacha20_quarter_round(uint32_t state[16],
+                                          size_t a,
+                                          size_t b,
+                                          size_t c,
+                                          size_t d)
 {
     /* a += b; d ^= a; d <<<= 16; */
     state[a] += state[b];
     state[d] ^= state[a];
-    state[d] = ROTL32( state[d], 16 );
+    state[d] = ROTL32(state[d], 16);
 
     /* c += d; b ^= c; b <<<= 12 */
     state[c] += state[d];
     state[b] ^= state[c];
-    state[b] = ROTL32( state[b], 12 );
+    state[b] = ROTL32(state[b], 12);
 
     /* a += b; d ^= a; d <<<= 8; */
     state[a] += state[b];
     state[d] ^= state[a];
-    state[d] = ROTL32( state[d], 8 );
+    state[d] = ROTL32(state[d], 8);
 
     /* c += d; b ^= c; b <<<= 7; */
     state[c] += state[d];
     state[b] ^= state[c];
-    state[b] = ROTL32( state[b], 7 );
+    state[b] = ROTL32(state[b], 7);
 }
 
 /**
@@ -99,17 +99,17 @@ static inline void chacha20_quarter_round( uint32_t state[16],
  *
  * \param state     The ChaCha20 state to update.
  */
-static void chacha20_inner_block( uint32_t state[16] )
+static void chacha20_inner_block(uint32_t state[16])
 {
-    chacha20_quarter_round( state, 0, 4, 8,  12 );
-    chacha20_quarter_round( state, 1, 5, 9,  13 );
-    chacha20_quarter_round( state, 2, 6, 10, 14 );
-    chacha20_quarter_round( state, 3, 7, 11, 15 );
-
-    chacha20_quarter_round( state, 0, 5, 10, 15 );
-    chacha20_quarter_round( state, 1, 6, 11, 12 );
-    chacha20_quarter_round( state, 2, 7, 8,  13 );
-    chacha20_quarter_round( state, 3, 4, 9,  14 );
+    chacha20_quarter_round(state, 0, 4, 8,  12);
+    chacha20_quarter_round(state, 1, 5, 9,  13);
+    chacha20_quarter_round(state, 2, 6, 10, 14);
+    chacha20_quarter_round(state, 3, 7, 11, 15);
+
+    chacha20_quarter_round(state, 0, 5, 10, 15);
+    chacha20_quarter_round(state, 1, 6, 11, 12);
+    chacha20_quarter_round(state, 2, 7, 8,  13);
+    chacha20_quarter_round(state, 3, 4, 9,  14);
 }
 
 /**
@@ -118,29 +118,30 @@ static void chacha20_inner_block( uint32_t state[16] )
  * \param initial_state The initial ChaCha20 state (key, nonce, counter).
  * \param keystream     Generated keystream bytes are written to this buffer.
  */
-static void chacha20_block( const uint32_t initial_state[16],
-                            unsigned char keystream[64] )
+static void chacha20_block(const uint32_t initial_state[16],
+                           unsigned char keystream[64])
 {
     uint32_t working_state[16];
     size_t i;
 
-    memcpy( working_state,
-            initial_state,
-            CHACHA20_BLOCK_SIZE_BYTES );
-
-    for( i = 0U; i < 10U; i++ )
-        chacha20_inner_block( working_state );
-
-    working_state[ 0] += initial_state[ 0];
-    working_state[ 1] += initial_state[ 1];
-    working_state[ 2] += initial_state[ 2];
-    working_state[ 3] += initial_state[ 3];
-    working_state[ 4] += initial_state[ 4];
-    working_state[ 5] += initial_state[ 5];
-    working_state[ 6] += initial_state[ 6];
-    working_state[ 7] += initial_state[ 7];
-    working_state[ 8] += initial_state[ 8];
-    working_state[ 9] += initial_state[ 9];
+    memcpy(working_state,
+           initial_state,
+           CHACHA20_BLOCK_SIZE_BYTES);
+
+    for (i = 0U; i < 10U; i++) {
+        chacha20_inner_block(working_state);
+    }
+
+    working_state[0] += initial_state[0];
+    working_state[1] += initial_state[1];
+    working_state[2] += initial_state[2];
+    working_state[3] += initial_state[3];
+    working_state[4] += initial_state[4];
+    working_state[5] += initial_state[5];
+    working_state[6] += initial_state[6];
+    working_state[7] += initial_state[7];
+    working_state[8] += initial_state[8];
+    working_state[9] += initial_state[9];
     working_state[10] += initial_state[10];
     working_state[11] += initial_state[11];
     working_state[12] += initial_state[12];
@@ -148,40 +149,38 @@ static void chacha20_block( const uint32_t initial_state[16],
     working_state[14] += initial_state[14];
     working_state[15] += initial_state[15];
 
-    for( i = 0U; i < 16; i++ )
-    {
+    for (i = 0U; i < 16; i++) {
         size_t offset = i * 4U;
 
         MBEDTLS_PUT_UINT32_LE(working_state[i], keystream, offset);
     }
 
-    mbedtls_platform_zeroize( working_state, sizeof( working_state ) );
+    mbedtls_platform_zeroize(working_state, sizeof(working_state));
 }
 
-void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx )
+void mbedtls_chacha20_init(mbedtls_chacha20_context *ctx)
 {
-    CHACHA20_VALIDATE( ctx != NULL );
+    CHACHA20_VALIDATE(ctx != NULL);
 
-    mbedtls_platform_zeroize( ctx->state, sizeof( ctx->state ) );
-    mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
+    mbedtls_platform_zeroize(ctx->state, sizeof(ctx->state));
+    mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
 
     /* Initially, there's no keystream bytes available */
     ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
 }
 
-void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx )
+void mbedtls_chacha20_free(mbedtls_chacha20_context *ctx)
 {
-    if( ctx != NULL )
-    {
-        mbedtls_platform_zeroize( ctx, sizeof( mbedtls_chacha20_context ) );
+    if (ctx != NULL) {
+        mbedtls_platform_zeroize(ctx, sizeof(mbedtls_chacha20_context));
     }
 }
 
-int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
-                            const unsigned char key[32] )
+int mbedtls_chacha20_setkey(mbedtls_chacha20_context *ctx,
+                            const unsigned char key[32])
 {
-    CHACHA20_VALIDATE_RET( ctx != NULL );
-    CHACHA20_VALIDATE_RET( key != NULL );
+    CHACHA20_VALIDATE_RET(ctx != NULL);
+    CHACHA20_VALIDATE_RET(key != NULL);
 
     /* ChaCha20 constants - the string "expand 32-byte k" */
     ctx->state[0] = 0x61707865;
@@ -190,58 +189,57 @@ int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
     ctx->state[3] = 0x6b206574;
 
     /* Set key */
-    ctx->state[4]  = MBEDTLS_GET_UINT32_LE( key, 0 );
-    ctx->state[5]  = MBEDTLS_GET_UINT32_LE( key, 4 );
-    ctx->state[6]  = MBEDTLS_GET_UINT32_LE( key, 8 );
-    ctx->state[7]  = MBEDTLS_GET_UINT32_LE( key, 12 );
-    ctx->state[8]  = MBEDTLS_GET_UINT32_LE( key, 16 );
-    ctx->state[9]  = MBEDTLS_GET_UINT32_LE( key, 20 );
-    ctx->state[10] = MBEDTLS_GET_UINT32_LE( key, 24 );
-    ctx->state[11] = MBEDTLS_GET_UINT32_LE( key, 28 );
-
-    return( 0 );
+    ctx->state[4]  = MBEDTLS_GET_UINT32_LE(key, 0);
+    ctx->state[5]  = MBEDTLS_GET_UINT32_LE(key, 4);
+    ctx->state[6]  = MBEDTLS_GET_UINT32_LE(key, 8);
+    ctx->state[7]  = MBEDTLS_GET_UINT32_LE(key, 12);
+    ctx->state[8]  = MBEDTLS_GET_UINT32_LE(key, 16);
+    ctx->state[9]  = MBEDTLS_GET_UINT32_LE(key, 20);
+    ctx->state[10] = MBEDTLS_GET_UINT32_LE(key, 24);
+    ctx->state[11] = MBEDTLS_GET_UINT32_LE(key, 28);
+
+    return 0;
 }
 
-int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
-                             const unsigned char nonce[12],
-                             uint32_t counter )
+int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx,
+                            const unsigned char nonce[12],
+                            uint32_t counter)
 {
-    CHACHA20_VALIDATE_RET( ctx != NULL );
-    CHACHA20_VALIDATE_RET( nonce != NULL );
+    CHACHA20_VALIDATE_RET(ctx != NULL);
+    CHACHA20_VALIDATE_RET(nonce != NULL);
 
     /* Counter */
     ctx->state[12] = counter;
 
     /* Nonce */
-    ctx->state[13] = MBEDTLS_GET_UINT32_LE( nonce, 0 );
-    ctx->state[14] = MBEDTLS_GET_UINT32_LE( nonce, 4 );
-    ctx->state[15] = MBEDTLS_GET_UINT32_LE( nonce, 8 );
+    ctx->state[13] = MBEDTLS_GET_UINT32_LE(nonce, 0);
+    ctx->state[14] = MBEDTLS_GET_UINT32_LE(nonce, 4);
+    ctx->state[15] = MBEDTLS_GET_UINT32_LE(nonce, 8);
 
-    mbedtls_platform_zeroize( ctx->keystream8, sizeof( ctx->keystream8 ) );
+    mbedtls_platform_zeroize(ctx->keystream8, sizeof(ctx->keystream8));
 
     /* Initially, there's no keystream bytes available */
     ctx->keystream_bytes_used = CHACHA20_BLOCK_SIZE_BYTES;
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
-                              size_t size,
-                              const unsigned char *input,
-                              unsigned char *output )
+int mbedtls_chacha20_update(mbedtls_chacha20_context *ctx,
+                            size_t size,
+                            const unsigned char *input,
+                            unsigned char *output)
 {
     size_t offset = 0U;
     size_t i;
 
-    CHACHA20_VALIDATE_RET( ctx != NULL );
-    CHACHA20_VALIDATE_RET( size == 0 || input  != NULL );
-    CHACHA20_VALIDATE_RET( size == 0 || output != NULL );
+    CHACHA20_VALIDATE_RET(ctx != NULL);
+    CHACHA20_VALIDATE_RET(size == 0 || input  != NULL);
+    CHACHA20_VALIDATE_RET(size == 0 || output != NULL);
 
     /* Use leftover keystream bytes, if available */
-    while( size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES )
-    {
+    while (size > 0U && ctx->keystream_bytes_used < CHACHA20_BLOCK_SIZE_BYTES) {
         output[offset] = input[offset]
-                       ^ ctx->keystream8[ctx->keystream_bytes_used];
+                         ^ ctx->keystream8[ctx->keystream_bytes_used];
 
         ctx->keystream_bytes_used++;
         offset++;
@@ -249,15 +247,13 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
     }
 
     /* Process full blocks */
-    while( size >= CHACHA20_BLOCK_SIZE_BYTES )
-    {
+    while (size >= CHACHA20_BLOCK_SIZE_BYTES) {
         /* Generate new keystream block and increment counter */
-        chacha20_block( ctx->state, ctx->keystream8 );
+        chacha20_block(ctx->state, ctx->keystream8);
         ctx->state[CHACHA20_CTR_INDEX]++;
 
-        for( i = 0U; i < 64U; i += 8U )
-        {
-            output[offset + i  ] = input[offset + i  ] ^ ctx->keystream8[i  ];
+        for (i = 0U; i < 64U; i += 8U) {
+            output[offset + i] = input[offset + i] ^ ctx->keystream8[i];
             output[offset + i+1] = input[offset + i+1] ^ ctx->keystream8[i+1];
             output[offset + i+2] = input[offset + i+2] ^ ctx->keystream8[i+2];
             output[offset + i+3] = input[offset + i+3] ^ ctx->keystream8[i+3];
@@ -272,14 +268,12 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
     }
 
     /* Last (partial) block */
-    if( size > 0U )
-    {
+    if (size > 0U) {
         /* Generate new keystream block and increment counter */
-        chacha20_block( ctx->state, ctx->keystream8 );
+        chacha20_block(ctx->state, ctx->keystream8);
         ctx->state[CHACHA20_CTR_INDEX]++;
 
-        for( i = 0U; i < size; i++)
-        {
+        for (i = 0U; i < size; i++) {
             output[offset + i] = input[offset + i] ^ ctx->keystream8[i];
         }
 
@@ -287,39 +281,41 @@ int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
 
     }
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_chacha20_crypt( const unsigned char key[32],
-                            const unsigned char nonce[12],
-                            uint32_t counter,
-                            size_t data_len,
-                            const unsigned char* input,
-                            unsigned char* output )
+int mbedtls_chacha20_crypt(const unsigned char key[32],
+                           const unsigned char nonce[12],
+                           uint32_t counter,
+                           size_t data_len,
+                           const unsigned char *input,
+                           unsigned char *output)
 {
     mbedtls_chacha20_context ctx;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    CHACHA20_VALIDATE_RET( key != NULL );
-    CHACHA20_VALIDATE_RET( nonce != NULL );
-    CHACHA20_VALIDATE_RET( data_len == 0 || input  != NULL );
-    CHACHA20_VALIDATE_RET( data_len == 0 || output != NULL );
+    CHACHA20_VALIDATE_RET(key != NULL);
+    CHACHA20_VALIDATE_RET(nonce != NULL);
+    CHACHA20_VALIDATE_RET(data_len == 0 || input  != NULL);
+    CHACHA20_VALIDATE_RET(data_len == 0 || output != NULL);
 
-    mbedtls_chacha20_init( &ctx );
+    mbedtls_chacha20_init(&ctx);
 
-    ret = mbedtls_chacha20_setkey( &ctx, key );
-    if( ret != 0 )
+    ret = mbedtls_chacha20_setkey(&ctx, key);
+    if (ret != 0) {
         goto cleanup;
+    }
 
-    ret = mbedtls_chacha20_starts( &ctx, nonce, counter );
-    if( ret != 0 )
+    ret = mbedtls_chacha20_starts(&ctx, nonce, counter);
+    if (ret != 0) {
         goto cleanup;
+    }
 
-    ret = mbedtls_chacha20_update( &ctx, data_len, input, output );
+    ret = mbedtls_chacha20_update(&ctx, data_len, input, output);
 
 cleanup:
-    mbedtls_chacha20_free( &ctx );
-    return( ret );
+    mbedtls_chacha20_free(&ctx);
+    return ret;
 }
 
 #endif /* !MBEDTLS_CHACHA20_ALT */
@@ -495,50 +491,52 @@ static const size_t test_lengths[2] =
 /* Make sure no other definition is already present. */
 #undef ASSERT
 
-#define ASSERT( cond, args )            \
+#define ASSERT(cond, args)            \
     do                                  \
     {                                   \
-        if( ! ( cond ) )                \
+        if (!(cond))                \
         {                               \
-            if( verbose != 0 )          \
-                mbedtls_printf args;    \
+            if (verbose != 0)          \
+            mbedtls_printf args;    \
                                         \
-            return( -1 );               \
+            return -1;               \
         }                               \
     }                                   \
-    while( 0 )
+    while (0)
 
-int mbedtls_chacha20_self_test( int verbose )
+int mbedtls_chacha20_self_test(int verbose)
 {
     unsigned char output[381];
     unsigned i;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    for( i = 0U; i < 2U; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  ChaCha20 test %u ", i );
+    for (i = 0U; i < 2U; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  ChaCha20 test %u ", i);
+        }
 
-        ret = mbedtls_chacha20_crypt( test_keys[i],
-                                      test_nonces[i],
-                                      test_counters[i],
-                                      test_lengths[i],
-                                      test_input[i],
-                                      output );
+        ret = mbedtls_chacha20_crypt(test_keys[i],
+                                     test_nonces[i],
+                                     test_counters[i],
+                                     test_lengths[i],
+                                     test_input[i],
+                                     output);
 
-        ASSERT( 0 == ret, ( "error code: %i\n", ret ) );
+        ASSERT(0 == ret, ("error code: %i\n", ret));
 
-        ASSERT( 0 == memcmp( output, test_output[i], test_lengths[i] ),
-                ( "failed (output)\n" ) );
+        ASSERT(0 == memcmp(output, test_output[i], test_lengths[i]),
+               ("failed (output)\n"));
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/chachapoly.c

