diff --git a/CHANGES b/CHANGES index ae847366a..c762dc68e 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,10 @@ Changes between 0.9.3a and 0.9.4 + *) Introduce some semblance of const correctness to BN. Shame C doesn't + support mutable. + [Ben Laurie] + *) "linux-sparc64-gcc" configuration (ultrapenguin). [Ray Miller ] diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 88816c90d..1550c0724 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -76,15 +76,15 @@ EVP_CIPHER *enc; #define CLCERTS 0x8 #define CACERTS 0x10 -int get_cert_chain(X509 *cert, STACK **chain); +int get_cert_chain(X509 *cert, STACK_OF(X509) **chain); int dump_cert_text (BIO *out, X509 *x); int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options); int dump_certs_pkeys_bags(BIO *out, STACK *bags, char *pass, int passlen, int options); int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options); -int print_attribs(BIO *out, STACK *attrlst, char *name); +int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name); void hex_prin(BIO *out, unsigned char *buf, int len); int alg_print(BIO *x, X509_ALGOR *alg); -int cert_load(BIO *in, STACK *sk); +int cert_load(BIO *in, STACK_OF(X509) *sk); int MAIN(int argc, char **argv) { char *infile=NULL, *outfile=NULL, *keyname = NULL; @@ -286,7 +286,7 @@ if (export_cert) { PKCS8_PRIV_KEY_INFO *p8; PKCS7 *authsafe; X509 *cert, *ucert = NULL; - STACK *certs; + STACK_OF(X509) *certs; char *catmp; int i, pmatch = 0; unsigned char keyid[EVP_MAX_MD_SIZE]; @@ -300,7 +300,7 @@ if (export_cert) { goto end; } - certs = sk_new(NULL); + certs = sk_X509_new(NULL); /* Load in all certs in input file */ if(!cert_load(in, certs)) { @@ -323,8 +323,8 @@ if (export_cert) { /* Find certificate (if any) matching private key */ - for(i = 0; i < sk_num(certs); i++) { - cert = (X509 *)sk_value(certs, i); + for(i = 0; i < sk_X509_num(certs); i++) { + cert = sk_X509_value(certs, i); if(X509_check_private_key(cert, key)) { ucert = cert; break; @@ -339,7 +339,7 @@ if (export_cert) { /* If chaining get chain from user cert */ if (chain) { int vret; - STACK *chain2; + STACK_OF(X509) *chain2; vret = get_cert_chain (ucert, &chain2); if (vret) { @@ -348,15 +348,15 @@ if (export_cert) { goto end; } /* Exclude verified certificate */ - for (i = 1; i < sk_num (chain2) ; i++) - sk_push(certs, sk_value (chain2, i)); - sk_free(chain2); + for (i = 1; i < sk_X509_num (chain2) ; i++) + sk_X509_push(certs, sk_X509_value (chain2, i)); + sk_X509_free(chain2); } /* We now have loads of certificates: include them all */ - for(i = 0; i < sk_num(certs); i++) { - cert = (X509 *)sk_value(certs, i); + for(i = 0; i < sk_X509_num(certs); i++) { + cert = sk_X509_value(certs, i); bag = M_PKCS12_x5092certbag(cert); /* If it matches private key mark it */ if(cert == ucert) { @@ -586,11 +586,11 @@ int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass, /* Hope this is OK .... */ -int get_cert_chain (X509 *cert, STACK **chain) +int get_cert_chain (X509 *cert, STACK_OF(X509) **chain) { X509_STORE *store; X509_STORE_CTX store_ctx; - STACK *chn; + STACK_OF(X509) *chn; int i; X509 *x; store = X509_STORE_new (); @@ -600,9 +600,9 @@ int get_cert_chain (X509 *cert, STACK **chain) i = X509_STORE_CTX_get_error (&store_ctx); goto err; } - chn = sk_dup(X509_STORE_CTX_get_chain (&store_ctx)); - for (i = 0; i < sk_num(chn); i++) { - x = (X509 *)sk_value(chn, i); + chn = sk_X509_dup(X509_STORE_CTX_get_chain (&store_ctx)); + for (i = 0; i < sk_X509_num(chn); i++) { + x = sk_X509_value(chn, i); CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); } i = 0; @@ -628,14 +628,14 @@ int alg_print (BIO *x, X509_ALGOR *alg) /* Load all certificates from a given file */ -int cert_load(BIO *in, STACK *sk) +int cert_load(BIO *in, STACK_OF(X509) *sk) { int ret; X509 *cert; ret = 0; while((cert = PEM_read_bio_X509(in, NULL, NULL))) { ret = 1; - sk_push(sk, (char *)cert); + sk_X509_push(sk, cert); } if(ret) ERR_clear_error(); return ret; @@ -643,7 +643,7 @@ int cert_load(BIO *in, STACK *sk) /* Generalised attribute print: handle PKCS#8 and bag attributes */ -int print_attribs (BIO *out, STACK *attrlst, char *name) +int print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst, char *name) { X509_ATTRIBUTE *attr; ASN1_TYPE *av; @@ -653,13 +653,13 @@ int print_attribs (BIO *out, STACK *attrlst, char *name) BIO_printf(out, "%s: \n", name); return 1; } - if(!sk_num(attrlst)) { + if(!sk_X509_ATTRIBUTE_num(attrlst)) { BIO_printf(out, "%s: \n", name); return 1; } BIO_printf(out, "%s\n", name); - for(i = 0; i < sk_num(attrlst); i++) { - attr = (X509_ATTRIBUTE *) sk_value(attrlst, i); + for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) { + attr = sk_X509_ATTRIBUTE_value(attrlst, i); attr_nid = OBJ_obj2nid(attr->object); BIO_printf(out, " "); if(attr_nid == NID_undef) { diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h index a1bbfddc7..42825f548 100644 --- a/crypto/asn1/asn1_mac.h +++ b/crypto/asn1/asn1_mac.h @@ -163,6 +163,11 @@ err:\ V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ { M_ASN1_D2I_get_set(r,func,free_func); } +#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ + { M_ASN1_D2I_get_set_type(type,r,func,free_func); } + #define M_ASN1_I2D_len_SET_opt(a,f) \ if ((a != NULL) && (sk_num(a) != 0)) \ M_ASN1_I2D_len_SET(a,f); diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 4acd0174f..1ad2c5cea 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -316,22 +316,23 @@ BN_CTX *BN_CTX_new(void); void BN_CTX_init(BN_CTX *c); void BN_CTX_free(BN_CTX *c); int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); -int BN_num_bits(BIGNUM *a); +int BN_num_bits(const BIGNUM *a); int BN_num_bits_word(BN_ULONG); BIGNUM *BN_new(void); void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); -BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b); +BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2bin(BIGNUM *a, unsigned char *to); BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret); int BN_bn2mpi(BIGNUM *a, unsigned char *to); -int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b); -int BN_usub(BIGNUM *r, BIGNUM *a, BIGNUM *b); -int BN_uadd(BIGNUM *r, BIGNUM *a, BIGNUM *b); +int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); +int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); +int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b); -int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); -int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx); +int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); +int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, + BN_CTX *ctx); int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b,BN_CTX *ctx); int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx); BN_ULONG BN_mod_word(BIGNUM *a, BN_ULONG w); @@ -341,22 +342,22 @@ int BN_add_word(BIGNUM *a, BN_ULONG w); int BN_sub_word(BIGNUM *a, BN_ULONG w); int BN_set_word(BIGNUM *a, BN_ULONG w); BN_ULONG BN_get_word(BIGNUM *a); -int BN_cmp(BIGNUM *a, BIGNUM *b); +int BN_cmp(const BIGNUM *a, const BIGNUM *b); void BN_free(BIGNUM *a); -int BN_is_bit_set(BIGNUM *a, int n); -int BN_lshift(BIGNUM *r, BIGNUM *a, int n); +int BN_is_bit_set(const BIGNUM *a, int n); +int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); int BN_lshift1(BIGNUM *r, BIGNUM *a); int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx); -int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); -int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx, - BN_MONT_CTX *m_ctx); +int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m,BN_CTX *ctx); +int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); int BN_mask_bits(BIGNUM *a,int n); -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m, - BN_CTX *ctx); +int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); #ifndef WIN16 int BN_print_fp(FILE *fp, BIGNUM *a); #endif @@ -370,8 +371,8 @@ int BN_rshift(BIGNUM *r, BIGNUM *a, int n); int BN_rshift1(BIGNUM *r, BIGNUM *a); void BN_clear(BIGNUM *a); BIGNUM *bn_expand2(BIGNUM *b, int bits); -BIGNUM *BN_dup(BIGNUM *a); -int BN_ucmp(BIGNUM *a, BIGNUM *b); +BIGNUM *BN_dup(const BIGNUM *a); +int BN_ucmp(const BIGNUM *a, const BIGNUM *b); int BN_set_bit(BIGNUM *a, int n); int BN_clear_bit(BIGNUM *a, int n); char * BN_bn2hex(BIGNUM *a); @@ -379,7 +380,7 @@ char * BN_bn2dec(BIGNUM *a); int BN_hex2bn(BIGNUM **a,char *str); int BN_dec2bn(BIGNUM **a,char *str); int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, BIGNUM *n,BN_CTX *ctx); +BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int strong,BIGNUM *add, BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg); int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int,void *), @@ -396,10 +397,10 @@ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont, - BN_CTX *ctx); + BN_CTX *ctx); int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); -int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx); +int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx); BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); @@ -414,10 +415,11 @@ int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ void BN_RECP_CTX_init(BN_RECP_CTX *recp); BN_RECP_CTX *BN_RECP_CTX_new(void); void BN_RECP_CTX_free(BN_RECP_CTX *recp); -int BN_RECP_CTX_set(BN_RECP_CTX *recp,BIGNUM *rdiv,BN_CTX *ctx); +int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx); int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp,BN_CTX *ctx); -int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx); +int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx); int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp, BN_CTX *ctx); diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c index cd7d48d71..c5ab066c9 100644 --- a/crypto/bn/bn_add.c +++ b/crypto/bn/bn_add.c @@ -104,12 +104,12 @@ int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b) } /* unsigned add of b to a, r must be large enough */ -int BN_uadd(BIGNUM *r, BIGNUM *a, BIGNUM *b) +int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { register int i; int max,min; BN_ULONG *ap,*bp,*rp,carry,t1; - BIGNUM *tmp; + const BIGNUM *tmp; bn_check_top(a); bn_check_top(b); @@ -164,7 +164,7 @@ int BN_uadd(BIGNUM *r, BIGNUM *a, BIGNUM *b) } /* unsigned subtraction of b from a, a must be larger than b. */ -int BN_usub(BIGNUM *r, BIGNUM *a, BIGNUM *b) +int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { int max,min; register BN_ULONG t1,t2,*ap,*bp,*rp; @@ -255,11 +255,11 @@ int BN_usub(BIGNUM *r, BIGNUM *a, BIGNUM *b) return(1); } -int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b) +int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { int max; int add=0,neg=0; - BIGNUM *tmp; + const BIGNUM *tmp; bn_check_top(a); bn_check_top(b); diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index bffa9f3e6..baff07040 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -57,6 +57,7 @@ */ #include +#include #include "cryptlib.h" #include "bn_lcl.h" @@ -117,8 +118,8 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx) #else -int BN_div(BIGNUM *dv, BIGNUM *rm, BIGNUM *num, BIGNUM *divisor, - BN_CTX *ctx) +int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, + BN_CTX *ctx) { int norm_shift,i,j,loop; BIGNUM *tmp,wnum,*snum,*sdiv,*res; @@ -283,7 +284,7 @@ err: #endif /* rem != m */ -int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx) +int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) { #if 0 /* The old slow way */ int i,nm,nd; diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index 983303738..2df1614ad 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -63,7 +63,7 @@ #define TABLE_SIZE 16 /* slow but works */ -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m, BN_CTX *ctx) +int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx) { BIGNUM *t; int r=0; @@ -154,7 +154,8 @@ err: return(ret); } -int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx) +int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, + BN_CTX *ctx) { int ret; @@ -183,7 +184,8 @@ int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx) } /* #ifdef RECP_MUL_MOD */ -int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx) +int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx) { int i,j,bits,ret=0,wstart,wend,window,wvalue; int start=1,ts=0; @@ -296,12 +298,13 @@ err: /* #endif */ /* #ifdef MONT_MUL_MOD */ -int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, BIGNUM *p, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont) +int BN_mod_exp_mont(BIGNUM *rr, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) { int i,j,bits,ret=0,wstart,wend,window,wvalue; int start=1,ts=0; - BIGNUM *d,*aa,*r; + BIGNUM *d,*r; + BIGNUM *aa; BIGNUM val[TABLE_SIZE]; BN_MONT_CTX *mont=NULL; diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c index 6aac20443..64a76f449 100644 --- a/crypto/bn/bn_gcd.c +++ b/crypto/bn/bn_gcd.c @@ -140,7 +140,7 @@ err: } /* solves ax == 1 (mod n) */ -BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, BIGNUM *n, BN_CTX *ctx) +BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) { BIGNUM *A,*B,*X,*Y,*M,*D,*R; BIGNUM *T,*ret=NULL; diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 64c9fd9dc..ee194c55b 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -235,7 +235,7 @@ int BN_num_bits_word(BN_ULONG l) } } -int BN_num_bits(BIGNUM *a) +int BN_num_bits(const BIGNUM *a) { BN_ULONG l; int i; @@ -485,7 +485,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) return(b); } -BIGNUM *BN_dup(BIGNUM *a) +BIGNUM *BN_dup(const BIGNUM *a) { BIGNUM *r; @@ -496,7 +496,7 @@ BIGNUM *BN_dup(BIGNUM *a) return((BIGNUM *)BN_copy(r,a)); } -BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b) +BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) { int i; BN_ULONG *A; @@ -643,7 +643,7 @@ int BN_bn2bin(BIGNUM *a, unsigned char *to) return(n); } -int BN_ucmp(BIGNUM *a, BIGNUM *b) +int BN_ucmp(const BIGNUM *a, const BIGNUM *b) { int i; BN_ULONG t1,t2,*ap,*bp; @@ -665,7 +665,7 @@ int BN_ucmp(BIGNUM *a, BIGNUM *b) return(0); } -int BN_cmp(BIGNUM *a, BIGNUM *b) +int BN_cmp(const BIGNUM *a, const BIGNUM *b) { int i; int gt,lt; @@ -737,7 +737,7 @@ int BN_clear_bit(BIGNUM *a, int n) return(1); } -int BN_is_bit_set(BIGNUM *a, int n) +int BN_is_bit_set(const BIGNUM *a, int n) { int i,j; diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c index 5bdac17e6..ee0f410c2 100644 --- a/crypto/bn/bn_mont.c +++ b/crypto/bn/bn_mont.c @@ -68,8 +68,8 @@ #define MONT_WORD -int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_MONT_CTX *mont, - BN_CTX *ctx) +int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, + BN_MONT_CTX *mont, BN_CTX *ctx) { BIGNUM *tmp,*tmp2; @@ -298,7 +298,7 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) Free(mont); } -int BN_MONT_CTX_set(BN_MONT_CTX *mont, BIGNUM *mod, BN_CTX *ctx) +int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) { BIGNUM Ri,*R; diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c index 85b4ac814..c1b0e230e 100644 --- a/crypto/bn/bn_recp.c +++ b/crypto/bn/bn_recp.c @@ -91,7 +91,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp) Free(recp); } -int BN_RECP_CTX_set(BN_RECP_CTX *recp, BIGNUM *d, BN_CTX *ctx) +int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) { BN_copy(&(recp->N),d); BN_zero(&(recp->Nr)); diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c index 6dbe77b50..61aae65a6 100644 --- a/crypto/bn/bn_shift.c +++ b/crypto/bn/bn_shift.c @@ -121,7 +121,7 @@ int BN_rshift1(BIGNUM *r, BIGNUM *a) return(1); } -int BN_lshift(BIGNUM *r, BIGNUM *a, int n) +int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) { int i,nw,lb,rb; BN_ULONG *t,*f; diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c index 0dcf553e2..31c9782b7 100644 --- a/crypto/pkcs12/p12_attr.c +++ b/crypto/pkcs12/p12_attr.c @@ -93,11 +93,11 @@ int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name, } sk_ASN1_TYPE_push (attrib->value.set,keyid); attrib->set = 1; - if (!bag->attrib && !(bag->attrib = sk_new (NULL))) { + if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new (NULL))) { PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); return 0; } - sk_push (bag->attrib, (char *)attrib); + sk_X509_ATTRIBUTE_push (bag->attrib, attrib); return 1; } @@ -202,22 +202,22 @@ int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, } sk_ASN1_TYPE_push (attrib->value.set,fname); attrib->set = 1; - if (!bag->attrib && !