Add const to the X509_ALGOR and other arguments of

PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3).

tested in a bulk by sthen
ok beck, jsing

3 files changed, 23 insertions, 20 deletions

diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c
index ca08ee55d5..1ef5c4a898 100644
--- a/src/lib/libcrypto/pkcs12/p12_decr.c
+++ b/src/lib/libcrypto/pkcs12/p12_decr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_decr.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: p12_decr.c,v 1.19 2018/05/13 14:22:34 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -67,8 +67,9 @@
  */
 
 unsigned char *
-PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen,
-    unsigned char *in, int inlen, unsigned char **data, int *datalen, int en_de)
+PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, int passlen,
+    const unsigned char *in, int inlen, unsigned char **data, int *datalen,
+    int en_de)
 {
         unsigned char *out;
         int outlen, i;
@@ -119,8 +120,8 @@ err:
  */
 
 void *
-PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf)
+PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
+    const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf)
 {
         unsigned char *out;
         const unsigned char *p;
diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c
index 63b3df17ad..d6b12edab3 100644
--- a/src/lib/libcrypto/pkcs12/p12_npas.c
+++ b/src/lib/libcrypto/pkcs12/p12_npas.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_npas.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: p12_npas.c,v 1.13 2018/05/13 14:22:34 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -65,10 +65,11 @@
 
 /* PKCS#12 password change routine */
 
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
-    char *newpass);
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
+static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass);
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
+    const char *newpass);
+static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
+    const char *newpass);
 static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
 
 /*
@@ -76,7 +77,7 @@ static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
  */
 
 int
-PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
+PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass)
 {
         /* Check for NULL PKCS12 structure */
 
@@ -103,7 +104,7 @@ PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
 /* Parse the outer PKCS#12 structure */
 
 static int
-newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
+newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
 {
         STACK_OF(PKCS7) *asafes, *newsafes;
         STACK_OF(PKCS12_SAFEBAG) *bags;
@@ -189,7 +190,8 @@ err:
 
 
 static int
-newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, char *newpass)
+newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
+    const char *newpass)
 {
         int i;
 
@@ -204,7 +206,7 @@ newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, char *newpass)
 /* Change password of safebag: only needs handle shrouded keybags */
 
 static int
-newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
+newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass, const char *newpass)
 {
         PKCS8_PRIV_KEY_INFO *p8;
         X509_SIG *p8new;
diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h
index d6ee0d9a6f..a598eb4f9e 100644
--- a/src/lib/libcrypto/pkcs12/pkcs12.h
+++ b/src/lib/libcrypto/pkcs12/pkcs12.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkcs12.h,v 1.20 2018/05/13 14:15:01 tb Exp $ */
+/* $OpenBSD: pkcs12.h,v 1.21 2018/05/13 14:22:34 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -209,11 +209,11 @@ int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
 ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs,
     int attr_nid);
 char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
-    int passlen, unsigned char *in, int inlen, unsigned char **data,
+unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass,
+    int passlen, const unsigned char *in, int inlen, unsigned char **data,
     int *datalen, int en_de);
-void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf);
+void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it,
+    const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf);
 ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
     const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf);
 PKCS12 *PKCS12_init(int mode);
@@ -280,7 +280,7 @@ int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
 int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
 PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
 PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
+int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
 
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes