From 875a644a9047e96dfcce27af876d30460759805e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 15 Mar 2004 23:15:26 +0000 Subject: [PATCH] Constify d2i, s2i, c2i and r2i functions and other associated functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed. --- CHANGES | 3 ++ apps/apps.c | 2 +- apps/asn1pars.c | 4 ++- apps/pkcs12.c | 2 +- crypto/asn1/a_bitstr.c | 7 +++-- crypto/asn1/a_bool.c | 4 +-- crypto/asn1/a_bytes.c | 22 ++++++++------ crypto/asn1/a_d2i_fp.c | 6 ++-- crypto/asn1/a_dup.c | 3 +- crypto/asn1/a_gentm.c | 2 +- crypto/asn1/a_hdr.c | 2 +- crypto/asn1/a_int.c | 10 +++--- crypto/asn1/a_object.c | 8 ++--- crypto/asn1/a_octet.c | 2 +- crypto/asn1/a_set.c | 4 +-- crypto/asn1/a_utctm.c | 2 +- crypto/asn1/asn1.h | 61 +++++++++++++++++++++++++------------ crypto/asn1/asn1_gen.c | 8 +++-- crypto/asn1/asn1_lib.c | 44 +++++++++++++++++++-------- crypto/asn1/asn1_mac.h | 30 ++++++++++-------- crypto/asn1/asn1_par.c | 10 +++--- crypto/asn1/asn1t.h | 18 +++++------ crypto/asn1/asn_pack.c | 6 ++-- crypto/asn1/d2i_pr.c | 6 ++-- crypto/asn1/d2i_pu.c | 2 +- crypto/asn1/evp_asn1.c | 4 +-- crypto/asn1/tasn_dec.c | 66 +++++++++++++++++++++------------------- crypto/asn1/tasn_utl.c | 2 +- crypto/asn1/x_bignum.c | 5 +-- crypto/asn1/x_long.c | 5 +-- crypto/asn1/x_name.c | 6 ++-- crypto/asn1/x_pkey.c | 2 +- crypto/asn1/x_pubkey.c | 16 +++++----- crypto/asn1/x_x509.c | 4 +-- crypto/evp/bio_enc.c | 4 +-- crypto/evp/digest.c | 2 +- crypto/evp/encode.c | 4 +-- crypto/evp/evp.h | 42 +++++++++++++------------ crypto/evp/evp_key.c | 2 +- crypto/evp/evp_pkey.c | 4 +-- crypto/evp/p5_crpt.c | 3 +- crypto/evp/p5_crpt2.c | 5 +-- crypto/evp/p_dec.c | 2 +- crypto/evp/p_enc.c | 2 +- crypto/evp/p_open.c | 5 +-- crypto/evp/p_verify.c | 2 +- crypto/krb5/krb5_asn.h | 2 +- crypto/objects/obj_dat.c | 10 +++--- crypto/pem/pem_pkey.c | 3 +- crypto/pkcs12/p12_crpt.c | 3 +- crypto/pkcs12/p12_decr.c | 3 +- crypto/pkcs12/p12_npas.c | 3 +- crypto/pkcs7/pk7_attr.c | 3 +- crypto/rsa/rsa_saos.c | 3 +- crypto/rsa/rsa_sign.c | 4 +-- crypto/x509/x509.h | 12 ++++---- crypto/x509/x509_req.c | 3 +- crypto/x509/x509spki.c | 3 +- crypto/x509v3/v3_lib.c | 3 +- crypto/x509v3/v3_ocsp.c | 8 ++--- crypto/x509v3/v3_prn.c | 3 +- crypto/x509v3/x509v3.h | 6 ++-- ssl/s2_clnt.c | 2 +- ssl/s2_srvr.c | 6 ++-- ssl/s3_clnt.c | 10 +++--- ssl/s3_srvr.c | 5 +-- ssl/ssl.h | 10 +++--- ssl/ssl_locl.h | 2 +- ssl/ssl_rsa.c | 14 ++++----- 69 files changed, 331 insertions(+), 245 deletions(-) diff --git a/CHANGES b/CHANGES index a8866ad9a0..6029cce5b3 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 0.9.7c and 0.9.8 [xx XXX xxxx] + *) Constify all or almost all d2i, c2i, s2i and r2i functions, along with + associated ASN1, EVP and SSL functions and old ASN1 macros. + *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results, and this should never fail. So the return value from the use of BN_set_word() (which can fail due to needless expansion) is now deprecated; diff --git a/apps/apps.c b/apps/apps.c index 47b59b4545..eae1fedcd3 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -758,7 +758,7 @@ X509 *load_cert(BIO *err, const char *file, int format, x=d2i_X509_bio(cert,NULL); else if (format == FORMAT_NETSCAPE) { - unsigned char *p,*op; + const unsigned char *p,*op; int size=0,i; /* We sort of have to do it this way because it is sort of nice diff --git a/apps/asn1pars.c b/apps/asn1pars.c index c28b5ec194..305db15903 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -94,6 +94,7 @@ int MAIN(int argc, char **argv) char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL; char *genstr=NULL, *genconf=NULL; unsigned char *tmpbuf; + const unsigned char *ctmpbuf; BUF_MEM *buf=NULL; STACK *osk=NULL; ASN1_TYPE *at=NULL; @@ -317,7 +318,8 @@ bad: tmpbuf+=j; tmplen-=j; atmp = at; - at = d2i_ASN1_TYPE(NULL,&tmpbuf,tmplen); + ctmpbuf = tmpbuf; + at = d2i_ASN1_TYPE(NULL,&ctmpbuf,tmplen); ASN1_TYPE_free(atmp); if(!at) { diff --git a/apps/pkcs12.c b/apps/pkcs12.c index cbd933667b..dd0d29bfaa 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -811,7 +811,7 @@ err: int alg_print (BIO *x, X509_ALGOR *alg) { PBEPARAM *pbe; - unsigned char *p; + const unsigned char *p; p = alg->parameter->value.sequence->data; pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length); BIO_printf (bio_err, "%s, Iteration %ld\n", diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index f4ea96cd54..c1d3c28210 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -113,11 +113,12 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) return(ret); } -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, - long len) +ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, + const unsigned char **pp, long len) { ASN1_BIT_STRING *ret=NULL; - unsigned char *p,*s; + const unsigned char *p; + unsigned char *s; int i; if (len < 1) diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c index 24333ea4d5..331acdf053 100644 --- a/crypto/asn1/a_bool.c +++ b/crypto/asn1/a_bool.c @@ -75,10 +75,10 @@ int i2d_ASN1_BOOLEAN(int a, unsigned char **pp) return(r); } -int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length) +int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) { int ret= -1; - unsigned char *p; + const unsigned char *p; long len; int inf,tag,xclass; int i=0; diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c index afd27b80e1..8d13f9c931 100644 --- a/crypto/asn1/a_bytes.c +++ b/crypto/asn1/a_bytes.c @@ -60,14 +60,15 @@ #include "cryptlib.h" #include -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c); +static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c); /* type is a 'bitmap' of acceptable string types. */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, +ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int type) { ASN1_STRING *ret=NULL; - unsigned char *p,*s; + const unsigned char *p; + unsigned char *s; long len; int inf,tag,xclass; int i=0; @@ -153,11 +154,12 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass) return(r); } -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, - int Ptag, int Pclass) +ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, + long length, int Ptag, int Pclass) { ASN1_STRING *ret=NULL; - unsigned char *p,*s; + const unsigned char *p; + unsigned char *s; long len; int inf,tag,xclass; int i=0; @@ -185,7 +187,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, if (inf & V_ASN1_CONSTRUCTED) { - ASN1_CTX c; + ASN1_const_CTX c; c.pp=pp; c.p=p; @@ -247,7 +249,7 @@ err: * them into the one structure that is then returned */ /* There have been a few bug fixes for this function from * Paul Keogh , many thanks to him */ -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) +static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) { ASN1_STRING *os=NULL; BUF_MEM b; @@ -268,7 +270,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) { if (c->inf & 1) { - c->eos=ASN1_check_infinite_end(&c->p, + c->eos=ASN1_const_check_infinite_end(&c->p, (long)(c->max-c->p)); if (c->eos) break; } @@ -296,7 +298,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) num+=os->length; } - if (!asn1_Finish(c)) goto err; + if (!asn1_const_Finish(c)) goto err; a->length=num; if (a->data != NULL) OPENSSL_free(a->data); diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index b67b75e7c2..2e99e4c69a 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -107,14 +107,14 @@ err: void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) { BUF_MEM *b = NULL; - unsigned char *p; + const unsigned char *p; void *ret=NULL; int len; len = asn1_d2i_read_bio(in, &b); if(len < 0) goto err; - p=(unsigned char *)b->data; + p=(const unsigned char *)b->data; ret=ASN1_item_d2i(x,&p,len, it); err: if (b != NULL) BUF_MEM_free(b); @@ -146,7 +146,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) unsigned char *p; int i; int ret=-1; - ASN1_CTX c; + ASN1_const_CTX c; int want=HEADER_SIZE; int eos=0; #if