The branch master has been updated via 245c6bc33b1481052f347f316cec16888aa1be85 (commit) via ac4e257747075958d37665f327bdf685dd2478ab (commit) via 0c8006480f2d5e4999726ab4161b173010bea13a (commit) from fddfc0afc84728f8a5140685163e66ce6471742d (commit)
- Log ----------------------------------------------------------------- commit 245c6bc33b1481052f347f316cec16888aa1be85 Author: Dr. Stephen Henson <st...@openssl.org> Date: Wed Aug 17 00:21:55 2016 +0100 Constify private key decode. Reviewed-by: Richard Levitte <levi...@openssl.org> commit ac4e257747075958d37665f327bdf685dd2478ab Author: Dr. Stephen Henson <st...@openssl.org> Date: Tue Aug 16 20:18:04 2016 +0100 constify X509_ALGOR_get0() Reviewed-by: Richard Levitte <levi...@openssl.org> commit 0c8006480f2d5e4999726ab4161b173010bea13a Author: Dr. Stephen Henson <st...@openssl.org> Date: Tue Aug 16 20:14:02 2016 +0100 Constify ASN1_item_unpack(). Reviewed-by: Richard Levitte <levi...@openssl.org> ----------------------------------------------------------------------- Summary of changes: apps/pkcs12.c | 6 +++--- crypto/asn1/ameth_lib.c | 2 +- crypto/asn1/asn_pack.c | 2 +- crypto/asn1/p8_pkey.c | 4 ++-- crypto/asn1/x_algor.c | 4 ++-- crypto/cms/cms_lib.c | 4 ++-- crypto/cms/cms_sd.c | 2 +- crypto/dh/dh_ameth.c | 18 +++++++++--------- crypto/dsa/dsa_ameth.c | 12 ++++++------ crypto/ec/ec_ameth.c | 20 ++++++++++---------- crypto/ec/ecx_meth.c | 6 +++--- crypto/evp/evp_pkey.c | 4 ++-- crypto/include/internal/asn1_int.h | 2 +- crypto/pkcs12/p12_mutl.c | 2 +- crypto/rsa/rsa_ameth.c | 2 +- doc/crypto/X509_ALGOR_dup.pod | 4 ++-- include/openssl/asn1.h | 2 +- include/openssl/evp.h | 2 +- include/openssl/x509.h | 10 +++++----- 19 files changed, 54 insertions(+), 54 deletions(-) diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 5f25734..9ef3591 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -523,7 +523,7 @@ int pkcs12_main(int argc, char **argv) if ((options & INFO) && PKCS12_mac_present(p12)) { ASN1_INTEGER *tmaciter; X509_ALGOR *macalgid; - ASN1_OBJECT *macobj; + const ASN1_OBJECT *macobj; PKCS12_get0_mac(NULL, &macalgid, NULL, &tmaciter, p12); X509_ALGOR_get0(&macobj, NULL, NULL, macalgid); BIO_puts(bio_err, "MAC:"); @@ -743,8 +743,8 @@ end: static int alg_print(X509_ALGOR *alg) { int pbenid, aparamtype; - ASN1_OBJECT *aoid; - void *aparam; + const ASN1_OBJECT *aoid; + const void *aparam; PBEPARAM *pbe = NULL; X509_ALGOR_get0(&aoid, &aparamtype, &aparam, alg); diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index d5a0247..1d32f5d 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -324,7 +324,7 @@ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_decode) (EVP_PKEY *pk, - PKCS8_PRIV_KEY_INFO + const PKCS8_PRIV_KEY_INFO *p8inf), int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index 1f5be53..63bc306 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -50,7 +50,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) /* Extract an ASN1 object from an ASN1_STRING */ -void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) +void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it) { const unsigned char *p; void *ret; diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index b8cc0b1..dbee827 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -50,9 +50,9 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, return 1; } -int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, +int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8) + const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8) { if (ppkalg) *ppkalg = p8->pkeyalg->algorithm; diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index dfebf68..72378db 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -50,8 +50,8 @@ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval) return 1; } -void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, - X509_ALGOR *algor) +void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, + const void **ppval, const X509_ALGOR *algor) { if (paobj) *paobj = algor->algorithm; diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index 86d9299..7395684 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -286,7 +286,7 @@ int CMS_set_detached(CMS_ContentInfo *cms, int detached) BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm) { BIO *mdbio = NULL; - ASN1_OBJECT *digestoid; + const ASN1_OBJECT *digestoid; const EVP_MD *digest; X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm); digest = EVP_get_digestbyobj(digestoid); @@ -312,7 +312,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, X509_ALGOR *mdalg) { int nid; - ASN1_OBJECT *mdoid; + const ASN1_OBJECT *mdoid; X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg); nid = OBJ_obj2nid(mdoid); /* Look for digest type to match signature */ diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 6c3db3b..76c1f53 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -285,7 +285,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, /* See if digest is present in digestAlgorithms */ for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) { - ASN1_OBJECT *aoid; + const ASN1_OBJECT *aoid; alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i); X509_ALGOR_get0(&aoid, NULL, NULL, alg); if (OBJ_obj2nid(aoid) == EVP_MD_type(md)) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 2e67eeb..cd77867 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -47,8 +47,8 @@ static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) const unsigned char *p, *pm; int pklen, pmlen; int ptype; - void *pval; - ASN1_STRING *pstr; + const void *pval; + const ASN1_STRING *pstr; X509_ALGOR *palg; ASN1_INTEGER *public_key = NULL; @@ -147,14 +147,14 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) * explicitly included and the pubkey must be recalculated. */ -static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) +static int dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p, *pm; int pklen, pmlen; int ptype; - void *pval; - ASN1_STRING *pstr; - X509_ALGOR *palg; + const void *pval; + const ASN1_STRING *pstr; + const X509_ALGOR *palg; ASN1_INTEGER *privkey = NULL; DH *dh = NULL; @@ -574,9 +574,9 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = { static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) { - ASN1_OBJECT *aoid; + const ASN1_OBJECT *aoid; int atype; - void *aval; + const void *aval; ASN1_INTEGER *public_key = NULL; int rv = 0; EVP_PKEY *pkpeer = NULL, *pk = NULL; @@ -741,7 +741,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri) EVP_CIPHER_CTX *ctx; int keylen; X509_ALGOR *talg, *wrap_alg = NULL; - ASN1_OBJECT *aoid; + const ASN1_OBJECT *aoid; ASN1_BIT_STRING *pubkey; ASN1_STRING *wrap_str; ASN1_OCTET_STRING *ukm; diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index f2f2cf5..7c0428d 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -22,8 +22,8 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) const unsigned char *p, *pm; int pklen, pmlen; int ptype; - void *pval; - ASN1_STRING *pstr; + const void *pval; + const ASN1_STRING *pstr; X509_ALGOR *palg; ASN1_INTEGER *public_key = NULL; @@ -130,14 +130,14 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) * AlgorithmIdentifier the pubkey must be recalculated. */ -static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) +static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p, *pm; int pklen, pmlen; int ptype; - void *pval; - ASN1_STRING *pstr; - X509_ALGOR *palg; + const void *pval; + const ASN1_STRING *pstr; + const X509_ALGOR *palg; ASN1_INTEGER *privkey = NULL; BN_CTX *ctx = NULL; diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 44dfbb4..a899932 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -89,11 +89,11 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) return 0; } -static EC_KEY *eckey_type2param(int ptype, void *pval) +static EC_KEY *eckey_type2param(int ptype, const void *pval) { EC_KEY *eckey = NULL; if (ptype == V_ASN1_SEQUENCE) { - ASN1_STRING *pstr = pval; + const ASN1_STRING *pstr = pval; const unsigned char *pm = NULL; int pmlen; pm = pstr->data; @@ -103,7 +103,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) goto ecerr; } } else if (ptype == V_ASN1_OBJECT) { - ASN1_OBJECT *poid = pval; + const ASN1_OBJECT *poid = pval; EC_GROUP *group; /* @@ -135,7 +135,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const unsigned char *p = NULL; - void *pval; + const void *pval; int ptype, pklen; EC_KEY *eckey = NULL; X509_ALGOR *palg; @@ -179,13 +179,13 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) return -2; } -static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) +static int eckey_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p = NULL; - void *pval; + const void *pval; int ptype, pklen; EC_KEY *eckey = NULL; - X509_ALGOR *palg; + const X509_ALGOR *palg; if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) return 0; @@ -562,9 +562,9 @@ int ECParameters_print(BIO *bp, const EC_KEY *x) static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) { - ASN1_OBJECT *aoid; + const ASN1_OBJECT *aoid; int atype; - void *aval; + const void *aval; int rv = 0; EVP_PKEY *pkpeer = NULL; EC_KEY *ecpeer = NULL; @@ -738,7 +738,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) EVP_CIPHER_CTX *ctx; int keylen; X509_ALGOR *talg, *wrap_alg = NULL; - ASN1_OBJECT *aoid; + const ASN1_OBJECT *aoid; ASN1_BIT_STRING *pubkey; ASN1_STRING *wrap_str; ASN1_OCTET_STRING *ukm; diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index f717951..06e3911 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -32,7 +32,7 @@ typedef enum { } ecx_key_op_t; /* Setup EVP_PKEY using public, private or generation */ -static int ecx_key_op(EVP_PKEY *pkey, X509_ALGOR *palg, +static int ecx_key_op(EVP_PKEY *pkey, const X509_ALGOR *palg, const unsigned char *p, int plen, ecx_key_op_t op) { X25519_KEY *xkey; @@ -135,12 +135,12 @@ static int ecx_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) return !CRYPTO_memcmp(akey->pubkey, bkey->pubkey, X25519_KEYLEN); } -static int ecx_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) +static int ecx_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p; int plen; ASN1_OCTET_STRING *oct = NULL; - X509_ALGOR *palg; + const X509_ALGOR *palg; int rv; if (!PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8)) diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 82ab1ef..81bffa6 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -18,10 +18,10 @@ /* Extract a private key from a PKCS8 structure */ -EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) +EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) { EVP_PKEY *pkey = NULL; - ASN1_OBJECT *algoid; + const ASN1_OBJECT *algoid; char obj_tmp[80]; if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) diff --git a/crypto/include/internal/asn1_int.h b/crypto/include/internal/asn1_int.h index f4c71fc..f70e3b4 100644 --- a/crypto/include/internal/asn1_int.h +++ b/crypto/include/internal/asn1_int.h @@ -22,7 +22,7 @@ struct evp_pkey_asn1_method_st { int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); - int (*priv_decode) (EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf); + int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf); int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk); int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index 9c0c4df..9ab2659 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -75,7 +75,7 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, int md_size = 0; int md_type_nid; X509_ALGOR *macalg; - ASN1_OBJECT *macoid; + const ASN1_OBJECT *macoid; if (!PKCS7_type_is_data(p12->authsafes)) { PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA); diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index d55cf33..5694140 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -101,7 +101,7 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) return 1; } -static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) +static int rsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p; int pklen; diff --git a/doc/crypto/X509_ALGOR_dup.pod b/doc/crypto/X509_ALGOR_dup.pod index 8f6c9b0..21845e9 100644 --- a/doc/crypto/X509_ALGOR_dup.pod +++ b/doc/crypto/X509_ALGOR_dup.pod @@ -10,8 +10,8 @@ X509_ALGOR_dup, X509_ALGOR_set0, X509_ALGOR_get0, X509_ALGOR_set_md, X509_ALGOR_ X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *alg); int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); - void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, - X509_ALGOR *alg); + void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, + const void **ppval, const X509_ALGOR *alg); void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h index 40526fb..d37a3fc 100644 --- a/include/openssl/asn1.h +++ b/include/openssl/asn1.h @@ -772,7 +772,7 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num, unsigned char *data, int max_len); -void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); +void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it); ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 46a2e26..3727545 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1068,7 +1068,7 @@ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_bits) (const EVP_PKEY *pk)); void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_decode) (EVP_PKEY *pk, - PKCS8_PRIV_KEY_INFO + const PKCS8_PRIV_KEY_INFO *p8inf), int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 4ccf2ec..f8d1881 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -463,8 +463,8 @@ X509_REQ *X509_REQ_dup(X509_REQ *req); X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); -void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, - X509_ALGOR *algor); +void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, + const void **ppval, const X509_ALGOR *algor); void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); @@ -961,15 +961,15 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) -EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); +EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, int ptype, void *pval, unsigned char *penc, int penclen); -int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, +int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8); + const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8); const STACK_OF(X509_ATTRIBUTE) * PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8); _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits