Convert X509* functions to use const getters

Reviewed-by: N Richard Levitte <levitte@openssl.org>

Convert X509* functions to use const getters
Reviewed-by: N Richard Levitte <levitte@openssl.org>
8900f3e3 · Dr. Stephen Henson · 5e6089f0 · 8900f3e3 · 8900f3e3 · 8900f3e3
12 changed file
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -221,7 +221,7 @@ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id,
    return 1;
 }

-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey)
 {
    return pkey->ameth;
 }

--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -24,7 +24,7 @@

 static void EVP_PKEY_free_it(EVP_PKEY *x);

-int EVP_PKEY_bits(EVP_PKEY *pkey)
+int EVP_PKEY_bits(const EVP_PKEY *pkey)
 {
    if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
        return pkey->ameth->pkey_bits(pkey);

--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c
@@ -110,7 +110,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
    }

    if (!(cflag & X509_FLAG_NO_SIGNAME)) {
-        X509_ALGOR *tsig_alg = X509_get0_tbs_sigalg(x);
+        const X509_ALGOR *tsig_alg = X509_get0_tbs_sigalg(x);
        if (X509_signature_print(bp, tsig_alg, NULL) <= 0)
            goto err;
    }
@@ -170,8 +170,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
    }

    if (!(cflag & X509_FLAG_NO_IDS)) {
-        ASN1_BIT_STRING *iuid, *suid;
-        X509_get0_uids(&iuid, &suid, x);
+        const ASN1_BIT_STRING *iuid, *suid;
+        X509_get0_uids(x, &iuid, &suid);
        if (iuid != NULL) {
            if (BIO_printf(bp, "%8sIssuer Unique ID: ", "") <= 0)
                goto err;

--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -135,12 +135,13 @@ X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x)
    return x->cert_info.key;
 }

-STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x)
+const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x)
 {
    return x->cert_info.extensions;
 }

-void X509_get0_uids(ASN1_BIT_STRING **piuid, ASN1_BIT_STRING **psuid, X509 *x)
+void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
+                    const ASN1_BIT_STRING **psuid)
 {
    if (piuid != NULL)
        *piuid = x->cert_info.issuerUID;
@@ -148,7 +149,7 @@ void X509_get0_uids(ASN1_BIT_STRING **piuid, ASN1_BIT_STRING **psuid, X509 *x)
        *psuid = x->cert_info.subjectUID;
 }

-X509_ALGOR *X509_get0_tbs_sigalg(X509 *x)
+const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x)
 {
    return &x->cert_info.signature;
 }
--- a/crypto/x509/x509type.c
+++ b/crypto/x509/x509type.c
@@ -13,9 +13,9 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>

-int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
+int X509_certificate_type(X509 *x, const EVP_PKEY *pkey)
 {
-    EVP_PKEY *pk;
+    const EVP_PKEY *pk;
    int ret = 0, i;

    if (x == NULL)

--- a/doc/crypto/X509V3_get_d2i.pod
+++ b/doc/crypto/X509V3_get_d2i.pod
@@ -32,7 +32,7 @@ X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions
 int X509_REVOKED_add1_ext_i2d(X509_REVOKED *r, int nid, void *value, int crit,
                               unsigned long flags);

- STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+ const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
 const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
 STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);


--- a/doc/crypto/X509_get0_signature.pod
+++ b/doc/crypto/X509_get0_signature.pod
@@ -13,7 +13,7 @@ X509_CRL_get_signature_nid - signature information
 void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
                          const X509 *x);
 int X509_get_signature_nid(const X509 *x);
- X509_ALGOR *X509_get0_tbs_sigalg(X509 *x);
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);

 void X509_REQ_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
                              const X509_REQ *crl);

--- a/doc/crypto/X509_get0_uids.pod
+++ b/doc/crypto/X509_get0_uids.pod
@@ -8,7 +8,8 @@ X509_get0_uids - get certificate unique identifiers

 #include <openssl/x509.h>

- void X509_get0_uids(ASN1_BIT_STRING **piuid, ASN1_BIT_STRING **psuid, X509 *x);
+ void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
+                     const ASN1_BIT_STRING **psuid);

 =head1 DESCRIPTION


--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -895,7 +895,7 @@ int EVP_PKEY_encrypt_old(unsigned char *enc_key,
 int EVP_PKEY_type(int type);
 int EVP_PKEY_id(const EVP_PKEY *pkey);
 int EVP_PKEY_base_id(const EVP_PKEY *pkey);
-int EVP_PKEY_bits(EVP_PKEY *pkey);
+int EVP_PKEY_bits(const EVP_PKEY *pkey);
 int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
 int EVP_PKEY_size(EVP_PKEY *pkey);
 int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
@@ -1047,7 +1047,7 @@ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
                            const char **ppem_str,
                            const EVP_PKEY_ASN1_METHOD *ameth);

-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey);
 EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
                                        const char *pem_str,
                                        const char *info);

--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -630,14 +630,15 @@ int X509_get_signature_type(const X509 *x);
 * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
 */
 X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x);
-STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
-void X509_get0_uids(ASN1_BIT_STRING **piuid, ASN1_BIT_STRING **psuid, X509 *x);
-X509_ALGOR *X509_get0_tbs_sigalg(X509 *x);
+const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
+                    const ASN1_BIT_STRING **psuid);
+const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);

 EVP_PKEY *X509_get0_pubkey(const X509 *x);
 EVP_PKEY *X509_get_pubkey(X509 *x);
 ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
-int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
+int X509_certificate_type(X509 *x, const EVP_PKEY *pubkey /* optional */ );

 long X509_REQ_get_version(const X509_REQ *req);
 int X509_REQ_set_version(X509_REQ *x, long version);

--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1858,7 +1858,7 @@ __owur CERT_PKEY *ssl_get_server_send_pkey(SSL *s);
 __owur int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
                                   size_t *serverinfo_length);
 __owur EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
-__owur int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
+__owur int ssl_cert_type(X509 *x, const EVP_PKEY *pkey);
 void ssl_set_masks(SSL *s);
 __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 __owur int ssl_verify_alarm_type(long type);

--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -520,7 +520,7 @@ int tls_get_message_body(SSL *s, unsigned long *len)
    return 1;
 }

-int ssl_cert_type(X509 *x, EVP_PKEY *pk)
+int ssl_cert_type(X509 *x, const EVP_PKEY *pk)
 {
    if (pk == NULL &&
        (pk = X509_get0_pubkey(x)) == NULL)