From ae5c8664e587f2445c8e4eb436cffbb64af4f6b8 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 22 Jan 2015 03:29:12 +0000
Subject: Run util/openssl-format-source -v -c .

Reviewed-by: Tim Hudson <tjh@openssl.org>
---
 crypto/ecdh/ecdh.h     |  68 ++--
 crypto/ecdh/ecdhtest.c | 851 +++++++++++++++++++++++++------------------------
 crypto/ecdh/ech_err.c  |  50 ++-
 crypto/ecdh/ech_kdf.c  | 105 +++---
 crypto/ecdh/ech_key.c  |  15 +-
 crypto/ecdh/ech_lib.c  | 268 ++++++++--------
 crypto/ecdh/ech_locl.h |  58 ++--
 crypto/ecdh/ech_ossl.c | 250 +++++++--------
 8 files changed, 840 insertions(+), 825 deletions(-)

(limited to 'crypto/ecdh')

diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h
index 6d792180d6..25348b30fe 100644
--- a/crypto/ecdh/ecdh.h
+++ b/crypto/ecdh/ecdh.h
@@ -21,7 +21,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -67,48 +67,50 @@
  *
  */
 #ifndef HEADER_ECDH_H
-#define HEADER_ECDH_H
+# define HEADER_ECDH_H
 
-#include <openssl/opensslconf.h>
+# include <openssl/opensslconf.h>
 
-#ifdef OPENSSL_NO_ECDH
-#error ECDH is disabled.
-#endif
+# ifdef OPENSSL_NO_ECDH
+#  error ECDH is disabled.
+# endif
 
-#include <openssl/ec.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
+# include <openssl/ec.h>
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
-#define EC_FLAG_COFACTOR_ECDH	0x1000
+# define EC_FLAG_COFACTOR_ECDH   0x1000
 
 const ECDH_METHOD *ECDH_OpenSSL(void);
 
-void	  ECDH_set_default_method(const ECDH_METHOD *);
+void ECDH_set_default_method(const ECDH_METHOD *);
 const ECDH_METHOD *ECDH_get_default_method(void);
-int 	  ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
-
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-                     void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
 
-int 	  ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
-		*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int 	  ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
-void 	  *ECDH_get_ex_data(EC_KEY *d, int idx);
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                     EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
+                                                 void *out, size_t *outlen));
 
-int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, 
-		const unsigned char *Z, size_t Zlen,
-		const unsigned char *sinfo, size_t sinfolen,
-		const EVP_MD *md);
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+                          *new_func, CRYPTO_EX_dup *dup_func,
+                          CRYPTO_EX_free *free_func);
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDH_get_ex_data(EC_KEY *d, int idx);
 
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+                   const unsigned char *Z, size_t Zlen,
+                   const unsigned char *sinfo, size_t sinfolen,
+                   const EVP_MD *md);
 
 /* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
 void ERR_load_ECDH_strings(void);
@@ -116,15 +118,15 @@ void ERR_load_ECDH_strings(void);
 /* Error codes for the ECDH functions. */
 
 /* Function codes. */
-#define ECDH_F_ECDH_CHECK				 102
-#define ECDH_F_ECDH_COMPUTE_KEY				 100
-#define ECDH_F_ECDH_DATA_NEW_METHOD			 101
+# define ECDH_F_ECDH_CHECK                                102
+# define ECDH_F_ECDH_COMPUTE_KEY                          100
+# define ECDH_F_ECDH_DATA_NEW_METHOD                      101
 
 /* Reason codes. */
-#define ECDH_R_KDF_FAILED				 102
-#define ECDH_R_NON_FIPS_METHOD				 103
-#define ECDH_R_NO_PRIVATE_VALUE				 100
-#define ECDH_R_POINT_ARITHMETIC_FAILURE			 101
+# define ECDH_R_KDF_FAILED                                102
+# define ECDH_R_NON_FIPS_METHOD                           103
+# define ECDH_R_NO_PRIVATE_VALUE                          100
+# define ECDH_R_POINT_ARITHMETIC_FAILURE                  101
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
index 4b861fef61..2fe2c66443 100644
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -21,7 +21,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -73,7 +73,7 @@
 
 #include "../e_os.h"
 
-#include <openssl/opensslconf.h>	/* for OPENSSL_NO_ECDH */
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */
 #include <openssl/crypto.h>
 #include <openssl/bio.h>
 #include <openssl/bn.h>
@@ -86,460 +86,495 @@
 int main(int argc, char *argv[])
 {
     printf("No ECDH support\n");
-    return(0);
+    return (0);
 }
 #else
-#include <openssl/ec.h>
-#include <openssl/ecdh.h>
+# include <openssl/ec.h>
+# include <openssl/ecdh.h>
 
-#ifdef OPENSSL_SYS_WIN16
-#define MS_CALLBACK	_far _loadds
-#else
-#define MS_CALLBACK
-#endif
+# ifdef OPENSSL_SYS_WIN16
+#  define MS_CALLBACK     _far _loadds
+# else
+#  define MS_CALLBACK
+# endif
 
-#if 0
+# if 0
 static void MS_CALLBACK cb(int p, int n, void *arg);
-#endif
-
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+# endif
 
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
 
 static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
-	{
-#ifndef OPENSSL_NO_SHA
-	if (*outlen < SHA_DIGEST_LENGTH)
-		return NULL;
-	else
-		*outlen = SHA_DIGEST_LENGTH;
-	return SHA1(in, inlen, out);
-#else
-	return NULL;
-#endif
-	}
-
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
+                       size_t *outlen)
+{
+# ifndef OPENSSL_NO_SHA
+    if (*outlen < SHA_DIGEST_LENGTH)
+        return NULL;
+    else
+        *outlen = SHA_DIGEST_LENGTH;
+    return SHA1(in, inlen, out);
+# else
+    return NULL;
+# endif
+}
 
 static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
-	{
-	EC_KEY *a=NULL;
-	EC_KEY *b=NULL;
-	BIGNUM *x_a=NULL, *y_a=NULL,
-	       *x_b=NULL, *y_b=NULL;
-	char buf[12];
-	unsigned char *abuf=NULL,*bbuf=NULL;
-	int i,alen,blen,aout,bout,ret=0;
-	const EC_GROUP *group;
-
-	a = EC_KEY_new_by_curve_name(nid);
-	b = EC_KEY_new_by_curve_name(nid);
-	if (a == NULL || b == NULL)
-		goto err;
-
-	group = EC_KEY_get0_group(a);
-
-	if ((x_a=BN_new()) == NULL) goto err;
-	if ((y_a=BN_new()) == NULL) goto err;
-	if ((x_b=BN_new()) == NULL) goto err;
-	if ((y_b=BN_new()) == NULL) goto err;
-
-	BIO_puts(out,"Testing key generation with ");
-	BIO_puts(out,text);
-#ifdef NOISY
-	BIO_puts(out,"\n");
-#else
-	(void)BIO_flush(out);
-#endif
-
-	if (!EC_KEY_generate_key(a)) goto err;
-	
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
-		{
-		if (!EC_POINT_get_affine_coordinates_GFp(group,
-			EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
-		}
-#ifndef OPENSSL_NO_EC2M
-	else
-		{
-		if (!EC_POINT_get_affine_coordinates_GF2m(group,
-			EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
-		}
-#endif
-#ifdef NOISY
-	BIO_puts(out,"  pri 1=");
-	BN_print(out,a->priv_key);
-	BIO_puts(out,"\n  pub 1=");
-	BN_print(out,x_a);
-	BIO_puts(out,",");
-	BN_print(out,y_a);
-	BIO_puts(out,"\n");
-#else
-	BIO_printf(out," .");
-	(void)BIO_flush(out);
-#endif
-
-	if (!EC_KEY_generate_key(b)) goto err;
-
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
-		{
-		if (!EC_POINT_get_affine_coordinates_GFp(group, 
-			EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
-		}
-#ifndef OPENSSL_NO_EC2M
-	else
-		{
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, 
-			EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
-		}
-#endif
-
-#ifdef NOISY
-	BIO_puts(out,"  pri 2=");
-	BN_print(out,b->priv_key);
-	BIO_puts(out,"\n  pub 2=");
-	BN_print(out,x_b);
-	BIO_puts(out,",");
-	BN_print(out,y_b);
-	BIO_puts(out,"\n");
-#else
-	BIO_printf(out,".");
-	(void)BIO_flush(out);
-#endif
-
-	alen=KDF1_SHA1_len;
-	abuf=(unsigned char *)OPENSSL_malloc(alen);
-	aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1);
-
-#ifdef NOISY
-	BIO_puts(out,"  key1 =");
-	for (i=0; i<aout; i++)
-		{
-		sprintf(buf,"%02X",abuf[i]);
-		BIO_puts(out,buf);
-		}
-	BIO_puts(out,"\n");
-#else
-	BIO_printf(out,".");
-	(void)BIO_flush(out);
-#endif
-
-	blen=KDF1_SHA1_len;
-	bbuf=(unsigned char *)OPENSSL_malloc(blen);
-	bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1);
-
-#ifdef NOISY
-	BIO_puts(out,"  key2 =");
-	for (i=0; i<bout; i++)
-		{
-		sprintf(buf,"%02X",bbuf[i]);
-		BIO_puts(out,buf);
-		}
-	BIO_puts(out,"\n");
-#else
-	BIO_printf(out,".");
-	(void)BIO_flush(out);
-#endif
-
-	if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
-		{
-#ifndef NOISY
-		BIO_printf(out, " failed\n\n");
-		BIO_printf(out, "key a:\n");
-		BIO_printf(out, "private key: ");
-		BN_print(out, EC_KEY_get0_private_key(a));
-		BIO_printf(out, "\n");
-		BIO_printf(out, "public key (x,y): ");
-		BN_print(out, x_a);
-		BIO_printf(out, ",");
-		BN_print(out, y_a);
-		BIO_printf(out, "\nkey b:\n");
-		BIO_printf(out, "private key: ");
-		BN_print(out, EC_KEY_get0_private_key(b));
-		BIO_printf(out, "\n");
-		BIO_printf(out, "public key (x,y): ");
-		BN_print(out, x_b);
-		BIO_printf(out, ",");
-		BN_print(out, y_b);
-		BIO_printf(out, "\n");
-		BIO_printf(out, "generated key a: ");
-		for (i=0; i<bout; i++)
-			{
-			sprintf(buf, "%02X", bbuf[i]);
-			BIO_puts(out, buf);
-			}
-		BIO_printf(out, "\n");
-		BIO_printf(out, "generated key b: ");
-		for (i=0; i<aout; i++)
-			{
-			sprintf(buf, "%02X", abuf[i]);
-			BIO_puts(out,buf);
-			}
-		BIO_printf(out, "\n");
-#endif
-		fprintf(stderr,"Error in ECDH routines\n");
-		ret=0;
-		}
-	else
-		{
-#ifndef NOISY
-		BIO_printf(out, " ok\n");
-#endif
-		ret=1;
-		}
-err:
-	ERR_print_errors_fp(stderr);
-
-	if (abuf != NULL) OPENSSL_free(abuf);
-	if (bbuf != NULL) OPENSSL_free(bbuf);
-	if (x_a) BN_free(x_a);
-	if (y_a) BN_free(y_a);
-	if (x_b) BN_free(x_b);
-	if (y_b) BN_free(y_b);
-	if (b) EC_KEY_free(b);
-	if (a) EC_KEY_free(a);
-	return(ret);
-	}
+{
+    EC_KEY *a = NULL;
+    EC_KEY *b = NULL;
+    BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL;
+    char buf[12];
+    unsigned char *abuf = NULL, *bbuf = NULL;
+    int i, alen, blen, aout, bout, ret = 0;
+    const EC_GROUP *group;
+
+    a = EC_KEY_new_by_curve_name(nid);
+    b = EC_KEY_new_by_curve_name(nid);
+    if (a == NULL || b == NULL)
+        goto err;
+
+    group = EC_KEY_get0_group(a);
+
+    if ((x_a = BN_new()) == NULL)
+        goto err;
+    if ((y_a = BN_new()) == NULL)
+        goto err;
+    if ((x_b = BN_new()) == NULL)
+        goto err;
+    if ((y_b = BN_new()) == NULL)
+        goto err;
+
+    BIO_puts(out, "Testing key generation with ");
+    BIO_puts(out, text);
+# ifdef NOISY
+    BIO_puts(out, "\n");
+# else
+    (void)BIO_flush(out);
+# endif
+
+    if (!EC_KEY_generate_key(a))
+        goto err;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp
+            (group, EC_KEY_get0_public_key(a), x_a, y_a, ctx))
+            goto err;
+    }
+# ifndef OPENSSL_NO_EC2M
+    else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group,
+                                                  EC_KEY_get0_public_key(a),
+                                                  x_a, y_a, ctx))
+            goto err;
+    }
+# endif
+# ifdef NOISY
+    BIO_puts(out, "  pri 1=");
+    BN_print(out, a->priv_key);
+    BIO_puts(out, "\n  pub 1=");
+    BN_print(out, x_a);
+    BIO_puts(out, ",");
+    BN_print(out, y_a);
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, " .");
+    (void)BIO_flush(out);
+# endif
+
+    if (!EC_KEY_generate_key(b))
+        goto err;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp
+            (group, EC_KEY_get0_public_key(b), x_b, y_b, ctx))
+            goto err;
+    }
+# ifndef OPENSSL_NO_EC2M
+    else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group,
+                                                  EC_KEY_get0_public_key(b),
+                                                  x_b, y_b, ctx))
+            goto err;
+    }
+# endif
+
+# ifdef NOISY
+    BIO_puts(out, "  pri 2=");
+    BN_print(out, b->priv_key);
+    BIO_puts(out, "\n  pub 2=");
+    BN_print(out, x_b);
+    BIO_puts(out, ",");
+    BN_print(out, y_b);
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+# endif
+
+    alen = KDF1_SHA1_len;
+    abuf = (unsigned char *)OPENSSL_malloc(alen);
+    aout =
+        ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1);
+
+# ifdef NOISY
+    BIO_puts(out, "  key1 =");
+    for (i = 0; i < aout; i++) {
+        sprintf(buf, "%02X", abuf[i]);
+        BIO_puts(out, buf);
+    }
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+# endif
+
+    blen = KDF1_SHA1_len;
+    bbuf = (unsigned char *)OPENSSL_malloc(blen);
+    bout =
+        ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(a), b, KDF1_SHA1);
+
+# ifdef NOISY
+    BIO_puts(out, "  key2 =");
+    for (i = 0; i < bout; i++) {
+        sprintf(buf, "%02X", bbuf[i]);
+        BIO_puts(out, buf);
+    }
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+# endif
+
+    if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
+# ifndef NOISY
+        BIO_printf(out, " failed\n\n");
+        BIO_printf(out, "key a:\n");
+        BIO_printf(out, "private key: ");
+        BN_print(out, EC_KEY_get0_private_key(a));
+        BIO_printf(out, "\n");
+        BIO_printf(out, "public key (x,y): ");
+        BN_print(out, x_a);
+        BIO_printf(out, ",");
+        BN_print(out, y_a);
+        BIO_printf(out, "\nkey b:\n");
+        BIO_printf(out, "private key: ");
+        BN_print(out, EC_KEY_get0_private_key(b));
+        BIO_printf(out, "\n");
+        BIO_printf(out, "public key (x,y): ");
+        BN_print(out, x_b);
+        BIO_printf(out, ",");
+        BN_print(out, y_b);
+        BIO_printf(out, "\n");
+        BIO_printf(out, "generated key a: ");
+        for (i = 0; i < bout; i++) {
+            sprintf(buf, "%02X", bbuf[i]);
+            BIO_puts(out, buf);
+        }
+        BIO_printf(out, "\n");
+        BIO_printf(out, "generated key b: ");
+        for (i = 0; i < aout; i++) {
+            sprintf(buf, "%02X", abuf[i]);
+            BIO_puts(out, buf);
+        }
+        BIO_printf(out, "\n");
+# endif
+        fprintf(stderr, "Error in ECDH routines\n");
+        ret = 0;
+    } else {
+# ifndef NOISY
+        BIO_printf(out, " ok\n");
+# endif
+        ret = 1;
+    }
+ err:
+    ERR_print_errors_fp(stderr);
+
+    if (abuf != NULL)
+        OPENSSL_free(abuf);
+    if (bbuf != NULL)
+        OPENSSL_free(bbuf);
+    if (x_a)
+        BN_free(x_a);
+    if (y_a)
+        BN_free(y_a);
+    if (x_b)
+        BN_free(x_b);
+    if (y_b)
+        BN_free(y_b);
+    if (b)
+        EC_KEY_free(b);
+    if (a)
+        EC_KEY_free(a);
+    return (ret);
+}
 
