bug ?????? - run clang-format on nsNSSCertHelper.cpp r?Cykesiopka draft
authorDavid Keeler <dkeeler@mozilla.com>
Tue, 31 Jan 2017 13:23:55 -0800
changeset 468628 208fd2aa9bbe27bd6584a208bc4628c9f87dc6c8
parent 468498 ee975d32deb9eaa5641f45428cd6a4b5b555a8f5
child 468629 37b50e5052a62731286b7a5dbd788592c03ff8cb
push id43540
push userdkeeler@mozilla.com
push dateTue, 31 Jan 2017 22:31:28 +0000
reviewersCykesiopka
milestone54.0a1
bug ?????? - run clang-format on nsNSSCertHelper.cpp r?Cykesiopka MozReview-Commit-ID: 61ocKUdur9G
security/manager/ssl/nsNSSCertHelper.cpp
--- a/security/manager/ssl/nsNSSCertHelper.cpp
+++ b/security/manager/ssl/nsNSSCertHelper.cpp
@@ -20,63 +20,72 @@
 #include "nsNSSCertValidity.h"
 #include "nsNSSCertificate.h"
 #include "nsNSSComponent.h"
 #include "nsServiceManagerUtils.h"
 #include "prerror.h"
 #include "secder.h"
 
 using namespace mozilla;
- 
+
 /* Object Identifier constants */
 #define CONST_OID static const unsigned char
 #define MICROSOFT_OID 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0x37
 #define PKIX_OID 0x2b, 0x6, 0x01, 0x05, 0x05, 0x07
-CONST_OID msCertExtCerttype[]      = { MICROSOFT_OID, 20, 2};
-CONST_OID msNTPrincipalName[]      = { MICROSOFT_OID, 20, 2, 3 };
-CONST_OID msCertsrvCAVersion[]     = { MICROSOFT_OID, 21, 1 };
-CONST_OID msNTDSReplication[]      = { MICROSOFT_OID, 25, 1 };
-CONST_OID pkixLogotype[]           = { PKIX_OID, 1, 12 };
+CONST_OID msCertExtCerttype[] = { MICROSOFT_OID, 20, 2 };
+CONST_OID msNTPrincipalName[] = { MICROSOFT_OID, 20, 2, 3 };
+CONST_OID msCertsrvCAVersion[] = { MICROSOFT_OID, 21, 1 };
+CONST_OID msNTDSReplication[] = { MICROSOFT_OID, 25, 1 };
+CONST_OID pkixLogotype[] = { PKIX_OID, 1, 12 };
 
-#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
-#define OD(oid,desc,mech,ext) {OI(oid), SEC_OID_UNKNOWN, desc, mech, ext}
+#define OI(x)                                                                  \
+  {                                                                            \
+    siDEROID, (unsigned char*)x, sizeof x                                      \
+  }
+#define OD(oid, desc, mech, ext)                                               \
+  {                                                                            \
+    OI(oid), SEC_OID_UNKNOWN, desc, mech, ext                                  \
+  }
 #define SEC_OID(tag) more_oids[tag].offset
 
 static SECOidData more_oids[] = {
-    /* Microsoft OIDs */
-    #define MS_CERT_EXT_CERTTYPE 0
-    OD( msCertExtCerttype,
-        "Microsoft Certificate Template Name", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
+/* Microsoft OIDs */
+#define MS_CERT_EXT_CERTTYPE 0
+  OD(msCertExtCerttype,
+     "Microsoft Certificate Template Name",
+     CKM_INVALID_MECHANISM,
+     INVALID_CERT_EXTENSION),
 
-    #define MS_NT_PRINCIPAL_NAME 1
-    OD( msNTPrincipalName,
-        "Microsoft Principal Name", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
+#define MS_NT_PRINCIPAL_NAME 1
+  OD(msNTPrincipalName,
+     "Microsoft Principal Name",
+     CKM_INVALID_MECHANISM,
+     INVALID_CERT_EXTENSION),
 
-    #define MS_CERTSERV_CA_VERSION 2
-    OD( msCertsrvCAVersion,
-        "Microsoft CA Version", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
+#define MS_CERTSERV_CA_VERSION 2
+  OD(msCertsrvCAVersion,
+     "Microsoft CA Version",
+     CKM_INVALID_MECHANISM,
+     INVALID_CERT_EXTENSION),
 
-    #define MS_NTDS_REPLICATION 3
-    OD( msNTDSReplication,
-        "Microsoft Domain GUID", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
+#define MS_NTDS_REPLICATION 3
+  OD(msNTDSReplication,
+     "Microsoft Domain GUID",
+     CKM_INVALID_MECHANISM,
+     INVALID_CERT_EXTENSION),
 
-    #define PKIX_LOGOTYPE 4
-    OD( pkixLogotype,
-        "Logotype", 
-        CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
+#define PKIX_LOGOTYPE 4
+  OD(pkixLogotype, "Logotype", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
 };
 
 static const unsigned int numOids = (sizeof more_oids) / (sizeof more_oids[0]);
 
 static nsresult
-ProcessVersion(SECItem* versionItem, nsINSSComponent* nssComponent,
+ProcessVersion(SECItem* versionItem,
+               nsINSSComponent* nssComponent,
                nsIASN1PrintableItem** retItem)
 {
   nsAutoString text;
   nssComponent->GetPIPNSSBundleString("CertDumpVersion", text);
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
   nsresult rv = printableItem->SetDisplayName(text);
   if (NS_FAILED(rv)) {
     return rv;
@@ -95,37 +104,35 @@ ProcessVersion(SECItem* versionItem, nsI
     // default to v1 (0).
     version = 0;
   }
 
   // A value of n actually corresponds to version n + 1
   nsAutoString versionString;
   versionString.AppendInt(version + 1);
   const char16_t* params[1] = { versionString.get() };
-  rv = nssComponent->PIPBundleFormatStringFromName("CertDumpVersionValue",
-                                                   params,
-                                                   MOZ_ARRAY_LENGTH(params),
-                                                   text);
+  rv = nssComponent->PIPBundleFormatStringFromName(
+    "CertDumpVersionValue", params, MOZ_ARRAY_LENGTH(params), text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   rv = printableItem->SetDisplayValue(text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   printableItem.forget(retItem);
   return NS_OK;
 }
 
 static nsresult
 ProcessSerialNumberDER(const SECItem& serialItem,
                        NotNull<nsINSSComponent*> nssComponent,
-               /*out*/ nsCOMPtr<nsIASN1PrintableItem>& retItem)
+                       /*out*/ nsCOMPtr<nsIASN1PrintableItem>& retItem)
 {
   nsAutoString text;
   nsresult rv = nssComponent->GetPIPNSSBundleString("CertDumpSerialNo", text);
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
@@ -135,466 +142,470 @@ ProcessSerialNumberDER(const SECItem& se
   }
 
   UniquePORTString serialNumber(
     CERT_Hexify(const_cast<SECItem*>(&serialItem), 1));
   if (!serialNumber) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
-  rv = printableItem->SetDisplayValue(NS_ConvertASCIItoUTF16(serialNumber.get()));
+  rv =
+    printableItem->SetDisplayValue(NS_ConvertASCIItoUTF16(serialNumber.get()));
   if (NS_FAILED(rv)) {
     return rv;
   }
 
   retItem = printableItem.forget();
   return NS_OK;
 }
 
 static nsresult
-GetDefaultOIDFormat(SECItem *oid,
-                    nsINSSComponent *nssComponent,
-                    nsAString &outString,
+GetDefaultOIDFormat(SECItem* oid,
+                    nsINSSComponent* nssComponent,
+                    nsAString& outString,
                     char separator)
 {
   char buf[300];
   unsigned int len = 0;
   int written, invalidCount = 0;
-    
+
   unsigned int i;
-  unsigned long val  = 0;
+  unsigned long val = 0;
   bool invalid = false;
   bool first = true;
 
   val = 0;
   for (i = 0; i < oid->len; ++i) {
-    // In this loop, we have to parse a DER formatted 
-    // If the first bit is a 1, then the integer is 
-    // represented by more than one byte.  If the 
+    // In this loop, we have to parse a DER formatted
+    // If the first bit is a 1, then the integer is
+    // represented by more than one byte.  If the
     // first bit is set then we continue on and add
-    // the values of the later bytes until we get 
+    // the values of the later bytes until we get
     // a byte without the first bit set.
     unsigned long j;
 
     j = oid->data[i];
     val = (val << 7) | (j & 0x7f);
     if (j & 0x80) {
       // - If val is 0 in this block, the OID number particle starts with 0x80
       // what is specified as an invalid formating.
       // - If val is larger then 2^32-7, on next left shift by 7 we will loose
       // the most significant bits, this OID number particle cannot be read
       // by our implementation.
       // - If the first bit is set while this is the last component of the OID
       // we are also in an invalid state.
-      if (val == 0 || (val >= (1 << (32-7))) || (i == oid->len-1)) {
+      if (val == 0 || (val >= (1 << (32 - 7))) || (i == oid->len - 1)) {
         invalid = true;
       }
 
-      if (i < oid->len-1)
+      if (i < oid->len - 1)
         continue;
     }
 
     if (!invalid) {
       if (first) {
-        unsigned long one = std::min(val/40, 2UL); // never > 2
+        unsigned long one = std::min(val / 40, 2UL); // never > 2
         unsigned long two = val - (one * 40);
 
-        written = snprintf(&buf[len], sizeof(buf) - len, "%lu%c%lu",
-                           one, separator, two);
+        written = snprintf(
+          &buf[len], sizeof(buf) - len, "%lu%c%lu", one, separator, two);
+      } else {
+        written =
+          snprintf(&buf[len], sizeof(buf) - len, "%c%lu", separator, val);
       }
-      else {
-        written = snprintf(&buf[len], sizeof(buf) - len, "%c%lu",
-                           separator, val);
-      }
-    }
-    else {
+    } else {
       nsAutoString unknownText;
-      nssComponent->GetPIPNSSBundleString("CertUnknown", 
-                                          unknownText);
+      nssComponent->GetPIPNSSBundleString("CertUnknown", unknownText);
       if (first) {
-        written = snprintf(&buf[len], sizeof(buf) - len, "%s",
+        written = snprintf(&buf[len],
+                           sizeof(buf) - len,
+                           "%s",
                            NS_ConvertUTF16toUTF8(unknownText).get());
-      }
-      else {
-        written = snprintf(&buf[len], sizeof(buf) - len, "%c%s",
-                           separator, NS_ConvertUTF16toUTF8(unknownText).get());
+      } else {
+        written = snprintf(&buf[len],
+                           sizeof(buf) - len,
+                           "%c%s",
+                           separator,
+                           NS_ConvertUTF16toUTF8(unknownText).get());
       }
 
       if (++invalidCount > 3) {
         // Allow only 3 occurences of Unknown in OID display string to
         // prevent bloat.
         break;
       }
     }
 
     if (written < 0)
       return NS_ERROR_FAILURE;
 
     len += written;
     MOZ_ASSERT(len < sizeof(buf), "OID data too big to display in 300 chars.");
-    val = 0;      
+    val = 0;
     invalid = false;
     first = false;
   }
 
   CopyASCIItoUTF16(buf, outString);
-  return NS_OK; 
+  return NS_OK;
 }
 
 static nsresult
-GetOIDText(SECItem *oid, nsINSSComponent *nssComponent, nsAString &text)
-{ 
+GetOIDText(SECItem* oid, nsINSSComponent* nssComponent, nsAString& text)
+{
   nsresult rv;
   SECOidTag oidTag = SECOID_FindOIDTag(oid);
-  const char *bundlekey = 0;
+  const char* bundlekey = 0;
 
   switch (oidTag) {
-  case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
-    bundlekey = "CertDumpMD2WithRSA";
-    break;
-  case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
-    bundlekey = "CertDumpMD5WithRSA";
-    break;
-  case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
-    bundlekey = "CertDumpSHA1WithRSA";
-    break;
-  case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
-    bundlekey = "CertDumpSHA256WithRSA";
-    break;
-  case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
-    bundlekey = "CertDumpSHA384WithRSA";
-    break;
-  case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
-    bundlekey = "CertDumpSHA512WithRSA";
-    break;
-  case SEC_OID_PKCS1_RSA_ENCRYPTION:
-    bundlekey = "CertDumpRSAEncr";
-    break;
-  case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
-    bundlekey = "CertDumpRSAPSSSignature";
-    break;
-  case SEC_OID_AVA_COUNTRY_NAME:
-    bundlekey = "CertDumpAVACountry";
-    break;
-  case SEC_OID_AVA_COMMON_NAME:
-    bundlekey = "CertDumpAVACN";
-    break;
-  case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
-    bundlekey = "CertDumpAVAOU";
-    break;
-  case SEC_OID_AVA_ORGANIZATION_NAME:
-    bundlekey = "CertDumpAVAOrg";
-    break;
-  case SEC_OID_AVA_LOCALITY:
-    bundlekey = "CertDumpAVALocality";
-    break;
-  case SEC_OID_AVA_DN_QUALIFIER:
-    bundlekey = "CertDumpAVADN";
-    break;
-  case SEC_OID_AVA_DC:
-    bundlekey = "CertDumpAVADC";
-    break;
-  case SEC_OID_AVA_STATE_OR_PROVINCE:
-    bundlekey = "CertDumpAVAState";
-    break;
-  case SEC_OID_AVA_SURNAME:
-    bundlekey = "CertDumpSurname";
-    break;
-  case SEC_OID_AVA_GIVEN_NAME:
-    bundlekey = "CertDumpGivenName";
-    break;
-  case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
-    bundlekey = "CertDumpSubjectDirectoryAttr";
-    break;
-  case SEC_OID_X509_SUBJECT_KEY_ID:
-    bundlekey = "CertDumpSubjectKeyID";
-    break;
-  case SEC_OID_X509_KEY_USAGE:
-    bundlekey = "CertDumpKeyUsage";
-    break;
-  case SEC_OID_X509_SUBJECT_ALT_NAME:
-    bundlekey = "CertDumpSubjectAltName";
-    break;
-  case SEC_OID_X509_ISSUER_ALT_NAME:
-    bundlekey = "CertDumpIssuerAltName";
-    break;
-  case SEC_OID_X509_BASIC_CONSTRAINTS:
-    bundlekey = "CertDumpBasicConstraints";
-    break;
-  case SEC_OID_X509_NAME_CONSTRAINTS:
-    bundlekey = "CertDumpNameConstraints";
-    break;
-  case SEC_OID_X509_CRL_DIST_POINTS:
-    bundlekey = "CertDumpCrlDistPoints";
-    break;
-  case SEC_OID_X509_CERTIFICATE_POLICIES:
-    bundlekey = "CertDumpCertPolicies";
-    break;
-  case SEC_OID_X509_POLICY_MAPPINGS:
-    bundlekey = "CertDumpPolicyMappings";
-    break;
-  case SEC_OID_X509_POLICY_CONSTRAINTS:
-    bundlekey = "CertDumpPolicyConstraints";
-    break;
-  case SEC_OID_X509_AUTH_KEY_ID:
-    bundlekey = "CertDumpAuthKeyID";
-    break;
-  case SEC_OID_X509_EXT_KEY_USAGE:
-    bundlekey = "CertDumpExtKeyUsage";
-    break;
-  case SEC_OID_X509_AUTH_INFO_ACCESS:
-    bundlekey = "CertDumpAuthInfoAccess";
-    break;
-  case SEC_OID_ANSIX9_DSA_SIGNATURE:
-    bundlekey = "CertDumpAnsiX9DsaSignature";
-    break;
-  case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
-    bundlekey = "CertDumpAnsiX9DsaSignatureWithSha1";
-    break;
-  case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
-    bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha1";
-    break;
-  case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
-    bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha224";
-    break;
-  case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
-    bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha256";
-    break;
-  case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
-    bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha384";
-    break;
-  case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
-    bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha512";
-    break;
-  case SEC_OID_RFC1274_UID:
-    bundlekey = "CertDumpUserID";
-    break;
-  case SEC_OID_PKCS9_EMAIL_ADDRESS:
-    bundlekey = "CertDumpPK9Email";
-    break;
-  case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
-    bundlekey = "CertDumpECPublicKey";
-    break;
-  /* ANSI X9.62 named elliptic curves (prime field) */
-  case SEC_OID_ANSIX962_EC_PRIME192V1:
-    /* same as SEC_OID_SECG_EC_SECP192r1 */
-    bundlekey = "CertDumpECprime192v1";
-    break;
-  case SEC_OID_ANSIX962_EC_PRIME192V2:
-    bundlekey = "CertDumpECprime192v2";
-    break;
-  case SEC_OID_ANSIX962_EC_PRIME192V3:
-    bundlekey = "CertDumpECprime192v3";
-    break;
-  case SEC_OID_ANSIX962_EC_PRIME239V1:
-    bundlekey = "CertDumpECprime239v1";
-    break;
-  case SEC_OID_ANSIX962_EC_PRIME239V2:
-    bundlekey = "CertDumpECprime239v2";
-    break;
-  case SEC_OID_ANSIX962_EC_PRIME239V3:
-    bundlekey = "CertDumpECprime239v3";
-    break;
-  case SEC_OID_ANSIX962_EC_PRIME256V1:
-    /* same as SEC_OID_SECG_EC_SECP256r1 */
-    bundlekey = "CertDumpECprime256v1";
-    break;
-  /* SECG named elliptic curves (prime field) */
-  case SEC_OID_SECG_EC_SECP112R1:
-    bundlekey = "CertDumpECsecp112r1";
-    break;
-  case SEC_OID_SECG_EC_SECP112R2:
-    bundlekey = "CertDumpECsecp112r2";
-    break;
-  case SEC_OID_SECG_EC_SECP128R1:
-    bundlekey = "CertDumpECsecp128r1";
-    break;
-  case SEC_OID_SECG_EC_SECP128R2:
-    bundlekey = "CertDumpECsecp128r2";
-    break;
-  case SEC_OID_SECG_EC_SECP160K1:
-    bundlekey = "CertDumpECsecp160k1";
-    break;
-  case SEC_OID_SECG_EC_SECP160R1:
-    bundlekey = "CertDumpECsecp160r1";
-    break;
-  case SEC_OID_SECG_EC_SECP160R2:
-    bundlekey = "CertDumpECsecp160r2";
-    break;
-  case SEC_OID_SECG_EC_SECP192K1:
-    bundlekey = "CertDumpECsecp192k1";
-    break;
-  case SEC_OID_SECG_EC_SECP224K1:
-    bundlekey = "CertDumpECsecp224k1";
-    break;
-  case SEC_OID_SECG_EC_SECP224R1:
-    bundlekey = "CertDumpECsecp224r1";
-    break;
-  case SEC_OID_SECG_EC_SECP256K1:
-    bundlekey = "CertDumpECsecp256k1";
-    break;
-  case SEC_OID_SECG_EC_SECP384R1:
-    bundlekey = "CertDumpECsecp384r1";
-    break;
+    case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
+      bundlekey = "CertDumpMD2WithRSA";
+      break;
+    case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+      bundlekey = "CertDumpMD5WithRSA";
+      break;
+    case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+      bundlekey = "CertDumpSHA1WithRSA";
+      break;
+    case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+      bundlekey = "CertDumpSHA256WithRSA";
+      break;
+    case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+      bundlekey = "CertDumpSHA384WithRSA";
+      break;
+    case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+      bundlekey = "CertDumpSHA512WithRSA";
+      break;
+    case SEC_OID_PKCS1_RSA_ENCRYPTION:
+      bundlekey = "CertDumpRSAEncr";
+      break;
+    case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+      bundlekey = "CertDumpRSAPSSSignature";
+      break;
+    case SEC_OID_AVA_COUNTRY_NAME:
+      bundlekey = "CertDumpAVACountry";
+      break;
+    case SEC_OID_AVA_COMMON_NAME:
+      bundlekey = "CertDumpAVACN";
+      break;
+    case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
+      bundlekey = "CertDumpAVAOU";
+      break;
+    case SEC_OID_AVA_ORGANIZATION_NAME:
+      bundlekey = "CertDumpAVAOrg";
+      break;
+    case SEC_OID_AVA_LOCALITY:
+      bundlekey = "CertDumpAVALocality";
+      break;
+    case SEC_OID_AVA_DN_QUALIFIER:
+      bundlekey = "CertDumpAVADN";
+      break;
+    case SEC_OID_AVA_DC:
+      bundlekey = "CertDumpAVADC";
+      break;
+    case SEC_OID_AVA_STATE_OR_PROVINCE:
+      bundlekey = "CertDumpAVAState";
+      break;
+    case SEC_OID_AVA_SURNAME:
+      bundlekey = "CertDumpSurname";
+      break;
+    case SEC_OID_AVA_GIVEN_NAME:
+      bundlekey = "CertDumpGivenName";
+      break;
+    case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
+      bundlekey = "CertDumpSubjectDirectoryAttr";
+      break;
+    case SEC_OID_X509_SUBJECT_KEY_ID:
+      bundlekey = "CertDumpSubjectKeyID";
+      break;
+    case SEC_OID_X509_KEY_USAGE:
+      bundlekey = "CertDumpKeyUsage";
+      break;
+    case SEC_OID_X509_SUBJECT_ALT_NAME:
+      bundlekey = "CertDumpSubjectAltName";
+      break;
+    case SEC_OID_X509_ISSUER_ALT_NAME:
+      bundlekey = "CertDumpIssuerAltName";
+      break;
+    case SEC_OID_X509_BASIC_CONSTRAINTS:
+      bundlekey = "CertDumpBasicConstraints";
+      break;
+    case SEC_OID_X509_NAME_CONSTRAINTS:
+      bundlekey = "CertDumpNameConstraints";
+      break;
+    case SEC_OID_X509_CRL_DIST_POINTS:
+      bundlekey = "CertDumpCrlDistPoints";
+      break;
+    case SEC_OID_X509_CERTIFICATE_POLICIES:
+      bundlekey = "CertDumpCertPolicies";
+      break;
+    case SEC_OID_X509_POLICY_MAPPINGS:
+      bundlekey = "CertDumpPolicyMappings";
+      break;
+    case SEC_OID_X509_POLICY_CONSTRAINTS:
+      bundlekey = "CertDumpPolicyConstraints";
+      break;
+    case SEC_OID_X509_AUTH_KEY_ID:
+      bundlekey = "CertDumpAuthKeyID";
+      break;
+    case SEC_OID_X509_EXT_KEY_USAGE:
+      bundlekey = "CertDumpExtKeyUsage";
+      break;
+    case SEC_OID_X509_AUTH_INFO_ACCESS:
+      bundlekey = "CertDumpAuthInfoAccess";
+      break;
+    case SEC_OID_ANSIX9_DSA_SIGNATURE:
+      bundlekey = "CertDumpAnsiX9DsaSignature";
+      break;
+    case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+      bundlekey = "CertDumpAnsiX9DsaSignatureWithSha1";
+      break;
+    case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+      bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha1";
+      break;
+    case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+      bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha224";
+      break;
+    case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+      bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha256";
+      break;
+    case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+      bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha384";
+      break;
+    case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+      bundlekey = "CertDumpAnsiX962ECDsaSignatureWithSha512";
+      break;
+    case SEC_OID_RFC1274_UID:
+      bundlekey = "CertDumpUserID";
+      break;
+    case SEC_OID_PKCS9_EMAIL_ADDRESS:
+      bundlekey = "CertDumpPK9Email";
+      break;
+    case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
+      bundlekey = "CertDumpECPublicKey";
+      break;
+    /* ANSI X9.62 named elliptic curves (prime field) */
+    case SEC_OID_ANSIX962_EC_PRIME192V1:
+      /* same as SEC_OID_SECG_EC_SECP192r1 */
+      bundlekey = "CertDumpECprime192v1";
+      break;
+    case SEC_OID_ANSIX962_EC_PRIME192V2:
+      bundlekey = "CertDumpECprime192v2";
+      break;
+    case SEC_OID_ANSIX962_EC_PRIME192V3:
+      bundlekey = "CertDumpECprime192v3";
+      break;
+    case SEC_OID_ANSIX962_EC_PRIME239V1:
+      bundlekey = "CertDumpECprime239v1";
+      break;
+    case SEC_OID_ANSIX962_EC_PRIME239V2:
+      bundlekey = "CertDumpECprime239v2";
+      break;
+    case SEC_OID_ANSIX962_EC_PRIME239V3:
+      bundlekey = "CertDumpECprime239v3";
+      break;
+    case SEC_OID_ANSIX962_EC_PRIME256V1:
+      /* same as SEC_OID_SECG_EC_SECP256r1 */
+      bundlekey = "CertDumpECprime256v1";
+      break;
+    /* SECG named elliptic curves (prime field) */
+    case SEC_OID_SECG_EC_SECP112R1:
+      bundlekey = "CertDumpECsecp112r1";
+      break;
+    case SEC_OID_SECG_EC_SECP112R2:
+      bundlekey = "CertDumpECsecp112r2";
+      break;
+    case SEC_OID_SECG_EC_SECP128R1:
+      bundlekey = "CertDumpECsecp128r1";
+      break;
+    case SEC_OID_SECG_EC_SECP128R2:
+      bundlekey = "CertDumpECsecp128r2";
+      break;
+    case SEC_OID_SECG_EC_SECP160K1:
+      bundlekey = "CertDumpECsecp160k1";
+      break;
+    case SEC_OID_SECG_EC_SECP160R1:
+      bundlekey = "CertDumpECsecp160r1";
+      break;
+    case SEC_OID_SECG_EC_SECP160R2:
+      bundlekey = "CertDumpECsecp160r2";
+      break;
+    case SEC_OID_SECG_EC_SECP192K1:
+      bundlekey = "CertDumpECsecp192k1";
+      break;
+    case SEC_OID_SECG_EC_SECP224K1:
+      bundlekey = "CertDumpECsecp224k1";
+      break;
+    case SEC_OID_SECG_EC_SECP224R1:
+      bundlekey = "CertDumpECsecp224r1";
+      break;
+    case SEC_OID_SECG_EC_SECP256K1:
+      bundlekey = "CertDumpECsecp256k1";
+      break;
+    case SEC_OID_SECG_EC_SECP384R1:
+      bundlekey = "CertDumpECsecp384r1";
+      break;
 