defined(__GNUC__) && defined(__ia64) diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index 58a017884c..dc6826ad1b 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -91,7 +91,8 @@ char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) void *ASN1_item_dup(const ASN1_ITEM *it, void *x) { - unsigned char *b = NULL, *p; + unsigned char *b = NULL; + const unsigned char *p; long i; void *ret; diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index 8581007868..ea8d7b96c8 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -181,7 +181,7 @@ err: return(0); } -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) +int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) { ASN1_GENERALIZEDTIME t; diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c index b1aad81f77..b354ae5865 100644 --- a/crypto/asn1/a_hdr.c +++ b/crypto/asn1/a_hdr.c @@ -76,7 +76,7 @@ int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp) M_ASN1_I2D_finish(); } -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp, +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp, long length) { M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 4bb300c20b..5d76de79ba 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -155,11 +155,12 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, +ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len) { ASN1_INTEGER *ret=NULL; - unsigned char *p,*to,*s, *pend; + const unsigned char *p, *pend; + unsigned char *to,*s; int i; if ((a == NULL) || ((*a) == NULL)) @@ -247,11 +248,12 @@ err: * with its MSB set as negative (it doesn't add a padding zero). */ -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, +ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length) { ASN1_INTEGER *ret=NULL; - unsigned char *p,*to,*s; + const unsigned char *p; + unsigned char *to,*s; long len; int inf,tag,xclass; int i; diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 124451d7a6..715042e6eb 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -189,10 +189,10 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) return(i); } -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, +ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length) { - unsigned char *p; + const unsigned char *p; long len; int tag,xclass; int inf,i; @@ -219,11 +219,11 @@ err: ASN1_OBJECT_free(ret); return(NULL); } -ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, +ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len) { ASN1_OBJECT *ret=NULL; - unsigned char *p; + const unsigned char *p; int i; /* only the ASN1_OBJECTs from the 'table' will have values diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c index 9690bae0f1..24fd0f8e5a 100644 --- a/crypto/asn1/a_octet.c +++ b/crypto/asn1/a_octet.c @@ -66,6 +66,6 @@ ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x) int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) { return M_ASN1_OCTET_STRING_cmp(a, b); } -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len) +int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len) { return M_ASN1_OCTET_STRING_set(x, d, len); } diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c index 0f839822ff..f37408a311 100644 --- a/crypto/asn1/a_set.c +++ b/crypto/asn1/a_set.c @@ -153,10 +153,10 @@ SetBlob return(r); } -STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, +STACK *d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length, char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class) { - ASN1_CTX c; + ASN1_const_CTX c; STACK *ret=NULL; if ((a == NULL) || ((*a) == NULL)) diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index 999852dae5..fea6590322 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -162,7 +162,7 @@ err: return(0); } -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str) +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) { ASN1_UTCTIME t; diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index a9ba2d6e9b..dbf0f636e2 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -160,6 +160,10 @@ struct X509_algor_st; #define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ #define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ +/* We MUST make sure that, except for constness, asn1_ctx_st and + asn1_const_ctx are exactly the same. Fortunately, as soon as + the old ASN1 parsing macros are gone, we can throw this away + as well... */ typedef struct asn1_ctx_st { unsigned char *p;/* work char pointer */ @@ -175,6 +179,21 @@ typedef struct asn1_ctx_st int line; /* used in error processing */ } ASN1_CTX; +typedef struct asn1_const_ctx_st + { + const unsigned char *p;/* work char pointer */ + int eos; /* end of sequence read for indefinite encoding */ + int error; /* error code to use when returning an error */ + int inf; /* constructed if 0x20, indefinite is 0x21 */ + int tag; /* tag from last 'get object' */ + int xclass; /* class from last 'get object' */ + long slen; /* length of last 'get object' */ + const unsigned char *max; /* largest value of p allowed */ + const unsigned char *q;/* temporary variable */ + const unsigned char **pp;/* variable */ + int line; /* used in error processing */ + } ASN1_const_CTX; + /* These are used internally in the ASN1_OBJECT to keep track of * whether the names and data need to be free()ed */ #define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ @@ -276,7 +295,7 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) #define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - type *d2i_##name(type **a, unsigned char **in, long len); \ + type *d2i_##name(type **a, const unsigned char **in, long len); \ int i2d_##name(type *a, unsigned char **out); \ DECLARE_ASN1_ITEM(itname) @@ -712,9 +731,9 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); ASN1_OBJECT * ASN1_OBJECT_new(void ); void ASN1_OBJECT_free(ASN1_OBJECT *a); int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); -ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, +ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, long length); -ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, +ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, long length); DECLARE_ASN1_ITEM(ASN1_OBJECT) @@ -737,7 +756,7 @@ unsigned char * ASN1_STRING_data(ASN1_STRING *x); DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, +ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp, long length); int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length ); @@ -753,13 +772,13 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, BIT_STRING_BITNAME *tbl); int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); -int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); +int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length); DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, +ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, +ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); @@ -768,7 +787,7 @@ DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) int ASN1_UTCTIME_check(ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); +int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); #if 0 time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); @@ -776,12 +795,12 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); +int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); +int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len); DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) @@ -812,7 +831,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, int ex_class, int is_set); -STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, +STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length, char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class); @@ -846,20 +865,22 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn); int ASN1_PRINTABLE_type(unsigned char *s, int max); int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, +ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int Ptag, int Pclass); unsigned long ASN1_tag2bit(int tag); /* type is one or more of the B_ASN1_ values. */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, +ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,const unsigned char **pp, long length,int type); /* PARSING */ int asn1_Finish(ASN1_CTX *c); +int asn1_const_Finish(ASN1_const_CTX *c); /* SPECIALS */ -int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, +int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, int *pclass, long omax); int ASN1_check_infinite_end(unsigned char **p,long len); +int ASN1_const_check_infinite_end(const unsigned char **p,long len); void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, int xclass); int ASN1_put_eoc(unsigned char **pp); @@ -890,14 +911,14 @@ int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); -int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); -int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump); +int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent); +int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump); #endif const char *ASN1_tag2str(int tag); /* Used to load and write netscape format cert/key */ int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length); +ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length); ASN1_HEADER *ASN1_HEADER_new(void ); void ASN1_HEADER_free(ASN1_HEADER *a); @@ -918,8 +939,8 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, unsigned char *data, int max_len); -STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), - void (*free_func)(void *) ); +STACK *ASN1_seq_unpack(const unsigned char *buf, int len, char *(*d2i)(), + void (*free_func)(void *) ); unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, int *len ); void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)()); @@ -947,7 +968,7 @@ void ASN1_STRING_TABLE_cleanup(void); /* Old API compatible functions */ ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); -ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it); +ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c index 277726cd50..efd80215c2 100644 --- a/crypto/asn1/asn1_gen.c +++ b/crypto/asn1/asn1_gen.c @@ -141,7 +141,9 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) int i, len; unsigned char *orig_der = NULL, *new_der = NULL; - unsigned char *cpy_start, *p; + const unsigned char *cpy_start; + unsigned char *p; + const unsigned char *cp; int cpy_len; long hdr_len; int hdr_constructed = 0, hdr_tag, hdr_class; @@ -249,10 +251,10 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) /* Copy across original encoding */ memcpy(p, cpy_start, cpy_len); - p = new_der; + cp = new_der; /* Obtain new ASN1_TYPE structure */ - ret = d2i_ASN1_TYPE(NULL, &p, len); + ret = d2i_ASN1_TYPE(NULL, &cp, len); err: if (orig_der) diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index b720bccac7..504e612a85 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -62,11 +62,11 @@ #include #include -static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); +static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max); static void asn1_put_length(unsigned char **pp, int length); const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT; -int ASN1_check_infinite_end(unsigned char **p, long len) +static int _asn1_check_infinite_end(const unsigned char **p, long len) { /* If there is 0 or 1 byte left, the length check should pick * things up */ @@ -80,13 +80,23 @@ int ASN1_check_infinite_end(unsigned char **p, long len) return(0); } +int ASN1_check_infinite_end(unsigned char **p, long len) + { + return _asn1_check_infinite_end((const unsigned char **)p, len); + } -int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, - long omax) +int ASN1_const_check_infinite_end(const unsigned char **p, long len) + { + return _asn1_check_infinite_end(p, len); + } + + +int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, + int *pclass, long omax) { int i,ret; long l; - unsigned char *p= *pp; + const unsigned char *p= *pp; int tag,xclass,inf; long max=omax; @@ -141,9 +151,9 @@ err: return(0x80); } -static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) +static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max) { - unsigned char *p= *pp; + const unsigned char *p= *pp; unsigned long ret=0; unsigned int i; @@ -272,11 +282,11 @@ int ASN1_object_size(int constructed, int length, int tag) return(ret); } -int asn1_Finish(ASN1_CTX *c) +static int _asn1_Finish(ASN1_const_CTX *c) { if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) { - if (!ASN1_check_infinite_end(&c->p,c->slen)) + if (!ASN1_const_check_infinite_end(&c->p,c->slen)) { c->error=ERR_R_MISSING_ASN1_EOS; return(0); @@ -291,9 +301,19 @@ int asn1_Finish(ASN1_CTX *c) return(1); } -int asn1_GetSequence(ASN1_CTX *c, long *length) +int asn1_Finish(ASN1_CTX *c) + { + return _asn1_Finish((ASN1_const_CTX *)c); + } + +int asn1_const_Finish(ASN1_const_CTX *c) + { + return _asn1_Finish(c); + } + +int asn1_GetSequence(ASN1_const_CTX *c, long *length) { - unsigned char *q; + const unsigned char *q; q=c->p; c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), @@ -419,7 +439,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) return(i); } -void asn1_add_error(unsigned char *address, int offset) +void asn1_add_error(const unsigned char *address, int offset) { char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index a48649ceeb..a67fb341ee 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -73,11 +73,11 @@ extern "C" { ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) #define M_ASN1_D2I_vars(a,type,func) \ - ASN1_CTX c; \ + ASN1_const_CTX c; \ type ret=NULL; \ \ - c.pp=(unsigned char **)pp; \ - c.q= *(unsigned char **)pp; \ + c.pp=(const unsigned char **)pp; \ + c.q= *(const unsigned char **)pp; \ c.error=ERR_R_NESTED_ASN1_ERROR; \ if ((a == NULL) || ((*a) == NULL)) \ { if ((ret=(type)func()) == NULL) \ @@ -85,13 +85,13 @@ extern "C" { else ret=(*a); #define M_ASN1_D2I_Init() \ - c.p= *(unsigned char **)pp; \ + c.p= *(const unsigned char **)pp; \ c.max=(length == 0)?0:(c.p+length); #define M_ASN1_D2I_Finish_2(a) \ - if (!asn1_Finish(&c)) \ + if (!asn1_const_Finish(&c)) \ { c.line=__LINE__; goto err; } \ - *(unsigned char **)pp=c.p; \ + *(const unsigned char **)pp=c.p; \ if (a != NULL) (*a)=ret; \ return(ret); @@ -99,7 +99,7 @@ extern "C" { M_ASN1_D2I_Finish_2(a); \ err:\ ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \ + asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ return(NULL) @@ -123,7 +123,7 @@ err:\ #define M_ASN1_D2I_end_sequence() \ (((c.inf&1) == 0)?(c.slen <= 0): \ - (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) + (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen))) /* Don't use this with d2i_ASN1_BOOLEAN() */ #define M_ASN1_D2I_get(b,func) \ @@ -278,7 +278,7 @@ err:\ { c.line=__LINE__; goto err; } \ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ + if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \ { c.error=ERR_R_MISSING_ASN1_EOS; \ c.line=__LINE__; goto err; } \ }\ @@ -353,8 +353,12 @@ err:\ return(NULL) -#define M_ASN1_next (*c.p) -#define M_ASN1_next_prev (*c.q) +/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, + some macros that use ASN1_const_CTX still insist on writing in the input + stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. + Please? -- Richard Levitte */ +#define M_ASN1_next (*((unsigned char *)(c.p))) +#define M_ASN1_next_prev (*((unsigned char *)(c.q))) /*************************************************/ @@ -551,8 +555,8 @@ err:\ #define M_ASN1_I2D_finish() *pp=p; \ return(r); -int asn1_GetSequence(ASN1_CTX *c, long *length); -void asn1_add_error(unsigned char *address,int offset); +int asn1_GetSequence(ASN1_const_CTX *c, long *length); +void asn1_add_error(const unsigned char *address,int offset); #ifdef __cplusplus } #endif diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c