CryptoPkg: Apply uncrustify changes

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the CryptoPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

CryptoPkg/Driver/Crypto.c

@@ -244,6 +244,7 @@ DeprecatedCryptoServiceMd4HashAll (
 }
 
 #ifndef ENABLE_MD5_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -390,7 +391,9 @@ DeprecatedCryptoServiceMd5HashAll (
 {
   return BaseCryptLibServiceDeprecated ("Md5HashAll"), FALSE;
 }
+
 #else
+
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -548,9 +551,11 @@ CryptoServiceMd5HashAll (
 {
   return CALL_BASECRYPTLIB (Md5.Services.HashAll, Md5HashAll, (Data, DataSize, HashValue), FALSE);
 }
+
 #endif
 
 #ifdef DISABLE_SHA1_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -699,7 +704,9 @@ DeprecatedCryptoServiceSha1HashAll (
 {
   return BaseCryptLibServiceDeprecated ("Sha1HashAll"), FALSE;
 }
+
 #else
+
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -857,6 +864,7 @@ CryptoServiceSha1HashAll (
 {
   return CALL_BASECRYPTLIB (Sha1.Services.HashAll, Sha1HashAll, (Data, DataSize, HashValue), FALSE);
 }
+
 #endif
 
 /**
@@ -3172,7 +3180,6 @@ CryptoServiceVerifyEKUsInPkcs7Signature (
   return CALL_BASECRYPTLIB (Pkcs.Services.VerifyEKUsInPkcs7Signature, VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE);
 }
 
-
 /**
   Extracts the attached content from a PKCS#7 signed data if existed. The input signed
   data could be wrapped in a ContentInfo structure.

CryptoPkg/Include/Library/BaseCryptLib.h

@@ -73,6 +73,7 @@ typedef enum {
 // =====================================================================================
 
 #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -212,9 +213,11 @@ Md5HashAll (
   IN   UINTN       DataSize,
   OUT  UINT8       *HashValue
   );
+
 #endif
 
 #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -354,6 +357,7 @@ Sha1HashAll (
   IN   UINTN       DataSize,
   OUT  UINT8       *HashValue
   );
+
 #endif
 
 /**

CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c

@@ -61,7 +61,7 @@ AesInit (
   //
   // Check input parameters.
   //
-  if (AesContext == NULL || Key == NULL || (KeyLength != 128 && KeyLength != 192 && KeyLength != 256)) {
+  if ((AesContext == NULL) || (Key == NULL) || ((KeyLength != 128) && (KeyLength != 192) && (KeyLength != 256))) {
     return FALSE;
   }
 
@@ -72,9 +72,11 @@ AesInit (
   if (AES_set_encrypt_key (Key, (UINT32)KeyLength, AesKey) != 0) {
     return FALSE;
   }
+
   if (AES_set_decrypt_key (Key, (UINT32)KeyLength, AesKey + 1) != 0) {
     return FALSE;
   }
+
   return TRUE;
 }
 
@@ -121,11 +123,11 @@ AesCbcEncrypt (
   //
   // Check input parameters.
   //
-  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) {
+  if ((AesContext == NULL) || (Input == NULL) || ((InputSize % AES_BLOCK_SIZE) != 0)) {
     return FALSE;
   }
 
-  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
+  if ((Ivec == NULL) || (Output == NULL) || (InputSize > INT_MAX)) {
     return FALSE;
   }
 
@@ -183,11 +185,11 @@ AesCbcDecrypt (
   //
   // Check input parameters.
   //
-  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) {
+  if ((AesContext == NULL) || (Input == NULL) || ((InputSize % AES_BLOCK_SIZE) != 0)) {
     return FALSE;
   }
 
-  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
+  if ((Ivec == NULL) || (Output == NULL) || (InputSize > INT_MAX)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c

@@ -10,6 +10,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <openssl/md5.h>
 
 #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -28,7 +29,6 @@ Md5GetContextSize (
   return (UINTN)(sizeof (MD5_CTX));
 }
 
-
 /**
   Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
   subsequent use.
@@ -83,7 +83,7 @@ Md5Duplicate (
   //
   // Check input parameters.
   //
-  if (Md5Context == NULL || NewMd5Context == NULL) {
+  if ((Md5Context == NULL) || (NewMd5Context == NULL)) {
     return FALSE;
   }
 
@@ -128,7 +128,7 @@ Md5Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
   //
-  if (Data == NULL && (DataSize != 0)) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -168,7 +168,7 @@ Md5Final (
   //
   // Check input parameters.
   //
-  if (Md5Context == NULL || HashValue == NULL) {
+  if ((Md5Context == NULL) || (HashValue == NULL)) {
     return FALSE;
   }
 
@@ -210,7 +210,8 @@ Md5HashAll (
   if (HashValue == NULL) {
     return FALSE;
   }
-  if (Data == NULL && (DataSize != 0)) {
+
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -223,4 +224,5 @@ Md5HashAll (
     return TRUE;
   }
 }
+
 #endif

CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c

@@ -10,6 +10,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <openssl/sha.h>
 
 #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -82,7 +83,7 @@ Sha1Duplicate (
   //
   // Check input parameters.
   //
-  if (Sha1Context == NULL || NewSha1Context == NULL) {
+  if ((Sha1Context == NULL) || (NewSha1Context == NULL)) {
     return FALSE;
   }
 
@@ -127,7 +128,7 @@ Sha1Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
   //
-  if (Data == NULL && DataSize != 0) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -167,7 +168,7 @@ Sha1Final (
   //
   // Check input parameters.
   //
-  if (Sha1Context == NULL || HashValue == NULL) {
+  if ((Sha1Context == NULL) || (HashValue == NULL)) {
     return FALSE;
   }
 
@@ -209,7 +210,8 @@ Sha1HashAll (
   if (HashValue == NULL) {
     return FALSE;
   }
-  if (Data == NULL && DataSize != 0) {
+
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -222,4 +224,5 @@ Sha1HashAll (
     return TRUE;
   }
 }
+
 #endif

CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c

@@ -81,7 +81,7 @@ Sha256Duplicate (
   //
   // Check input parameters.
   //
-  if (Sha256Context == NULL || NewSha256Context == NULL) {
+  if ((Sha256Context == NULL) || (NewSha256Context == NULL)) {
     return FALSE;
   }
 
@@ -126,7 +126,7 @@ Sha256Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
   //
-  if (Data == NULL && DataSize != 0) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -166,7 +166,7 @@ Sha256Final (
   //
   // Check input parameters.
   //
-  if (Sha256Context == NULL || HashValue == NULL) {
+  if ((Sha256Context == NULL) || (HashValue == NULL)) {
     return FALSE;
   }
 
@@ -208,7 +208,8 @@ Sha256HashAll (
   if (HashValue == NULL) {
     return FALSE;
   }
-  if (Data == NULL && DataSize != 0) {
+
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c

@@ -83,7 +83,7 @@ Sha384Duplicate (
   //
   // Check input parameters.
   //
-  if (Sha384Context == NULL || NewSha384Context == NULL) {
+  if ((Sha384Context == NULL) || (NewSha384Context == NULL)) {
     return FALSE;
   }
 
@@ -128,7 +128,7 @@ Sha384Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
   //
-  if (Data == NULL && DataSize != 0) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -168,7 +168,7 @@ Sha384Final (
   //
   // Check input parameters.
   //
-  if (Sha384Context == NULL || HashValue == NULL) {
+  if ((Sha384Context == NULL) || (HashValue == NULL)) {
     return FALSE;
   }
 
@@ -210,7 +210,8 @@ Sha384HashAll (
   if (HashValue == NULL) {
     return FALSE;
   }
-  if (Data == NULL && DataSize != 0) {
+
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -298,7 +299,7 @@ Sha512Duplicate (
   //
   // Check input parameters.
   //
-  if (Sha512Context == NULL || NewSha512Context == NULL) {
+  if ((Sha512Context == NULL) || (NewSha512Context == NULL)) {
     return FALSE;
   }
 
@@ -343,7 +344,7 @@ Sha512Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
   //
-  if (Data == NULL && DataSize != 0) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -383,7 +384,7 @@ Sha512Final (
   //
   // Check input parameters.
   //
-  if (Sha512Context == NULL || HashValue == NULL) {
+  if ((Sha512Context == NULL) || (HashValue == NULL)) {
     return FALSE;
   }
 
@@ -425,7 +426,8 @@ Sha512HashAll (
   if (HashValue == NULL) {
     return FALSE;
   }
-  if (Data == NULL && DataSize != 0) {
+
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Hash/CryptSm3.c

@@ -84,7 +84,7 @@ Sm3Duplicate (
   //
   // Check input parameters.
   //
-  if (Sm3Context == NULL || NewSm3Context == NULL) {
+  if ((Sm3Context == NULL) || (NewSm3Context == NULL)) {
     return FALSE;
   }
 
@@ -129,7 +129,7 @@ Sm3Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in Openssl
   //
-  if (Data == NULL && DataSize != 0) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -171,7 +171,7 @@ Sm3Final (
   //
   // Check input parameters.
   //
-  if (Sm3Context == NULL || HashValue == NULL) {
+  if ((Sm3Context == NULL) || (HashValue == NULL)) {
     return FALSE;
   }
 
@@ -217,7 +217,8 @@ Sm3HashAll (
   if (HashValue == NULL) {
     return FALSE;
   }
-  if (Data == NULL && DataSize != 0) {
+
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c

@@ -71,7 +71,7 @@ HmacSha256SetKey (
   //
   // Check input parameters.
   //
-  if (HmacSha256Context == NULL || KeySize > INT_MAX) {
+  if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) {
     return FALSE;
   }
 
@@ -105,7 +105,7 @@ HmacSha256Duplicate (
   //
   // Check input parameters.
   //
-  if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) {
+  if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) {
     return FALSE;
   }
 
@@ -152,7 +152,7 @@ HmacSha256Update (
   //
   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
   //
-  if (Data == NULL && DataSize != 0) {
+  if ((Data == NULL) && (DataSize != 0)) {
     return FALSE;
   }
 
@@ -198,7 +198,7 @@ HmacSha256Final (
   //
   // Check input parameters.
   //
-  if (HmacSha256Context == NULL || HmacValue == NULL) {
+  if ((HmacSha256Context == NULL) || (HmacValue == NULL)) {
     return FALSE;
   }
 
@@ -208,6 +208,7 @@ HmacSha256Final (
   if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) {
     return FALSE;
   }
+
   if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {
     return FALSE;
   }

CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c

@@ -42,8 +42,9 @@ HkdfSha256ExtractAndExpand (
   EVP_PKEY_CTX  *pHkdfCtx;
   BOOLEAN       Result;
 
-  if (Key == NULL || Salt == NULL || Info == NULL || Out == NULL ||
+  if ((Key == NULL) || (Salt == NULL) || (Info == NULL) || (Out == NULL) ||
-    KeySize > INT_MAX || SaltSize > INT_MAX || InfoSize > INT_MAX || OutSize > INT_MAX ) {
+      (KeySize > INT_MAX) || (SaltSize > INT_MAX) || (InfoSize > INT_MAX) || (OutSize > INT_MAX))
+  {
     return FALSE;
   }
 
@@ -56,15 +57,19 @@ HkdfSha256ExtractAndExpand (
   if (Result) {
     Result = EVP_PKEY_CTX_set_hkdf_md (pHkdfCtx, EVP_sha256 ()) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_set1_hkdf_salt (pHkdfCtx, Salt, (UINT32)SaltSize) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_set1_hkdf_key (pHkdfCtx, Key, (UINT32)KeySize) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_add1_hkdf_info (pHkdfCtx, Info, (UINT32)InfoSize) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_derive (pHkdfCtx, Out, &OutSize) > 0;
   }

CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c

@@ -76,7 +76,7 @@ RsaGetPrivateKeyFromPem (
   //
   // Check input parameters.
   //
-  if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) {
+  if ((PemData == NULL) || (RsaContext == NULL) || (PemSize > INT_MAX)) {
     return FALSE;
   }
 
@@ -87,9 +87,11 @@ RsaGetPrivateKeyFromPem (
   if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
     return FALSE;
   }

CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c

@@ -110,19 +110,19 @@ AuthenticodeVerify (
   //       PKCS#7 ContentInfo here.
   //
   SpcIndirectDataOid = OBJ_get0_data (Pkcs7->d.sign->contents->type);
-  if (OBJ_length(Pkcs7->d.sign->contents->type) != sizeof(mSpcIndirectOidValue) ||
+  if ((OBJ_length (Pkcs7->d.sign->contents->type) != sizeof (mSpcIndirectOidValue)) ||
-      CompareMem (
+      (CompareMem (
          SpcIndirectDataOid,
          mSpcIndirectOidValue,
          sizeof (mSpcIndirectOidValue)
-        ) != 0) {
+         ) != 0))
+  {
     //
     // Un-matched SPC_INDIRECT_DATA_OBJID.
     //
     goto _Exit;
   }
 
-
   SpcIndirectDataContent = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
 
   //
@@ -139,7 +139,6 @@ AuthenticodeVerify (
     // Skip the SEQUENCE Tag;
     //
     SpcIndirectDataContent += 2;
-
   } else if ((Asn1Byte & 0x81) == 0x81) {
     //
     // Long Form of Length Encoding (128 <= Length < 255, Single Octet)
@@ -149,7 +148,6 @@ AuthenticodeVerify (
     // Skip the SEQUENCE Tag;
     //
     SpcIndirectDataContent += 3;
-
   } else if ((Asn1Byte & 0x82) == 0x82) {
     //
     // Long Form of Length Encoding (Length > 255, Two Octet)
@@ -160,7 +158,6 @@ AuthenticodeVerify (
     // Skip the SEQUENCE Tag;
     //
     SpcIndirectDataContent += 4;
-
   } else {
     goto _Exit;
   }

CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c

@@ -86,11 +86,11 @@ DhGenerateParameter (
   //
   // Check input parameters.
   //
-  if (DhContext == NULL || Prime == NULL || PrimeLength > INT_MAX) {
+  if ((DhContext == NULL) || (Prime == NULL) || (PrimeLength > INT_MAX)) {
     return FALSE;
   }
 
-  if (Generator != DH_GENERATOR_2 && Generator != DH_GENERATOR_5) {
+  if ((Generator != DH_GENERATOR_2) && (Generator != DH_GENERATOR_5)) {
     return FALSE;
   }
 
@@ -142,11 +142,11 @@ DhSetParameter (
   //
   // Check input parameters.
   //
-  if (DhContext == NULL || Prime == NULL || PrimeLength > INT_MAX) {
+  if ((DhContext == NULL) || (Prime == NULL) || (PrimeLength > INT_MAX)) {
     return FALSE;
   }
 
-  if (Generator != DH_GENERATOR_2 && Generator != DH_GENERATOR_5) {
+  if ((Generator != DH_GENERATOR_2) && (Generator != DH_GENERATOR_5)) {
     return FALSE;
   }
 
@@ -207,11 +207,11 @@ DhGenerateKey (
   //
   // Check input parameters.
   //
-  if (DhContext == NULL || PublicKeySize == NULL) {
+  if ((DhContext == NULL) || (PublicKeySize == NULL)) {
     return FALSE;
   }
 
-  if (PublicKey == NULL && *PublicKeySize != 0) {
+  if ((PublicKey == NULL) && (*PublicKeySize != 0)) {
     return FALSE;
   }
 
@@ -229,6 +229,7 @@ DhGenerateKey (
     if (PublicKey != NULL) {
       BN_bn2bin (DhPubKey, PublicKey);
     }
+
     *PublicKeySize = Size;
   }
 
@@ -275,7 +276,7 @@ DhComputeKey (
   //
   // Check input parameters.
   //
-  if (DhContext == NULL || PeerPublicKey == NULL || KeySize == NULL || Key == NULL) {
+  if ((DhContext == NULL) || (PeerPublicKey == NULL) || (KeySize == NULL) || (Key == NULL)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c

