Constify DSA-related code.

crypto/asn1/d2i_dsap.c

@@ -68,7 +68,7 @@
 #define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
 #endif
 
-DSA *d2i_DSAparams(DSA **a, unsigned char **pp, long length)
+DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length)
 	{
 	int i=ERR_R_NESTED_ASN1_ERROR;
 	ASN1_INTEGER *bs=NULL;

crypto/asn1/d2i_pr.c

@@ -94,7 +94,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
 #endif
 #ifndef NO_DSA
 	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL)
+		if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,
+			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
 			{
 			ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
 			goto err;

crypto/asn1/d2i_pu.c

@@ -94,7 +94,8 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
 #endif
 #ifndef NO_DSA
 	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL)
+		if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,
+			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
 			{
 			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
 			goto err;

crypto/asn1/d2i_s_pr.c

@@ -66,7 +66,7 @@
 #include <openssl/objects.h>
 #include <openssl/asn1_mac.h>
 
-DSA *d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length)
+DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length)
 	{
 	int i=ASN1_R_PARSING;
 	ASN1_INTEGER *bs=NULL;

crypto/asn1/d2i_s_pu.c

@@ -70,7 +70,7 @@
 #define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
 #endif
 
-DSA *d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length)
+DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length)
 	{
 	int i=ASN1_R_PARSING;
 	ASN1_INTEGER *bs=NULL;

crypto/asn1/i2d_dsap.c

@@ -63,7 +63,7 @@
 #include <openssl/asn1_mac.h>
 #include <openssl/dsa.h>
 
-int i2d_DSAparams(DSA *a, unsigned char **pp)
+int i2d_DSAparams(const DSA *a, unsigned char **pp)
 	{
 	BIGNUM *num[3];
 	ASN1_INTEGER bs;

crypto/asn1/i2d_s_pr.c

@@ -64,7 +64,7 @@
 #include <openssl/objects.h>
 #include <openssl/asn1_mac.h>
 
-int i2d_DSAPrivateKey(DSA *a, unsigned char **pp)
+int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp)
 	{
 	BIGNUM *num[6];
 	unsigned char data[1];

crypto/asn1/i2d_s_pu.c

@@ -64,7 +64,7 @@
 #include <openssl/objects.h>
 #include <openssl/asn1_mac.h>
 
-int i2d_DSAPublicKey(DSA *a, unsigned char **pp)
+int i2d_DSAPublicKey(const DSA *a, unsigned char **pp)
 	{
 	BIGNUM *num[4];
 	ASN1_INTEGER bs;

crypto/asn1/t_pkey.c

@@ -140,7 +140,7 @@ err:
 
 #ifndef NO_DSA
 #ifndef NO_FP_API
-int DSA_print_fp(FILE *fp, DSA *x, int off)
+int DSA_print_fp(FILE *fp, const DSA *x, int off)
 	{
 	BIO *b;
 	int ret;
@@ -157,7 +157,7 @@ int DSA_print_fp(FILE *fp, DSA *x, int off)
 	}
 #endif
 
-int DSA_print(BIO *bp, DSA *x, int off)
+int DSA_print(BIO *bp, const DSA *x, int off)
 	{
 	char str[128];
 	unsigned char *m=NULL;
@@ -314,7 +314,7 @@ err:
 
 #ifndef NO_DSA
 #ifndef NO_FP_API
-int DSAparams_print_fp(FILE *fp, DSA *x)
+int DSAparams_print_fp(FILE *fp, const DSA *x)
         {
         BIO *b;
         int ret;
@@ -331,7 +331,7 @@ int DSAparams_print_fp(FILE *fp, DSA *x)
         }
 #endif
 
