doc: remove end of line whitespace

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16641)

23 files changed, 44 insertions, 44 deletions

diff --git a/doc/man7/EVP_KEYEXCH-ECDH.pod b/doc/man7/EVP_KEYEXCH-ECDH.pod
index 95076b1ebd..a710625f22 100644
--- a/doc/man7/EVP_KEYEXCH-ECDH.pod
+++ b/doc/man7/EVP_KEYEXCH-ECDH.pod
@@ -74,7 +74,7 @@ Keys for the host and peer must be generated as shown in
 L<EVP_PKEY-EC(7)/Examples> using the same curve name.
 
 The code to generate a shared secret for the normal case is identical to
-L<EVP_KEYEXCH-DH(7)/Examples>. 
+L<EVP_KEYEXCH-DH(7)/Examples>.
 
 To derive a shared secret on the host using the host's key and the peer's public
 key but also using X963KDF with a user key material:
diff --git a/doc/man7/EVP_PKEY-DH.pod b/doc/man7/EVP_PKEY-DH.pod
index 9da5d9c6ef..2c90982d07 100644
--- a/doc/man7/EVP_PKEY-DH.pod
+++ b/doc/man7/EVP_PKEY-DH.pod
@@ -74,7 +74,7 @@ See EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key().
 Used for DH generation of safe primes using the old safe prime generator code.
 The default value is 2.
 It is recommended to use a named safe prime group instead, if domain parameter
-validation is required. 
+validation is required.
 
 Randomly generated safe primes are not allowed by FIPS, so setting this value
 for the OpenSSL FIPS provider will instead choose a named safe prime group
diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod
index 31d92bf8a1..a3c3ccb705 100644
--- a/doc/man7/EVP_PKEY-EC.pod
+++ b/doc/man7/EVP_PKEY-EC.pod
@@ -71,7 +71,7 @@ I<order> multiplied by the I<cofactor> gives the number of points on the curve.
 =item  "decoded-from-explicit" (B<OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS>) <integer>
 
 Gets a flag indicating wether the key or parameters were decoded from explicit
-curve parameters. Set to 1 if so or 0 if a named curve was used. 
+curve parameters. Set to 1 if so or 0 if a named curve was used.
 
 =item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer>
 
diff --git a/doc/man7/EVP_PKEY-FFC.pod b/doc/man7/EVP_PKEY-FFC.pod
index 3ab243f45a..dab7380fc2 100644
--- a/doc/man7/EVP_PKEY-FFC.pod
+++ b/doc/man7/EVP_PKEY-FFC.pod
@@ -92,7 +92,7 @@ of I<p>. This value must be saved if domain parameter validation is required.
 
 =item "hindex" (B<OSSL_PKEY_PARAM_FFC_H>) <integer>
 
-For unverifiable generation of the generator I<g> this value is output during 
+For unverifiable generation of the generator I<g> this value is output during
 generation of I<g>. Its value is the first integer larger than one that
 satisfies g = h^j mod p (where g != 1 and "j" is the cofactor).
 
diff --git a/doc/man7/EVP_SIGNATURE-DSA.pod b/doc/man7/EVP_SIGNATURE-DSA.pod
index 11fe500cb3..4801cf9994 100644
--- a/doc/man7/EVP_SIGNATURE-DSA.pod
+++ b/doc/man7/EVP_SIGNATURE-DSA.pod
@@ -14,7 +14,7 @@ See L<EVP_PKEY-DSA(7)> for information related to DSA keys.
 
 The following signature parameters can be set using EVP_PKEY_CTX_set_params().
 This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(),
-and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). 
+and before calling EVP_PKEY_sign() or EVP_PKEY_verify().
 
 =over 4
 
diff --git a/doc/man7/EVP_SIGNATURE-ECDSA.pod b/doc/man7/EVP_SIGNATURE-ECDSA.pod
index 04b80a1118..0ac3f78461 100644
--- a/doc/man7/EVP_SIGNATURE-ECDSA.pod
+++ b/doc/man7/EVP_SIGNATURE-ECDSA.pod
@@ -13,7 +13,7 @@ See L<EVP_PKEY-EC(7)> for information related to EC keys.
 