@@ -33,34 +33,35 @@
 #if !defined(MBEDTLS_CHACHAPOLY_ALT)
 
 /* Parameter validation macros */
-#define CHACHAPOLY_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA )
-#define CHACHAPOLY_VALIDATE( cond )                                           \
-    MBEDTLS_INTERNAL_VALIDATE( cond )
+#define CHACHAPOLY_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA)
+#define CHACHAPOLY_VALIDATE(cond)                                           \
+    MBEDTLS_INTERNAL_VALIDATE(cond)
 
-#define CHACHAPOLY_STATE_INIT       ( 0 )
-#define CHACHAPOLY_STATE_AAD        ( 1 )
-#define CHACHAPOLY_STATE_CIPHERTEXT ( 2 ) /* Encrypting or decrypting */
-#define CHACHAPOLY_STATE_FINISHED   ( 3 )
+#define CHACHAPOLY_STATE_INIT       (0)
+#define CHACHAPOLY_STATE_AAD        (1)
+#define CHACHAPOLY_STATE_CIPHERTEXT (2)   /* Encrypting or decrypting */
+#define CHACHAPOLY_STATE_FINISHED   (3)
 
 /**
  * \brief           Adds nul bytes to pad the AAD for Poly1305.
  *
  * \param ctx       The ChaCha20-Poly1305 context.
  */
-static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
+static int chachapoly_pad_aad(mbedtls_chachapoly_context *ctx)
 {
-    uint32_t partial_block_len = (uint32_t) ( ctx->aad_len % 16U );
+    uint32_t partial_block_len = (uint32_t) (ctx->aad_len % 16U);
     unsigned char zeroes[15];
 
-    if( partial_block_len == 0U )
-        return( 0 );
+    if (partial_block_len == 0U) {
+        return 0;
+    }
 
-    memset( zeroes, 0, sizeof( zeroes ) );
+    memset(zeroes, 0, sizeof(zeroes));
 
-    return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
-                                     zeroes,
-                                     16U - partial_block_len ) );
+    return mbedtls_poly1305_update(&ctx->poly1305_ctx,
+                                   zeroes,
+                                   16U - partial_block_len);
 }
 
 /**
@@ -68,86 +69,89 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx )
  *
  * \param ctx       The ChaCha20-Poly1305 context.
  */
-static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx )
+static int chachapoly_pad_ciphertext(mbedtls_chachapoly_context *ctx)
 {
-    uint32_t partial_block_len = (uint32_t) ( ctx->ciphertext_len % 16U );
+    uint32_t partial_block_len = (uint32_t) (ctx->ciphertext_len % 16U);
     unsigned char zeroes[15];
 
-    if( partial_block_len == 0U )
-        return( 0 );
+    if (partial_block_len == 0U) {
+        return 0;
+    }
 
-    memset( zeroes, 0, sizeof( zeroes ) );
-    return( mbedtls_poly1305_update( &ctx->poly1305_ctx,
-                                     zeroes,
-                                     16U - partial_block_len ) );
+    memset(zeroes, 0, sizeof(zeroes));
+    return mbedtls_poly1305_update(&ctx->poly1305_ctx,
+                                   zeroes,
+                                   16U - partial_block_len);
 }
 
-void mbedtls_chachapoly_init( mbedtls_chachapoly_context *ctx )
+void mbedtls_chachapoly_init(mbedtls_chachapoly_context *ctx)
 {
-    CHACHAPOLY_VALIDATE( ctx != NULL );
+    CHACHAPOLY_VALIDATE(ctx != NULL);
 
-    mbedtls_chacha20_init( &ctx->chacha20_ctx );
-    mbedtls_poly1305_init( &ctx->poly1305_ctx );
+    mbedtls_chacha20_init(&ctx->chacha20_ctx);
+    mbedtls_poly1305_init(&ctx->poly1305_ctx);
     ctx->aad_len        = 0U;
     ctx->ciphertext_len = 0U;
     ctx->state          = CHACHAPOLY_STATE_INIT;
     ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
 }
 
-void mbedtls_chachapoly_free( mbedtls_chachapoly_context *ctx )
+void mbedtls_chachapoly_free(mbedtls_chachapoly_context *ctx)
 {
-    if( ctx == NULL )
+    if (ctx == NULL) {
         return;
+    }
 
-    mbedtls_chacha20_free( &ctx->chacha20_ctx );
-    mbedtls_poly1305_free( &ctx->poly1305_ctx );
+    mbedtls_chacha20_free(&ctx->chacha20_ctx);
+    mbedtls_poly1305_free(&ctx->poly1305_ctx);
     ctx->aad_len        = 0U;
     ctx->ciphertext_len = 0U;
     ctx->state          = CHACHAPOLY_STATE_INIT;
     ctx->mode           = MBEDTLS_CHACHAPOLY_ENCRYPT;
 }
 
-int mbedtls_chachapoly_setkey( mbedtls_chachapoly_context *ctx,
-                               const unsigned char key[32] )
+int mbedtls_chachapoly_setkey(mbedtls_chachapoly_context *ctx,
+                              const unsigned char key[32])
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( key != NULL );
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(key != NULL);
 
-    ret = mbedtls_chacha20_setkey( &ctx->chacha20_ctx, key );
+    ret = mbedtls_chacha20_setkey(&ctx->chacha20_ctx, key);
 
-    return( ret );
+    return ret;
 }
 
-int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
-                               const unsigned char nonce[12],
-                               mbedtls_chachapoly_mode_t mode  )
+int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx,
+                              const unsigned char nonce[12],
+                              mbedtls_chachapoly_mode_t mode)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char poly1305_key[64];
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( nonce != NULL );
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(nonce != NULL);
 
     /* Set counter = 0, will be update to 1 when generating Poly1305 key */
-    ret = mbedtls_chacha20_starts( &ctx->chacha20_ctx, nonce, 0U );
-    if( ret != 0 )
+    ret = mbedtls_chacha20_starts(&ctx->chacha20_ctx, nonce, 0U);
+    if (ret != 0) {
         goto cleanup;
+    }
 
     /* Generate the Poly1305 key by getting the ChaCha20 keystream output with
      * counter = 0.  This is the same as encrypting a buffer of zeroes.
      * Only the first 256-bits (32 bytes) of the key is used for Poly1305.
      * The other 256 bits are discarded.
      */
-    memset( poly1305_key, 0, sizeof( poly1305_key ) );
-    ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ),
-                                      poly1305_key, poly1305_key );
-    if( ret != 0 )
+    memset(poly1305_key, 0, sizeof(poly1305_key));
+    ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, sizeof(poly1305_key),
+                                  poly1305_key, poly1305_key);
+    if (ret != 0) {
         goto cleanup;
+    }
 
-    ret = mbedtls_poly1305_starts( &ctx->poly1305_ctx, poly1305_key );
+    ret = mbedtls_poly1305_starts(&ctx->poly1305_ctx, poly1305_key);
 
-    if( ret == 0 )
-    {
+    if (ret == 0) {
         ctx->aad_len        = 0U;
         ctx->ciphertext_len = 0U;
         ctx->state          = CHACHAPOLY_STATE_AAD;
@@ -155,100 +159,99 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx,
     }
 
 cleanup:
-    mbedtls_platform_zeroize( poly1305_key, 64U );
-    return( ret );
+    mbedtls_platform_zeroize(poly1305_key, 64U);
+    return ret;
 }
 
-int mbedtls_chachapoly_update_aad( mbedtls_chachapoly_context *ctx,
-                                   const unsigned char *aad,
-                                   size_t aad_len )
+int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx,
+                                  const unsigned char *aad,
+                                  size_t aad_len)
 {
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad != NULL );
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad != NULL);
 
-    if( ctx->state != CHACHAPOLY_STATE_AAD )
-        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+    if (ctx->state != CHACHAPOLY_STATE_AAD) {
+        return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
+    }
 
     ctx->aad_len += aad_len;
 
-    return( mbedtls_poly1305_update( &ctx->poly1305_ctx, aad, aad_len ) );
+    return mbedtls_poly1305_update(&ctx->poly1305_ctx, aad, aad_len);
 }
 
-int mbedtls_chachapoly_update( mbedtls_chachapoly_context *ctx,
-                               size_t len,
-                               const unsigned char *input,
-                               unsigned char *output )
+int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx,
+                              size_t len,
+                              const unsigned char *input,
+                              unsigned char *output)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( len == 0 || input != NULL );
-    CHACHAPOLY_VALIDATE_RET( len == 0 || output != NULL );
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(len == 0 || input != NULL);
+    CHACHAPOLY_VALIDATE_RET(len == 0 || output != NULL);
 
-    if( ( ctx->state != CHACHAPOLY_STATE_AAD ) &&
-        ( ctx->state != CHACHAPOLY_STATE_CIPHERTEXT ) )
-    {
-        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+    if ((ctx->state != CHACHAPOLY_STATE_AAD) &&
+        (ctx->state != CHACHAPOLY_STATE_CIPHERTEXT)) {
+        return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
     }
 
-    if( ctx->state == CHACHAPOLY_STATE_AAD )
-    {
+    if (ctx->state == CHACHAPOLY_STATE_AAD) {
         ctx->state = CHACHAPOLY_STATE_CIPHERTEXT;
 
-        ret = chachapoly_pad_aad( ctx );
-        if( ret != 0 )
-            return( ret );
+        ret = chachapoly_pad_aad(ctx);
+        if (ret != 0) {
+            return ret;
+        }
     }
 
     ctx->ciphertext_len += len;
 
-    if( ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT )
-    {
-        ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
-        if( ret != 0 )
-            return( ret );
-
-        ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, output, len );
-        if( ret != 0 )
-            return( ret );
-    }
-    else /* DECRYPT */
-    {
-        ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, input, len );
-        if( ret != 0 )
-            return( ret );
-
-        ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, len, input, output );
-        if( ret != 0 )
-            return( ret );
+    if (ctx->mode == MBEDTLS_CHACHAPOLY_ENCRYPT) {
+        ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
+        if (ret != 0) {
+            return ret;
+        }
+
+        ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, output, len);
+        if (ret != 0) {
+            return ret;
+        }
+    } else { /* DECRYPT */
+        ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, input, len);
+        if (ret != 0) {
+            return ret;
+        }
+
+        ret = mbedtls_chacha20_update(&ctx->chacha20_ctx, len, input, output);
+        if (ret != 0) {
+            return ret;
+        }
     }
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
-                               unsigned char mac[16] )
+int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx,
+                              unsigned char mac[16])
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char len_block[16];
-    CHACHAPOLY_VALIDATE_RET( ctx != NULL );
-    CHACHAPOLY_VALIDATE_RET( mac != NULL );
+    CHACHAPOLY_VALIDATE_RET(ctx != NULL);
+    CHACHAPOLY_VALIDATE_RET(mac != NULL);
 
-    if( ctx->state == CHACHAPOLY_STATE_INIT )
-    {
-        return( MBEDTLS_ERR_CHACHAPOLY_BAD_STATE );
+    if (ctx->state == CHACHAPOLY_STATE_INIT) {
+        return MBEDTLS_ERR_CHACHAPOLY_BAD_STATE;
     }
 
-    if( ctx->state == CHACHAPOLY_STATE_AAD )
-    {
-        ret = chachapoly_pad_aad( ctx );
-        if( ret != 0 )
-            return( ret );
-    }
-    else if( ctx->state == CHACHAPOLY_STATE_CIPHERTEXT )
-    {
-        ret = chachapoly_pad_ciphertext( ctx );
-        if( ret != 0 )
-            return( ret );
+    if (ctx->state == CHACHAPOLY_STATE_AAD) {
+        ret = chachapoly_pad_aad(ctx);
+        if (ret != 0) {
+            return ret;
+        }
+    } else if (ctx->state == CHACHAPOLY_STATE_CIPHERTEXT) {
+        ret = chachapoly_pad_ciphertext(ctx);
+        if (ret != 0) {
+            return ret;
+        }
     }
 
     ctx->state = CHACHAPOLY_STATE_FINISHED;
@@ -259,104 +262,107 @@ int mbedtls_chachapoly_finish( mbedtls_chachapoly_context *ctx,
     MBEDTLS_PUT_UINT64_LE(ctx->aad_len, len_block, 0);
     MBEDTLS_PUT_UINT64_LE(ctx->ciphertext_len, len_block, 8);
 
-    ret = mbedtls_poly1305_update( &ctx->poly1305_ctx, len_block, 16U );
-    if( ret != 0 )
-        return( ret );
+    ret = mbedtls_poly1305_update(&ctx->poly1305_ctx, len_block, 16U);
+    if (ret != 0) {
+        return ret;
+    }
 
-    ret = mbedtls_poly1305_finish( &ctx->poly1305_ctx, mac );
+    ret = mbedtls_poly1305_finish(&ctx->poly1305_ctx, mac);
 
-    return( ret );
+    return ret;
 }
 
-static int chachapoly_crypt_and_tag( mbedtls_chachapoly_context *ctx,
-                                     mbedtls_chachapoly_mode_t mode,
-                                     size_t length,
-                                     const unsigned char nonce[12],
-                                     const unsigned char *aad,
-                                     size_t aad_len,
-                                     const unsigned char *input,
-                                     unsigned char *output,
-                                     unsigned char tag[16] )
+static int chachapoly_crypt_and_tag(mbedtls_chachapoly_context *ctx,
+                                    mbedtls_chachapoly_mode_t mode,
+                                    size_t length,
+                                    const unsigned char nonce[12],
+                                    const unsigned char *aad,
+                                    size_t aad_len,
+                                    const unsigned char *input,
+                                    unsigned char *output,
+                                    unsigned char tag[16])
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    ret = mbedtls_chachapoly_starts( ctx, nonce, mode );
-    if( ret != 0 )
+    ret = mbedtls_chachapoly_starts(ctx, nonce, mode);
+    if (ret != 0) {
         goto cleanup;
+    }
 
-    ret = mbedtls_chachapoly_update_aad( ctx, aad, aad_len );
-    if( ret != 0 )
+    ret = mbedtls_chachapoly_update_aad(ctx, aad, aad_len);
+    if (ret != 0) {
         goto cleanup;
+    }
 
-    ret = mbedtls_chachapoly_update( ctx, length, input, output );
-    if( ret != 0 )
+    ret = mbedtls_chachapoly_update(ctx, length, input, output);
+    if (ret != 0) {
         goto cleanup;
+    }
 
-    ret = mbedtls_chachapoly_finish( ctx, tag );
+    ret = mbedtls_chachapoly_finish(ctx, tag);
 
 cleanup:
-    return( ret );
+    return ret;
 }
 
-int mbedtls_chachapoly_encrypt_and_tag( mbedtls_chachapoly_context *ctx,
-                                        size_t length,
-                                        const unsigned char nonce[12],
-                                        const unsigned char *aad,
-                                        size_t aad_len,
-                                        const unsigned char *input,
-                                        unsigned char *output,
-                                        unsigned char tag[16] )
+int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx,
+                                       size_t length,
+                                       const unsigned char nonce[12],
+                                       const unsigned char *aad,
+                                       size_t aad_len,
+                                       const unsigned char *input,
+                                       unsigned char *output,
+                                       unsigned char tag[16])
 {
-    CHACHAPOLY_VALIDATE_RET( ctx   != NULL );
-    CHACHAPOLY_VALIDATE_RET( nonce != NULL );
-    CHACHAPOLY_VALIDATE_RET( tag   != NULL );
-    CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad    != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || input  != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || output != NULL );
-
-    return( chachapoly_crypt_and_tag( ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
-                                      length, nonce, aad, aad_len,
-                                      input, output, tag ) );
+    CHACHAPOLY_VALIDATE_RET(ctx   != NULL);
+    CHACHAPOLY_VALIDATE_RET(nonce != NULL);
+    CHACHAPOLY_VALIDATE_RET(tag   != NULL);
+    CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad    != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || input  != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || output != NULL);
+
+    return chachapoly_crypt_and_tag(ctx, MBEDTLS_CHACHAPOLY_ENCRYPT,
+                                    length, nonce, aad, aad_len,
+                                    input, output, tag);
 }
 
