Remove trailing whitespace

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)

apps/list.c

@@ -1463,7 +1463,7 @@ typedef enum HELPLIST_CHOICE {
     OPT_STORE_LOADERS, OPT_PROVIDER_INFO,
     OPT_OBJECTS, OPT_SELECT_NAME,
 #ifndef OPENSSL_NO_DEPRECATED_3_0
-    OPT_ENGINES, 
+    OPT_ENGINES,
 #endif
     OPT_PROV_ENUM
 } HELPLIST_CHOICE;
@@ -1495,7 +1495,7 @@ const OPTIONS list_options[] = {
     {"mac-algorithms", OPT_MAC_ALGORITHMS, '-',
      "List of message authentication code algorithms"},
 #ifndef OPENSSL_NO_DEPRECATED_3_0
-    {"cipher-commands", OPT_CIPHER_COMMANDS, '-', 
+    {"cipher-commands", OPT_CIPHER_COMMANDS, '-',
     "List of cipher commands (deprecated)"},
 #endif
     {"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-',

crypto/cms/cms_dh.c

@@ -123,7 +123,7 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
         goto err;
 
     kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery);
-    if (kekcipher == NULL 
+    if (kekcipher == NULL
         || EVP_CIPHER_get_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
         goto err;
     if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))

crypto/cms/cms_env.c

@@ -1301,7 +1301,7 @@ int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio)
 
     BIO_get_cipher_ctx(cmsbio, &ctx);
 
-    /* 
+    /*
      * The tag is set only for encryption. There is nothing to do for
      * decryption.
      */

crypto/ec/ecp_nistp384.c

@@ -596,7 +596,7 @@ static void felem_reduce(felem out, const widefelem in)
     acc[0] += (acc[7] & 0xffffffffffff) << 8;
 
     /*-
-     * acc[k] < in[k] + 2^124 + 2^121 
+     * acc[k] < in[k] + 2^124 + 2^121
      *        < in[k] + 2^125
      *        < 2^128, for k <= 6
      */
@@ -621,7 +621,7 @@ static void felem_reduce(felem out, const widefelem in)
     /* [3]: Eliminate high bits of acc[6] */
     temp = acc[6] >> 48;
     acc[6] &= 0x0000ffffffffffff;
-    
+
     /* temp < 2^80 */
 
     acc[3] += temp >> 40;
@@ -865,7 +865,7 @@ static void felem_contract(felem out, const felem in)
     unsigned int i;
 
     memcpy(tmp, in, sizeof(felem));
- 
+
     /* Case 1: a = 1 iff |in| >= 2^384 */
     a = (in[6] >> 48);
     tmp[0] += a;

crypto/pem/pem_pkey.c

@@ -334,7 +334,7 @@ PEM_write_cb_fnsig(PrivateKey, EVP_PKEY, BIO, write_bio)
 
 /*
  * Note: there is no way to tell a provided pkey encoder to use "traditional"
- * encoding.  Therefore, if the pkey is provided, we try to take a copy 
+ * encoding.  Therefore, if the pkey is provided, we try to take a copy
  */
 int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x,
                                          const EVP_CIPHER *enc,

crypto/pkcs12/p12_crt.c

@@ -280,7 +280,7 @@ PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
                              NULL, NULL);
 }
 
-PKCS12_SAFEBAG *PKCS12_add_secret(STACK_OF(PKCS12_SAFEBAG) **pbags, 
+PKCS12_SAFEBAG *PKCS12_add_secret(STACK_OF(PKCS12_SAFEBAG) **pbags,
                                   int nid_type, const unsigned char *value, int len)
 {
     PKCS12_SAFEBAG *bag = NULL;

crypto/pkcs12/p12_key.c

@@ -43,7 +43,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
                        unsigned char *out, const EVP_MD *md_type)
 {
     return PKCS12_key_gen_asc_ex(pass, passlen, salt, saltlen, id, iter, n,
-                                  out, md_type, NULL, NULL);    
+                                  out, md_type, NULL, NULL);
 }
 
 int PKCS12_key_gen_utf8_ex(const char *pass, int passlen, unsigned char *salt,

crypto/rsa/rsa_schemes.c

@@ -38,7 +38,7 @@ static const char *nid2name(int meth, const OSSL_ITEM *items, size_t items_n)
 }
 
