From 1421aeadd757e0c564314ba62521979d08884ccc Mon Sep 17 00:00:00 2001 From: "Richard J. Moore" Date: Sat, 30 Jul 2016 11:47:18 +0100 Subject: [PATCH] Make some more X509 functions const. Reviewed-by: Stephen Henson Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1367) --- apps/ca.c | 6 +++--- crypto/ocsp/ocsp_lib.c | 4 ++-- crypto/x509/x509_cmp.c | 6 +++--- crypto/x509/x509_set.c | 6 +++--- include/openssl/ocsp.h | 2 +- include/openssl/x509.h | 12 ++++++------ 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 376c8a553b..3cad05d68d 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -980,14 +980,14 @@ end_of_options: if (verbose) BIO_printf(bio_err, "writing new certificates\n"); for (i = 0; i < sk_X509_num(cert_sk); i++) { - ASN1_INTEGER *serialNumber = X509_get_serialNumber(x); + const ASN1_INTEGER *serialNumber = X509_get_serialNumber(x); int k; char *n; x = sk_X509_value(cert_sk, i); j = ASN1_STRING_length(serialNumber); - p = (const char *)ASN1_STRING_data(serialNumber); + p = (const char *)ASN1_STRING_data((ASN1_INTEGER *)serialNumber); if (strlen(outdir) >= (size_t)(j ? BSIZE - j * 2 - 6 : BSIZE - 8)) { BIO_printf(bio_err, "certificate file name too long\n"); @@ -1685,7 +1685,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, goto end; #endif - if (BN_to_ASN1_INTEGER(serial, X509_get_serialNumber(ret)) == NULL) + if (BN_to_ASN1_INTEGER(serial, (ASN1_INTEGER *)X509_get_serialNumber(ret)) == NULL) goto end; if (selfsign) { if (!X509_set_issuer_name(ret, subject)) diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c index 5ff2f318b3..e850b4c01c 100644 --- a/crypto/ocsp/ocsp_lib.c +++ b/crypto/ocsp/ocsp_lib.c @@ -22,7 +22,7 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) { X509_NAME *iname; - ASN1_INTEGER *serial; + const ASN1_INTEGER *serial; ASN1_BIT_STRING *ikey; if (!dgst) dgst = EVP_sha1(); @@ -40,7 +40,7 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, X509_NAME *issuerName, ASN1_BIT_STRING *issuerKey, - ASN1_INTEGER *serialNumber) + const ASN1_INTEGER *serialNumber) { int nid; unsigned int i; diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 191a8b051f..dffc8e241b 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -80,7 +80,7 @@ int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) return memcmp(a->sha1_hash, b->sha1_hash, 20); } -X509_NAME *X509_get_issuer_name(X509 *a) +X509_NAME *X509_get_issuer_name(const X509 *a) { return (a->cert_info.issuer); } @@ -97,12 +97,12 @@ unsigned long X509_issuer_name_hash_old(X509 *x) } #endif -X509_NAME *X509_get_subject_name(X509 *a) +X509_NAME *X509_get_subject_name(const X509 *a) { return (a->cert_info.subject); } -ASN1_INTEGER *X509_get_serialNumber(X509 *a) +const ASN1_INTEGER *X509_get_serialNumber(const X509 *a) { return &a->cert_info.serialNumber; } diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c index 6addfbe72e..ecf5f04f20 100644 --- a/crypto/x509/x509_set.c +++ b/crypto/x509/x509_set.c @@ -110,17 +110,17 @@ int X509_up_ref(X509 *x) return ((i > 1) ? 1 : 0); } -long X509_get_version(X509 *x) +long X509_get_version(const X509 *x) { return ASN1_INTEGER_get(x->cert_info.version); } -ASN1_TIME * X509_get_notBefore(X509 *x) +ASN1_TIME * X509_get_notBefore(const X509 *x) { return x->cert_info.validity.notBefore; } -ASN1_TIME *X509_get_notAfter(X509 *x) +ASN1_TIME *X509_get_notAfter(const X509 *x) { return x->cert_info.validity.notAfter; } diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index a468a5233e..ecf3a2d765 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -187,7 +187,7 @@ OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer); OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, X509_NAME *issuerName, ASN1_BIT_STRING *issuerKey, - ASN1_INTEGER *serialNumber); + const ASN1_INTEGER *serialNumber); OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); diff --git a/include/openssl/x509.h b/include/openssl/x509.h index 7546895fca..c2623f6df6 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -609,17 +609,17 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx); -long X509_get_version(X509 *x); +long X509_get_version(const X509 *x); int X509_set_version(X509 *x, long version); int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); -ASN1_INTEGER *X509_get_serialNumber(X509 *x); +const ASN1_INTEGER *X509_get_serialNumber(const X509 *x); int X509_set_issuer_name(X509 *x, X509_NAME *name); -X509_NAME *X509_get_issuer_name(X509 *a); +X509_NAME *X509_get_issuer_name(const X509 *a); int X509_set_subject_name(X509 *x, X509_NAME *name); -X509_NAME *X509_get_subject_name(X509 *a); -ASN1_TIME * X509_get_notBefore(X509 *x); +X509_NAME *X509_get_subject_name(const X509 *a); +ASN1_TIME * X509_get_notBefore(const X509 *x); int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); -ASN1_TIME *X509_get_notAfter(X509 *x); +ASN1_TIME *X509_get_notAfter(const X509 *x); int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); int X509_up_ref(X509 *x); -- 2.25.1