-  case SEC_OID_SECG_EC_SECP521R1:
-    bundlekey = "CertDumpECsecp521r1";
-    break;
-  /* ANSI X9.62 named elliptic curves (characteristic two field) */
-  case SEC_OID_ANSIX962_EC_C2PNB163V1:
-    bundlekey = "CertDumpECc2pnb163v1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB163V2:
-    bundlekey = "CertDumpECc2pnb163v2";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB163V3:
-    bundlekey = "CertDumpECc2pnb163v3";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB176V1:
-    bundlekey = "CertDumpECc2pnb176v1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB191V1:
-    bundlekey = "CertDumpECc2tnb191v1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB191V2:
-    bundlekey = "CertDumpECc2tnb191v2";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB191V3:
-    bundlekey = "CertDumpECc2tnb191v3";
-    break;
-  case SEC_OID_ANSIX962_EC_C2ONB191V4:
-    bundlekey = "CertDumpECc2onb191v4";
-    break;
-  case SEC_OID_ANSIX962_EC_C2ONB191V5:
-    bundlekey = "CertDumpECc2onb191v5";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB208W1:
-    bundlekey = "CertDumpECc2pnb208w1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB239V1:
-    bundlekey = "CertDumpECc2tnb239v1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB239V2:
-    bundlekey = "CertDumpECc2tnb239v2";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB239V3:
-    bundlekey = "CertDumpECc2tnb239v3";
-    break;
-  case SEC_OID_ANSIX962_EC_C2ONB239V4:
-    bundlekey = "CertDumpECc2onb239v4";
-    break;
-  case SEC_OID_ANSIX962_EC_C2ONB239V5:
-    bundlekey = "CertDumpECc2onb239v5";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB272W1:
-    bundlekey = "CertDumpECc2pnb272w1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB304W1:
-    bundlekey = "CertDumpECc2pnb304w1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB359V1:
-    bundlekey = "CertDumpECc2tnb359v1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2PNB368W1:
-    bundlekey = "CertDumpECc2pnb368w1";
-    break;
-  case SEC_OID_ANSIX962_EC_C2TNB431R1:
-    bundlekey = "CertDumpECc2tnb431r1";
-    break;
-  /* SECG named elliptic curves (characteristic two field) */
-  case SEC_OID_SECG_EC_SECT113R1:
-    bundlekey = "CertDumpECsect113r1";
-    break;
-  case SEC_OID_SECG_EC_SECT113R2:
-    bundlekey = "CertDumpECsect113r2";
-    break;
-  case SEC_OID_SECG_EC_SECT131R1:
-    bundlekey = "CertDumpECsect131r1";
-    break;
-  case SEC_OID_SECG_EC_SECT131R2:
-    bundlekey = "CertDumpECsect131r2";
-    break;
-  case SEC_OID_SECG_EC_SECT163K1:
-    bundlekey = "CertDumpECsect163k1";
-    break;
-  case SEC_OID_SECG_EC_SECT163R1:
-    bundlekey = "CertDumpECsect163r1";
-    break;
-  case SEC_OID_SECG_EC_SECT163R2:
-    bundlekey = "CertDumpECsect163r2";
-    break;
-  case SEC_OID_SECG_EC_SECT193R1:
-    bundlekey = "CertDumpECsect193r1";
-    break;
-  case SEC_OID_SECG_EC_SECT193R2:
-    bundlekey = "CertDumpECsect193r2";
-    break;
-  case SEC_OID_SECG_EC_SECT233K1:
-    bundlekey = "CertDumpECsect233k1";
-    break;
-  case SEC_OID_SECG_EC_SECT233R1:
-    bundlekey = "CertDumpECsect233r1";
-    break;
-  case SEC_OID_SECG_EC_SECT239K1:
-    bundlekey = "CertDumpECsect239k1";
-    break;
-  case SEC_OID_SECG_EC_SECT283K1:
-    bundlekey = "CertDumpECsect283k1";
-    break;
-  case SEC_OID_SECG_EC_SECT283R1:
-    bundlekey = "CertDumpECsect283r1";
-    break;
-  case SEC_OID_SECG_EC_SECT409K1:
-    bundlekey = "CertDumpECsect409k1";
-    break;
-  case SEC_OID_SECG_EC_SECT409R1:
-    bundlekey = "CertDumpECsect409r1";
-    break;
-  case SEC_OID_SECG_EC_SECT571K1:
-    bundlekey = "CertDumpECsect571k1";
-    break;
-  case SEC_OID_SECG_EC_SECT571R1:
-    bundlekey = "CertDumpECsect571r1";
-    break;
-  default: 
-    if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
-      bundlekey = "CertDumpMSCerttype";
+    case SEC_OID_SECG_EC_SECP521R1:
+      bundlekey = "CertDumpECsecp521r1";
+      break;
+    /* ANSI X9.62 named elliptic curves (characteristic two field) */
+    case SEC_OID_ANSIX962_EC_C2PNB163V1:
+      bundlekey = "CertDumpECc2pnb163v1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB163V2:
+      bundlekey = "CertDumpECc2pnb163v2";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB163V3:
+      bundlekey = "CertDumpECc2pnb163v3";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB176V1:
+      bundlekey = "CertDumpECc2pnb176v1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB191V1:
+      bundlekey = "CertDumpECc2tnb191v1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB191V2:
+      bundlekey = "CertDumpECc2tnb191v2";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB191V3:
+      bundlekey = "CertDumpECc2tnb191v3";
+      break;
+    case SEC_OID_ANSIX962_EC_C2ONB191V4:
+      bundlekey = "CertDumpECc2onb191v4";
+      break;
+    case SEC_OID_ANSIX962_EC_C2ONB191V5:
+      bundlekey = "CertDumpECc2onb191v5";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB208W1:
+      bundlekey = "CertDumpECc2pnb208w1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB239V1:
+      bundlekey = "CertDumpECc2tnb239v1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB239V2:
+      bundlekey = "CertDumpECc2tnb239v2";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB239V3:
+      bundlekey = "CertDumpECc2tnb239v3";
+      break;
+    case SEC_OID_ANSIX962_EC_C2ONB239V4:
+      bundlekey = "CertDumpECc2onb239v4";
+      break;
+    case SEC_OID_ANSIX962_EC_C2ONB239V5:
+      bundlekey = "CertDumpECc2onb239v5";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB272W1:
+      bundlekey = "CertDumpECc2pnb272w1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB304W1:
+      bundlekey = "CertDumpECc2pnb304w1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB359V1:
+      bundlekey = "CertDumpECc2tnb359v1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2PNB368W1:
+      bundlekey = "CertDumpECc2pnb368w1";
+      break;
+    case SEC_OID_ANSIX962_EC_C2TNB431R1:
+      bundlekey = "CertDumpECc2tnb431r1";
       break;
-    }
-    if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
-      bundlekey = "CertDumpMSCAVersion";
+    /* SECG named elliptic curves (characteristic two field) */
+    case SEC_OID_SECG_EC_SECT113R1:
+      bundlekey = "CertDumpECsect113r1";
+      break;
+    case SEC_OID_SECG_EC_SECT113R2:
+      bundlekey = "CertDumpECsect113r2";
+      break;
+    case SEC_OID_SECG_EC_SECT131R1:
+      bundlekey = "CertDumpECsect131r1";
+      break;
+    case SEC_OID_SECG_EC_SECT131R2:
+      bundlekey = "CertDumpECsect131r2";
+      break;
+    case SEC_OID_SECG_EC_SECT163K1:
+      bundlekey = "CertDumpECsect163k1";
+      break;
+    case SEC_OID_SECG_EC_SECT163R1:
+      bundlekey = "CertDumpECsect163r1";
+      break;
+    case SEC_OID_SECG_EC_SECT163R2:
+      bundlekey = "CertDumpECsect163r2";
+      break;
+    case SEC_OID_SECG_EC_SECT193R1:
+      bundlekey = "CertDumpECsect193r1";
+      break;
+    case SEC_OID_SECG_EC_SECT193R2:
+      bundlekey = "CertDumpECsect193r2";
+      break;
+    case SEC_OID_SECG_EC_SECT233K1:
+      bundlekey = "CertDumpECsect233k1";
+      break;
+    case SEC_OID_SECG_EC_SECT233R1:
+      bundlekey = "CertDumpECsect233r1";
       break;
-    }
-    if (oidTag == SEC_OID(PKIX_LOGOTYPE)) {
-      bundlekey = "CertDumpLogotype";
+    case SEC_OID_SECG_EC_SECT239K1:
+      bundlekey = "CertDumpECsect239k1";
+      break;
+    case SEC_OID_SECG_EC_SECT283K1:
+      bundlekey = "CertDumpECsect283k1";
+      break;
+    case SEC_OID_SECG_EC_SECT283R1:
+      bundlekey = "CertDumpECsect283r1";
+      break;
+    case SEC_OID_SECG_EC_SECT409K1:
+      bundlekey = "CertDumpECsect409k1";
+      break;
+    case SEC_OID_SECG_EC_SECT409R1:
+      bundlekey = "CertDumpECsect409r1";
+      break;
+    case SEC_OID_SECG_EC_SECT571K1:
+      bundlekey = "CertDumpECsect571k1";
       break;
-    }
-    /* fallthrough */
+    case SEC_OID_SECG_EC_SECT571R1:
+      bundlekey = "CertDumpECsect571r1";
+      break;
+    default:
+      if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
+        bundlekey = "CertDumpMSCerttype";
+        break;
+      }
+      if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
+        bundlekey = "CertDumpMSCAVersion";
+        break;
+      }
+      if (oidTag == SEC_OID(PKIX_LOGOTYPE)) {
+        bundlekey = "CertDumpLogotype";
+        break;
+      }
+      /* fallthrough */
   }
 
   if (bundlekey) {
     rv = nssComponent->GetPIPNSSBundleString(bundlekey, text);
   } else {
     nsAutoString text2;
     rv = GetDefaultOIDFormat(oid, nssComponent, text2, ' ');
     if (NS_FAILED(rv))
       return rv;
 
-    const char16_t *params[1] = {text2.get()};
-    rv = nssComponent->PIPBundleFormatStringFromName("CertDumpDefOID",
-                                                     params, 1, text);
+    const char16_t* params[1] = { text2.get() };
+    rv = nssComponent->PIPBundleFormatStringFromName(
+      "CertDumpDefOID", params, 1, text);
   }
-  return rv;  
+  return rv;
 }
 
 #define SEPARATOR "\n"
 
 static nsresult
-ProcessRawBytes(nsINSSComponent *nssComponent, SECItem *data, 
-                nsAString &text, bool wantHeader = true)
+ProcessRawBytes(nsINSSComponent* nssComponent,
+                SECItem* data,
+                nsAString& text,
+                bool wantHeader = true)
 {
   // This function is used to display some DER bytes
   // that we have not added support for decoding.
   // If it's short, let's display as an integer, no size header.
 
   if (data->len <= 4) {
     int i_pv = DER_GetInteger(data);
     nsAutoString value;
@@ -604,79 +615,82 @@ ProcessRawBytes(nsINSSComponent *nssComp
     return NS_OK;
   }
 
   // Else produce a hex dump.
 
   if (wantHeader) {
     nsAutoString bytelen, bitlen;
     bytelen.AppendInt(data->len);
-    bitlen.AppendInt(data->len*8);
-  
-    const char16_t *params[2] = {bytelen.get(), bitlen.get()};
-    nsresult rv = nssComponent->PIPBundleFormatStringFromName("CertDumpRawBytesHeader",
-                                                              params, 2, text);
+    bitlen.AppendInt(data->len * 8);
+
+    const char16_t* params[2] = { bytelen.get(), bitlen.get() };
+    nsresult rv = nssComponent->PIPBundleFormatStringFromName(
+      "CertDumpRawBytesHeader", params, 2, text);
     if (NS_FAILED(rv))
       return rv;
 
     text.AppendLiteral(SEPARATOR);
   }
 
-  // This prints the value of the byte out into a 
+  // This prints the value of the byte out into a
   // string that can later be displayed as a byte
   // string.  We place a new line after 24 bytes
   // to break up extermaly long sequence of bytes.
 
   uint32_t i;
   char buffer[5];
-  for (i=0; i<data->len; i++) {
+  for (i = 0; i < data->len; i++) {
     SprintfLiteral(buffer, "%02x ", data->data[i]);
     AppendASCIItoUTF16(buffer, text);
-    if ((i+1)%16 == 0) {
+    if ((i + 1) % 16 == 0) {
       text.AppendLiteral(SEPARATOR);
     }
   }
   return NS_OK;
 }
 
