As a consequence of the BIGNUM constification, the ENGINE code needs a

few small constifying changes, and why not throw in a couple of extras while I'm at it?

As a consequence of the BIGNUM constification, the ENGINE code needs a
few small constifying changes, and why not throw in a couple of extras while I'm at it?
10e473e9 · Richard Levitte · e7ef1a56 · 10e473e9 · 10e473e9 · 10e473e9
9 changed file
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@

 Changes between 0.9.6 and 0.9.7  [xx XXX 2000]

+  *) Constify the ENGINE code as a result of BIGNUM constification.
+     [Richard Levitte]
+
  *) Make it so the openssl application has all engines loaded by default.
     [Richard Levitte]


--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -105,12 +105,12 @@ extern "C" {
 /* mod_exp operation, calculates; r = a ^ p mod m
 * NB: ctx can be NULL, but if supplied, the implementation may use
 * it if it wishes. */
-typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+typedef int (*BN_MOD_EXP)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);

 /* private key operation for RSA, provided seperately in case other
 * RSA implementations wish to use it. */
-typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
 		const BIGNUM *iqmp, BN_CTX *ctx);

@@ -178,7 +178,7 @@ ENGINE *ENGINE_new(void);
 int ENGINE_free(ENGINE *e);
 int ENGINE_set_id(ENGINE *e, const char *id);
 int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth);
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
 int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth);
 int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth);
 int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth);
@@ -195,7 +195,7 @@ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
 * reference may be problematic! */
 const char *ENGINE_get_id(ENGINE *e);
 const char *ENGINE_get_name(ENGINE *e);
-RSA_METHOD *ENGINE_get_RSA(ENGINE *e);
+const RSA_METHOD *ENGINE_get_RSA(ENGINE *e);
 DSA_METHOD *ENGINE_get_DSA(ENGINE *e);
 DH_METHOD *ENGINE_get_DH(ENGINE *e);
 RAND_METHOD *ENGINE_get_RAND(ENGINE *e);

--- a/crypto/engine/engine_int.h
+++ b/crypto/engine/engine_int.h
@@ -82,7 +82,7 @@ struct engine_st
 	{
 	const char *id;
 	const char *name;
-	RSA_METHOD *rsa_meth;
+	const RSA_METHOD *rsa_meth;
 	DSA_METHOD *dsa_meth;
 	DH_METHOD *dh_meth;
 	RAND_METHOD *rand_meth;

--- a/crypto/engine/engine_list.c
+++ b/crypto/engine/engine_list.c
@@ -430,7 +430,7 @@ int ENGINE_set_name(ENGINE *e, const char *name)
 	return 1;
 	}

-int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth)
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
 	{
 	if((e == NULL) || (rsa_meth == NULL))
 		{
@@ -560,7 +560,7 @@ const char *ENGINE_get_name(ENGINE *e)
 	return e->name;
 	}

-RSA_METHOD *ENGINE_get_RSA(ENGINE *e)
+const RSA_METHOD *ENGINE_get_RSA(ENGINE *e)
 	{
 	if(e == NULL)
 		{

--- a/crypto/engine/engine_openssl.c
+++ b/crypto/engine/engine_openssl.c
@@ -72,7 +72,7 @@
 /* This is the only function we need to implement as OpenSSL
 * doesn't have a native CRT mod_exp. Perhaps this should be
 * BN_mod_exp_crt and moved into crypto/bn/ ?? ... dunno. */
-static int openssl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
 		const BIGNUM *iqmp, BN_CTX *ctx);

@@ -112,7 +112,7 @@ ENGINE *ENGINE_openssl()
 	}

 /* Chinese Remainder Theorem, taken and adapted from rsa_eay.c */
-static int openssl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int openssl_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dmp1,
 			const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
 	{

--- a/crypto/engine/hw_atalla.c
+++ b/crypto/engine/hw_atalla.c
@@ -76,13 +76,13 @@ static int atalla_init(void);
 static int atalla_finish(void);

 /* BIGNUM stuff */
-static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);

 /* RSA stuff */
-static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);

 /* DSA stuff */
@@ -293,7 +293,7 @@ static int atalla_finish()
 	return 1;
 	}

-static int atalla_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *m, BN_CTX *ctx)
 	{
 	/* I need somewhere to store temporary serialised values for
@@ -366,7 +366,7 @@ err:
 	return to_return;
 	}

-static int atalla_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 	{
 	BN_CTX *ctx = NULL;
 	int to_return = 0;
@@ -426,7 +426,7 @@ static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 	}

 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return atalla_mod_exp(r, a, p, m, ctx);

--- a/crypto/engine/hw_cswift.c
+++ b/crypto/engine/hw_cswift.c
@@ -88,16 +88,16 @@ static int cswift_init(void);
 static int cswift_finish(void);

 /* BIGNUM stuff */
-static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);
-static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
 		const BIGNUM *iqmp, BN_CTX *ctx);

 /* RSA stuff */
-static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);

 /* DSA stuff */
@@ -328,7 +328,7 @@ static int cswift_finish()
 	}

 /* Un petit mod_exp */
-static int cswift_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *m, BN_CTX *ctx)
 	{
 	/* I need somewhere to store temporary serialised values for
@@ -428,7 +428,7 @@ err:
 	}

 /* Un petit mod_exp chinois */
-static int cswift_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dmp1,
 			const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
 	{
@@ -541,7 +541,7 @@ err:
 	return to_return;
 	}
 
-static int cswift_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 	{
 	BN_CTX *ctx;
 	int to_return = 0;
@@ -562,7 +562,7 @@ err:
 	}

 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return cswift_mod_exp(r, a, p, m, ctx);

--- a/crypto/engine/hw_ncipher.c
+++ b/crypto/engine/hw_ncipher.c
@@ -93,13 +93,13 @@ static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*);
 static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*);

 /* BIGNUM stuff */
-static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);

 /* RSA stuff */
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa);
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa);
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);

 /* DH stuff */
@@ -681,7 +681,7 @@ static EVP_PKEY *hwcrhk_load_pubkey(const char *key_id, const char *passphrase)
 	}

 /* A little mod_exp */
-static int hwcrhk_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *m, BN_CTX *ctx)
 	{
 	char tempbuf[1024];
@@ -737,7 +737,7 @@ err:
 	return to_return;
 	}
 
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, BIGNUM *I, RSA *rsa)
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
 	{
 	char tempbuf[1024];
 	HWCryptoHook_ErrMsgBuf rmsg;
@@ -853,7 +853,7 @@ err:
 	}

 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return hwcrhk_mod_exp(r, a, p, m, ctx);

--- a/crypto/engine/hw_nuron.c
+++ b/crypto/engine/hw_nuron.c
@@ -67,7 +67,7 @@
 #ifndef NO_HW
 #ifndef NO_HW_NURON

-typedef int tfnModExp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
+typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
 static tfnModExp *pfnModExp = NULL;

 static DSO *pvDSOHandle = NULL;
@@ -115,7 +115,7 @@ static int nuron_finish()
 	return 1;
 	}

-static int nuron_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,
+static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,
 			 const BIGNUM *m,BN_CTX *ctx)
 	{
 	if(!pvDSOHandle)
@@ -126,7 +126,7 @@ static int nuron_mod_exp(BIGNUM *r,BIGNUM *a,const BIGNUM *p,
 	return pfnModExp(r,a,p,m);
 	}

-static int nuron_rsa_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
 	{
 	return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL);
 	}
@@ -170,7 +170,7 @@ static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 	}

 /* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int nuron_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			      const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
 	{
 	return nuron_mod_exp(r, a, p, m, ctx);