chunk 6 of CMP contribution to OpenSSL

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10297)

4 files changed, 18 insertions, 22 deletions

diff --git a/crypto/crmf/crmf_asn.c b/crypto/crmf/crmf_asn.c
index 4380156795..8b6657f969 100644
--- a/crypto/crmf/crmf_asn.c
+++ b/crypto/crmf/crmf_asn.c
@@ -235,6 +235,5 @@ IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_MSG)
 ASN1_ITEM_TEMPLATE(OSSL_CRMF_MSGS) =
     ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
                           OSSL_CRMF_MSGS, OSSL_CRMF_MSG)
-    ASN1_ITEM_TEMPLATE_END(OSSL_CRMF_MSGS)
+ASN1_ITEM_TEMPLATE_END(OSSL_CRMF_MSGS)
 IMPLEMENT_ASN1_FUNCTIONS(OSSL_CRMF_MSGS)
-
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index 6ba3f7ab3f..64dbf80978 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -97,10 +97,10 @@ static int OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG *crm,
     return 0;
 }
 
- /* id-regCtrl-regToken Control (section 6.1) */
+/* id-regCtrl-regToken Control (section 6.1) */
 IMPLEMENT_CRMF_CTRL_FUNC(regToken, ASN1_STRING, regCtrl)
 
- /* id-regCtrl-authenticator Control (section 6.2) */
+/* id-regCtrl-authenticator Control (section 6.2) */
 #define ASN1_UTF8STRING_dup ASN1_STRING_dup
 IMPLEMENT_CRMF_CTRL_FUNC(authenticator, ASN1_UTF8STRING, regCtrl)
 
@@ -153,11 +153,11 @@ int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(
     return ASN1_INTEGER_set(pi->action, action);
 }
 
- /* id-regCtrl-pkiPublicationInfo Control (section 6.3) */
+/* id-regCtrl-pkiPublicationInfo Control (section 6.3) */
 IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo, OSSL_CRMF_PKIPUBLICATIONINFO,
                          regCtrl)
 
- /* id-regCtrl-oldCertID Control (section 6.5) from the given */
+/* id-regCtrl-oldCertID Control (section 6.5) from the given */
 IMPLEMENT_CRMF_CTRL_FUNC(oldCertID, OSSL_CRMF_CERTID, regCtrl)
 
 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
@@ -188,10 +188,9 @@ OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
     return NULL;
 }
 
- /*
-  * id-regCtrl-protocolEncrKey Control (section 6.6)
-  *
-  */
+/*
+ * id-regCtrl-protocolEncrKey Control (section 6.6)
+ */
 IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey, X509_PUBKEY, regCtrl)
 
 /*-
@@ -567,7 +566,7 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
          * return 1 if the type of req->popo->value.keyEncipherment
          * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and
          * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT
-        */
+         */
     case OSSL_CRMF_POPO_KEYAGREE:
     default:
         CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO,
@@ -702,7 +701,7 @@ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(OSSL_CRMF_ENCRYPTEDVALUE *ecert,
     if ((iv = OPENSSL_malloc(EVP_CIPHER_iv_length(cipher))) == NULL)
         goto end;
     if (ASN1_TYPE_get_octetstring(ecert->symmAlg->parameter, iv,
-                                   EVP_CIPHER_iv_length(cipher))
+                                  EVP_CIPHER_iv_length(cipher))
         != EVP_CIPHER_iv_length(cipher)) {
         CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
                 CRMF_R_MALFORMED_IV);
diff --git a/crypto/crmf/crmf_local.h b/crypto/crmf/crmf_local.h
index 577187f55b..06b32b5378 100644
--- a/crypto/crmf/crmf_local.h
+++ b/crypto/crmf/crmf_local.h
@@ -217,7 +217,7 @@ struct ossl_crmf_pbmparameter_st {
     ASN1_INTEGER *iterationCount;
     X509_ALGOR *mac;
 } /* OSSL_CRMF_PBMPARAMETER */;
-#define OSSL_CRMF_PBM_MAX_ITERATION_COUNT 100000 /* if too large allows DoS */
+# define OSSL_CRMF_PBM_MAX_ITERATION_COUNT 100000 /* if too large allows DoS */
 
 /*-
  * POPOSigningKeyInput ::= SEQUENCE {
@@ -232,7 +232,7 @@ struct ossl_crmf_pbmparameter_st {
  *   -- on the DER-encoded value of publicKey
  * publicKey      SubjectPublicKeyInfo  -- from CertTemplate
  * }
-*/
+ */
 typedef struct ossl_crmf_poposigningkeyinput_authinfo_st {
     int type;
     union {
diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c
index c5e08c47de..2dfa84e49b 100644
--- a/crypto/crmf/crmf_pbm.c
+++ b/crypto/crmf/crmf_pbm.c
@@ -133,8 +133,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
     int ok = 0;
     EVP_MAC *mac = NULL;
     EVP_MAC_CTX *mctx = NULL;
-    OSSL_PARAM macparams[3] =
-        { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
+    OSSL_PARAM macparams[3] = {OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END};
 
     if (out == NULL || pbmp == NULL || pbmp->mac == NULL
             || pbmp->mac->algorithm == NULL || msg == NULL || sec == NULL) {
@@ -193,16 +192,15 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
     mac_nid = OBJ_obj2nid(pbmp->mac->algorithm);
 
     if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, mac_nid, NULL, &hmac_md_nid, NULL)
-        || ((mdname = OBJ_nid2sn(hmac_md_nid)) == NULL)) {
+            || (mdname = OBJ_nid2sn(hmac_md_nid)) == NULL) {
         CRMFerr(CRMF_F_OSSL_CRMF_PBM_NEW, CRMF_R_UNSUPPORTED_ALGORITHM);
         goto err;
     }
 
-    macparams[0] =
-        OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
-                                         (char *)mdname, 0);
-    macparams[1] =
-        OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, basekey, bklen);
+    macparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+                                                    (char *)mdname, 0);
+    macparams[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+                                                     basekey, bklen);
     if ((mac = EVP_MAC_fetch(NULL, "HMAC", NULL)) == NULL
             || (mctx = EVP_MAC_CTX_new(mac)) == NULL
             || !EVP_MAC_CTX_set_params(mctx, macparams)