 /**
  * Appends a pipnss bundle string to the given string.
  *
  * @param nssComponent For accessing the string bundle.
  * @param bundleKey Key for the string to append.
  * @param currentText The text to append to, using |SEPARATOR| as the separator.
  */
-template<size_t N>
-void AppendBundleString(const NotNull<nsINSSComponent*>& nssComponent,
-                        const char (&bundleKey)[N],
-             /*in/out*/ nsAString& currentText)
+template <size_t N>
+void
+AppendBundleString(const NotNull<nsINSSComponent*>& nssComponent,
+                   const char (&bundleKey)[N],
+                   /*in/out*/ nsAString& currentText)
 {
   nsAutoString bundleString;
   nsresult rv = nssComponent->GetPIPNSSBundleString(bundleKey, bundleString);
   if (NS_FAILED(rv)) {
     return;
   }
 
   currentText.Append(bundleString);
   currentText.AppendLiteral(SEPARATOR);
 }
 
 static nsresult
-ProcessKeyUsageExtension(SECItem *extData, nsAString &text,
-                         nsINSSComponent *nssComponent)
+ProcessKeyUsageExtension(SECItem* extData,
+                         nsAString& text,
+                         nsINSSComponent* nssComponent)
 {
   MOZ_ASSERT(extData);
   MOZ_ASSERT(nssComponent);
   NS_ENSURE_ARG(extData);
   NS_ENSURE_ARG(nssComponent);
 
   NotNull<nsINSSComponent*> wrappedNSSComponent = WrapNotNull(nssComponent);
   ScopedAutoSECItem decoded;
-  if (SEC_ASN1DecodeItem(nullptr, &decoded, SEC_ASN1_GET(SEC_BitStringTemplate),
-                         extData) != SECSuccess) {
+  if (SEC_ASN1DecodeItem(
+        nullptr, &decoded, SEC_ASN1_GET(SEC_BitStringTemplate), extData) !=
+      SECSuccess) {
     AppendBundleString(wrappedNSSComponent, "CertDumpExtensionFailure", text);
     return NS_OK;
   }
   unsigned char keyUsage = 0;
   if (decoded.len) {
     keyUsage = decoded.data[0];
   }
 
@@ -701,27 +715,27 @@ ProcessKeyUsageExtension(SECItem *extDat
   if (keyUsage & KU_CRL_SIGN) {
     AppendBundleString(wrappedNSSComponent, "CertDumpKUCRLSigner", text);
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessBasicConstraints(SECItem  *extData, 
-                        nsAString &text,
-                        nsINSSComponent *nssComponent)
+ProcessBasicConstraints(SECItem* extData,
+                        nsAString& text,
+                        nsINSSComponent* nssComponent)
 {
   nsAutoString local;
   CERTBasicConstraints value;
   SECStatus rv;
   nsresult rv2;
 
   value.pathLenConstraint = -1;
-  rv = CERT_DecodeBasicConstraintValue (&value, extData);
+  rv = CERT_DecodeBasicConstraintValue(&value, extData);
   if (rv != SECSuccess) {
     ProcessRawBytes(nssComponent, extData, text);
     return NS_OK;
   }
   if (value.isCA)
     rv2 = nssComponent->GetPIPNSSBundleString("CertDumpIsCA", local);
   else
     rv2 = nssComponent->GetPIPNSSBundleString("CertDumpIsNotCA", local);
@@ -729,54 +743,54 @@ ProcessBasicConstraints(SECItem  *extDat
     return rv2;
   text.Append(local.get());
   if (value.pathLenConstraint != -1) {
     nsAutoString depth;
     if (value.pathLenConstraint == CERT_UNLIMITED_PATH_CONSTRAINT)
       nssComponent->GetPIPNSSBundleString("CertDumpPathLenUnlimited", depth);
     else
       depth.AppendInt(value.pathLenConstraint);
-    const char16_t *params[1] = {depth.get()};
-    rv2 = nssComponent->PIPBundleFormatStringFromName("CertDumpPathLen",
-                                                      params, 1, local);
+    const char16_t* params[1] = { depth.get() };
+    rv2 = nssComponent->PIPBundleFormatStringFromName(
+      "CertDumpPathLen", params, 1, local);
     if (NS_FAILED(rv2))
       return rv2;
     text.AppendLiteral(SEPARATOR);
     text.Append(local.get());
   }
   return NS_OK;
 }
 
 static nsresult
-ProcessExtKeyUsage(SECItem  *extData, 
-                   nsAString &text,
-                   nsINSSComponent *nssComponent)
+ProcessExtKeyUsage(SECItem* extData,
+                   nsAString& text,
+                   nsINSSComponent* nssComponent)
 {
   nsAutoString local;
-  SECItem **oids;
-  SECItem *oid;
+  SECItem** oids;
+  SECItem* oid;
   nsresult rv;
 
   UniqueCERTOidSequence extKeyUsage(CERT_DecodeOidSequence(extData));
   if (!extKeyUsage) {
     return NS_ERROR_FAILURE;
   }
 
   oids = extKeyUsage->oids;
   while (oids && *oids) {
     // For each OID, try to find a bundle string
     // of the form CertDumpEKU_<underlined-OID>
     nsAutoString oidname;
     oid = *oids;
     rv = GetDefaultOIDFormat(oid, nssComponent, oidname, '_');
     if (NS_FAILED(rv))
       return rv;
-    nsAutoString bundlekey = NS_LITERAL_STRING("CertDumpEKU_")+ oidname;
+    nsAutoString bundlekey = NS_LITERAL_STRING("CertDumpEKU_") + oidname;
     NS_ConvertUTF16toUTF8 bk_ascii(bundlekey);
-    
+
     rv = nssComponent->GetPIPNSSBundleString(bk_ascii.get(), local);
     nsresult rv2 = GetDefaultOIDFormat(oid, nssComponent, oidname, '.');
     if (NS_FAILED(rv2))
       return rv2;
     if (NS_SUCCEEDED(rv)) {
       // display name and OID in parentheses
       text.Append(local);
       text.AppendLiteral(" (");
@@ -789,282 +803,312 @@ ProcessExtKeyUsage(SECItem  *extData,
     text.AppendLiteral(SEPARATOR);
     oids++;
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessRDN(CERTRDN* rdn, nsAString &finalString, nsINSSComponent *nssComponent)
+ProcessRDN(CERTRDN* rdn, nsAString& finalString, nsINSSComponent* nssComponent)
 {
   nsresult rv;
   CERTAVA** avas;
   CERTAVA* ava;
   nsString avavalue;
   nsString type;
   nsAutoString temp;
-  const char16_t *params[2];
+  const char16_t* params[2];
 
   avas = rdn->avas;
   while ((ava = *avas++) != 0) {
     rv = GetOIDText(&ava->type, nssComponent, type);
     if (NS_FAILED(rv)) {
       return rv;
     }
 
-    //This function returns a string in UTF8 format.
+    // This function returns a string in UTF8 format.
     UniqueSECItem decodeItem(CERT_DecodeAVAValue(&ava->value));
     if (!decodeItem) {
       return NS_ERROR_FAILURE;
     }
 
     // We know we can fit buffer of this length. CERT_RFC1485_EscapeAndQuote
     // will fail if we provide smaller buffer then the result can fit to.
     int escapedValueCapacity = decodeItem->len * 3 + 3;
     UniquePtr<char[]> escapedValue = MakeUnique<char[]>(escapedValueCapacity);
 
-    SECStatus status = CERT_RFC1485_EscapeAndQuote(
-          escapedValue.get(),
-          escapedValueCapacity, 
-          (char*)decodeItem->data, 
-          decodeItem->len);
+    SECStatus status = CERT_RFC1485_EscapeAndQuote(escapedValue.get(),
+                                                   escapedValueCapacity,
+                                                   (char*)decodeItem->data,
+                                                   decodeItem->len);
     if (SECSuccess != status) {
       return NS_ERROR_FAILURE;
     }
 
     avavalue = NS_ConvertUTF8toUTF16(escapedValue.get());
 
     params[0] = type.get();
     params[1] = avavalue.get();
-    nssComponent->PIPBundleFormatStringFromName("AVATemplate",
-                                                  params, 2, temp);
+    nssComponent->PIPBundleFormatStringFromName("AVATemplate", params, 2, temp);
     finalString += temp + NS_LITERAL_STRING("\n");
   }
   return NS_OK;
 }
 
 static nsresult
-ProcessName(CERTName *name, nsINSSComponent *nssComponent, char16_t **value)
+ProcessName(CERTName* name, nsINSSComponent* nssComponent, char16_t** value)
 {
   CERTRDN** rdns;
   CERTRDN** rdn;
   nsString finalString;
 
   rdns = name->rdns;
 
   nsresult rv;
-  CERTRDN **lastRdn;
+  CERTRDN** lastRdn;
   /* find last RDN */
   lastRdn = rdns;
-  while (*lastRdn) lastRdn++;
+  while (*lastRdn)
+    lastRdn++;
   // The above whille loop will put us at the last member
   // of the array which is a nullptr pointer.  So let's back
-  // up one spot so that we have the last non-nullptr entry in 
-  // the array in preparation for traversing the 
+  // up one spot so that we have the last non-nullptr entry in
+  // the array in preparation for traversing the
   // RDN's (Relative Distinguished Name) in reverse oder.
   lastRdn--;
-   
+
   /*
    * Loop over name contents in _reverse_ RDN order appending to string
-   * When building the Ascii string, NSS loops over these entries in 
+   * When building the Ascii string, NSS loops over these entries in
    * reverse order, so I will as well.  The difference is that NSS
    * will always place them in a one line string separated by commas,
    * where I want each entry on a single line.  I can't just use a comma
-   * as my delimitter because it is a valid character to have in the 
+   * as my delimitter because it is a valid character to have in the
    * value portion of the AVA and could cause trouble when parsing.
    */
   for (rdn = lastRdn; rdn >= rdns; rdn--) {
     rv = ProcessRDN(*rdn, finalString, nssComponent);
     if (NS_FAILED(rv))
       return rv;
   }
-  *value = ToNewUnicode(finalString);    
+  *value = ToNewUnicode(finalString);
   return NS_OK;
 }
 
 static nsresult
-ProcessIA5String(const SECItem& extData, /*in/out*/ nsAString& text)
+ProcessIA5String(const SECItem& extData,
+                 /*in/out*/ nsAString& text)
 {
   ScopedAutoSECItem item;
-  if (SEC_ASN1DecodeItem(nullptr, &item, SEC_ASN1_GET(SEC_IA5StringTemplate),
-                         &extData) != SECSuccess) {
+  if (SEC_ASN1DecodeItem(
+        nullptr, &item, SEC_ASN1_GET(SEC_IA5StringTemplate), &extData) !=
+      SECSuccess) {
     return NS_ERROR_FAILURE;
   }
 
   text.AppendASCII(BitwiseCast<char*, unsigned char*>(item.data),
                    AssertedCast<uint32_t>(item.len));
   return NS_OK;
 }
 
 static nsresult
-AppendBMPtoUTF16(const UniquePLArenaPool& arena, unsigned char* data,
-                 unsigned int len, nsAString& text)
+AppendBMPtoUTF16(const UniquePLArenaPool& arena,
+                 unsigned char* data,
+                 unsigned int len,
+                 nsAString& text)
 {
   if (len % 2 != 0) {
     return NS_ERROR_FAILURE;
   }
 
   /* XXX instead of converting to and from UTF-8, it would
      be sufficient to just swap bytes, or do nothing */
   unsigned int utf8ValLen = len * 3 + 1;
-  unsigned char* utf8Val = (unsigned char*)PORT_ArenaZAlloc(arena.get(),
-                                                            utf8ValLen);
-  if (!PORT_UCS2_UTF8Conversion(false, data, len, utf8Val, utf8ValLen,
-                                &utf8ValLen)) {
+  unsigned char* utf8Val =
+    (unsigned char*)PORT_ArenaZAlloc(arena.get(), utf8ValLen);
+  if (!PORT_UCS2_UTF8Conversion(
+        false, data, len, utf8Val, utf8ValLen, &utf8ValLen)) {
     return NS_ERROR_FAILURE;
   }
   AppendUTF8toUTF16((char*)utf8Val, text);
   return NS_OK;
 }
 
 static nsresult
 ProcessBMPString(SECItem* extData, nsAString& text)
 {
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   SECItem item;
-  if (SEC_ASN1DecodeItem(arena.get(), &item, SEC_ASN1_GET(SEC_BMPStringTemplate),
-                         extData) != SECSuccess) {
+  if (SEC_ASN1DecodeItem(
+        arena.get(), &item, SEC_ASN1_GET(SEC_BMPStringTemplate), extData) !=
+      SECSuccess) {
     return NS_ERROR_FAILURE;
   }
 
   return AppendBMPtoUTF16(arena, item.data, item.len, text);
 }
 
 static nsresult
-ProcessGeneralName(const UniquePLArenaPool& arena, CERTGeneralName* current,
-                   nsAString& text, nsINSSComponent* nssComponent)
+ProcessGeneralName(const UniquePLArenaPool& arena,
+                   CERTGeneralName* current,
+                   nsAString& text,
+                   nsINSSComponent* nssComponent)
 {
   NS_ENSURE_ARG_POINTER(current);
 
   nsAutoString key;
   nsXPIDLString value;
   nsresult rv = NS_OK;
 
