Fix clang issues. relyea
authorRobert Relyea <rrelyea@redhat.com>
Tue, 03 Jul 2018 15:11:52 -0700
branchrelyea
changeset 14415 287370d1a9b6d8c3e879cbf7cdd3cfd67019bdb2
parent 14414 f4924bbe01926906b1b1f63e2dc2f8999e3032a4
push id3132
push userrrelyea@redhat.com
push dateTue, 03 Jul 2018 22:12:09 +0000
Fix clang issues.
cmd/fipstest/fipstest.c
--- a/cmd/fipstest/fipstest.c
+++ b/cmd/fipstest/fipstest.c
@@ -2331,31 +2331,31 @@ sha_get_hashType(int hashbits)
             break;
         default:
             break;
     }
     return hashType;
 }
 
 HASH_HashType
-hash_string_to_hashType(const char * src)
+hash_string_to_hashType(const char *src)
 {
     HASH_HashType shaAlg = HASH_AlgNULL;
     if (strncmp(src, "SHA-1", 5) == 0) {
-         shaAlg = HASH_AlgSHA1;
+        shaAlg = HASH_AlgSHA1;
     } else if (strncmp(src, "SHA-224", 7) == 0) {
         shaAlg = HASH_AlgSHA224;
     } else if (strncmp(src, "SHA-256", 7) == 0) {
         shaAlg = HASH_AlgSHA256;
     } else if (strncmp(src, "SHA-384", 7) == 0) {
         shaAlg = HASH_AlgSHA384;
     } else if (strncmp(src, "SHA-512", 7) == 0) {
         shaAlg = HASH_AlgSHA512;
     } else if (strncmp(src, "SHA1", 4) == 0) {
-         shaAlg = HASH_AlgSHA1;
+        shaAlg = HASH_AlgSHA1;
     } else if (strncmp(src, "SHA224", 6) == 0) {
         shaAlg = HASH_AlgSHA224;
     } else if (strncmp(src, "SHA256", 6) == 0) {
         shaAlg = HASH_AlgSHA256;
     } else if (strncmp(src, "SHA384", 6) == 0) {
         shaAlg = HASH_AlgSHA384;
     } else if (strncmp(src, "SHA512", 6) == 0) {
         shaAlg = HASH_AlgSHA512;
@@ -2652,17 +2652,17 @@ ecdsa_siggen_test(char *reqfn)
             src += 2; /* skip the hyphen */
             *dst++ = *src++;
             *dst++ = *src++;
             *dst++ = *src++;
             *dst = '\0';
             src++; /* skip the comma */
             /* set the SHA Algorithm */
             shaAlg = hash_string_to_hashType(src);
-            if (shaAlg == HASH_AlgNULL){
+            if (shaAlg == HASH_AlgNULL) {
                 fprintf(ecdsaresp, "ERROR: Unable to find SHAAlg type");
                 goto loser;
             }
             if (ecparams != NULL) {
                 PORT_FreeArena(ecparams->arena, PR_FALSE);
                 ecparams = NULL;
             }
             encodedparams = getECParams(curve);
@@ -2972,25 +2972,25 @@ loser:
  * reqfn is the pathname of the REQUEST file.
  *
  * The output RESPONSE file is written to stdout.
  */
 #define MAX_ECC_PARAMS 256
 void
 ecdh_functional(char *reqfn, PRBool response)
 {
-    char buf[256];   /* holds one line from the input REQUEST file.
+    char buf[256];  /* holds one line from the input REQUEST file.
                          * needs to be large enough to hold the longest
                          * line "Qx = <144 hex digits>\n".
                          */
     FILE *ecdhreq;  /* input stream from the REQUEST file */
     FILE *ecdhresp; /* output stream to the RESPONSE file */
-    char curve[16];  /* "nistxddd" */
+    char curve[16]; /* "nistxddd" */
     unsigned char hashBuf[HASH_LENGTH_MAX];
-    ECParams *ecparams[MAX_ECC_PARAMS] = {NULL};
+    ECParams *ecparams[MAX_ECC_PARAMS] = { NULL };
     ECPrivateKey *ecpriv = NULL;
     ECParams *current_ecparams = NULL;
     SECItem pubkey;
     SECItem ZZ;
     unsigned int i;
     unsigned int len = 0;
     unsigned int uit_len = 0;
     int current_curve = -1;
@@ -3021,92 +3021,95 @@ ecdh_functional(char *reqfn, PRBool resp
 