 /* Keys and shared secrets from RFC 7027 */
 
 static const unsigned char bp256_da[] = {
-	0x81,0xDB,0x1E,0xE1,0x00,0x15,0x0F,0xF2,0xEA,0x33,0x8D,0x70,
-	0x82,0x71,0xBE,0x38,0x30,0x0C,0xB5,0x42,0x41,0xD7,0x99,0x50,
-	0xF7,0x7B,0x06,0x30,0x39,0x80,0x4F,0x1D
+    0x81, 0xDB, 0x1E, 0xE1, 0x00, 0x15, 0x0F, 0xF2, 0xEA, 0x33, 0x8D, 0x70,
+    0x82, 0x71, 0xBE, 0x38, 0x30, 0x0C, 0xB5, 0x42, 0x41, 0xD7, 0x99, 0x50,
+    0xF7, 0x7B, 0x06, 0x30, 0x39, 0x80, 0x4F, 0x1D
 };
 
 static const unsigned char bp256_db[] = {
-	0x55,0xE4,0x0B,0xC4,0x1E,0x37,0xE3,0xE2,0xAD,0x25,0xC3,0xC6,
-	0x65,0x45,0x11,0xFF,0xA8,0x47,0x4A,0x91,0xA0,0x03,0x20,0x87,
-	0x59,0x38,0x52,0xD3,0xE7,0xD7,0x6B,0xD3
+    0x55, 0xE4, 0x0B, 0xC4, 0x1E, 0x37, 0xE3, 0xE2, 0xAD, 0x25, 0xC3, 0xC6,
+    0x65, 0x45, 0x11, 0xFF, 0xA8, 0x47, 0x4A, 0x91, 0xA0, 0x03, 0x20, 0x87,
+    0x59, 0x38, 0x52, 0xD3, 0xE7, 0xD7, 0x6B, 0xD3
 };
 
 static const unsigned char bp256_Z[] = {
-	0x89,0xAF,0xC3,0x9D,0x41,0xD3,0xB3,0x27,0x81,0x4B,0x80,0x94,
-	0x0B,0x04,0x25,0x90,0xF9,0x65,0x56,0xEC,0x91,0xE6,0xAE,0x79,
-	0x39,0xBC,0xE3,0x1F,0x3A,0x18,0xBF,0x2B
+    0x89, 0xAF, 0xC3, 0x9D, 0x41, 0xD3, 0xB3, 0x27, 0x81, 0x4B, 0x80, 0x94,
+    0x0B, 0x04, 0x25, 0x90, 0xF9, 0x65, 0x56, 0xEC, 0x91, 0xE6, 0xAE, 0x79,
+    0x39, 0xBC, 0xE3, 0x1F, 0x3A, 0x18, 0xBF, 0x2B
 };
 
 static const unsigned char bp384_da[] = {
-	0x1E,0x20,0xF5,0xE0,0x48,0xA5,0x88,0x6F,0x1F,0x15,0x7C,0x74,
-	0xE9,0x1B,0xDE,0x2B,0x98,0xC8,0xB5,0x2D,0x58,0xE5,0x00,0x3D,
-	0x57,0x05,0x3F,0xC4,0xB0,0xBD,0x65,0xD6,0xF1,0x5E,0xB5,0xD1,
-	0xEE,0x16,0x10,0xDF,0x87,0x07,0x95,0x14,0x36,0x27,0xD0,0x42
+    0x1E, 0x20, 0xF5, 0xE0, 0x48, 0xA5, 0x88, 0x6F, 0x1F, 0x15, 0x7C, 0x74,
+    0xE9, 0x1B, 0xDE, 0x2B, 0x98, 0xC8, 0xB5, 0x2D, 0x58, 0xE5, 0x00, 0x3D,
+    0x57, 0x05, 0x3F, 0xC4, 0xB0, 0xBD, 0x65, 0xD6, 0xF1, 0x5E, 0xB5, 0xD1,
+    0xEE, 0x16, 0x10, 0xDF, 0x87, 0x07, 0x95, 0x14, 0x36, 0x27, 0xD0, 0x42
 };
 
 static const unsigned char bp384_db[] = {
-	0x03,0x26,0x40,0xBC,0x60,0x03,0xC5,0x92,0x60,0xF7,0x25,0x0C,
-	0x3D,0xB5,0x8C,0xE6,0x47,0xF9,0x8E,0x12,0x60,0xAC,0xCE,0x4A,
-	0xCD,0xA3,0xDD,0x86,0x9F,0x74,0xE0,0x1F,0x8B,0xA5,0xE0,0x32,
-	0x43,0x09,0xDB,0x6A,0x98,0x31,0x49,0x7A,0xBA,0xC9,0x66,0x70
+    0x03, 0x26, 0x40, 0xBC, 0x60, 0x03, 0xC5, 0x92, 0x60, 0xF7, 0x25, 0x0C,
+    0x3D, 0xB5, 0x8C, 0xE6, 0x47, 0xF9, 0x8E, 0x12, 0x60, 0xAC, 0xCE, 0x4A,
+    0xCD, 0xA3, 0xDD, 0x86, 0x9F, 0x74, 0xE0, 0x1F, 0x8B, 0xA5, 0xE0, 0x32,
+    0x43, 0x09, 0xDB, 0x6A, 0x98, 0x31, 0x49, 0x7A, 0xBA, 0xC9, 0x66, 0x70
 };
 
 static const unsigned char bp384_Z[] = {
-	0x0B,0xD9,0xD3,0xA7,0xEA,0x0B,0x3D,0x51,0x9D,0x09,0xD8,0xE4,
-	0x8D,0x07,0x85,0xFB,0x74,0x4A,0x6B,0x35,0x5E,0x63,0x04,0xBC,
-	0x51,0xC2,0x29,0xFB,0xBC,0xE2,0x39,0xBB,0xAD,0xF6,0x40,0x37,
-	0x15,0xC3,0x5D,0x4F,0xB2,0xA5,0x44,0x4F,0x57,0x5D,0x4F,0x42
+    0x0B, 0xD9, 0xD3, 0xA7, 0xEA, 0x0B, 0x3D, 0x51, 0x9D, 0x09, 0xD8, 0xE4,
+    0x8D, 0x07, 0x85, 0xFB, 0x74, 0x4A, 0x6B, 0x35, 0x5E, 0x63, 0x04, 0xBC,
+    0x51, 0xC2, 0x29, 0xFB, 0xBC, 0xE2, 0x39, 0xBB, 0xAD, 0xF6, 0x40, 0x37,
+    0x15, 0xC3, 0x5D, 0x4F, 0xB2, 0xA5, 0x44, 0x4F, 0x57, 0x5D, 0x4F, 0x42
 };
 