   switch (current->type) {
-  case certOtherName: {
-    SECOidTag oidTag = SECOID_FindOIDTag(&current->name.OthName.oid);
-    if (oidTag == SEC_OID(MS_NT_PRINCIPAL_NAME)) {
-	/* The type of this name is apparently nowhere explicitly
-	   documented. However, in the generated templates, it is always
-	   UTF-8. So try to decode this as UTF-8; if that fails, dump the
-	   raw data. */
-	SECItem decoded;
-	nssComponent->GetPIPNSSBundleString("CertDumpMSNTPrincipal", key);
-        if (SEC_ASN1DecodeItem(arena.get(), &decoded,
-			       SEC_ASN1_GET(SEC_UTF8StringTemplate), 
-			       &current->name.OthName.name) == SECSuccess) {
-	  AppendUTF8toUTF16(nsAutoCString((char*)decoded.data, decoded.len),
-			    value);
-	} else {
-	  ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
-	}
-	break;
-    } else if (oidTag == SEC_OID(MS_NTDS_REPLICATION)) {
-	/* This should be a 16-byte GUID */
-	SECItem guid;
-	nssComponent->GetPIPNSSBundleString("CertDumpMSDomainGUID", key);
-        if (SEC_ASN1DecodeItem(arena.get(), &guid,
-			       SEC_ASN1_GET(SEC_OctetStringTemplate),
-			       &current->name.OthName.name) == SECSuccess
-	    && guid.len == 16) {
-	  char buf[40];
-	  unsigned char *d = guid.data;
+    case certOtherName: {
+      SECOidTag oidTag = SECOID_FindOIDTag(&current->name.OthName.oid);
+      if (oidTag == SEC_OID(MS_NT_PRINCIPAL_NAME)) {
+        /* The type of this name is apparently nowhere explicitly
+         documented. However, in the generated templates, it is always
+         UTF-8. So try to decode this as UTF-8; if that fails, dump the
+         raw data. */
+        SECItem decoded;
+        nssComponent->GetPIPNSSBundleString("CertDumpMSNTPrincipal", key);
+        if (SEC_ASN1DecodeItem(arena.get(),
+                               &decoded,
+                               SEC_ASN1_GET(SEC_UTF8StringTemplate),
+                               &current->name.OthName.name) == SECSuccess) {
+          AppendUTF8toUTF16(nsAutoCString((char*)decoded.data, decoded.len),
+                            value);
+        } else {
+          ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
+        }
+        break;
+      } else if (oidTag == SEC_OID(MS_NTDS_REPLICATION)) {
+        /* This should be a 16-byte GUID */
+        SECItem guid;
+        nssComponent->GetPIPNSSBundleString("CertDumpMSDomainGUID", key);
+        if (SEC_ASN1DecodeItem(arena.get(),
+                               &guid,
+                               SEC_ASN1_GET(SEC_OctetStringTemplate),
+                               &current->name.OthName.name) == SECSuccess &&
+            guid.len == 16) {
+          char buf[40];
+          unsigned char* d = guid.data;
           SprintfLiteral(buf,
-            "{%.2x%.2x%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x%.2x%.2x%.2x%.2x}",
-            d[3], d[2], d[1], d[0], d[5], d[4], d[7], d[6],
-            d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
-	  value.AssignASCII(buf);
-	} else {
-	  ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
-	}
-    } else {
-      rv = GetDefaultOIDFormat(&current->name.OthName.oid, nssComponent, key, ' ');
+                         "{%.2x%.2x%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%.2x-%.2x%"
+                         ".2x%.2x%.2x%.2x%.2x}",
+                         d[3],
+                         d[2],
+                         d[1],
+                         d[0],
+                         d[5],
+                         d[4],
+                         d[7],
+                         d[6],
+                         d[8],
+                         d[9],
+                         d[10],
+                         d[11],
+                         d[12],
+                         d[13],
+                         d[14],
+                         d[15]);
+          value.AssignASCII(buf);
+        } else {
+          ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
+        }
+      } else {
+        rv = GetDefaultOIDFormat(
+          &current->name.OthName.oid, nssComponent, key, ' ');
+        if (NS_FAILED(rv)) {
+          return rv;
+        }
+        ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
+      }
+      break;
+    }
+    case certRFC822Name:
+      nssComponent->GetPIPNSSBundleString("CertDumpRFC822Name", key);
+      value.AssignASCII((char*)current->name.other.data,
+                        current->name.other.len);
+      break;
+    case certDNSName:
+      nssComponent->GetPIPNSSBundleString("CertDumpDNSName", key);
+      value.AssignASCII((char*)current->name.other.data,
+                        current->name.other.len);
+      break;
+    case certX400Address:
+      nssComponent->GetPIPNSSBundleString("CertDumpX400Address", key);
+      ProcessRawBytes(nssComponent, &current->name.other, value);
+      break;
+    case certDirectoryName:
+      nssComponent->GetPIPNSSBundleString("CertDumpDirectoryName", key);
+      rv = ProcessName(
+        &current->name.directoryName, nssComponent, getter_Copies(value));
       if (NS_FAILED(rv)) {
         return rv;
       }
-      ProcessRawBytes(nssComponent, &current->name.OthName.name, value);
-    }
-    break;
-  }
-  case certRFC822Name:
-    nssComponent->GetPIPNSSBundleString("CertDumpRFC822Name", key);
-    value.AssignASCII((char*)current->name.other.data, current->name.other.len);
-    break;
-  case certDNSName:
-    nssComponent->GetPIPNSSBundleString("CertDumpDNSName", key);
-    value.AssignASCII((char*)current->name.other.data, current->name.other.len);
-    break;
-  case certX400Address:
-    nssComponent->GetPIPNSSBundleString("CertDumpX400Address", key);
-    ProcessRawBytes(nssComponent, &current->name.other, value);
-    break;
-  case certDirectoryName:
-    nssComponent->GetPIPNSSBundleString("CertDumpDirectoryName", key);
-    rv = ProcessName(&current->name.directoryName, nssComponent, 
-		     getter_Copies(value));
-    if (NS_FAILED(rv)) {
-      return rv;
-    }
-    break;
-  case certEDIPartyName:
-    nssComponent->GetPIPNSSBundleString("CertDumpEDIPartyName", key);
-    ProcessRawBytes(nssComponent, &current->name.other, value);
-    break;
-  case certURI:
-    nssComponent->GetPIPNSSBundleString("CertDumpURI", key);
-    value.AssignASCII((char*)current->name.other.data, current->name.other.len);
-    break;
-  case certIPAddress:
-    {
+      break;
+    case certEDIPartyName:
+      nssComponent->GetPIPNSSBundleString("CertDumpEDIPartyName", key);
+      ProcessRawBytes(nssComponent, &current->name.other, value);
+      break;
+    case certURI:
+      nssComponent->GetPIPNSSBundleString("CertDumpURI", key);
+      value.AssignASCII((char*)current->name.other.data,
+                        current->name.other.len);
+      break;
+    case certIPAddress: {
       char buf[INET6_ADDRSTRLEN];
       PRStatus status = PR_FAILURE;
       PRNetAddr addr;
       memset(&addr, 0, sizeof(addr));
       nssComponent->GetPIPNSSBundleString("CertDumpIPAddress", key);
       if (current->name.other.len == 4) {
         addr.inet.family = PR_AF_INET;
-        memcpy(&addr.inet.ip, current->name.other.data, current->name.other.len);
+        memcpy(
+          &addr.inet.ip, current->name.other.data, current->name.other.len);
         status = PR_NetAddrToString(&addr, buf, sizeof(buf));
       } else if (current->name.other.len == 16) {
         addr.ipv6.family = PR_AF_INET6;
-        memcpy(&addr.ipv6.ip, current->name.other.data, current->name.other.len);
+        memcpy(
+          &addr.ipv6.ip, current->name.other.data, current->name.other.len);
         status = PR_NetAddrToString(&addr, buf, sizeof(buf));
       }
       if (status == PR_SUCCESS) {
         value.AssignASCII(buf);
       } else {
         /* invalid IP address */
         ProcessRawBytes(nssComponent, &current->name.other, value);
       }
       break;
     }
-  case certRegisterID:
-    nssComponent->GetPIPNSSBundleString("CertDumpRegisterID", key);
-    rv = GetDefaultOIDFormat(&current->name.other, nssComponent, value, '.');
-    if (NS_FAILED(rv)) {
-      return rv;
-    }
-    break;
+    case certRegisterID:
+      nssComponent->GetPIPNSSBundleString("CertDumpRegisterID", key);
+      rv = GetDefaultOIDFormat(&current->name.other, nssComponent, value, '.');
+      if (NS_FAILED(rv)) {
+        return rv;
+      }
+      break;
   }
   text.Append(key);
   text.AppendLiteral(": ");
   text.Append(value);
   text.AppendLiteral(SEPARATOR);
 
   return rv;
 }
 
 static nsresult
-ProcessGeneralNames(const UniquePLArenaPool& arena, CERTGeneralName* nameList,
-                    nsAString& text, nsINSSComponent* nssComponent)
+ProcessGeneralNames(const UniquePLArenaPool& arena,
+                    CERTGeneralName* nameList,
+                    nsAString& text,
+                    nsINSSComponent* nssComponent)
 {
   CERTGeneralName* current = nameList;
   nsresult rv;
 
   do {
     rv = ProcessGeneralName(arena, current, text, nssComponent);
     if (NS_FAILED(rv)) {
       break;
@@ -1086,46 +1130,47 @@ ProcessAltName(SECItem* extData, nsAStri
   if (!nameList) {
     return NS_OK;
   }
 
   return ProcessGeneralNames(arena, nameList, text, nssComponent);
 }
 
 static nsresult
-ProcessSubjectKeyId(SECItem  *extData, 
-		    nsAString &text,
-		    nsINSSComponent *nssComponent)
+ProcessSubjectKeyId(SECItem* extData,
+                    nsAString& text,
+                    nsINSSComponent* nssComponent)
 {
   SECItem decoded;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
-  if (SEC_QuickDERDecodeItem(arena.get(), &decoded,
-			     SEC_ASN1_GET(SEC_OctetStringTemplate), 
-			     extData) != SECSuccess) {
+  if (SEC_QuickDERDecodeItem(arena.get(),
+                             &decoded,
+                             SEC_ASN1_GET(SEC_OctetStringTemplate),
+                             extData) != SECSuccess) {
     return NS_ERROR_FAILURE;
   }
 
   nssComponent->GetPIPNSSBundleString("CertDumpKeyID", local);
   text.Append(local);
   text.AppendLiteral(": ");
   ProcessRawBytes(nssComponent, &decoded, text);
 
   return NS_OK;
 }
 
 static nsresult
-ProcessAuthKeyId(SECItem  *extData, 
-		 nsAString &text,
-		 nsINSSComponent *nssComponent)
+ProcessAuthKeyId(SECItem* extData,
+                 nsAString& text,
+                 nsINSSComponent* nssComponent)
 {
   nsresult rv = NS_OK;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
@@ -1159,45 +1204,48 @@ ProcessAuthKeyId(SECItem  *extData,
     text.AppendLiteral(": ");
     ProcessRawBytes(nssComponent, &ret->authCertSerialNumber, text);
   }
 
   return rv;
 }
 
 static nsresult
-ProcessUserNotice(SECItem* derNotice, nsAString& text,
+ProcessUserNotice(SECItem* derNotice,
+                  nsAString& text,
                   nsINSSComponent* nssComponent)
 {
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
   UniqueCERTUserNotice notice(CERT_DecodeUserNotice(derNotice));
   if (!notice) {
     ProcessRawBytes(nssComponent, derNotice, text);
     return NS_OK;
   }
 
   if (notice->noticeReference.organization.len != 0) {
     switch (notice->noticeReference.organization.type) {
-    case siAsciiString:
-    case siVisibleString:
-    case siUTF8String:
-      text.Append(NS_ConvertUTF8toUTF16(
-                  (const char *)notice->noticeReference.organization.data,
-                  notice->noticeReference.organization.len));
-      break;
-    case siBMPString:
-      AppendBMPtoUTF16(arena, notice->noticeReference.organization.data,
-                       notice->noticeReference.organization.len, text);
-      break;
-    default:
-      break;
+      case siAsciiString:
+      case siVisibleString:
+      case siUTF8String:
+        text.Append(NS_ConvertUTF8toUTF16(
+          (const char*)notice->noticeReference.organization.data,
+          notice->noticeReference.organization.len));
+        break;
+      case siBMPString:
+        AppendBMPtoUTF16(arena,
+                         notice->noticeReference.organization.data,
+                         notice->noticeReference.organization.len,
+                         text);
+        break;
+      default:
+        break;
     }
     text.AppendLiteral(" - ");
     SECItem** itemList = notice->noticeReference.noticeNumbers;
     while (*itemList) {
       unsigned long number;
       char buffer[60];
       if (SEC_ASN1DecodeInteger(*itemList, &number) == SECSuccess) {
         SprintfLiteral(buffer, "#%lu", number);
@@ -1207,111 +1255,113 @@ ProcessUserNotice(SECItem* derNotice, ns
       }
       itemList++;
     }
   }
   if (notice->displayText.len != 0) {
     text.AppendLiteral(SEPARATOR);
     text.AppendLiteral("    ");
     switch (notice->displayText.type) {
-    case siAsciiString:
-    case siVisibleString:
-    case siUTF8String:
-      text.Append(NS_ConvertUTF8toUTF16((const char *)notice->displayText.data,
-                                        notice->displayText.len));
-      break;
-    case siBMPString:
-      AppendBMPtoUTF16(arena, notice->displayText.data, notice->displayText.len,
-		       text);
-      break;
-    default:
-      break;
+      case siAsciiString:
+      case siVisibleString:
+      case siUTF8String:
+        text.Append(NS_ConvertUTF8toUTF16((const char*)notice->displayText.data,
+                                          notice->displayText.len));
+        break;
+      case siBMPString:
+        AppendBMPtoUTF16(
+          arena, notice->displayText.data, notice->displayText.len, text);
+        break;
+      default:
+        break;
     }
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessCertificatePolicies(SECItem  *extData, 
-			   nsAString &text,
-			   nsINSSComponent *nssComponent)
+ProcessCertificatePolicies(SECItem* extData,
+                           nsAString& text,
+                           nsINSSComponent* nssComponent)
 {
   CERTPolicyInfo **policyInfos, *policyInfo;
   CERTPolicyQualifier **policyQualifiers, *policyQualifier;
   nsAutoString local;
   nsresult rv = NS_OK;
 