@@ -67,8 +67,9 @@ Pkcs1v2Encrypt (
   //
   // Check input parameters.
   //
-  if (PublicKey == NULL || InData == NULL ||
+  if ((PublicKey == NULL) || (InData == NULL) ||
-      EncryptedData == NULL || EncryptedDataSize == NULL) {
+      (EncryptedData == NULL) || (EncryptedDataSize == NULL))
+  {
     return FALSE;
   }
 
@@ -137,11 +138,13 @@ Pkcs1v2Encrypt (
     //
     goto _Exit;
   }
+
   //
   // Initialize the context and set the desired padding.
   //
-  if (EVP_PKEY_encrypt_init (PkeyCtx) <= 0 ||
+  if ((EVP_PKEY_encrypt_init (PkeyCtx) <= 0) ||
-      EVP_PKEY_CTX_set_rsa_padding (PkeyCtx, RSA_PKCS1_OAEP_PADDING) <= 0) {
+      (EVP_PKEY_CTX_set_rsa_padding (PkeyCtx, RSA_PKCS1_OAEP_PADDING) <= 0))
+  {
     //
     // Fail to initialize the context.
     //
@@ -196,9 +199,11 @@ _Exit:
   if (CertData != NULL) {
     X509_free (CertData);
   }
+
   if (InternalPublicKey != NULL) {
     EVP_PKEY_free (InternalPublicKey);
   }
+
   if (PkeyCtx != NULL) {
     EVP_PKEY_CTX_free (PkeyCtx);
   }

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c

@@ -58,12 +58,15 @@ Pkcs5HashPassword (
   if ((Password == NULL) || (Salt == NULL) || (OutKey == NULL)) {
     return FALSE;
   }
+
   if ((PasswordLength == 0) || (PasswordLength > INT_MAX) ||
       (SaltLength == 0) || (SaltLength > INT_MAX) ||
       (KeyLength == 0) || (KeyLength > INT_MAX) ||
-      (IterationCount < 1) || (IterationCount > INT_MAX)) {
+      (IterationCount < 1) || (IterationCount > INT_MAX))
+  {
     return FALSE;
   }
+
   //
   // Make sure the digest algorithm is supported.
   //

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c

@@ -62,8 +62,9 @@ Pkcs7Sign (
   //
   // Check input parameters.
   //
-  if (PrivateKey == NULL || KeyPassword == NULL || InData == NULL ||
+  if ((PrivateKey == NULL) || (KeyPassword == NULL) || (InData == NULL) ||
-    SignCert == NULL || SignedData == NULL || SignedDataSize == NULL || InDataSize > INT_MAX) {
+      (SignCert == NULL) || (SignedData == NULL) || (SignedDataSize == NULL) || (InDataSize > INT_MAX))
+  {
     return FALSE;
   }
 
@@ -94,9 +95,11 @@ Pkcs7Sign (
   if (EVP_add_digest (EVP_md5 ()) == 0) {
     goto _Exit;
   }
+
   if (EVP_add_digest (EVP_sha1 ()) == 0) {
     goto _Exit;
   }
+
   if (EVP_add_digest (EVP_sha256 ()) == 0) {
     goto _Exit;
   }
@@ -110,6 +113,7 @@ Pkcs7Sign (
   if (Key == NULL) {
     goto _Exit;
   }
+
   if (EVP_PKEY_assign_RSA (Key, (RSA *)RsaContext) == 0) {
     goto _Exit;
   }

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7SignNull.c

@@ -51,4 +51,3 @@ Pkcs7Sign (
   ASSERT (FALSE);
   return FALSE;
 }
-

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyBase.c

@@ -67,7 +67,8 @@ Pkcs7GetOctetString (
   }
 
   if (Pkcs7TypeIsOther (P7) && (P7->d.other != NULL) &&
-      (P7->d.other->type == V_ASN1_OCTET_STRING)) {
+      (P7->d.other->type == V_ASN1_OCTET_STRING))
+  {
     return P7->d.other->value.octet_string;
   }
 
@@ -171,9 +172,11 @@ Pkcs7GetAttachedContent (
         *ContentSize = 0;
         goto _Exit;
       }
+
       CopyMem (*Content, OctStr->data, *ContentSize);
     }
   }
+
   Status = TRUE;
 
 _Exit:

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c

@@ -154,6 +154,7 @@ X509PopCertificate (
 {
   BIO   *CertBio;
   X509  *X509Cert;
+
   STACK_OF (X509)  *CertStack;
   BOOLEAN  Status;
   INT32    Result;
@@ -264,6 +265,7 @@ Pkcs7GetSigners (
   CONST UINT8  *Temp;
   UINTN        SignedDataSize;
   BOOLEAN      Wrapped;
+
   STACK_OF (X509)   *Stack;
   UINT8  Index;
   UINT8  *CertBuf;
@@ -274,7 +276,8 @@ Pkcs7GetSigners (
   UINTN  SingleCertSize;
 
   if ((P7Data == NULL) || (CertStack == NULL) || (StackLength == NULL) ||
-      (TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX)) {
+      (TrustedCert == NULL) || (CertLength == NULL) || (P7Length > INT_MAX))
+  {
     return FALSE;
   }
 
@@ -466,9 +469,11 @@ Pkcs7GetCertificatesList (
   UINT8           Index;
   PKCS7           *Pkcs7;
   X509_STORE_CTX  *CertCtx;
+
   STACK_OF (X509)   *CtxChain;
   STACK_OF (X509)   *CtxUntrusted;
   X509  *CtxCert;
+
   STACK_OF (X509)   *Signers;
   X509       *Signer;
   X509       *Cert;
@@ -503,7 +508,8 @@ Pkcs7GetCertificatesList (
   // Parameter Checking
   //
   if ((P7Data == NULL) || (SignerChainCerts == NULL) || (ChainLength == NULL) ||
-      (UnchainCerts == NULL) || (UnchainLength == NULL) || (P7Length > INT_MAX)) {
+      (UnchainCerts == NULL) || (UnchainLength == NULL) || (P7Length > INT_MAX))
+  {
     return Status;
   }
 
@@ -537,15 +543,18 @@ Pkcs7GetCertificatesList (
   if ((Signers == NULL) || (sk_X509_num (Signers) != 1)) {
     goto _Error;
   }
+
   Signer = sk_X509_value (Signers, 0);
 
   CertCtx = X509_STORE_CTX_new ();
   if (CertCtx == NULL) {
     goto _Error;
   }
+
   if (!X509_STORE_CTX_init (CertCtx, NULL, Signer, Pkcs7->d.sign->cert)) {
     goto _Error;
   }
+
   //
   // Initialize Chained & Untrusted stack
   //
@@ -553,10 +562,12 @@ Pkcs7GetCertificatesList (
   CtxCert  = X509_STORE_CTX_get0_cert (CertCtx);
   if (CtxChain == NULL) {
     if (((CtxChain = sk_X509_new_null ()) == NULL) ||
-        (!sk_X509_push (CtxChain, CtxCert))) {
+        (!sk_X509_push (CtxChain, CtxCert)))
+    {
       goto _Error;
     }
   }
+
   CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx);
   if (CtxUntrusted != NULL) {
     (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
@@ -588,6 +599,7 @@ Pkcs7GetCertificatesList (
         if (!sk_X509_push (CtxChain, Issuer)) {
           goto _Error;
         }
+
         (VOID)sk_X509_delete_ptr (CtxUntrusted, Issuer);
 
         Cert = Issuer;
@@ -629,6 +641,7 @@ Pkcs7GetCertificatesList (
         Status = FALSE;
         goto _Error;
       }
+
       if (OldBuf != NULL) {
         CopyMem (CertBuf, OldBuf, OldSize);
         free (OldBuf);
@@ -672,6 +685,7 @@ Pkcs7GetCertificatesList (
         Status = FALSE;
         goto _Error;
       }
+
       if (OldBuf != NULL) {
         CopyMem (CertBuf, OldBuf, OldSize);
         free (OldBuf);
@@ -709,6 +723,7 @@ _Error:
   if (Pkcs7 != NULL) {
     PKCS7_free (Pkcs7);
   }
+
   sk_X509_free (Signers);
 
   if (CertCtx != NULL) {
@@ -781,8 +796,9 @@ Pkcs7Verify (
   //
   // Check input parameters.
   //
-  if (P7Data == NULL || TrustedCert == NULL || InData == NULL ||
+  if ((P7Data == NULL) || (TrustedCert == NULL) || (InData == NULL) ||
-    P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) {
+      (P7Length > INT_MAX) || (CertLength > INT_MAX) || (DataLength > INT_MAX))
+  {
     return FALSE;
   }
 
@@ -797,18 +813,23 @@ Pkcs7Verify (
   if (EVP_add_digest (EVP_md5 ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_digest (EVP_sha1 ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_digest (EVP_sha256 ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_digest (EVP_sha384 ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_digest (EVP_sha512 ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) {
     return FALSE;
   }
@@ -856,6 +877,7 @@ Pkcs7Verify (
   if (CertStore == NULL) {
     goto _Exit;
   }
+
   if (!(X509_STORE_add_cert (CertStore, Cert))) {
     goto _Exit;
   }
@@ -873,8 +895,10 @@ Pkcs7Verify (
   // Allow partial certificate chains, terminated by a non-self-signed but
   // still trusted intermediate certificate. Also disable time checks.
   //
-  X509_STORE_set_flags (CertStore,
+  X509_STORE_set_flags (
-                        X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME);
+    CertStore,
+    X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
+    );
 
   //
   // OpenSSL PKCS7 Verification by default checks for SMIME (email signing) and
@@ -903,4 +927,3 @@ _Exit:
 
   return Status;
 }
-

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c

@@ -69,6 +69,7 @@ GetSignerCertificate (
   )
 {
   EFI_STATUS  Status;
+
   STACK_OF (X509)  *Signers;
   INT32  NumberSigners;
 
@@ -76,7 +77,7 @@ GetSignerCertificate (
   Signers       = NULL;
   NumberSigners = 0;
 
-  if (CertChain == NULL || SignerCert == NULL) {
+  if ((CertChain == NULL) || (SignerCert == NULL)) {
     Status = EFI_INVALID_PARAMETER;
     goto Exit;
   }
@@ -118,7 +119,6 @@ Exit:
   return Status;
 }
 
-
 /**
   Determines if the specified EKU represented in ASN1 form is present
   in a given certificate.
@@ -155,7 +155,7 @@ IsEkuInCertificate (
   NumExtensions  = 0;
   Asn1InCert     = NULL;
 
-  if (Cert == NULL || Asn1ToFind == NULL) {
+  if ((Cert == NULL) || (Asn1ToFind == NULL)) {
     Status = EFI_INVALID_PARAMETER;
     goto Exit;
   }
@@ -215,8 +215,9 @@ IsEkuInCertificate (
       goto Exit;
     }
 
-    if (Asn1InCert->length == Asn1ToFind->length &&
+    if ((Asn1InCert->length == Asn1ToFind->length) &&
-        CompareMem (Asn1InCert->data, Asn1ToFind->data, Asn1InCert->length) == 0) {
+        (CompareMem (Asn1InCert->data, Asn1ToFind->data, Asn1InCert->length) == 0))
+    {
       //
       // Found Eku in certificate.
       //
@@ -241,7 +242,6 @@ Exit:
   return Status;
 }
 
-
 /**
   Determines if the specified EKUs are present in a signing certificate.
 
@@ -272,7 +272,7 @@ CheckEKUs(
   Asn1ToFind   = NULL;
   NumEkusFound = 0;
 
-  if (SignerCert == NULL || RequiredEKUs == NULL || RequiredEKUsSize == 0) {
+  if ((SignerCert == NULL) || (RequiredEKUs == NULL) || (RequiredEKUsSize == 0)) {
     Status = EFI_INVALID_PARAMETER;
     goto Exit;
   }
@@ -318,7 +318,8 @@ Exit:
   }
 
   if (RequireAllPresent &&
-      NumEkusFound == RequiredEKUsSize) {
+      (NumEkusFound == RequiredEKUsSize))
+  {
     //
     // Found all required EKUs in certificate.
     //
@@ -370,6 +371,7 @@ VerifyEKUsInPkcs7Signature (
 {
   EFI_STATUS  Status;
   PKCS7       *Pkcs7;
+
   STACK_OF (X509)    *CertChain;
   INT32    SignatureType;
   INT32    NumberCertsInSignature;
@@ -394,10 +396,11 @@ VerifyEKUsInPkcs7Signature (
   //
   // Validate the input parameters.
   //
-  if (Pkcs7Signature   == NULL ||
+  if ((Pkcs7Signature   == NULL) ||
-      SignatureSize    == 0    ||
+      (SignatureSize    == 0) ||
-      RequiredEKUs     == NULL ||
+      (RequiredEKUs     == NULL) ||
-      RequiredEKUsSize == 0) {
+      (RequiredEKUsSize == 0))
+  {
     Status = EFI_INVALID_PARAMETER;
     goto Exit;
   }
@@ -409,11 +412,13 @@ VerifyEKUsInPkcs7Signature (
   //
   // Wrap the PKCS7 data if needed.
   //
-  Ok = WrapPkcs7Data (Pkcs7Signature,
+  Ok = WrapPkcs7Data (
+         Pkcs7Signature,
          SignatureSize,
          &IsWrapped,
          &SignedData,
-                      &SignedDataSize);
+         &SignedDataSize
+         );
   if (!Ok) {
     //
     // Fail to Wrap the PKCS7 data.
@@ -445,11 +450,13 @@ VerifyEKUsInPkcs7Signature (
       if (Pkcs7->d.sign != NULL) {
         CertChain = Pkcs7->d.sign->cert;
       }
+
       break;
     case NID_pkcs7_signedAndEnveloped:
       if (Pkcs7->d.signed_and_enveloped != NULL) {
         CertChain = Pkcs7->d.signed_and_enveloped->cert;
       }
+
       break;
     default:
       break;
@@ -483,7 +490,7 @@ VerifyEKUsInPkcs7Signature (
   // Get the leaf signer.
   //
   Status = GetSignerCertificate (Pkcs7, &SignerCert);
-  if (Status != EFI_SUCCESS || SignerCert == NULL) {
+  if ((Status != EFI_SUCCESS) || (SignerCert == NULL)) {
     //
     // Fail to get the end-entity leaf signer certificate.
     //
@@ -514,4 +521,3 @@ Exit:
 
   return Status;
 }
-

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEkuRuntime.c

@@ -54,4 +54,3 @@ VerifyEKUsInPkcs7Signature (
   ASSERT (FALSE);
   return RETURN_UNSUPPORTED;
 }
-

CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyRuntime.c

@@ -36,4 +36,3 @@ Pkcs7GetAttachedContent (
   ASSERT (FALSE);
   return FALSE;
 }
-

CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c

@@ -99,7 +99,7 @@ RsaSetKey (
   //
   // Check input parameters.
   //
-  if (RsaContext == NULL || BnSize > INT_MAX) {
+  if ((RsaContext == NULL) || (BnSize > INT_MAX)) {
     return FALSE;
   }
 