-int mbedtls_chachapoly_auth_decrypt( mbedtls_chachapoly_context *ctx,
-                                     size_t length,
-                                     const unsigned char nonce[12],
-                                     const unsigned char *aad,
-                                     size_t aad_len,
-                                     const unsigned char tag[16],
-                                     const unsigned char *input,
-                                     unsigned char *output )
+int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx,
+                                    size_t length,
+                                    const unsigned char nonce[12],
+                                    const unsigned char *aad,
+                                    size_t aad_len,
+                                    const unsigned char tag[16],
+                                    const unsigned char *input,
+                                    unsigned char *output)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char check_tag[16];
     size_t i;
     int diff;
-    CHACHAPOLY_VALIDATE_RET( ctx   != NULL );
-    CHACHAPOLY_VALIDATE_RET( nonce != NULL );
-    CHACHAPOLY_VALIDATE_RET( tag   != NULL );
-    CHACHAPOLY_VALIDATE_RET( aad_len == 0 || aad    != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || input  != NULL );
-    CHACHAPOLY_VALIDATE_RET( length  == 0 || output != NULL );
-
-    if( ( ret = chachapoly_crypt_and_tag( ctx,
-                        MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
-                        aad, aad_len, input, output, check_tag ) ) != 0 )
-    {
-        return( ret );
+    CHACHAPOLY_VALIDATE_RET(ctx   != NULL);
+    CHACHAPOLY_VALIDATE_RET(nonce != NULL);
+    CHACHAPOLY_VALIDATE_RET(tag   != NULL);
+    CHACHAPOLY_VALIDATE_RET(aad_len == 0 || aad    != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || input  != NULL);
+    CHACHAPOLY_VALIDATE_RET(length  == 0 || output != NULL);
+
+    if ((ret = chachapoly_crypt_and_tag(ctx,
+                                        MBEDTLS_CHACHAPOLY_DECRYPT, length, nonce,
+                                        aad, aad_len, input, output, check_tag)) != 0) {
+        return ret;
     }
 
     /* Check tag in "constant-time" */
-    for( diff = 0, i = 0; i < sizeof( check_tag ); i++ )
+    for (diff = 0, i = 0; i < sizeof(check_tag); i++) {
         diff |= tag[i] ^ check_tag[i];
+    }
 
-    if( diff != 0 )
-    {
-        mbedtls_platform_zeroize( output, length );
-        return( MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED );
+    if (diff != 0) {
+        mbedtls_platform_zeroize(output, length);
+        return MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED;
     }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_CHACHAPOLY_ALT */
@@ -452,20 +458,20 @@ static const unsigned char test_mac[1][16] =
 /* Make sure no other definition is already present. */
 #undef ASSERT
 
-#define ASSERT( cond, args )            \
+#define ASSERT(cond, args)            \
     do                                  \
     {                                   \
-        if( ! ( cond ) )                \
+        if (!(cond))                \
         {                               \
-            if( verbose != 0 )          \
-                mbedtls_printf args;    \
+            if (verbose != 0)          \
+            mbedtls_printf args;    \
                                         \
-            return( -1 );               \
+            return -1;               \
         }                               \
     }                                   \
-    while( 0 )
+    while (0)
 
-int mbedtls_chachapoly_self_test( int verbose )
+int mbedtls_chachapoly_self_test(int verbose)
 {
     mbedtls_chachapoly_context ctx;
     unsigned i;
@@ -473,43 +479,45 @@ int mbedtls_chachapoly_self_test( int verbose )
     unsigned char output[200];
     unsigned char mac[16];
 
-    for( i = 0U; i < 1U; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  ChaCha20-Poly1305 test %u ", i );
+    for (i = 0U; i < 1U; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  ChaCha20-Poly1305 test %u ", i);
+        }
 
-        mbedtls_chachapoly_init( &ctx );
+        mbedtls_chachapoly_init(&ctx);
 
-        ret = mbedtls_chachapoly_setkey( &ctx, test_key[i] );
-        ASSERT( 0 == ret, ( "setkey() error code: %i\n", ret ) );
+        ret = mbedtls_chachapoly_setkey(&ctx, test_key[i]);
+        ASSERT(0 == ret, ("setkey() error code: %i\n", ret));
 
-        ret = mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                                  test_input_len[i],
-                                                  test_nonce[i],
-                                                  test_aad[i],
-                                                  test_aad_len[i],
-                                                  test_input[i],
-                                                  output,
-                                                  mac );
+        ret = mbedtls_chachapoly_encrypt_and_tag(&ctx,
+                                                 test_input_len[i],
+                                                 test_nonce[i],
+                                                 test_aad[i],
+                                                 test_aad_len[i],
+                                                 test_input[i],
+                                                 output,
+                                                 mac);
 
-        ASSERT( 0 == ret, ( "crypt_and_tag() error code: %i\n", ret ) );
+        ASSERT(0 == ret, ("crypt_and_tag() error code: %i\n", ret));
 
-        ASSERT( 0 == memcmp( output, test_output[i], test_input_len[i] ),
-                ( "failure (wrong output)\n" ) );
+        ASSERT(0 == memcmp(output, test_output[i], test_input_len[i]),
+               ("failure (wrong output)\n"));
 
-        ASSERT( 0 == memcmp( mac, test_mac[i], 16U ),
-                ( "failure (wrong MAC)\n" ) );
+        ASSERT(0 == memcmp(mac, test_mac[i], 16U),
+               ("failure (wrong MAC)\n"));
 
-        mbedtls_chachapoly_free( &ctx );
+        mbedtls_chachapoly_free(&ctx);
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/check_crypto_config.h

@@ -29,57 +29,57 @@
 #define MBEDTLS_CHECK_CRYPTO_CONFIG_H
 
 #if defined(PSA_WANT_ALG_CCM) && \
-    !( defined(PSA_WANT_KEY_TYPE_AES) || \
-       defined(PSA_WANT_KEY_TYPE_CAMELLIA) )
+    !(defined(PSA_WANT_KEY_TYPE_AES) || \
+    defined(PSA_WANT_KEY_TYPE_CAMELLIA))
 #error "PSA_WANT_ALG_CCM defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_CMAC) && \
-    !( defined(PSA_WANT_KEY_TYPE_AES) || \
-       defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \
-       defined(PSA_WANT_KEY_TYPE_DES) )
+    !(defined(PSA_WANT_KEY_TYPE_AES) || \
+    defined(PSA_WANT_KEY_TYPE_CAMELLIA) || \
+    defined(PSA_WANT_KEY_TYPE_DES))
 #error "PSA_WANT_ALG_CMAC defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \
-    !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) )
+    !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
 #error "PSA_WANT_ALG_DETERMINISTIC_ECDSA defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_ECDSA) && \
-    !( defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) )
+    !(defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY))
 #error "PSA_WANT_ALG_ECDSA defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_GCM) && \
-    !( defined(PSA_WANT_KEY_TYPE_AES) || \
-       defined(PSA_WANT_KEY_TYPE_CAMELLIA) )
+    !(defined(PSA_WANT_KEY_TYPE_AES) || \
+    defined(PSA_WANT_KEY_TYPE_CAMELLIA))
 #error "PSA_WANT_ALG_GCM defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
 #error "PSA_WANT_ALG_RSA_PKCS1V15_CRYPT defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
 #error "PSA_WANT_ALG_RSA_PKCS1V15_SIGN defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_RSA_OAEP) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
 #error "PSA_WANT_ALG_RSA_OAEP defined, but not all prerequisites"
 #endif
 
 #if defined(PSA_WANT_ALG_RSA_PSS) && \
-    !( defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
-       defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) )
+    !(defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR) || \
+    defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY))
 #error "PSA_WANT_ALG_RSA_PSS defined, but not all prerequisites"
 #endif
 

thirdparty/mbedtls/library/cmac.c

@@ -63,9 +63,9 @@
  * Input and output MUST NOT point to the same buffer
  * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES.
  */
-static int cmac_multiply_by_u( unsigned char *output,
-                               const unsigned char *input,
-                               size_t blocksize )
+static int cmac_multiply_by_u(unsigned char *output,
+                              const unsigned char *input,
+                              size_t blocksize)
 {
     const unsigned char R_128 = 0x87;
     const unsigned char R_64 = 0x1B;
@@ -73,21 +73,15 @@ static int cmac_multiply_by_u( unsigned char *output,
     unsigned char overflow = 0x00;
     int i;
 
-    if( blocksize == MBEDTLS_AES_BLOCK_SIZE )
-    {
+    if (blocksize == MBEDTLS_AES_BLOCK_SIZE) {
         R_n = R_128;
-    }
-    else if( blocksize == MBEDTLS_DES3_BLOCK_SIZE )
-    {
+    } else if (blocksize == MBEDTLS_DES3_BLOCK_SIZE) {
         R_n = R_64;
-    }
-    else
-    {
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    } else {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }
 
-    for( i = (int)blocksize - 1; i >= 0; i-- )
-    {
+    for (i = (int) blocksize - 1; i >= 0; i--) {
         output[i] = input[i] << 1 | overflow;
         overflow = input[i] >> 7;
     }
@@ -101,14 +95,14 @@ static int cmac_multiply_by_u( unsigned char *output,
 #pragma warning( push )
 #pragma warning( disable : 4146 )
 #endif
-    mask = - ( input[0] >> 7 );
+    mask = -(input[0] >> 7);
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif
 
-    output[ blocksize - 1 ] ^= R_n & mask;
+    output[blocksize - 1] ^= R_n & mask;
 
-    return( 0 );
+    return 0;
 }
 
 /*
@@ -116,46 +110,50 @@ static int cmac_multiply_by_u( unsigned char *output,
  *
  * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm
  */
-static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx,
-                                  unsigned char* K1, unsigned char* K2 )
+static int cmac_generate_subkeys(mbedtls_cipher_context_t *ctx,
+                                 unsigned char *K1, unsigned char *K2)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX];
     size_t olen, block_size;
 
-    mbedtls_platform_zeroize( L, sizeof( L ) );
+    mbedtls_platform_zeroize(L, sizeof(L));
 
     block_size = ctx->cipher_info->block_size;
 
     /* Calculate Ek(0) */
-    if( ( ret = mbedtls_cipher_update( ctx, L, block_size, L, &olen ) ) != 0 )
+    if ((ret = mbedtls_cipher_update(ctx, L, block_size, L, &olen)) != 0) {
         goto exit;
+    }
 
     /*
      * Generate K1 and K2
      */
-    if( ( ret = cmac_multiply_by_u( K1, L , block_size ) ) != 0 )
+    if ((ret = cmac_multiply_by_u(K1, L, block_size)) != 0) {
         goto exit;
+    }
 
-    if( ( ret = cmac_multiply_by_u( K2, K1 , block_size ) ) != 0 )
+    if ((ret = cmac_multiply_by_u(K2, K1, block_size)) != 0) {
         goto exit;
+    }
 
 exit:
-    mbedtls_platform_zeroize( L, sizeof( L ) );
+    mbedtls_platform_zeroize(L, sizeof(L));
 
-    return( ret );
+    return ret;
 }
 #endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
 
 #if !defined(MBEDTLS_CMAC_ALT)
-static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
-                            const unsigned char *input2,
-                            const size_t block_size )
+static void cmac_xor_block(unsigned char *output, const unsigned char *input1,
+                           const unsigned char *input2,
+                           const size_t block_size)
 {
     size_t idx;
 
-    for( idx = 0; idx < block_size; idx++ )
-        output[ idx ] = input1[ idx ] ^ input2[ idx ];
+    for (idx = 0; idx < block_size; idx++) {
+        output[idx] = input1[idx] ^ input2[idx];
+    }
 }
 
 /*
@@ -164,75 +162,78 @@ static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
  * We can't use the padding option from the cipher layer, as it only works for
  * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
  */
-static void cmac_pad( unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
-                      size_t padded_block_len,
-                      const unsigned char *last_block,
-                      size_t last_block_len )
+static void cmac_pad(unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
+                     size_t padded_block_len,
+                     const unsigned char *last_block,
+                     size_t last_block_len)
 {
     size_t j;
 
-    for( j = 0; j < padded_block_len; j++ )
-    {
-        if( j < last_block_len )
+    for (j = 0; j < padded_block_len; j++) {
+        if (j < last_block_len) {
             padded_block[j] = last_block[j];
-        else if( j == last_block_len )
+        } else if (j == last_block_len) {
             padded_block[j] = 0x80;
-        else
+        } else {
             padded_block[j] = 0x00;
+        }
     }
 }
 
-int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *key, size_t keybits )
+int mbedtls_cipher_cmac_starts(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *key, size_t keybits)
 {
     mbedtls_cipher_type_t type;
     mbedtls_cmac_context_t *cmac_ctx;
     int retval;
 
-    if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    if (ctx == NULL || ctx->cipher_info == NULL || key == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
 
-    if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
-                                          MBEDTLS_ENCRYPT ) ) != 0 )
-        return( retval );
+    if ((retval = mbedtls_cipher_setkey(ctx, key, (int) keybits,
+                                        MBEDTLS_ENCRYPT)) != 0) {
+        return retval;
+    }
 
     type = ctx->cipher_info->type;
 
-    switch( type )
-    {
+    switch (type) {
         case MBEDTLS_CIPHER_AES_128_ECB:
         case MBEDTLS_CIPHER_AES_192_ECB:
         case MBEDTLS_CIPHER_AES_256_ECB:
         case MBEDTLS_CIPHER_DES_EDE3_ECB:
             break;
         default:
-            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+            return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
     }
 
     /* Allocated and initialise in the cipher context memory for the CMAC
      * context */
-    cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) );
-    if( cmac_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+    cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t));
+    if (cmac_ctx == NULL) {
+        return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
 
     ctx->cmac_ctx = cmac_ctx;
 
-    mbedtls_platform_zeroize( cmac_ctx->state, sizeof( cmac_ctx->state ) );
+    mbedtls_platform_zeroize(cmac_ctx->state, sizeof(cmac_ctx->state));
 
     return 0;
 }
 
-int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
-                                const unsigned char *input, size_t ilen )
+int mbedtls_cipher_cmac_update(mbedtls_cipher_context_t *ctx,
+                               const unsigned char *input, size_t ilen)
 {
-    mbedtls_cmac_context_t* cmac_ctx;
+    mbedtls_cmac_context_t *cmac_ctx;
     unsigned char *state;
     int ret = 0;
     size_t n, j, olen, block_size;
 
-    if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
-        ctx->cmac_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    if (ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
+        ctx->cmac_ctx == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
 
     cmac_ctx = ctx->cmac_ctx;
     block_size = ctx->cipher_info->block_size;
@@ -240,19 +241,17 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
 
     /* Is there data still to process from the last call, that's greater in
      * size than a block? */
-    if( cmac_ctx->unprocessed_len > 0 &&
-        ilen > block_size - cmac_ctx->unprocessed_len )
-    {
-        memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
-                input,
-                block_size - cmac_ctx->unprocessed_len );
+    if (cmac_ctx->unprocessed_len > 0 &&
+        ilen > block_size - cmac_ctx->unprocessed_len) {
+        memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+               input,
+               block_size - cmac_ctx->unprocessed_len);
 
-        cmac_xor_block( state, cmac_ctx->unprocessed_block, state, block_size );
+        cmac_xor_block(state, cmac_ctx->unprocessed_block, state, block_size);
 
-        if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
-                                           &olen ) ) != 0 )
-        {
-           goto exit;
+        if ((ret = mbedtls_cipher_update(ctx, state, block_size, state,
+                                         &olen)) != 0) {
+            goto exit;
         }
 
         input += block_size - cmac_ctx->unprocessed_len;
@@ -261,39 +260,38 @@ int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
     }
 
     /* n is the number of blocks including any final partial block */
-    n = ( ilen + block_size - 1 ) / block_size;
+    n = (ilen + block_size - 1) / block_size;
 
     /* Iterate across the input data in block sized chunks, excluding any
      * final partial or complete block */
-    for( j = 1; j < n; j++ )
-    {
-        cmac_xor_block( state, input, state, block_size );
+    for (j = 1; j < n; j++) {
+        cmac_xor_block(state, input, state, block_size);
 
-        if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
-                                           &olen ) ) != 0 )
-           goto exit;
+        if ((ret = mbedtls_cipher_update(ctx, state, block_size, state,
+                                         &olen)) != 0) {
+            goto exit;
+        }
 
         ilen -= block_size;
         input += block_size;
     }
 
     /* If there is data left over that wasn't aligned to a block */
-    if( ilen > 0 )
-    {
-        memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
-                input,
-                ilen );
+    if (ilen > 0) {
+        memcpy(&cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+               input,
+               ilen);
         cmac_ctx->unprocessed_len += ilen;
     }
 
 exit:
-    return( ret );
+    return ret;
 }
 
-int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
-                                unsigned char *output )
+int mbedtls_cipher_cmac_finish(mbedtls_cipher_context_t *ctx,
+                               unsigned char *output)
 {
-    mbedtls_cmac_context_t* cmac_ctx;
+    mbedtls_cmac_context_t *cmac_ctx;
     unsigned char *state, *last_block;
     unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
     unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
@@ -301,153 +299,153 @@ int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t olen, block_size;
 