   UniqueCERTCertificatePolicies policies(
     CERT_DecodeCertificatePoliciesExtension(extData));
   if (!policies) {
     return NS_ERROR_FAILURE;
   }
 
   policyInfos = policies->policyInfos;
   while (*policyInfos) {
     policyInfo = *policyInfos++;
     switch (policyInfo->oid) {
-    case SEC_OID_VERISIGN_USER_NOTICES:
-      nssComponent->GetPIPNSSBundleString("CertDumpVerisignNotices", local);
-      text.Append(local);
-      break;
-    default:
-      GetDefaultOIDFormat(&policyInfo->policyID, nssComponent, local, '.');
-      text.Append(local);
+      case SEC_OID_VERISIGN_USER_NOTICES:
+        nssComponent->GetPIPNSSBundleString("CertDumpVerisignNotices", local);
+        text.Append(local);
+        break;
+      default:
+        GetDefaultOIDFormat(&policyInfo->policyID, nssComponent, local, '.');
+        text.Append(local);
     }
 
     if (policyInfo->policyQualifiers) {
       /* Add all qualifiers on separate lines, indented */
       policyQualifiers = policyInfo->policyQualifiers;
       text.Append(':');
       text.AppendLiteral(SEPARATOR);
       while (*policyQualifiers) {
-	text.AppendLiteral("  ");
-	policyQualifier = *policyQualifiers++;
-	switch(policyQualifier->oid) {
-	case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
-	  nssComponent->GetPIPNSSBundleString("CertDumpCPSPointer", local);
-	  text.Append(local);
-	  text.Append(':');
-	  text.AppendLiteral(SEPARATOR);
-	  text.AppendLiteral("    ");
-	  /* The CPS pointer ought to be the cPSuri alternative
-	     of the Qualifier choice. */
-          rv = ProcessIA5String(policyQualifier->qualifierValue, text);
-          if (NS_FAILED(rv)) {
-            return rv;
-          }
-	  break;
-	case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
-	  nssComponent->GetPIPNSSBundleString("CertDumpUserNotice", local);
-	  text.Append(local);
-	  text.AppendLiteral(": ");
-	  rv = ProcessUserNotice(&policyQualifier->qualifierValue,
-				 text, nssComponent);
-	  break;
-	default:
-	  GetDefaultOIDFormat(&policyQualifier->qualifierID, nssComponent, local, '.');
-	  text.Append(local);
-	  text.AppendLiteral(": ");
-	  ProcessRawBytes(nssComponent, &policyQualifier->qualifierValue, text);
-	}
-	text.AppendLiteral(SEPARATOR);
+        text.AppendLiteral("  ");
+        policyQualifier = *policyQualifiers++;
+        switch (policyQualifier->oid) {
+          case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
+            nssComponent->GetPIPNSSBundleString("CertDumpCPSPointer", local);
+            text.Append(local);
+            text.Append(':');
+            text.AppendLiteral(SEPARATOR);
+            text.AppendLiteral("    ");
+            /* The CPS pointer ought to be the cPSuri alternative
+             of the Qualifier choice. */
+            rv = ProcessIA5String(policyQualifier->qualifierValue, text);
+            if (NS_FAILED(rv)) {
+              return rv;
+            }
+            break;
+          case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
+            nssComponent->GetPIPNSSBundleString("CertDumpUserNotice", local);
+            text.Append(local);
+            text.AppendLiteral(": ");
+            rv = ProcessUserNotice(
+              &policyQualifier->qualifierValue, text, nssComponent);
+            break;
+          default:
+            GetDefaultOIDFormat(
+              &policyQualifier->qualifierID, nssComponent, local, '.');
+            text.Append(local);
+            text.AppendLiteral(": ");
+            ProcessRawBytes(
+              nssComponent, &policyQualifier->qualifierValue, text);
+        }
+        text.AppendLiteral(SEPARATOR);
       } /* while policyQualifiers */
-    } /* if policyQualifiers */
+    }   /* if policyQualifiers */
     text.AppendLiteral(SEPARATOR);
   }
 
   return rv;
 }
 
 static nsresult
-ProcessCrlDistPoints(SECItem  *extData, 
-		     nsAString &text,
-		     nsINSSComponent *nssComponent)
+ProcessCrlDistPoints(SECItem* extData,
+                     nsAString& text,
+                     nsINSSComponent* nssComponent)
 {
   nsresult rv = NS_OK;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
@@ -1320,149 +1370,155 @@ ProcessCrlDistPoints(SECItem  *extData,
     CERT_DecodeCRLDistributionPoints(arena.get(), extData);
   if (!crldp || !crldp->distPoints) {
     return NS_ERROR_FAILURE;
   }
 
   for (CRLDistributionPoint** points = crldp->distPoints; *points; points++) {
     CRLDistributionPoint* point = *points;
     switch (point->distPointType) {
-    case generalName:
-      rv = ProcessGeneralName(arena, point->distPoint.fullName,
-			      text, nssComponent);
-      if (NS_FAILED(rv)) {
-        return rv;
-      }
-      break;
-    case relativeDistinguishedName:
-      rv = ProcessRDN(&point->distPoint.relativeName, 
-		      text, nssComponent);
-      if (NS_FAILED(rv)) {
-        return rv;
-      }
-      break;
+      case generalName:
+        rv = ProcessGeneralName(
+          arena, point->distPoint.fullName, text, nssComponent);
+        if (NS_FAILED(rv)) {
+          return rv;
+        }
+        break;
+      case relativeDistinguishedName:
+        rv = ProcessRDN(&point->distPoint.relativeName, text, nssComponent);
+        if (NS_FAILED(rv)) {
+          return rv;
+        }
+        break;
     }
-    if (point->reasons.len) { 
+    if (point->reasons.len) {
       int reasons = point->reasons.data[0];
       text.Append(' ');
       bool comma = false;
       if (reasons & RF_UNUSED) {
-	nssComponent->GetPIPNSSBundleString("CertDumpUnused", local);
+        nssComponent->GetPIPNSSBundleString("CertDumpUnused", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_KEY_COMPROMISE) {
-	if (comma) text.AppendLiteral(", ");
-	nssComponent->GetPIPNSSBundleString("CertDumpKeyCompromise", local);
+        if (comma)
+          text.AppendLiteral(", ");
+        nssComponent->GetPIPNSSBundleString("CertDumpKeyCompromise", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_CA_COMPROMISE) {
-	if (comma) text.AppendLiteral(", ");
-	nssComponent->GetPIPNSSBundleString("CertDumpCACompromise", local);
+        if (comma)
+          text.AppendLiteral(", ");
+        nssComponent->GetPIPNSSBundleString("CertDumpCACompromise", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_AFFILIATION_CHANGED) {
-	if (comma) text.AppendLiteral(", ");
-	nssComponent->GetPIPNSSBundleString("CertDumpAffiliationChanged", local);
+        if (comma)
+          text.AppendLiteral(", ");
+        nssComponent->GetPIPNSSBundleString("CertDumpAffiliationChanged",
+                                            local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_SUPERSEDED) {
-	if (comma) text.AppendLiteral(", ");
-	nssComponent->GetPIPNSSBundleString("CertDumpSuperseded", local);
+        if (comma)
+          text.AppendLiteral(", ");
+        nssComponent->GetPIPNSSBundleString("CertDumpSuperseded", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_CESSATION_OF_OPERATION) {
-	if (comma) text.AppendLiteral(", ");
-	nssComponent->GetPIPNSSBundleString("CertDumpCessation", local);
+        if (comma)
+          text.AppendLiteral(", ");
+        nssComponent->GetPIPNSSBundleString("CertDumpCessation", local);
         text.Append(local);
         comma = true;
       }
       if (reasons & RF_CERTIFICATE_HOLD) {
-	if (comma) text.AppendLiteral(", ");
-	nssComponent->GetPIPNSSBundleString("CertDumpHold", local);
+        if (comma)
+          text.AppendLiteral(", ");
+        nssComponent->GetPIPNSSBundleString("CertDumpHold", local);
         text.Append(local);
         comma = true;
       }
       text.AppendLiteral(SEPARATOR);
     }
     if (point->crlIssuer) {
       nssComponent->GetPIPNSSBundleString("CertDumpIssuer", local);
       text.Append(local);
       text.AppendLiteral(": ");
-      rv = ProcessGeneralNames(arena, point->crlIssuer,
-			       text, nssComponent);
+      rv = ProcessGeneralNames(arena, point->crlIssuer, text, nssComponent);
       if (NS_FAILED(rv)) {
         return rv;
       }
     }
   }
 
   return NS_OK;
 }
 
 static nsresult
-ProcessAuthInfoAccess(SECItem  *extData, 
-		      nsAString &text,
-		      nsINSSComponent *nssComponent)
+ProcessAuthInfoAccess(SECItem* extData,
+                      nsAString& text,
+                      nsINSSComponent* nssComponent)
 {
   nsresult rv = NS_OK;
   nsAutoString local;
 
   UniquePLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   if (!arena) {
     return NS_ERROR_OUT_OF_MEMORY;
   }
 
-  CERTAuthInfoAccess** aia = CERT_DecodeAuthInfoAccessExtension(arena.get(),
-                                                                extData);
+  CERTAuthInfoAccess** aia =
+    CERT_DecodeAuthInfoAccessExtension(arena.get(), extData);
   if (!aia) {
     return NS_OK;
   }
 
   while (*aia) {
     CERTAuthInfoAccess* desc = *aia++;
     switch (SECOID_FindOIDTag(&desc->method)) {
-    case SEC_OID_PKIX_OCSP:
-      nssComponent->GetPIPNSSBundleString("CertDumpOCSPResponder", local);
-      break;
-    case SEC_OID_PKIX_CA_ISSUERS:
-      nssComponent->GetPIPNSSBundleString("CertDumpCAIssuers", local);
-      break;
-    default:
-      rv = GetDefaultOIDFormat(&desc->method, nssComponent, local, '.');
-      if (NS_FAILED(rv)) {
-        return rv;
-      }
+      case SEC_OID_PKIX_OCSP:
+        nssComponent->GetPIPNSSBundleString("CertDumpOCSPResponder", local);
+        break;
+      case SEC_OID_PKIX_CA_ISSUERS:
+        nssComponent->GetPIPNSSBundleString("CertDumpCAIssuers", local);
+        break;
+      default:
+        rv = GetDefaultOIDFormat(&desc->method, nssComponent, local, '.');
+        if (NS_FAILED(rv)) {
+          return rv;
+        }
     }
     text.Append(local);
     text.AppendLiteral(": ");
     rv = ProcessGeneralName(arena, desc->location, text, nssComponent);
     if (NS_FAILED(rv)) {
       return rv;
     }
   }
 
   return rv;
 }
 
 static nsresult
-ProcessMSCAVersion(SECItem  *extData, 
-		   nsAString &text,
-		   nsINSSComponent *nssComponent)
+ProcessMSCAVersion(SECItem* extData,
+                   nsAString& text,
+                   nsINSSComponent* nssComponent)
 {
   MOZ_ASSERT(extData);
   NS_ENSURE_ARG(extData);
 