                 if ((current_curve < 0) || (current_curve > MAX_ECC_PARAMS)) {
                     fprintf(stderr, "No curve type defined\n");
                     goto loser;
                 }
 
                 src = &buf[1];
                 /* skip passed the colon */
-                while (*src && *src != ':') src++;
+                while (*src && *src != ':')
+                    src++;
                 if (*src != ':') {
                     fprintf(stderr,
-                        "No colon in curve selected statement\n%s", buf);
+                            "No colon in curve selected statement\n%s", buf);
                     goto loser;
                 }
                 src++;
                 /* skip to the first non-space */
-                while (*src && *src == ' ') src++;
+                while (*src && *src == ' ')
+                    src++;
                 dst = &curve[4];
                 *dst++ = tolower(*src);
                 src += 2; /* skip the hyphen */
                 *dst++ = *src++;
                 *dst++ = *src++;
                 *dst++ = *src++;
                 *dst = '\0';
                 if (ecparams[current_curve] != NULL) {
                     PORT_FreeArena(ecparams[current_curve]->arena, PR_FALSE);
                     ecparams[current_curve] = NULL;
                 }
                 encodedparams = getECParams(curve);
                 if (encodedparams == NULL) {
                     fprintf(stderr, "Unknown curve %s.", curve);
                     goto loser;
                 }
-                if (EC_DecodeParams(encodedparams, &ecparams[current_curve])
-                                                        != SECSuccess) {
+                if (EC_DecodeParams(encodedparams, &ecparams[current_curve]) != SECSuccess) {
                     fprintf(stderr, "Curve %s not supported.\n", curve);
                     goto loser;
                 }
                 SECITEM_FreeItem(encodedparams, PR_TRUE);
                 fputs(buf, ecdhresp);
                 continue;
             }
             /* [Ex - SHAxxx] */
             if (buf[1] == 'E' && buf[3] == ' ') {
                 const char *src;
                 current_curve = buf[2] - 'A';
                 if ((current_curve < 0) || (current_curve > 256)) {
                     fprintf(stderr, "bad curve type defined (%c)\n", buf[2]);
                     goto loser;
                 }
-                    current_ecparams = ecparams[current_curve];
+                current_ecparams = ecparams[current_curve];
                 if (current_ecparams == NULL) {
                     fprintf(stderr, "no curve defined for type %c defined\n",
                             buf[2]);
                     goto loser;
                 }
                 /* skip passed the colon */
                 src = &buf[1];
-                while (*src && *src != '-') src++;
+                while (*src && *src != '-')
+                    src++;
                 if (*src != '-') {
                     fprintf(stderr,
-                        "No data in curve selected statement\n%s",buf);
+                            "No data in curve selected statement\n%s", buf);
                     goto loser;
                 }
                 src++;
                 /* skip to the first non-space */
-                while (*src && *src == ' ') src++;
+                while (*src && *src == ' ')
+                    src++;
                 hash = hash_string_to_hashType(src);
-                if (hash == HASH_AlgNULL){
+                if (hash == HASH_AlgNULL) {
                     fprintf(ecdhresp, "ERROR: Unable to find SHAAlg type");
                     goto loser;
                 }
                 fputs(buf, ecdhresp);
                 continue;
             }
             fputs(buf, ecdhresp);
             continue;
         }
         /* COUNT = ... */
         if (strncmp(buf, "COUNT", 5) == 0) {
             fputs(buf, ecdhresp);
             if (current_ecparams == NULL) {
                 fprintf(stderr, "no curve defined for type %c defined\n",
-                            buf[2]);
+                        buf[2]);
                 goto loser;
             }
             len = (current_ecparams->fieldID.size + 7) >> 3;
             if (pubkey.data != NULL) {
                 PORT_Free(pubkey.data);
                 pubkey.data = NULL;
             }
             SECITEM_AllocItem(NULL, &pubkey, EC_GetPointSize(current_ecparams));
@@ -3135,59 +3138,59 @@ ecdh_functional(char *reqfn, PRBool resp
             }
             from_hex_str(&pubkey.data[1 + len], len, &buf[i]);
             if (current_ecparams == NULL) {
                 fprintf(stderr, "no curve defined\n");
                 goto loser;
             }
             /* validate CAVS public key */
             if (EC_ValidatePublicKey(current_ecparams, &pubkey) != SECSuccess) {
-                fprintf(stderr,"BAD key detected\n");
+                fprintf(stderr, "BAD key detected\n");
                 goto loser;
             }
 