@@ -126,7 +126,6 @@ RsaSetKey (
   //       (N, e) are needed.
   //
   switch (KeyTag) {
-
     //
     // RSA Public Modulus (N), Public Exponent (e) and Private Exponent (d)
     //
@@ -136,9 +135,11 @@ RsaSetKey (
       if (BnN == NULL) {
         BnN = BN_new ();
       }
+
       if (BnE == NULL) {
         BnE = BN_new ();
       }
+
       if (BnD == NULL) {
         BnD = BN_new ();
       }
@@ -160,6 +161,7 @@ RsaSetKey (
         default:
           return FALSE;
       }
+
       if (RSA_set0_key (RsaKey, BN_dup (BnN), BN_dup (BnE), BN_dup (BnD)) == 0) {
         return FALSE;
       }
@@ -174,9 +176,11 @@ RsaSetKey (
       if (BnP == NULL) {
         BnP = BN_new ();
       }
+
       if (BnQ == NULL) {
         BnQ = BN_new ();
       }
+
       if ((BnP == NULL) || (BnQ == NULL)) {
         return FALSE;
       }
@@ -191,6 +195,7 @@ RsaSetKey (
         default:
           return FALSE;
       }
+
       if (RSA_set0_factors (RsaKey, BN_dup (BnP), BN_dup (BnQ)) == 0) {
         return FALSE;
       }
@@ -207,12 +212,15 @@ RsaSetKey (
       if (BnDp == NULL) {
         BnDp = BN_new ();
       }
+
       if (BnDq == NULL) {
         BnDq = BN_new ();
       }
+
       if (BnQInv == NULL) {
         BnQInv = BN_new ();
       }
+
       if ((BnDp == NULL) || (BnDq == NULL) || (BnQInv == NULL)) {
         return FALSE;
       }
@@ -230,6 +238,7 @@ RsaSetKey (
         default:
           return FALSE;
       }
+
       if (RSA_set0_crt_params (RsaKey, BN_dup (BnDp), BN_dup (BnDq), BN_dup (BnQInv)) == 0) {
         return FALSE;
       }
@@ -278,11 +287,11 @@ RsaPkcs1Verify (
   //
   // Check input parameters.
   //
-  if (RsaContext == NULL || MessageHash == NULL || Signature == NULL) {
+  if ((RsaContext == NULL) || (MessageHash == NULL) || (Signature == NULL)) {
     return FALSE;
   }
 
-  if (SigSize > INT_MAX || SigSize == 0) {
+  if ((SigSize > INT_MAX) || (SigSize == 0)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c

@@ -61,7 +61,7 @@ RsaGetKey (
   //
   // Check input parameters.
   //
-  if (RsaContext == NULL || BnSize == NULL) {
+  if ((RsaContext == NULL) || (BnSize == NULL)) {
     return FALSE;
   }
 
@@ -71,7 +71,6 @@ RsaGetKey (
   BnKey   = NULL;
 
   switch (KeyTag) {
-
     //
     // RSA Public Modulus (N)
     //
@@ -148,6 +147,7 @@ RsaGetKey (
     *BnSize = Size;
     return TRUE;
   }
+
   *BnSize = BN_bn2bin (BnKey, BigNumber);
 
   return TRUE;
@@ -189,7 +189,7 @@ RsaGenerateKey (
   //
   // Check input parameters.
   //
-  if (RsaContext == NULL || ModulusLength > INT_MAX || PublicExponentSize > INT_MAX) {
+  if ((RsaContext == NULL) || (ModulusLength > INT_MAX) || (PublicExponentSize > INT_MAX)) {
     return FALSE;
   }
 
@@ -255,10 +255,11 @@ RsaCheckKey (
 
   if (RSA_check_key ((RSA *)RsaContext) != 1) {
     Reason = ERR_GET_REASON (ERR_peek_last_error ());
-    if (Reason == RSA_R_P_NOT_PRIME ||
+    if ((Reason == RSA_R_P_NOT_PRIME) ||
-        Reason == RSA_R_Q_NOT_PRIME ||
+        (Reason == RSA_R_Q_NOT_PRIME) ||
-        Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q ||
+        (Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q) ||
-        Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1) {
+        (Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1))
+    {
       return FALSE;
     }
   }
@@ -308,7 +309,7 @@ RsaPkcs1Sign (
   //
   // Check input parameters.
   //
-  if (RsaContext == NULL || MessageHash == NULL) {
+  if ((RsaContext == NULL) || (MessageHash == NULL)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExtNull.c

@@ -115,5 +115,3 @@ RsaPkcs1Sign (
   ASSERT (FALSE);
   return FALSE;
 }
-
-

CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c

@@ -16,7 +16,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-
 /**
   Retrieve a pointer to EVP message digest object.
 
@@ -45,7 +44,6 @@ GetEvpMD (
   }
 }
 
-
 /**
   Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC 8017.
   Implementation determines salt length automatically from the signature encoding.
@@ -91,12 +89,15 @@ RsaPssVerify (
   if (RsaContext == NULL) {
     return FALSE;
   }
-  if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
+
+  if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
     return FALSE;
   }
-  if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
+
+  if ((Signature == NULL) || (SigSize == 0) || (SigSize > INT_MAX)) {
     return FALSE;
   }
+
   if (SaltLen != DigestLen) {
     return FALSE;
   }
@@ -127,15 +128,19 @@ RsaPssVerify (
   if (Result) {
     Result = EVP_PKEY_CTX_set_rsa_padding (KeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_set_rsa_pss_saltlen (KeyCtx, SaltLen) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_set_rsa_mgf1_md (KeyCtx, HashAlg) > 0;
   }
+
   if (Result) {
     Result = EVP_DigestVerifyUpdate (EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
   }
+
   if (Result) {
     Result = EVP_DigestVerifyFinal (EvpVerifyCtx, Signature, (UINT32)SigSize) > 0;
   }
@@ -144,6 +149,7 @@ _Exit :
   if (EvpRsaKey != NULL) {
     EVP_PKEY_free (EvpRsaKey);
   }
+
   if (EvpVerifyCtx != NULL) {
     EVP_MD_CTX_destroy (EvpVerifyCtx);
   }

CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c

@@ -16,7 +16,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 
-
 /**
   Retrieve a pointer to EVP message digest object.
 
@@ -45,7 +44,6 @@ GetEvpMD (
   }
 }
 
-
 /**
   Carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme.
 
@@ -106,7 +104,8 @@ RsaPssSign (
   if (RsaContext == NULL) {
     return FALSE;
   }
-  if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
+
+  if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
     return FALSE;
   }
 
@@ -150,15 +149,19 @@ RsaPssSign (
   if (Result) {
     Result = EVP_PKEY_CTX_set_rsa_padding (KeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_set_rsa_pss_saltlen (KeyCtx, SaltLen) > 0;
   }
+
   if (Result) {
     Result = EVP_PKEY_CTX_set_rsa_mgf1_md (KeyCtx, HashAlg) > 0;
   }
+
   if (Result) {
     Result = EVP_DigestSignUpdate (EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
   }
+
   if (Result) {
     Result = EVP_DigestSignFinal (EvpVerifyCtx, Signature, SigSize) > 0;
   }
@@ -167,6 +170,7 @@ _Exit :
   if (EvpRsaKey != NULL) {
     EVP_PKEY_free (EvpRsaKey);
   }
+
   if (EvpVerifyCtx != NULL) {
     EVP_MD_CTX_destroy (EvpVerifyCtx);
   }

CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c

@@ -129,7 +129,6 @@ ASN1_SEQUENCE (TS_TST_INFO) = {
 } ASN1_SEQUENCE_END (TS_TST_INFO)
 IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO)
 
-
 /**
   Convert ASN.1 GeneralizedTime to EFI Time.
 
@@ -158,13 +157,15 @@ ConvertAsn1TimeToEfiTime (
   SetMem (EfiTime, sizeof (EFI_TIME), 0);
 
   Index = 0;
-  if (Asn1Time->type == V_ASN1_UTCTIME) {               /* two digit year */
+  if (Asn1Time->type == V_ASN1_UTCTIME) {
+    /* two digit year */
     EfiTime->Year  = (Str[Index++] - '0') * 10;
     EfiTime->Year += (Str[Index++] - '0');
     if (EfiTime->Year < 70) {
       EfiTime->Year += 100;
     }
-  } else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) { /* four digit year */
+  } else if (Asn1Time->type == V_ASN1_GENERALIZEDTIME) {
+    /* four digit year */
     EfiTime->Year  = (Str[Index++] - '0') * 1000;
     EfiTime->Year += (Str[Index++] - '0') * 100;
     EfiTime->Year += (Str[Index++] - '0') * 10;
@@ -280,17 +281,22 @@ CheckTSTInfo (
   if (HashedMsg == NULL) {
     goto _Exit;
   }
+
   MdCtx = EVP_MD_CTX_new ();
   if (MdCtx == NULL) {
     goto _Exit;
   }
+
   if ((EVP_DigestInit_ex (MdCtx, Md, NULL) != 1) ||
       (EVP_DigestUpdate (MdCtx, TimestampedData, DataSize) != 1) ||
-      (EVP_DigestFinal (MdCtx, HashedMsg, NULL) != 1)) {
+      (EVP_DigestFinal (MdCtx, HashedMsg, NULL) != 1))
+  {
     goto _Exit;
   }
+
   if ((MdSize == (UINTN)ASN1_STRING_length (Imprint->HashedMessage)) &&
-      (CompareMem (HashedMsg, ASN1_STRING_get0_data (Imprint->HashedMessage), MdSize) != 0)) {
+      (CompareMem (HashedMsg, ASN1_STRING_get0_data (Imprint->HashedMessage), MdSize) != 0))
+  {
     goto _Exit;
   }
 
@@ -376,7 +382,8 @@ TimestampTokenVerify (
   // Check input parameters
   //
   if ((TSToken == NULL) || (TsaCert == NULL) || (TimestampedData == NULL) ||
-      (TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX)) {
+      (TokenSize > INT_MAX) || (CertSize > INT_MAX) || (DataSize > INT_MAX))
+  {
     return FALSE;
   }
 
@@ -386,6 +393,7 @@ TimestampTokenVerify (
   if (SigningTime != NULL) {
     SetMem (SigningTime, sizeof (EFI_TIME), 0);
   }
+
   Pkcs7     = NULL;
   Cert      = NULL;
   CertStore = NULL;
@@ -430,8 +438,10 @@ TimestampTokenVerify (
   // Allow partial certificate chains, terminated by a non-self-signed but
   // still trusted intermediate certificate. Also disable time checks.
   //
-  X509_STORE_set_flags (CertStore,
+  X509_STORE_set_flags (
-                        X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME);
+    CertStore,
+    X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
+    );
 
   X509_STORE_set_purpose (CertStore, X509_PURPOSE_ANY);
 
@@ -442,6 +452,7 @@ TimestampTokenVerify (
   if (OutBio == NULL) {
     goto _Exit;
   }
+
   if (!PKCS7_verify (Pkcs7, NULL, CertStore, NULL, OutBio, PKCS7_BINARY)) {
     goto _Exit;
   }
@@ -453,14 +464,18 @@ TimestampTokenVerify (
   if (TstData == NULL) {
     goto _Exit;
   }
+
   TstSize = BIO_read (OutBio, (void *)TstData, 2048);
 
   //
   // Construct TS_TST_INFO structure from the signed contents.
   //
   TstTemp = TstData;
-  TstInfo = d2i_TS_TST_INFO (NULL, (const unsigned char **) &TstTemp,
+  TstInfo = d2i_TS_TST_INFO (
-              (int)TstSize);
+              NULL,
+              (const unsigned char **)&TstTemp,
+              (int)TstSize
+              );
   if (TstInfo == NULL) {
     goto _Exit;
   }
@@ -530,9 +545,11 @@ ImageTimestampVerify (
   BOOLEAN      Status;
   PKCS7        *Pkcs7;
   CONST UINT8  *Temp;
+
   STACK_OF (PKCS7_SIGNER_INFO)  *SignerInfos;
   PKCS7_SIGNER_INFO  *SignInfo;
   UINTN              Index;
+
   STACK_OF (X509_ATTRIBUTE)     *Sk;
   X509_ATTRIBUTE     *Xa;
   ASN1_OBJECT        *XaObj;
@@ -556,7 +573,8 @@ ImageTimestampVerify (
   // Register & Initialize necessary digest algorithms for PKCS#7 Handling.
   //
   if ((EVP_add_digest (EVP_md5 ()) == 0) || (EVP_add_digest (EVP_sha1 ()) == 0) ||
-      (EVP_add_digest (EVP_sha256 ()) == 0) || (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0) {
+      (EVP_add_digest (EVP_sha256 ()) == 0) || ((EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA)) == 0))
+  {
     return FALSE;
   }
 
@@ -605,7 +623,8 @@ ImageTimestampVerify (
   // of SignerInfo.
   //
   Sk = SignInfo->unauth_attr;
-  if (Sk == NULL) {             // No timestamp counterSignature.
+  if (Sk == NULL) {
+    // No timestamp counterSignature.
     goto _Exit;
   }
 
@@ -618,14 +637,18 @@ ImageTimestampVerify (
     if (Xa == NULL) {
       continue;
     }
+
     XaObj = X509_ATTRIBUTE_get0_object (Xa);
     if (XaObj == NULL) {
       continue;
     }
+
     if ((OBJ_length (XaObj) != sizeof (mSpcRFC3161OidValue)) ||
-        (CompareMem (OBJ_get0_data(XaObj), mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0)) {
+        (CompareMem (OBJ_get0_data (XaObj), mSpcRFC3161OidValue, sizeof (mSpcRFC3161OidValue)) != 0))
+    {
       continue;
     }
+
     Asn1Type = X509_ATTRIBUTE_get0_type (Xa, 0);
   }
 
@@ -633,6 +656,7 @@ ImageTimestampVerify (
     Status = FALSE;
     goto _Exit;
   }
+
   TSToken   = Asn1Type->value.octet_string->data;
   TokenSize = Asn1Type->value.octet_string->length;
 

CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c

@@ -38,7 +38,7 @@ X509ConstructCertificate (
   //
   // Check input parameters.
   //
-  if (Cert == NULL || SingleX509Cert == NULL || CertSize > INT_MAX) {
+  if ((Cert == NULL) || (SingleX509Cert == NULL) || (CertSize > INT_MAX)) {
     return FALSE;
   }
 
@@ -85,6 +85,7 @@ X509ConstructCertificateStackV (
   UINT8  *Cert;
   UINTN  CertSize;
   X509   *X509Cert;
+
   STACK_OF (X509)  *CertStack;
   BOOLEAN  Status;
   UINTN    Index;
@@ -136,6 +137,7 @@ X509ConstructCertificateStackV (
       if (X509Cert != NULL) {
         X509_free (X509Cert);
       }
+
       break;
     }
 
@@ -274,7 +276,7 @@ X509GetSubjectName (
   //
   // Check input parameters.
   //
-  if (Cert == NULL || SubjectSize == NULL) {
+  if ((Cert == NULL) || (SubjectSize == NULL)) {
     return FALSE;
   }
 
@@ -304,6 +306,7 @@ X509GetSubjectName (
     *SubjectSize = X509NameSize;
     goto _Exit;
   }
+
   *SubjectSize = X509NameSize;
   if (CertSubject != NULL) {
     i2d_X509_NAME (X509Name, &CertSubject);
@@ -377,6 +380,7 @@ InternalX509GetNIDName (
   if ((Cert == NULL) || (CertSize > INT_MAX) || (CommonNameSize == NULL)) {
     return ReturnStatus;
   }
+
   if ((CommonName != NULL) && (*CommonNameSize == 0)) {
     return ReturnStatus;
   }
@@ -458,6 +462,7 @@ _Exit:
   if (X509Cert != NULL) {
     X509_free (X509Cert);
   }
+
   if (UTF8Name != NULL) {
     OPENSSL_free (UTF8Name);
   }
@@ -572,7 +577,7 @@ RsaGetPublicKeyFromX509 (
   //
   // Check input parameters.
   //
-  if (Cert == NULL || RsaContext == NULL) {
+  if ((Cert == NULL) || (RsaContext == NULL)) {
     return FALSE;
   }
 
@@ -654,7 +659,7 @@ X509VerifyCert (
   //
   // Check input parameters.
   //
-  if (Cert == NULL || CACert == NULL) {
+  if ((Cert == NULL) || (CACert == NULL)) {
     return FALSE;
   }
 
@@ -670,9 +675,11 @@ X509VerifyCert (
   if (EVP_add_digest (EVP_md5 ()) == 0) {
     goto _Exit;
   }
+
   if (EVP_add_digest (EVP_sha1 ()) == 0) {
     goto _Exit;
   }
+
   if (EVP_add_digest (EVP_sha256 ()) == 0) {
     goto _Exit;
   }
@@ -704,6 +711,7 @@ X509VerifyCert (
   if (CertStore == NULL) {
     goto _Exit;
   }
+
   if (!(X509_STORE_add_cert (CertStore, X509CACert))) {
     goto _Exit;
   }
@@ -712,8 +720,10 @@ X509VerifyCert (
   // Allow partial certificate chains, terminated by a non-self-signed but
   // still trusted intermediate certificate. Also disable time checks.
   //
-  X509_STORE_set_flags (CertStore,
+  X509_STORE_set_flags (
-                        X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME);
+    CertStore,
+    X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
+    );
 
   //
   // Set up X509_STORE_CTX for the subsequent verification operation.
@@ -722,6 +732,7 @@ X509VerifyCert (
   if (CertCtx == NULL) {
     goto _Exit;
   }
+
   if (!X509_STORE_CTX_init (CertCtx, CertStore, X509Cert, NULL)) {
     goto _Exit;
   }
@@ -787,7 +798,8 @@ X509GetTBSCert (
   // Check input parameters.
   //
   if ((Cert == NULL) || (TBSCert == NULL) ||
-      (TBSCertSize == NULL) || (CertSize > INT_MAX)) {
+      (TBSCertSize == NULL) || (CertSize > INT_MAX))
+  {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c

@@ -89,7 +89,7 @@ RandomBytes (
   //
   // Check input parameters.
   //
-  if (Output == NULL || Size > INT_MAX) {
+  if ((Output == NULL) || (Size > INT_MAX)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/Rand/CryptRandNull.c

@@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include "InternalCryptLib.h"
 
-
 /**
   Sets up the seed value for the pseudorandom number generator.
 

CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c

@@ -97,7 +97,7 @@ RandomBytes (
   //
   // Check input parameters.
   //
-  if (Output == NULL || Size > INT_MAX) {
+  if ((Output == NULL) || (Size > INT_MAX)) {
     return FALSE;
   }
 

CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c

@@ -27,7 +27,10 @@ typedef struct {
 //
 
 /* Allocates memory blocks */
-void *malloc (size_t size)
+void *
+malloc (
+  size_t  size
+  )
 {
   CRYPTMEM_HEAD  *PoolHdr;
   UINTN          NewSize;
@@ -57,7 +60,11 @@ void *malloc (size_t size)
 }
 
 /* Reallocate memory blocks */
-void *realloc (void *ptr, size_t size)
+void *
+realloc (
+  void    *ptr,
+  size_t  size
+  )
 {
   CRYPTMEM_HEAD  *OldPoolHdr;
   CRYPTMEM_HEAD  *NewPoolHdr;
@@ -96,7 +103,10 @@ void *realloc (void *ptr, size_t size)
 }
 
 /* De-allocates or frees a memory block */
-void free (void *ptr)
+void
+free (
+  void  *ptr
+  )
 {
   CRYPTMEM_HEAD  *PoolHdr;
 

CryptoPkg/Library/BaseCryptLib/SysCall/ConstantTimeClock.c

@@ -23,15 +23,22 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 // -- Time Management Routines --
 //
 
-time_t time (time_t *timer)
+time_t
+time (
+  time_t  *timer
+  )
 {
   if (timer != NULL) {
     *timer = 0;
   }
+
   return 0;
 }
 
-struct tm * gmtime (const time_t *timer)
+struct tm *
+gmtime (
+  const time_t  *timer
+  )
 {
   return NULL;
 }

CryptoPkg/Library/BaseCryptLib/SysCall/CrtWrapper.c

@@ -43,7 +43,7 @@ QuickSortWorker (
   ASSERT (CompareFunction != NULL);
   ASSERT (Buffer          != NULL);
 
-  if (Count < 2 || ElementSize  < 1) {
+  if ((Count < 2) || (ElementSize  < 1)) {
     return;
   }
 
@@ -58,8 +58,7 @@ QuickSortWorker (
   // Now get the pivot such that all on "left" are below it
   // and everything "right" are above it
   //
-  for (LoopCount = 0; LoopCount < Count - 1;  LoopCount++)
+  for (LoopCount = 0; LoopCount < Count - 1; LoopCount++) {
-  {
     //
     // If the element is less than the pivot
     //
@@ -77,6 +76,7 @@ QuickSortWorker (
       NextSwapLocation++;
     }
   }
+
   //
   // Swap pivot to its final position (NextSwapLocation)
   //
@@ -115,13 +115,21 @@ QuickSortWorker (
 // -- String Manipulation Routines --
 //
 
-char *strchr(const char *str, int ch)
+char *
+strchr (
+  const char  *str,
+  int         ch
+  )
 {
   return ScanMem8 (str, AsciiStrSize (str), (UINT8)ch);
 }
 
 /* Scan a string for the last occurrence of a character */
-char *strrchr (const char *str, int c)
+char *
+strrchr (
+  const char  *str,
+  int         c
+  )
 {
   char  *save;
 
@@ -129,6 +137,7 @@ char *strrchr (const char *str, int c)
     if (*str == c) {
       save = (char *)str;
     }
+
     if (*str == 0) {
       return (save);
     }
@@ -136,7 +145,12 @@ char *strrchr (const char *str, int c)
 }
 
 /* Compare first n bytes of string s1 with string s2, ignoring case */
-int strncasecmp (const char *s1, const char *s2, size_t n)
+int
+strncasecmp (
+  const char  *s1,
+  const char  *s2,
+  size_t      n
+  )
 {
   int  Val;
 
@@ -149,6 +163,7 @@ int strncasecmp (const char *s1, const char *s2, size_t n)
       if (Val != 0) {
         return Val;
       }
+
       ++s1;
       ++s2;
       if (*s1 == '\0') {
@@ -156,11 +171,17 @@ int strncasecmp (const char *s1, const char *s2, size_t n)
       }
     } while (--n != 0);
   }
+
   return 0;
 }
 
 /* Read formatted data from a string */
-int sscanf (const char *buffer, const char *format, ...)
+int
+sscanf (
+  const char  *buffer,
+  const char  *format,
+  ...
+  )
 {
   //
   // Null sscanf() function implementation to satisfy the linker, since
@@ -170,14 +191,21 @@ int sscanf (const char *buffer, const char *format, ...)
 }
 
 /* Maps errnum to an error-message string */
-char * strerror (int errnum)
+char *
+strerror (
+  int  errnum
+  )
 {
   return NULL;
 }
 
 /* Computes the length of the maximum initial segment of the string pointed to by s1
    which consists entirely of characters from the string pointed to by s2. */
-size_t strspn (const char *s1 , const char *s2)
+size_t
+strspn (
+  const char  *s1,
+  const char  *s2
+  )
 {
   UINT8   Map[32];
   UINT32  Index;
@@ -207,7 +235,11 @@ size_t strspn (const char *s1 , const char *s2)
 
 /* Computes the length of the maximum initial segment of the string pointed to by s1
    which consists entirely of characters not from the string pointed to by s2. */
-size_t strcspn (const char *s1, const char *s2)
+size_t
+strcspn (
+  const char  *s1,
+  const char  *s2
+  )
 {
   UINT8   Map[32];
   UINT32  Index;
@@ -238,7 +270,10 @@ size_t strcspn (const char *s1, const char *s2)
 //
 
 /* Determines if a particular character is a decimal-digit character */
-int isdigit (int c)
+int
+isdigit (
+  int  c
+  )
 {
   //
   // <digit> ::= [0-9]
@@ -247,7 +282,10 @@ int isdigit (int c)
 }
 
 /* Determine if an integer represents character that is a hex digit */
-int isxdigit (int c)
+int
+isxdigit (
+  int  c
+  )
 {
   //
   // <hexdigit> ::= [0-9] | [a-f] | [A-F]
@@ -258,7 +296,10 @@ int isxdigit (int c)
 }
 
 /* Determines if a particular character represents a space character */
-int isspace (int c)
+int
+isspace (
+  int  c
+  )
 {
   //
   // <space> ::= [ ]
@@ -267,7 +308,10 @@ int isspace (int c)
 }
 
 /* Determine if a particular character is an alphanumeric character */
-int isalnum (int c)
+int
+isalnum (
+  int  c
+  )
 {
   //
   // <alnum> ::= [0-9] | [a-z] | [A-Z]
@@ -278,7 +322,10 @@ int isalnum (int c)
 }
 
 /* Determines if a particular character is in upper case */
-int isupper (int c)
+int
+isupper (
+  int  c
+  )
 {
   //
   // <uppercase letter> := [A-Z]
@@ -291,7 +338,12 @@ int isupper (int c)
 //
 
 /* Convert strings to a long-integer value */
-long strtol (const char *nptr, char **endptr, int base)
+long
+strtol (
+  const char  *nptr,
+  char        **endptr,
+  int         base
+  )
 {
   //
   // Null strtol() function implementation to satisfy the linker, since there is
@@ -301,7 +353,12 @@ long strtol (const char *nptr, char **endptr, int base)
 }
 
 /* Convert strings to an unsigned long-integer value */
-unsigned long strtoul (const char *nptr, char **endptr, int base)
+unsigned long
+strtoul (
+  const char  *nptr,
+  char        **endptr,
+  int         base
+  )
 {
   //
   // Null strtoul() function implementation to satisfy the linker, since there is
@@ -311,11 +368,15 @@ unsigned long strtoul (const char *nptr, char **endptr, int base)
 }
 
 /* Convert character to lowercase */
-int tolower (int c)
+int
+tolower (
+  int  c
+  )
 {
   if (('A' <= (c)) && ((c) <= 'Z')) {
     return (c - ('A' - 'a'));
   }
+
   return (c);
 }
 
@@ -324,7 +385,13 @@ int tolower (int c)
 //
 
 /* Performs a quick sort */
-void qsort (void *base, size_t num, size_t width, int (*compare)(const void *, const void *))
+void
+qsort (
+  void *base,
+  size_t num,
+  size_t width,
+  int ( *compare )(const void *, const void *)
+  )
 {
   VOID  *Buffer;
 
@@ -351,7 +418,10 @@ void qsort (void *base, size_t num, size_t width, int (*compare)(const void *, c
 //
 
 /* Get a value from the current environment */
-char *getenv (const char *varname)
+char *
+getenv (
+  const char  *varname
+  )
 {
   //
   // Null getenv() function implementation to satisfy the linker, since there is
@@ -361,7 +431,10 @@ char *getenv (const char *varname)
 }
 
 /* Get a value from the current environment */
-char *secure_getenv (const char *varname)
+char *
+secure_getenv (
+  const char  *varname
+  )
 {
   //
   // Null secure_getenv() function implementation to satisfy the linker, since
@@ -378,7 +451,13 @@ char *secure_getenv (const char *varname)
 //
 
 /* Write data to a stream */
-size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream)
+size_t
+fwrite (
+  const void  *buffer,
+  size_t      size,
+  size_t      count,
+  FILE        *stream
+  )
 {
   return 0;
 }
@@ -387,12 +466,23 @@ size_t fwrite (const void *buffer, size_t size, size_t count, FILE *stream)
 //  -- Dummy OpenSSL Support Routines --
 //
 
-int BIO_printf (void *bio, const char *format, ...)
+int
+BIO_printf (
+  void        *bio,
+  const char  *format,
+  ...
+  )
 {
   return 0;
 }
 
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+int
+BIO_snprintf (
+  char        *buf,
+  size_t      n,
+  const char  *format,
+  ...
+  )
 {
   return 0;
 }
@@ -414,7 +504,10 @@ NopFunction (
 {
 }
 
-void abort (void)
+void
+abort (
+  void
+  )
 {
   NoReturnFuncPtr  NoReturnFunc;
 
@@ -425,49 +518,81 @@ void abort (void)
 
 #else
 
-void abort (void)
+void
+abort (
+  void
+  )
 {
   // Do nothing
 }
 
 #endif
 
-int fclose (FILE *f)
+int
+fclose (
+  FILE  *f
+  )
 {
   return 0;
 }
 
-FILE *fopen (const char *c, const char *m)
+FILE *
+fopen (
+  const char  *c,
+  const char  *m
+  )
 {
   return NULL;
 }
 
-size_t fread (void *b, size_t c, size_t i, FILE *f)
+size_t
+fread (
+  void    *b,
+  size_t  c,
+  size_t  i,
+  FILE    *f
+  )
 {
   return 0;
 }
 
-uid_t getuid (void)
+uid_t
+getuid (
+  void
+  )
 {
   return 0;
 }
 
-uid_t geteuid (void)
+uid_t
+geteuid (
+  void
+  )
 {
   return 0;
 }
 
-gid_t getgid (void)
+gid_t
+getgid (
+  void
+  )
 {
   return 0;
 }
 
-gid_t getegid (void)
+gid_t
+getegid (
+  void
+  )
 {
   return 0;
 }
 
-int printf (char const *fmt, ...)
+int
+printf (
+  char const  *fmt,
+  ...
+  )
 {
   return 0;
 }

CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c

@@ -61,7 +61,6 @@ RT_MEMORY_PAGE_TABLE  *mRTPageTable = NULL;
 //
 STATIC EFI_EVENT  mVirtualAddressChangeEvent;
 
-
 /**
   Initializes pre-allocated memory pointed by ScratchBuffer for subsequent
   runtime use.
@@ -114,7 +113,6 @@ InitializeScratchMemory (
   return EFI_SUCCESS;
 }
 
-
 /**
   Look-up Free memory Region for object allocation.
 
@@ -182,6 +180,7 @@ LookupFreeMemRegion (
     //
     return (UINTN)(-1);
   }
+
   for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
     //
     // Check Consecutive ReqPages Pages.
@@ -203,7 +202,8 @@ LookupFreeMemRegion (
     // Failed! Skip current adjacent Used pages
     //
     while ((SubIndex < (StartPageIndex - ReqPages)) &&
-           ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0)) {
+           ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0))
+    {
       SubIndex++;
     }
 
@@ -216,7 +216,6 @@ LookupFreeMemRegion (
   return (UINTN)(-1);
 }
 
-
 /**
   Allocates a buffer at runtime phase.
 
@@ -274,7 +273,6 @@ RuntimeAllocateMem (
   return AllocPtr;
 }
 
-
 /**
   Frees a buffer that was previously allocated at runtime phase.
 
@@ -294,7 +292,8 @@ RuntimeFreeMem (
 
   while (StartPageIndex < mRTPageTable->PageCount) {
     if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
-        (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) {
+        (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset))
+    {
       //
       // Free this page
       //
@@ -311,7 +310,6 @@ RuntimeFreeMem (
   return;
 }
 
-
 /**
   Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
 
@@ -336,7 +334,6 @@ RuntimeCryptLibAddressChangeEvent (
   EfiConvertPointer (0x0, (VOID **)&mRTPageTable);
 }
 
-
 /**
   Constructor routine for runtime crypt library instance.
 