   ScopedAutoSECItem decoded;
-  if (SEC_ASN1DecodeItem(nullptr, &decoded, SEC_ASN1_GET(SEC_IntegerTemplate),
-                         extData) != SECSuccess) {
+  if (SEC_ASN1DecodeItem(
+        nullptr, &decoded, SEC_ASN1_GET(SEC_IntegerTemplate), extData) !=
+      SECSuccess) {
     /* This extension used to be an Integer when this code
        was written, but apparently isn't anymore. Display
        the raw bytes instead. */
     return ProcessRawBytes(nssComponent, extData, text);
   }
 
   unsigned long version;
   if (SEC_ASN1DecodeInteger(&decoded, &version) != SECSuccess) {
@@ -1476,113 +1532,115 @@ ProcessMSCAVersion(SECItem  *extData,
     return NS_ERROR_FAILURE;
   }
 
   text.AppendASCII(buf);
   return NS_OK;
 }
 
 static nsresult
-ProcessExtensionData(SECOidTag oidTag, SECItem *extData, 
-                     nsAString &text, 
-                     nsINSSComponent *nssComponent)
+ProcessExtensionData(SECOidTag oidTag,
+                     SECItem* extData,
+                     nsAString& text,
+                     nsINSSComponent* nssComponent)
 {
   nsresult rv;
   switch (oidTag) {
-  case SEC_OID_X509_KEY_USAGE:
-    rv = ProcessKeyUsageExtension(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_BASIC_CONSTRAINTS:
-    rv = ProcessBasicConstraints(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_EXT_KEY_USAGE:
-    rv = ProcessExtKeyUsage(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_ISSUER_ALT_NAME:
-  case SEC_OID_X509_SUBJECT_ALT_NAME:
-    rv = ProcessAltName(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_SUBJECT_KEY_ID:
-    rv = ProcessSubjectKeyId(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_AUTH_KEY_ID:
-    rv = ProcessAuthKeyId(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_CERTIFICATE_POLICIES:
-    rv = ProcessCertificatePolicies(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_CRL_DIST_POINTS:
-    rv = ProcessCrlDistPoints(extData, text, nssComponent);
-    break;
-  case SEC_OID_X509_AUTH_INFO_ACCESS:
-    rv = ProcessAuthInfoAccess(extData, text, nssComponent);
-    break;
-  default:
-    if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
-      rv = ProcessBMPString(extData, text);
+    case SEC_OID_X509_KEY_USAGE:
+      rv = ProcessKeyUsageExtension(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_BASIC_CONSTRAINTS:
+      rv = ProcessBasicConstraints(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_EXT_KEY_USAGE:
+      rv = ProcessExtKeyUsage(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_ISSUER_ALT_NAME:
+    case SEC_OID_X509_SUBJECT_ALT_NAME:
+      rv = ProcessAltName(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_SUBJECT_KEY_ID:
+      rv = ProcessSubjectKeyId(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_AUTH_KEY_ID:
+      rv = ProcessAuthKeyId(extData, text, nssComponent);
       break;
-    }
-    if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
-      rv = ProcessMSCAVersion(extData, text, nssComponent);
+    case SEC_OID_X509_CERTIFICATE_POLICIES:
+      rv = ProcessCertificatePolicies(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_CRL_DIST_POINTS:
+      rv = ProcessCrlDistPoints(extData, text, nssComponent);
+      break;
+    case SEC_OID_X509_AUTH_INFO_ACCESS:
+      rv = ProcessAuthInfoAccess(extData, text, nssComponent);
       break;
-    }
-    rv = ProcessRawBytes(nssComponent, extData, text);
-    break; 
+    default:
+      if (oidTag == SEC_OID(MS_CERT_EXT_CERTTYPE)) {
+        rv = ProcessBMPString(extData, text);
+        break;
+      }
+      if (oidTag == SEC_OID(MS_CERTSERV_CA_VERSION)) {
+        rv = ProcessMSCAVersion(extData, text, nssComponent);
+        break;
+      }
+      rv = ProcessRawBytes(nssComponent, extData, text);
+      break;
   }
   return rv;
 }
 
 static nsresult
-ProcessSingleExtension(CERTCertExtension *extension,
-                       nsINSSComponent *nssComponent,
-                       nsIASN1PrintableItem **retExtension)
+ProcessSingleExtension(CERTCertExtension* extension,
+                       nsINSSComponent* nssComponent,
+                       nsIASN1PrintableItem** retExtension)
 {
   nsAutoString text, extvalue;
   GetOIDText(&extension->id, nssComponent, text);
-  nsCOMPtr<nsIASN1PrintableItem>extensionItem = new nsNSSASN1PrintableItem();
+  nsCOMPtr<nsIASN1PrintableItem> extensionItem = new nsNSSASN1PrintableItem();
 
   extensionItem->SetDisplayName(text);
   SECOidTag oidTag = SECOID_FindOIDTag(&extension->id);
   text.Truncate();
   if (extension->critical.data) {
     if (extension->critical.data[0]) {
       nssComponent->GetPIPNSSBundleString("CertDumpCritical", text);
     } else {
       nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
     }
   } else {
     nssComponent->GetPIPNSSBundleString("CertDumpNonCritical", text);
   }
   text.AppendLiteral(SEPARATOR);
-  nsresult rv = ProcessExtensionData(oidTag, &extension->value, extvalue, 
-                                     nssComponent);
+  nsresult rv =
+    ProcessExtensionData(oidTag, &extension->value, extvalue, nssComponent);
   if (NS_FAILED(rv)) {
     extvalue.Truncate();
     rv = ProcessRawBytes(nssComponent, &extension->value, extvalue, false);
   }
   text.Append(extvalue);
 
   extensionItem->SetDisplayValue(text);
   extensionItem.forget(retExtension);
   return NS_OK;
 }
 
 static nsresult
-ProcessSECAlgorithmID(SECAlgorithmID *algID,
-                      nsINSSComponent *nssComponent,
-                      nsIASN1Sequence **retSequence)
+ProcessSECAlgorithmID(SECAlgorithmID* algID,
+                      nsINSSComponent* nssComponent,
+                      nsIASN1Sequence** retSequence)
 {
   SECOidTag algOIDTag = SECOID_FindOIDTag(&algID->algorithm);
   SECItem paramsOID = { siBuffer, nullptr, 0 };
   nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
 
   *retSequence = nullptr;
   nsString text;
   GetOIDText(&algID->algorithm, nssComponent, text);
-  if (!algID->parameters.len || algID->parameters.data[0] == nsIASN1Object::ASN1_NULL) {
+  if (!algID->parameters.len ||
+      algID->parameters.data[0] == nsIASN1Object::ASN1_NULL) {
     sequence->SetDisplayValue(text);
     sequence->SetIsValidContainer(false);
   } else {
     nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
 
     printableItem->SetDisplayValue(text);
     nsCOMPtr<nsIMutableArray> asn1Objects;
     sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
@@ -1591,192 +1649,189 @@ ProcessSECAlgorithmID(SECAlgorithmID *al
     printableItem->SetDisplayName(text);
 
     printableItem = new nsNSSASN1PrintableItem();
 
     asn1Objects->AppendElement(printableItem, false);
     nssComponent->GetPIPNSSBundleString("CertDumpParams", text);
     printableItem->SetDisplayName(text);
     if ((algOIDTag == SEC_OID_ANSIX962_EC_PUBLIC_KEY) &&
-        (algID->parameters.len > 2) && 
+        (algID->parameters.len > 2) &&
         (algID->parameters.data[0] == nsIASN1Object::ASN1_OBJECT_ID)) {
-       paramsOID.len = algID->parameters.len - 2;
-       paramsOID.data = algID->parameters.data + 2;
-       GetOIDText(&paramsOID, nssComponent, text);
+      paramsOID.len = algID->parameters.len - 2;
+      paramsOID.data = algID->parameters.data + 2;
+      GetOIDText(&paramsOID, nssComponent, text);
     } else {
-       ProcessRawBytes(nssComponent, &algID->parameters,text);
+      ProcessRawBytes(nssComponent, &algID->parameters, text);
     }
     printableItem->SetDisplayValue(text);
   }
   sequence.forget(retSequence);
   return NS_OK;
 }
 
 static nsresult
-ProcessTime(PRTime dispTime, const char16_t* displayName,
+ProcessTime(PRTime dispTime,
+            const char16_t* displayName,
             nsIASN1Sequence* parentSequence)
 {
   nsString text;
   nsString tempString;
 
   PRExplodedTime explodedTime;
   PR_ExplodeTime(dispTime, PR_LocalTimeParameters, &explodedTime);
 
-  DateTimeFormat::FormatPRExplodedTime(kDateFormatLong,
-                                       kTimeFormatSeconds, &explodedTime,
-                                       tempString);
+  DateTimeFormat::FormatPRExplodedTime(
+    kDateFormatLong, kTimeFormatSeconds, &explodedTime, tempString);
 
   text.Append(tempString);
   text.AppendLiteral("\n(");
 
   PRExplodedTime explodedTimeGMT;
   PR_ExplodeTime(dispTime, PR_GMTParameters, &explodedTimeGMT);
 
-  DateTimeFormat::FormatPRExplodedTime(kDateFormatLong,
-                                       kTimeFormatSeconds, &explodedTimeGMT,
-                                       tempString);
+  DateTimeFormat::FormatPRExplodedTime(
+    kDateFormatLong, kTimeFormatSeconds, &explodedTimeGMT, tempString);
 
   text.Append(tempString);
   text.AppendLiteral(" GMT)");
 
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
 
   printableItem->SetDisplayValue(text);
   printableItem->SetDisplayName(nsDependentString(displayName));
   nsCOMPtr<nsIMutableArray> asn1Objects;
   parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(printableItem, false);
   return NS_OK;
 }
 
 static nsresult
-ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki, 
-                            nsIASN1Sequence *parentSequence,
-                            nsINSSComponent *nssComponent)
+ProcessSubjectPublicKeyInfo(CERTSubjectPublicKeyInfo* spki,
+                            nsIASN1Sequence* parentSequence,
+                            nsINSSComponent* nssComponent)
 {
   nsCOMPtr<nsIASN1Sequence> spkiSequence = new nsNSSASN1Sequence();
 
   nsString text;
   nssComponent->GetPIPNSSBundleString("CertDumpSPKI", text);
   spkiSequence->SetDisplayName(text);
 
   nssComponent->GetPIPNSSBundleString("CertDumpSPKIAlg", text);
   nsCOMPtr<nsIASN1Sequence> sequenceItem;
-  nsresult rv = ProcessSECAlgorithmID(&spki->algorithm, nssComponent,
-                                      getter_AddRefs(sequenceItem));
+  nsresult rv = ProcessSECAlgorithmID(
+    &spki->algorithm, nssComponent, getter_AddRefs(sequenceItem));
   if (NS_FAILED(rv))
     return rv;
   sequenceItem->SetDisplayName(text);
   nsCOMPtr<nsIMutableArray> asn1Objects;
   spkiSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(sequenceItem, false);
 
   nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
 
   text.Truncate();
 
   UniqueSECKEYPublicKey key(SECKEY_ExtractPublicKey(spki));
   bool displayed = false;
   if (key) {
-      switch (key->keyType) {
+    switch (key->keyType) {
       case rsaKey: {
-         displayed = true;
-         nsAutoString length1, length2, data1, data2;
-         length1.AppendInt(key->u.rsa.modulus.len * 8);
-         length2.AppendInt(key->u.rsa.publicExponent.len * 8);
-         ProcessRawBytes(nssComponent, &key->u.rsa.modulus, data1, 
-                         false);
-         ProcessRawBytes(nssComponent, &key->u.rsa.publicExponent, data2,
-                         false);
-         const char16_t *params[4] = {length1.get(), data1.get(), 
-                                       length2.get(), data2.get()};
-         nssComponent->PIPBundleFormatStringFromName("CertDumpRSATemplate",
-                                                     params, 4, text);
-         break;
+        displayed = true;
+        nsAutoString length1, length2, data1, data2;
+        length1.AppendInt(key->u.rsa.modulus.len * 8);
+        length2.AppendInt(key->u.rsa.publicExponent.len * 8);
+        ProcessRawBytes(nssComponent, &key->u.rsa.modulus, data1, false);
+        ProcessRawBytes(nssComponent, &key->u.rsa.publicExponent, data2, false);
+        const char16_t* params[4] = {
+          length1.get(), data1.get(), length2.get(), data2.get()
+        };
+        nssComponent->PIPBundleFormatStringFromName(
+          "CertDumpRSATemplate", params, 4, text);
+        break;
       }
       case ecKey: {
         displayed = true;
-        SECKEYECPublicKey &ecpk = key->u.ec;
-        int fieldSizeLenAsBits = 
-              SECKEY_ECParamsToKeySize(&ecpk.DEREncodedParams);
-        int basePointOrderLenAsBits = 
-              SECKEY_ECParamsToBasePointOrderLen(&ecpk.DEREncodedParams);
+        SECKEYECPublicKey& ecpk = key->u.ec;
+        int fieldSizeLenAsBits =
+          SECKEY_ECParamsToKeySize(&ecpk.DEREncodedParams);
+        int basePointOrderLenAsBits =
+          SECKEY_ECParamsToBasePointOrderLen(&ecpk.DEREncodedParams);
         nsAutoString s_fsl, s_bpol, s_pv;
         s_fsl.AppendInt(fieldSizeLenAsBits);
         s_bpol.AppendInt(basePointOrderLenAsBits);
 
