diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c index 635ae829d..d64ec746c 100644 --- a/crypto/asn1/d2i_dhp.c +++ b/crypto/asn1/d2i_dhp.c @@ -64,7 +64,7 @@ #include #include -DH *d2i_DHparams(DH **a, unsigned char **pp, long length) +DH *d2i_DHparams(DH **a, const unsigned char **pp, long length) { int i=ERR_R_NESTED_ASN1_ERROR; ASN1_INTEGER *bs=NULL; diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c index b1de17fe0..68d0c7434 100644 --- a/crypto/asn1/i2d_dhp.c +++ b/crypto/asn1/i2d_dhp.c @@ -63,7 +63,7 @@ #include #include -int i2d_DHparams(DH *a, unsigned char **pp) +int i2d_DHparams(const DH *a, unsigned char **pp) { BIGNUM *num[3]; ASN1_INTEGER bs; diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index 644349df4..62bc704d3 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -261,7 +261,7 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, #ifndef NO_DH #ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x) +int DHparams_print_fp(FILE *fp, const DH *x) { BIO *b; int ret; @@ -278,7 +278,7 @@ int DHparams_print_fp(FILE *fp, DH *x) } #endif -int DHparams_print(BIO *bp, DH *x) +int DHparams_print(BIO *bp, const DH *x) { unsigned char *m=NULL; int reason=ERR_R_BUF_LIB,i,ret=0; diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 7a8d9f88c..7e732e1c3 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -81,9 +81,9 @@ typedef struct dh_method { const char *name; /* Methods here */ int (*generate_key)(DH *dh); - int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh); - int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, + int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh); + int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, + const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(DH *dh); @@ -152,13 +152,13 @@ struct dh_st (unsigned char *)(x)) #endif -DH_METHOD *DH_OpenSSL(void); +const DH_METHOD *DH_OpenSSL(void); -void DH_set_default_openssl_method(DH_METHOD *meth); -DH_METHOD *DH_get_default_openssl_method(void); +void DH_set_default_openssl_method(const DH_METHOD *meth); +const DH_METHOD *DH_get_default_openssl_method(void); #if 0 -DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth); -DH *DH_new_method(DH_METHOD *meth); +const DH_METHOD *DH_set_method(DH *dh, const DH_METHOD *meth); +DH *DH_new_method(const DH_METHOD *meth); #else int DH_set_method(DH *dh, struct engine_st *engine); DH *DH_new_method(struct engine_st *engine); @@ -166,27 +166,27 @@ DH *DH_new_method(struct engine_st *engine); DH * DH_new(void); void DH_free(DH *dh); -int DH_size(DH *dh); +int DH_size(const DH *dh); int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); DH * DH_generate_parameters(int prime_len,int generator, void (*callback)(int,int,void *),void *cb_arg); -int DH_check(DH *dh,int *codes); +int DH_check(const DH *dh,int *codes); int DH_generate_key(DH *dh); -int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); -DH * d2i_DHparams(DH **a,unsigned char **pp, long length); -int i2d_DHparams(DH *a,unsigned char **pp); +int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); +DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); +int i2d_DHparams(const DH *a,unsigned char **pp); #ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x); +int DHparams_print_fp(FILE *fp, const DH *x); #endif #ifndef NO_BIO -int DHparams_print(BIO *bp, DH *x); +int DHparams_print(BIO *bp, const DH *x); #else -int DHparams_print(char *bp, DH *x); +int DHparams_print(char *bp, const DH *x); #endif -void ERR_load_DH_strings(void ); +void ERR_load_DH_strings(void); /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index 7e5cfd8bf..f0373f7d6 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -70,7 +70,7 @@ * should hold. */ -int DH_check(DH *dh, int *ret) +int DH_check(const DH *dh, int *ret) { int ok=0; BN_CTX *ctx=NULL; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 6915d79dc..0e4fee101 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -64,8 +64,9 @@ #include static int generate_key(DH *dh); -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); +static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int dh_init(DH *dh); @@ -76,7 +77,7 @@ int DH_generate_key(DH *dh) return ENGINE_get_DH(dh->engine)->generate_key(dh); } -int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) +int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); } @@ -92,7 +93,7 @@ dh_finish, NULL }; -DH_METHOD *DH_OpenSSL(void) +const DH_METHOD *DH_OpenSSL(void) { return &dh_ossl; } @@ -155,7 +156,7 @@ err: return(ok); } -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) +static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { BN_CTX ctx; BN_MONT_CTX *mont; @@ -193,7 +194,8 @@ err: return(ret); } -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 66803b556..fcb814234 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -64,11 +64,11 @@ const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; -static DH_METHOD *default_DH_method; +static const DH_METHOD *default_DH_method; static int dh_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL; -void DH_set_default_openssl_method(DH_METHOD *meth) +void DH_set_default_openssl_method(const DH_METHOD *meth) { ENGINE *e; /* We'll need to notify the "openssl" ENGINE of this @@ -87,7 +87,7 @@ void DH_set_default_openssl_method(DH_METHOD *meth) } } -DH_METHOD *DH_get_default_openssl_method(void) +const DH_METHOD *DH_get_default_openssl_method(void) { if(!default_DH_method) default_DH_method = DH_OpenSSL(); return default_DH_method; @@ -107,7 +107,7 @@ DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) int DH_set_method(DH *dh, ENGINE *engine) { ENGINE *mtmp; - DH_METHOD *meth; + const DH_METHOD *meth; mtmp = dh->engine; meth = ENGINE_get_DH(mtmp); if (!ENGINE_init(engine)) @@ -133,7 +133,7 @@ DH *DH_new_method(DH_METHOD *meth) DH *DH_new_method(ENGINE *engine) #endif { - DH_METHOD *meth; + const DH_METHOD *meth; DH *ret; ret=(DH *)OPENSSL_malloc(sizeof(DH)); @@ -180,7 +180,7 @@ DH *DH_new_method(ENGINE *engine) void DH_free(DH *r) { - DH_METHOD *meth; + const DH_METHOD *meth; int i; if(r == NULL) return; i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); @@ -231,7 +231,7 @@ void *DH_get_ex_data(DH *d, int idx) return(CRYPTO_get_ex_data(&d->ex_data,idx)); } -int DH_size(DH *dh) +int DH_size(const DH *dh) { return(BN_num_bytes(dh->p)); } diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h index 826bdff76..2d93ad0d6 100644 --- a/crypto/engine/engine.h +++ b/crypto/engine/engine.h @@ -180,7 +180,7 @@ int ENGINE_set_id(ENGINE *e, const char *id); int ENGINE_set_name(ENGINE *e, const char *name); int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth); +int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth); int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp); int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt); @@ -197,7 +197,7 @@ const char *ENGINE_get_id(ENGINE *e); const char *ENGINE_get_name(ENGINE *e); const RSA_METHOD *ENGINE_get_RSA(ENGINE *e); const DSA_METHOD *ENGINE_get_DSA(ENGINE *e); -DH_METHOD *ENGINE_get_DH(ENGINE *e); +const DH_METHOD *ENGINE_get_DH(ENGINE *e); RAND_METHOD *ENGINE_get_RAND(ENGINE *e); BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e); BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e); diff --git a/crypto/engine/engine_int.h b/crypto/engine/engine_int.h index 547893fdd..b04067992 100644 --- a/crypto/engine/engine_int.h +++ b/crypto/engine/engine_int.h @@ -84,7 +84,7 @@ struct engine_st const char *name; const RSA_METHOD *rsa_meth; const DSA_METHOD *dsa_meth; - DH_METHOD *dh_meth; + const DH_METHOD *dh_meth; RAND_METHOD *rand_meth; BN_MOD_EXP bn_mod_exp; BN_MOD_EXP_CRT bn_mod_exp_crt; diff --git a/crypto/engine/engine_list.c b/crypto/engine/engine_list.c index 67bb7d03d..8be1cb6d4 100644 --- a/crypto/engine/engine_list.c +++ b/crypto/engine/engine_list.c @@ -454,7 +454,7 @@ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth) return 1; } -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth) +int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth) { if((e == NULL) || (dh_meth == NULL)) { @@ -582,7 +582,7 @@ const DSA_METHOD *ENGINE_get_DSA(ENGINE *e) return e->dsa_meth; } -DH_METHOD *ENGINE_get_DH(ENGINE *e) +const DH_METHOD *ENGINE_get_DH(ENGINE *e) { if(e == NULL) { diff --git a/crypto/engine/hw_atalla.c b/crypto/engine/hw_atalla.c index b19639caa..c1640ca00 100644 --- a/crypto/engine/hw_atalla.c +++ b/crypto/engine/hw_atalla.c @@ -95,7 +95,8 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -172,7 +173,7 @@ ENGINE *ENGINE_atalla() { const RSA_METHOD *meth1; const DSA_METHOD *meth2; - DH_METHOD *meth3; + const DH_METHOD *meth3; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the atalla-specific mod_exp and mod_exp_crt so we use @@ -433,7 +434,8 @@ static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int atalla_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return atalla_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_cswift.c b/crypto/engine/hw_cswift.c index cb6beefd6..cc723ac08 100644 --- a/crypto/engine/hw_cswift.c +++ b/crypto/engine/hw_cswift.c @@ -107,7 +107,8 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -183,7 +184,7 @@ static ENGINE engine_cswift = ENGINE *ENGINE_cswift() { const RSA_METHOD *meth1; - DH_METHOD *meth2; + const DH_METHOD *meth2; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -796,7 +797,8 @@ err: } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int cswift_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return cswift_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_ncipher.c b/crypto/engine/hw_ncipher.c index bb7e82c9f..8799a747d 100644 --- a/crypto/engine/hw_ncipher.c +++ b/crypto/engine/hw_ncipher.c @@ -104,8 +104,9 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, /* DH stuff */ /* This function is alised to mod_exp (with the DH and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* RAND stuff */ static int hwcrhk_rand_bytes(unsigned char *buf, int num); @@ -292,7 +293,7 @@ static HWCryptoHook_InitInfo hwcrhk_globals = { ENGINE *ENGINE_ncipher() { const RSA_METHOD *meth1; - DH_METHOD *meth2; + const DH_METHOD *meth2; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use @@ -860,7 +861,8 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int hwcrhk_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, +static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return hwcrhk_mod_exp(r, a, p, m, ctx); diff --git a/crypto/engine/hw_nuron.c b/crypto/engine/hw_nuron.c index 2fd394f75..b6242de44 100644 --- a/crypto/engine/hw_nuron.c +++ b/crypto/engine/hw_nuron.c @@ -177,8 +177,9 @@ static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } /* This function is aliased to mod_exp (with the dh and mont dropped). */ -static int nuron_mod_exp_dh(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) +static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r, + const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { return nuron_mod_exp(r, a, p, m, ctx); } @@ -252,7 +253,7 @@ ENGINE *ENGINE_nuron() { const RSA_METHOD *meth1; const DSA_METHOD *meth2; - DH_METHOD *meth3; + const DH_METHOD *meth3; /* We know that the "PKCS1_SSLeay()" functions hook properly * to the nuron-specific mod_exp and mod_exp_crt so we use