-    if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
-        output == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
+        output == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
 
     cmac_ctx = ctx->cmac_ctx;
     block_size = ctx->cipher_info->block_size;
     state = cmac_ctx->state;
 
-    mbedtls_platform_zeroize( K1, sizeof( K1 ) );
-    mbedtls_platform_zeroize( K2, sizeof( K2 ) );
-    cmac_generate_subkeys( ctx, K1, K2 );
+    mbedtls_platform_zeroize(K1, sizeof(K1));
+    mbedtls_platform_zeroize(K2, sizeof(K2));
+    cmac_generate_subkeys(ctx, K1, K2);
 
     last_block = cmac_ctx->unprocessed_block;
 
     /* Calculate last block */
-    if( cmac_ctx->unprocessed_len < block_size )
-    {
-        cmac_pad( M_last, block_size, last_block, cmac_ctx->unprocessed_len );
-        cmac_xor_block( M_last, M_last, K2, block_size );
-    }
-    else
-    {
+    if (cmac_ctx->unprocessed_len < block_size) {
+        cmac_pad(M_last, block_size, last_block, cmac_ctx->unprocessed_len);
+        cmac_xor_block(M_last, M_last, K2, block_size);
+    } else {
         /* Last block is complete block */
-        cmac_xor_block( M_last, last_block, K1, block_size );
+        cmac_xor_block(M_last, last_block, K1, block_size);
     }
 
 
-    cmac_xor_block( state, M_last, state, block_size );
-    if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
-                                       &olen ) ) != 0 )
-    {
+    cmac_xor_block(state, M_last, state, block_size);
+    if ((ret = mbedtls_cipher_update(ctx, state, block_size, state,
+                                     &olen)) != 0) {
         goto exit;
     }
 
-    memcpy( output, state, block_size );
+    memcpy(output, state, block_size);
 
 exit:
     /* Wipe the generated keys on the stack, and any other transients to avoid
      * side channel leakage */
-    mbedtls_platform_zeroize( K1, sizeof( K1 ) );
-    mbedtls_platform_zeroize( K2, sizeof( K2 ) );
+    mbedtls_platform_zeroize(K1, sizeof(K1));
+    mbedtls_platform_zeroize(K2, sizeof(K2));
 
     cmac_ctx->unprocessed_len = 0;
-    mbedtls_platform_zeroize( cmac_ctx->unprocessed_block,
-                              sizeof( cmac_ctx->unprocessed_block ) );
+    mbedtls_platform_zeroize(cmac_ctx->unprocessed_block,
+                             sizeof(cmac_ctx->unprocessed_block));
 
-    mbedtls_platform_zeroize( state, MBEDTLS_CIPHER_BLKSIZE_MAX );
-    return( ret );
+    mbedtls_platform_zeroize(state, MBEDTLS_CIPHER_BLKSIZE_MAX);
+    return ret;
 }
 
-int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx )
+int mbedtls_cipher_cmac_reset(mbedtls_cipher_context_t *ctx)
 {
-    mbedtls_cmac_context_t* cmac_ctx;
+    mbedtls_cmac_context_t *cmac_ctx;
 
-    if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    if (ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
 
     cmac_ctx = ctx->cmac_ctx;
 
     /* Reset the internal state */
     cmac_ctx->unprocessed_len = 0;
-    mbedtls_platform_zeroize( cmac_ctx->unprocessed_block,
-                              sizeof( cmac_ctx->unprocessed_block ) );
-    mbedtls_platform_zeroize( cmac_ctx->state,
-                              sizeof( cmac_ctx->state ) );
+    mbedtls_platform_zeroize(cmac_ctx->unprocessed_block,
+                             sizeof(cmac_ctx->unprocessed_block));
+    mbedtls_platform_zeroize(cmac_ctx->state,
+                             sizeof(cmac_ctx->state));
 
-    return( 0 );
+    return 0;
 }
 
-int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
-                         const unsigned char *key, size_t keylen,
-                         const unsigned char *input, size_t ilen,
-                         unsigned char *output )
+int mbedtls_cipher_cmac(const mbedtls_cipher_info_t *cipher_info,
+                        const unsigned char *key, size_t keylen,
+                        const unsigned char *input, size_t ilen,
+                        unsigned char *output)
 {
     mbedtls_cipher_context_t ctx;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    if( cipher_info == NULL || key == NULL || input == NULL || output == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    if (cipher_info == NULL || key == NULL || input == NULL || output == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
 
-    mbedtls_cipher_init( &ctx );
+    mbedtls_cipher_init(&ctx);
 
-    if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
+    if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) {
         goto exit;
+    }
 
-    ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen );
-    if( ret != 0 )
+    ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen);
+    if (ret != 0) {
         goto exit;
+    }
 
-    ret = mbedtls_cipher_cmac_update( &ctx, input, ilen );
-    if( ret != 0 )
+    ret = mbedtls_cipher_cmac_update(&ctx, input, ilen);
+    if (ret != 0) {
         goto exit;
+    }
 
-    ret = mbedtls_cipher_cmac_finish( &ctx, output );
+    ret = mbedtls_cipher_cmac_finish(&ctx, output);
 
 exit:
-    mbedtls_cipher_free( &ctx );
+    mbedtls_cipher_free(&ctx);
 
-    return( ret );
+    return ret;
 }
 
 #if defined(MBEDTLS_AES_C)
 /*
  * Implementation of AES-CMAC-PRF-128 defined in RFC 4615
  */
-int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
-                              const unsigned char *input, size_t in_len,
-                              unsigned char output[16] )
+int mbedtls_aes_cmac_prf_128(const unsigned char *key, size_t key_length,
+                             const unsigned char *input, size_t in_len,
+                             unsigned char output[16])
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     const mbedtls_cipher_info_t *cipher_info;
     unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
     unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
 
-    if( key == NULL || input == NULL || output == NULL )
-        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    if (key == NULL || input == NULL || output == NULL) {
+        return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
 
-    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
-    if( cipher_info == NULL )
-    {
+    cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
+    if (cipher_info == NULL) {
         /* Failing at this point must be due to a build issue */
         ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
         goto exit;
     }
 
-    if( key_length == MBEDTLS_AES_BLOCK_SIZE )
-    {
+    if (key_length == MBEDTLS_AES_BLOCK_SIZE) {
         /* Use key as is */
-        memcpy( int_key, key, MBEDTLS_AES_BLOCK_SIZE );
-    }
-    else
-    {
-        memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE );
+        memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE);
+    } else {
+        memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE);
 
-        ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key,
-                                   key_length, int_key );
-        if( ret != 0 )
+        ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key,
+                                  key_length, int_key);
+        if (ret != 0) {
             goto exit;
+        }
     }
 
-    ret = mbedtls_cipher_cmac( cipher_info, int_key, 128, input, in_len,
-                               output );
+    ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len,
+                              output);
 
 exit:
-    mbedtls_platform_zeroize( int_key, sizeof( int_key ) );
+    mbedtls_platform_zeroize(int_key, sizeof(int_key));
 
-    return( ret );
+    return ret;
 }
 #endif /* MBEDTLS_AES_C */
 
@@ -508,7 +506,8 @@ static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
         0xf9, 0x0b, 0xc1, 0x1e,     0xe4, 0x6d, 0x51, 0x3b
     }
 };
-static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] =
+{
     {
         /* Example #1 */
         0xbb, 0x1d, 0x69, 0x29,     0xe9, 0x59, 0x37, 0x28,
@@ -549,7 +548,8 @@ static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
         0x7d, 0xcc, 0x87, 0x3b,     0xa9, 0xb5, 0x45, 0x2c
     }
 };
-static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] =
+{
     {
         /* Example #1 */
         0xd1, 0x7d, 0xdf, 0x46,     0xad, 0xaa, 0xcd, 0xe5,
@@ -591,7 +591,8 @@ static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
         0x5d, 0x35, 0x33, 0x01,     0x0c, 0x42, 0xa0, 0xd9
     }
 };
-static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] =
+{
     {
         /* Example #1 */
         0x02, 0x89, 0x62, 0xf6,     0x1b, 0x7b, 0xf8, 0x9e,
@@ -643,7 +644,8 @@ static const unsigned char des3_2key_subkeys[2][8] = {
         0x1b, 0xa5, 0x96, 0xf4,     0x7b, 0x11, 0x11, 0xb2
     }
 };
-static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
+static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE]
+    = {
     {
         /* Sample #1 */
         0x79, 0xce, 0x52, 0xa7,     0xf7, 0x86, 0xa9, 0x60
@@ -660,7 +662,7 @@ static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED
         /* Sample #4 */
         0x9c, 0xd3, 0x35, 0x80,     0xf9, 0xb6, 0x4d, 0xfb
     }
-};
+    };
 
 /* CMAC-TDES (Generation) - 3 Key Test Data */
 static const unsigned char des3_3key_key[24] = {
@@ -681,7 +683,8 @@ static const unsigned char des3_3key_subkeys[2][8] = {
         0x3a, 0xe9, 0xce, 0x72,     0x66, 0x2f, 0x2d, 0x9b
     }
 };
-static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
+static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE]
+    = {
     {
         /* Sample #1 */
         0x7d, 0xb0, 0xd3, 0x7d,     0xf9, 0x36, 0xc5, 0x50
@@ -698,7 +701,7 @@ static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBED
         /* Sample #4 */
         0x99, 0x42, 0x9b, 0xd0,     0xbF, 0x79, 0x04, 0xe5
     }
-};
+    };
 
 #endif /* MBEDTLS_DES_C */
 
@@ -741,14 +744,14 @@ static const unsigned char PRFT[NB_PRF_TESTS][16] = {
 };
 #endif /* MBEDTLS_AES_C */
 
-static int cmac_test_subkeys( int verbose,
-                              const char* testname,
-                              const unsigned char* key,
-                              int keybits,
-                              const unsigned char* subkeys,
-                              mbedtls_cipher_type_t cipher_type,
-                              int block_size,
-                              int num_tests )
+static int cmac_test_subkeys(int verbose,
+                             const char *testname,
+                             const unsigned char *key,
+                             int keybits,
+                             const unsigned char *subkeys,
+                             mbedtls_cipher_type_t cipher_type,
+                             int block_size,
+                             int num_tests)
 {
     int i, ret = 0;
     mbedtls_cipher_context_t ctx;
@@ -756,330 +759,321 @@ static int cmac_test_subkeys( int verbose,
     unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
     unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
 
-    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-    if( cipher_info == NULL )
-    {
+    cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+    if (cipher_info == NULL) {
         /* Failing at this point must be due to a build issue */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     }
 
-    for( i = 0; i < num_tests; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  %s CMAC subkey #%d: ", testname, i + 1 );
+    for (i = 0; i < num_tests; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  %s CMAC subkey #%d: ", testname, i + 1);
+        }
 
-        mbedtls_cipher_init( &ctx );
+        mbedtls_cipher_init(&ctx);
 
-        if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "test execution failed\n" );
+        if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("test execution failed\n");
+            }
 
             goto cleanup;
         }
 
-        if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
-                                       MBEDTLS_ENCRYPT ) ) != 0 )
-        {
+        if ((ret = mbedtls_cipher_setkey(&ctx, key, keybits,
+                                         MBEDTLS_ENCRYPT)) != 0) {
             /* When CMAC is implemented by an alternative implementation, or
              * the underlying primitive itself is implemented alternatively,
              * AES-192 may be unavailable. This should not cause the selftest
              * function to fail. */
-            if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
-                  ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
-                  cipher_type == MBEDTLS_CIPHER_AES_192_ECB ) {
-                if( verbose != 0 )
-                    mbedtls_printf( "skipped\n" );
+            if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+                 ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) &&
+                cipher_type == MBEDTLS_CIPHER_AES_192_ECB) {
+                if (verbose != 0) {
+                    mbedtls_printf("skipped\n");
+                }
                 goto next_test;
             }
 
-            if( verbose != 0 )
-                mbedtls_printf( "test execution failed\n" );
+            if (verbose != 0) {
+                mbedtls_printf("test execution failed\n");
+            }
 
             goto cleanup;
         }
 
-        ret = cmac_generate_subkeys( &ctx, K1, K2 );
-        if( ret != 0 )
-        {
-           if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
+        ret = cmac_generate_subkeys(&ctx, K1, K2);
+        if (ret != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
 
             goto cleanup;
         }
 
-        if( ( ret = memcmp( K1, subkeys, block_size ) ) != 0  ||
-            ( ret = memcmp( K2, &subkeys[block_size], block_size ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
+        if ((ret = memcmp(K1, subkeys, block_size)) != 0  ||
+            (ret = memcmp(K2, &subkeys[block_size], block_size)) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
 
             goto cleanup;
         }
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
 
 next_test:
-        mbedtls_cipher_free( &ctx );
+        mbedtls_cipher_free(&ctx);
     }
 
     ret = 0;
     goto exit;
 
 cleanup:
-    mbedtls_cipher_free( &ctx );
+    mbedtls_cipher_free(&ctx);
 
 exit:
-    return( ret );
+    return ret;
 }
 
-static int cmac_test_wth_cipher( int verbose,
-                                 const char* testname,
-                                 const unsigned char* key,
-                                 int keybits,
-                                 const unsigned char* messages,
-                                 const unsigned int message_lengths[4],
-                                 const unsigned char* expected_result,
-                                 mbedtls_cipher_type_t cipher_type,
-                                 int block_size,
-                                 int num_tests )
+static int cmac_test_wth_cipher(int verbose,
+                                const char *testname,
+                                const unsigned char *key,
+                                int keybits,
+                                const unsigned char *messages,
+                                const unsigned int message_lengths[4],
+                                const unsigned char *expected_result,
+                                mbedtls_cipher_type_t cipher_type,
+                                int block_size,
+                                int num_tests)
 {
     const mbedtls_cipher_info_t *cipher_info;
     int i, ret = 0;
     unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
 
-    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
-    if( cipher_info == NULL )
-    {
+    cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+    if (cipher_info == NULL) {
         /* Failing at this point must be due to a build issue */
         ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
         goto exit;
     }
 
-    for( i = 0; i < num_tests; i++ )
-    {
-        if( verbose != 0 )
-            mbedtls_printf( "  %s CMAC #%d: ", testname, i + 1 );
+    for (i = 0; i < num_tests; i++) {
+        if (verbose != 0) {
+            mbedtls_printf("  %s CMAC #%d: ", testname, i + 1);
+        }
 
-        if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
-                                         message_lengths[i], output ) ) != 0 )
-        {
+        if ((ret = mbedtls_cipher_cmac(cipher_info, key, keybits, messages,
+                                       message_lengths[i], output)) != 0) {
             /* When CMAC is implemented by an alternative implementation, or
              * the underlying primitive itself is implemented alternatively,
              * AES-192 and/or 3DES may be unavailable. This should not cause
              * the selftest function to fail. */
-            if( ( ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
-                  ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ) &&
-                ( cipher_type == MBEDTLS_CIPHER_AES_192_ECB ||
-                  cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB ) ) {
-                if( verbose != 0 )
-                    mbedtls_printf( "skipped\n" );
+            if ((ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ||
+                 ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) &&
+                (cipher_type == MBEDTLS_CIPHER_AES_192_ECB ||
+                 cipher_type == MBEDTLS_CIPHER_DES_EDE3_ECB)) {
+                if (verbose != 0) {
+                    mbedtls_printf("skipped\n");
+                }
                 continue;
             }
 
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
             goto exit;
         }
 
-        if( ( ret = memcmp( output, &expected_result[i * block_size], block_size ) ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
+        if ((ret = memcmp(output, &expected_result[i * block_size], block_size)) != 0) {
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
             goto exit;
         }
 
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
+        if (verbose != 0) {
+            mbedtls_printf("passed\n");
+        }
     }
     ret = 0;
 
 exit:
-    return( ret );
+    return ret;
 }
 
 #if defined(MBEDTLS_AES_C)
-static int test_aes128_cmac_prf( int verbose )
+static int test_aes128_cmac_prf(int verbose)
 {
     int i;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char output[MBEDTLS_AES_BLOCK_SIZE];
 