index bd8de1e8d4..0e5bf915a0 100644 --- a/crypto/asn1/asn1_par.c +++ b/crypto/asn1/asn1_par.c @@ -64,7 +64,7 @@ static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, int indent); -static int asn1_parse2(BIO *bp, unsigned char **pp, long length, +static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset, int depth, int indent, int dump); static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, int indent) @@ -103,20 +103,20 @@ err: return(0); } -int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent) +int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent) { return(asn1_parse2(bp,&pp,len,0,0,indent,0)); } -int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump) +int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump) { return(asn1_parse2(bp,&pp,len,0,0,indent,dump)); } -static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, +static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset, int depth, int indent, int dump) { - unsigned char *p,*ep,*tot,*op,*opp; + const unsigned char *p,*ep,*tot,*op,*opp; long len; int tag,xclass,ret=0; int nl,hl,j,r; diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h index 6cfa2dd50c..a024836834 100644 --- a/crypto/asn1/asn1t.h +++ b/crypto/asn1/asn1t.h @@ -634,10 +634,10 @@ struct ASN1_TLC_st{ typedef ASN1_VALUE * ASN1_new_func(void); typedef void ASN1_free_func(ASN1_VALUE *a); -typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length); +typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length); typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); -typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, +typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); @@ -645,7 +645,7 @@ typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); typedef struct ASN1_COMPAT_FUNCS_st { ASN1_new_func *asn1_new; @@ -793,7 +793,7 @@ typedef struct ASN1_AUX_st { IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, unsigned char **in, long len) \ + stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ { \ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ } \ @@ -814,7 +814,7 @@ typedef struct ASN1_AUX_st { #define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, ASN1_ITEM_rptr(itname));\ + return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ } \ int i2d_##fname(const stname *a, unsigned char **out) \ { \ @@ -855,8 +855,8 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt); -int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, +int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt); +int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); @@ -864,7 +864,7 @@ int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLAT void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); @@ -878,7 +878,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it); +int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it); #ifdef __cplusplus } diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index e6051db2dc..ea56aa6abe 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -66,11 +66,11 @@ /* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ -STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), +STACK *ASN1_seq_unpack(const unsigned char *buf, int len, char *(*d2i)(), void (*free_func)(void *)) { STACK *sk; - unsigned char *pbuf; + const unsigned char *pbuf; pbuf = buf; if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) @@ -181,7 +181,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) { - unsigned char *p; + const unsigned char *p; void *ret; p = oct->data; diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index 8d0dc27904..5f30585142 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -72,7 +72,7 @@ #include #endif -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) { EVP_PKEY *ret; @@ -135,11 +135,11 @@ err: /* This works like d2i_PrivateKey() except it automatically works out the type */ -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length) { STACK_OF(ASN1_TYPE) *inkey; - unsigned char *p; + const unsigned char *p; int keytype; p = *pp; /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index d0fd732098..8a05810eda 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -72,7 +72,7 @@ #include #endif -EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) { EVP_PKEY *ret; diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index 3506005a71..162b37bc38 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -137,9 +137,9 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, int ret= -1,n; ASN1_INTEGER *ai=NULL; ASN1_OCTET_STRING *os=NULL; - unsigned char *p; + const unsigned char *p; long length; - ASN1_CTX c; + ASN1_const_CTX c; if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) { diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index e5774fef44..aa26a44ead 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -65,14 +65,14 @@ #include #include -static int asn1_check_eoc(unsigned char **in, long len); -static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass); -static int collect_data(BUF_MEM *buf, unsigned char **p, long plen); +static int asn1_check_eoc(const unsigned char **in, long len); +static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf, int tag, int aclass); +static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen); static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, - unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); -static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); -static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); -static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len, + const unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); +static int asn1_template_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); +static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); +static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); /* Table to convert tags to bit values, used for MSTRING type */ @@ -106,7 +106,7 @@ unsigned long ASN1_tag2bit(int tag) * case. */ -ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it) +ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it) { ASN1_TLC c; ASN1_VALUE *ptmpval = NULL; @@ -117,7 +117,7 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const return NULL; } -int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt) +int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt) { ASN1_TLC c; asn1_tlc_clear(&c); @@ -129,7 +129,7 @@ int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN * If 'opt' set and tag mismatch return -1 to handle OPTIONAL */ -int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, +int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) { const ASN1_TEMPLATE *tt, *errtt = NULL; @@ -137,7 +137,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1 const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; ASN1_aux_cb *asn1_cb; - unsigned char *p, *q, imphack = 0, oclass; + const unsigned char *p, *q; + unsigned char *wp=NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */ + unsigned char imphack = 0, oclass; char seq_eoc, seq_nolen, cst, isopt; long tmplen; int i; @@ -229,14 +231,14 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1 */ if(tag != -1) { - p = *in; - imphack = *p; - *p = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); + wp = *(unsigned char **)in; + imphack = *wp; + *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); } ptmpval = cf->asn1_d2i(pval, in, len); - if(tag != -1) *p = imphack; + if(tag != -1) *wp = imphack; if(ptmpval) return 1; ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); @@ -416,12 +418,12 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1 * rest. */ -static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) +static int asn1_template_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) { int flags, aclass; int ret; long len; - unsigned char *p, *q; + const unsigned char *p, *q; char exp_eoc; if(!val) return 0; flags = tt->flags; @@ -478,11 +480,11 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen return 0; } -static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) +static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) { int flags, aclass; int ret; - unsigned char *p, *q; + const unsigned char *p, *q; if(!val) return 0; flags = tt->flags; aclass = flags & ASN1_TFLG_TAG_CLASS; @@ -578,16 +580,16 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long le return 0; } -static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, +static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long inlen, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) { int ret = 0, utype; long plen; char cst, inf, free_cont = 0; - unsigned char *p; + const unsigned char *p; BUF_MEM buf; - unsigned char *cont = NULL; + const unsigned char *cont = NULL; long len; if(!pval) { ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); @@ -670,7 +672,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl return 0; } buf.data[len] = 0; - cont = (unsigned char *)buf.data; + cont = (const unsigned char *)buf.data; free_cont = 1; } else { cont = p; @@ -690,7 +692,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl /* Translate ASN1 content octets into a structure */ -int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; @@ -781,7 +783,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char /* If we've already allocated a buffer use it */ if(*free_cont) { if(stmp->data) OPENSSL_free(stmp->data); - stmp->data = cont; + stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ stmp->length = len; *free_cont = 0; } else { @@ -816,9 +818,9 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char * length constructed stuff. */ -static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass) +static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf, int tag, int aclass) { - unsigned char *p, *q; + const unsigned char *p, *q; long plen; char cst, ininf; p = *in; @@ -860,7 +862,7 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in return 1; } -static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) +static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) { int len; if(buf) { @@ -877,9 +879,9 @@ static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) /* Check for ASN1 EOC and swallow it if found */ -static int asn1_check_eoc(unsigned char **in, long len) +static int asn1_check_eoc(const unsigned char **in, long len) { - unsigned char *p; + const unsigned char *p; if(len < 2) return 0; p = *in; if(!p[0] && !p[1]) { @@ -897,12 +899,12 @@ static int asn1_check_eoc(unsigned char **in, long len) */ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, - unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) + const unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) { int i; int ptag, pclass; long plen; - unsigned char *p, *q; + const unsigned char *p, *q; p = *in; q = p; diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c index 2a3f5db8f3..c137a0ab04 100644 --- a/crypto/asn1/tasn_utl.c +++ b/crypto/asn1/tasn_utl.c @@ -154,7 +154,7 @@ void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) } } -int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it) +int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it) { ASN1_ENCODING *enc; enc = asn1_get_enc_ptr(pval, it); diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c index 848c7a0877..a80532cefc 100644 --- a/crypto/asn1/x_bignum.c +++ b/crypto/asn1/x_bignum.c @@ -72,7 +72,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); static ASN1_PRIMITIVE_FUNCS bignum_pf = { NULL, 0, @@ -122,7 +122,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN return pad + BN_num_bytes(bn); } -static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) { BIGNUM *bn; if(!*pval) bn_new(pval, it); diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c index 4b5953c0fd..71774fa33d 100644 --- a/crypto/asn1/x_long.c +++ b/crypto/asn1/x_long.c @@ -69,7 +69,7 @@ static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it); static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); +static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); static ASN1_PRIMITIVE_FUNCS long_pf = { NULL, 0, @@ -136,7 +136,8 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A return clen + pad; } -static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, + int utype, char *free_cont, const ASN1_ITEM *it) { int neg, i; long ltmp; diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c index caece0f158..cc8c979ad5 100644 --- a/crypto/asn1/x_name.c +++ b/crypto/asn1/x_name.c @@ -61,7 +61,7 @@ #include #include -static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, +static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); @@ -156,10 +156,10 @@ static void sk_internal_free(void *a) sk_free(a); } -static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, +static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) { - unsigned char *p = *in, *q; + const unsigned char *p = *in, *q; STACK *intname = NULL; int i, j, ret; X509_NAME *nm = NULL; diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index f1c6221ac3..c88cfd5932 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -69,7 +69,7 @@ int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp) return(0); } -X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length) +X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length) { int i; M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 01698dd217..83ead744f0 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -226,7 +226,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) EVP_PKEY *ret=NULL; long j; int type; - unsigned char *p; + const unsigned char *p; #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) const unsigned char *cp; X509_ALGOR *a; @@ -342,7 +342,7 @@ err: * and encode or decode as X509_PUBKEY */ -EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, +EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length) { X509_PUBKEY *xpk; @@ -375,12 +375,12 @@ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) * keys */ #ifndef OPENSSL_NO_RSA -RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, +RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length) { EVP_PKEY *pkey; RSA *key; - unsigned char *q; + const unsigned char *q; q = *pp; pkey = d2i_PUBKEY(NULL, &q, length); if (!pkey) return NULL; @@ -415,12 +415,12 @@ int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) #endif #ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp, +DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length) { EVP_PKEY *pkey; DSA *key; - unsigned char *q; + const unsigned char *q; q = *pp; pkey = d2i_PUBKEY(NULL, &q, length); if (!pkey) return NULL; @@ -455,11 +455,11 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) #endif #ifndef OPENSSL_NO_EC -EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp, long length) +EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length) { EVP_PKEY *pkey; EC_KEY *key; - unsigned char *q; + const unsigned char *q; q = *pp; pkey = d2i_PUBKEY(NULL, &q, length); if (!pkey) return(NULL); diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index b50167ce43..f71ba267d9 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -161,9 +161,9 @@ void *X509_get_ex_data(X509 *r, int idx) * */ -X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length) +X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) { - unsigned char *q; + const unsigned char *q; X509 *ret; /* Save start position */ q = *pp; diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index ab81851503..183836c85c 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -405,8 +405,8 @@ EVP_CIPHER_ctx *c; } */ -void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k, - unsigned char *i, int