-int DSAparams_print(BIO *bp, DSA *x)
+int DSAparams_print(BIO *bp, const DSA *x)
 	{
 	unsigned char *m=NULL;
 	int reason=ERR_R_BUF_LIB,i,ret=0;

crypto/asn1/x_pubkey.c

@@ -206,6 +206,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	long j;
 	int type;
 	unsigned char *p;
+	const unsigned char *cp;
 #ifndef NO_DSA
 	X509_ALGOR *a;
 #endif
@@ -237,9 +238,9 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 		if (a->parameter->type == V_ASN1_SEQUENCE)
 			{
 			ret->pkey.dsa->write_params=0;
-			p=a->parameter->value.sequence->data;
+			cp=p=a->parameter->value.sequence->data;
 			j=a->parameter->value.sequence->length;
-			if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j))
+			if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
 				goto err;
 			}
 		ret->save_parameters=1;

crypto/dsa/dsa.h

@@ -154,19 +154,19 @@ struct dsa_st
 
 DSA_SIG * DSA_SIG_new(void);
 void	DSA_SIG_free(DSA_SIG *a);
-int	i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
+int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
 
 DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
 int	DSA_do_verify(const unsigned char *dgst,int dgst_len,
 		      DSA_SIG *sig,DSA *dsa);
 
-DSA_METHOD *DSA_OpenSSL(void);
+const DSA_METHOD *DSA_OpenSSL(void);
 
-void        DSA_set_default_openssl_method(DSA_METHOD *);
-DSA_METHOD *DSA_get_default_openssl_method(void);
+void        DSA_set_default_openssl_method(const DSA_METHOD *);
+const DSA_METHOD *DSA_get_default_openssl_method(void);
 #if 0
-DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
+const DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
 #else
 int DSA_set_method(DSA *dsa, struct engine_st *engine);
 #endif
@@ -177,13 +177,13 @@ DSA *	DSA_new_method(DSA_METHOD *meth);
 #else
 DSA *	DSA_new_method(struct engine_st *engine);
 #endif
-int	DSA_size(DSA *);
+int	DSA_size(const DSA *);
 	/* next 4 return -1 on error */
 int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
 int	DSA_sign(int type,const unsigned char *dgst,int dlen,
 		unsigned char *sig, unsigned int *siglen, DSA *dsa);
 int	DSA_verify(int type,const unsigned char *dgst,int dgst_len,
-		unsigned char *sigbuf, int siglen, DSA *dsa);
+		const unsigned char *sigbuf, int siglen, DSA *dsa);
 void	DSA_free (DSA *r);
 int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -192,24 +192,25 @@ void *DSA_get_ex_data(DSA *d, int idx);
 
 void	ERR_load_DSA_strings(void );
 
-DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
-DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
-DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
-DSA *	DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
+DSA *	d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
+DSA *	d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
+DSA * 	d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+DSA *	DSA_generate_parameters(int bits,
+		unsigned char *seed,int seed_len,
 		int *counter_ret, unsigned long *h_ret,void
 		(*callback)(int, int, void *),void *cb_arg);
 int	DSA_generate_key(DSA *a);
-int	i2d_DSAPublicKey(DSA *a, unsigned char **pp);
-int 	i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
-int	i2d_DSAparams(DSA *a,unsigned char **pp);
+int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+int	i2d_DSAparams(const DSA *a,unsigned char **pp);
 
 #ifndef NO_BIO
-int	DSAparams_print(BIO *bp, DSA *x);
-int	DSA_print(BIO *bp, DSA *x, int off);
+int	DSAparams_print(BIO *bp, const DSA *x);
+int	DSA_print(BIO *bp, const DSA *x, int off);
 #endif
 #ifndef NO_FP_API
-int	DSAparams_print_fp(FILE *fp, DSA *x);
-int	DSA_print_fp(FILE *bp, DSA *x, int off);
+int	DSAparams_print_fp(FILE *fp, const DSA *x);
+int	DSA_print_fp(FILE *bp, const DSA *x, int off);
 #endif
 
 #define DSS_prime_checks 50
@@ -221,7 +222,7 @@ int	DSA_print_fp(FILE *bp, DSA *x, int off);
 #ifndef NO_DH
 /* Convert DSA structure (key or just parameters) into DH structure
  * (be careful to avoid small subgroup attacks when using this!) */
-DH *DSA_dup_DH(DSA *r);
+DH *DSA_dup_DH(const DSA *r);
 #endif
 
 /* BEGIN ERROR CODES */

crypto/dsa/dsa_asn1.c

@@ -29,7 +29,7 @@ void DSA_SIG_free(DSA_SIG *r)
 	OPENSSL_free(r);
 }
 
-int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
+int i2d_DSA_SIG(const DSA_SIG *v, unsigned char **pp)
 {
 	int t=0,len;
 	ASN1_INTEGER rbs,sbs;
@@ -69,7 +69,7 @@ int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
 	return(t);
 }
 
-DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length)
+DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length)
 {
 	int i=ERR_R_NESTED_ASN1_ERROR;
 	ASN1_INTEGER *bs=NULL;

crypto/dsa/dsa_gen.c

@@ -79,7 +79,8 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 
-DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
+DSA *DSA_generate_parameters(int bits,
+		unsigned char *seed_in, int seed_len,
 		int *counter_ret, unsigned long *h_ret,
 		void (*callback)(int, int, void *),
 		void *cb_arg)

crypto/dsa/dsa_lib.c

@@ -67,11 +67,11 @@
 
 const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
 
-static DSA_METHOD *default_DSA_method;
+static const DSA_METHOD *default_DSA_method;
 static int dsa_meth_num = 0;
 static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL;
 
-void DSA_set_default_openssl_method(DSA_METHOD *meth)
+void DSA_set_default_openssl_method(const DSA_METHOD *meth)
 {
 	ENGINE *e;
 	/* We'll need to notify the "openssl" ENGINE of this
@@ -90,7 +90,7 @@ void DSA_set_default_openssl_method(DSA_METHOD *meth)
 		}
 }
 
-DSA_METHOD *DSA_get_default_openssl_method(void)
+const DSA_METHOD *DSA_get_default_openssl_method(void)
 {
 	if(!default_DSA_method) default_DSA_method = DSA_OpenSSL();
 	return default_DSA_method;
@@ -115,7 +115,7 @@ DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)
 int DSA_set_method(DSA *dsa, ENGINE *engine)
 	{
 	ENGINE *mtmp;
-	DSA_METHOD *meth;
+	const DSA_METHOD *meth;
 	mtmp = dsa->engine;
 	meth = ENGINE_get_DSA(mtmp);
 	if (!ENGINE_init(engine))
@@ -137,7 +137,7 @@ DSA *DSA_new_method(DSA_METHOD *meth)
 DSA *DSA_new_method(ENGINE *engine)
 #endif
 	{
-	DSA_METHOD *meth;
+	const DSA_METHOD *meth;
 	DSA *ret;
 
 	ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
@@ -186,7 +186,7 @@ DSA *DSA_new_method(ENGINE *engine)
 
 void DSA_free(DSA *r)
 	{
-	DSA_METHOD *meth;
+	const DSA_METHOD *meth;
 	int i;
 
 	if (r == NULL) return;
@@ -220,7 +220,7 @@ void DSA_free(DSA *r)
 	OPENSSL_free(r);
 	}
 
-int DSA_size(DSA *r)
+int DSA_size(const DSA *r)
 	{
 	int ret,i;
 	ASN1_INTEGER bs;
@@ -258,7 +258,7 @@ void *DSA_get_ex_data(DSA *d, int idx)
 	}
 
 #ifndef NO_DH
-DH *DSA_dup_DH(DSA *r)
+DH *DSA_dup_DH(const DSA *r)
 	{
 	/* DSA has p, q, g, optional pub_key, optional priv_key.
 	 * DH has p, optional length, g, optional pub_key, optional priv_key.

crypto/dsa/dsa_ossl.c

@@ -92,7 +92,7 @@ dsa_finish,
 NULL
 };
 
-DSA_METHOD *DSA_OpenSSL(void)
+const DSA_METHOD *DSA_OpenSSL(void)
 {
 	return &openssl_dsa_meth;
 }

crypto/dsa/dsa_vrf.c

@@ -80,7 +80,7 @@ int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
  *     -1: error
  */
 int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-	     unsigned char *sigbuf, int siglen, DSA *dsa)
+	     const unsigned char *sigbuf, int siglen, DSA *dsa)
 	{
 	DSA_SIG *s;
 	int ret=-1;

crypto/engine/engine.h

@@ -179,7 +179,7 @@ int ENGINE_free(ENGINE *e);
 int ENGINE_set_id(ENGINE *e, const char *id);
 int ENGINE_set_name(ENGINE *e, const char *name);
 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth);
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
 int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth);
 int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth);
 int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp);
@@ -196,7 +196,7 @@ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
 const char *ENGINE_get_id(ENGINE *e);
 const char *ENGINE_get_name(ENGINE *e);
 const RSA_METHOD *ENGINE_get_RSA(ENGINE *e);
-DSA_METHOD *ENGINE_get_DSA(ENGINE *e);
+const DSA_METHOD *ENGINE_get_DSA(ENGINE *e);
 DH_METHOD *ENGINE_get_DH(ENGINE *e);
 RAND_METHOD *ENGINE_get_RAND(ENGINE *e);
 BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e);

crypto/engine/engine_int.h

@@ -83,7 +83,7 @@ struct engine_st
 	const char *id;
 	const char *name;
 	const RSA_METHOD *rsa_meth;
-	DSA_METHOD *dsa_meth;
+	const DSA_METHOD *dsa_meth;
 	DH_METHOD *dh_meth;
 	RAND_METHOD *rand_meth;
 	BN_MOD_EXP bn_mod_exp;

crypto/engine/engine_list.c

@@ -442,7 +442,7 @@ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
 	return 1;
 	}
 
-int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth)
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
 	{
 	if((e == NULL) || (dsa_meth == NULL))
 		{
@@ -571,7 +571,7 @@ const RSA_METHOD *ENGINE_get_RSA(ENGINE *e)
 	return e->rsa_meth;
 	}
 
-DSA_METHOD *ENGINE_get_DSA(ENGINE *e)
+const DSA_METHOD *ENGINE_get_DSA(ENGINE *e)
 	{
 	if(e == NULL)
 		{

crypto/engine/hw_atalla.c

@@ -170,8 +170,8 @@ static ENGINE engine_atalla =
  * (indeed - the lock will already be held by our caller!!!) */
 ENGINE *ENGINE_atalla()
 	{
-	RSA_METHOD *meth1;
-	DSA_METHOD *meth2;
+	const RSA_METHOD *meth1;
+	const DSA_METHOD *meth2;
 	DH_METHOD *meth3;
 
 	/* We know that the "PKCS1_SSLeay()" functions hook properly

crypto/engine/hw_cswift.c

@@ -182,7 +182,7 @@ static ENGINE engine_cswift =
  * (indeed - the lock will already be held by our caller!!!) */
 ENGINE *ENGINE_cswift()
 	{
-	RSA_METHOD *meth1;
+	const RSA_METHOD *meth1;
 	DH_METHOD *meth2;
 
 	/* We know that the "PKCS1_SSLeay()" functions hook properly

crypto/engine/hw_ncipher.c

@@ -291,7 +291,7 @@ static HWCryptoHook_InitInfo hwcrhk_globals = {
  * (indeed - the lock will already be held by our caller!!!) */
 ENGINE *ENGINE_ncipher()
 	{
-	RSA_METHOD *meth1;
+	const RSA_METHOD *meth1;
 	DH_METHOD *meth2;
 
 	/* We know that the "PKCS1_SSLeay()" functions hook properly

crypto/engine/hw_nuron.c

@@ -250,8 +250,8 @@ static ENGINE engine_nuron =
  * (indeed - the lock will already be held by our caller!!!) */
 ENGINE *ENGINE_nuron()
 	{
-	RSA_METHOD *meth1;
-	DSA_METHOD *meth2;
+	const RSA_METHOD *meth1;
+	const DSA_METHOD *meth2;
 	DH_METHOD *meth3;
 
 	/* We know that the "PKCS1_SSLeay()" functions hook properly

crypto/evp/evp_pkey.c

@@ -165,9 +165,9 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
 			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
 			goto dsaerr;
 		}
-		p = param->value.sequence->data;
+		cp = p = param->value.sequence->data;
 		plen = param->value.sequence->length;
-		if (!(dsa = d2i_DSAparams (NULL, &p, plen))) {
+		if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) {
 			EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
 			goto dsaerr;
 		}