-    for( i = 0; i < NB_PRF_TESTS; i++ )
-    {
-        mbedtls_printf( "  AES CMAC 128 PRF #%d: ", i );
-        ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output );
-        if( ret != 0 ||
-            memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 )
-        {
+    for (i = 0; i < NB_PRF_TESTS; i++) {
+        mbedtls_printf("  AES CMAC 128 PRF #%d: ", i);
+        ret = mbedtls_aes_cmac_prf_128(PRFK, PRFKlen[i], PRFM, 20, output);
+        if (ret != 0 ||
+            memcmp(output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE) != 0) {
 
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
+            if (verbose != 0) {
+                mbedtls_printf("failed\n");
+            }
 
-            return( ret );
-        }
-        else if( verbose != 0 )
-        {
-            mbedtls_printf( "passed\n" );
+            return ret;
+        } else if (verbose != 0) {
+            mbedtls_printf("passed\n");
         }
     }
-    return( ret );
+    return ret;
 }
 #endif /* MBEDTLS_AES_C */
 
-int mbedtls_cmac_self_test( int verbose )
+int mbedtls_cmac_self_test(int verbose)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
 #if defined(MBEDTLS_AES_C)
     /* AES-128 */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "AES 128",
-                                   aes_128_key,
-                                   128,
-                                   (const unsigned char*)aes_128_subkeys,
-                                   MBEDTLS_CIPHER_AES_128_ECB,
-                                   MBEDTLS_AES_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "AES 128",
+                                 aes_128_key,
+                                 128,
+                                 (const unsigned char *) aes_128_subkeys,
+                                 MBEDTLS_CIPHER_AES_128_ECB,
+                                 MBEDTLS_AES_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "AES 128",
-                                      aes_128_key,
-                                      128,
-                                      test_message,
-                                      aes_message_lengths,
-                                      (const unsigned char*)aes_128_expected_result,
-                                      MBEDTLS_CIPHER_AES_128_ECB,
-                                      MBEDTLS_AES_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "AES 128",
+                                    aes_128_key,
+                                    128,
+                                    test_message,
+                                    aes_message_lengths,
+                                    (const unsigned char *) aes_128_expected_result,
+                                    MBEDTLS_CIPHER_AES_128_ECB,
+                                    MBEDTLS_AES_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
     /* AES-192 */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "AES 192",
-                                   aes_192_key,
-                                   192,
-                                   (const unsigned char*)aes_192_subkeys,
-                                   MBEDTLS_CIPHER_AES_192_ECB,
-                                   MBEDTLS_AES_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "AES 192",
+                                 aes_192_key,
+                                 192,
+                                 (const unsigned char *) aes_192_subkeys,
+                                 MBEDTLS_CIPHER_AES_192_ECB,
+                                 MBEDTLS_AES_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "AES 192",
-                                      aes_192_key,
-                                      192,
-                                      test_message,
-                                      aes_message_lengths,
-                                      (const unsigned char*)aes_192_expected_result,
-                                      MBEDTLS_CIPHER_AES_192_ECB,
-                                      MBEDTLS_AES_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "AES 192",
+                                    aes_192_key,
+                                    192,
+                                    test_message,
+                                    aes_message_lengths,
+                                    (const unsigned char *) aes_192_expected_result,
+                                    MBEDTLS_CIPHER_AES_192_ECB,
+                                    MBEDTLS_AES_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
     /* AES-256 */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "AES 256",
-                                   aes_256_key,
-                                   256,
-                                   (const unsigned char*)aes_256_subkeys,
-                                   MBEDTLS_CIPHER_AES_256_ECB,
-                                   MBEDTLS_AES_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "AES 256",
+                                 aes_256_key,
+                                 256,
+                                 (const unsigned char *) aes_256_subkeys,
+                                 MBEDTLS_CIPHER_AES_256_ECB,
+                                 MBEDTLS_AES_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
-    if( ( ret = cmac_test_wth_cipher ( verbose,
-                                       "AES 256",
-                                       aes_256_key,
-                                       256,
-                                       test_message,
-                                       aes_message_lengths,
-                                       (const unsigned char*)aes_256_expected_result,
-                                       MBEDTLS_CIPHER_AES_256_ECB,
-                                       MBEDTLS_AES_BLOCK_SIZE,
-                                       NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "AES 256",
+                                    aes_256_key,
+                                    256,
+                                    test_message,
+                                    aes_message_lengths,
+                                    (const unsigned char *) aes_256_expected_result,
+                                    MBEDTLS_CIPHER_AES_256_ECB,
+                                    MBEDTLS_AES_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 #endif /* MBEDTLS_AES_C */
 
 #if defined(MBEDTLS_DES_C)
     /* 3DES 2 key */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "3DES 2 key",
-                                   des3_2key_key,
-                                   192,
-                                   (const unsigned char*)des3_2key_subkeys,
-                                   MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                   MBEDTLS_DES3_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "3DES 2 key",
+                                 des3_2key_key,
+                                 192,
+                                 (const unsigned char *) des3_2key_subkeys,
+                                 MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                 MBEDTLS_DES3_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "3DES 2 key",
-                                      des3_2key_key,
-                                      192,
-                                      test_message,
-                                      des3_message_lengths,
-                                      (const unsigned char*)des3_2key_expected_result,
-                                      MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                      MBEDTLS_DES3_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "3DES 2 key",
+                                    des3_2key_key,
+                                    192,
+                                    test_message,
+                                    des3_message_lengths,
+                                    (const unsigned char *) des3_2key_expected_result,
+                                    MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                    MBEDTLS_DES3_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
     /* 3DES 3 key */
-    if( ( ret = cmac_test_subkeys( verbose,
-                                   "3DES 3 key",
-                                   des3_3key_key,
-                                   192,
-                                   (const unsigned char*)des3_3key_subkeys,
-                                   MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                   MBEDTLS_DES3_BLOCK_SIZE,
-                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_subkeys(verbose,
+                                 "3DES 3 key",
+                                 des3_3key_key,
+                                 192,
+                                 (const unsigned char *) des3_3key_subkeys,
+                                 MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                 MBEDTLS_DES3_BLOCK_SIZE,
+                                 NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 
-    if( ( ret = cmac_test_wth_cipher( verbose,
-                                      "3DES 3 key",
-                                      des3_3key_key,
-                                      192,
-                                      test_message,
-                                      des3_message_lengths,
-                                      (const unsigned char*)des3_3key_expected_result,
-                                      MBEDTLS_CIPHER_DES_EDE3_ECB,
-                                      MBEDTLS_DES3_BLOCK_SIZE,
-                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
-    {
-        return( ret );
+    if ((ret = cmac_test_wth_cipher(verbose,
+                                    "3DES 3 key",
+                                    des3_3key_key,
+                                    192,
+                                    test_message,
+                                    des3_message_lengths,
+                                    (const unsigned char *) des3_3key_expected_result,
+                                    MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                    MBEDTLS_DES3_BLOCK_SIZE,
+                                    NB_CMAC_TESTS_PER_KEY)) != 0) {
+        return ret;
     }
 #endif /* MBEDTLS_DES_C */
 
 #if defined(MBEDTLS_AES_C)
-    if( ( ret = test_aes128_cmac_prf( verbose ) ) != 0 )
-        return( ret );
+    if ((ret = test_aes128_cmac_prf(verbose)) != 0) {
+        return ret;
+    }
 #endif /* MBEDTLS_AES_C */
 
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
+    if (verbose != 0) {
+        mbedtls_printf("\n");
+    }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_SELF_TEST */

thirdparty/mbedtls/library/common.h

@@ -29,11 +29,12 @@
 #include "mbedtls/config.h"
 #endif
 
+#include <assert.h>
 #include <stddef.h>
 #include <stdint.h>
 
 /* Define `inline` on some non-C99-compliant compilers. */
-#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
 #endif
@@ -75,9 +76,9 @@
  *              buffer is at least \p n + 1.
  */
 static inline unsigned char *mbedtls_buffer_offset(
-    unsigned char *p, size_t n )
+    unsigned char *p, size_t n)
 {
-    return( p == NULL ? NULL : p + n );
+    return p == NULL ? NULL : p + n;
 }
 
 /** Return an offset into a read-only buffer.
@@ -92,9 +93,9 @@ static inline unsigned char *mbedtls_buffer_offset(
  *              buffer is at least \p n + 1.
  */
 static inline const unsigned char *mbedtls_buffer_offset_const(
-    const unsigned char *p, size_t n )
+    const unsigned char *p, size_t n)
 {
-    return( p == NULL ? NULL : p + n );
+    return p == NULL ? NULL : p + n;
 }
 
 /** Byte Reading Macros
@@ -102,14 +103,14 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th
  * byte from x, where byte 0 is the least significant byte.
  */
-#define MBEDTLS_BYTE_0( x ) ( (uint8_t) (   ( x )         & 0xff ) )
-#define MBEDTLS_BYTE_1( x ) ( (uint8_t) ( ( ( x ) >> 8  ) & 0xff ) )
-#define MBEDTLS_BYTE_2( x ) ( (uint8_t) ( ( ( x ) >> 16 ) & 0xff ) )
-#define MBEDTLS_BYTE_3( x ) ( (uint8_t) ( ( ( x ) >> 24 ) & 0xff ) )
-#define MBEDTLS_BYTE_4( x ) ( (uint8_t) ( ( ( x ) >> 32 ) & 0xff ) )
-#define MBEDTLS_BYTE_5( x ) ( (uint8_t) ( ( ( x ) >> 40 ) & 0xff ) )
-#define MBEDTLS_BYTE_6( x ) ( (uint8_t) ( ( ( x ) >> 48 ) & 0xff ) )
-#define MBEDTLS_BYTE_7( x ) ( (uint8_t) ( ( ( x ) >> 56 ) & 0xff ) )
+#define MBEDTLS_BYTE_0(x) ((uint8_t) ((x)         & 0xff))
+#define MBEDTLS_BYTE_1(x) ((uint8_t) (((x) >> 8) & 0xff))
+#define MBEDTLS_BYTE_2(x) ((uint8_t) (((x) >> 16) & 0xff))
+#define MBEDTLS_BYTE_3(x) ((uint8_t) (((x) >> 24) & 0xff))
+#define MBEDTLS_BYTE_4(x) ((uint8_t) (((x) >> 32) & 0xff))
+#define MBEDTLS_BYTE_5(x) ((uint8_t) (((x) >> 40) & 0xff))
+#define MBEDTLS_BYTE_6(x) ((uint8_t) (((x) >> 48) & 0xff))
+#define MBEDTLS_BYTE_7(x) ((uint8_t) (((x) >> 56) & 0xff))
 
 /**
  * Get the unsigned 32 bits integer corresponding to four bytes in
@@ -121,12 +122,12 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  integer from.
  */
 #ifndef MBEDTLS_GET_UINT32_BE
-#define MBEDTLS_GET_UINT32_BE( data , offset )                  \
+#define MBEDTLS_GET_UINT32_BE(data, offset)                  \
     (                                                           \
-          ( (uint32_t) ( data )[( offset )    ] << 24 )         \
-        | ( (uint32_t) ( data )[( offset ) + 1] << 16 )         \
-        | ( (uint32_t) ( data )[( offset ) + 2] <<  8 )         \
-        | ( (uint32_t) ( data )[( offset ) + 3]       )         \
+        ((uint32_t) (data)[(offset)] << 24)         \
+        | ((uint32_t) (data)[(offset) + 1] << 16)         \
+        | ((uint32_t) (data)[(offset) + 2] <<  8)         \
+        | ((uint32_t) (data)[(offset) + 3])         \
     )
 #endif
 
@@ -140,13 +141,13 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  byte of the 32 bits unsigned integer \p n.
  */
 #ifndef MBEDTLS_PUT_UINT32_BE
-#define MBEDTLS_PUT_UINT32_BE( n, data, offset )                \
-{                                                               \
-    ( data )[( offset )    ] = MBEDTLS_BYTE_3( n );             \
-    ( data )[( offset ) + 1] = MBEDTLS_BYTE_2( n );             \
-    ( data )[( offset ) + 2] = MBEDTLS_BYTE_1( n );             \
-    ( data )[( offset ) + 3] = MBEDTLS_BYTE_0( n );             \
-}
+#define MBEDTLS_PUT_UINT32_BE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_3(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_0(n);             \
+    }
 #endif
 
 /**
@@ -159,12 +160,12 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  integer from.
  */
 #ifndef MBEDTLS_GET_UINT32_LE
-#define MBEDTLS_GET_UINT32_LE( data, offset )                   \
+#define MBEDTLS_GET_UINT32_LE(data, offset)                   \
     (                                                           \
-          ( (uint32_t) ( data )[( offset )    ]       )         \
-        | ( (uint32_t) ( data )[( offset ) + 1] <<  8 )         \
-        | ( (uint32_t) ( data )[( offset ) + 2] << 16 )         \
-        | ( (uint32_t) ( data )[( offset ) + 3] << 24 )         \
+        ((uint32_t) (data)[(offset)])         \
+        | ((uint32_t) (data)[(offset) + 1] <<  8)         \
+        | ((uint32_t) (data)[(offset) + 2] << 16)         \
+        | ((uint32_t) (data)[(offset) + 3] << 24)         \
     )
 #endif
 
@@ -178,13 +179,13 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  byte of the 32 bits unsigned integer \p n.
  */
 #ifndef MBEDTLS_PUT_UINT32_LE
-#define MBEDTLS_PUT_UINT32_LE( n, data, offset )                \
-{                                                               \
-    ( data )[( offset )    ] = MBEDTLS_BYTE_0( n );             \
-    ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n );             \
-    ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n );             \
-    ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n );             \
-}
+#define MBEDTLS_PUT_UINT32_LE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_0(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_3(n);             \
+    }
 #endif
 
 /**
@@ -197,10 +198,10 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  integer from.
  */
 #ifndef MBEDTLS_GET_UINT16_LE
-#define MBEDTLS_GET_UINT16_LE( data, offset )                   \
+#define MBEDTLS_GET_UINT16_LE(data, offset)                   \
     (                                                           \
-          ( (uint16_t) ( data )[( offset )    ]       )         \
-        | ( (uint16_t) ( data )[( offset ) + 1] <<  8 )         \
+        ((uint16_t) (data)[(offset)])         \
+        | ((uint16_t) (data)[(offset) + 1] <<  8)         \
     )
 #endif
 
@@ -214,11 +215,11 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  byte of the 16 bits unsigned integer \p n.
  */
 #ifndef MBEDTLS_PUT_UINT16_LE
-#define MBEDTLS_PUT_UINT16_LE( n, data, offset )                \
-{                                                               \
-    ( data )[( offset )    ] = MBEDTLS_BYTE_0( n );             \
-    ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n );             \
-}
+#define MBEDTLS_PUT_UINT16_LE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_0(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_1(n);             \
+    }
 #endif
 
 /**
@@ -231,10 +232,10 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  integer from.
  */
 #ifndef MBEDTLS_GET_UINT16_BE
-#define MBEDTLS_GET_UINT16_BE( data, offset )                   \
+#define MBEDTLS_GET_UINT16_BE(data, offset)                   \
     (                                                           \
-          ( (uint16_t) ( data )[( offset )    ] << 8 )          \
-        | ( (uint16_t) ( data )[( offset ) + 1]      )          \
+        ((uint16_t) (data)[(offset)] << 8)          \
+        | ((uint16_t) (data)[(offset) + 1])          \
     )
 #endif
 
@@ -248,11 +249,11 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  byte of the 16 bits unsigned integer \p n.
  */
 #ifndef MBEDTLS_PUT_UINT16_BE
-#define MBEDTLS_PUT_UINT16_BE( n, data, offset )                \
-{                                                               \
-    ( data )[( offset )    ] = MBEDTLS_BYTE_1( n );             \
-    ( data )[( offset ) + 1] = MBEDTLS_BYTE_0( n );             \
-}
+#define MBEDTLS_PUT_UINT16_BE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_0(n);             \
+    }
 #endif
 