@@ -384,19 +381,25 @@ RuntimeCryptLibConstructor (
   return Status;
 }
 
-
 //
 // -- Memory-Allocation Routines Wrapper for UEFI-OpenSSL Library --
 //
 
 /* Allocates memory blocks */
-void *malloc (size_t size)
+void *
+malloc (
+  size_t  size
+  )
 {
   return RuntimeAllocateMem ((UINTN)size);
 }
 
 /* Reallocate memory blocks */
-void *realloc (void *ptr, size_t size)
+void *
+realloc (
+  void    *ptr,
+  size_t  size
+  )
 {
   VOID   *NewPtr;
   UINTN  StartOffset;
@@ -415,7 +418,8 @@ void *realloc (void *ptr, size_t size)
   PageCount      = 0;
   while (StartPageIndex < mRTPageTable->PageCount) {
     if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
-        (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset)) {
+        (mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset))
+    {
       StartPageIndex++;
       PageCount++;
     } else {
@@ -443,7 +447,10 @@ void *realloc (void *ptr, size_t size)
 }
 
 /* Deallocates or frees a memory block */
-void free (void *ptr)
+void
+free (
+  void  *ptr
+  )
 {
   //
   // In Standard C, free() handles a null pointer argument transparently. This

CryptoPkg/Library/BaseCryptLib/SysCall/TimerWrapper.c

@@ -64,7 +64,10 @@ UINTN CumulativeDays[2][14] = {
 // INTN time(
 //  INTN *timer
 //  )
-time_t time (time_t *timer)
+time_t
+time (
+  time_t  *timer
+  )
 {
   EFI_STATUS  Status;
   EFI_TIME    Time;
@@ -108,7 +111,10 @@ time_t time (time_t *timer)
 //
 // Convert a time value from type time_t to struct tm.
 //
-struct tm * gmtime (const time_t *timer)
+struct tm *
+gmtime (
+  const time_t  *timer
+  )
 {
   struct tm  *GmTime;
   UINT16     DayNo;

CryptoPkg/Library/BaseCryptLib/SysCall/UnitTestHostCrtWrapper.c

@@ -14,16 +14,25 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/DebugLib.h>
 
 /* Convert character to lowercase */
-int tolower (int c)
+int
+tolower (
+  int  c
+  )
 {
   if (('A' <= (c)) && ((c) <= 'Z')) {
     return (c - ('A' - 'a'));
   }
+
   return (c);
 }
 
 /* Compare first n bytes of string s1 with string s2, ignoring case */
-int strncasecmp (const char *s1, const char *s2, size_t n)
+int
+strncasecmp (
+  const char  *s1,
+  const char  *s2,
+  size_t      n
+  )
 {
   int  Val;
 
@@ -36,6 +45,7 @@ int strncasecmp (const char *s1, const char *s2, size_t n)
       if (Val != 0) {
         return Val;
       }
+
       ++s1;
       ++s2;
       if (*s1 == '\0') {
@@ -43,11 +53,17 @@ int strncasecmp (const char *s1, const char *s2, size_t n)
       }
     } while (--n != 0);
   }
+
   return 0;
 }
 
 /* Read formatted data from a string */
-int sscanf (const char *buffer, const char *format, ...)
+int
+sscanf (
+  const char  *buffer,
+  const char  *format,
+  ...
+  )
 {
   //
   // Null sscanf() function implementation to satisfy the linker, since
@@ -60,32 +76,55 @@ int sscanf (const char *buffer, const char *format, ...)
 //  -- Dummy OpenSSL Support Routines --
 //
 
-int BIO_printf (void *bio, const char *format, ...)
+int
+BIO_printf (
+  void        *bio,
+  const char  *format,
+  ...
+  )
 {
   return 0;
 }
 
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+int
+BIO_snprintf (
+  char        *buf,
+  size_t      n,
+  const char  *format,
+  ...
+  )
 {
   return 0;
 }
 
-uid_t getuid (void)
+uid_t
+getuid (
+  void
+  )
 {
   return 0;
 }
 
-uid_t geteuid (void)
+uid_t
+geteuid (
+  void
+  )
 {
   return 0;
 }
 
-gid_t getgid (void)
+gid_t
+getgid (
+  void
+  )
 {
   return 0;
 }
 
-gid_t getegid (void)
+gid_t
+getegid (
+  void
+  )
 {
   return 0;
 }

CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c

@@ -72,8 +72,17 @@ static char rcsid[] = "$Id: inet_pton.c,v 1.1.1.1 2003/11/19 01:51:30 kyu3 Exp $
  * sizeof(int) < 4.  sizeof(int) > 4 is fine; all the world's not a VAX.
  */
 
-static int	inet_pton4 (const char *src, u_char *dst);
+static int
-static int	inet_pton6 (const char *src, u_char *dst);
+inet_pton4 (
+  const char  *src,
+  u_char      *dst
+  );
+
+static int
+inet_pton6 (
+  const char  *src,
+  u_char      *dst
+  );
 
 /* int
  * inet_pton(af, src, dst)
@@ -102,6 +111,7 @@ inet_pton(
       errno = EAFNOSUPPORT;
       return (-1);
   }
+
   /* NOTREACHED */
 }
 
@@ -134,24 +144,33 @@ inet_pton4(
     if ((pch = strchr (digits, ch)) != NULL) {
       u_int  new = *tp * 10 + (u_int)(pch - digits);
 
-			if (new > 255)
+      if (new > 255) {
         return (0);
+      }
+
       *tp = (u_char)new;
       if (!saw_digit) {
-				if (++octets > 4)
+        if (++octets > 4) {
           return (0);
+        }
+
         saw_digit = 1;
       }
-		} else if (ch == '.' && saw_digit) {
+    } else if ((ch == '.') && saw_digit) {
-			if (octets == 4)
+      if (octets == 4) {
-				return (0);
-			*++tp = 0;
-			saw_digit = 0;
-		} else
         return (0);
       }
-	if (octets < 4)
+
+      *++tp     = 0;
+      saw_digit = 0;
+    } else {
       return (0);
+    }
+  }
+
+  if (octets < 4) {
+    return (0);
+  }
 
   memcpy (dst, tmp, NS_INADDRSZ);
   return (1);
@@ -187,55 +206,75 @@ inet_pton6(
   endp   = tp + NS_IN6ADDRSZ;
   colonp = NULL;
   /* Leading :: requires some special handling. */
-	if (*src == ':')
+  if (*src == ':') {
-		if (*++src != ':')
+    if (*++src != ':') {
       return (0);
+    }
+  }
+
   curtok     = src;
   saw_xdigit = 0;
   val        = 0;
   while ((ch = *src++) != '\0') {
     const char  *pch;
 
-		if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
+    if ((pch = strchr ((xdigits = xdigits_l), ch)) == NULL) {
       pch = strchr ((xdigits = xdigits_u), ch);
+    }
+
     if (pch != NULL) {
       val <<= 4;
       val  |= (pch - xdigits);
-			if (val > 0xffff)
+      if (val > 0xffff) {
         return (0);
+      }
+
       saw_xdigit = 1;
       continue;
     }
+
     if (ch == ':') {
       curtok = src;
       if (!saw_xdigit) {
-				if (colonp)
+        if (colonp) {
           return (0);
+        }
+
         colonp = tp;
         continue;
       }
-			if (tp + NS_INT16SZ > endp)
+
+      if (tp + NS_INT16SZ > endp) {
         return (0);
+      }
+
       *tp++      = (u_char)(val >> 8) & 0xff;
       *tp++      = (u_char)val & 0xff;
       saw_xdigit = 0;
       val        = 0;
       continue;
     }
-		if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
+
-		    inet_pton4(curtok, tp) > 0) {
+    if ((ch == '.') && ((tp + NS_INADDRSZ) <= endp) &&
+        (inet_pton4 (curtok, tp) > 0))
+    {
       tp        += NS_INADDRSZ;
       saw_xdigit = 0;
       break;                    /* '\0' was seen by inet_pton4(). */
     }
+
     return (0);
   }
+
   if (saw_xdigit) {
-		if (tp + NS_INT16SZ > endp)
+    if (tp + NS_INT16SZ > endp) {
       return (0);
+    }
+
     *tp++ = (u_char)(val >> 8) & 0xff;
     *tp++ = (u_char)val & 0xff;
   }
+
   if (colonp != NULL) {
     /*
      * Since some memmove()'s erroneously fail to handle
@@ -248,10 +287,14 @@ inet_pton6(
       endp[-i]      = colonp[n - i];
       colonp[n - i] = 0;
     }
+
     tp = endp;
   }
-	if (tp != endp)
+
+  if (tp != endp) {
     return (0);
+  }
+
   memcpy (dst, tmp, NS_IN6ADDRSZ);
   return (1);
 }

CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c

@@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include "InternalCryptLib.h"
 
-
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -26,7 +25,6 @@ Md5GetContextSize (
   return 0;
 }
 
-
 /**
   Initializes user-supplied memory pointed by Md5Context as MD5 hash context for
   subsequent use.

CryptoPkg/Library/BaseCryptLibNull/Hash/CryptSha1Null.c

@@ -8,7 +8,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include "InternalCryptLib.h"
 
-
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 

CryptoPkg/Library/BaseCryptLibNull/Pk/CryptPkcs7SignNull.c

@@ -51,4 +51,3 @@ Pkcs7Sign (
   ASSERT (FALSE);
   return FALSE;
 }
-

CryptoPkg/Library/BaseCryptLibNull/Pk/CryptPkcs7VerifyEkuNull.c

@@ -57,10 +57,8 @@ GetSignerCertificate (
 {
   ASSERT (FALSE);
   return EFI_NOT_READY;
-
 }
 
-
 /**
   Determines if the specified EKU represented in ASN1 form is present
   in a given certificate.
@@ -84,7 +82,6 @@ IsEkuInCertificate (
   return EFI_NOT_READY;
 }
 
-
 /**
   Determines if the specified EKUs are present in a signing certificate.
 
@@ -153,4 +150,3 @@ VerifyEKUsInPkcs7Signature (
   ASSERT (FALSE);
   return EFI_NOT_READY;
 }
-

CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaExtNull.c

@@ -115,5 +115,3 @@ RsaPkcs1Sign (
   ASSERT (FALSE);
   return FALSE;
 }
-
-

CryptoPkg/Library/BaseCryptLibNull/Rand/CryptRandNull.c

@@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include "InternalCryptLib.h"
 
-
 /**
   Sets up the seed value for the pseudorandom number generator.
 

CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c

@@ -100,6 +100,7 @@ CryptoServiceNotAvailable (
 // =====================================================================================
 
 #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -257,9 +258,11 @@ Md5HashAll (
 {
   CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE);
 }
+
 #endif
 
 #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
+
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -417,6 +420,7 @@ Sha1HashAll (
 {
   CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE);
 }
+
 #endif
 
 /**
@@ -2287,7 +2291,6 @@ VerifyEKUsInPkcs7Signature (
   CALL_CRYPTO_SERVICE (VerifyEKUsInPkcs7Signature, (Pkcs7Signature, SignatureSize, RequiredEKUs, RequiredEKUsSize, RequireAllPresent), FALSE);
 }
 
-
 /**
   Extracts the attached content from a PKCS#7 signed data if existed. The input signed
   data could be wrapped in a ContentInfo structure.

CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.c

@@ -57,7 +57,7 @@ DxeCryptLibConstructor (
                   (VOID **)&mCryptoProtocol
                   );
 
-  if (EFI_ERROR (Status) || mCryptoProtocol == NULL) {
+  if (EFI_ERROR (Status) || (mCryptoProtocol == NULL)) {
     DEBUG ((DEBUG_ERROR, "[DxeCryptLib] Failed to locate Crypto Protocol. Status = %r\n", Status));
     ASSERT_EFI_ERROR (Status);
     ASSERT (mCryptoProtocol != NULL);

CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.c

@@ -39,7 +39,7 @@ GetCryptoServices (
                 NULL,
                 (VOID **)&CryptoPpi
                 );
-  if (EFI_ERROR (Status) || CryptoPpi == NULL) {
+  if (EFI_ERROR (Status) || (CryptoPpi == NULL)) {
     DEBUG ((DEBUG_ERROR, "[PeiCryptLib] Failed to locate Crypto PPI. Status = %r\n", Status));
     ASSERT_EFI_ERROR (Status);
     ASSERT (CryptoPpi != NULL);

CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.c

@@ -59,7 +59,7 @@ SmmCryptLibConstructor (
                     NULL,
                     (VOID **)&mSmmCryptoProtocol
                     );
-  if (EFI_ERROR (Status) || mSmmCryptoProtocol == NULL) {
+  if (EFI_ERROR (Status) || (mSmmCryptoProtocol == NULL)) {
     DEBUG ((DEBUG_ERROR, "[SmmCryptLib] Failed to locate Crypto SMM Protocol. Status = %r\n", Status));
     ASSERT_EFI_ERROR (Status);
     ASSERT (mSmmCryptoProtocol != NULL);

CryptoPkg/Library/Include/CrtLibSupport.h

@@ -155,49 +155,241 @@ extern FILE *stderr;
 //
 // Function prototypes of CRT Library routines
 //
-void           *malloc     (size_t);
+void           *
-void           *realloc    (void *, size_t);
+malloc     (
-void           free        (void *);
+  size_t
-void           *memset     (void *, int, size_t);
+  );
-int            memcmp      (const void *, const void *, size_t);
+
-int            isdigit     (int);
+void           *
-int            isspace     (int);
+realloc    (
-int            isxdigit    (int);
+  void *,
-int            isalnum     (int);
+  size_t
-int            isupper     (int);
+  );
-int            tolower     (int);
+
-int            strcmp      (const char *, const char *);
+void
-int            strncasecmp (const char *, const char *, size_t);
+free        (
-char           *strchr     (const char *, int);
+  void *
-char           *strrchr    (const char *, int);
+  );
-unsigned long  strtoul     (const char *, char **, int);
+
-long           strtol      (const char *, char **, int);
+void           *
-char           *strerror   (int);
+memset     (
-size_t         strspn      (const char *, const char *);
+  void *,
-size_t         strcspn     (const char *, const char *);
+  int,
-int            printf      (const char *, ...);
+  size_t
-int            sscanf      (const char *, const char *, ...);
+  );
-FILE           *fopen      (const char *, const char *);
+
-size_t         fread       (void *, size_t, size_t, FILE *);
+int
-size_t         fwrite      (const void *, size_t, size_t, FILE *);
+memcmp      (
-int            fclose      (FILE *);
+  const void *,
-int            fprintf     (FILE *, const char *, ...);
+  const void *,
-time_t         time        (time_t *);
+  size_t
-struct tm      *gmtime     (const time_t *);
+  );
-uid_t          getuid      (void);
+
-uid_t          geteuid     (void);
+int
-gid_t          getgid      (void);
+isdigit     (
-gid_t          getegid     (void);
+  int
-int            issetugid   (void);
+  );
-void           qsort       (void *, size_t, size_t, int (*)(const void *, const void *));
+
-char           *getenv     (const char *);
+int
-char           *secure_getenv (const char *);
+isspace     (
+  int
+  );
+
+int
+isxdigit    (
+  int
+  );
+
+int
+isalnum     (
+  int
+  );
+
+int
+isupper     (
+  int
+  );
+
+int
+tolower     (
+  int
+  );
+
+int
+strcmp      (
+  const char *,
+  const char *
+  );
+
+int
+strncasecmp (
+  const char *,
+  const char *,
+  size_t
+  );
+
+char           *
+strchr     (
+  const char *,
+  int
+  );
+
+char           *
+strrchr    (
+  const char *,
+  int
+  );
+
+unsigned long
+strtoul     (
+  const char *,
+  char **,
+  int
+  );
+
+long
+strtol      (
+  const char *,
+  char **,
+  int
+  );
+
+char           *
+strerror   (
+  int
+  );
+
+size_t
+strspn      (
+  const char *,
+  const char *
+  );
+
+size_t
+strcspn     (
+  const char *,
+  const char *
+  );
+
+int
+printf      (
+  const char *,
+  ...
+  );
+
+int
+sscanf      (
+  const char *,
+  const char *,
+  ...
+  );
+
+FILE           *
+fopen      (
+  const char *,
+  const char *
+  );
+
+size_t
+fread       (
+  void *,
+  size_t,
+  size_t,
+  FILE *
+  );
+
+size_t
+fwrite      (
+  const void *,
+  size_t,
+  size_t,
+  FILE *
+  );
+
+int
+fclose      (
+  FILE *
+  );
+
+int
+fprintf     (
+  FILE *,
+  const char *,
+  ...
+  );
+
+time_t
+time        (
+  time_t *
+  );
+
+struct tm      *
+gmtime     (
+  const time_t *
+  );
+
+uid_t
+getuid      (
+  void
+  );
+
+uid_t
+geteuid     (
+  void
+  );
+
+gid_t
+getgid      (
+  void
+  );
+
+gid_t
+getegid     (
+  void
+  );
+
+int
+issetugid   (
+  void
+  );
+
+void
+qsort       (
+  void *,
+  size_t,
+  size_t,
+  int (*)(const void *, const void *)
+  );
+
+char           *
+getenv     (
+  const char *
+  );
+
+char           *
+secure_getenv (
+  const char *
+  );
+
 #if defined (__GNUC__) && (__GNUC__ >= 2)
-void           abort       (void) __attribute__((__noreturn__));
+void
+abort       (
+  void
+  ) __attribute__ ((__noreturn__));
+
 #else
-void           abort       (void);
+void
+abort       (
+  void
+  );
+
 #endif
-int            inet_pton   (int, const char *, void *);
+int
+inet_pton   (
+  int,
+  const char *,
+  void *
+  );
 
 //
 // Macros that directly map functions to BaseLib, BaseMemoryLib, and DebugLib functions

CryptoPkg/Library/Include/crypto/dso_conf.h

@@ -1,5 +1,6 @@
 /* WARNING: do not edit! */
 /* Generated from include/crypto/dso_conf.h.in */
+
 /*
  * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *

CryptoPkg/Library/Include/openssl/opensslconf.h

@@ -245,7 +245,6 @@ extern "C" {
 #define OPENSSL_NO_DYNAMIC_ENGINE
 #endif
 
-
 /*
  * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
  * don't like that.  This will hopefully silence them.

CryptoPkg/Library/Include/sys/syscall.h

@@ -8,4 +8,3 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
 
 #include <CrtLibSupport.h>
-

CryptoPkg/Library/IntrinsicLib/CopyMem.c

@@ -14,17 +14,34 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 /* Copies bytes between buffers */
 static __attribute__ ((__used__))
-void * __memcpy (void *dest, const void *src, unsigned int count)
+void *
+__memcpy (
+  void          *dest,
+  const void    *src,
+  unsigned int  count
+  )
 {
   return CopyMem (dest, src, (UINTN)count);
 }
+
 __attribute__ ((__alias__ ("__memcpy")))
-void * memcpy (void *dest, const void *src, unsigned int count);
+void *
+memcpy (
+  void          *dest,
+  const void    *src,
+  unsigned int  count
+  );
 
 #else
 /* Copies bytes between buffers */
-void * memcpy (void *dest, const void *src, unsigned int count)
+void *
+memcpy (
+  void          *dest,
+  const void    *src,
+  unsigned int  count
+  )
 {
   return CopyMem (dest, src, (UINTN)count);
 }
+
 #endif

CryptoPkg/Library/IntrinsicLib/Ia32/MathFtol.c

@@ -11,7 +11,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 /*
  * Floating point to integer conversion.
  */
-__declspec(naked) void _ftol2 (void)
+__declspec(naked) void
+_ftol2 (
+  void
+  )
 {
   _asm {
     fistp qword ptr [esp-8]

CryptoPkg/Library/IntrinsicLib/Ia32/MathLShiftS64.c

@@ -8,16 +8,19 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
-
 /*
  * Shifts a 64-bit signed value left by a particular number of bits.
  */
-__declspec(naked) void __cdecl _allshl (void)
+__declspec(naked) void __cdecl
+_allshl (
+  void
+  )
 {
   _asm {
     ;
     ; Handle shifting of 64 or more bits (return 0)
     ;
+
     cmp     cl, 64
     jae     short ReturnZero
 

CryptoPkg/Library/IntrinsicLib/Ia32/MathRShiftU64.c

@@ -8,11 +8,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
-
 /*
  * Shifts a 64-bit unsigned value right by a certain number of bits.
  */
-__declspec(naked) void __cdecl _aullshr (void)
+__declspec(naked) void __cdecl
+_aullshr (
+  void
+  )
 {
   _asm {
     ;
@@ -43,6 +45,7 @@ More32:
     ;
     ; Invalid number (less  then 32bits), return 0
     ;
+
 _Exit:
     xor     eax, eax
     xor     edx, edx

CryptoPkg/Library/IntrinsicLib/MemoryIntrinsics.c

@@ -24,7 +24,12 @@ typedef UINTN  size_t;
 int  GLOBAL_USED  _fltused = 1;
 
 /* Sets buffers to a specified character */
-void * memset (void *dest, int ch, size_t count)
+void *
+memset (
+  void    *dest,
+  int     ch,
+  size_t  count
+  )
 {
   //
   // NOTE: Here we use one base implementation for memset, instead of the direct
@@ -49,12 +54,21 @@ void * memset (void *dest, int ch, size_t count)
 }
 
 /* Compare bytes in two buffers. */
-int memcmp (const void *buf1, const void *buf2, size_t count)
+int
+memcmp (
+  const void  *buf1,
+  const void  *buf2,
+  size_t      count
+  )
 {
   return (int)CompareMem (buf1, buf2, count);
 }
 
-int strcmp (const char *s1, const char *s2)
+int
+strcmp (
+  const char  *s1,
+  const char  *s2
+  )
 {
   return (int)AsciiStrCmp (s1, s2);
 }

CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c

@@ -8,7 +8,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include <Uefi.h>
 
-
 /**
   An internal OpenSSL function which fetches a local copy of the hardware
   capability flags.
@@ -41,4 +40,3 @@ OpensslLibConstructor (
 
   return EFI_SUCCESS;
 }
-

CryptoPkg/Library/OpensslLib/X64/ApiHooks.c

@@ -19,4 +19,3 @@ __imp_RtlVirtualUnwind (
 {
   return NULL;
 }
-

CryptoPkg/Library/OpensslLib/ossl_store.c

@@ -11,7 +11,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
  *
  * Dummy Implement for UEFI
  */
-void ossl_store_cleanup_int(void)
+void
+ossl_store_cleanup_int (
+  void
+  )
 {
 }
-

CryptoPkg/Library/OpensslLib/rand_pool.c

@@ -44,7 +44,6 @@ RandGetBytes (
     return Ret;
   }
 
-
   while (Length > 0) {
     // Use RngLib to get random number
     Ret = GetRandomNumber64 (&TempRand);
@@ -52,12 +51,12 @@ RandGetBytes (
     if (!Ret) {
       return Ret;
     }
+
     if (Length >= sizeof (TempRand)) {
       *((UINT64 *)RandBuffer) = TempRand;
       RandBuffer             += sizeof (UINT64);
       Length                 -= sizeof (TempRand);
-    }
+    } else {
-    else {
       CopyMem (RandBuffer, &TempRand, Length);
       Length = 0;
     }
@@ -91,8 +90,7 @@ rand_pool_acquire_entropy (
       Ret = RandGetBytes (Bytes_needed, Buffer);
       if (FALSE == Ret) {
         rand_pool_add_end (pool, 0, 0);
-      }
+      } else {
-      else {
         rand_pool_add_end (pool, Bytes_needed, 8 * Bytes_needed);
       }
     }
@@ -112,6 +110,7 @@ rand_pool_add_nonce_data (
   )
 {
   UINT8  data[16];
+
   RandGetBytes (sizeof (data), data);
 
   return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);
@@ -128,6 +127,7 @@ rand_pool_add_additional_data (
   )
 {
   UINT8  data[16];
+
   RandGetBytes (sizeof (data), data);
 
   return rand_pool_add (pool, (unsigned char *)&data, sizeof (data), 0);

CryptoPkg/Library/TlsLib/InternalTlsLib.h

@@ -38,4 +38,3 @@ typedef struct {
 } TLS_CONNECTION;
 
 #endif
-

CryptoPkg/Library/TlsLib/TlsConfig.c

@@ -138,7 +138,7 @@ TlsSetVersion (
   UINT16          ProtoVersion;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -176,7 +176,7 @@ TlsSetVersion (
       return EFI_UNSUPPORTED;
   }
 
-  return EFI_SUCCESS;;
+  return EFI_SUCCESS;
 }
 
 /**
@@ -202,7 +202,7 @@ TlsSetConnectionEnd (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -261,7 +261,7 @@ TlsSetCipherList (
   CHAR8                     *CipherStringPosition;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (CipherId == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -269,11 +269,15 @@ TlsSetCipherList (
   // Allocate the MappedCipher array for recording the mappings that we find
   // for the input IANA identifiers in CipherId.
   //
-  Status = SafeUintnMult (CipherNum, sizeof (*MappedCipher),
+  Status = SafeUintnMult (
-             &MappedCipherBytes);
+             CipherNum,
+             sizeof (*MappedCipher),
+             &MappedCipherBytes
+             );
   if (EFI_ERROR (Status)) {
     return EFI_OUT_OF_RESOURCES;
   }
+
   MappedCipher = AllocatePool (MappedCipherBytes);
   if (MappedCipher == NULL) {
     return EFI_OUT_OF_RESOURCES;
@@ -291,8 +295,13 @@ TlsSetCipherList (
     //
     Mapping = TlsGetCipherMapping (CipherId[Index]);
     if (Mapping == NULL) {
-      DEBUG ((DEBUG_VERBOSE, "%a:%a: skipping CipherId=0x%04x\n",
+      DEBUG ((
-        gEfiCallerBaseName, __FUNCTION__, CipherId[Index]));
+        DEBUG_VERBOSE,
+        "%a:%a: skipping CipherId=0x%04x\n",
+        gEfiCallerBaseName,
+        __FUNCTION__,
+        CipherId[Index]
+        ));
       //
       // Skipping the cipher is valid because CipherId is an ordered
       // preference list of ciphers, thus we can filter it as long as we
@@ -300,6 +309,7 @@ TlsSetCipherList (
       //
       continue;
     }
+
     //
     // Accumulate Mapping->OpensslCipherLength into CipherStringSize. If this
     // is not the first successful mapping, account for a colon (":") prefix
@@ -312,12 +322,17 @@ TlsSetCipherList (
         goto FreeMappedCipher;
       }
     }
-    Status = SafeUintnAdd (CipherStringSize, Mapping->OpensslCipherLength,
+
-               &CipherStringSize);
+    Status = SafeUintnAdd (
+               CipherStringSize,
+               Mapping->OpensslCipherLength,
+               &CipherStringSize
+               );
     if (EFI_ERROR (Status)) {
       Status = EFI_OUT_OF_RESOURCES;
       goto FreeMappedCipher;
     }
+
     //
     // Record the mapping.
     //
@@ -329,16 +344,22 @@ TlsSetCipherList (
   // terminating NUL character in CipherStringSize; allocate CipherString.
   //
   if (MappedCipherCount == 0) {
-    DEBUG ((DEBUG_ERROR, "%a:%a: no CipherId could be mapped\n",
+    DEBUG ((
-      gEfiCallerBaseName, __FUNCTION__));
+      DEBUG_ERROR,
+      "%a:%a: no CipherId could be mapped\n",
+      gEfiCallerBaseName,
+      __FUNCTION__
+      ));
     Status = EFI_UNSUPPORTED;
     goto FreeMappedCipher;
   }
+
   Status = SafeUintnAdd (CipherStringSize, 1, &CipherStringSize);
   if (EFI_ERROR (Status)) {
     Status = EFI_OUT_OF_RESOURCES;
     goto FreeMappedCipher;
   }
+
   CipherString = AllocatePool (CipherStringSize);
   if (CipherString == NULL) {
     Status = EFI_OUT_OF_RESOURCES;
@@ -358,8 +379,12 @@ TlsSetCipherList (
     if (Index > 0) {
       *(CipherStringPosition++) = ':';
     }
-    CopyMem (CipherStringPosition, Mapping->OpensslCipher,
+
-      Mapping->OpensslCipherLength);
+    CopyMem (
+      CipherStringPosition,
+      Mapping->OpensslCipher,
+      Mapping->OpensslCipherLength
+      );
     CipherStringPosition += Mapping->OpensslCipherLength;
   }
 
@@ -380,17 +405,24 @@ TlsSetCipherList (
   UINTN  SegmentLength;
 
   FullLength = CipherStringSize - 1;
-    DEBUG ((DEBUG_VERBOSE, "%a:%a: CipherString={\n", gEfiCallerBaseName,
+  DEBUG ((
-      __FUNCTION__));
+    DEBUG_VERBOSE,
+    "%a:%a: CipherString={\n",
+    gEfiCallerBaseName,
+    __FUNCTION__
+    ));
   for (CipherStringPosition = CipherString;
        CipherStringPosition < CipherString + FullLength;
-         CipherStringPosition += SegmentLength) {
+       CipherStringPosition += SegmentLength)
+  {
     SegmentLength = FullLength - (CipherStringPosition - CipherString);
     if (SegmentLength > 79) {
       SegmentLength = 79;
     }
+
     DEBUG ((DEBUG_VERBOSE, "%.*a\n", SegmentLength, CipherStringPosition));
   }
+
   DEBUG ((DEBUG_VERBOSE, "}\n"));
   //
   // Restore the pre-debug value of CipherStringPosition by skipping over the
@@ -487,7 +519,7 @@ TlsSetVerify (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
     return;
   }
 
@@ -524,7 +556,7 @@ TlsSetVerifyHost (
   INTN               ParamStatus;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || HostName == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (HostName == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -541,11 +573,20 @@ TlsSetVerifyHost (
   }
 
   if (BinaryAddressSize > 0) {
-    DEBUG ((DEBUG_VERBOSE, "%a:%a: parsed \"%a\" as an IPv%c address "
+    DEBUG ((
-      "literal\n", gEfiCallerBaseName, __FUNCTION__, HostName,
+      DEBUG_VERBOSE,
-      (UINTN)((BinaryAddressSize == NS_IN6ADDRSZ) ? '6' : '4')));
+      "%a:%a: parsed \"%a\" as an IPv%c address "
-    ParamStatus = X509_VERIFY_PARAM_set1_ip (VerifyParam, BinaryAddress,
+      "literal\n",
-                    BinaryAddressSize);
+      gEfiCallerBaseName,
+      __FUNCTION__,
+      HostName,
+      (UINTN)((BinaryAddressSize == NS_IN6ADDRSZ) ? '6' : '4')
+      ));
+    ParamStatus = X509_VERIFY_PARAM_set1_ip (
+                    VerifyParam,
+                    BinaryAddress,
+                    BinaryAddressSize
+                    );
   } else {
     ParamStatus = X509_VERIFY_PARAM_set1_host (VerifyParam, HostName, 0);
   }
@@ -582,7 +623,7 @@ TlsSetSessionId (
   TlsConn = (TLS_CONNECTION *)Tls;
   Session = NULL;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || SessionId == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (SessionId == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -637,7 +678,7 @@ TlsSetCaCertificate (
   TlsConn   = (TLS_CONNECTION *)Tls;
   Ret       = 0;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || Data == NULL || DataSize == 0) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (Data == NULL) || (DataSize == 0)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -684,8 +725,9 @@ TlsSetCaCertificate (
     //
     // Ignore "already in table" errors
     //
-    if (!(ERR_GET_FUNC (ErrorCode) == X509_F_X509_STORE_ADD_CERT &&
+    if (!((ERR_GET_FUNC (ErrorCode) == X509_F_X509_STORE_ADD_CERT) &&
-        ERR_GET_REASON (ErrorCode) == X509_R_CERT_ALREADY_IN_HASH_TABLE)) {
+          (ERR_GET_REASON (ErrorCode) == X509_R_CERT_ALREADY_IN_HASH_TABLE)))
+    {
       Status = EFI_ABORTED;
       goto ON_EXIT;
     }
@@ -738,7 +780,7 @@ TlsSetHostPublicCert (
   Status  = EFI_SUCCESS;
   TlsConn = (TLS_CONNECTION *)Tls;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || Data == NULL || DataSize == 0) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (Data == NULL) || (DataSize == 0)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -920,7 +962,7 @@ TlsGetCurrentCipher (
   TlsConn = (TLS_CONNECTION *)Tls;
   Cipher  = NULL;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (CipherId == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -1018,7 +1060,7 @@ TlsGetSessionId (
   TlsConn = (TLS_CONNECTION *)Tls;
   Session = NULL;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || SessionId == NULL || SessionIdLen == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (SessionId == NULL) || (SessionIdLen == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -1055,7 +1097,7 @@ TlsGetClientRandom (
 