 The following signature parameters can be set using EVP_PKEY_CTX_set_params().
 This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(),
-and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). 
+and before calling EVP_PKEY_sign() or EVP_PKEY_verify().
 
 =over 4
 
diff --git a/doc/man7/EVP_SIGNATURE-RSA.pod b/doc/man7/EVP_SIGNATURE-RSA.pod
index 1be30b3158..06ca036f0c 100644
--- a/doc/man7/EVP_SIGNATURE-RSA.pod
+++ b/doc/man7/EVP_SIGNATURE-RSA.pod
@@ -14,7 +14,7 @@ See L<EVP_PKEY-RSA(7)> for information related to RSA keys.
 
 The following signature parameters can be set using EVP_PKEY_CTX_set_params().
 This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(),
-and before calling EVP_PKEY_sign() or EVP_PKEY_verify(). 
+and before calling EVP_PKEY_sign() or EVP_PKEY_verify().
 
 =over 4
 
@@ -32,11 +32,11 @@ The type of padding to be used. Its value can be one of the following:
 
 =item "none" (B<OSSL_PKEY_RSA_PAD_MODE_NONE>)
 
-=item "pkcs1" (B<OSSL_PKEY_RSA_PAD_MODE_PKCSV15>) 
+=item "pkcs1" (B<OSSL_PKEY_RSA_PAD_MODE_PKCSV15>)
 
 =item "x931" (B<OSSL_PKEY_RSA_PAD_MODE_X931>)
 
-=item "pss" (B<OSSL_PKEY_RSA_PAD_MODE_PSS>) 
+=item "pss" (B<OSSL_PKEY_RSA_PAD_MODE_PSS>)
 
 =back
 
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index 0eac85b324..00ab7977f4 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -6,7 +6,7 @@ OSSL_PROVIDER-FIPS - OpenSSL FIPS provider
 
 =head1 DESCRIPTION
 
-The OpenSSL FIPS provider is a special provider that conforms to the Federal 
+The OpenSSL FIPS provider is a special provider that conforms to the Federal
 Information Processing Standards (FIPS) specified in FIPS 140-2. This 'module'
 contains an approved set of cryptographic algorithms that is validated by an
 accredited testing laboratory.
@@ -214,7 +214,7 @@ Known answer test for a digest.
 
 Known answer test for a signature.
 
-=item "PCT_Signature" (B<OSSL_SELF_TEST_TYPE_PCT_SIGNATURE>)      
+=item "PCT_Signature" (B<OSSL_SELF_TEST_TYPE_PCT_SIGNATURE>)
 
 Pairwise Consistency check for a signature.
 
diff --git a/doc/man7/bio.pod b/doc/man7/bio.pod
index e2c11665b9..9b86e9493d 100644
--- a/doc/man7/bio.pod
+++ b/doc/man7/bio.pod
@@ -49,7 +49,7 @@ BIO_free() on it other than the discarded return value.
 
 Normally the I<type> argument is supplied by a function which returns a
 pointer to a BIO_METHOD. There is a naming convention for such functions:
-a source/sink BIO typically starts with I<BIO_s_> and 
+a source/sink BIO typically starts with I<BIO_s_> and
 a filter BIO with I<BIO_f_>.
 
 =head1 EXAMPLES
diff --git a/doc/man7/life_cycle-cipher.pod b/doc/man7/life_cycle-cipher.pod
index 227cc18b8d..1fe05688ed 100644
--- a/doc/man7/life_cycle-cipher.pod
+++ b/doc/man7/life_cycle-cipher.pod
@@ -126,12 +126,12 @@ This is the canonical list.
  Function Call                ---------------------------------------------- Current State -----------------------------------------------
                               start   newed    initialised   updated     finaled   initialised   updated    initialised   updated    freed
                                                                                     decryption  decryption   encryption  encryption
- EVP_CIPHER_CTX_new           newed           
+ EVP_CIPHER_CTX_new           newed
  EVP_CipherInit                    initialised initialised initialised initialised initialised initialised  initialised initialised
  EVP_DecryptInit                   initialised initialised initialised initialised initialised initialised  initialised initialised
-                                    decryption  decryption  decryption  decryption  decryption  decryption  decryption  decryption  
+                                    decryption  decryption  decryption  decryption  decryption  decryption  decryption  decryption
  EVP_EncryptInit                   initialised initialised initialised initialised initialised initialised  initialised initialised
-                                    encryption  encryption  encryption  encryption  encryption  encryption  encryption  encryption  
+                                    encryption  encryption  encryption  encryption  encryption  encryption  encryption  encryption
  EVP_CipherUpdate                                updated     updated
  EVP_DecryptUpdate                                                                   updated     updated
                                                                                     decryption  decryption
diff --git a/doc/man7/life_cycle-digest.pod b/doc/man7/life_cycle-digest.pod
index 5425f57dd5..709fd0d04c 100644
--- a/doc/man7/life_cycle-digest.pod
+++ b/doc/man7/life_cycle-digest.pod
@@ -93,7 +93,7 @@ This is the canonical list.
 
  Function Call                --------------------- Current State ----------------------
                               start   newed    initialised   updated     finaled   freed
- EVP_MD_CTX_new               newed           
+ EVP_MD_CTX_new               newed
  EVP_DigestInit                    initialised initialised initialised initialised
  EVP_DigestUpdate                                updated     updated
  EVP_DigestFinal                                             finaled
diff --git a/doc/man7/life_cycle-kdf.pod b/doc/man7/life_cycle-kdf.pod
index d2aec8fe82..9fe042a2c2 100644
--- a/doc/man7/life_cycle-kdf.pod
+++ b/doc/man7/life_cycle-kdf.pod
@@ -75,7 +75,7 @@ This is the canonical list.
 
  Function Call                   ------------- Current State -------------
                                  start       newed       deriving    freed
- EVP_KDF_CTX_new                 newed           
+ EVP_KDF_CTX_new                 newed
  EVP_KDF_derive                             deriving     deriving
  EVP_KDF_CTX_free                freed       freed        freed
  EVP_KDF_CTX_reset                           newed        newed
diff --git a/doc/man7/life_cycle-mac.pod b/doc/man7/life_cycle-mac.pod
index 1a9a008818..60b8b55d4b 100644
--- a/doc/man7/life_cycle-mac.pod
+++ b/doc/man7/life_cycle-mac.pod
@@ -94,7 +94,7 @@ This is the canonical list.
 
  Function Call                   --------------------- Current State ----------------------
                                  start   newed    initialised   updated     finaled   freed
- EVP_MAC_CTX_new                 newed           
+ EVP_MAC_CTX_new                 newed
  EVP_MAC_init                         initialised initialised initialised initialised
  EVP_MAC_update                                     updated     updated
  EVP_MAC_final                                                  finaled
diff --git a/doc/man7/life_cycle-rand.pod b/doc/man7/life_cycle-rand.pod
index de2dfcb97e..8afb229b58 100644
--- a/doc/man7/life_cycle-rand.pod
+++ b/doc/man7/life_cycle-rand.pod
@@ -87,7 +87,7 @@ This is the canonical list.
 
  Function Call              ------------------ Current State ------------------
                             start   newed   instantiated  uninstantiated  freed
- EVP_RAND_CTX_new           newed       
+ EVP_RAND_CTX_new           newed
  EVP_RAND_instantiate            instantiated
  EVP_RAND_generate                          instantiated
  EVP_RAND_uninstantiate                    uninstantiated
diff --git a/doc/man7/migration_guide.pod b/doc/man7/migration_guide.pod
index 02d2327ee2..3e4ce9f65a 100644
--- a/doc/man7/migration_guide.pod
+++ b/doc/man7/migration_guide.pod
@@ -119,7 +119,7 @@ bypass provider selection and configuration, with unintended consequences.
 This is particularly relevant for applications written to use the OpenSSL 3.0
 FIPS module, as detailed below. Authors and maintainers of external engines are
 strongly encouraged to refactor their code transforming engines into providers
-using the new Provider API and avoiding deprecated methods. 
+using the new Provider API and avoiding deprecated methods.
 
 =head3 Versioning Scheme
 
@@ -133,7 +133,7 @@ at the end of the release version number. This will no longer be used and
 instead the patch level is indicated by the final number in the version. A
 change in the second (MINOR) number indicates that new features may have been
 added. OpenSSL versions with the same major number are API and ABI compatible.
-If the major number changes then API and ABI compatibility is not guaranteed. 
+If the major number changes then API and ABI compatibility is not guaranteed.
 
 For more information, see L<OpenSSL_version(3)>.
 
@@ -409,7 +409,7 @@ enable them to be "freed". However they should also be treated as read-only.
 
 This may mean result in an error in L<EVP_PKEY_derive_set_peer(3)> rather than
 during L<EVP_PKEY_derive(3)>.
-To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0). 
+To disable this check use EVP_PKEY_derive_set_peer_ex(dh, peer, 0).
 
 =head4 The print format has cosmetic changes for some functions
 
@@ -541,14 +541,14 @@ The code needs to be amended to look like this:
 
 Support for TLSv1.3 has been added.
 
-This has a number of implications for SSL/TLS applications. See the 
+This has a number of implications for SSL/TLS applications. See the
 L<TLS1.3 page|https://wiki.openssl.org/index.php/TLS1.3> for further details.
 
 =back
 
 More details about the breaking changes between OpenSSL versions 1.0.2 and 1.1.0
 can be found on the
-L<OpenSSL 1.1.0 Changes page|https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes>. 
+L<OpenSSL 1.1.0 Changes page|https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes>.
 
 =head3 Upgrading from the OpenSSL 2.0 FIPS Object Module
 
@@ -985,7 +985,7 @@ APIs, or alternatively use L<EVP_PKEY_fromdata(3)> or L<EVP_PKEY_todata(3)>.
 Functions that access low-level objects directly such as L<RSA_get0_n(3)> are now
 deprecated. Applications should use one of L<EVP_PKEY_get_bn_param(3)>,
 L<EVP_PKEY_get_int_param(3)>, l<EVP_PKEY_get_size_t_param(3)>,
-L<EVP_PKEY_get_utf8_string_param(3)>, L<EVP_PKEY_get_octet_string_param(3)> or 
+L<EVP_PKEY_get_utf8_string_param(3)>, L<EVP_PKEY_get_octet_string_param(3)> or
 L<EVP_PKEY_get_params(3)> to access fields from an EVP_PKEY.
 Gettable parameters are listed in L<EVP_PKEY-RSA(7)/Common RSA parameters>,
 L<EVP_PKEY-DH(7)/DH parameters>, L<EVP_PKEY-DSA(7)/DSA parameters>,
@@ -1115,7 +1115,7 @@ Bi-directional IGE mode. These modes were never formally standardised and
 usage of these functions is believed to be very small. In particular
 AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only one
 is ever used. The security implications are believed to be minimal, but
-this issue was never fixed for backwards compatibility reasons. 
+this issue was never fixed for backwards compatibility reasons.
 
 =item *
 
@@ -1265,7 +1265,7 @@ DES_decrypt3(), DES_ede3_cbc_encrypt(), DES_ede3_cfb64_encrypt(),
 DES_ede3_cfb_encrypt(),DES_ede3_ofb64_encrypt(),
 DES_ecb_encrypt(), DES_ecb3_encrypt(), DES_ofb64_encrypt(), DES_ofb_encrypt(),
 DES_cfb64_encrypt DES_cfb_encrypt(), DES_cbc_encrypt(), DES_ncbc_encrypt(),
-DES_pcbc_encrypt(), DES_xcbc_encrypt(), DES_cbc_cksum(), DES_quad_cksum(), 
+DES_pcbc_encrypt(), DES_xcbc_encrypt(), DES_cbc_cksum(), DES_quad_cksum(),
 DES_check_key_parity(), DES_is_weak_key(), DES_key_sched(), DES_options(),
 DES_random_key(), DES_set_key(), DES_set_key_checked(), DES_set_key_unchecked(),
 DES_set_odd_parity(), DES_string_to_2keys(), DES_string_to_key()
@@ -1513,7 +1513,7 @@ EC_KEY_set_flags(), EC_KEY_get_flags(), EC_KEY_clear_flags()
 See L<EVP_PKEY-EC(7)/Common EC parameters> which handles flags as seperate
 parameters for B<OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT>,
 B<OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE>, B<OSSL_PKEY_PARAM_EC_ENCODING>,
-B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH> and 
+B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH> and
 B<OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC>.
 See also L<EVP_PKEY-EC(7)/EXAMPLES>
 
@@ -1715,7 +1715,7 @@ See L<EVP_PKEY_copy_parameters(3)> for further details.
 
 =item *
 
-EVP_PKEY_encrypt_old(), EVP_PKEY_decrypt_old(), 
+EVP_PKEY_encrypt_old(), EVP_PKEY_decrypt_old(),
 
 Applications should use L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)> or
 L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)> instead.
@@ -1795,7 +1795,7 @@ See L</Deprecated low-level MAC functions>.
 i2d_DHparams(), i2d_DHxparams()
 
 See L</Deprecated low-level key reading and writing functions>
-and L<d2i_RSAPrivateKey(3)/Migration> 
+and L<d2i_RSAPrivateKey(3)/Migration>
 
 =item *
 
@@ -1804,7 +1804,7 @@ i2d_DSAPrivateKey_fp(), i2d_DSA_PUBKEY(), i2d_DSA_PUBKEY_bio(),
 i2d_DSA_PUBKEY_fp(), i2d_DSAPublicKey()
 
 See L</Deprecated low-level key reading and writing functions>
-and L<d2i_RSAPrivateKey(3)/Migration> 
+and L<d2i_RSAPrivateKey(3)/Migration>
 
 =item *
 
@@ -1813,7 +1813,7 @@ i2d_ECPrivateKey_fp(), i2d_EC_PUBKEY(), i2d_EC_PUBKEY_bio(),
 i2d_EC_PUBKEY_fp(), i2o_ECPublicKey()
 
 See L</Deprecated low-level key reading and writing functions>
-and L<d2i_RSAPrivateKey(3)/Migration> 
+and L<d2i_RSAPrivateKey(3)/Migration>
 
 =item *
 
@@ -1822,7 +1822,7 @@ i2d_RSA_PUBKEY(), i2d_RSA_PUBKEY_bio(), i2d_RSA_PUBKEY_fp(),
 i2d_RSAPublicKey(), i2d_RSAPublicKey_bio(), i2d_RSAPublicKey_fp()
 
 See L</Deprecated low-level key reading and writing functions>
-and L<d2i_RSAPrivateKey(3)/Migration> 
+and L<d2i_RSAPrivateKey(3)/Migration>
 
 =item *
 
@@ -2201,7 +2201,7 @@ B<-provider_path> and B<-provider> are available to all apps and can be used
 multiple times to load any providers, such as the 'legacy' provider or third
 party providers. If used then the 'default' provider would also need to be
 specified if required. The B<-provider_path> must be specified before the
-B<-provider> option. 
+B<-provider> option.
 
 The B<list> app has many new options. See L<openssl-list(1)> for more
 information.
diff --git a/doc/man7/openssl-core.h.pod b/doc/man7/openssl-core.h.pod
index 03980a4b56..3d1eca3e64 100644
--- a/doc/man7/openssl-core.h.pod
+++ b/doc/man7/openssl-core.h.pod
@@ -67,7 +67,7 @@ or canonical name, on a per algorithm implementation basis.
 
 This type is a structure that allows passing arbitrary object data
 between two parties that have no or very little shared knowledge about
-their respective internal structures for that object. 
+their respective internal structures for that object.
 It's normally passed in arrays, where the array is terminated with an
 element where all fields are zero (for non-pointers) or NULL (for
 pointers).
diff --git a/doc/man7/openssl-glossary.pod b/doc/man7/openssl-glossary.pod
index 16ff2f3176..b112b375ac 100644
--- a/doc/man7/openssl-glossary.pod
+++ b/doc/man7/openssl-glossary.pod
@@ -132,7 +132,7 @@ L<OSSL_PROVIDER-null(7)>
 
 =item Operation
 
-An operation is a group of OpenSSL functions with a common purpose such as 
+An operation is a group of OpenSSL functions with a common purpose such as
 encryption, or digesting.
 
 L<crypto(7)>
diff --git a/doc/man7/property.pod b/doc/man7/property.pod
index 90368b1f8d..a75f262246 100644
--- a/doc/man7/property.pod
+++ b/doc/man7/property.pod
@@ -144,7 +144,7 @@ setting.
 
 The lexical syntax in EBNF is given by:
 
- Definition     ::= PropertyName ( '=' Value )? 
+ Definition     ::= PropertyName ( '=' Value )?
                         ( ',' PropertyName ( '=' Value )? )*
  Query          ::= PropertyQuery ( ',' PropertyQuery )*
  PropertyQuery  ::= '-' PropertyName
diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod
index ac197accca..d1e26baa11 100644
--- a/doc/man7/provider-base.pod
+++ b/doc/man7/provider-base.pod
@@ -443,7 +443,7 @@ different for any third party provider.
 This returns 0 if the provider has entered an error state, otherwise it returns
 1.
 
-=back 
+=back
 
 provider_gettable_params() should return the above parameters.
 
diff --git a/doc/man7/provider-keyexch.pod b/doc/man7/provider-keyexch.pod
index ebfcd85153..f85f3cac50 100644
--- a/doc/man7/provider-keyexch.pod
+++ b/doc/man7/provider-keyexch.pod
@@ -43,7 +43,7 @@ This documentation is primarily aimed at provider authors. See L<provider(7)>
 for further information.
 
 The key exchange (OSSL_OP_KEYEXCH) operation enables providers to implement key
-exchange algorithms and make them available to applications via 
+exchange algorithms and make them available to applications via
 L<EVP_PKEY_derive(3)> and
 other related functions).
 
diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod
index 25b822b47d..b0397b4103 100644
--- a/doc/man7/provider-keymgmt.pod
+++ b/doc/man7/provider-keymgmt.pod
@@ -237,7 +237,7 @@ OSSL_FUNC_keymgmt_gen_set_params() should set additional parameters from
 I<params> in the key object generation context I<genctx>.
 
 OSSL_FUNC_keymgmt_gen_settable_params() should return a constant array of
-descriptor B<OSSL_PARAM>, for parameters that OSSL_FUNC_keymgmt_gen_set_params() 
+descriptor B<OSSL_PARAM>, for parameters that OSSL_FUNC_keymgmt_gen_set_params()
 can handle.
 
 OSSL_FUNC_keymgmt_gen() should perform the key object generation itself, and
@@ -255,7 +255,7 @@ Outside the provider, this reference is simply an array of bytes.
 
 At least one of OSSL_FUNC_keymgmt_new(), OSSL_FUNC_keymgmt_gen() and
 OSSL_FUNC_keymgmt_load() are mandatory, as well as OSSL_FUNC_keymgmt_free() and
-OSSL_FUNC_keymgmt_has(). Additionally, if OSSL_FUNC_keymgmt_gen() is present, 
+OSSL_FUNC_keymgmt_has(). Additionally, if OSSL_FUNC_keymgmt_gen() is present,
 OSSL_FUNC_keymgmt_gen_init() and OSSL_FUNC_keymgmt_gen_cleanup() must be
 present as well.
 
diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod
index 9cb3a620c3..a299d43cc5 100644
--- a/doc/man7/provider-signature.pod
+++ b/doc/man7/provider-signature.pod
@@ -371,7 +371,7 @@ Sets a flag to modify the sign operation to return an error if the initial
 calculated signature is invalid.
 In the normal mode of operation - new random values are chosen until the
 signature operation succeeds.
-By default it retries until a signature is calculated. 
+By default it retries until a signature is calculated.
 Setting the value to 0 causes the sign operation to retry,
 otherwise the sign operation is only tried once and returns whether or not it
 was successful.
diff --git a/doc/man7/proxy-certificates.pod b/doc/man7/proxy-certificates.pod
index 395fab86e5..89cd3eea80 100644
--- a/doc/man7/proxy-certificates.pod
+++ b/doc/man7/proxy-certificates.pod
@@ -215,7 +215,7 @@ The following skeleton code can be used as a starting point:
              * bottom.  You get the CA root first, followed by the
              * possible chain of intermediate CAs, followed by the EE
              * certificate, followed by the possible proxy
-             * certificates. 
+             * certificates.
              */
             X509 *xs = X509_STORE_CTX_get_current_cert(ctx);
 
@@ -234,7 +234,7 @@ The following skeleton code can be used as a starting point:
                      * by pulling them from some database.  If there
                      * are none to be found, clear all rights (making
                      * this and any subsequent proxy certificate void
-                     * of any rights). 
+                     * of any rights).
                      */
                     memset(rights->rights, 0, sizeof(rights->rights));
                     break;