             /* generate ECC key pair */
             if (EC_NewKey(current_ecparams, &ecpriv) != SECSuccess) {
-                fprintf(stderr,"Failed to generate new key\n");
+                fprintf(stderr, "Failed to generate new key\n");
                 goto loser;
             }
             /* validate UIT generated public key */
             if (EC_ValidatePublicKey(current_ecparams, &ecpriv->publicValue) !=
-                    SECSuccess) {
-                fprintf(stderr,"generate key did not validate\n");
+                SECSuccess) {
+                fprintf(stderr, "generate key did not validate\n");
                 goto loser;
             }
             /* output UIT public key */
             uit_len = ecpriv->publicValue.len;
             if (uit_len % 2 == 0) {
-                fprintf(stderr,"generate key had invalid public value len\n");
+                fprintf(stderr, "generate key had invalid public value len\n");
                 goto loser;
             }
             uit_len = (uit_len - 1) / 2;
             if (ecpriv->publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED) {
-                fprintf(stderr,"generate key was compressed\n");
+                fprintf(stderr, "generate key was compressed\n");
                 goto loser;
             }
             fputs("QeIUTx = ", ecdhresp);
             to_hex_str(buf, &ecpriv->publicValue.data[1], uit_len);
             fputs(buf, ecdhresp);
             fputc('\n', ecdhresp);
             fputs("QeIUTy = ", ecdhresp);
             to_hex_str(buf, &ecpriv->publicValue.data[1 + uit_len], uit_len);
             fputs(buf, ecdhresp);
             fputc('\n', ecdhresp);
             /* ECDH */
-            if (ECDH_Derive(&pubkey,current_ecparams, &ecpriv->privateValue,
-                        PR_FALSE, &ZZ) != SECSuccess) {
-                fprintf(stderr,"Derive failed\n");
+            if (ECDH_Derive(&pubkey, current_ecparams, &ecpriv->privateValue,
+                            PR_FALSE, &ZZ) != SECSuccess) {
+                fprintf(stderr, "Derive failed\n");
                 goto loser;
             }
             /* output hash of ZZ */
-            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess ) {
-                fprintf(stderr,"hash of derived key failed\n");
+            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+                fprintf(stderr, "hash of derived key failed\n");
                 goto loser;
             }
             SECITEM_FreeItem(&ZZ, PR_FALSE);
             fputs("HashZZ = ", ecdhresp);
             to_hex_str(buf, hashBuf, fips_hashLen(hash));
             fputs(buf, ecdhresp);
             fputc('\n', ecdhresp);
             fputc('\n', ecdhresp);
@@ -3195,50 +3198,50 @@ ecdh_functional(char *reqfn, PRBool resp
             ecpriv = NULL;
             continue;
         }
     }
 loser:
     if (ecpriv != NULL) {
         PORT_FreeArena(ecpriv->ecParams.arena, PR_TRUE);
     }
-    for (i=0; i < MAX_ECC_PARAMS; i++) {
+    for (i = 0; i < MAX_ECC_PARAMS; i++) {
         if (ecparams[i] != NULL) {
             PORT_FreeArena(ecparams[i]->arena, PR_FALSE);
             ecparams[i] = NULL;
         }
     }
     if (pubkey.data != NULL) {
         PORT_Free(pubkey.data);
     }
     fclose(ecdhreq);
 }
 