(bag->attrib = sk_new (NULL))) { + if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new (NULL))) { PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, ERR_R_MALLOC_FAILURE); return 0; } - sk_push (bag->attrib, (char *)attrib); + sk_X509_ATTRIBUTE_push (bag->attrib, attrib); return PKCS12_OK; } -ASN1_TYPE *PKCS12_get_attr_gen (STACK *attrs, int attr_nid) +ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid) { X509_ATTRIBUTE *attrib; int i; if (!attrs) return NULL; - for (i = 0; i < sk_num (attrs); i++) { - attrib = (X509_ATTRIBUTE *) sk_value (attrs, i); + for (i = 0; i < sk_X509_ATTRIBUTE_num (attrs); i++) { + attrib = sk_X509_ATTRIBUTE_value (attrs, i); if (OBJ_obj2nid (attrib->object) == attr_nid) { if (sk_ASN1_TYPE_num (attrib->value.set)) return sk_ASN1_TYPE_value(attrib->value.set, 0); diff --git a/crypto/pkcs12/p12_sbag.c b/crypto/pkcs12/p12_sbag.c index 708729473..1b3addece 100644 --- a/crypto/pkcs12/p12_sbag.c +++ b/crypto/pkcs12/p12_sbag.c @@ -98,7 +98,7 @@ int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp) break; } - M_ASN1_I2D_len_SET (a->attrib, i2d_X509_ATTRIBUTE); + M_ASN1_I2D_len_SET_type (X509_ATTRIBUTE,a->attrib, i2d_X509_ATTRIBUTE); M_ASN1_I2D_seq_total (); @@ -134,7 +134,7 @@ int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp) break; } - M_ASN1_I2D_put_SET (a->attrib, i2d_X509_ATTRIBUTE); + M_ASN1_I2D_put_SET_type (X509_ATTRIBUTE, a->attrib, i2d_X509_ATTRIBUTE); M_ASN1_I2D_finish(); } @@ -146,7 +146,7 @@ PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void) M_ASN1_New_Malloc(ret, PKCS12_SAFEBAG); ret->type=NULL; ret->value.other=NULL; - M_ASN1_New(ret->attrib, sk_new_null); + M_ASN1_New(ret->attrib, sk_X509_ATTRIBUTE_new_null); ret->rest=NULL; return (ret); M_ASN1_New_Error(ASN1_F_PKCS12_SAFEBAG_NEW); @@ -192,8 +192,8 @@ PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp, d2i_ASN1_TYPE, 0); break; } - M_ASN1_D2I_get_set_opt(ret->attrib, d2i_X509_ATTRIBUTE, - X509_ATTRIBUTE_free); + M_ASN1_D2I_get_set_opt_type(X509_ATTRIBUTE,ret->attrib, + d2i_X509_ATTRIBUTE,X509_ATTRIBUTE_free); M_ASN1_D2I_Finish(a, PKCS12_SAFEBAG_free, ASN1_F_D2I_PKCS12_SAFEBAG); } @@ -222,6 +222,6 @@ void PKCS12_SAFEBAG_free (PKCS12_SAFEBAG *a) } ASN1_OBJECT_free (a->type); - sk_pop_free (a->attrib, X509_ATTRIBUTE_free); - Free ((char *)a); + sk_X509_ATTRIBUTE_pop_free (a->attrib, X509_ATTRIBUTE_free); + Free (a); } diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 34ca002b0..c660926cb 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -117,7 +117,7 @@ union { STACK /* PKCS12_SAFEBAG */ *safes; ASN1_TYPE *other; }value; -STACK *attrib; +STACK_OF(X509_ATTRIBUTE) *attrib; ASN1_TYPE *rest; } PKCS12_SAFEBAG; @@ -213,7 +213,7 @@ int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, int namelen); int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); -ASN1_TYPE *PKCS12_get_attr_gen(STACK *attrs, int attr_nid); +ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid); char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen, unsigned char *in, int inlen, diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index d38d7f92f..11f66b65f 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -84,8 +84,9 @@ typedef struct rsa_meth_st int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, RSA *rsa,int padding); int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, - BN_CTX *ctx,BN_MONT_CTX *m_ctx); /* Can be null */ + int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, + BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(RSA *rsa); /* called at new */ int (*finish)(RSA *rsa); /* called at free */ int flags; /* RSA_METHOD_FLAG_* things */ diff --git a/rsaref/rsaref.c b/rsaref/rsaref.c index b070c5684..7677eb9fc 100644 --- a/rsaref/rsaref.c +++ b/rsaref/rsaref.c @@ -78,7 +78,8 @@ int RSA_ref_public_encrypt(int len, unsigned char *from, unsigned char *to, RSA *rsa, int padding); int RSA_ref_public_decrypt(int len, unsigned char *from, unsigned char *to, RSA *rsa, int padding); -static int BN_ref_mod_exp(BIGNUM *r,BIGNUM *a,BIGNUM *p,BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int BN_ref_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,const BIGNUM *m, + BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa); static RSA_METHOD rsa_pkcs1_ref_meth={ "RSAref PKCS#1 RSA", @@ -105,8 +106,8 @@ static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) return(0); } -static int BN_ref_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx) +static int BN_ref_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { RSAREFerr(RSAREF_F_BN_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return(0);