 static const unsigned char bp512_da[] = {
-	0x16,0x30,0x2F,0xF0,0xDB,0xBB,0x5A,0x8D,0x73,0x3D,0xAB,0x71,
-	0x41,0xC1,0xB4,0x5A,0xCB,0xC8,0x71,0x59,0x39,0x67,0x7F,0x6A,
-	0x56,0x85,0x0A,0x38,0xBD,0x87,0xBD,0x59,0xB0,0x9E,0x80,0x27,
-	0x96,0x09,0xFF,0x33,0x3E,0xB9,0xD4,0xC0,0x61,0x23,0x1F,0xB2,
-	0x6F,0x92,0xEE,0xB0,0x49,0x82,0xA5,0xF1,0xD1,0x76,0x4C,0xAD,
-	0x57,0x66,0x54,0x22
+    0x16, 0x30, 0x2F, 0xF0, 0xDB, 0xBB, 0x5A, 0x8D, 0x73, 0x3D, 0xAB, 0x71,
+    0x41, 0xC1, 0xB4, 0x5A, 0xCB, 0xC8, 0x71, 0x59, 0x39, 0x67, 0x7F, 0x6A,
+    0x56, 0x85, 0x0A, 0x38, 0xBD, 0x87, 0xBD, 0x59, 0xB0, 0x9E, 0x80, 0x27,
+    0x96, 0x09, 0xFF, 0x33, 0x3E, 0xB9, 0xD4, 0xC0, 0x61, 0x23, 0x1F, 0xB2,
+    0x6F, 0x92, 0xEE, 0xB0, 0x49, 0x82, 0xA5, 0xF1, 0xD1, 0x76, 0x4C, 0xAD,
+    0x57, 0x66, 0x54, 0x22
 };
 
 static const unsigned char bp512_db[] = {
-	0x23,0x0E,0x18,0xE1,0xBC,0xC8,0x8A,0x36,0x2F,0xA5,0x4E,0x4E,
-	0xA3,0x90,0x20,0x09,0x29,0x2F,0x7F,0x80,0x33,0x62,0x4F,0xD4,
-	0x71,0xB5,0xD8,0xAC,0xE4,0x9D,0x12,0xCF,0xAB,0xBC,0x19,0x96,
-	0x3D,0xAB,0x8E,0x2F,0x1E,0xBA,0x00,0xBF,0xFB,0x29,0xE4,0xD7,
-	0x2D,0x13,0xF2,0x22,0x45,0x62,0xF4,0x05,0xCB,0x80,0x50,0x36,
-	0x66,0xB2,0x54,0x29
+    0x23, 0x0E, 0x18, 0xE1, 0xBC, 0xC8, 0x8A, 0x36, 0x2F, 0xA5, 0x4E, 0x4E,
+    0xA3, 0x90, 0x20, 0x09, 0x29, 0x2F, 0x7F, 0x80, 0x33, 0x62, 0x4F, 0xD4,
+    0x71, 0xB5, 0xD8, 0xAC, 0xE4, 0x9D, 0x12, 0xCF, 0xAB, 0xBC, 0x19, 0x96,
+    0x3D, 0xAB, 0x8E, 0x2F, 0x1E, 0xBA, 0x00, 0xBF, 0xFB, 0x29, 0xE4, 0xD7,
+    0x2D, 0x13, 0xF2, 0x22, 0x45, 0x62, 0xF4, 0x05, 0xCB, 0x80, 0x50, 0x36,
+    0x66, 0xB2, 0x54, 0x29
 };
 
-
 static const unsigned char bp512_Z[] = {
-	0xA7,0x92,0x70,0x98,0x65,0x5F,0x1F,0x99,0x76,0xFA,0x50,0xA9,
-	0xD5,0x66,0x86,0x5D,0xC5,0x30,0x33,0x18,0x46,0x38,0x1C,0x87,
-	0x25,0x6B,0xAF,0x32,0x26,0x24,0x4B,0x76,0xD3,0x64,0x03,0xC0,
-	0x24,0xD7,0xBB,0xF0,0xAA,0x08,0x03,0xEA,0xFF,0x40,0x5D,0x3D,
-	0x24,0xF1,0x1A,0x9B,0x5C,0x0B,0xEF,0x67,0x9F,0xE1,0x45,0x4B,
-	0x21,0xC4,0xCD,0x1F
+    0xA7, 0x92, 0x70, 0x98, 0x65, 0x5F, 0x1F, 0x99, 0x76, 0xFA, 0x50, 0xA9,
+    0xD5, 0x66, 0x86, 0x5D, 0xC5, 0x30, 0x33, 0x18, 0x46, 0x38, 0x1C, 0x87,
+    0x25, 0x6B, 0xAF, 0x32, 0x26, 0x24, 0x4B, 0x76, 0xD3, 0x64, 0x03, 0xC0,
+    0x24, 0xD7, 0xBB, 0xF0, 0xAA, 0x08, 0x03, 0xEA, 0xFF, 0x40, 0x5D, 0x3D,
+    0x24, 0xF1, 0x1A, 0x9B, 0x5C, 0x0B, 0xEF, 0x67, 0x9F, 0xE1, 0x45, 0x4B,
+    0x21, 0xC4, 0xCD, 0x1F
 };
 
 /* Given private value and NID, create EC_KEY structure */
 
 static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen)
-	{
-	int ok = 0;
-	EC_KEY *k = NULL;
-	BIGNUM *priv = NULL;
-	EC_POINT *pub = NULL;
-	const EC_GROUP *grp;
-	k = EC_KEY_new_by_curve_name(nid);
-	if (!k)
-		goto err;
-	priv = BN_bin2bn(p, plen, NULL);
-	if (!priv)
-		goto err;
-	if (!EC_KEY_set_private_key(k, priv))
-		goto err;
-	grp = EC_KEY_get0_group(k);
-	pub = EC_POINT_new(grp);
-	if (!pub)
-		goto err;
-	if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))
-		goto err;
-	if (!EC_KEY_set_public_key(k, pub))
-		goto err;
-	ok = 1;
-	err:
-	if (priv)
-		BN_clear_free(priv);
-	if (pub)
-		EC_POINT_free(pub);
-	if (ok)
-		return k;
-	else if (k)
-		EC_KEY_free(k);
-	return NULL;
-	}
-
-/* Known answer test: compute shared secret and check it matches
- * expected value.
+{
+    int ok = 0;
+    EC_KEY *k = NULL;
+    BIGNUM *priv = NULL;
+    EC_POINT *pub = NULL;
+    const EC_GROUP *grp;
+    k = EC_KEY_new_by_curve_name(nid);
+    if (!k)
+        goto err;
+    priv = BN_bin2bn(p, plen, NULL);
+    if (!priv)
+        goto err;
+    if (!EC_KEY_set_private_key(k, priv))
+        goto err;
+    grp = EC_KEY_get0_group(k);
+    pub = EC_POINT_new(grp);
+    if (!pub)
+        goto err;
+    if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))
+        goto err;
+    if (!EC_KEY_set_public_key(k, pub))
+        goto err;
+    ok = 1;
+ err:
+    if (priv)
+        BN_clear_free(priv);
+    if (pub)
+        EC_POINT_free(pub);
+    if (ok)
+        return k;
+    else if (k)
+        EC_KEY_free(k);
+    return NULL;
+}
+
+/*
+ * Known answer test: compute shared secret and check it matches expected
+ * value.
  */
 
 static int ecdh_kat(BIO *out, const char *cname, int nid,
-		const unsigned char *k1, size_t k1_len,
-		const unsigned char *k2, size_t k2_len,
-		const unsigned char *Z, size_t Zlen)
-	{
-	int rv = 0;
-	EC_KEY *key1 = NULL, *key2 = NULL;
-	unsigned char *Ztmp = NULL;
-	size_t Ztmplen;
-	BIO_puts(out, "Testing ECDH shared secret with ");
-	BIO_puts(out, cname);
-	key1 = mk_eckey(nid, k1, k1_len);
-	key2 = mk_eckey(nid, k2, k2_len);
-	if (!key1 || !key2)
-		goto err;
-	Ztmplen = (EC_GROUP_get_degree(EC_KEY_get0_group(key1)) + 7)/8;
-	if (Ztmplen != Zlen)
-		goto err;
-	Ztmp = OPENSSL_malloc(Ztmplen);
-	if (!ECDH_compute_key(Ztmp, Ztmplen,
-				EC_KEY_get0_public_key(key2), key1, 0))
-		goto err;
-	if (memcmp(Ztmp, Z, Zlen))
-		goto err;
-	memset(Ztmp, 0, Zlen);
-	if (!ECDH_compute_key(Ztmp, Ztmplen,
-				EC_KEY_get0_public_key(key1), key2, 0))
-		goto err;
-	if (memcmp(Ztmp, Z, Zlen))
-		goto err;
-	rv = 1;
-	err:
-	if (key1)
-		EC_KEY_free(key1);
-	if (key2)
-		EC_KEY_free(key2);
-	if (Ztmp)
-		OPENSSL_free(Ztmp);
-	if (rv)
-		BIO_puts(out, " ok\n");
-	else
-		{
-		fprintf(stderr, "Error in ECDH routines\n");
-		ERR_print_errors_fp(stderr);
-		}
-	return rv;
-	}
-
-#define test_ecdh_kat(bio, curve, bits) \
-	ecdh_kat(bio, curve, NID_brainpoolP##bits##r1, \
-		bp##bits##_da, sizeof(bp##bits##_da), \
-		bp##bits##_db, sizeof(bp##bits##_db), \
-		bp##bits##_Z, sizeof(bp##bits##_Z))
-
-int main(int argc, char *argv[])
-	{
-	BN_CTX *ctx=NULL;
-	int ret=1;
-	BIO *out;
+                    const unsigned char *k1, size_t k1_len,
+                    const unsigned char *k2, size_t k2_len,
+                    const unsigned char *Z, size_t Zlen)
+{
+    int rv = 0;
+    EC_KEY *key1 = NULL, *key2 = NULL;
+    unsigned char *Ztmp = NULL;
+    size_t Ztmplen;
+    BIO_puts(out, "Testing ECDH shared secret with ");
+    BIO_puts(out, cname);
+    key1 = mk_eckey(nid, k1, k1_len);
+    key2 = mk_eckey(nid, k2, k2_len);
+    if (!key1 || !key2)
+        goto err;
+    Ztmplen = (EC_GROUP_get_degree(EC_KEY_get0_group(key1)) + 7) / 8;
+    if (Ztmplen != Zlen)
+        goto err;
+    Ztmp = OPENSSL_malloc(Ztmplen);
+    if (!ECDH_compute_key(Ztmp, Ztmplen,
+                          EC_KEY_get0_public_key(key2), key1, 0))
+        goto err;
+    if (memcmp(Ztmp, Z, Zlen))
+        goto err;
+    memset(Ztmp, 0, Zlen);
+    if (!ECDH_compute_key(Ztmp, Ztmplen,
+                          EC_KEY_get0_public_key(key1), key2, 0))
+        goto err;
+    if (memcmp(Ztmp, Z, Zlen))
+        goto err;
+    rv = 1;
+ err:
+    if (key1)
+        EC_KEY_free(key1);
+    if (key2)
+        EC_KEY_free(key2);
+    if (Ztmp)
+        OPENSSL_free(Ztmp);
+    if (rv)
+        BIO_puts(out, " ok\n");
+    else {
+        fprintf(stderr, "Error in ECDH routines\n");
+        ERR_print_errors_fp(stderr);
+    }
+    return rv;
+}
 
-	CRYPTO_malloc_debug_init();
-	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
-	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+# define test_ecdh_kat(bio, curve, bits) \
+        ecdh_kat(bio, curve, NID_brainpoolP##bits##r1, \
+                bp##bits##_da, sizeof(bp##bits##_da), \
+                bp##bits##_db, sizeof(bp##bits##_db), \
+                bp##bits##_Z, sizeof(bp##bits##_Z))
 
-#ifdef OPENSSL_SYS_WIN32
-	CRYPTO_malloc_init();
-#endif
+int main(int argc, char *argv[])
+{
+    BN_CTX *ctx = NULL;
+    int ret = 1;
+    BIO *out;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+# ifdef OPENSSL_SYS_WIN32
+    CRYPTO_malloc_init();
+# endif
+
+    RAND_seed(rnd_seed, sizeof rnd_seed);
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        EXIT(1);
+    BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    /* NIST PRIME CURVES TESTS */
+    if (!test_ecdh_curve
+        (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
+        goto err;
+    if (!test_ecdh_curve
+        (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
+        goto err;
+# ifndef OPENSSL_NO_EC2M
+    /* NIST BINARY CURVES TESTS */
+    if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
+        goto err;
+# endif
+    if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
+        goto err;
+    if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
+        goto err;
+    if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
+        goto err;
+
+    ret = 0;
+
+ err:
+    ERR_print_errors_fp(stderr);
+    if (ctx)
+        BN_CTX_free(ctx);
+    BIO_free(out);
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    CRYPTO_mem_leaks_fp(stderr);
+    EXIT(ret);
+    return (ret);
+}
 
-	RAND_seed(rnd_seed, sizeof rnd_seed);
-
-	out=BIO_new(BIO_s_file());
-	if (out == NULL) EXIT(1);
-	BIO_set_fp(out,stdout,BIO_NOCLOSE);
-
-	if ((ctx=BN_CTX_new()) == NULL) goto err;
-
-	/* NIST PRIME CURVES TESTS */
-	if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
-#ifndef OPENSSL_NO_EC2M
-	/* NIST BINARY CURVES TESTS */
-	if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) goto err;
-	if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) goto err;
-#endif
-	if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
-		goto err;
-	if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
-		goto err;
-	if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
-		goto err;
-
-	ret = 0;
-
-err:
-	ERR_print_errors_fp(stderr);
-	if (ctx) BN_CTX_free(ctx);
-	BIO_free(out);
-	CRYPTO_cleanup_all_ex_data();
-	ERR_remove_thread_state(NULL);
-	CRYPTO_mem_leaks_fp(stderr);
-	EXIT(ret);
-	return(ret);
-	}
-
-#if 0
+# if 0
 static void MS_CALLBACK cb(int p, int n, void *arg)
-	{
-	char c='*';
-
-	if (p == 0) c='.';
-	if (p == 1) c='+';
-	if (p == 2) c='*';
-	if (p == 3) c='\n';
-	BIO_write((BIO *)arg,&c,1);
-	(void)BIO_flush((BIO *)arg);
-#ifdef LINT
-	p=n;
-#endif
-	}
-#endif
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write((BIO *)arg, &c, 1);
+    (void)BIO_flush((BIO *)arg);
+#  ifdef LINT
+    p = n;
+#  endif
+}
+# endif
 #endif
diff --git a/crypto/ecdh/ech_err.c b/crypto/ecdh/ech_err.c
index 3bd247398d..af9f625b41 100644
--- a/crypto/ecdh/ech_err.c
+++ b/crypto/ecdh/ech_err.c
@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -53,7 +53,8 @@
  *
  */
 
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
  * made to it will be overwritten when the script next updates this file,
  * only reason strings will be preserved.
  */
@@ -65,36 +66,33 @@
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
 
-static ERR_STRING_DATA ECDH_str_functs[]=
-	{
-{ERR_FUNC(ECDH_F_ECDH_CHECK),	"ECDH_CHECK"},
-{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY),	"ECDH_compute_key"},
-{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD),	"ECDH_DATA_new_method"},
-{0,NULL}
-	};
+static ERR_STRING_DATA ECDH_str_functs[] = {
+    {ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"},
+    {ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
+    {ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
+    {0, NULL}
+};
 
-static ERR_STRING_DATA ECDH_str_reasons[]=
-	{
-{ERR_REASON(ECDH_R_KDF_FAILED)           ,"KDF failed"},
-{ERR_REASON(ECDH_R_NON_FIPS_METHOD)      ,"non fips method"},
-{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE)     ,"no private value"},
-{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE),"point arithmetic failure"},
-{0,NULL}
-	};
+static ERR_STRING_DATA ECDH_str_reasons[] = {
+    {ERR_REASON(ECDH_R_KDF_FAILED), "KDF failed"},
+    {ERR_REASON(ECDH_R_NON_FIPS_METHOD), "non fips method"},
+    {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE), "no private value"},
+    {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
+    {0, NULL}
+};
 
 #endif
 
 void ERR_load_ECDH_strings(void)
-	{
+{
 #ifndef OPENSSL_NO_ERR
 
-	if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL)
-		{
-		ERR_load_strings(0,ECDH_str_functs);
-		ERR_load_strings(0,ECDH_str_reasons);
-		}
+    if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, ECDH_str_functs);
+        ERR_load_strings(0, ECDH_str_reasons);
+    }
 #endif
-	}
+}
diff --git a/crypto/ecdh/ech_kdf.c b/crypto/ecdh/ech_kdf.c
index 54caee56d7..ac722ac9ee 100644
--- a/crypto/ecdh/ech_kdf.c
+++ b/crypto/ecdh/ech_kdf.c
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -57,60 +57,55 @@
 #include <openssl/ecdh.h>
 #include <openssl/evp.h>
 
-
 /* Key derivation function from X9.62/SECG */
 /* Way more than we will ever need */
-#define ECDH_KDF_MAX	(1 << 30)
+#define ECDH_KDF_MAX    (1 << 30)
 
-int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, 
-		const unsigned char *Z, size_t Zlen,
-		const unsigned char *sinfo, size_t sinfolen,
-		const EVP_MD *md)
-	{
-	EVP_MD_CTX mctx;
-	int rv = 0;
-	unsigned int i;
-	size_t mdlen;
-	unsigned char ctr[4];
-	if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX || Zlen > ECDH_KDF_MAX)
-		return 0;
-	mdlen = EVP_MD_size(md);
-	EVP_MD_CTX_init(&mctx);
-	for (i = 1;;i++)
-		{
-		unsigned char mtmp[EVP_MAX_MD_SIZE];
-		EVP_DigestInit_ex(&mctx, md, NULL);
-		ctr[3] = i & 0xFF;
-		ctr[2] = (i >> 8) & 0xFF;
-		ctr[1] = (i >> 16) & 0xFF;
-		ctr[0] = (i >> 24) & 0xFF;
-		if (!EVP_DigestUpdate(&mctx, Z, Zlen))
-			goto err;
-		if (!EVP_DigestUpdate(&mctx, ctr, sizeof(ctr)))
-			goto err;
-		if (!EVP_DigestUpdate(&mctx, sinfo, sinfolen))
-			goto err;
-		if (outlen >= mdlen)
-			{
-			if (!EVP_DigestFinal(&mctx, out, NULL))
-				goto err;
-			outlen -= mdlen;
-			if (outlen == 0)
-				break;
-			out += mdlen;
-			}
-		else
-			{
-			if (!EVP_DigestFinal(&mctx, mtmp, NULL))
-				goto err;
-			memcpy(out, mtmp, outlen);
-			OPENSSL_cleanse(mtmp, mdlen);
-			break;
-			}
-		}
-	rv = 1;
-	err:
-	EVP_MD_CTX_cleanup(&mctx);
-	return rv;
-	}
-	
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+                   const unsigned char *Z, size_t Zlen,
+                   const unsigned char *sinfo, size_t sinfolen,
+                   const EVP_MD *md)
+{
+    EVP_MD_CTX mctx;
+    int rv = 0;
+    unsigned int i;
+    size_t mdlen;
+    unsigned char ctr[4];
+    if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX
+        || Zlen > ECDH_KDF_MAX)
+        return 0;
+    mdlen = EVP_MD_size(md);
+    EVP_MD_CTX_init(&mctx);
+    for (i = 1;; i++) {
+        unsigned char mtmp[EVP_MAX_MD_SIZE];
+        EVP_DigestInit_ex(&mctx, md, NULL);
+        ctr[3] = i & 0xFF;
+        ctr[2] = (i >> 8) & 0xFF;
+        ctr[1] = (i >> 16) & 0xFF;
+        ctr[0] = (i >> 24) & 0xFF;
+        if (!EVP_DigestUpdate(&mctx, Z, Zlen))
+            goto err;
+        if (!EVP_DigestUpdate(&mctx, ctr, sizeof(ctr)))
+            goto err;
+        if (!EVP_DigestUpdate(&mctx, sinfo, sinfolen))
+            goto err;
+        if (outlen >= mdlen) {
+            if (!EVP_DigestFinal(&mctx, out, NULL))
+                goto err;
+            outlen -= mdlen;
+            if (outlen == 0)
+                break;
+            out += mdlen;
+        } else {
+            if (!EVP_DigestFinal(&mctx, mtmp, NULL))
+                goto err;
+            memcpy(out, mtmp, outlen);
+            OPENSSL_cleanse(mtmp, mdlen);
+            break;
+        }
+    }
+    rv = 1;
+ err:
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv;
+}
diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c
index 2988899ea2..4f14498962 100644
--- a/crypto/ecdh/ech_key.c
+++ b/crypto/ecdh/ech_key.c
@@ -21,7 +21,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -70,11 +70,12 @@
 #include "ech_locl.h"
 
 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-	EC_KEY *eckey,
-	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
+                     EC_KEY *eckey,
+                     void *(*KDF) (const void *in, size_t inlen, void *out,
+                                   size_t *outlen))
 {
-	ECDH_DATA *ecdh = ecdh_check(eckey);
-	if (ecdh == NULL)
-		return 0;
-	return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
+    ECDH_DATA *ecdh = ecdh_check(eckey);
+    if (ecdh == NULL)
+        return 0;
+    return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
 }
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c
index 0644431b75..cbc21d1a27 100644
--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@@ -21,7 +21,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -70,204 +70,196 @@
 #include "ech_locl.h"
 #include <string.h>
 #ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
+# include <openssl/engine.h>
 #endif
 #include <openssl/err.h>
 #ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
+# include <openssl/fips.h>
 #endif
 
-const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT;
+const char ECDH_version[] = "ECDH" OPENSSL_VERSION_PTEXT;
 
 static const ECDH_METHOD *default_ECDH_method = NULL;
 
 static void *ecdh_data_new(void);
 static void *ecdh_data_dup(void *);
-static void  ecdh_data_free(void *);
+static void ecdh_data_free(void *);
 
 void ECDH_set_default_method(const ECDH_METHOD *meth)
-	{
-	default_ECDH_method = meth;
-	}
+{
+    default_ECDH_method = meth;
+}
 
 const ECDH_METHOD *ECDH_get_default_method(void)
-	{
-	if(!default_ECDH_method) 
-		{
+{
+    if (!default_ECDH_method) {
 #ifdef OPENSSL_FIPS
-		if (FIPS_mode())
-			return FIPS_ecdh_openssl();
-		else
-			return ECDH_OpenSSL();
+        if (FIPS_mode())
+            return FIPS_ecdh_openssl();
+        else
+            return ECDH_OpenSSL();
 #else
-		default_ECDH_method = ECDH_OpenSSL();
+        default_ECDH_method = ECDH_OpenSSL();
 #endif
-		}
-	return default_ECDH_method;
-	}
+    }
+    return default_ECDH_method;
+}
 
 int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
-	{
-	ECDH_DATA *ecdh;
+{
+    ECDH_DATA *ecdh;
 
-	ecdh = ecdh_check(eckey);
+    ecdh = ecdh_check(eckey);
 
-	if (ecdh == NULL)
-		return 0;
+    if (ecdh == NULL)
+        return 0;
 
 #if 0
-        mtmp = ecdh->meth;
-        if (mtmp->finish)
-		mtmp->finish(eckey);
+    mtmp = ecdh->meth;
+    if (mtmp->finish)
+        mtmp->finish(eckey);
 #endif
 #ifndef OPENSSL_NO_ENGINE
-	if (ecdh->engine)
-		{
-		ENGINE_finish(ecdh->engine);
-		ecdh->engine = NULL;
-		}
+    if (ecdh->engine) {
+        ENGINE_finish(ecdh->engine);
+        ecdh->engine = NULL;
+    }
 #endif
-        ecdh->meth = meth;
+    ecdh->meth = meth;
 #if 0
-        if (meth->init) 
-		meth->init(eckey);
+    if (meth->init)
+        meth->init(eckey);
 #endif
-        return 1;
-	}
+    return 1;
+}
 
 static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
-	{
-	ECDH_DATA *ret;
+{
+    ECDH_DATA *ret;
 
-	ret=(ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
-	if (ret == NULL)
-		{
-		ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
+    ret = (ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
+    if (ret == NULL) {
+        ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
 
-	ret->init = NULL;
+    ret->init = NULL;
 
-	ret->meth = ECDH_get_default_method();
-	ret->engine = engine;
+    ret->meth = ECDH_get_default_method();
+    ret->engine = engine;
 #ifndef OPENSSL_NO_ENGINE
-	if (!ret->engine)
-		ret->engine = ENGINE_get_default_ECDH();
-	if (ret->engine)
-		{
-		ret->meth = ENGINE_get_ECDH(ret->engine);
-		if (!ret->meth)
-			{
-			ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			OPENSSL_free(ret);
-			return NULL;
-			}
-		}
+    if (!ret->engine)
+        ret->engine = ENGINE_get_default_ECDH();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_ECDH(ret->engine);
+        if (!ret->meth) {
+            ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
 #endif
 
-	ret->flags = ret->meth->flags;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+    ret->flags = ret->meth->flags;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
 #if 0
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
-		{
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
-		OPENSSL_free(ret);
-		ret=NULL;
-		}
-#endif	
-	return(ret);
-	}
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+#endif
+    return (ret);
+}
 
 static void *ecdh_data_new(void)
-	{
-	return (void *)ECDH_DATA_new_method(NULL);
-	}
+{
+    return (void *)ECDH_DATA_new_method(NULL);
+}
 
 static void *ecdh_data_dup(void *data)
 {
-	ECDH_DATA *r = (ECDH_DATA *)data;
+    ECDH_DATA *r = (ECDH_DATA *)data;
 
-	/* XXX: dummy operation */
-	if (r == NULL)
-		return NULL;
+    /* XXX: dummy operation */
+    if (r == NULL)
+        return NULL;
 
-	return (void *)ecdh_data_new();
+    return (void *)ecdh_data_new();
 }
 
 void ecdh_data_free(void *data)
-	{
-	ECDH_DATA *r = (ECDH_DATA *)data;
+{
+    ECDH_DATA *r = (ECDH_DATA *)data;
 
 #ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
+    if (r->engine)
+        ENGINE_finish(r->engine);
 #endif
 
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
 
-	OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA));
+    OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA));
 
-	OPENSSL_free(r);
-	}
+    OPENSSL_free(r);
+}
 
 ECDH_DATA *ecdh_check(EC_KEY *key)
-	{
-	ECDH_DATA *ecdh_data;
- 
-	void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
-					ecdh_data_free, ecdh_data_free);
-	if (data == NULL)
-	{
-		ecdh_data = (ECDH_DATA *)ecdh_data_new();
-		if (ecdh_data == NULL)
-			return NULL;
-		data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
-			   ecdh_data_dup, ecdh_data_free, ecdh_data_free);
-		if (data != NULL)
-			{
-			/* Another thread raced us to install the key_method
-			 * data and won. */
-			ecdh_data_free(ecdh_data);
-			ecdh_data = (ECDH_DATA *)data;
-			}
-	}
-	else
-		ecdh_data = (ECDH_DATA *)data;
+{
+    ECDH_DATA *ecdh_data;
+
+    void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
+                                            ecdh_data_free, ecdh_data_free);
+    if (data == NULL) {
+        ecdh_data = (ECDH_DATA *)ecdh_data_new();
+        if (ecdh_data == NULL)
+            return NULL;
+        data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
+                                             ecdh_data_dup, ecdh_data_free,
+                                             ecdh_data_free);
+        if (data != NULL) {
+            /*
+             * Another thread raced us to install the key_method data and
+             * won.
+             */
+            ecdh_data_free(ecdh_data);
+            ecdh_data = (ECDH_DATA *)data;
+        }
+    } else
+        ecdh_data = (ECDH_DATA *)data;
 #ifdef OPENSSL_FIPS
-	if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
-			&& !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW))
-		{
-		ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD);
-		return NULL;
-		}
+    if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
+        && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
+        ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD);
+        return NULL;
+    }
 #endif
-	
 
-	return ecdh_data;
-	}
+    return ecdh_data;
+}
 
 int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-	{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
-				new_func, dup_func, free_func);
-	}
+                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
+                                   new_func, dup_func, free_func);
+}
 
 int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
-	{
-	ECDH_DATA *ecdh;
-	ecdh = ecdh_check(d);
-	if (ecdh == NULL)
-		return 0;
-	return(CRYPTO_set_ex_data(&ecdh->ex_data,idx,arg));
-	}
+{
+    ECDH_DATA *ecdh;
+    ecdh = ecdh_check(d);
+    if (ecdh == NULL)
+        return 0;
+    return (CRYPTO_set_ex_data(&ecdh->ex_data, idx, arg));
+}
 
 void *ECDH_get_ex_data(EC_KEY *d, int idx)
-	{
-	ECDH_DATA *ecdh;
-	ecdh = ecdh_check(d);
-	if (ecdh == NULL)
-		return NULL;
-	return(CRYPTO_get_ex_data(&ecdh->ex_data,idx));
-	}
+{
+    ECDH_DATA *ecdh;
+    ecdh = ecdh_check(d);
+    if (ecdh == NULL)
+        return NULL;
+    return (CRYPTO_get_ex_data(&ecdh->ex_data, idx));
+}
diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h
index f6cad6a894..4e66024c75 100644
--- a/crypto/ecdh/ech_locl.h
+++ b/crypto/ecdh/ech_locl.h
@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -54,43 +54,45 @@
  */
 
 #ifndef HEADER_ECH_LOCL_H
-#define HEADER_ECH_LOCL_H
+# define HEADER_ECH_LOCL_H
 
-#include <openssl/ecdh.h>
+# include <openssl/ecdh.h>
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-struct ecdh_method 
-	{
-	const char *name;
-	int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-	                   void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-#if 0
-	int (*init)(EC_KEY *eckey);
-	int (*finish)(EC_KEY *eckey);
-#endif
-	int flags;
-	char *app_data;
-	};
+struct ecdh_method {
+    const char *name;
+    int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key,
+                        EC_KEY *ecdh, void *(*KDF) (const void *in,
+                                                    size_t inlen, void *out,
+                                                    size_t *outlen));
+# if 0
+    int (*init) (EC_KEY *eckey);
+    int (*finish) (EC_KEY *eckey);
+# endif
+    int flags;
+    char *app_data;
+};
 
-/* If this flag is set the ECDH method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
+/*
+ * If this flag is set the ECDH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
  */
 
-#define ECDH_FLAG_FIPS_METHOD	0x1
+# define ECDH_FLAG_FIPS_METHOD   0x1
 
 typedef struct ecdh_data_st {
-	/* EC_KEY_METH_DATA part */
-	int (*init)(EC_KEY *);
-	/* method specific part */
-	ENGINE	*engine;
-	int	flags;
-	const ECDH_METHOD *meth;
-	CRYPTO_EX_DATA ex_data;
+    /* EC_KEY_METH_DATA part */
+    int (*init) (EC_KEY *);
+    /* method specific part */
+    ENGINE *engine;
+    int flags;
+    const ECDH_METHOD *meth;
+    CRYPTO_EX_DATA ex_data;
 } ECDH_DATA;
 
 ECDH_DATA *ecdh_check(EC_KEY *);
@@ -99,4 +101,4 @@ ECDH_DATA *ecdh_check(EC_KEY *);
 }
 #endif
 
-#endif /* HEADER_ECH_LOCL_H */
+#endif                          /* HEADER_ECH_LOCL_H */
diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
index 07d3ddbebc..df115cc262 100644
--- a/crypto/ecdh/ech_ossl.c
+++ b/crypto/ecdh/ech_ossl.c
@@ -21,7 +21,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -67,7 +67,6 @@
  *
  */
 
-
 #include <string.h>
 #include <limits.h>
 
@@ -80,25 +79,25 @@
 #include <openssl/bn.h>
 
 static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
-	EC_KEY *ecdh, 
-	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+                            EC_KEY *ecdh,
+                            void *(*KDF) (const void *in, size_t inlen,
+                                          void *out, size_t *outlen));
 
 static ECDH_METHOD openssl_ecdh_meth = {
-	"OpenSSL ECDH method",
-	ecdh_compute_key,
+    "OpenSSL ECDH method",
+    ecdh_compute_key,
 #if 0
-	NULL, /* init     */
-	NULL, /* finish   */
+    NULL,                       /* init */
+    NULL,                       /* finish */
 #endif
-	0,    /* flags    */
-	NULL  /* app_data */
+    0,                          /* flags */
+    NULL                        /* app_data */
 };
 
 const ECDH_METHOD *ECDH_OpenSSL(void)
-	{
-	return &openssl_ecdh_meth;
-	}
-
+{
+    return &openssl_ecdh_meth;
+}
 
 /*-
  * This implementation is based on the following primitives in the IEEE 1363 standard:
@@ -107,122 +106,113 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
  * Finally an optional KDF is applied.
  */
 static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-	EC_KEY *ecdh,
-	void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
-	{
-	BN_CTX *ctx;
-	EC_POINT *tmp=NULL;
-	BIGNUM *x=NULL, *y=NULL;
-	const BIGNUM *priv_key;
-	const EC_GROUP* group;
-	int ret= -1;
-	size_t buflen, len;
-	unsigned char *buf=NULL;
-
-	if (outlen > INT_MAX)
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
-		return -1;
-		}
-
-	if ((ctx = BN_CTX_new()) == NULL) goto err;
-	BN_CTX_start(ctx);
-	x = BN_CTX_get(ctx);
-	y = BN_CTX_get(ctx);
-	
-	priv_key = EC_KEY_get0_private_key(ecdh);
-	if (priv_key == NULL)
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
-		goto err;
-		}
-
-	group = EC_KEY_get0_group(ecdh);
-
-	if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
-		{
-		if (!EC_GROUP_get_cofactor(group, x, ctx) ||
-			!BN_mul(x, x, priv_key, ctx))
-			{
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		priv_key = x;
-		}
-
-	if ((tmp=EC_POINT_new(group)) == NULL)
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) 
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
-		goto err;
-		}
-		
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
-		{
-		if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) 
-			{
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
-			goto err;
-			}
-		}
+                            EC_KEY *ecdh,
+                            void *(*KDF) (const void *in, size_t inlen,
+                                          void *out, size_t *outlen))
+{
+    BN_CTX *ctx;
+    EC_POINT *tmp = NULL;
+    BIGNUM *x = NULL, *y = NULL;
+    const BIGNUM *priv_key;
+    const EC_GROUP *group;
+    int ret = -1;
+    size_t buflen, len;
+    unsigned char *buf = NULL;
+
+    if (outlen > INT_MAX) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); /* sort of,
+                                                                 * anyway */
+        return -1;
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+
+    priv_key = EC_KEY_get0_private_key(ecdh);
+    if (priv_key == NULL) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
+        goto err;
+    }
+
+    group = EC_KEY_get0_group(ecdh);
+
+    if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) {
+        if (!EC_GROUP_get_cofactor(group, x, ctx) ||
+            !BN_mul(x, x, priv_key, ctx)) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        priv_key = x;
+    }
+
+    if ((tmp = EC_POINT_new(group)) == NULL) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+        goto err;
+    }
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+            goto err;
+        }
+    }
 #ifndef OPENSSL_NO_EC2M
-	else
-		{
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) 
-			{
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
-			goto err;
-			}
-		}
+    else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+            goto err;
+        }
+    }
 #endif
 
-	buflen = (EC_GROUP_get_degree(group) + 7)/8;
-	len = BN_num_bytes(x);
-	if (len > buflen)
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR);
-		goto err;
-		}
-	if ((buf = OPENSSL_malloc(buflen)) == NULL)
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-	
-	memset(buf, 0, buflen - len);
-	if (len != (size_t)BN_bn2bin(x, buf + buflen - len))
-		{
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
-		goto err;
-		}
-
-	if (KDF != 0)
-		{
-		if (KDF(buf, buflen, out, &outlen) == NULL)
-			{
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
-			goto err;
-			}
-		ret = outlen;
-		}
-	else
-		{
-		/* no KDF, just copy as much as we can */
-		if (outlen > buflen)
-			outlen = buflen;
-		memcpy(out, buf, outlen);
-		ret = outlen;
-		}
-	
-err:
-	if (tmp) EC_POINT_free(tmp);
-	if (ctx) BN_CTX_end(ctx);
-	if (ctx) BN_CTX_free(ctx);
-	if (buf) OPENSSL_free(buf);
-	return(ret);
-	}
+    buflen = (EC_GROUP_get_degree(group) + 7) / 8;
+    len = BN_num_bytes(x);
+    if (len > buflen) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+    if ((buf = OPENSSL_malloc(buflen)) == NULL) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    memset(buf, 0, buflen - len);
+    if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (KDF != 0) {
+        if (KDF(buf, buflen, out, &outlen) == NULL) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
+            goto err;
+        }
+        ret = outlen;
+    } else {
+        /* no KDF, just copy as much as we can */
+        if (outlen > buflen)
+            outlen = buflen;
+        memcpy(out, buf, outlen);
+        ret = outlen;
+    }
+
+ err:
+    if (tmp)
+        EC_POINT_free(tmp);
+    if (ctx)
+        BN_CTX_end(ctx);
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (buf)
+        OPENSSL_free(buf);
+    return (ret);
+}
-- 
cgit v1.2.3