         if (ecpk.publicValue.len > 4) {
           ProcessRawBytes(nssComponent, &ecpk.publicValue, s_pv, false);
         } else {
           int i_pv = DER_GetInteger(&ecpk.publicValue);
           s_pv.AppendInt(i_pv);
         }
-        const char16_t *params[] = {s_fsl.get(), s_bpol.get(), s_pv.get()};
-        nssComponent->PIPBundleFormatStringFromName("CertDumpECTemplate",
-                                                    params, 3, text);
+        const char16_t* params[] = { s_fsl.get(), s_bpol.get(), s_pv.get() };
+        nssComponent->PIPBundleFormatStringFromName(
+          "CertDumpECTemplate", params, 3, text);
         break;
       }
       default:
-         /* Algorithm unknown, or too rarely used to bother displaying it */
-         break;
-      }
+        /* Algorithm unknown, or too rarely used to bother displaying it */
+        break;
+    }
   }
   if (!displayed) {
-      // Algorithm unknown, display raw bytes
-      // The subjectPublicKey field is encoded as a bit string.
-      // ProcessRawBytes expects the length to be in bytes, so 
-      // let's convert the lenght into a temporary SECItem.
-      SECItem data;
-      data.data = spki->subjectPublicKey.data;
-      data.len  = spki->subjectPublicKey.len / 8;
-      ProcessRawBytes(nssComponent, &data, text);
-  
+    // Algorithm unknown, display raw bytes
+    // The subjectPublicKey field is encoded as a bit string.
+    // ProcessRawBytes expects the length to be in bytes, so
+    // let's convert the lenght into a temporary SECItem.
+    SECItem data;
+    data.data = spki->subjectPublicKey.data;
+    data.len = spki->subjectPublicKey.len / 8;
+    ProcessRawBytes(nssComponent, &data, text);
   }
- 
+
   printableItem->SetDisplayValue(text);
   nssComponent->GetPIPNSSBundleString("CertDumpSubjPubKey", text);
   printableItem->SetDisplayName(text);
   asn1Objects->AppendElement(printableItem, false);
-  
+
   parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(spkiSequence, false);
   return NS_OK;
 }
 
 static nsresult
-ProcessExtensions(CERTCertExtension **extensions, 
-                  nsIASN1Sequence *parentSequence,
-                  nsINSSComponent *nssComponent)
+ProcessExtensions(CERTCertExtension** extensions,
+                  nsIASN1Sequence* parentSequence,
+                  nsINSSComponent* nssComponent)
 {
   nsCOMPtr<nsIASN1Sequence> extensionSequence = new nsNSSASN1Sequence;
 
   nsString text;
   nssComponent->GetPIPNSSBundleString("CertDumpExtensions", text);
   extensionSequence->SetDisplayName(text);
   int32_t i;
   nsresult rv;
   nsCOMPtr<nsIASN1PrintableItem> newExtension;
   nsCOMPtr<nsIMutableArray> asn1Objects;
   extensionSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
-  for (i=0; extensions[i] != nullptr; i++) {
-    rv = ProcessSingleExtension(extensions[i], 
-                                nssComponent,
-                                getter_AddRefs(newExtension));
+  for (i = 0; extensions[i] != nullptr; i++) {
+    rv = ProcessSingleExtension(
+      extensions[i], nssComponent, getter_AddRefs(newExtension));
     if (NS_FAILED(rv))
       return rv;
 
     asn1Objects->AppendElement(newExtension, false);
   }
   parentSequence->GetASN1Objects(getter_AddRefs(asn1Objects));
   asn1Objects->AppendElement(extensionSequence, false);
   return NS_OK;
 }
 
 static bool registered;
-static SECStatus RegisterDynamicOids()
+static SECStatus
+RegisterDynamicOids()
 {
   unsigned int i;
   SECStatus rv = SECSuccess;
 
   if (registered)
     return rv;
 
   for (i = 0; i < numOids; i++) {
@@ -1787,18 +1842,18 @@ static SECStatus RegisterDynamicOids()
     }
     more_oids[i].offset = tag;
   }
   registered = true;
   return rv;
 }
 
 nsresult
-nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence **retSequence,
-                                                 nsINSSComponent *nssComponent)
+nsNSSCertificate::CreateTBSCertificateASN1Struct(nsIASN1Sequence** retSequence,
+                                                 nsINSSComponent* nssComponent)
 {
   MOZ_ASSERT(nssComponent);
   NS_ENSURE_ARG(nssComponent);
 
   nsNSSShutDownPreventionLock locker;
   if (isAlreadyShutDown())
     return NS_ERROR_NOT_AVAILABLE;
 
@@ -1826,53 +1881,53 @@ nsNSSCertificate::CreateTBSCertificateAS
   // The code in this method will assert this is the structure we're dealing
   // and then add more user friendly text for that field.
   nsCOMPtr<nsIASN1Sequence> sequence = new nsNSSASN1Sequence();
 
   nsString text;
   nssComponent->GetPIPNSSBundleString("CertDumpCertificate", text);
   sequence->SetDisplayName(text);
   nsCOMPtr<nsIASN1PrintableItem> printableItem;
-  
+
   nsCOMPtr<nsIMutableArray> asn1Objects;
   sequence->GetASN1Objects(getter_AddRefs(asn1Objects));
 
-  nsresult rv = ProcessVersion(&mCert->version, nssComponent,
-                               getter_AddRefs(printableItem));
+  nsresult rv = ProcessVersion(
+    &mCert->version, nssComponent, getter_AddRefs(printableItem));
   if (NS_FAILED(rv))
     return rv;
 
   asn1Objects->AppendElement(printableItem, false);
 
-  rv = ProcessSerialNumberDER(mCert->serialNumber, WrapNotNull(nssComponent),
-                              printableItem);
+  rv = ProcessSerialNumberDER(
+    mCert->serialNumber, WrapNotNull(nssComponent), printableItem);
   if (NS_FAILED(rv))
     return rv;
   asn1Objects->AppendElement(printableItem, false);
 
   nsCOMPtr<nsIASN1Sequence> algID;
-  rv = ProcessSECAlgorithmID(&mCert->signature,
-                             nssComponent, getter_AddRefs(algID));
+  rv = ProcessSECAlgorithmID(
+    &mCert->signature, nssComponent, getter_AddRefs(algID));
   if (NS_FAILED(rv))
     return rv;
 
   nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
   algID->SetDisplayName(text);
   asn1Objects->AppendElement(algID, false);
 
   nsXPIDLString value;
   ProcessName(&mCert->issuer, nssComponent, getter_Copies(value));
 
   printableItem = new nsNSSASN1PrintableItem();
 
   printableItem->SetDisplayValue(value);
   nssComponent->GetPIPNSSBundleString("CertDumpIssuer", text);
   printableItem->SetDisplayName(text);
   asn1Objects->AppendElement(printableItem, false);
-  
+
   nsCOMPtr<nsIASN1Sequence> validitySequence = new nsNSSASN1Sequence();
   nssComponent->GetPIPNSSBundleString("CertDumpValidity", text);
   validitySequence->SetDisplayName(text);
   asn1Objects->AppendElement(validitySequence, false);
   nssComponent->GetPIPNSSBundleString("CertDumpNotBefore", text);
   nsCOMPtr<nsIX509CertValidity> validityData;
   GetValidity(getter_AddRefs(validityData));
   PRTime notBefore, notAfter;
@@ -1889,60 +1944,59 @@ nsNSSCertificate::CreateTBSCertificateAS
   if (NS_FAILED(rv))
     return rv;
 
   nssComponent->GetPIPNSSBundleString("CertDumpSubject", text);
 
   printableItem = new nsNSSASN1PrintableItem();
 
   printableItem->SetDisplayName(text);
-  ProcessName(&mCert->subject, nssComponent,getter_Copies(value));
+  ProcessName(&mCert->subject, nssComponent, getter_Copies(value));
   printableItem->SetDisplayValue(value);
   asn1Objects->AppendElement(printableItem, false);
 
-  rv = ProcessSubjectPublicKeyInfo(&mCert->subjectPublicKeyInfo, sequence,
-                                   nssComponent); 
+  rv = ProcessSubjectPublicKeyInfo(
+    &mCert->subjectPublicKeyInfo, sequence, nssComponent);
   if (NS_FAILED(rv))
     return rv;
- 
-  SECItem data; 
+
+  SECItem data;
   // Is there an issuerUniqueID?
   if (mCert->issuerID.data) {
     // The issuerID is encoded as a bit string.
     // The function ProcessRawBytes expects the
     // length to be in bytes, so let's convert the
     // length in a temporary SECItem
     data.data = mCert->issuerID.data;
-    data.len  = (mCert->issuerID.len + 7) / 8;
+    data.len = (mCert->issuerID.len + 7) / 8;
 
     ProcessRawBytes(nssComponent, &data, text);
     printableItem = new nsNSSASN1PrintableItem();
 
     printableItem->SetDisplayValue(text);
     nssComponent->GetPIPNSSBundleString("CertDumpIssuerUniqueID", text);
     printableItem->SetDisplayName(text);
     asn1Objects->AppendElement(printableItem, false);
   }
 
   if (mCert->subjectID.data) {
     // The subjectID is encoded as a bit string.
     // The function ProcessRawBytes expects the
     // length to be in bytes, so let's convert the
     // length in a temporary SECItem
     data.data = mCert->subjectID.data;
-    data.len  = (mCert->subjectID.len + 7) / 8;
+    data.len = (mCert->subjectID.len + 7) / 8;
 
     ProcessRawBytes(nssComponent, &data, text);
     printableItem = new nsNSSASN1PrintableItem();
 
     printableItem->SetDisplayValue(text);
     nssComponent->GetPIPNSSBundleString("CertDumpSubjectUniqueID", text);
     printableItem->SetDisplayName(text);
     asn1Objects->AppendElement(printableItem, false);
-
   }
   if (mCert->extensions) {
     rv = ProcessExtensions(mCert->extensions, sequence, nssComponent);
     if (NS_FAILED(rv))
       return rv;
   }
   sequence.forget(retSequence);
   return NS_OK;
@@ -1975,51 +2029,51 @@ nsNSSCertificate::CreateASN1Struct(nsIAS
   sequence.forget(aRetVal);
 
   // This sequence will be contain the tbsCertificate, signatureAlgorithm,
   // and signatureValue.
   nsCOMPtr<nsINSSComponent> nssComponent(do_GetService(kNSSComponentCID, &rv));
   if (NS_FAILED(rv))
     return rv;
 
-  rv = CreateTBSCertificateASN1Struct(getter_AddRefs(sequence),
-                                      nssComponent);
+  rv = CreateTBSCertificateASN1Struct(getter_AddRefs(sequence), nssComponent);
   if (NS_FAILED(rv))
     return rv;
 
   asn1Objects->AppendElement(sequence, false);
   nsCOMPtr<nsIASN1Sequence> algID;
 
-  rv = ProcessSECAlgorithmID(&mCert->signatureWrap.signatureAlgorithm, 
-                             nssComponent, getter_AddRefs(algID));
+  rv = ProcessSECAlgorithmID(&mCert->signatureWrap.signatureAlgorithm,
+                             nssComponent,
+                             getter_AddRefs(algID));
   if (NS_FAILED(rv))
     return rv;
   nsString text;
   nssComponent->GetPIPNSSBundleString("CertDumpSigAlg", text);
   algID->SetDisplayName(text);
   asn1Objects->AppendElement(algID, false);
-  nsCOMPtr<nsIASN1PrintableItem>printableItem = new nsNSSASN1PrintableItem();
+  nsCOMPtr<nsIASN1PrintableItem> printableItem = new nsNSSASN1PrintableItem();
   nssComponent->GetPIPNSSBundleString("CertDumpCertSig", text);
   printableItem->SetDisplayName(text);
   // The signatureWrap is encoded as a bit string.
   // The function ProcessRawBytes expects the
   // length to be in bytes, so let's convert the
   // length in a temporary SECItem
   SECItem temp;
   temp.data = mCert->signatureWrap.signature.data;
-  temp.len  = mCert->signatureWrap.signature.len / 8;
+  temp.len = mCert->signatureWrap.signature.len / 8;
   text.Truncate();
-  ProcessRawBytes(nssComponent, &temp,text);
+  ProcessRawBytes(nssComponent, &temp, text);
   printableItem->SetDisplayValue(text);
   asn1Objects->AppendElement(printableItem, false);
   return NS_OK;
 }
 
-uint32_t 
-getCertType(CERTCertificate *cert)
+uint32_t
+getCertType(CERTCertificate* cert)
 {
   nsNSSCertTrust trust(cert->trust);
   if (cert->nickname && trust.HasAnyUser())
     return nsIX509Cert::USER_CERT;
   if (trust.HasAnyCA())
     return nsIX509Cert::CA_CERT;
   if (trust.HasPeer(true, false, false))
     return nsIX509Cert::SERVER_CERT;
@@ -2029,22 +2083,22 @@ getCertType(CERTCertificate *cert)
     return nsIX509Cert::CA_CERT;
   if (cert->emailAddr)
     return nsIX509Cert::EMAIL_CERT;
   return nsIX509Cert::UNKNOWN_CERT;
 }
 
 nsresult
 GetCertFingerprintByOidTag(CERTCertificate* nsscert,
-                           SECOidTag aOidTag, 
-                           nsCString &fp)
+                           SECOidTag aOidTag,
+                           nsCString& fp)
 {
   Digest digest;
-  nsresult rv = digest.DigestBuf(aOidTag, nsscert->derCert.data,
-                                 nsscert->derCert.len);
+  nsresult rv =
+    digest.DigestBuf(aOidTag, nsscert->derCert.data, nsscert->derCert.len);
   NS_ENSURE_SUCCESS(rv, rv);
 
   UniquePORTString tmpstr(CERT_Hexify(const_cast<SECItem*>(&digest.get()), 1));
   NS_ENSURE_TRUE(tmpstr, NS_ERROR_OUT_OF_MEMORY);
 
   fp.Assign(tmpstr.get());
   return NS_OK;
 }