e) +void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, + const unsigned char *i, int e) { BIO_ENC_CTX *ctx; diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 0623ddf1f0..bd014ac81d 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -285,7 +285,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) return 1; } -int EVP_Digest(void *data, unsigned int count, +int EVP_Digest(const void *data, unsigned int count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) { EVP_MD_CTX ctx; diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index 32744ca686..2968f6460a 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -129,7 +129,7 @@ void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) } void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) + const unsigned char *in, int inl) { int i,j; unsigned int total=0; @@ -233,7 +233,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) * 1 for full line */ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) + const unsigned char *in, int inl) { int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; unsigned char *d; diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index dd2d186a56..ce5c210f61 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -489,7 +489,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, unsigned int cnt); int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); -int EVP_Digest(void *data, unsigned int count, +int EVP_Digest(const void *data, unsigned int count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); @@ -497,7 +497,7 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); -void EVP_set_pw_prompt(char *prompt); +void EVP_set_pw_prompt(const char *prompt); char * EVP_get_pw_prompt(void); int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, @@ -536,26 +536,28 @@ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, EVP_PKEY *pkey); -int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, +int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey); -int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type,unsigned char *ek, - int ekl,unsigned char *iv,EVP_PKEY *priv); +int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, + const unsigned char *ek, int ekl, const unsigned char *iv, + EVP_PKEY *priv); int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, - int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); +int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, + unsigned char **ek, int *ekl, unsigned char *iv, + EVP_PKEY **pubk, int npubk); int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); -void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, - int *outl,unsigned char *in,int inl); +void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, + const unsigned char *in,int inl); void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, - unsigned char *in, int inl); + const unsigned char *in, int inl); int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); @@ -571,8 +573,8 @@ BIO_METHOD *BIO_f_md(void); BIO_METHOD *BIO_f_base64(void); BIO_METHOD *BIO_f_cipher(void); BIO_METHOD *BIO_f_reliable(void); -void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k, - unsigned char *i, int enc); +void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k, + const unsigned char *i, int enc); #endif const EVP_MD *EVP_md_null(void); @@ -734,10 +736,12 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_MD *EVP_get_digestbyname(const char *name); void EVP_cleanup(void); -int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key, - int enc_key_len,EVP_PKEY *private_key); +int EVP_PKEY_decrypt(unsigned char *dec_key, + const unsigned char *enc_key,int enc_key_len, + EVP_PKEY *private_key); int EVP_PKEY_encrypt(unsigned char *enc_key, - unsigned char *key,int key_len,EVP_PKEY *pub_key); + const unsigned char *key,int key_len, + EVP_PKEY *pub_key); int EVP_PKEY_type(int type); int EVP_PKEY_bits(EVP_PKEY *pkey); int EVP_PKEY_size(EVP_PKEY *pkey); @@ -766,13 +770,13 @@ struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); EVP_PKEY * EVP_PKEY_new(void); void EVP_PKEY_free(EVP_PKEY *pkey); -EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, +EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); -EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, +EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, const unsigned char **pp, long length); -EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, +EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); @@ -798,7 +802,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, + const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out); int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 5f387a94d3..0a27f496c9 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -66,7 +66,7 @@ /* should be init to zeros. */ static char prompt_string[80]; -void EVP_set_pw_prompt(char *prompt) +void EVP_set_pw_prompt(const char *prompt) { if (prompt == NULL) prompt_string[0]='\0'; diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index a08eb43a64..a82090ead2 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -93,7 +93,7 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) int plen; #endif X509_ALGOR *a; - unsigned char *p; + const unsigned char *p; const unsigned char *cp; int pkeylen; int nid; @@ -385,7 +385,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) return NULL; } RAND_add(p8->pkey->value.octet_string->data, - p8->pkey->value.octet_string->length, 0); + p8->pkey->value.octet_string->length, 0.0); return p8; } diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index 39306f4564..c0dfb7de37 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -110,7 +110,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, int i; PBEPARAM *pbe; int saltlen, iter; - unsigned char *salt, *pbuf; + unsigned char *salt; + const unsigned char *pbuf; /* Extract useful info from parameter */ pbuf = param->value.sequence->data; diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index dca0514867..f2e143d2a6 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -77,7 +77,7 @@ */ int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, + const unsigned char *salt, int saltlen, int iter, int keylen, unsigned char *out) { unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4]; @@ -148,7 +148,8 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { - unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; + unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; + const unsigned char *pbuf; int saltlen, iter, plen; unsigned int keylen; PBE2PARAM *pbe2 = NULL; diff --git a/crypto/evp/p_dec.c b/crypto/evp/p_dec.c index 8af620400e..f64901f653 100644 --- a/crypto/evp/p_dec.c +++ b/crypto/evp/p_dec.c @@ -66,7 +66,7 @@ #include #include -int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl, +int EVP_PKEY_decrypt(unsigned char *key, const unsigned char *ek, int ekl, EVP_PKEY *priv) { int ret= -1; diff --git a/crypto/evp/p_enc.c b/crypto/evp/p_enc.c index 656883b996..c2dfdc52ad 100644 --- a/crypto/evp/p_enc.c +++ b/crypto/evp/p_enc.c @@ -66,7 +66,7 @@ #include #include -int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len, +int EVP_PKEY_encrypt(unsigned char *ek, const unsigned char *key, int key_len, EVP_PKEY *pubk) { int ret=0; diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index bc3940847d..8ec6c75a13 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -65,8 +65,9 @@ #include #include -int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek, - int ekl, unsigned char *iv, EVP_PKEY *priv) +int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, + const unsigned char *ek, int ekl, const unsigned char *iv, + EVP_PKEY *priv) { unsigned char *key=NULL; int i,size=0,ret=0; diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index d854d743a5..21a40a375e 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -62,7 +62,7 @@ #include #include -int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, +int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey) { unsigned char m[EVP_MAX_MD_SIZE]; diff --git a/crypto/krb5/krb5_asn.h b/crypto/krb5/krb5_asn.h index 3329477b07..41725d0dc4 100644 --- a/crypto/krb5/krb5_asn.h +++ b/crypto/krb5/krb5_asn.h @@ -225,7 +225,7 @@ DECLARE_STACK_OF(KRB5_AUTHENTBODY) ** void name##_free(type *a); ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = ** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = -** type *d2i_##name(type **a, unsigned char **in, long len); +** type *d2i_##name(type **a, const unsigned char **in, long len); ** int i2d_##name(type *a, unsigned char **out); ** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it */ diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index b1108568f3..dbff4e075f 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -397,7 +397,9 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) { int nid = NID_undef; ASN1_OBJECT *op=NULL; - unsigned char *buf,*p; + unsigned char *buf; + unsigned char *p; + const unsigned char *cp; int i, j; if(!no_name) { @@ -423,9 +425,9 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); /* Write out contents */ a2d_ASN1_OBJECT(p,i,s,-1); - - p=buf; - op=d2i_ASN1_OBJECT(NULL,&p,j); + + cp=buf; + op=d2i_ASN1_OBJECT(NULL,&cp,j); OPENSSL_free(buf); return op; } diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index d23adf3028..7f33bf761a 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -70,7 +70,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) { char *nm=NULL; - unsigned char *p=NULL,*data=NULL; + const unsigned char *p=NULL; + unsigned char *data=NULL; long len; EVP_PKEY *ret=NULL; diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 5e8958612b..654d15c82b 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -89,7 +89,8 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, { PBEPARAM *pbe; int saltlen, iter; - unsigned char *salt, *pbuf; + unsigned char *salt; + const unsigned char *pbuf; unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; /* Extract useful info from parameter */ diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index b5684a83ba..19c0ccff62 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -113,7 +113,8 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf) { - unsigned char *out, *p; + unsigned char *out; + const unsigned char *p; void *ret; int outlen; diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c index af708a2743..e62d497c6f 100644 --- a/crypto/pkcs12/p12_npas.c +++ b/crypto/pkcs12/p12_npas.c @@ -206,7 +206,8 @@ static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) { PBEPARAM *pbe; - unsigned char *p; + const unsigned char *p; + p = alg->parameter->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); *pnid = OBJ_obj2nid(alg->algorithm); diff --git a/crypto/pkcs7/pk7_attr.c b/crypto/pkcs7/pk7_attr.c index 5ff5a88b5c..56ce000585 100644 --- a/crypto/pkcs7/pk7_attr.c +++ b/crypto/pkcs7/pk7_attr.c @@ -96,7 +96,8 @@ int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) { ASN1_TYPE *cap; - unsigned char *p; + const unsigned char *p; + cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities); if (!cap) return NULL; p = cap->value.sequence->data; diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index f462716a57..1e9339367f 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -107,7 +107,8 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, RSA *rsa) { int i,ret=0; - unsigned char *p,*s; + unsigned char *s; + const unsigned char *p; ASN1_OCTET_STRING *sig=NULL; if (siglen != (unsigned int)RSA_size(rsa)) diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 02eb8136b0..e50c839279 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -146,7 +146,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; - unsigned char *p,*s; + unsigned char *s; X509_SIG *sig=NULL; if (siglen != (unsigned int)RSA_size(rsa)) @@ -181,7 +181,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); else ret = 1; } else { - p=s; + const unsigned char *p=s; sig=d2i_X509_SIG(NULL,&p,(long)i); if (sig == NULL) goto err; diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 9b26b24ef3..e7d2c5ba52 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -884,21 +884,21 @@ EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); -EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp, +EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, long length); #ifndef OPENSSL_NO_RSA int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); -RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp, +RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, long length); #endif #ifndef OPENSSL_NO_DSA int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); -DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, +DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, long length); #endif #ifndef OPENSSL_NO_EC int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); -EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp, +EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length); #endif @@ -929,7 +929,7 @@ int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, int X509_set_ex_data(X509 *r, int idx, void *arg); void *X509_get_ex_data(X509 *r, int idx); int i2d_X509_AUX(X509 *a,unsigned char **pp); -X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length); +X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); int X509_alias_set1(X509 *x, unsigned char *name, int len); int X509_keyid_set1(X509 *x, unsigned char *id, int len); @@ -951,7 +951,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); X509_PKEY * X509_PKEY_new(void ); void X509_PKEY_free(X509_PKEY *a); int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); -X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); +X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length); DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index b4ad53431e..f70c6ab075 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -188,7 +188,8 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) STACK_OF(X509_ATTRIBUTE) *sk; ASN1_TYPE *ext = NULL; int i; - unsigned char *p; + const unsigned char *p; + if ((req == NULL) || (req->req_info == NULL)) return(NULL); sk=req->req_info->attributes; diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c index 4c3af946ec..ed868b838e 100644 --- a/crypto/x509/x509spki.c +++ b/crypto/x509/x509spki.c @@ -77,7 +77,8 @@ EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x) NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) { - unsigned char *spki_der, *p; + unsigned char *spki_der; + const unsigned char *p; int spki_len; NETSCAPE_SPKI *spki; if(len <= 0) len = strlen(str); diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c index ca5a4a4a57..04d99b333a 100644 --- a/crypto/x509v3/v3_lib.c +++ b/crypto/x509v3/v3_lib.c @@ -162,7 +162,8 @@ int X509V3_add_standard_extensions(void) void *X509V3_EXT_d2i(X509_EXTENSION *ext) { X509V3_EXT_METHOD *method; - unsigned char *p; + const unsigned char *p; + if(!(method = X509V3_EXT_get(ext))) return NULL; p = ext->value->data; if(method->it) return ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); diff --git a/crypto/x509v3/v3_ocsp.c b/crypto/x509v3/v3_ocsp.c index 21badc13f9..28c11a4dbf 100644 --- a/crypto/x509v3/v3_ocsp.c +++ b/crypto/x509v3/v3_ocsp.c @@ -74,12 +74,12 @@ static int i2r_object(X509V3_EXT_METHOD *method, void *obj, BIO *out, int indent static void *ocsp_nonce_new(void); static int i2d_ocsp_nonce(void *a, unsigned char **pp); -static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length); +static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); static void ocsp_nonce_free(void *a); static int i2r_ocsp_nonce(X509V3_EXT_METHOD *method, void *nonce, BIO *out, int indent); static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, int indent); -static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); +static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str); static int i2r_ocsp_serviceloc(X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind); X509V3_EXT_METHOD v3_ocsp_crlid = { @@ -208,7 +208,7 @@ static int i2d_ocsp_nonce(void *a, unsigned char **pp) return os->length; } -static void *d2i_ocsp_nonce(void *a, unsigned char **pp, long length) +static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length) { ASN1_OCTET_STRING *os, **pos; pos = a; @@ -246,7 +246,7 @@ static int i2r_ocsp_nocheck(X509V3_EXT_METHOD *method, void *nocheck, BIO *out, return 1; } -static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) +static void *s2i_ocsp_nocheck(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str) { return ASN1_NULL_new(); } diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index 8e3b3d8670..20bd9bda19 100644 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -109,10 +109,11 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde { void *ext_str = NULL; char *value = NULL; - unsigned char *p; + const unsigned char *p; X509V3_EXT_METHOD *method; STACK_OF(CONF_VALUE) *nval = NULL; int ok = 1; + if(!(method = X509V3_EXT_get(ext))) return unknown_ext_print(out, ext, flag, indent, 0); p = ext->value->data; diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index 25b049bfbb..ec4df61bb8 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -74,14 +74,14 @@ struct v3_ext_ctx; typedef void * (*X509V3_EXT_NEW)(void); typedef void (*X509V3_EXT_FREE)(void *); -typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); +typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); +typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); +typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, const char *str); /* V3 extension structure */ diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index da88460259..77d8a3b839 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -1034,7 +1034,7 @@ static int get_server_finished(SSL *s) } /* loads in the certificate from the server */ -int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data) +int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data) { STACK_OF(X509) *sk=NULL; EVP_PKEY *pkey=NULL; diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 5da2a54af3..6c43f72078 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -936,6 +936,7 @@ static int server_finish(SSL *s) /* send the request and check the response */ static int request_certificate(SSL *s) { + const unsigned char *cp; unsigned char *p,*p2,*buf2; unsigned char *ccd; int i,j,ctype,ret= -1; @@ -1052,7 +1053,8 @@ static int request_certificate(SSL *s) s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* CLIENT-CERTIFICATE */ p += 6; - x509=(X509 *)d2i_X509(NULL,&p,(long)s->s2->tmp.clen); + cp = p; + x509=(X509 *)d2i_X509(NULL,&cp,(long)s->s2->tmp.clen); if (x509 == NULL) { SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB); @@ -1092,7 +1094,7 @@ static int request_certificate(SSL *s) pkey=X509_get_pubkey(x509); if (pkey == NULL) goto end; - i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey); + i=EVP_VerifyFinal(&ctx,cp,s->s2->tmp.rlen,pkey); EVP_PKEY_free(pkey); EVP_MD_CTX_cleanup(&ctx); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index cd70bb1fb9..09f6c8d3ab 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -780,7 +780,8 @@ static int ssl3_get_server_certificate(SSL *s) int al,i,ok,ret= -1; unsigned long n,nc,llen,l; X509 *x=NULL; - unsigned char *p,*d,*q; + const unsigned char *q,*p; + unsigned char *d; STACK_OF(X509) *sk=NULL; SESS_CERT *sc; EVP_PKEY *pkey=NULL; @@ -807,7 +808,7 @@ static int ssl3_get_server_certificate(SSL *s) SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE); goto f_err; } - d=p=(unsigned char *)s->init_msg; + p=d=(unsigned char *)s->init_msg; if ((sk=sk_X509_new_null()) == NULL) { @@ -1408,7 +1409,8 @@ static int ssl3_get_certificate_request(SSL *s) unsigned long n,nc,l; unsigned int llen,ctype_num,i; X509_NAME *xn=NULL; - unsigned char *p,*d,*q; + const unsigned char *p,*q; + unsigned char *d; STACK_OF(X509_NAME) *ca_sk=NULL; n=ssl3_get_message(s, @@ -1447,7 +1449,7 @@ static int ssl3_get_certificate_request(SSL *s) } } - d=p=(unsigned char *)s->init_msg; + p=d=(unsigned char *)s->init_msg; if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL) { diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index c426cd444b..be92932bb6 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2294,7 +2294,8 @@ static int ssl3_get_client_certificate(SSL *s) int i,ok,al,ret= -1; X509 *x=NULL; unsigned long l,nc,llen,n; - unsigned char *p,*d,*q; + const unsigned char *p,*q; + unsigned char *d; STACK_OF(X509) *sk=NULL; n=ssl3_get_message(s, @@ -2332,7 +2333,7 @@ static int ssl3_get_client_certificate(SSL *s) SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE); goto f_err; } - d=p=(unsigned char *)s->init_msg; + p=d=(unsigned char *)s->init_msg; if ((sk=sk_X509_new_null()) == NULL) { diff --git a/ssl/ssl.h b/ssl/ssl.h index 1ceb10ab7e..6a022bf03e 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1233,9 +1233,9 @@ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); #endif int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); -int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len); +int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, const unsigned char *d, long len); int SSL_use_certificate(SSL *ssl, X509 *x); -int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len); +int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len); #ifndef OPENSSL_NO_STDIO int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); @@ -1305,12 +1305,12 @@ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,v #ifndef OPENSSL_NO_RSA int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); #endif -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len); int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx, - unsigned char *d, long len); + const unsigned char *d, long len); int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); +int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d); void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb); void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 4adf5f5b1c..c2e6ff8cf7 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -544,7 +544,7 @@ SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p); int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); int ssl2_part_read(SSL *s, unsigned long f, int i); int ssl2_do_write(SSL *s); -int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data); +int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data); void ssl2_return_error(SSL *s,int reason); void ssl2_write_error(SSL *s); int ssl2_num_ciphers(void); diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 330390519b..72511d248b 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -131,7 +131,7 @@ end: } #endif -int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len) +int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) { X509 *x; int ret; @@ -382,10 +382,10 @@ end: } #endif -int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len) +int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len) { int ret; - unsigned char *p; + const unsigned char *p; EVP_PKEY *pkey; p=d; @@ -545,7 +545,7 @@ end: } #endif -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d) +int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) { X509 *x; int ret; @@ -640,7 +640,7 @@ end: } #endif -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len) +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len) { int ret; const unsigned char *p; @@ -717,11 +717,11 @@ end: } #endif -int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d, +int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d, long len) { int ret; - unsigned char *p; + const unsigned char *p; EVP_PKEY *pkey; p=d; -- 2.34.1