Constify (Jason Molenda <jason@molenda.com>)

[openssl.git] / crypto / evp / evp_key.c

diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 28398bcba46ba1c912b7ff4b3017535a64b595cf..26cdcdf19539e83e7cf59967f7e60fd41f25b5db 100644 (file)
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -81,20 +81,23 @@ char *EVP_get_pw_prompt(void)
                return(prompt_string);
        }
 
-#ifdef NO_DES
-int des_read_pw_string(char *buf,int len,char *prompt,int verify);
-#endif
-
+/* For historical reasons, the standard function for reading passwords is
+ * in the DES library -- if someone ever wants to disable DES,
+ * this function will fail */
 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
        {
+#ifndef OPENSSL_NO_DES
        if ((prompt == NULL) && (prompt_string[0] != '\0'))
                prompt=prompt_string;
        return(des_read_pw_string(buf,len,prompt,verify));
+#else
+       return -1;
+#endif
        }
 
-int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt,
-            unsigned char *data, int datal, int count, unsigned char *key,
-            unsigned char *iv)
+int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 
+            const unsigned char *salt, const unsigned char *data, int datal,
+            int count, unsigned char *key, unsigned char *iv)
        {
        EVP_MD_CTX c;
        unsigned char md_buf[EVP_MAX_MD_SIZE];
@@ -113,7 +116,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt,
                        EVP_DigestUpdate(&c,&(md_buf[0]),mds);
                EVP_DigestUpdate(&c,data,datal);
                if (salt != NULL)
-                       EVP_DigestUpdate(&c,salt,8);
+                       EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
                EVP_DigestFinal(&c,&(md_buf[0]),&mds);
 
                for (i=1; i<(unsigned int)count; i++)