-#define MATCH_OPENSSL 1 
+#define MATCH_OPENSSL 1
 /*
  * Perform the ECDH Validity Test.
  *
  * reqfn is the pathname of the REQUEST file.
  *
  * The output RESPONSE file is written to stdout.
  */
 void
 ecdh_verify(char *reqfn, PRBool response)
 {
-    char buf[256];   /* holds one line from the input REQUEST file.
+    char buf[256];  /* holds one line from the input REQUEST file.
                          * needs to be large enough to hold the longest
                          * line "Qx = <144 hex digits>\n".
                          */
     FILE *ecdhreq;  /* input stream from the REQUEST file */
     FILE *ecdhresp; /* output stream to the RESPONSE file */
-    char curve[16];  /* "nistxddd" */
+    char curve[16]; /* "nistxddd" */
     unsigned char hashBuf[HASH_LENGTH_MAX];
     unsigned char cavsHashBuf[HASH_LENGTH_MAX];
     unsigned char private_data[MAX_ECKEY_LEN];
-    ECParams *ecparams[MAX_ECC_PARAMS] =  {NULL};
+    ECParams *ecparams[MAX_ECC_PARAMS] = { NULL };
     ECParams *current_ecparams = NULL;
     SECItem pubkey;
     SECItem ZZ;
     SECItem private_value;
     unsigned int i;
     unsigned int len = 0;
     int current_curve = -1;
     HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
@@ -3268,92 +3271,95 @@ ecdh_verify(char *reqfn, PRBool response
 
                 if ((current_curve < 0) || (current_curve > MAX_ECC_PARAMS)) {
                     fprintf(stderr, "No curve type defined\n");
                     goto loser;
                 }
 
                 src = &buf[1];
                 /* skip passed the colon */
-                while (*src && *src != ':') src++;
+                while (*src && *src != ':')
+                    src++;
                 if (*src != ':') {
                     fprintf(stderr,
-                        "No colon in curve selected statement\n%s", buf);
+                            "No colon in curve selected statement\n%s", buf);
                     goto loser;
                 }
                 src++;
                 /* skip to the first non-space */
-                while (*src && *src == ' ') src++;
+                while (*src && *src == ' ')
+                    src++;
                 dst = &curve[4];
                 *dst++ = tolower(*src);
                 src += 2; /* skip the hyphen */
                 *dst++ = *src++;
                 *dst++ = *src++;
                 *dst++ = *src++;
                 *dst = '\0';
                 if (ecparams[current_curve] != NULL) {
                     PORT_FreeArena(ecparams[current_curve]->arena, PR_FALSE);
                     ecparams[current_curve] = NULL;
                 }
                 encodedparams = getECParams(curve);
                 if (encodedparams == NULL) {
                     fprintf(stderr, "Unknown curve %s.\n", curve);
                     goto loser;
                 }
-                if (EC_DecodeParams(encodedparams, &ecparams[current_curve])
-                                                        != SECSuccess) {
+                if (EC_DecodeParams(encodedparams, &ecparams[current_curve]) != SECSuccess) {
                     fprintf(stderr, "Curve %s not supported.\n", curve);
                     goto loser;
                 }
                 SECITEM_FreeItem(encodedparams, PR_TRUE);
                 fputs(buf, ecdhresp);
                 continue;
             }
             /* [Ex - SHAxxx] */
             if (buf[1] == 'E' && buf[3] == ' ') {
                 const char *src;
                 current_curve = buf[2] - 'A';
                 if ((current_curve < 0) || (current_curve > 256)) {
                     fprintf(stderr, "bad curve type defined (%c)\n", buf[2]);
                     goto loser;
                 }
-                    current_ecparams = ecparams[current_curve];
+                current_ecparams = ecparams[current_curve];
                 if (current_ecparams == NULL) {
                     fprintf(stderr, "no curve defined for type %c defined\n",
                             buf[2]);
                     goto loser;
                 }
                 /* skip passed the colon */
                 src = &buf[1];
-                while (*src && *src != '-') src++;
+                while (*src && *src != '-')
+                    src++;
                 if (*src != '-') {
                     fprintf(stderr,
-                        "No data in curve selected statement\n%s",buf);
+                            "No data in curve selected statement\n%s", buf);
                     goto loser;
                 }
                 src++;
                 /* skip to the first non-space */
-                while (*src && *src == ' ') src++;
+                while (*src && *src == ' ')
+                    src++;
                 hash = hash_string_to_hashType(src);
-                if (hash == HASH_AlgNULL){
+                if (hash == HASH_AlgNULL) {
                     fprintf(ecdhresp, "ERROR: Unable to find SHAAlg type");
                     goto loser;
                 }
                 fputs(buf, ecdhresp);
                 continue;
             }
             fputs(buf, ecdhresp);
             continue;
         }
         /* COUNT = ... */
         if (strncmp(buf, "COUNT", 5) == 0) {
             fputs(buf, ecdhresp);
             if (current_ecparams == NULL) {
                 fprintf(stderr, "no curve defined for type %c defined\n",
-                            buf[2]);
+                        buf[2]);
                 goto loser;
             }
             len = (current_ecparams->fieldID.size + 7) >> 3;
             if (pubkey.data != NULL) {
                 PORT_Free(pubkey.data);
                 pubkey.data = NULL;
             }
             SECITEM_AllocItem(NULL, &pubkey, EC_GetPointSize(current_ecparams));
@@ -3411,65 +3417,65 @@ ecdh_verify(char *reqfn, PRBool response
             from_hex_str(cavsHashBuf, fips_hashLen(hash), &buf[i]);
             if (current_ecparams == NULL) {
                 fprintf(stderr, "no curve defined for type defined\n");
                 goto loser;
             }
             /* validate CAVS public key */
             if (EC_ValidatePublicKey(current_ecparams, &pubkey) != SECSuccess) {
 #ifdef MATCH_OPENSSL
-		fprintf(ecdhresp, "Result = F\n");
+                fprintf(ecdhresp, "Result = F\n");
 #else
-		fprintf(ecdhresp, "Result = F # key didn't validate\n");
+                fprintf(ecdhresp, "Result = F # key didn't validate\n");
 #endif
                 continue;
             }
 