   TlsConn = (TLS_CONNECTION *)Tls;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || ClientRandom == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (ClientRandom == NULL)) {
     return;
   }
 
@@ -1084,7 +1126,7 @@ TlsGetServerRandom (
 
   TlsConn = (TLS_CONNECTION *)Tls;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || ServerRandom == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (ServerRandom == NULL)) {
     return;
   }
 
@@ -1118,7 +1160,7 @@ TlsGetKeyMaterial (
   TlsConn = (TLS_CONNECTION *)Tls;
   Session = NULL;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || KeyMaterial == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (KeyMaterial == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -1191,7 +1233,7 @@ TlsGetHostPublicCert (
   Cert    = NULL;
   TlsConn = (TLS_CONNECTION *)Tls;
 
-  if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL || (*DataSize != 0 && Data == NULL)) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (DataSize == NULL) || ((*DataSize != 0) && (Data == NULL))) {
     return EFI_INVALID_PARAMETER;
   }
 

CryptoPkg/Library/TlsLib/TlsInit.c

@@ -247,6 +247,7 @@ TlsNew (
       TlsFree ((VOID *)TlsConn);
       return NULL;
     }
+
     SSL_CTX_set1_verify_cert_store (SslCtx, X509Store);
     X509_STORE_free (X509Store);
   }
@@ -260,4 +261,3 @@ TlsNew (
     );
   return (VOID *)TlsConn;
 }
-

CryptoPkg/Library/TlsLib/TlsProcess.c

@@ -32,7 +32,7 @@ TlsInHandshake (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
     return FALSE;
   }
 
@@ -87,16 +87,17 @@ TlsDoHandshake (
   PendingBufferSize = 0;
   Ret               = 1;
 
-  if (TlsConn == NULL || \
+  if ((TlsConn == NULL) || \
-    TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \
+      (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
-    BufferOutSize == NULL || \
+      (BufferOutSize == NULL) || \
-    (BufferIn == NULL && BufferInSize != 0) || \
+      ((BufferIn == NULL) && (BufferInSize != 0)) || \
-    (BufferIn != NULL && BufferInSize == 0) || \
+      ((BufferIn != NULL) && (BufferInSize == 0)) || \
-    (BufferOut == NULL && *BufferOutSize != 0)) {
+      ((BufferOut == NULL) && (*BufferOutSize != 0)))
+  {
     return EFI_INVALID_PARAMETER;
   }
 
-  if(BufferIn == NULL && BufferInSize == 0) {
+  if ((BufferIn == NULL) && (BufferInSize == 0)) {
     //
     // If RequestBuffer is NULL and RequestSize is 0, and TLS session
     // status is EfiTlsSessionNotStarted, the TLS session will be initiated
@@ -119,9 +120,10 @@ TlsDoHandshake (
 
   if (Ret < 1) {
     Ret = SSL_get_error (TlsConn->Ssl, (int)Ret);
-    if (Ret == SSL_ERROR_SSL ||
+    if ((Ret == SSL_ERROR_SSL) ||
-        Ret == SSL_ERROR_SYSCALL ||
+        (Ret == SSL_ERROR_SYSCALL) ||
-        Ret == SSL_ERROR_ZERO_RETURN) {
+        (Ret == SSL_ERROR_ZERO_RETURN))
+    {
       DEBUG ((
         DEBUG_ERROR,
         "%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n",
@@ -135,6 +137,7 @@ TlsDoHandshake (
         if (ErrorCode == 0) {
           break;
         }
+
         DEBUG ((
           DEBUG_ERROR,
           "%a ERROR 0x%x=L%x:F%x:R%x\n",
@@ -145,6 +148,7 @@ TlsDoHandshake (
           ERR_GET_REASON (ErrorCode)
           ));
       }
+
       DEBUG_CODE_END ();
       return EFI_ABORTED;
     }
@@ -209,17 +213,18 @@ TlsHandleAlert (
   TempBuffer        = NULL;
   Ret               = 0;
 
-  if (TlsConn == NULL || \
+  if ((TlsConn == NULL) || \
-    TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \
+      (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
-    BufferOutSize == NULL || \
+      (BufferOutSize == NULL) || \
-    (BufferIn == NULL && BufferInSize != 0) || \
+      ((BufferIn == NULL) && (BufferInSize != 0)) || \
-    (BufferIn != NULL && BufferInSize == 0) || \
+      ((BufferIn != NULL) && (BufferInSize == 0)) || \
-    (BufferOut == NULL && *BufferOutSize != 0)) {
+      ((BufferOut == NULL) && (*BufferOutSize != 0)))
+  {
     return EFI_INVALID_PARAMETER;
   }
 
   PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
-  if (PendingBufferSize == 0 && BufferIn != NULL && BufferInSize != 0) {
+  if ((PendingBufferSize == 0) && (BufferIn != NULL) && (BufferInSize != 0)) {
     Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
     if (Ret != (INTN)BufferInSize) {
       return EFI_ABORTED;
@@ -284,10 +289,11 @@ TlsCloseNotify (
   TlsConn           = (TLS_CONNECTION *)Tls;
   PendingBufferSize = 0;
 
-  if (TlsConn == NULL || \
+  if ((TlsConn == NULL) || \
-    TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \
+      (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
-    BufferSize == NULL || \
+      (BufferSize == NULL) || \
-    (Buffer == NULL && *BufferSize != 0)) {
+      ((Buffer == NULL) && (*BufferSize != 0)))
+  {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -339,7 +345,7 @@ TlsCtrlTrafficOut (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->OutBio == 0) {
+  if ((TlsConn == NULL) || (TlsConn->OutBio == 0)) {
     return -1;
   }
 
@@ -374,7 +380,7 @@ TlsCtrlTrafficIn (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->InBio == 0) {
+  if ((TlsConn == NULL) || (TlsConn->InBio == 0)) {
     return -1;
   }
 
@@ -383,6 +389,7 @@ TlsCtrlTrafficIn (
   //
   return BIO_write (TlsConn->InBio, Buffer, (UINT32)BufferSize);
 }
+
 /**
   Attempts to read bytes from the specified TLS connection into the buffer.
 
@@ -409,7 +416,7 @@ TlsRead (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
     return -1;
   }
 
@@ -445,7 +452,7 @@ TlsWrite (
   TLS_CONNECTION  *TlsConn;
 
   TlsConn = (TLS_CONNECTION *)Tls;
-  if (TlsConn == NULL || TlsConn->Ssl == NULL) {
+  if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
     return -1;
   }
 

CryptoPkg/Library/TlsLibNull/TlsConfigNull.c

@@ -131,6 +131,7 @@ TlsSetVerify (
 }
 
 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [BEGIN]
+
 /**
   Set the specified host name to be verified.
 

CryptoPkg/Library/TlsLibNull/TlsInitNull.c

@@ -108,4 +108,3 @@ TlsNew (
   ASSERT (FALSE);
   return NULL;
 }
-

CryptoPkg/Library/TlsLibNull/TlsProcessNull.c

@@ -191,6 +191,7 @@ TlsCtrlTrafficIn (
   ASSERT (FALSE);
   return 0;
 }
+
 /**
   Attempts to read bytes from the specified TLS connection into the buffer.
 

CryptoPkg/Private/Protocol/Crypto.h

@@ -43,6 +43,7 @@ UINTN
 // =====================================================================================
 //    MAC (Message Authentication Code) Primitive
 // =====================================================================================
+
 /**
   HMAC MD5 is deprecated and unsupported any longer.
   Keep the function field for binary compability.
@@ -137,7 +138,6 @@ BOOLEAN
   OUT     UINT8  *HmacValue
   );
 
-
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
 
@@ -163,7 +163,6 @@ VOID
   IN  VOID  *HmacSha256Ctx
   );
 
-
 /**
   Set user-supplied key for subsequent use. It must be done before any
   calling to HmacSha256Update().
@@ -210,7 +209,6 @@ BOOLEAN
   OUT  VOID        *NewHmacSha256Context
   );
 
-
 /**
   Digests the input data and updates HMAC-SHA256 context.
 
@@ -268,7 +266,6 @@ BOOLEAN
   OUT     UINT8  *HmacValue
   );
 
-
 // =====================================================================================
 //    One-Way Cryptographic Hash Primitives
 // =====================================================================================
@@ -284,14 +281,12 @@ UINTN
   VOID
   );
 
-
 typedef
 BOOLEAN
 (EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_INIT)(
   OUT  VOID  *Md4Context
   );
 
-
 typedef
 BOOLEAN
 (EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE)(
@@ -299,7 +294,6 @@ BOOLEAN
   OUT  VOID        *NewMd4Context
   );
 
-
 typedef
 BOOLEAN
 (EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_UPDATE)(
@@ -308,7 +302,6 @@ BOOLEAN
   IN      UINTN       DataSize
   );
 
-
 typedef
 BOOLEAN
 (EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_FINAL)(
@@ -316,7 +309,6 @@ BOOLEAN
   OUT     UINT8  *HashValue
   );
 
-
 typedef
 BOOLEAN
 (EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL)(
@@ -359,7 +351,8 @@ UINTN
 typedef
 BOOLEAN
 (EFIAPI *EDKII_CRYPTO_MD5_INIT)(
-    OUT VOID *Md5Context);
+  OUT VOID *Md5Context
+  );
 
 /**
   Makes a copy of an existing MD5 context.
@@ -380,8 +373,8 @@ typedef
 BOOLEAN
 (EFIAPI *EDKII_CRYPTO_MD5_DUPLICATE)(
   IN CONST VOID *Md5Context,
-    OUT VOID *NewMd5Context);
+  OUT VOID *NewMd5Context
-
+  );
 
 /**
   Digests the input data and updates MD5 context.
@@ -408,8 +401,8 @@ BOOLEAN
 (EFIAPI *EDKII_CRYPTO_MD5_UPDATE)(
   IN OUT VOID *Md5Context,
   IN CONST VOID *Data,
-    IN UINTN DataSize);
+  IN UINTN DataSize
-
+  );
 
 /**
   Completes computation of the MD5 digest value.
@@ -437,8 +430,8 @@ typedef
 BOOLEAN
 (EFIAPI *EDKII_CRYPTO_MD5_FINAL)(
   IN OUT VOID *Md5Context,
-    OUT UINT8 *HashValue);
+  OUT UINT8 *HashValue
-
+  );
 
 /**
   Computes the MD5 message digest of a input data buffer.
@@ -463,14 +456,13 @@ BOOLEAN
 (EFIAPI *EDKII_CRYPTO_MD5_HASH_ALL)(
   IN CONST VOID *Data,
   IN UINTN DataSize,
-    OUT UINT8 *HashValue);
+  OUT UINT8 *HashValue
-
+  );
 
 // =====================================================================================
 //    PKCS
 // =====================================================================================
 
-
 /**
   Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the encrypted message in
   in a newly allocated buffer.
@@ -508,9 +500,6 @@ OUT  UINT8                        **EncryptedData,
   OUT  UINTN                         *EncryptedDataSize
   );
 
-
-
-
 // ---------------------------------------------
 // PKCS5
 
@@ -554,8 +543,6 @@ BOOLEAN
   OUT UINT8                    *Output
   );
 
-
-
 // ---------------------------------------------
 // PKCS7
 
@@ -861,7 +848,6 @@ BOOLEAN
   OUT EFI_TIME     *SigningTime
   );
 
-
 // =====================================================================================
 //    DH Key Exchange Primitive
 // =====================================================================================
@@ -1655,7 +1641,6 @@ BOOLEAN
   OUT  UINT8                       *HashValue
   );
 
-
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
   If this interface is not supported, then return zero.
@@ -1670,7 +1655,6 @@ UINTN
   VOID
   );
 
-
 /**
   Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash context for
   subsequent use.
@@ -1689,7 +1673,6 @@ BOOLEAN
   OUT  VOID  *Sha384Context
   );
 
-
 /**
   Makes a copy of an existing SHA-384 context.
 
@@ -1712,7 +1695,6 @@ BOOLEAN
   OUT  VOID        *NewSha384Context
   );
 
-
 /**
   Digests the input data and updates SHA-384 context.
 
@@ -1739,7 +1721,6 @@ BOOLEAN
   IN      UINTN       DataSize
   );
 
-
 /**
   Completes computation of the SHA-384 digest value.
 
@@ -1767,7 +1748,6 @@ BOOLEAN
   OUT     UINT8  *HashValue
   );
 
-
 /**
   Computes the SHA-384 message digest of a input data buffer.
 
@@ -1806,7 +1786,6 @@ UINTN
   VOID
   );
 
-
 /**
   Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash context for
   subsequent use.
@@ -1825,7 +1804,6 @@ BOOLEAN
   OUT  VOID  *Sha512Context
   );
 
-
 /**
   Makes a copy of an existing SHA-512 context.
 
@@ -1874,7 +1852,6 @@ BOOLEAN
   IN      UINTN       DataSize
   );
 
-
 /**
   Completes computation of the SHA-512 digest value.
 
@@ -2186,8 +2163,6 @@ BOOLEAN
   OUT UINTN        *TBSCertSize
   );
 
-
-
 // =====================================================================================
 //    Symmetric Cryptography Primitive
 // =====================================================================================
@@ -2438,7 +2413,6 @@ BOOLEAN
   IN OUT  VOID  *Arc4Context
   );
 
-
 /**
   Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
 
@@ -2471,7 +2445,8 @@ UINTN
 typedef
 BOOLEAN
 (EFIAPI *EDKII_CRYPTO_SM3_INIT)(
-    OUT VOID *Sm3Context);
+  OUT VOID *Sm3Context
+  );
 
 /**
   Makes a copy of an existing SM3 context.
@@ -2492,8 +2467,8 @@ typedef
 BOOLEAN
 (EFIAPI *EDKII_CRYPTO_SM3_DUPLICATE)(
   IN CONST VOID *Sm3Context,
-    OUT VOID *NewSm3Context);
+  OUT VOID *NewSm3Context
-
+  );
 
 /**
   Digests the input data and updates SM3 context.
@@ -2520,8 +2495,8 @@ BOOLEAN
 (EFIAPI *EDKII_CRYPTO_SM3_UPDATE)(
   IN OUT VOID *Sm3Context,
   IN CONST VOID *Data,
-    IN UINTN DataSize);
+  IN UINTN DataSize
-
+  );
 
 /**
   Completes computation of the SM3 digest value.
@@ -2549,8 +2524,8 @@ typedef
 BOOLEAN
 (EFIAPI *EDKII_CRYPTO_SM3_FINAL)(
   IN OUT VOID *Sm3Context,
-    OUT UINT8 *HashValue);
+  OUT UINT8 *HashValue
-
+  );
 
 /**
   Computes the SM3 message digest of a input data buffer.
@@ -2575,8 +2550,8 @@ BOOLEAN
 (EFIAPI *EDKII_CRYPTO_SM3_HASH_ALL)(
   IN CONST VOID *Data,
   IN UINTN DataSize,
-    OUT UINT8 *HashValue);
+  OUT UINT8 *HashValue
-
+  );
 
 /**
   Derive key data using HMAC-SHA256 based KDF.
@@ -3482,8 +3457,6 @@ BOOLEAN
   IN  UINT16       SaltLen
   );
 