 /*
- * The list of permitted hash functions are taken from 
+ * The list of permitted hash functions are taken from
  * https://tools.ietf.org/html/rfc8017#appendix-A.2.1:
  *
  * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {

crypto/x509/v3_san.c

@@ -127,7 +127,7 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                 return NULL;
             break;
         default:
-            if (OBJ_obj2txt(oline, sizeof(oline), gen->d.otherName->type_id, 0) > 0) 
+            if (OBJ_obj2txt(oline, sizeof(oline), gen->d.otherName->type_id, 0) > 0)
                 BIO_snprintf(othername, sizeof(othername), "othername: %s:",
                              oline);
             else
@@ -138,14 +138,14 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
                 if (x509v3_add_len_value_uchar(othername,
                              gen->d.otherName->value->value.ia5string->data,
                              gen->d.otherName->value->value.ia5string->length,
-                             &ret)) 
+                             &ret))
                     return ret;
             }
             if (gen->d.otherName->value->type == V_ASN1_UTF8STRING) {
                 if (x509v3_add_len_value_uchar(othername,
                              gen->d.otherName->value->value.utf8string->data,
                              gen->d.otherName->value->value.utf8string->length,
-                             &ret)) 
+                             &ret))
                     return ret;
             }
             if (!X509V3_add_value(othername, "<unsupported>", &ret))

crypto/x509/x_pubkey.c

@@ -1004,7 +1004,7 @@ int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp)
     return ret;
 }
 
-# endif /* OPENSSL_NO_ECX */ 
+# endif /* OPENSSL_NO_ECX */
 #endif
 
 void X509_PUBKEY_set0_public_key(X509_PUBKEY *pub,

demos/cipher/aesgcm.c

@@ -101,7 +101,7 @@ static int aes_gcm_encrypt(void)
      * IV length parameter.
      * For demonstration purposes the IV is being set here. In a compliant
      * application the IV would be generated internally so the iv passed in
-     * would be NULL. 
+     * would be NULL.
      */
     if (!EVP_EncryptInit_ex2(ctx, cipher, gcm_key, gcm_iv, params))
         goto err;

demos/digest/BIO_f_md.c

@@ -59,7 +59,7 @@ int main(int argc, char *argv[])
 
     /*
      * Fetch a message digest by name
-     * The algorithm name is case insensitive. 
+     * The algorithm name is case insensitive.
      * See providers(7) for details about algorithm fetching
      */
     md = EVP_MD_fetch(library_context, "SHA3-512", NULL);

demos/digest/EVP_MD_demo.c

@@ -95,7 +95,7 @@ static int demonstrate_digest(void)
 
     /*
      * Fetch a message digest by name
-     * The algorithm name is case insensitive. 
+     * The algorithm name is case insensitive.
      * See providers(7) for details about algorithm fetching
      */
     message_digest = EVP_MD_fetch(library_context,
@@ -126,7 +126,7 @@ static int demonstrate_digest(void)
         goto cleanup;
     }
     /*
-     * Initialize the message digest context to use the fetched 
+     * Initialize the message digest context to use the fetched
      * digest provider
      */
     if (EVP_DigestInit(digest_context, message_digest) != 1) {

demos/digest/EVP_MD_stdin.c

@@ -51,7 +51,7 @@ static int demonstrate_digest(BIO *input)
 
     /*
      * Fetch a message digest by name
-     * The algorithm name is case insensitive. 
+     * The algorithm name is case insensitive.
      * See providers(7) for details about algorithm fetching
      */
     message_digest = EVP_MD_fetch(library_context,
@@ -85,7 +85,7 @@ static int demonstrate_digest(BIO *input)
         goto cleanup;
     }
     /*
-     * Initialize the message digest context to use the fetched 
+     * Initialize the message digest context to use the fetched
      * digest provider
      */
     if (EVP_DigestInit(digest_context, message_digest) != 1) {

include/internal/event_queue.h

@@ -102,7 +102,7 @@ void ossl_event_queue_free(OSSL_EVENT_QUEUE *queue);
  *
  * The function returns NULL on failure and the added event on success.
  */
-OSSL_EVENT *ossl_event_queue_add_new(OSSL_EVENT_QUEUE *queue, 
+OSSL_EVENT *ossl_event_queue_add_new(OSSL_EVENT_QUEUE *queue,
                                      uint32_t type, uint32_t priority,
                                      OSSL_TIME when, void *ctx,
                                      void *payload, size_t payload_size)

include/internal/quic_ackm.h

@@ -115,7 +115,7 @@ struct ossl_ackm_tx_pkt_st {
     void (*on_discarded)(void *arg);
     void  *cb_arg;
 