             /* ECDH */
             if (ECDH_Derive(&pubkey, current_ecparams, &private_value,
-                        PR_FALSE, &ZZ) != SECSuccess) {
-                fprintf(stderr,"Derive failed\n");
+                            PR_FALSE, &ZZ) != SECSuccess) {
+                fprintf(stderr, "Derive failed\n");
                 goto loser;
             }
-            /* output  ZZ */
+/* output  ZZ */
 #ifndef MATCH_OPENSSL
             fputs("Z = ", ecdhresp);
             to_hex_str(buf, ZZ.data, ZZ.len);
             fputs(buf, ecdhresp);
             fputc('\n', ecdhresp);
 #endif
 
-            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess ) {
-                fprintf(stderr,"hash of derived key failed\n");
+            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+                fprintf(stderr, "hash of derived key failed\n");
                 goto loser;
             }
             SECITEM_FreeItem(&ZZ, PR_FALSE);
 #ifndef MATCH_NIST
             fputs("IUTHashZZ = ", ecdhresp);
             to_hex_str(buf, hashBuf, fips_hashLen(hash));
             fputs(buf, ecdhresp);
             fputc('\n', ecdhresp);
 #endif
             if (memcmp(hashBuf, cavsHashBuf, fips_hashLen(hash)) != 0) {
 #ifdef MATCH_OPENSSL
-		fprintf(ecdhresp, "Result = F\n");
+                fprintf(ecdhresp, "Result = F\n");
 #else
-		fprintf(ecdhresp, "Result = F # hash doesn't match\n");
+                fprintf(ecdhresp, "Result = F # hash doesn't match\n");
 #endif
             } else {
-		fprintf(ecdhresp, "Result = P\n");
+                fprintf(ecdhresp, "Result = P\n");
             }
 #ifndef MATCH_OPENSSL
             fputc('\n', ecdhresp);
 #endif
             continue;
         }
     }
 loser:
-    for (i=0; i < MAX_ECC_PARAMS; i++) {
+    for (i = 0; i < MAX_ECC_PARAMS; i++) {
         if (ecparams[i] != NULL) {
             PORT_FreeArena(ecparams[i]->arena, PR_FALSE);
             ecparams[i] = NULL;
         }
     }
     if (pubkey.data != NULL) {
         PORT_Free(pubkey.data);
     }
@@ -3482,29 +3488,29 @@ loser:
  * reqfn is the pathname of the REQUEST file.
  *
  * The output RESPONSE file is written to stdout.
  */
 #define MAX_ECC_PARAMS 256
 void
 dh_functional(char *reqfn, PRBool response)
 {
-    char buf[1024];   /* holds one line from the input REQUEST file.
+    char buf[1024]; /* holds one line from the input REQUEST file.
                          * needs to be large enough to hold the longest
                          * line "YephCAVS = <512 hex digits>\n".
                          */
-    FILE *dhreq;  /* input stream from the REQUEST file */
-    FILE *dhresp; /* output stream to the RESPONSE file */
+    FILE *dhreq;    /* input stream from the REQUEST file */
+    FILE *dhresp;   /* output stream to the RESPONSE file */
     unsigned char hashBuf[HASH_LENGTH_MAX];
     DSAPrivateKey *dsapriv = NULL;
     PQGParams pqg = { 0 };
-    unsigned char pubkeydata[DSA_MAX_P_BITS/8];
+    unsigned char pubkeydata[DSA_MAX_P_BITS / 8];
     SECItem pubkey;
     SECItem ZZ;
-    unsigned int i,j;
+    unsigned int i, j;
     unsigned int pgySize;
     HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
 
     dhreq = fopen(reqfn, "r");
     dhresp = stdout;
     while (fgets(buf, sizeof buf, dhreq) != NULL) {
         /* a comment or blank line */
         if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r') {
@@ -3512,26 +3518,28 @@ dh_functional(char *reqfn, PRBool respon
             continue;
         }
         if (buf[0] == '[') {
             /* [Fx - SHAxxx] */
             if (buf[1] == 'F' && buf[3] == ' ') {
                 const char *src;
                 /* skip passed the colon */
                 src = &buf[1];
-                while (*src && *src != '-') src++;
+                while (*src && *src != '-')
+                    src++;
                 if (*src != '-') {
-                    fprintf(stderr, "No hash specified\n%s",buf);
+                    fprintf(stderr, "No hash specified\n%s", buf);
                     goto loser;
                 }
                 src++;
                 /* skip to the first non-space */
-                while (*src && *src == ' ') src++;
+                while (*src && *src == ' ')
+                    src++;
                 hash = hash_string_to_hashType(src);
-                if (hash == HASH_AlgNULL){
+                if (hash == HASH_AlgNULL) {
                     fprintf(dhresp, "ERROR: Unable to find SHAAlg type");
                     goto loser;
                 }
                 /* clear the PQG parameters */
                 if (pqg.prime.data) { /* P */
                     SECITEM_ZfreeItem(&pqg.prime, PR_FALSE);
                 }
                 if (pqg.subPrime.data) { /* Q */
@@ -3541,17 +3549,17 @@ dh_functional(char *reqfn, PRBool respon
                     SECITEM_ZfreeItem(&pqg.base, PR_FALSE);
                 }
                 pgySize = DSA_MAX_P_BITS / 8; /* change if more key sizes are supported in CAVS */
                 SECITEM_AllocItem(NULL, &pqg.prime, pgySize);
                 SECITEM_AllocItem(NULL, &pqg.base, pgySize);
                 pqg.prime.len = pqg.base.len = pgySize;
 
                 /* set q to the max allows */
-                SECITEM_AllocItem(NULL, &pqg.subPrime, DSA_MAX_Q_BITS/ 8);
+                SECITEM_AllocItem(NULL, &pqg.subPrime, DSA_MAX_Q_BITS / 8);
                 pqg.subPrime.len = DSA_MAX_Q_BITS / 8;
                 fputs(buf, dhresp);
                 continue;
             }
             fputs(buf, dhresp);
             continue;
         }
         if (buf[0] == 'P') {
@@ -3622,36 +3630,36 @@ dh_functional(char *reqfn, PRBool respon
             }
             from_hex_str(pubkeydata, pqg.prime.len, &buf[i]);
             pubkey.data = pubkeydata;
             pubkey.len = pqg.prime.len;
 