 /**
@@ -265,16 +266,16 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  integer from.
  */
 #ifndef MBEDTLS_GET_UINT64_BE
-#define MBEDTLS_GET_UINT64_BE( data, offset )                   \
+#define MBEDTLS_GET_UINT64_BE(data, offset)                   \
     (                                                           \
-          ( (uint64_t) ( data )[( offset )    ] << 56 )         \
-        | ( (uint64_t) ( data )[( offset ) + 1] << 48 )         \
-        | ( (uint64_t) ( data )[( offset ) + 2] << 40 )         \
-        | ( (uint64_t) ( data )[( offset ) + 3] << 32 )         \
-        | ( (uint64_t) ( data )[( offset ) + 4] << 24 )         \
-        | ( (uint64_t) ( data )[( offset ) + 5] << 16 )         \
-        | ( (uint64_t) ( data )[( offset ) + 6] <<  8 )         \
-        | ( (uint64_t) ( data )[( offset ) + 7]       )         \
+        ((uint64_t) (data)[(offset)] << 56)         \
+        | ((uint64_t) (data)[(offset) + 1] << 48)         \
+        | ((uint64_t) (data)[(offset) + 2] << 40)         \
+        | ((uint64_t) (data)[(offset) + 3] << 32)         \
+        | ((uint64_t) (data)[(offset) + 4] << 24)         \
+        | ((uint64_t) (data)[(offset) + 5] << 16)         \
+        | ((uint64_t) (data)[(offset) + 6] <<  8)         \
+        | ((uint64_t) (data)[(offset) + 7])         \
     )
 #endif
 
@@ -288,17 +289,17 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  byte of the 64 bits unsigned integer \p n.
  */
 #ifndef MBEDTLS_PUT_UINT64_BE
-#define MBEDTLS_PUT_UINT64_BE( n, data, offset )                \
-{                                                               \
-    ( data )[( offset )    ] = MBEDTLS_BYTE_7( n );             \
-    ( data )[( offset ) + 1] = MBEDTLS_BYTE_6( n );             \
-    ( data )[( offset ) + 2] = MBEDTLS_BYTE_5( n );             \
-    ( data )[( offset ) + 3] = MBEDTLS_BYTE_4( n );             \
-    ( data )[( offset ) + 4] = MBEDTLS_BYTE_3( n );             \
-    ( data )[( offset ) + 5] = MBEDTLS_BYTE_2( n );             \
-    ( data )[( offset ) + 6] = MBEDTLS_BYTE_1( n );             \
-    ( data )[( offset ) + 7] = MBEDTLS_BYTE_0( n );             \
-}
+#define MBEDTLS_PUT_UINT64_BE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_7(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_6(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_5(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_4(n);             \
+        (data)[(offset) + 4] = MBEDTLS_BYTE_3(n);             \
+        (data)[(offset) + 5] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 6] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 7] = MBEDTLS_BYTE_0(n);             \
+    }
 #endif
 
 /**
@@ -311,16 +312,16 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  integer from.
  */
 #ifndef MBEDTLS_GET_UINT64_LE
-#define MBEDTLS_GET_UINT64_LE( data, offset )                   \
+#define MBEDTLS_GET_UINT64_LE(data, offset)                   \
     (                                                           \
-          ( (uint64_t) ( data )[( offset ) + 7] << 56 )         \
-        | ( (uint64_t) ( data )[( offset ) + 6] << 48 )         \
-        | ( (uint64_t) ( data )[( offset ) + 5] << 40 )         \
-        | ( (uint64_t) ( data )[( offset ) + 4] << 32 )         \
-        | ( (uint64_t) ( data )[( offset ) + 3] << 24 )         \
-        | ( (uint64_t) ( data )[( offset ) + 2] << 16 )         \
-        | ( (uint64_t) ( data )[( offset ) + 1] <<  8 )         \
-        | ( (uint64_t) ( data )[( offset )    ]       )         \
+        ((uint64_t) (data)[(offset) + 7] << 56)         \
+        | ((uint64_t) (data)[(offset) + 6] << 48)         \
+        | ((uint64_t) (data)[(offset) + 5] << 40)         \
+        | ((uint64_t) (data)[(offset) + 4] << 32)         \
+        | ((uint64_t) (data)[(offset) + 3] << 24)         \
+        | ((uint64_t) (data)[(offset) + 2] << 16)         \
+        | ((uint64_t) (data)[(offset) + 1] <<  8)         \
+        | ((uint64_t) (data)[(offset)])         \
     )
 #endif
 
@@ -334,17 +335,31 @@ static inline const unsigned char *mbedtls_buffer_offset_const(
  *                  byte of the 64 bits unsigned integer \p n.
  */
 #ifndef MBEDTLS_PUT_UINT64_LE
-#define MBEDTLS_PUT_UINT64_LE( n, data, offset )                \
-{                                                               \
-    ( data )[( offset )    ] = MBEDTLS_BYTE_0( n );             \
-    ( data )[( offset ) + 1] = MBEDTLS_BYTE_1( n );             \
-    ( data )[( offset ) + 2] = MBEDTLS_BYTE_2( n );             \
-    ( data )[( offset ) + 3] = MBEDTLS_BYTE_3( n );             \
-    ( data )[( offset ) + 4] = MBEDTLS_BYTE_4( n );             \
-    ( data )[( offset ) + 5] = MBEDTLS_BYTE_5( n );             \
-    ( data )[( offset ) + 6] = MBEDTLS_BYTE_6( n );             \
-    ( data )[( offset ) + 7] = MBEDTLS_BYTE_7( n );             \
-}
+#define MBEDTLS_PUT_UINT64_LE(n, data, offset)                \
+    {                                                               \
+        (data)[(offset)] = MBEDTLS_BYTE_0(n);             \
+        (data)[(offset) + 1] = MBEDTLS_BYTE_1(n);             \
+        (data)[(offset) + 2] = MBEDTLS_BYTE_2(n);             \
+        (data)[(offset) + 3] = MBEDTLS_BYTE_3(n);             \
+        (data)[(offset) + 4] = MBEDTLS_BYTE_4(n);             \
+        (data)[(offset) + 5] = MBEDTLS_BYTE_5(n);             \
+        (data)[(offset) + 6] = MBEDTLS_BYTE_6(n);             \
+        (data)[(offset) + 7] = MBEDTLS_BYTE_7(n);             \
+    }
+#endif
+
+/* Always provide a static assert macro, so it can be used unconditionally.
+ * It will expand to nothing on some systems.
+ * Can be used outside functions (but don't add a trailing ';' in that case:
+ * the semicolon is included here to avoid triggering -Wextra-semi when
+ * MBEDTLS_STATIC_ASSERT() expands to nothing).
+ * Can't use the C11-style `defined(static_assert)` on FreeBSD, since it
+ * defines static_assert even with -std=c99, but then complains about it.
+ */
+#if defined(static_assert) && !defined(__FreeBSD__)
+#define MBEDTLS_STATIC_ASSERT(expr, msg)    static_assert(expr, msg);
+#else
+#define MBEDTLS_STATIC_ASSERT(expr, msg)
 #endif
 
 #endif /* MBEDTLS_LIBRARY_COMMON_H */

thirdparty/mbedtls/library/constant_time.c

@@ -17,7 +17,7 @@
  *  limitations under the License.
  */
 
- /*
+/*
  * The following functions are implemented without using comparison operators, as those
  * might be translated to branches by some compilers on some platforms.
  */
@@ -46,17 +46,16 @@
 
 #include <string.h>
 
-int mbedtls_ct_memcmp( const void *a,
-                       const void *b,
-                       size_t n )
+int mbedtls_ct_memcmp(const void *a,
+                      const void *b,
+                      size_t n)
 {
     size_t i;
     volatile const unsigned char *A = (volatile const unsigned char *) a;
     volatile const unsigned char *B = (volatile const unsigned char *) b;
     volatile unsigned char diff = 0;
 
-    for( i = 0; i < n; i++ )
-    {
+    for (i = 0; i < n; i++) {
         /* Read volatile data in order before computing diff.
          * This avoids IAR compiler warning:
          * 'the order of volatile accesses is undefined ..' */
@@ -64,10 +63,10 @@ int mbedtls_ct_memcmp( const void *a,
         diff |= x ^ y;
     }
 
-    return( (int)diff );
+    return (int) diff;
 }
 
-unsigned mbedtls_ct_uint_mask( unsigned value )
+unsigned mbedtls_ct_uint_mask(unsigned value)
 {
     /* MSVC has a warning about unary minus on unsigned, but this is
      * well-defined and precisely what we want to do here */
@@ -75,7 +74,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value )
 #pragma warning( push )
 #pragma warning( disable : 4146 )
 #endif
-    return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) );
+    return -((value | -value) >> (sizeof(value) * 8 - 1));
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif
@@ -83,7 +82,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value )
 
 #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
 
-size_t mbedtls_ct_size_mask( size_t value )
+size_t mbedtls_ct_size_mask(size_t value)
 {
     /* MSVC has a warning about unary minus on unsigned integer types,
      * but this is well-defined and precisely what we want to do here. */
@@ -91,7 +90,7 @@ size_t mbedtls_ct_size_mask( size_t value )
 #pragma warning( push )
 #pragma warning( disable : 4146 )
 #endif
-    return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) );
+    return -((value | -value) >> (sizeof(value) * 8 - 1));
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif
@@ -101,7 +100,7 @@ size_t mbedtls_ct_size_mask( size_t value )
 
 #if defined(MBEDTLS_BIGNUM_C)
 
-mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value )
+mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value)
 {
     /* MSVC has a warning about unary minus on unsigned, but this is
      * well-defined and precisely what we want to do here */
@@ -109,7 +108,7 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value )
 #pragma warning( push )
 #pragma warning( disable : 4146 )
 #endif
-    return( - ( ( value | - value ) >> ( sizeof( value ) * 8 - 1 ) ) );
+    return -((value | -value) >> (sizeof(value) * 8 - 1));
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif
@@ -131,25 +130,25 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value )
  *
  * \return      All-bits-one if \p x is less than \p y, otherwise zero.
  */
-static size_t mbedtls_ct_size_mask_lt( size_t x,
-                                       size_t y )
+static size_t mbedtls_ct_size_mask_lt(size_t x,
+                                      size_t y)
 {
     /* This has the most significant bit set if and only if x < y */
     const size_t sub = x - y;
 
     /* sub1 = (x < y) ? 1 : 0 */
-    const size_t sub1 = sub >> ( sizeof( sub ) * 8 - 1 );
+    const size_t sub1 = sub >> (sizeof(sub) * 8 - 1);
 
     /* mask = (x < y) ? 0xff... : 0x00... */
-    const size_t mask = mbedtls_ct_size_mask( sub1 );
+    const size_t mask = mbedtls_ct_size_mask(sub1);
 
-    return( mask );
+    return mask;
 }
 
-size_t mbedtls_ct_size_mask_ge( size_t x,
-                                size_t y )
+size_t mbedtls_ct_size_mask_ge(size_t x,
+                               size_t y)
 {
-    return( ~mbedtls_ct_size_mask_lt( x, y ) );
+    return ~mbedtls_ct_size_mask_lt(x, y);
 }
 
 #endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
@@ -161,21 +160,21 @@ size_t mbedtls_ct_size_mask_ge( size_t x,
  * Constant flow with respect to c.
  */
 MBEDTLS_STATIC_TESTABLE
-unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low,
-                                              unsigned char high,
-                                              unsigned char c )
+unsigned char mbedtls_ct_uchar_mask_of_range(unsigned char low,
+                                             unsigned char high,
+                                             unsigned char c)
 {
     /* low_mask is: 0 if low <= c, 0x...ff if low > c */
-    unsigned low_mask = ( (unsigned) c - low ) >> 8;
+    unsigned low_mask = ((unsigned) c - low) >> 8;
     /* high_mask is: 0 if c <= high, 0x...ff if c > high */
-    unsigned high_mask = ( (unsigned) high - c ) >> 8;
-    return( ~( low_mask | high_mask ) & 0xff );
+    unsigned high_mask = ((unsigned) high - c) >> 8;
+    return ~(low_mask | high_mask) & 0xff;
 }
 
 #endif /* MBEDTLS_BASE64_C */
 
-unsigned mbedtls_ct_size_bool_eq( size_t x,
-                                  size_t y )
+unsigned mbedtls_ct_size_bool_eq(size_t x,
+                                 size_t y)
 {
     /* diff = 0 if x == y, non-zero otherwise */
     const size_t diff = x ^ y;
@@ -188,16 +187,16 @@ unsigned mbedtls_ct_size_bool_eq( size_t x,
 #endif
 
     /* diff_msb's most significant bit is equal to x != y */
-    const size_t diff_msb = ( diff | (size_t) -diff );
+    const size_t diff_msb = (diff | (size_t) -diff);
 
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif
 
     /* diff1 = (x != y) ? 1 : 0 */
-    const unsigned diff1 = diff_msb >> ( sizeof( diff_msb ) * 8 - 1 );
+    const unsigned diff1 = diff_msb >> (sizeof(diff_msb) * 8 - 1);
 
-    return( 1 ^ diff1 );
+    return 1 ^ diff1;
 }
 
 #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
@@ -213,19 +212,19 @@ unsigned mbedtls_ct_size_bool_eq( size_t x,
  *
  * \return      1 if \p x greater than \p y, otherwise 0.
  */
-static unsigned mbedtls_ct_size_gt( size_t x,
-                                    size_t y )
+static unsigned mbedtls_ct_size_gt(size_t x,
+                                   size_t y)
 {
     /* Return the sign bit (1 for negative) of (y - x). */
-    return( ( y - x ) >> ( sizeof( size_t ) * 8 - 1 ) );
+    return (y - x) >> (sizeof(size_t) * 8 - 1);
 }
 
 #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
 
 #if defined(MBEDTLS_BIGNUM_C)
 
-unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x,
-                                 const mbedtls_mpi_uint y )
+unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x,
+                                const mbedtls_mpi_uint y)
 {
     mbedtls_mpi_uint ret;
     mbedtls_mpi_uint cond;
@@ -233,12 +232,12 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x,
     /*
      * Check if the most significant bits (MSB) of the operands are different.
      */
-    cond = ( x ^ y );
+    cond = (x ^ y);
     /*
      * If the MSB are the same then the difference x-y will be negative (and
      * have its MSB set to 1 during conversion to unsigned) if and only if x<y.
      */
-    ret = ( x - y ) & ~cond;
+    ret = (x - y) & ~cond;
     /*
      * If the MSB are different, then the operand with the MSB of 1 is the
      * bigger. (That is if y has MSB of 1, then x<y is true and it is false if
@@ -247,19 +246,19 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x,
     ret |= y & cond;
 
 
-    ret = ret >> ( sizeof( mbedtls_mpi_uint ) * 8 - 1 );
+    ret = ret >> (sizeof(mbedtls_mpi_uint) * 8 - 1);
 
     return (unsigned) ret;
 }
 
 #endif /* MBEDTLS_BIGNUM_C */
 
-unsigned mbedtls_ct_uint_if( unsigned condition,
-                             unsigned if1,
-                             unsigned if0 )
+unsigned mbedtls_ct_uint_if(unsigned condition,
+                            unsigned if1,
+                            unsigned if0)
 {
-    unsigned mask = mbedtls_ct_uint_mask( condition );
-    return( ( mask & if1 ) | (~mask & if0 ) );
+    unsigned mask = mbedtls_ct_uint_mask(condition);
+    return (mask & if1) | (~mask & if0);
 }
 
 #if defined(MBEDTLS_BIGNUM_C)
@@ -278,9 +277,9 @@ unsigned mbedtls_ct_uint_if( unsigned condition,
  *
  * \return  \c if1 if \p condition is nonzero, otherwise \c if0.
  * */
-static int mbedtls_ct_cond_select_sign( unsigned char condition,
-                                        int if1,
-                                        int if0 )
+static int mbedtls_ct_cond_select_sign(unsigned char condition,
+                                       int if1,
+                                       int if0)
 {
     /* In order to avoid questions about what we can reasonably assume about
      * the representations of signed integers, move everything to unsigned
@@ -292,16 +291,16 @@ static int mbedtls_ct_cond_select_sign( unsigned char condition,
     const unsigned mask = condition << 1;
 
     /* select uif1 or uif0 */
-    unsigned ur = ( uif0 & ~mask ) | ( uif1 & mask );
+    unsigned ur = (uif0 & ~mask) | (uif1 & mask);
 
     /* ur is now 0 or 2, convert back to -1 or +1 */
-    return( (int) ur - 1 );
+    return (int) ur - 1;
 }
 
-void mbedtls_ct_mpi_uint_cond_assign( size_t n,
-                                      mbedtls_mpi_uint *dest,
-                                      const mbedtls_mpi_uint *src,
-                                      unsigned char condition )
+void mbedtls_ct_mpi_uint_cond_assign(size_t n,
+                                     mbedtls_mpi_uint *dest,
+                                     const mbedtls_mpi_uint *src,
+                                     unsigned char condition)
 {
     size_t i;
 
@@ -319,43 +318,44 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n,
 #pragma warning( pop )
 #endif
 
-    for( i = 0; i < n; i++ )
-        dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask );
+    for (i = 0; i < n; i++) {
+        dest[i] = (src[i] & mask) | (dest[i] & ~mask);
+    }
 }
 
 #endif /* MBEDTLS_BIGNUM_C */
 
 #if defined(MBEDTLS_BASE64_C)
 
-unsigned char mbedtls_ct_base64_enc_char( unsigned char value )
+unsigned char mbedtls_ct_base64_enc_char(unsigned char value)
 {
     unsigned char digit = 0;
     /* For each range of values, if value is in that range, mask digit with
      * the corresponding value. Since value can only be in a single range,
      * only at most one masking will change digit. */
-    digit |= mbedtls_ct_uchar_mask_of_range(  0, 25, value ) & ( 'A' + value );
-    digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, value ) & ( 'a' + value - 26 );
-    digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, value ) & ( '0' + value - 52 );
-    digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, value ) & '+';
-    digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, value ) & '/';
-    return( digit );
+    digit |= mbedtls_ct_uchar_mask_of_range(0, 25, value) & ('A' + value);
+    digit |= mbedtls_ct_uchar_mask_of_range(26, 51, value) & ('a' + value - 26);
+    digit |= mbedtls_ct_uchar_mask_of_range(52, 61, value) & ('0' + value - 52);
+    digit |= mbedtls_ct_uchar_mask_of_range(62, 62, value) & '+';
+    digit |= mbedtls_ct_uchar_mask_of_range(63, 63, value) & '/';
+    return digit;
 }
 
-signed char mbedtls_ct_base64_dec_value( unsigned char c )
+signed char mbedtls_ct_base64_dec_value(unsigned char c)
 {
     unsigned char val = 0;
     /* For each range of digits, if c is in that range, mask val with
      * the corresponding value. Since c can only be in a single range,
      * only at most one masking will change val. Set val to one plus
      * the desired value so that it stays 0 if c is in none of the ranges. */
-    val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' +  0 + 1 );
-    val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 );
-    val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 );
-    val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 );
-    val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 );
+    val |= mbedtls_ct_uchar_mask_of_range('A', 'Z', c) & (c - 'A' +  0 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('a', 'z', c) & (c - 'a' + 26 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('0', '9', c) & (c - '0' + 52 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('+', '+', c) & (c - '+' + 62 + 1);
+    val |= mbedtls_ct_uchar_mask_of_range('/', '/', c) & (c - '/' + 63 + 1);
     /* At this point, val is 0 if c is an invalid digit and v+1 if c is
      * a digit with the value v. */
-    return( val - 1 );
+    return val - 1;
 }
 
 #endif /* MBEDTLS_BASE64_C */
@@ -378,72 +378,71 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c )
  * \param total     Total size of the buffer.
  * \param offset    Offset from which to copy \p total - \p offset bytes.
  */
-static void mbedtls_ct_mem_move_to_left( void *start,
-                                         size_t total,
-                                         size_t offset )
+static void mbedtls_ct_mem_move_to_left(void *start,
+                                        size_t total,
+                                        size_t offset)
 {
     volatile unsigned char *buf = start;
     size_t i, n;
-    if( total == 0 )
+    if (total == 0) {
         return;
-    for( i = 0; i < total; i++ )
-    {
-        unsigned no_op = mbedtls_ct_size_gt( total - offset, i );
+    }
+    for (i = 0; i < total; i++) {
+        unsigned no_op = mbedtls_ct_size_gt(total - offset, i);
         /* The first `total - offset` passes are a no-op. The last
          * `offset` passes shift the data one byte to the left and
          * zero out the last byte. */
-        for( n = 0; n < total - 1; n++ )
-        {
+        for (n = 0; n < total - 1; n++) {
             unsigned char current = buf[n];
             unsigned char next = buf[n+1];
-            buf[n] = mbedtls_ct_uint_if( no_op, current, next );
+            buf[n] = mbedtls_ct_uint_if(no_op, current, next);
         }
-        buf[total-1] = mbedtls_ct_uint_if( no_op, buf[total-1], 0 );
+        buf[total-1] = mbedtls_ct_uint_if(no_op, buf[total-1], 0);
     }
 }
 
 #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */
 
 #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
-void mbedtls_ct_memcpy_if_eq( unsigned char *dest,
-                              const unsigned char *src,
-                              size_t len,
-                              size_t c1,
-                              size_t c2 )
+void mbedtls_ct_memcpy_if_eq(unsigned char *dest,
+                             const unsigned char *src,
+                             size_t len,
+                             size_t c1,
+                             size_t c2)
 {
     /* mask = c1 == c2 ? 0xff : 0x00 */
-    const size_t equal = mbedtls_ct_size_bool_eq( c1, c2 );
-    const unsigned char mask = (unsigned char) mbedtls_ct_size_mask( equal );
+    const size_t equal = mbedtls_ct_size_bool_eq(c1, c2);
+    const unsigned char mask = (unsigned char) mbedtls_ct_size_mask(equal);
 
     /* dest[i] = c1 == c2 ? src[i] : dest[i] */
-    for( size_t i = 0; i < len; i++ )
-        dest[i] = ( src[i] & mask ) | ( dest[i] & ~mask );
+    for (size_t i = 0; i < len; i++) {
+        dest[i] = (src[i] & mask) | (dest[i] & ~mask);
+    }
 }
 
-void mbedtls_ct_memcpy_offset( unsigned char *dest,
-                               const unsigned char *src,
-                               size_t offset,
-                               size_t offset_min,
-                               size_t offset_max,
-                               size_t len )
+void mbedtls_ct_memcpy_offset(unsigned char *dest,
+                              const unsigned char *src,
+                              size_t offset,
+                              size_t offset_min,
+                              size_t offset_max,
+                              size_t len)
 {
     size_t offsetval;
 
-    for( offsetval = offset_min; offsetval <= offset_max; offsetval++ )
-    {
-        mbedtls_ct_memcpy_if_eq( dest, src + offsetval, len,
-                                 offsetval, offset );
+    for (offsetval = offset_min; offsetval <= offset_max; offsetval++) {
+        mbedtls_ct_memcpy_if_eq(dest, src + offsetval, len,
+                                offsetval, offset);
     }
 }
 
-int mbedtls_ct_hmac( mbedtls_md_context_t *ctx,
-                     const unsigned char *add_data,
-                     size_t add_data_len,
-                     const unsigned char *data,
-                     size_t data_len_secret,
-                     size_t min_data_len,
-                     size_t max_data_len,
-                     unsigned char *output )
+int mbedtls_ct_hmac(mbedtls_md_context_t *ctx,
+                    const unsigned char *add_data,
+                    size_t add_data_len,
+                    const unsigned char *data,
+                    size_t data_len_secret,
+                    size_t min_data_len,
+                    size_t max_data_len,
+                    unsigned char *output)
 {
     /*
      * This function breaks the HMAC abstraction and uses the md_clone()
@@ -459,79 +458,79 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx,
      *
      * Then we only need to compute HASH(okey + inner_hash) and we're done.
      */
-    const mbedtls_md_type_t md_alg = mbedtls_md_get_type( ctx->md_info );
+    const mbedtls_md_type_t md_alg = mbedtls_md_get_type(ctx->md_info);
     /* TLS 1.0-1.2 only support SHA-384, SHA-256, SHA-1, MD-5,
      * all of which have the same block size except SHA-384. */
     const size_t block_size = md_alg == MBEDTLS_MD_SHA384 ? 128 : 64;
     const unsigned char * const ikey = ctx->hmac_ctx;
     const unsigned char * const okey = ikey + block_size;
-    const size_t hash_size = mbedtls_md_get_size( ctx->md_info );
+    const size_t hash_size = mbedtls_md_get_size(ctx->md_info);
 
     unsigned char aux_out[MBEDTLS_MD_MAX_SIZE];
     mbedtls_md_context_t aux;
     size_t offset;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    mbedtls_md_init( &aux );
+    mbedtls_md_init(&aux);
 
-#define MD_CHK( func_call ) \
+#define MD_CHK(func_call) \
     do {                    \
         ret = (func_call);  \
-        if( ret != 0 )      \
-            goto cleanup;   \
-    } while( 0 )
+        if (ret != 0)      \
+        goto cleanup;   \
+    } while (0)
 
-    MD_CHK( mbedtls_md_setup( &aux, ctx->md_info, 0 ) );
+    MD_CHK(mbedtls_md_setup(&aux, ctx->md_info, 0));
 
     /* After hmac_start() of hmac_reset(), ikey has already been hashed,
      * so we can start directly with the message */
-    MD_CHK( mbedtls_md_update( ctx, add_data, add_data_len ) );
-    MD_CHK( mbedtls_md_update( ctx, data, min_data_len ) );
+    MD_CHK(mbedtls_md_update(ctx, add_data, add_data_len));
+    MD_CHK(mbedtls_md_update(ctx, data, min_data_len));
 
     /* Fill the hash buffer in advance with something that is
      * not a valid hash (barring an attack on the hash and
      * deliberately-crafted input), in case the caller doesn't
      * check the return status properly. */
-    memset( output, '!', hash_size );
+    memset(output, '!', hash_size);
 
     /* For each possible length, compute the hash up to that point */
-    for( offset = min_data_len; offset <= max_data_len; offset++ )
-    {
-        MD_CHK( mbedtls_md_clone( &aux, ctx ) );
-        MD_CHK( mbedtls_md_finish( &aux, aux_out ) );
+    for (offset = min_data_len; offset <= max_data_len; offset++) {
+        MD_CHK(mbedtls_md_clone(&aux, ctx));
+        MD_CHK(mbedtls_md_finish(&aux, aux_out));
         /* Keep only the correct inner_hash in the output buffer */
-        mbedtls_ct_memcpy_if_eq( output, aux_out, hash_size,
-                                 offset, data_len_secret );
+        mbedtls_ct_memcpy_if_eq(output, aux_out, hash_size,
+                                offset, data_len_secret);
 
-        if( offset < max_data_len )
-            MD_CHK( mbedtls_md_update( ctx, data + offset, 1 ) );
+        if (offset < max_data_len) {
+            MD_CHK(mbedtls_md_update(ctx, data + offset, 1));
+        }
     }
 
     /* The context needs to finish() before it starts() again */
-    MD_CHK( mbedtls_md_finish( ctx, aux_out ) );
+    MD_CHK(mbedtls_md_finish(ctx, aux_out));
 
     /* Now compute HASH(okey + inner_hash) */
-    MD_CHK( mbedtls_md_starts( ctx ) );
-    MD_CHK( mbedtls_md_update( ctx, okey, block_size ) );
-    MD_CHK( mbedtls_md_update( ctx, output, hash_size ) );
-    MD_CHK( mbedtls_md_finish( ctx, output ) );
+    MD_CHK(mbedtls_md_starts(ctx));
+    MD_CHK(mbedtls_md_update(ctx, okey, block_size));
+    MD_CHK(mbedtls_md_update(ctx, output, hash_size));
+    MD_CHK(mbedtls_md_finish(ctx, output));
 
     /* Done, get ready for next time */
-    MD_CHK( mbedtls_md_hmac_reset( ctx ) );
+    MD_CHK(mbedtls_md_hmac_reset(ctx));
 
 #undef MD_CHK
 
 cleanup:
-    mbedtls_md_free( &aux );
-    return( ret );
+    mbedtls_md_free(&aux);
+    return ret;
 }
 
 #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
 
 #if defined(MBEDTLS_BIGNUM_C)
 
-#define MPI_VALIDATE_RET( cond )                                       \
-    MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA )
+#define MPI_VALIDATE_RET(cond)                                       \
+    MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA)
 
 /*
  * Conditionally assign X = Y, without leaking information
@@ -545,30 +544,31 @@ cleanup:
  */
 __declspec(noinline)
 #endif
-int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X,
-                                  const mbedtls_mpi *Y,
-                                  unsigned char assign )
+int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X,
+                                 const mbedtls_mpi *Y,
+                                 unsigned char assign)
 {
     int ret = 0;
     size_t i;
     mbedtls_mpi_uint limb_mask;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
 
     /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */
-    limb_mask = mbedtls_ct_mpi_uint_mask( assign );;
+    limb_mask = mbedtls_ct_mpi_uint_mask(assign);;
 
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
 
-    X->s = mbedtls_ct_cond_select_sign( assign, Y->s, X->s );
+    X->s = mbedtls_ct_cond_select_sign(assign, Y->s, X->s);
 
-    mbedtls_ct_mpi_uint_cond_assign( Y->n, X->p, Y->p, assign );
+    mbedtls_ct_mpi_uint_cond_assign(Y->n, X->p, Y->p, assign);
 
-    for( i = Y->n; i < X->n; i++ )
+    for (i = Y->n; i < X->n; i++) {
         X->p[i] &= ~limb_mask;
+    }
 
 cleanup:
-    return( ret );
+    return ret;
 }
 
 /*
@@ -577,73 +577,74 @@ cleanup:
  * Here it is not ok to simply swap the pointers, which would lead to
  * different memory access patterns when X and Y are used afterwards.
  */
-int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X,
-                                mbedtls_mpi *Y,
-                                unsigned char swap )
+int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X,
+                               mbedtls_mpi *Y,
+                               unsigned char swap)
 {
     int ret, s;
     size_t i;
     mbedtls_mpi_uint limb_mask;
     mbedtls_mpi_uint tmp;
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
 
-    if( X == Y )
-        return( 0 );
+    if (X == Y) {
+        return 0;
+    }
 
     /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */
-    limb_mask = mbedtls_ct_mpi_uint_mask( swap );
+    limb_mask = mbedtls_ct_mpi_uint_mask(swap);
 
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
-    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) );
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n));
+    MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Y, X->n));
 
     s = X->s;
-    X->s = mbedtls_ct_cond_select_sign( swap, Y->s, X->s );
-    Y->s = mbedtls_ct_cond_select_sign( swap, s, Y->s );
+    X->s = mbedtls_ct_cond_select_sign(swap, Y->s, X->s);
+    Y->s = mbedtls_ct_cond_select_sign(swap, s, Y->s);
 
 
-    for( i = 0; i < X->n; i++ )
-    {
+    for (i = 0; i < X->n; i++) {
         tmp = X->p[i];
-        X->p[i] = ( X->p[i] & ~limb_mask ) | ( Y->p[i] & limb_mask );
-        Y->p[i] = ( Y->p[i] & ~limb_mask ) | (     tmp & limb_mask );
+        X->p[i] = (X->p[i] & ~limb_mask) | (Y->p[i] & limb_mask);
+        Y->p[i] = (Y->p[i] & ~limb_mask) | (tmp & limb_mask);
     }
 
 cleanup:
-    return( ret );
+    return ret;
 }
 
 /*
  * Compare signed values in constant time
  */
-int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X,
-                           const mbedtls_mpi *Y,
-                           unsigned *ret )
+int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X,
+                          const mbedtls_mpi *Y,
+                          unsigned *ret)
 {
     size_t i;
     /* The value of any of these variables is either 0 or 1 at all times. */
     unsigned cond, done, X_is_negative, Y_is_negative;
 
-    MPI_VALIDATE_RET( X != NULL );
-    MPI_VALIDATE_RET( Y != NULL );
-    MPI_VALIDATE_RET( ret != NULL );
+    MPI_VALIDATE_RET(X != NULL);
+    MPI_VALIDATE_RET(Y != NULL);
+    MPI_VALIDATE_RET(ret != NULL);
 
-    if( X->n != Y->n )
+    if (X->n != Y->n) {
         return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+    }
 
     /*
      * Set sign_N to 1 if N >= 0, 0 if N < 0.
      * We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0.
      */
-    X_is_negative = ( X->s & 2 ) >> 1;
-    Y_is_negative = ( Y->s & 2 ) >> 1;
+    X_is_negative = (X->s & 2) >> 1;
+    Y_is_negative = (Y->s & 2) >> 1;
 
     /*
      * If the signs are different, then the positive operand is the bigger.
      * That is if X is negative (X_is_negative == 1), then X < Y is true and it
      * is false if X is positive (X_is_negative == 0).
      */
-    cond = ( X_is_negative ^ Y_is_negative );
+    cond = (X_is_negative ^ Y_is_negative);
     *ret = cond & X_is_negative;
 
     /*
@@ -652,8 +653,7 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X,
      */
     done = cond;
 
-    for( i = X->n; i > 0; i-- )
-    {
+    for (i = X->n; i > 0; i--) {
         /*
          * If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both
          * X and Y are negative.
@@ -661,8 +661,8 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X,
          * Again even if we can make a decision, we just mark the result and
          * the fact that we are done and continue looping.
          */
-        cond = mbedtls_ct_mpi_uint_lt( Y->p[i - 1], X->p[i - 1] );
-        *ret |= cond & ( 1 - done ) & X_is_negative;
+        cond = mbedtls_ct_mpi_uint_lt(Y->p[i - 1], X->p[i - 1]);
+        *ret |= cond & (1 - done) & X_is_negative;
         done |= cond;
 
         /*
@@ -672,24 +672,24 @@ int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X,
          * Again even if we can make a decision, we just mark the result and
          * the fact that we are done and continue looping.
          */
-        cond = mbedtls_ct_mpi_uint_lt( X->p[i - 1], Y->p[i - 1] );
-        *ret |= cond & ( 1 - done ) & ( 1 - X_is_negative );
+        cond = mbedtls_ct_mpi_uint_lt(X->p[i - 1], Y->p[i - 1]);
+        *ret |= cond & (1 - done) & (1 - X_is_negative);
         done |= cond;
     }
 
-    return( 0 );
+    return 0;
 }
 
 #endif /* MBEDTLS_BIGNUM_C */
 
 #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
 
-int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
-                                          unsigned char *input,
-                                          size_t ilen,
-                                          unsigned char *output,
-                                          size_t output_max_len,
-                                          size_t *olen )
+int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode,
+                                         unsigned char *input,
+                                         size_t ilen,
+                                         unsigned char *output,
+                                         size_t output_max_len,
+                                         size_t *olen)
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     size_t i, plaintext_max_size;
@@ -710,29 +710,25 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
     size_t plaintext_size = 0;
     unsigned output_too_large;
 
-    plaintext_max_size = ( output_max_len > ilen - 11 ) ? ilen - 11
+    plaintext_max_size = (output_max_len > ilen - 11) ? ilen - 11
                                                         : output_max_len;
 
     /* Check and get padding length in constant time and constant
      * memory trace. The first byte must be 0. */
     bad |= input[0];
 
-    if( mode == MBEDTLS_RSA_PRIVATE )
-    {
+    if (mode == MBEDTLS_RSA_PRIVATE) {
         /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00
          * where PS must be at least 8 nonzero bytes. */
         bad |= input[1] ^ MBEDTLS_RSA_CRYPT;
 
         /* Read the whole buffer. Set pad_done to nonzero if we find
          * the 0x00 byte and remember the padding length in pad_count. */
-        for( i = 2; i < ilen; i++ )
-        {
-            pad_done  |= ((input[i] | (unsigned char)-input[i]) >> 7) ^ 1;
-            pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
+        for (i = 2; i < ilen; i++) {
+            pad_done  |= ((input[i] | (unsigned char) -input[i]) >> 7) ^ 1;
+            pad_count += ((pad_done | (unsigned char) -pad_done) >> 7) ^ 1;
         }
-    }
-    else
-    {
+    } else {
         /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00
          * where PS must be at least 8 bytes with the value 0xFF. */
         bad |= input[1] ^ MBEDTLS_RSA_SIGN;
@@ -740,19 +736,18 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
         /* Read the whole buffer. Set pad_done to nonzero if we find
          * the 0x00 byte and remember the padding length in pad_count.
          * If there's a non-0xff byte in the padding, the padding is bad. */
-        for( i = 2; i < ilen; i++ )
-        {
-            pad_done |= mbedtls_ct_uint_if( input[i], 0, 1 );
-            pad_count += mbedtls_ct_uint_if( pad_done, 0, 1 );
-            bad |= mbedtls_ct_uint_if( pad_done, 0, input[i] ^ 0xFF );
+        for (i = 2; i < ilen; i++) {
+            pad_done |= mbedtls_ct_uint_if(input[i], 0, 1);
+            pad_count += mbedtls_ct_uint_if(pad_done, 0, 1);
+            bad |= mbedtls_ct_uint_if(pad_done, 0, input[i] ^ 0xFF);
         }
     }
 
     /* If pad_done is still zero, there's no data, only unfinished padding. */
-    bad |= mbedtls_ct_uint_if( pad_done, 0, 1 );
+    bad |= mbedtls_ct_uint_if(pad_done, 0, 1);
 
     /* There must be at least 8 bytes of padding. */
-    bad |= mbedtls_ct_size_gt( 8, pad_count );
+    bad |= mbedtls_ct_size_gt(8, pad_count);
 
     /* If the padding is valid, set plaintext_size to the number of
      * remaining bytes after stripping the padding. If the padding
@@ -762,24 +757,24 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
      * validity through timing. RSA keys are small enough that all the
      * size_t values involved fit in unsigned int. */
     plaintext_size = mbedtls_ct_uint_if(
-                        bad, (unsigned) plaintext_max_size,
-                        (unsigned) ( ilen - pad_count - 3 ) );
+        bad, (unsigned) plaintext_max_size,
+        (unsigned) (ilen - pad_count - 3));
 
     /* Set output_too_large to 0 if the plaintext fits in the output
      * buffer and to 1 otherwise. */
-    output_too_large = mbedtls_ct_size_gt( plaintext_size,
-                                           plaintext_max_size );
+    output_too_large = mbedtls_ct_size_gt(plaintext_size,
+                                          plaintext_max_size);
 
     /* Set ret without branches to avoid timing attacks. Return:
      * - INVALID_PADDING if the padding is bad (bad != 0).
      * - OUTPUT_TOO_LARGE if the padding is good but the decrypted
      *   plaintext does not fit in the output buffer.
      * - 0 if the padding is correct. */
-    ret = - (int) mbedtls_ct_uint_if(
-                    bad, - MBEDTLS_ERR_RSA_INVALID_PADDING,
-                    mbedtls_ct_uint_if( output_too_large,
-                                        - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE,
-                                        0 ) );
+    ret = -(int) mbedtls_ct_uint_if(
+        bad, -MBEDTLS_ERR_RSA_INVALID_PADDING,
+        mbedtls_ct_uint_if(output_too_large,
+                           -MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE,
+                           0));
 
     /* If the padding is bad or the plaintext is too large, zero the
      * data that we're about to copy to the output buffer.
@@ -787,17 +782,18 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
      * from the same buffer whether the padding is good or not to
      * avoid leaking the padding validity through overall timing or
      * through memory or cache access patterns. */
-    bad = mbedtls_ct_uint_mask( bad | output_too_large );
-    for( i = 11; i < ilen; i++ )
+    bad = mbedtls_ct_uint_mask(bad | output_too_large);
+    for (i = 11; i < ilen; i++) {
         input[i] &= ~bad;
+    }
 
     /* If the plaintext is too large, truncate it to the buffer size.
      * Copy anyway to avoid revealing the length through timing, because
      * revealing the length is as bad as revealing the padding validity
      * for a Bleichenbacher attack. */
-    plaintext_size = mbedtls_ct_uint_if( output_too_large,
-                                         (unsigned) plaintext_max_size,
-                                         (unsigned) plaintext_size );
+    plaintext_size = mbedtls_ct_uint_if(output_too_large,
+                                        (unsigned) plaintext_max_size,
+                                        (unsigned) plaintext_size);
 
     /* Move the plaintext to the leftmost position where it can start in
      * the working buffer, i.e. make it start plaintext_max_size from
@@ -805,9 +801,9 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
      * does not depend on the plaintext size. After this move, the
      * starting location of the plaintext is no longer sensitive
      * information. */
-    mbedtls_ct_mem_move_to_left( input + ilen - plaintext_max_size,
-                                 plaintext_max_size,
-                                 plaintext_max_size - plaintext_size );
+    mbedtls_ct_mem_move_to_left(input + ilen - plaintext_max_size,
+                                plaintext_max_size,
+                                plaintext_max_size - plaintext_size);
 
     /* Finally copy the decrypted plaintext plus trailing zeros into the output
      * buffer. If output_max_len is 0, then output may be an invalid pointer
@@ -816,8 +812,9 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
      * user-provided output buffer), which is independent from plaintext
      * length, validity of padding, success of the decryption, and other
      * secrets. */
-    if( output_max_len != 0 )
-        memcpy( output, input + ilen - plaintext_max_size, plaintext_max_size );
+    if (output_max_len != 0) {
+        memcpy(output, input + ilen - plaintext_max_size, plaintext_max_size);
+    }
 
     /* Report the amount of data we copied to the output buffer. In case
      * of errors (bad padding or output too large), the value of *olen
@@ -825,7 +822,7 @@ int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
      * to the good case limits the risks of leaking the padding validity. */
     *olen = plaintext_size;
 
-    return( ret );
+    return ret;
 }
 
 #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */

thirdparty/mbedtls/library/constant_time_internal.h

@@ -43,7 +43,7 @@
  *
  * \return          Zero if \p value is zero, otherwise all-bits-one.
  */
-unsigned mbedtls_ct_uint_mask( unsigned value );
+unsigned mbedtls_ct_uint_mask(unsigned value);
 
 #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC)
 
@@ -58,7 +58,7 @@ unsigned mbedtls_ct_uint_mask( unsigned value );
  *
  * \return          Zero if \p value is zero, otherwise all-bits-one.
  */
-size_t mbedtls_ct_size_mask( size_t value );
+size_t mbedtls_ct_size_mask(size_t value);
 
 #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
 
@@ -75,7 +75,7 @@ size_t mbedtls_ct_size_mask( size_t value );
  *
  * \return          Zero if \p value is zero, otherwise all-bits-one.
  */
-mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value );
+mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask(mbedtls_mpi_uint value);
 
 #endif /* MBEDTLS_BIGNUM_C */
 
@@ -94,8 +94,8 @@ mbedtls_mpi_uint mbedtls_ct_mpi_uint_mask( mbedtls_mpi_uint value );
  * \return      All-bits-one if \p x is greater or equal than \p y,
  *              otherwise zero.
  */
-size_t mbedtls_ct_size_mask_ge( size_t x,
-                                size_t y );
+size_t mbedtls_ct_size_mask_ge(size_t x,
+                               size_t y);
 
 #endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
 
@@ -110,8 +110,8 @@ size_t mbedtls_ct_size_mask_ge( size_t x,
  *
  * \return      1 if \p x equals to \p y, otherwise 0.
  */
-unsigned mbedtls_ct_size_bool_eq( size_t x,
-                                  size_t y );
+unsigned mbedtls_ct_size_bool_eq(size_t x,
+                                 size_t y);
 
 #if defined(MBEDTLS_BIGNUM_C)
 
@@ -125,8 +125,8 @@ unsigned mbedtls_ct_size_bool_eq( size_t x,
  *
  * \return      1 if \p x is less than \p y, otherwise 0.
  */
-unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x,
-                                 const mbedtls_mpi_uint y );
+unsigned mbedtls_ct_mpi_uint_lt(const mbedtls_mpi_uint x,
+                                const mbedtls_mpi_uint y);
 
 #endif /* MBEDTLS_BIGNUM_C */
 
@@ -141,9 +141,9 @@ unsigned mbedtls_ct_mpi_uint_lt( const mbedtls_mpi_uint x,
  *
  * \return  \c if1 if \p condition is nonzero, otherwise \c if0.
  */
-unsigned mbedtls_ct_uint_if( unsigned condition,
-                             unsigned if1,
-                             unsigned if0 );
+unsigned mbedtls_ct_uint_if(unsigned condition,
+                            unsigned if1,
+                            unsigned if0);
 
 #if defined(MBEDTLS_BIGNUM_C)
 
@@ -159,10 +159,10 @@ unsigned mbedtls_ct_uint_if( unsigned condition,
  *                      initialized MPI.
  * \param condition     Condition to test, must be 0 or 1.
  */
-void mbedtls_ct_mpi_uint_cond_assign( size_t n,
-                                      mbedtls_mpi_uint *dest,
-                                      const mbedtls_mpi_uint *src,
-                                      unsigned char condition );
+void mbedtls_ct_mpi_uint_cond_assign(size_t n,
+                                     mbedtls_mpi_uint *dest,
+                                     const mbedtls_mpi_uint *src,
+                                     unsigned char condition);
 
 #endif /* MBEDTLS_BIGNUM_C */
 
@@ -177,7 +177,7 @@ void mbedtls_ct_mpi_uint_cond_assign( size_t n,
  *
  * \return          A base64 digit converted from \p value.
  */
-unsigned char mbedtls_ct_base64_enc_char( unsigned char value );
+unsigned char mbedtls_ct_base64_enc_char(unsigned char value);
 
 /** Given a Base64 digit, return its value.
  *
@@ -191,7 +191,7 @@ unsigned char mbedtls_ct_base64_enc_char( unsigned char value );
  *
  * \return      The value of the base64 digit \p c.
  */
-signed char mbedtls_ct_base64_dec_value( unsigned char c );
+signed char mbedtls_ct_base64_dec_value(unsigned char c);
 
 #endif /* MBEDTLS_BASE64_C */
 
@@ -208,10 +208,10 @@ signed char mbedtls_ct_base64_dec_value( unsigned char c );
  * \param c1        The first value to analyze in the condition.
  * \param c2        The second value to analyze in the condition.
  */
-void mbedtls_ct_memcpy_if_eq( unsigned char *dest,
-                              const unsigned char *src,
-                              size_t len,
-                              size_t c1, size_t c2 );
+void mbedtls_ct_memcpy_if_eq(unsigned char *dest,
+                             const unsigned char *src,
+                             size_t len,
+                             size_t c1, size_t c2);
 
 /** Copy data from a secret position with constant flow.
  *
@@ -239,12 +239,12 @@ void mbedtls_ct_memcpy_if_eq( unsigned char *dest,
  * \param offset_max    The maximal value of \p offset.
  * \param len           The number of bytes to copy.
  */
-void mbedtls_ct_memcpy_offset( unsigned char *dest,
-                               const unsigned char *src,
-                               size_t offset,
-                               size_t offset_min,
-                               size_t offset_max,
-                               size_t len );
+void mbedtls_ct_memcpy_offset(unsigned char *dest,
+                              const unsigned char *src,
+                              size_t offset,
+                              size_t offset_min,
+                              size_t offset_max,
+                              size_t len);
 
 /** Compute the HMAC of variable-length data with constant flow.
  *
@@ -282,14 +282,14 @@ void mbedtls_ct_memcpy_offset( unsigned char *dest,
  * \retval #MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED
  *         The hardware accelerator failed.
  */
-int mbedtls_ct_hmac( mbedtls_md_context_t *ctx,
-                     const unsigned char *add_data,
-                     size_t add_data_len,
-                     const unsigned char *data,
-                     size_t data_len_secret,
-                     size_t min_data_len,
-                     size_t max_data_len,
-                     unsigned char *output );
+int mbedtls_ct_hmac(mbedtls_md_context_t *ctx,
+                    const unsigned char *add_data,
+                    size_t add_data_len,
+                    const unsigned char *data,
+                    size_t data_len_secret,
+                    size_t min_data_len,
+                    size_t max_data_len,
+                    unsigned char *output);
 
 #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
 
@@ -323,12 +323,12 @@ int mbedtls_ct_hmac( mbedtls_md_context_t *ctx,
  * \return      #MBEDTLS_ERR_RSA_INVALID_PADDING
  *              The input doesn't contain properly formatted padding.
  */
-int mbedtls_ct_rsaes_pkcs1_v15_unpadding( int mode,
-                                          unsigned char *input,
-                                          size_t ilen,
-                                          unsigned char *output,
-                                          size_t output_max_len,
-                                          size_t *olen );
+int mbedtls_ct_rsaes_pkcs1_v15_unpadding(int mode,
+                                         unsigned char *input,
+                                         size_t ilen,
+                                         unsigned char *output,
+                                         size_t output_max_len,
+                                         size_t *olen);
 
 #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C && ! MBEDTLS_RSA_ALT */