-    /* 
+    /*
      * (Internal use fields; must be zero-initialized.)
      *
      * Keep a TX history list, anext is used to manifest

include/internal/refcount.h

@@ -199,7 +199,7 @@ typedef struct {
 
 #  ifdef OPENSSL_THREADS
 
-static ossl_unused ossl_inline int CRYPTO_UP_REF(CRYPTO_REF_COUNT *refcnt, 
+static ossl_unused ossl_inline int CRYPTO_UP_REF(CRYPTO_REF_COUNT *refcnt,
                                                  int *ret)
 {
     return CRYPTO_atomic_add(&refcnt->val, 1, ret, refcnt->lock);
@@ -237,7 +237,7 @@ static ossl_unused ossl_inline void CRYPTO_FREE_REF(CRYPTO_REF_COUNT *refcnt)
 
 #  else     /* OPENSSL_THREADS */
 
-static ossl_unused ossl_inline int CRYPTO_UP_REF(CRYPTO_REF_COUNT *refcnt, 
+static ossl_unused ossl_inline int CRYPTO_UP_REF(CRYPTO_REF_COUNT *refcnt,
                                                  int *ret)
 {
     refcnt->val++;

include/openssl/e_os2.h

@@ -289,7 +289,7 @@ typedef uint64_t ossl_uintmax_t;
 # endif
 
 # if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L && \
-     !defined(__cplusplus) 
+     !defined(__cplusplus)
 #  define ossl_noreturn _Noreturn
 # elif defined(__GNUC__) && __GNUC__ >= 2
 #  define ossl_noreturn __attribute__((noreturn))

providers/implementations/include/prov/names.h

@@ -235,7 +235,7 @@
 #define PROV_NAMES_SHAKE_256 "SHAKE-256:SHAKE256:2.16.840.1.101.3.4.2.12"
 
 /*
- * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for 
+ * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for
  * KMAC128 and KMAC256.
  */
 #define PROV_NAMES_KECCAK_KMAC_128 "KECCAK-KMAC-128:KECCAK-KMAC128"

providers/implementations/rands/drbg.c

@@ -428,7 +428,7 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength,
         }
 #ifndef PROV_RAND_GET_RANDOM_NONCE
         else { /* parent == NULL */
-            noncelen = prov_drbg_get_nonce(drbg, &nonce, drbg->min_noncelen, 
+            noncelen = prov_drbg_get_nonce(drbg, &nonce, drbg->min_noncelen,
                                            drbg->max_noncelen);
             if (noncelen < drbg->min_noncelen
                     || noncelen > drbg->max_noncelen) {

ssl/event_queue.c

@@ -103,7 +103,7 @@ void ossl_event_set(OSSL_EVENT *event, uint32_t type, uint32_t priority,
     event->payload_size = payload_size;
 }
 
-OSSL_EVENT *ossl_event_queue_add_new(OSSL_EVENT_QUEUE *queue, 
+OSSL_EVENT *ossl_event_queue_add_new(OSSL_EVENT_QUEUE *queue,
                                      uint32_t type, uint32_t priority,
                                      OSSL_TIME when, void *ctx,
                                      void *payload, size_t payload_size)

ssl/quic/quic_cfq.c

@@ -71,7 +71,7 @@ typedef struct quic_cfq_item_list_st {
 } QUIC_CFQ_ITEM_LIST;
 
 struct quic_cfq_st {
-    /* 
+    /*
      * Invariant: A CFQ item is always in exactly one of these lists, never more
      * or less than one.
      *

ssl/ssl_cert.c

@@ -236,7 +236,7 @@ void ssl_cert_clear_certs(CERT *c)
 #ifndef OPENSSL_NO_COMP_ALG
     int j;
 #endif
-    
+
     if (c == NULL)
         return;
     for (i = 0; i < c->ssl_pkey_num; i++) {

ssl/ssl_cert_comp.c

@@ -21,7 +21,7 @@ size_t ossl_calculate_comp_expansion(int alg, size_t length)
      * Brotli: per RFC7932: N + 5 + 3 * (N >> 16)
      * ZSTD: N + 4 + 14 + 3 * (N >> 17) + 4
      */
-    
+
     switch (alg) {
     case TLSEXT_comp_cert_zlib:
         ret = length + 11 + 5 * (length >> 14);