             /* generate FCC key pair, nist uses pqg rather then pg,
              * so use DSA to generate the key */
             if (DSA_NewKey(&pqg, &dsapriv) != SECSuccess) {
-                fprintf(stderr,"Failed to generate new key\n");
+                fprintf(stderr, "Failed to generate new key\n");
                 goto loser;
             }
             fputs("XephemIUT = ", dhresp);
             to_hex_str(buf, dsapriv->privateValue.data, dsapriv->privateValue.len);
             fputs(buf, dhresp);
             fputc('\n', dhresp);
             fputs("YephemIUT = ", dhresp);
             to_hex_str(buf, dsapriv->publicValue.data, dsapriv->publicValue.len);
             fputs(buf, dhresp);
             fputc('\n', dhresp);
             /* DH */
-            if (DH_Derive(&pubkey,&pqg.prime, &dsapriv->privateValue,
-                        &ZZ, pqg.prime.len) != SECSuccess) {
-                fprintf(stderr,"Derive failed\n");
+            if (DH_Derive(&pubkey, &pqg.prime, &dsapriv->privateValue,
+                          &ZZ, pqg.prime.len) != SECSuccess) {
+                fprintf(stderr, "Derive failed\n");
                 goto loser;
             }
             /* output hash of ZZ */
-            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess ) {
-                fprintf(stderr,"hash of derived key failed\n");
+            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+                fprintf(stderr, "hash of derived key failed\n");
                 goto loser;
             }
             SECITEM_FreeItem(&ZZ, PR_FALSE);
             fputs("HashZZ = ", dhresp);
             to_hex_str(buf, hashBuf, fips_hashLen(hash));
             fputs(buf, dhresp);
             fputc('\n', dhresp);
             fputc('\n', dhresp);
@@ -3662,42 +3670,42 @@ dh_functional(char *reqfn, PRBool respon
     }
 loser:
     if (dsapriv != NULL) {
         PORT_FreeArena(dsapriv->params.arena, PR_TRUE);
     }
     fclose(dhreq);
 }
 
-#define MATCH_OPENSSL 1 
+#define MATCH_OPENSSL 1
 /*
  * Perform the DH Validity Test.
  *
  * reqfn is the pathname of the REQUEST file.
  *
  * The output RESPONSE file is written to stdout.
  */
 void
 dh_verify(char *reqfn, PRBool response)
 {
-    char buf[1024];   /* holds one line from the input REQUEST file.
+    char buf[1024]; /* holds one line from the input REQUEST file.
                          * needs to be large enough to hold the longest
                          * line "YephCAVS = <512 hex digits>\n".
                          */
-    FILE *dhreq;  /* input stream from the REQUEST file */
-    FILE *dhresp; /* output stream to the RESPONSE file */
+    FILE *dhreq;    /* input stream from the REQUEST file */
+    FILE *dhresp;   /* output stream to the RESPONSE file */
     unsigned char hashBuf[HASH_LENGTH_MAX];
     unsigned char cavsHashBuf[HASH_LENGTH_MAX];
     PQGParams pqg = { 0 };
-    unsigned char pubkeydata[DSA_MAX_P_BITS/8];
-    unsigned char privkeydata[DSA_MAX_P_BITS/8];
+    unsigned char pubkeydata[DSA_MAX_P_BITS / 8];
+    unsigned char privkeydata[DSA_MAX_P_BITS / 8];
     SECItem pubkey;
     SECItem privkey;
     SECItem ZZ;
-    unsigned int i,j;
+    unsigned int i, j;
     unsigned int pgySize;
     HASH_HashType hash = HASH_AlgNULL; /* type of SHA Alg */
 
