diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a1fa8697b0..fa415a8947 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8203,7 +8203,7 @@ int mbedtls_psa_ecjpake_read_round(
 {
     psa_status_t status;
     size_t input_offset = 0;
-    /* 
+    /*
      * At round one repeat the KEY_SHARE, ZK_PUBLIC & ZF_PROOF twice
      * At round two perform a single cycle
      */
@@ -8235,7 +8235,7 @@ int mbedtls_psa_ecjpake_read_round(
         }
     }
 
-    if ( input_offset != len )
+    if( input_offset != len )
         return PSA_ERROR_INVALID_ARGUMENT;
 
     return( 0 );
@@ -8250,7 +8250,7 @@ int mbedtls_psa_ecjpake_write_round(
     psa_status_t status;
     size_t output_offset = 0;
     size_t output_len;
-    /* 
+    /*
      * At round one repeat the KEY_SHARE, ZK_PUBLIC & ZF_PROOF twice
      * At round two perform a single cycle
      */
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index e6dee49c14..1e9e51b309 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -305,8 +305,8 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
     }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if ( ( ret = mbedtls_psa_ecjpake_read_round(
-                        &ssl->handshake->psa_pake_ctx, buf, len, 
+    if( ( ret = mbedtls_psa_ecjpake_read_round(
+                        &ssl->handshake->psa_pake_ctx, buf, len,
                         MBEDTLS_ECJPAKE_ROUND_ONE ) ) != 0 )
     {
         psa_destroy_key( ssl->handshake->psa_pake_password );
@@ -2867,7 +2867,7 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
         }
         *out_p = MBEDTLS_ECP_TLS_NAMED_CURVE;
         MBEDTLS_PUT_UINT16_BE( curve_info->tls_id, out_p, 1 );
-        output_offset += sizeof( uint8_t ) + sizeof( uint16_t );
+        output_offset += 3;
 
         ret = mbedtls_psa_ecjpake_write_round( &ssl->handshake->psa_pake_ctx,
                                     out_p + output_offset,