diff --git a/src/Makefile b/src/Makefile
index 6e01d42..1e3d0a3 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -7,9 +7,6 @@ LDFLAGS_LIB=-I/usr/include/exim4 -fpic -shared -export-dynamic
 
 .DEFAULT_GOAL := libs
 
-#libexim-kitencrypt-dlfunc.so: libexim-kitencrypt-dlfunc.c
-#	$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
-
 libexim-encrypt-dlfunc.so: libexim-encrypt-dlfunc.c
 	$(CC) $(CFLAGS) $(LDFLAGS) $(LDFLAGS_LIB) -o $@ $<
 
diff --git a/src/genkey.c b/src/genkey.c
index c169f30..972e613 100644
--- a/src/genkey.c
+++ b/src/genkey.c
@@ -32,6 +32,24 @@ void
 dump_key_as_exim_config(FILE * f, const char *name, unsigned char *key,
 			unsigned int keylen)
 {
+    // write a comment with C variable declaration
+    fprintf(f, "# const unsigned char %s[%d] = { ", name, keylen);
+    for (int i = 0; i < keylen; i++) {
+        fprintf(f, "0x%02x", key[i]);
+        if (i < keylen - 1) {
+            fprintf(f, ", ");
+        }
+    }
+    fprintf(f, " }; const unsigned int %s_length = %d;\n", name, keylen);
+    // encode with base64
+    unsigned int b64len = sodium_base64_ENCODED_LEN(keylen, sodium_base64_VARIANT_ORIGINAL);
+    unsigned char *b64string = malloc(b64len);
+    sodium_bin2base64((char *const) b64string, b64len,
+                      key, keylen,
+                      sodium_base64_VARIANT_ORIGINAL);
+    fprintf(f, "%s = \"%s\"\n", name, b64string);
+
+    free(b64string);
     // write a comment with C variable declaration
     fprintf(f, "# const unsigned char %s[%d] = { ", name, keylen);
     for (int i = 0; i < keylen; i++) {
@@ -98,7 +116,7 @@ void create_cryptobox_keys(const char *filebase, const char *varname)
 	unsigned char recipient_pk[crypto_box_PUBLICKEYBYTES];
 	unsigned char recipient_sk[crypto_box_SECRETKEYBYTES];
 
-	crypto_box_keypair(recipient_pk, recipient_sk);
+    crypto_box_keypair(recipient_pk, recipient_sk);
 
 	char pk_filename[4096];
 	char pk_varname[4096];
@@ -118,28 +136,27 @@ void create_cryptobox_keys(const char *filebase, const char *varname)
 }
 
 void create_secretbox_key(const char *filebase, const char *varname) {
-	unsigned char key[crypto_secretbox_KEYBYTES];
+    unsigned char key[crypto_secretbox_KEYBYTES];
 
     crypto_secretbox_keygen(key);
 
-	char key_filename[4096];
-	char key_varname[4096];
+    char key_filename[4096];
+    char key_varname[4096];
 
-	sprintf(key_filename, "%s_secretbox", filebase);
-	sprintf(key_varname, "%s_key", varname);
+    sprintf(key_filename, "%s_secretbox", filebase);
+    sprintf(key_varname, "%s_key", varname);
 
-	write_key_files(key_filename, key_varname, key, crypto_secretbox_KEYBYTES);
+    write_key_files(key_filename, key_varname, key, crypto_secretbox_KEYBYTES);
 }
 
-int main(int argc, char *argv[])
-{
-	if (sodium_init() < 0) {
-		fputs("Unable to initialize libsodium", stderr);
-		exit(128);
-	}
+int main(int argc, char *argv[]) {
+    if (sodium_init() < 0) {
+        fputs("Unable to initialize libsodium", stderr);
+        exit(128);
+    }
 
-	fputs("=== Creating cryptobox key pair ===\n", stderr);
-	create_cryptobox_keys("cryptobox_recipient", "cryptobox_recipient");
+    fputs("=== Creating cryptobox key pair ===\n", stderr);
+    create_cryptobox_keys("cryptobox_recipient", "cryptobox_recipient");
 
-	exit(EXIT_SUCCESS);
+    exit(EXIT_SUCCESS);
 }
diff --git a/src/libexim-encrypt-dlfunc.c b/src/libexim-encrypt-dlfunc.c
index 99a31ea..042e72f 100644
--- a/src/libexim-encrypt-dlfunc.c
+++ b/src/libexim-encrypt-dlfunc.c
@@ -233,7 +233,7 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
 
     // get and convert private key
     unsigned char *skb64 = argv[0];
-    size_t skb64_len = strlen((const char *)skb64);
+    size_t skb64_len = strlen((const char *) skb64);
     // reserve space for conversion
     unsigned int sk_buffer_len = crypto_box_SECRETKEYBYTES;// skb64_len / 4 * 3;
     unsigned char *sk = (unsigned char *) store_get(sk_buffer_len);
@@ -242,7 +242,7 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
     int b64err = sodium_base642bin(sk, sk_buffer_len,
                                    (const char *) skb64, skb64_len,
                                    NULL, NULL, NULL, sodium_base64_VARIANT_ORIGINAL);
-    if(b64err == -1) {
+    if (b64err == -1) {
         *yield = string_copy((unsigned char *) "Error decoding private key");
         return ERROR;
     }
@@ -256,8 +256,8 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
     sodium_memzero(pk, pk_buffer_len);
     // convert encoded key to raw form
     b64err = sodium_base642bin(pk, pk_buffer_len,
-                                   (const char *) pkb64, pkb64_len,
-                                   NULL, NULL, NULL, sodium_base64_VARIANT_ORIGINAL);
+                               (const char *) pkb64, pkb64_len,
+                               NULL, NULL, NULL, sodium_base64_VARIANT_ORIGINAL);
     if (b64err == -1) {
         *yield = string_copy((unsigned char *) "Error decoding public key");
         return ERROR;
@@ -273,9 +273,9 @@ int sodium_crypto_box_seal_open(uschar **yield, int argc, uschar *argv[]) {
     size_t ciphertextlen;
     sodium_memzero(ciphertext, ciphertextbuflen);
     b64err = sodium_base642bin(ciphertext, ciphertextbuflen,
-                      (const char *) ciphertextb64, ciphertextb64_len,
-                      NULL, &ciphertextlen, NULL,
-                      sodium_base64_VARIANT_ORIGINAL);
+                               (const char *) ciphertextb64, ciphertextb64_len,
+                               NULL, &ciphertextlen, NULL,
+                               sodium_base64_VARIANT_ORIGINAL);
     if (b64err == -1) {
         *yield = string_copy((unsigned char *) "Error decoding base64 encoded ciphertext");
         return ERROR;