-
-
 ///
 /// EDK II Crypto Protocol
 ///

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c

@@ -33,14 +33,16 @@ CreateUnitTest (
   IN     CHAR8                       *UnitTestName,
   IN     CHAR8                       *UnitTestVersion,
   IN OUT UNIT_TEST_FRAMEWORK_HANDLE  *Framework
-) {
+  )
+{
   EFI_STATUS  Status;
   UINTN       SuiteIndex;
   UINTN       TestIndex;
 
-    if ( Framework == NULL || UnitTestVersion == NULL || UnitTestName == NULL) {
+  if ((Framework == NULL) || (UnitTestVersion == NULL) || (UnitTestName == NULL)) {
     return EFI_INVALID_PARAMETER;
   }
+
   Status = EFI_SUCCESS;
   //
   // Start setting up the test framework for running the tests.
@@ -58,10 +60,12 @@ CreateUnitTest (
       Status = EFI_OUT_OF_RESOURCES;
       goto EXIT;
     }
+
     for (TestIndex = 0; TestIndex < *mSuiteDesc[SuiteIndex].TestNum; TestIndex++) {
       AddTestCase (Suite, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Description, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->ClassName, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Func, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->PreReq, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->CleanUp, (mSuiteDesc[SuiteIndex].TestDesc + TestIndex)->Context);
     }
   }
+
 EXIT:
   return Status;
 }

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BlockCipherTests.c

@@ -125,7 +125,6 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 Arc4Cipher[] = {
   0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79
 };
 
-
 typedef
 UINTN
 (EFIAPI *EFI_BLOCK_CIPHER_GET_CONTEXT_SIZE)(
@@ -192,7 +191,6 @@ typedef struct {
 // BLOCK_CIPHER_TEST_CONTEXT mArc4TestCtx      = {Arc4GetContextSize, Arc4Init, Arc4Encrypt,    (EFI_BLOCK_CIPHER_ECB_ENCRYPT_DECRYPT), Arc4Decrypt,    NULL,           NULL,           Arc4Reset, Arc4Key,      sizeof(Arc4Key), NULL,          Arc4Data,      sizeof(Arc4Data),      Arc4Cipher,      sizeof(Arc4Cipher)};
 BLOCK_CIPHER_TEST_CONTEXT  mAes128CbcTestCtx = { AesGetContextSize, AesInit, NULL, NULL, AesCbcEncrypt, AesCbcDecrypt, NULL, Aes128CbcKey, 128, Aes128CbcIvec, Aes128CbcData, sizeof (Aes128CbcData), Aes128CbcCipher, sizeof (Aes128CbcCipher) };
 
-
 UNIT_TEST_STATUS
 EFIAPI
 TestVerifyBLockCiperPreReq (
@@ -256,7 +254,6 @@ TestVerifyBLockCiper (
 
     Status = TestContext->EcbDecrypt (TestContext->Ctx, Encrypt, TestContext->DataSize, Decrypt);
     UT_ASSERT_TRUE (Status);
-
   } else {
     Status = TestContext->CbcEncrypt (TestContext->Ctx, TestContext->Data, TestContext->DataSize, TestContext->Ivec, Encrypt);
     UT_ASSERT_TRUE (Status);

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/DhTests.c

@@ -40,6 +40,7 @@ TestVerifyDhCleanUp (
     DhFree (mDh1);
     mDh1 = NULL;
   }
+
   if (mDh2 != NULL) {
     DhFree (mDh2);
     mDh2 = NULL;

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c

@@ -110,7 +110,6 @@ typedef struct {
 // HMAC_TEST_CONTEXT       mHmacSha1TestCtx   = {SHA1_DIGEST_SIZE,   HmacSha1New,   HmacSha1SetKey,   HmacSha1Update,   HmacSha1Final,   HmacSha1Key,   sizeof(HmacSha1Key),   HmacSha1Digest};
 HMAC_TEST_CONTEXT  mHmacSha256TestCtx = { SHA256_DIGEST_SIZE, HmacSha256New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, HmacSha256Key, sizeof (HmacSha256Key), HmacSha256Digest };
 
-
 UNIT_TEST_STATUS
 EFIAPI
 TestVerifyHmacPreReq (
@@ -178,7 +177,6 @@ TEST_DESC mHmacTest[] = {
   // These functions have been deprecated but they've been left commented out for future reference
   // {"TestVerifyHmacMd5()",    "CryptoPkg.BaseCryptLib.Hmac",   TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacMd5TestCtx},
   // {"TestVerifyHmacSha1()",   "CryptoPkg.BaseCryptLib.Hmac",   TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha1TestCtx},
-
 };
 
 UINTN  mHmacTestNum = ARRAY_SIZE (mHmacTest);

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/OaepEncryptTests.c

@@ -304,5 +304,3 @@ TEST_DESC mOaepTest[] = {
 };
 
 UINTN  mOaepTestNum = ARRAY_SIZE (mOaepTest);
-
-

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/Pkcs5Pbkdf2Tests.c

@@ -17,7 +17,8 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8  *Salt     = "salt";      // Input Sal
 GLOBAL_REMOVE_IF_UNREFERENCED UINTN        SaltLen      = 4;          // Length of Input Salt
 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN  Count        = 2;          // InterationCount
 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN  KeyLen       = 20;         // Length of derived key
-GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8  DerivedKey[]  = {        // Expected output key
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8  DerivedKey[] = {
+  // Expected output key
   0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
   0xd8, 0xde, 0x89, 0x57
 };

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/Pkcs7EkuTestSignatures.h

@@ -24,7 +24,6 @@ Abstract:
          signature files.
 --*/
 
-
 //
 // This is the ProductionECCSignature.p7b in byte array format.  It has one
 // EKU in it. (Firmware signing)
@@ -301,7 +300,6 @@ CONST UINT8 TestSignedWithMultipleEKUsInCert[] =
   0xB5, 0xEA, 0xBA, 0x90, 0x51, 0xC0, 0xC6, 0x94, 0x09, 0xE4, 0xB7, 0x15, 0x3F, 0x07, 0x23, 0xE8,
   0x46, 0x93, 0xA5, 0x7B, 0x7A, 0x91, 0xDA, 0x8E, 0x7C, 0xAF, 0xBD, 0x41, 0xB9, 0xDE, 0x85, 0x04,
   0xBC, 0x08, 0x6C, 0x08, 0x56, 0x16, 0xDB, 0xB5, 0xEE, 0x65, 0x76, 0xE9, 0x78, 0xD3, 0xDD, 0xD8,
-
 };
 
 //

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/Pkcs7EkuTests.c

@@ -67,7 +67,6 @@ VerifyEKUsInPkcs7Signature (
 
 CONST CHAR8  FIRMWARE_SIGNER_EKU[] = "1.3.6.1.4.1.311.76.9.21.1";
 
-
 /**
   TestVerifyEKUsInSignature()
 
@@ -92,17 +91,18 @@ TestVerifyEKUsInSignature (
 
   CONST CHAR8  *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
 
-  Status = VerifyEKUsInPkcs7Signature(ProductionECCSignature,
+  Status = VerifyEKUsInPkcs7Signature (
+             ProductionECCSignature,
              ARRAY_SIZE (ProductionECCSignature),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
 }// TestVerifyEKUsInSignature()
 
-
 /**
   TestVerifyEKUsWith3CertsInSignature()
 
@@ -127,11 +127,13 @@ TestVerifyEKUsWith3CertsInSignature (
 
   CONST CHAR8  *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignEKUsWith3CertsInSignature,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignEKUsWith3CertsInSignature,
              ARRAY_SIZE (TestSignEKUsWith3CertsInSignature),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
@@ -160,17 +162,18 @@ TestVerifyEKUsWith2CertsInSignature (
 
   CONST CHAR8  *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignEKUsWith2CertsInSignature,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignEKUsWith2CertsInSignature,
              ARRAY_SIZE (TestSignEKUsWith2CertsInSignature),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
 }// TestVerifyEKUsWith2CertsInSignature()
 
-
 /**
   TestVerifyEKUsWith1CertInSignature()
 
@@ -194,17 +197,18 @@ TestVerifyEKUsWith1CertInSignature (
 
   CONST CHAR8  *RequiredEKUs[] = { FIRMWARE_SIGNER_EKU };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignEKUsWith1CertInSignature,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignEKUsWith1CertInSignature,
              ARRAY_SIZE (TestSignEKUsWith1CertInSignature),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
 }// TestVerifyEKUsWith1CertInSignature()
 
-
 /**
   TestVerifyEKUsWithMultipleEKUsInCert()
 
@@ -229,20 +233,23 @@ TestVerifyEKUsWithMultipleEKUsInCert (
 {
   EFI_STATUS  Status = EFI_SUCCESS;
 
-  CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1",
+  CONST CHAR8  *RequiredEKUs[] = {
-                                  "1.3.6.1.4.1.311.76.9.21.1.2" };
+    "1.3.6.1.4.1.311.76.9.21.1",
+    "1.3.6.1.4.1.311.76.9.21.1.2"
+  };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignedWithMultipleEKUsInCert,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignedWithMultipleEKUsInCert,
              ARRAY_SIZE (TestSignedWithMultipleEKUsInCert),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
 }// TestVerifyEKUsWithMultipleEKUsInCert()
 
-
 /**
   TestEkusNotPresentInSignature()
 
@@ -269,11 +276,13 @@ TestEkusNotPresentInSignature (
   //
   CONST CHAR8  *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.3" };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignedWithMultipleEKUsInCert,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignedWithMultipleEKUsInCert,
              ARRAY_SIZE (TestSignedWithMultipleEKUsInCert),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
@@ -292,7 +301,6 @@ TestEkusNotPresentInSignature (
   @retval UNIT_TEST_PASSED            - The required EKUs were found in the signature.
   @retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output.
 **/
-
 static
 UNIT_TEST_STATUS
 EFIAPI
@@ -305,20 +313,23 @@ TestProductId10001PresentInSignature(
   //
   // These EKU's are present in the leaf signer certificate.
   //
-  CONST CHAR8* RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1",
+  CONST CHAR8  *RequiredEKUs[] = {
-                                  "1.3.6.1.4.1.311.76.9.21.1.10001" };
+    "1.3.6.1.4.1.311.76.9.21.1",
+    "1.3.6.1.4.1.311.76.9.21.1.10001"
+  };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignedWithProductId10001,
              ARRAY_SIZE (TestSignedWithProductId10001),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
 }// TestProductId10001PresentInSignature()
 
-
 /**
   TestOnlyOneEkuInListRequired()
 
@@ -337,7 +348,6 @@ TestProductId10001PresentInSignature(
   @retval UNIT_TEST_PASSED            - The required EKUs were found in the signature.
   @retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output.
 **/
-
 static
 UNIT_TEST_STATUS
 EFIAPI
@@ -353,11 +363,13 @@ TestOnlyOneEkuInListRequired(
   //
   CONST CHAR8  *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1.10001" };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignedWithProductId10001,
              ARRAY_SIZE (TestSignedWithProductId10001),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      FALSE);
+             FALSE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
@@ -376,7 +388,6 @@ TestOnlyOneEkuInListRequired(
   @retval UNIT_TEST_PASSED            - The required EKUs were found in the signature.
   @retval UNIT_TEST_ERROR_TEST_FAILED - Something failed, check the debug output.
 **/
-
 static
 UNIT_TEST_STATUS
 EFIAPI
@@ -391,17 +402,18 @@ TestNoEKUsInSignature(
   //
   CONST CHAR8  *RequiredEKUs[] = { "1.3.6.1.4.1.311.76.9.21.1" };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignatureWithNoEKUsPresent,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignatureWithNoEKUsPresent,
              ARRAY_SIZE (TestSignatureWithNoEKUsPresent),
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;
 }// TestNoEKUsInSignature()
 
-
 /**
   TestInvalidParameters()
 
@@ -427,27 +439,30 @@ TestInvalidParameters(
   //
   // Check bad signature.
   //
-  Status = VerifyEKUsInPkcs7Signature(NULL,
+  Status = VerifyEKUsInPkcs7Signature (
+             NULL,
              0,
              (CONST CHAR8 **)RequiredEKUs,
              ARRAY_SIZE (RequiredEKUs),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
 
   //
   // Check invalid EKU's
   //
-  Status = VerifyEKUsInPkcs7Signature(TestSignatureWithNoEKUsPresent,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignatureWithNoEKUsPresent,
              ARRAY_SIZE (TestSignatureWithNoEKUsPresent),
              (CONST CHAR8 **)NULL,
              0,
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
 
   return UNIT_TEST_PASSED;
 }// TestInvalidParameters()
 
-
 /**
   TestEKUSubStringFails()
 
@@ -478,11 +493,13 @@ TestEKUSubsetSupersetFails(
   //
   CONST CHAR8  *RequiredEKUs1[] = { "1.3.6.1.4.1.311.76.9.21" };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignedWithProductId10001,
              ARRAY_SIZE (TestSignedWithProductId10001),
              (CONST CHAR8 **)RequiredEKUs1,
              ARRAY_SIZE (RequiredEKUs1),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
 
   //
@@ -494,11 +511,13 @@ TestEKUSubsetSupersetFails(
   //
   CONST CHAR8  *RequiredEKUs2[] = { "1.3.6.1.4.1.311.76.9.21.1.10001.1" };
 
-  Status = VerifyEKUsInPkcs7Signature(TestSignedWithProductId10001,
+  Status = VerifyEKUsInPkcs7Signature (
+             TestSignedWithProductId10001,
              ARRAY_SIZE (TestSignedWithProductId10001),
              (CONST CHAR8 **)RequiredEKUs2,
              ARRAY_SIZE (RequiredEKUs2),
-                                      TRUE);
+             TRUE
+             );
   UT_ASSERT_NOT_EQUAL (Status, EFI_SUCCESS);
 
   return UNIT_TEST_PASSED;

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPkcs7Tests.c

@@ -9,7 +9,6 @@
 
 #include "TestBaseCryptLib.h"
 
-
 //
 // Password-protected PEM Key data for RSA Private Key Retrieving (encryption key is "client").
 // (Generated by OpenSSL utility).
@@ -241,7 +240,6 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 MsgHash[] = {
 //
 GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8  *Payload = "Payload Data for PKCS#7 Signing";
 
-
 UNIT_TEST_STATUS
 EFIAPI
 TestVerifyRsaCertPkcs1SignVerify (
@@ -389,6 +387,7 @@ TestVerifyPkcs7SignVerify (
   if (P7SignedData != NULL) {
     FreePool (P7SignedData);
   }
+
   if (SignCert != NULL) {
     X509Free (SignCert);
   }

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c

@@ -105,7 +105,6 @@ UINT8 TestVectorSignature[]={
   0x11, 0x18, 0x81, 0xe6, 0x50, 0xce, 0x61, 0xf2, 0x51, 0xd9, 0xc3, 0xa6, 0x29, 0xef, 0x22, 0x2d,
 };
 
-
 STATIC VOID  *mRsa;
 
 UNIT_TEST_STATUS
@@ -135,7 +134,6 @@ TestVerifyRsaPssCleanUp (
   }
 }
 
-
 UNIT_TEST_STATUS
 EFIAPI
 TestVerifyRsaPssSignVerify (
@@ -180,7 +178,6 @@ TestVerifyRsaPssSignVerify (
   return UNIT_TEST_PASSED;
 }
 
-
 TEST_DESC  mRsaPssTest[] = {
   //
   // -----Description--------------------------------------Class----------------------Function---------------------------------Pre---------------------Post---------Context

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h

@@ -119,6 +119,4 @@ ValidateCryptPrng (
   VOID
   );
 
-
-
 #endif

CryptoPkg/Test/UnitTest/Library/BaseCryptLib/UnitTestMain.c

@@ -8,7 +8,6 @@
 **/
 #include "TestBaseCryptLib.h"
 
-
 /**
   Initialize the unit test framework, suite, and unit tests for the
   sample unit tests and run the unit tests.