     dhreq = fopen(reqfn, "r");
     dhresp = stdout;
     while (fgets(buf, sizeof buf, dhreq) != NULL) {
         /* a comment or blank line */
         if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r') {
@@ -3705,26 +3713,28 @@ dh_verify(char *reqfn, PRBool response)
             continue;
         }
         if (buf[0] == '[') {
             /* [Fx - SHAxxx] */
             if (buf[1] == 'F' && buf[3] == ' ') {
                 const char *src;
                 /* skip passed the colon */
                 src = &buf[1];
-                while (*src && *src != '-') src++;
+                while (*src && *src != '-')
+                    src++;
                 if (*src != '-') {
-                    fprintf(stderr, "No hash specified\n%s",buf);
+                    fprintf(stderr, "No hash specified\n%s", buf);
                     goto loser;
                 }
                 src++;
                 /* skip to the first non-space */
-                while (*src && *src == ' ') src++;
+                while (*src && *src == ' ')
+                    src++;
                 hash = hash_string_to_hashType(src);
-                if (hash == HASH_AlgNULL){
+                if (hash == HASH_AlgNULL) {
                     fprintf(dhresp, "ERROR: Unable to find SHAAlg type");
                     goto loser;
                 }
                 /* clear the PQG parameters */
                 if (pqg.prime.data) { /* P */
                     SECITEM_ZfreeItem(&pqg.prime, PR_FALSE);
                 }
                 if (pqg.subPrime.data) { /* Q */
@@ -3734,17 +3744,17 @@ dh_verify(char *reqfn, PRBool response)
                     SECITEM_ZfreeItem(&pqg.base, PR_FALSE);
                 }
                 pgySize = DSA_MAX_P_BITS / 8; /* change if more key sizes are supported in CAVS */
                 SECITEM_AllocItem(NULL, &pqg.prime, pgySize);
                 SECITEM_AllocItem(NULL, &pqg.base, pgySize);
                 pqg.prime.len = pqg.base.len = pgySize;
 
                 /* set q to the max allows */
-                SECITEM_AllocItem(NULL, &pqg.subPrime, DSA_MAX_Q_BITS/ 8);
+                SECITEM_AllocItem(NULL, &pqg.subPrime, DSA_MAX_Q_BITS / 8);
                 pqg.subPrime.len = DSA_MAX_Q_BITS / 8;
                 fputs(buf, dhresp);
                 continue;
             }
             fputs(buf, dhresp);
             continue;
         }
         if (buf[0] == 'P') {
@@ -3839,43 +3849,43 @@ dh_verify(char *reqfn, PRBool response)
         if (strncmp(buf, "CAVSHashZZ", 10) == 0) {
             fputs(buf, dhresp);
             i = 10;
             while (isspace(buf[i]) || buf[i] == '=') {
                 i++;
             }
             from_hex_str(cavsHashBuf, fips_hashLen(hash), &buf[i]);
             /* do the DH operation*/
-            if (DH_Derive(&pubkey,&pqg.prime, &privkey,
-                        &ZZ, pqg.prime.len) != SECSuccess) {
-                fprintf(stderr,"Derive failed\n");
+            if (DH_Derive(&pubkey, &pqg.prime, &privkey,
+                          &ZZ, pqg.prime.len) != SECSuccess) {
+                fprintf(stderr, "Derive failed\n");
                 goto loser;
             }
-            /* output  ZZ */
+/* output  ZZ */
 #ifndef MATCH_OPENSSL
             fputs("Z = ", dhresp);
             to_hex_str(buf, ZZ.data, ZZ.len);
             fputs(buf, dhresp);
             fputc('\n', dhresp);
 #endif
-            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess ) {
-                fprintf(stderr,"hash of derived key failed\n");
+            if (fips_hashBuf(hash, hashBuf, ZZ.data, ZZ.len) != SECSuccess) {
+                fprintf(stderr, "hash of derived key failed\n");
                 goto loser;
             }
             SECITEM_FreeItem(&ZZ, PR_FALSE);
 #ifndef MATCH_NIST_
             fputs("IUTHashZZ = ", dhresp);
             to_hex_str(buf, hashBuf, fips_hashLen(hash));
             fputs(buf, dhresp);
             fputc('\n', dhresp);
 #endif
             if (memcmp(hashBuf, cavsHashBuf, fips_hashLen(hash)) != 0) {
-		fprintf(dhresp, "Result = F\n");
+                fprintf(dhresp, "Result = F\n");
             } else {
-		fprintf(dhresp, "Result = P\n");
+                fprintf(dhresp, "Result = P\n");
             }
 #ifndef MATCH_OPENSSL
             fputc('\n', dhresp);
 #endif
             continue;
         }
     }
 loser: