More KNF.

19 files changed, 331 insertions, 322 deletions

diff --git a/lib/libcrypto/rsa/rsa_ameth.c b/lib/libcrypto/rsa/rsa_ameth.c
index 8e15e3f5358..813c634f31b 100644
--- a/lib/libcrypto/rsa/rsa_ameth.c
+++ b/lib/libcrypto/rsa/rsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_ameth.c,v 1.7 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_ameth.c,v 1.8 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -104,8 +104,8 @@ rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
 static int
 rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
 {
-	if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0 ||
-	    BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
+	if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0 ||
+	    BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
 		return 0;
 	return 1;
 }
@@ -256,7 +256,7 @@ do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
 	ret = 1;
 err:
 	free(m);
-	return(ret);
+	return (ret);
 }
 
 static int
@@ -282,13 +282,14 @@ rsa_pss_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash)
 
 	if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
 		return NULL;
+
 	p = alg->parameter->value.sequence->data;
 	plen = alg->parameter->value.sequence->length;
 	pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
 
 	if (!pss)
 		return NULL;
-	
+
 	if (pss->maskGenAlgorithm) {
 		ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
 		if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1 &&
@@ -351,7 +352,7 @@ rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss, X509_ALGOR *maskHash,
 	if (!BIO_indent(bp, indent, 128))
 		goto err;
 	if (BIO_puts(bp, "Salt Length: 0x") <= 0)
-			goto err;
+		goto err;
 	if (pss->saltLength) {
 		if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
 			goto err;
@@ -369,7 +370,7 @@ rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss, X509_ALGOR *maskHash,
 	} else if (BIO_puts(bp, "BC (default)") <= 0)
 		goto err;
 	BIO_puts(bp, "\n");
-	
+
 	rv = 1;
 
 err:
@@ -403,6 +404,7 @@ static int
 rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 {
 	X509_ALGOR *alg = NULL;
+
 	switch (op) {
 	case ASN1_PKEY_CTRL_PKCS7_SIGN:
 		if (arg1 == 0)
@@ -422,7 +424,7 @@ rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 	case ASN1_PKEY_CTRL_CMS_ENVELOPE:
 		if (arg1 == 0)
 			CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg);
-	break;
+		break;
 #endif
 
 	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
@@ -440,8 +442,8 @@ rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 	return 1;
 }
 
-/* Customised RSA item verification routine. This is called 
- * when a signature is encountered requiring special handling. We 
+/* Customised RSA item verification routine. This is called
+ * when a signature is encountered requiring special handling. We
  * currently only handle PSS.
  */
 static int
@@ -460,6 +462,7 @@ rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
 		RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
 		return -1;
 	}
+
 	/* Decode PSS parameters */
 	pss = rsa_pss_decode(sigalg, &maskHash);
 
@@ -544,7 +547,7 @@ err:
 
 static int
 rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-   X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig)
+    X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig)
 {
 	int pad_mode;
 	EVP_PKEY_CTX *pkctx = ctx->pctx;
diff --git a/lib/libcrypto/rsa/rsa_asn1.c b/lib/libcrypto/rsa/rsa_asn1.c
index e876dbdf493..9bc5f17b064 100644
--- a/lib/libcrypto/rsa/rsa_asn1.c
+++ b/lib/libcrypto/rsa/rsa_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_asn1.c,v 1.7 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_asn1.c,v 1.8 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -99,10 +99,10 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
 } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
 
 ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
-	ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
-	ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
-	ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
-	ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR, 0),
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR, 1),
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER, 2),
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER, 3)
 } ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
 
 IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
diff --git a/lib/libcrypto/rsa/rsa_chk.c b/lib/libcrypto/rsa/rsa_chk.c
index 54113f89f6a..0f9e0944db1 100644
--- a/lib/libcrypto/rsa/rsa_chk.c
+++ b/lib/libcrypto/rsa/rsa_chk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_chk.c,v 1.7 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_chk.c,v 1.8 2014/07/09 19:51:38 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -65,7 +65,7 @@ RSA_check_key(const RSA *key)
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
 		return 0;
 	}
-	
+
 	i = BN_new();
 	j = BN_new();
 	k = BN_new();
@@ -78,7 +78,7 @@ RSA_check_key(const RSA *key)
 		RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
-	
+
 	/* p prime? */
 	r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL);
 	if (r != 1) {
@@ -87,7 +87,7 @@ RSA_check_key(const RSA *key)
 			goto err;
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
 	}
-	
+
 	/* q prime? */
 	r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL);
 	if (r != 1) {
@@ -96,19 +96,19 @@ RSA_check_key(const RSA *key)
 			goto err;
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
 	}
-	
+
 	/* n = p*q? */
 	r = BN_mul(i, key->p, key->q, ctx);
 	if (!r) {
 		ret = -1;
 		goto err;
 	}
-	
+
 	if (BN_cmp(i, key->n) != 0) {
 		ret = 0;
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
 	}
-	
+
 	/* d*e = 1  mod lcm(p-1,q-1)? */
 
 	r = BN_sub(i, key->p, BN_value_one());
@@ -149,7 +149,7 @@ RSA_check_key(const RSA *key)
 		ret = 0;
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
 	}
-	
+
 	if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
 		/* dmp1 = d mod (p-1)? */
 		r = BN_sub(i, key->p, BN_value_one());
@@ -169,14 +169,14 @@ RSA_check_key(const RSA *key)
 			RSAerr(RSA_F_RSA_CHECK_KEY,
 			    RSA_R_DMP1_NOT_CONGRUENT_TO_D);
 		}
-	
-		/* dmq1 = d mod (q-1)? */    
+
+		/* dmq1 = d mod (q-1)? */
 		r = BN_sub(i, key->q, BN_value_one());
 		if (!r) {
 			ret = -1;
 			goto err;
 		}
-	
+
 		r = BN_mod(j, key->d, i, ctx);
 		if (!r) {
 			ret = -1;
@@ -188,7 +188,7 @@ RSA_check_key(const RSA *key)
 			RSAerr(RSA_F_RSA_CHECK_KEY,
 			    RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
 		}
-	
+
 		/* iqmp = q^-1 mod p? */
 		if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
 			ret = -1;
@@ -202,7 +202,7 @@ RSA_check_key(const RSA *key)
 		}
 	}
 
- err:
+err:
 	if (i != NULL)
 		BN_free(i);
 	if (j != NULL)
diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c
index 16679cfd141..fb09d235e1e 100644
--- a/lib/libcrypto/rsa/rsa_crpt.c
+++ b/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_crpt.c,v 1.5 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_crpt.c,v 1.6 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -134,7 +134,7 @@ RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
 	rsa->flags &= ~RSA_FLAG_NO_BLINDING;
 	ret = 1;
 err:
-	return(ret);
+	return (ret);
 }
 
 static BIGNUM *
@@ -181,7 +181,7 @@ RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
 		ctx = in_ctx;
 
 	BN_CTX_start(ctx);
-	e  = BN_CTX_get(ctx);
+	e = BN_CTX_get(ctx);
 	if (e == NULL) {
 		RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
 		goto err;
diff --git a/lib/libcrypto/rsa/rsa_depr.c b/lib/libcrypto/rsa/rsa_depr.c
index 6808b5aecb9..7a3ecca6667 100644
--- a/lib/libcrypto/rsa/rsa_depr.c
+++ b/lib/libcrypto/rsa/rsa_depr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_depr.c,v 1.4 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_depr.c,v 1.5 2014/07/09 19:51:38 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c
index 06bd8ded967..ede772cb835 100644
--- a/lib/libcrypto/rsa/rsa_eay.c
+++ b/lib/libcrypto/rsa/rsa_eay.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_eay.c,v 1.30 2014/07/09 08:44:53 miod Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.31 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -63,7 +63,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -116,16 +116,17 @@
 #include <openssl/rand.h>
 
 static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
+    unsigned char *to, RSA *rsa, int padding);
 static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
+    unsigned char *to, RSA *rsa, int padding);
 static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
+    unsigned char *to, RSA *rsa, int padding);
 static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
-		unsigned char *to, RSA *rsa,int padding);
+    unsigned char *to, RSA *rsa, int padding);
 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
 static int RSA_eay_init(RSA *rsa);
 static int RSA_eay_finish(RSA *rsa);
+
 static RSA_METHOD rsa_pkcs1_eay_meth = {
 	.name = "Eric Young's PKCS#1 RSA",
 	.rsa_pub_enc = RSA_eay_public_encrypt,
@@ -170,8 +171,8 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
 			return -1;
 		}
 	}
-	
-	if ((ctx=BN_CTX_new()) == NULL)
+
+	if ((ctx = BN_CTX_new()) == NULL)
 		goto err;
 	BN_CTX_start(ctx);
 	f = BN_CTX_get(ctx);
@@ -179,7 +180,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
 	num = BN_num_bytes(rsa->n);
 	buf = malloc(num);
 	if (!f || !ret || !buf) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
+		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
 
@@ -189,7 +190,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
 		break;
 #ifndef OPENSSL_NO_SHA
 	case RSA_PKCS1_OAEP_PADDING:
-	        i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0);
+		i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0);
 		break;
 #endif
 	case RSA_SSLV23_PADDING:
@@ -208,7 +209,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
 
 	if (BN_bin2bn(buf, num, f) == NULL)
 		goto err;
-	
+
 	if (BN_ucmp(f, rsa->n) >= 0) {
 		/* usually the padding functions would catch this */
 		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,
@@ -221,7 +222,8 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
 		    CRYPTO_LOCK_RSA, rsa->n, ctx))
 			goto err;
 
-	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n))
+	if (!rsa->meth->bn_mod_exp(ret, f,rsa->e, rsa->n, ctx,
+	    rsa->_method_mod_n))
 		goto err;
 
 	/* put in leading 0 bytes if the number is less than the
@@ -286,7 +288,7 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
 				CRYPTO_w_lock(CRYPTO_LOCK_RSA);
 				got_write_lock = 1;
 			}
-			
+
 			if (rsa->mt_blinding == NULL)
 				rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
 		}
@@ -355,7 +357,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
 	BIGNUM *unblind = NULL;
 	BN_BLINDING *blinding = NULL;
 
-	if ((ctx=BN_CTX_new()) == NULL)
+	if ((ctx = BN_CTX_new()) == NULL)
 		goto err;
 	BN_CTX_start(ctx);
 	f = BN_CTX_get(ctx);
@@ -386,10 +388,10 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
 	if (i <= 0)
 		goto err;
 
-	if (BN_bin2bn(buf,num,f) == NULL)
+	if (BN_bin2bn(buf, num, f) == NULL)
 		goto err;
-	
-	if (BN_ucmp(f, rsa->n) >= 0) {	
+
+		if (BN_ucmp(f, rsa->n) >= 0) {
 		/* usually the padding functions would catch this */
 		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
 		    RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
@@ -404,7 +406,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
 			goto err;
 		}
 	}
-	
+
 	if (blinding != NULL) {
 		if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
 			RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
@@ -417,13 +419,13 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
 
 	if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
 	    (rsa->p != NULL && rsa->q != NULL && rsa->dmp1 != NULL &&
-	     rsa->dmq1 != NULL && rsa->iqmp != NULL)) { 
+	    rsa->dmq1 != NULL && rsa->iqmp != NULL)) {
 		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
 			goto err;
 	} else {
 		BIGNUM local_d;
 		BIGNUM *d = NULL;
-		
+
 		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
 			BN_init(&local_d);
 			d = &local_d;
@@ -436,7 +438,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
 			    CRYPTO_LOCK_RSA, rsa->n, ctx))
 				goto err;
 
-		if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n,ctx,
+		if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
 		    rsa->_method_mod_n))
 			goto err;
 	}
@@ -530,7 +532,7 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
 			goto err;
 		}
 	}
-	
+
 	if (blinding != NULL) {
 		if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
 			RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
@@ -544,13 +546,13 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
 	/* do the decrypt */
 	if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
 	    (rsa->p != NULL && rsa->q != NULL && rsa->dmp1 != NULL &&
-	     rsa->dmq1 != NULL && rsa->iqmp != NULL)) {
+	    rsa->dmq1 != NULL && rsa->iqmp != NULL)) {
 		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
 			goto err;
 	} else {
 		BIGNUM local_d;
 		BIGNUM *d = NULL;
-		
+
 		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
 			d = &local_d;
 			BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
@@ -578,11 +580,11 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
 		r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num);
 		break;
 #ifndef OPENSSL_NO_SHA
-        case RSA_PKCS1_OAEP_PADDING:
-	        r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
-                break;
+	case RSA_PKCS1_OAEP_PADDING:
+		r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
+		break;
 #endif
- 	case RSA_SSLV23_PADDING:
+	case RSA_SSLV23_PADDING:
 		r = RSA_padding_check_SSLv23(to, num, buf, j, num);
 		break;
 	case RSA_NO_PADDING:
@@ -603,7 +605,7 @@ err:
 		BN_CTX_free(ctx);
 	}
 	if (buf != NULL) {
-		OPENSSL_cleanse(buf,num);
+		OPENSSL_cleanse(buf, num);
 		free(buf);
 	}
 	return r;
@@ -615,7 +617,7 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
     RSA *rsa, int padding)
 {
 	BIGNUM *f, *ret;
-	int i, num = 0,r = -1;
+	int i, num = 0, r = -1;
 	unsigned char *p;
 	unsigned char *buf = NULL;
 	BN_CTX *ctx = NULL;
@@ -637,7 +639,7 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
 			return -1;
 		}
 	}
-	
+
 	if ((ctx = BN_CTX_new()) == NULL)
 		goto err;
 	BN_CTX_start(ctx);
@@ -658,7 +660,7 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
 		goto err;
 	}
 
-	if (BN_bin2bn(from,flen,f) == NULL)
+	if (BN_bin2bn(from, flen, f) == NULL)
 		goto err;
 
 	if (BN_ucmp(f, rsa->n) >= 0) {
@@ -801,7 +803,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 		BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
 	} else
 		dmp1 = rsa->dmp1;
-	if (!rsa->meth->bn_mod_exp(r0, r1, dmp1, rsa->p,ctx,
+	if (!rsa->meth->bn_mod_exp(r0, r1, dmp1, rsa->p, ctx,
 	    rsa->_method_mod_p))
 		goto err;
 
@@ -824,7 +826,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 		BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
 	} else
 		pr1 = r1;
-	if (!BN_mod(r0, pr1, rsa->p,ctx))
+	if (!BN_mod(r0, pr1, rsa->p, ctx))
 		goto err;
 
 	/*
@@ -869,7 +871,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 
 			BIGNUM local_d;
 			BIGNUM *d = NULL;
-		
+
 			if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
 				d = &local_d;
 				BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
@@ -890,7 +892,7 @@ static int
 RSA_eay_init(RSA *rsa)
 {
 	rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
-	return 1 ;
+	return 1;
 }
 
 static int
@@ -902,5 +904,6 @@ RSA_eay_finish(RSA *rsa)
 		BN_MONT_CTX_free(rsa->_method_mod_p);
 	if (rsa->_method_mod_q != NULL)
 		BN_MONT_CTX_free(rsa->_method_mod_q);
+
 	return 1;
 }
diff --git a/lib/libcrypto/rsa/rsa_err.c b/lib/libcrypto/rsa/rsa_err.c
index c7d68811007..893069a8921 100644
--- a/lib/libcrypto/rsa/rsa_err.c
+++ b/lib/libcrypto/rsa/rsa_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_err.c,v 1.13 2014/07/09 08:44:53 miod Exp $ */
+/* $OpenBSD: rsa_err.c,v 1.14 2014/07/09 19:51:38 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -7,7 +7,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -68,136 +68,133 @@
 #define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
 #define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
 
-static ERR_STRING_DATA RSA_str_functs[]=
-	{
-{ERR_FUNC(RSA_F_CHECK_PADDING_MD),	"CHECK_PADDING_MD"},
-{ERR_FUNC(RSA_F_DO_RSA_PRINT),	"DO_RSA_PRINT"},
-{ERR_FUNC(RSA_F_INT_RSA_VERIFY),	"INT_RSA_VERIFY"},
-{ERR_FUNC(RSA_F_MEMORY_LOCK),	"MEMORY_LOCK"},
-{ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE),	"OLD_RSA_PRIV_DECODE"},
-{ERR_FUNC(RSA_F_PKEY_RSA_CTRL),	"PKEY_RSA_CTRL"},
-{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR),	"PKEY_RSA_CTRL_STR"},
-{ERR_FUNC(RSA_F_PKEY_RSA_SIGN),	"PKEY_RSA_SIGN"},
-{ERR_FUNC(RSA_F_PKEY_RSA_VERIFY),	"PKEY_RSA_VERIFY"},
-{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER),	"PKEY_RSA_VERIFYRECOVER"},
-{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN),	"RSA_BUILTIN_KEYGEN"},
-{ERR_FUNC(RSA_F_RSA_CHECK_KEY),	"RSA_check_key"},
-{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT),	"RSA_EAY_PRIVATE_DECRYPT"},
-{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT),	"RSA_EAY_PRIVATE_ENCRYPT"},
-{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT),	"RSA_EAY_PUBLIC_DECRYPT"},
-{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT),	"RSA_EAY_PUBLIC_ENCRYPT"},
-{ERR_FUNC(RSA_F_RSA_GENERATE_KEY),	"RSA_generate_key"},
-{ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX),	"RSA_generate_key_ex"},
-{ERR_FUNC(RSA_F_RSA_ITEM_VERIFY),	"RSA_ITEM_VERIFY"},
-{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK),	"RSA_memory_lock"},
-{ERR_FUNC(RSA_F_RSA_NEW_METHOD),	"RSA_new_method"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE),	"RSA_padding_add_none"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),	"RSA_padding_add_PKCS1_OAEP"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS),	"RSA_padding_add_PKCS1_PSS"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1),	"RSA_padding_add_PKCS1_PSS_mgf1"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),	"RSA_padding_add_PKCS1_type_1"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),	"RSA_padding_add_PKCS1_type_2"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23),	"RSA_padding_add_SSLv23"},
-{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931),	"RSA_padding_add_X931"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE),	"RSA_padding_check_none"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),	"RSA_padding_check_PKCS1_OAEP"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),	"RSA_padding_check_PKCS1_type_1"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),	"RSA_padding_check_PKCS1_type_2"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23),	"RSA_padding_check_SSLv23"},
-{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931),	"RSA_padding_check_X931"},
-{ERR_FUNC(RSA_F_RSA_PRINT),	"RSA_print"},
-{ERR_FUNC(RSA_F_RSA_PRINT_FP),	"RSA_print_fp"},
-{ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT),	"RSA_private_decrypt"},
-{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT),	"RSA_private_encrypt"},
-{ERR_FUNC(RSA_F_RSA_PRIV_DECODE),	"RSA_PRIV_DECODE"},
-{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE),	"RSA_PRIV_ENCODE"},
-{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT),	"RSA_public_decrypt"},
-{ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT),	"RSA_public_encrypt"},
-{ERR_FUNC(RSA_F_RSA_PUB_DECODE),	"RSA_PUB_DECODE"},
-{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING),	"RSA_setup_blinding"},
-{ERR_FUNC(RSA_F_RSA_SIGN),	"RSA_sign"},
-{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),	"RSA_sign_ASN1_OCTET_STRING"},
-{ERR_FUNC(RSA_F_RSA_VERIFY),	"RSA_verify"},
-{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),	"RSA_verify_ASN1_OCTET_STRING"},
-{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS),	"RSA_verify_PKCS1_PSS"},
-{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1),	"RSA_verify_PKCS1_PSS_mgf1"},
-{0,NULL}
-	};
+static ERR_STRING_DATA RSA_str_functs[] = {
+	{ERR_FUNC(RSA_F_CHECK_PADDING_MD),	"CHECK_PADDING_MD"},
+	{ERR_FUNC(RSA_F_DO_RSA_PRINT),	"DO_RSA_PRINT"},
+	{ERR_FUNC(RSA_F_INT_RSA_VERIFY),	"INT_RSA_VERIFY"},
+	{ERR_FUNC(RSA_F_MEMORY_LOCK),	"MEMORY_LOCK"},
+	{ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE),	"OLD_RSA_PRIV_DECODE"},
+	{ERR_FUNC(RSA_F_PKEY_RSA_CTRL),	"PKEY_RSA_CTRL"},
+	{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR),	"PKEY_RSA_CTRL_STR"},
+	{ERR_FUNC(RSA_F_PKEY_RSA_SIGN),	"PKEY_RSA_SIGN"},
+	{ERR_FUNC(RSA_F_PKEY_RSA_VERIFY),	"PKEY_RSA_VERIFY"},
+	{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER),	"PKEY_RSA_VERIFYRECOVER"},
+	{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN),	"RSA_BUILTIN_KEYGEN"},
+	{ERR_FUNC(RSA_F_RSA_CHECK_KEY),	"RSA_check_key"},
+	{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT),	"RSA_EAY_PRIVATE_DECRYPT"},
+	{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT),	"RSA_EAY_PRIVATE_ENCRYPT"},
+	{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT),	"RSA_EAY_PUBLIC_DECRYPT"},
+	{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT),	"RSA_EAY_PUBLIC_ENCRYPT"},
+	{ERR_FUNC(RSA_F_RSA_GENERATE_KEY),	"RSA_generate_key"},
+	{ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX),	"RSA_generate_key_ex"},
+	{ERR_FUNC(RSA_F_RSA_ITEM_VERIFY),	"RSA_ITEM_VERIFY"},
+	{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK),	"RSA_memory_lock"},
+	{ERR_FUNC(RSA_F_RSA_NEW_METHOD),	"RSA_new_method"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE),	"RSA_padding_add_none"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),	"RSA_padding_add_PKCS1_OAEP"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS),	"RSA_padding_add_PKCS1_PSS"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1),	"RSA_padding_add_PKCS1_PSS_mgf1"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),	"RSA_padding_add_PKCS1_type_1"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),	"RSA_padding_add_PKCS1_type_2"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23),	"RSA_padding_add_SSLv23"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931),	"RSA_padding_add_X931"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE),	"RSA_padding_check_none"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),	"RSA_padding_check_PKCS1_OAEP"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),	"RSA_padding_check_PKCS1_type_1"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),	"RSA_padding_check_PKCS1_type_2"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23),	"RSA_padding_check_SSLv23"},
+	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931),	"RSA_padding_check_X931"},
+	{ERR_FUNC(RSA_F_RSA_PRINT),	"RSA_print"},
+	{ERR_FUNC(RSA_F_RSA_PRINT_FP),	"RSA_print_fp"},
+	{ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT),	"RSA_private_decrypt"},
+	{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT),	"RSA_private_encrypt"},
+	{ERR_FUNC(RSA_F_RSA_PRIV_DECODE),	"RSA_PRIV_DECODE"},
+	{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE),	"RSA_PRIV_ENCODE"},
+	{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT),	"RSA_public_decrypt"},
+	{ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT),	"RSA_public_encrypt"},
+	{ERR_FUNC(RSA_F_RSA_PUB_DECODE),	"RSA_PUB_DECODE"},
+	{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING),	"RSA_setup_blinding"},
+	{ERR_FUNC(RSA_F_RSA_SIGN),	"RSA_sign"},
+	{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),	"RSA_sign_ASN1_OCTET_STRING"},
+	{ERR_FUNC(RSA_F_RSA_VERIFY),	"RSA_verify"},
+	{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),	"RSA_verify_ASN1_OCTET_STRING"},
+	{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS),	"RSA_verify_PKCS1_PSS"},
+	{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1),	"RSA_verify_PKCS1_PSS_mgf1"},
+	{0, NULL}
+};
 