ssl/statem/statem_clnt.c

@@ -2699,7 +2699,7 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL_CONNECTION *s,
             && (!PACKET_get_net_4(pkt, &age_add)
                 || !PACKET_get_length_prefixed_1(pkt, &nonce)))
         || !PACKET_get_net_2(pkt, &ticklen)
-        || (SSL_CONNECTION_IS_TLS13(s) ? (ticklen == 0 
+        || (SSL_CONNECTION_IS_TLS13(s) ? (ticklen == 0
                                           || PACKET_remaining(pkt) < ticklen)
                                        : PACKET_remaining(pkt) != ticklen)) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);

ssl/t1_lib.c

@@ -636,7 +636,7 @@ static int add_provider_sigalgs(const OSSL_PARAM params[], void *data)
         if (EVP_KEYMGMT_get0_provider(keymgmt) == provider) {
             /*
              * We have a match - so we could use this signature;
-             * Check proper object registration first, though. 
+             * Check proper object registration first, though.
              * Don't care about return value as this may have been
              * done within providers or previous calls to
              * add_provider_sigalgs.
@@ -724,7 +724,7 @@ int ssl_load_sigalgs(SSL_CTX *ctx)
         }
     }
 
-    /* 
+    /*
      * For now, leave it at this: legacy sigalgs stay in their own
      * data structures until "legacy cleanup" occurs.
      */

test/pkcs12_format_test.c

@@ -63,7 +63,7 @@ static const unsigned char CERT1[] =
     0x09, 0xc0, 0xca, 0xe0, 0xaa, 0x9f, 0x07, 0xb2, 0xc2, 0xbb, 0x31, 0x96, 0xa2, 0x04, 0x62, 0xd3,
     0x13, 0x32, 0x29, 0x67, 0x6e, 0xad, 0x2e, 0x0b, 0xea, 0x04, 0x7c, 0x8c, 0x5a, 0x5d, 0xac, 0x14,
     0xaa, 0x61, 0x7f, 0x28, 0x6c, 0x2d, 0x64, 0x2d, 0xc3, 0xaf, 0x77, 0x52, 0x90, 0xb4, 0x37, 0xc0,
-    0x30, 
+    0x30,
 };
 
 static const unsigned char CERT2[] =
@@ -99,7 +99,7 @@ static const unsigned char CERT2[] =
     0x2a, 0x67, 0xff, 0x16, 0x78, 0xa8, 0x2c, 0x10, 0xe0, 0x52, 0x8c, 0xe6, 0xe9, 0x90, 0x8d, 0xe0,
     0x62, 0x04, 0x9a, 0x0f, 0x44, 0x01, 0x82, 0x14, 0x92, 0x44, 0x25, 0x69, 0x22, 0xb7, 0xb8, 0xc5,
     0x94, 0x4c, 0x4b, 0x1c, 0x9b, 0x92, 0x60, 0x66, 0x90, 0x4e, 0xb9, 0xa8, 0x4c, 0x89, 0xbb, 0x0f,
-    0x0b, 
+    0x0b,
 };
 
 static const unsigned char KEY1[] =
@@ -142,7 +142,7 @@ static const unsigned char KEY1[] =
     0x13, 0xbd, 0x83, 0xff, 0xb4, 0xbc, 0xf4, 0xdd, 0xa1, 0xbb, 0x1c, 0x96, 0x37, 0x35, 0xf4, 0xbf,
     0xed, 0x4c, 0xed, 0x92, 0xe8, 0xac, 0xc9, 0xc1, 0xa5, 0xa3, 0x23, 0x66, 0x40, 0x8a, 0xa1, 0xe6,
     0xe3, 0x95, 0xfe, 0xc4, 0x53, 0xf5, 0x7d, 0x6e, 0xca, 0x45, 0x42, 0xe4, 0xc2, 0x9f, 0xe5, 0x1e,
-    0xb5, 
+    0xb5,
 };
 
 
@@ -317,7 +317,7 @@ static const char *passwords[] = {
 
 /* --------------------------------------------------------------------------
  * Local functions
- */ 
+ */
 
 static int get_custom_oid(void)
 {

test/quic_fc_test.c

@@ -367,7 +367,7 @@ static const struct rx_test_op rx_script_1[] = {
     RX_OP_CHECK_ERROR(OSSL_QUIC_ERR_FLOW_CONTROL_ERROR, 1)
     RX_OP_CHECK_ERROR(0, 0)
     RX_OP_CHECK_CWM(INIT_WINDOW_SIZE * 5)
-    /* 
+    /*
      * No window expansion due to flow control violation; window expansion is
      * triggered by retirement only.
      */

test/quic_record_test.c

@@ -3491,7 +3491,7 @@ static const unsigned char tx_script_5_body[] = {
     0x84, 0x41, 0x4d, 0x31,
     /* Retry Integrity Tag */
     0x43, 0x8e, 0xab, 0xcd, 0xce, 0x24, 0x44, 0xc2, 0x20, 0xe1, 0xe2, 0xc8,
-    0xae, 0xa3, 0x8d, 0x4e, 
+    0xae, 0xa3, 0x8d, 0x4e,
 };
 
 static const unsigned char tx_script_5_dgram[] = {
@@ -3505,7 +3505,7 @@ static const unsigned char tx_script_5_dgram[] = {
     0x9c, 0x49, 0x8f, 0x0c, 0xc8, 0xb2, 0x75, 0x4b, 0x4d, 0x2f, 0xfe, 0x05,
     0x5a, 0xdd, 0x4b, 0xe6, 0x14, 0xb4, 0xd2, 0xc0, 0x93, 0x6e, 0x0e, 0x84,
     0x41, 0x4d, 0x31, 0x43, 0x8e, 0xab, 0xcd, 0xce, 0x24, 0x44, 0xc2, 0x20,
-    0xe1, 0xe2, 0xc8, 0xae, 0xa3, 0x8d, 0x4e, 
+    0xe1, 0xe2, 0xc8, 0xae, 0xa3, 0x8d, 0x4e,
 };
 
 static QUIC_PKT_HDR tx_script_5_hdr = {

test/safe_math_test.c

@@ -191,7 +191,7 @@ static int test_uint_ops(int n)
     r = safe_neg_uint(b, &err);
     if (!TEST_int_eq(err, b != 0) || (!err && !TEST_uint_eq(r, 0)))
         goto err;
- 
+
     err = 0;
     r = safe_abs_uint(a, &err);
     if (!TEST_int_eq(err, 0) || !TEST_uint_eq(r, a))
@@ -274,7 +274,7 @@ static int test_size_t_ops(int n)
     r = safe_neg_size_t(b, &err);
     if (!TEST_int_eq(err, b != 0) || (!err && !TEST_size_t_eq(r, 0)))
         goto err;
- 
+
     err = 0;
     r = safe_abs_size_t(a, &err);
     if (!TEST_int_eq(err, 0) || !TEST_size_t_eq(r, a))

test/tls-provider.c

@@ -62,7 +62,7 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle,
 /*
  * Top secret. This algorithm only works if no one knows what this number is.
  * Please don't tell anyone what it is.
- * 
+ *
  * This algorithm is for testing only - don't really use it!
  */
 static const unsigned char private_constant[XOR_KEY_SIZE] = {
@@ -1821,7 +1821,7 @@ static int key2any_check_selection(int selection, int selection_mask)
          * If the caller asked for the currently checked bit(s), return
          * whether the decoder description says it's supported.
          */
-        if (check1) 
+        if (check1)
             return check2;
     }
 
@@ -2614,7 +2614,7 @@ static int xor_get_aid(unsigned char** oidbuf, const char *tls_name) {
 
    X509_ALGOR_set0(algor, OBJ_txt2obj(tls_name, 0), V_ASN1_UNDEF, NULL);
 
-   aidlen = i2d_X509_ALGOR(algor, oidbuf); 
+   aidlen = i2d_X509_ALGOR(algor, oidbuf);
    X509_ALGOR_free(algor);
    return(aidlen);
 }
@@ -2892,7 +2892,7 @@ int xor_sig_digest_sign_final(void *vpxor_sigctx,
     }
 
     return xor_sig_sign(vpxor_sigctx, sig, siglen, sigsize, digest, (size_t)dlen);
-        
+
 }
 
 int xor_sig_digest_verify_final(void *vpxor_sigctx, const unsigned char *sig,

test/wpackettest.c

@@ -426,7 +426,7 @@ static int test_WPACKET_init_der(void)
         if (i == 0) {
             if (!TEST_true(WPACKET_init_null_der(&pkt)))
                 return 0;
-        } else { 
+        } else {
             if (!TEST_true(WPACKET_init_der(&pkt, sbuf, sizeof(sbuf))))
                 return 0;
         }