-static ERR_STRING_DATA RSA_str_reasons[]=
-	{
-{ERR_REASON(RSA_R_ALGORITHM_MISMATCH)    ,"algorithm mismatch"},
-{ERR_REASON(RSA_R_BAD_E_VALUE)           ,"bad e value"},
-{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT),"bad fixed header decrypt"},
-{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT)    ,"bad pad byte count"},
-{ERR_REASON(RSA_R_BAD_SIGNATURE)         ,"bad signature"},
-{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01)  ,"block type is not 01"},
-{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02)  ,"block type is not 02"},
-{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),"data greater than mod len"},
-{ERR_REASON(RSA_R_DATA_TOO_LARGE)        ,"data too large"},
-{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
-{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),"data too large for modulus"},
-{ERR_REASON(RSA_R_DATA_TOO_SMALL)        ,"data too small"},
-{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),"data too small for key size"},
-{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),"digest too big for rsa key"},
-{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
-{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
-{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
-{ERR_REASON(RSA_R_FIRST_OCTET_INVALID)   ,"first octet invalid"},
-{ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),"illegal or unsupported padding mode"},
-{ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) ,"invalid digest length"},
-{ERR_REASON(RSA_R_INVALID_HEADER)        ,"invalid header"},
-{ERR_REASON(RSA_R_INVALID_KEYBITS)       ,"invalid keybits"},
-{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
-{ERR_REASON(RSA_R_INVALID_MGF1_MD)       ,"invalid mgf1 md"},
-{ERR_REASON(RSA_R_INVALID_PADDING)       ,"invalid padding"},
-{ERR_REASON(RSA_R_INVALID_PADDING_MODE)  ,"invalid padding mode"},
-{ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS),"invalid pss parameters"},
-{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN)   ,"invalid pss saltlen"},
-{ERR_REASON(RSA_R_INVALID_SALT_LENGTH)   ,"invalid salt length"},
-{ERR_REASON(RSA_R_INVALID_TRAILER)       ,"invalid trailer"},
-{ERR_REASON(RSA_R_INVALID_X931_DIGEST)   ,"invalid x931 digest"},
-{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
-{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL)    ,"key size too small"},
-{ERR_REASON(RSA_R_LAST_OCTET_INVALID)    ,"last octet invalid"},
-{ERR_REASON(RSA_R_MODULUS_TOO_LARGE)     ,"modulus too large"},
-{ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD)   ,"non fips rsa method"},
-{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT)    ,"no public exponent"},
-{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
-{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  ,"n does not equal p q"},
-{ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   ,"oaep decoding error"},
-{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"},
-{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
-{ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  ,"padding check failed"},
-{ERR_REASON(RSA_R_P_NOT_PRIME)           ,"p not prime"},
-{ERR_REASON(RSA_R_Q_NOT_PRIME)           ,"q not prime"},
-{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},
-{ERR_REASON(RSA_R_SLEN_CHECK_FAILED)     ,"salt length check failed"},
-{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED)  ,"salt length recovery failed"},
-{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
-{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
-{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
-{ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST)   ,"unknown mask digest"},
-{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE)  ,"unknown padding type"},
-{ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST)    ,"unknown pss digest"},
-{ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),"unsupported mask algorithm"},
-{ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),"unsupported mask parameter"},
-{ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),"unsupported signature type"},
-{ERR_REASON(RSA_R_VALUE_MISSING)         ,"value missing"},
-{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
-{0,NULL}
-	};
+static ERR_STRING_DATA RSA_str_reasons[] = {
+	{ERR_REASON(RSA_R_ALGORITHM_MISMATCH)    , "algorithm mismatch"},
+	{ERR_REASON(RSA_R_BAD_E_VALUE)           , "bad e value"},
+	{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"},
+	{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT)    , "bad pad byte count"},
+	{ERR_REASON(RSA_R_BAD_SIGNATURE)         , "bad signature"},
+	{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01)  , "block type is not 01"},
+	{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02)  , "block type is not 02"},
+	{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN), "data greater than mod len"},
+	{ERR_REASON(RSA_R_DATA_TOO_LARGE)        , "data too large"},
+	{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"},
+	{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS), "data too large for modulus"},
+	{ERR_REASON(RSA_R_DATA_TOO_SMALL)        , "data too small"},
+	{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE), "data too small for key size"},
+	{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY), "digest too big for rsa key"},
+	{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"},
+	{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"},
+	{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"},
+	{ERR_REASON(RSA_R_FIRST_OCTET_INVALID)   , "first octet invalid"},
+	{ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE), "illegal or unsupported padding mode"},
+	{ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) , "invalid digest length"},
+	{ERR_REASON(RSA_R_INVALID_HEADER)        , "invalid header"},
+	{ERR_REASON(RSA_R_INVALID_KEYBITS)       , "invalid keybits"},
+	{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
+	{ERR_REASON(RSA_R_INVALID_MGF1_MD)       , "invalid mgf1 md"},
+	{ERR_REASON(RSA_R_INVALID_PADDING)       , "invalid padding"},
+	{ERR_REASON(RSA_R_INVALID_PADDING_MODE)  , "invalid padding mode"},
+	{ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"},
+	{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN)   , "invalid pss saltlen"},
+	{ERR_REASON(RSA_R_INVALID_SALT_LENGTH)   , "invalid salt length"},
+	{ERR_REASON(RSA_R_INVALID_TRAILER)       , "invalid trailer"},
+	{ERR_REASON(RSA_R_INVALID_X931_DIGEST)   , "invalid x931 digest"},
+	{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) , "iqmp not inverse of q"},
+	{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL)    , "key size too small"},
+	{ERR_REASON(RSA_R_LAST_OCTET_INVALID)    , "last octet invalid"},
+	{ERR_REASON(RSA_R_MODULUS_TOO_LARGE)     , "modulus too large"},
+	{ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD)   , "non fips rsa method"},
+	{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT)    , "no public exponent"},
+	{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING), "null before block missing"},
+	{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  , "n does not equal p q"},
+	{ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   , "oaep decoding error"},
+	{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE), "operation not allowed in fips mode"},
+	{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
+	{ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  , "padding check failed"},
+	{ERR_REASON(RSA_R_P_NOT_PRIME)           , "p not prime"},
+	{ERR_REASON(RSA_R_Q_NOT_PRIME)           , "q not prime"},
+	{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED), "rsa operations not supported"},
+	{ERR_REASON(RSA_R_SLEN_CHECK_FAILED)     , "salt length check failed"},
+	{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED)  , "salt length recovery failed"},
+	{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) , "sslv3 rollback attack"},
+	{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"},
+	{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
+	{ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST)   , "unknown mask digest"},
+	{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE)  , "unknown padding type"},
+	{ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST)    , "unknown pss digest"},
+	{ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM), "unsupported mask algorithm"},
+	{ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER), "unsupported mask parameter"},
+	{ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE), "unsupported signature type"},
+	{ERR_REASON(RSA_R_VALUE_MISSING)         , "value missing"},
+	{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
+	{0, NULL}
+};
 
 #endif
 
-void ERR_load_RSA_strings(void)
-	{
+void
+ERR_load_RSA_strings(void)
+{
 #ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(RSA_str_functs[0].error) == NULL)
-		{
-		ERR_load_strings(0,RSA_str_functs);
-		ERR_load_strings(0,RSA_str_reasons);
-		}
-#endif
+	if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) {
+		ERR_load_strings(0, RSA_str_functs);
+		ERR_load_strings(0, RSA_str_reasons);
 	}
+#endif
+}
diff --git a/lib/libcrypto/rsa/rsa_gen.c b/lib/libcrypto/rsa/rsa_gen.c
index 3a6aa1ca7a8..f000b41940e 100644
--- a/lib/libcrypto/rsa/rsa_gen.c
+++ b/lib/libcrypto/rsa/rsa_gen.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_gen.c,v 1.14 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_gen.c,v 1.15 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -154,8 +154,8 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 			if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL,
 			    cb))
 				goto err;
-			} while (BN_cmp(rsa->p, rsa->q) == 0 &&
-			    ++degenerate < 3);
+		} while (BN_cmp(rsa->p, rsa->q) == 0 &&
+		    ++degenerate < 3);
 		if (degenerate == 3) {
 			ok = 0; /* we set our own err */
 			RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,
@@ -173,7 +173,7 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 	}
 	if (!BN_GENCB_call(cb, 3, 1))
 		goto err;
-	if (BN_cmp(rsa->p,rsa->q) < 0) {
+	if (BN_cmp(rsa->p, rsa->q) < 0) {
 		tmp = rsa->p;
 		rsa->p = rsa->q;
 		rsa->q = tmp;
@@ -191,8 +191,8 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 	if (!BN_mul(r0, r1, r2, ctx))			/* (p-1)(q-1) */
 		goto err;
 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-		  pr0 = &local_r0;
-		  BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
+		pr0 = &local_r0;
+		BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
 	} else
 		pr0 = r0;
 	if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))	/* d */
diff --git a/lib/libcrypto/rsa/rsa_lib.c b/lib/libcrypto/rsa/rsa_lib.c
index 44a86700c2c..5afed378253 100644
--- a/lib/libcrypto/rsa/rsa_lib.c
+++ b/lib/libcrypto/rsa/rsa_lib.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_lib.c,v 1.24 2014/07/09 11:10:51 bcook Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.25 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -144,7 +144,7 @@ RSA_new_method(ENGINE *engine)
 		ret->engine = engine;
 	} else
 		ret->engine = ENGINE_get_default_RSA();
-	if(ret->engine) {
+	if (ret->engine) {
 		ret->meth = ENGINE_get_RSA(ret->engine);
 		if (!ret->meth) {
 			RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
diff --git a/lib/libcrypto/rsa/rsa_none.c b/lib/libcrypto/rsa/rsa_none.c
index fde5eb6ef66..818fd26fa49 100644
--- a/lib/libcrypto/rsa/rsa_none.c
+++ b/lib/libcrypto/rsa/rsa_none.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_none.c,v 1.5 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_none.c,v 1.6 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -77,7 +77,7 @@ RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *from,
 		    RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
 		return 0;
 	}
-	
+
 	memcpy(to, from, (unsigned int)flen);
 	return 1;
 }
diff --git a/lib/libcrypto/rsa/rsa_oaep.c b/lib/libcrypto/rsa/rsa_oaep.c
index df288fa615d..1e862a99e06 100644
--- a/lib/libcrypto/rsa/rsa_oaep.c
+++ b/lib/libcrypto/rsa/rsa_oaep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_oaep.c,v 1.18 2014/07/09 17:08:40 miod Exp $ */
+/* $OpenBSD: rsa_oaep.c,v 1.19 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Ulf Moeller. This software is distributed on an "AS IS"
    basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
 
@@ -8,7 +8,7 @@
  * <URL: http://www.shoup.net/papers/oaep.ps.Z>
  * for problems with the security proof for the
  * original OAEP scheme, which EME-OAEP is based on.
- * 
+ *
  * A new proof can be found in E. Fujisaki, T. Okamoto,
  * D. Pointcheval, J. Stern, "RSA-OEAP is Still Alive!",
  * Dec. 2000, <URL: http://eprint.iacr.org/2000/061/>.
@@ -29,7 +29,7 @@
 #include <openssl/sha.h>
 
 static int MGF1(unsigned char *mask, long len, const unsigned char *seed,
-	    long seedlen);
+    long seedlen);
 
 int
 RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
@@ -142,7 +142,7 @@ RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 		return -1;
 	for (i = 0; i < SHA_DIGEST_LENGTH; i++)
 		seed[i] ^= padded_from[i];
-  
+
 	if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH))
 		return -1;
 	for (i = 0; i < dblen; i++)
@@ -204,7 +204,7 @@ PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
 		cnt[1] = (unsigned char)((i >> 16) & 255);
 		cnt[2] = (unsigned char)((i >> 8)) & 255;
 		cnt[3] = (unsigned char)(i & 255);
-		if (!EVP_DigestInit_ex(&c,dgst, NULL) ||
+		if (!EVP_DigestInit_ex(&c, dgst, NULL) ||
 		    !EVP_DigestUpdate(&c, seed, seedlen) ||
 		    !EVP_DigestUpdate(&c, cnt, 4))
 			goto err;
diff --git a/lib/libcrypto/rsa/rsa_pk1.c b/lib/libcrypto/rsa/rsa_pk1.c
index f5492315cce..d394b300c60 100644
--- a/lib/libcrypto/rsa/rsa_pk1.c
+++ b/lib/libcrypto/rsa/rsa_pk1.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_pk1.c,v 1.8 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_pk1.c,v 1.9 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -69,12 +69,12 @@ RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
 	int j;
 	unsigned char *p;
 
-	if (flen > (tlen-RSA_PKCS1_PADDING_SIZE)) {
+	if (flen > (tlen - RSA_PKCS1_PADDING_SIZE)) {
 		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,
 		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
 		return 0;
 	}
-	
+
 	p = (unsigned char *)to;
 
 	*(p++) = 0;
@@ -86,6 +86,7 @@ RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
 	p += j;
 	*(p++) = '\0';
 	memcpy(p, from, (unsigned int)flen);
+
 	return 1;
 }
 
@@ -106,7 +107,8 @@ RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
 	/* scan over padding data */
 	j = flen - 1; /* one for type. */
 	for (i = 0; i < j; i++) {
-		if (*p != 0xff) { /* should decrypt to 0xff */
+		if (*p != 0xff) {
+			/* should decrypt to 0xff */
 			if (*p == 0) {
 				p++;
 				break;
@@ -146,15 +148,15 @@ int
 RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
     const unsigned char *from, int flen)
 {
-	int i,j;
+	int i, j;
 	unsigned char *p;
-	
+
 	if (flen > tlen - 11) {
 		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,
 		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
 		return 0;
 	}
-	
+
 	p = (unsigned char *)to;
 
 	*(p++) = 0;
diff --git a/lib/libcrypto/rsa/rsa_pmeth.c b/lib/libcrypto/rsa/rsa_pmeth.c
index 4a662c2894e..f35b5800ab4 100644
--- a/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.9 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.10 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -110,7 +110,7 @@ pkey_rsa_init(EVP_PKEY_CTX *ctx)
 	ctx->data = rctx;
 	ctx->keygen_info = rctx->gentmp;
 	ctx->keygen_info_count = 2;
-	
+
 	return 1;
 }
 
@@ -121,7 +121,7 @@ pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
 
 	if (!pkey_rsa_init(dst))
 		return 0;
-       	sctx = src->data;
+	sctx = src->data;
 	dctx = dst->data;
 	dctx->nbits = sctx->nbits;
 	if (sctx->pub_exp) {
@@ -236,7 +236,7 @@ pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
 				return 0;
 			ret--;
 			if (rctx->tbuf[ret] !=
-			    RSA_X931_hash_id(EVP_MD_type(rctx->md))) {
+				RSA_X931_hash_id(EVP_MD_type(rctx->md))) {
 				RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
 				    RSA_R_ALGORITHM_MISMATCH);
 				return 0;
@@ -371,6 +371,7 @@ static int
 pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 {
 	RSA_PKEY_CTX *rctx = ctx->data;
+
 	switch (type) {
 	case EVP_PKEY_CTRL_RSA_PADDING:
 		if (p1 >= RSA_PKCS1_PADDING && p1 <= RSA_PKCS1_PSS_PADDING) {
@@ -458,17 +459,18 @@ bad_pad:
 		return 1;
 #ifndef OPENSSL_NO_CMS
 	case EVP_PKEY_CTRL_CMS_DECRYPT:
-	    {
-		X509_ALGOR *alg = NULL;
-		ASN1_OBJECT *encalg = NULL;
-
-		if (p2)
-			CMS_RecipientInfo_ktri_get0_algs(p2, NULL, NULL, &alg);
-		if (alg)
-			X509_ALGOR_get0(&encalg, NULL, NULL, alg);
-		if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep)
-			rctx->pad_mode = RSA_PKCS1_OAEP_PADDING;
-	    }
+		{
+			X509_ALGOR *alg = NULL;
+			ASN1_OBJECT *encalg = NULL;
+
+			if (p2)
+				CMS_RecipientInfo_ktri_get0_algs(p2, NULL,
+				    NULL, &alg);
+			if (alg)
+				X509_ALGOR_get0(&encalg, NULL, NULL, alg);
+			if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep)
+				rctx->pad_mode = RSA_PKCS1_OAEP_PADDING;
+		}
 		/* FALLTHROUGH */
 
 	case EVP_PKEY_CTRL_CMS_ENCRYPT:
@@ -477,18 +479,18 @@ bad_pad:
 #endif
 	case EVP_PKEY_CTRL_PEER_KEY:
 		RSAerr(RSA_F_PKEY_RSA_CTRL,
-		RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;	
+		    RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+		return -2;
 
 	default:
 		return -2;
 	}
 }
-			
+
 static int
 pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
 {
- 	long lval;
+	long lval;
 	char *ep;
 
 	if (!value) {
diff --git a/lib/libcrypto/rsa/rsa_prn.c b/lib/libcrypto/rsa/rsa_prn.c
index 89cf2b45b0e..5d5b0e29d80 100644
--- a/lib/libcrypto/rsa/rsa_prn.c
+++ b/lib/libcrypto/rsa/rsa_prn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_prn.c,v 1.4 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_prn.c,v 1.5 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
diff --git a/lib/libcrypto/rsa/rsa_pss.c b/lib/libcrypto/rsa/rsa_pss.c
index 4c6a90c1c70..09bf32439bf 100644
--- a/lib/libcrypto/rsa/rsa_pss.c
+++ b/lib/libcrypto/rsa/rsa_pss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pss.c,v 1.6 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_pss.c,v 1.7 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -121,7 +121,8 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
 		EM++;
 		emLen--;
 	}
-	if (emLen < (hLen + sLen + 2)) { /* sLen can be small negative */
+	if (emLen < (hLen + sLen + 2)) {
+		/* sLen can be small negative */
 		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
 		goto err;
 	}
@@ -143,7 +144,7 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
 		DB[i] ^= EM[i];
 	if (MSBits)
 		DB[0] &= 0xFF >> (8 - MSBits);
-	for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++)
+	for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++)
 		;
 	if (DB[i++] != 0x1) {
 		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1,
@@ -168,7 +169,7 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
 	if (memcmp(H_, H, hLen)) {
 		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
 		ret = 0;
-	} else 
+	} else
 		ret = 1;
 
 err:
diff --git a/lib/libcrypto/rsa/rsa_saos.c b/lib/libcrypto/rsa/rsa_saos.c
index 50dfef7e71d..0ff9f570f43 100644
--- a/lib/libcrypto/rsa/rsa_saos.c
+++ b/lib/libcrypto/rsa/rsa_saos.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_saos.c,v 1.12 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_saos.c,v 1.13 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -69,7 +69,7 @@ RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, unsigned int m_len,
 {
 	ASN1_OCTET_STRING sig;
 	int i, j, ret = 1;
-	unsigned char *p,*s;
+	unsigned char *p, *s;
 
 	sig.type = V_ASN1_OCTET_STRING;
 	sig.length = m_len;
@@ -132,7 +132,7 @@ RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m,
 		goto err;
 
 	if ((unsigned int)sig->length != m_len ||
-	    memcmp(m,sig->data, m_len) != 0) {
+	    memcmp(m, sig->data, m_len) != 0) {
 		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
 		    RSA_R_BAD_SIGNATURE);
 	} else
diff --git a/lib/libcrypto/rsa/rsa_sign.c b/lib/libcrypto/rsa/rsa_sign.c
index 9718589be72..11ee2d128da 100644
--- a/lib/libcrypto/rsa/rsa_sign.c
+++ b/lib/libcrypto/rsa/rsa_sign.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_sign.c,v 1.19 2014/07/09 09:04:14 miod Exp $ */
+/* $OpenBSD: rsa_sign.c,v 1.20 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -137,7 +137,7 @@ RSA_sign(int type, const unsigned char *m, unsigned int m_len,
 		OPENSSL_cleanse(tmps, (unsigned int)j + 1);
 		free(tmps);
 	}
-	return(ret);
+	return (ret);
 }
 
 int
@@ -199,7 +199,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
 		else
 			ret = 1;
 	} else {
-		const unsigned char *p=s;
+		const unsigned char *p = s;
 
 		sig = d2i_X509_SIG(NULL, &p, (long)i);
 
@@ -240,7 +240,7 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
 				ret = 1;
 			}
 		} else if ((unsigned int)sig->digest->length != m_len ||
-		    memcmp(m,sig->digest->data,m_len) != 0) {
+		    memcmp(m, sig->digest->data, m_len) != 0) {
 			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
 		} else
 			ret = 1;
diff --git a/lib/libcrypto/rsa/rsa_ssl.c b/lib/libcrypto/rsa/rsa_ssl.c
index c6ab71c6741..09deb08985b 100644
--- a/lib/libcrypto/rsa/rsa_ssl.c
+++ b/lib/libcrypto/rsa/rsa_ssl.c
@@ -1,25 +1,25 @@
-/* $OpenBSD: rsa_ssl.c,v 1.8 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_ssl.c,v 1.9 2014/07/09 19:51:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +34,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -66,15 +66,15 @@ int
 RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from,
     int flen)
 {
-	int i,j;
+	int i, j;
 	unsigned char *p;
-	
+
 	if (flen > tlen - 11) {
 		RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,
 		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
 		return 0;
 	}
-	
+
 	p = (unsigned char *)to;
 
 	*(p++) = 0;
diff --git a/lib/libcrypto/rsa/rsa_x931.c b/lib/libcrypto/rsa/rsa_x931.c
index c3305139f80..74c4af91a5f 100644
--- a/lib/libcrypto/rsa/rsa_x931.c
+++ b/lib/libcrypto/rsa/rsa_x931.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */
+/* $OpenBSD: rsa_x931.c,v 1.5 2014/07/09 19:51:38 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -10,7 +10,7 @@
  * are met:
  *
  * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
@@ -81,7 +81,7 @@ RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *from,
 		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
 		return -1;
 	}
-	
+
 	p = (unsigned char *)to;
 
 	/* If no padding start and end nibbles are in one byte */
@@ -103,7 +103,7 @@ RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *from,
 
 int
 RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
-   int flen, int num)
+    int flen, int num)
 {
 	int i = 0, j;
 	const unsigned char *p = from;
@@ -121,13 +121,14 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
 				break;
 			if (c != 0xBB) {
 				RSAerr(RSA_F_RSA_PADDING_CHECK_X931,
-					RSA_R_INVALID_PADDING);
+				    RSA_R_INVALID_PADDING);
 				return -1;
 			}
 		}
 
 		if (i == 0) {
-			RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
+			RSAerr(RSA_F_RSA_PADDING_CHECK_X931,
+			    RSA_R_INVALID_PADDING);
 			return -1;
 		}