From 1921eaad645c9a9f62c1ed79b7ae87c417aa8a3c Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Sat, 3 Jun 2000 14:13:58 +0000
Subject: [PATCH] EVP constification.

---
 Configure              |  4 +--
 crypto/cast/c_skey.c   |  2 +-
 crypto/cast/cast.h     |  2 +-
 crypto/evp/e_bf.c      |  8 +++---
 crypto/evp/e_cast.c    |  8 +++---
 crypto/evp/e_des.c     | 26 +++++++++++--------
 crypto/evp/e_des3.c    | 28 ++++++++++++---------
 crypto/evp/e_idea.c    | 11 ++++----
 crypto/evp/e_null.c    | 12 ++++-----
 crypto/evp/e_rc2.c     |  8 +++---
 crypto/evp/e_rc4.c     | 12 ++++-----
 crypto/evp/e_rc5.c     |  8 +++---
 crypto/evp/e_xcbc_d.c  | 12 ++++-----
 crypto/evp/evp.h       |  6 +++--
 crypto/evp/evp_locl.h  |  8 +++---
 crypto/idea/i_cbc.c    |  4 +--
 crypto/idea/i_cfb64.c  |  6 ++---
 crypto/idea/i_ecb.c    |  2 +-
 crypto/idea/i_ofb64.c  |  5 ++--
 crypto/idea/i_skey.c   |  2 +-
 crypto/idea/idea.h     | 10 ++++----
 crypto/rand/rand.h     |  1 +
 crypto/rand/rand_egd.c | 57 ++++++++++++++++++++++++++++++++++++++++++
 crypto/rc2/rc2.h       | 18 +++++++------
 crypto/rc2/rc2_cbc.c   |  2 +-
 crypto/rc2/rc2_ecb.c   |  4 +--
 crypto/rc2/rc2_skey.c  |  2 +-
 crypto/rc2/rc2cfb64.c  |  5 ++--
 crypto/rc2/rc2ofb64.c  |  5 ++--
 crypto/rc5/rc5.h       | 19 ++++++++------
 crypto/rc5/rc5_ecb.c   |  4 +--
 crypto/rc5/rc5_enc.c   |  5 ++--
 crypto/rc5/rc5_skey.c  |  4 +--
 crypto/rc5/rc5cfb64.c  |  5 ++--
 crypto/rc5/rc5ofb64.c  |  5 ++--
 35 files changed, 201 insertions(+), 119 deletions(-)

diff --git a/Configure b/Configure
index a4b9d3bd60..7a0a1206cb 100755
--- a/Configure
+++ b/Configure
@@ -102,8 +102,8 @@ my %table=(
 # Our development configs
 "purify",	"purify gcc:-g -DPURIFY -Wall::(unknown):-lsocket -lnsl::::",
 "debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown):-lefence::::",
-"debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
-"debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
+"debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
+"debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-bodo",	"gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c
index acf2c3eeb5..76e40005c9 100644
--- a/crypto/cast/c_skey.c
+++ b/crypto/cast/c_skey.c
@@ -72,7 +72,7 @@
 #define S6 CAST_S_table6
 #define S7 CAST_S_table7
 
-void CAST_set_key(CAST_KEY *key, int len, unsigned char *data)
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
 	{
 	CAST_LONG x[16];
 	CAST_LONG z[16];
diff --git a/crypto/cast/cast.h b/crypto/cast/cast.h
index 6cc5e8aa8c..e24e133099 100644
--- a/crypto/cast/cast.h
+++ b/crypto/cast/cast.h
@@ -82,7 +82,7 @@ typedef struct cast_key_st
 	} CAST_KEY;
 
  
-void CAST_set_key(CAST_KEY *key, int len, unsigned char *data);
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
 void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
 		      int enc);
 void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c
index 5f6b0f933f..72047f64da 100644
--- a/crypto/evp/e_bf.c
+++ b/crypto/evp/e_bf.c
@@ -63,15 +63,15 @@
 #include "evp_locl.h"
 #include <openssl/objects.h>
 
-static int bf_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+		       const unsigned char *iv, int enc);
 
 IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8,
 			0, bf_init_key, NULL, 
 			EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
 	
-static int bf_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+		       const unsigned char *iv, int enc)
 	{
 	BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
 	return 1;
diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c
index e0a9430b13..e5af7fb4ed 100644
--- a/crypto/evp/e_cast.c
+++ b/crypto/evp/e_cast.c
@@ -64,16 +64,16 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 
-static int cast_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			 const unsigned char *iv,int enc);
 
 IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks, 
 			NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8,
 			EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
 			EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
 			
-static int cast_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			 const unsigned char *iv, int enc)
 	{
 	CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
 	return 1;
diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index 485133a234..f4e998b81c 100644
--- a/crypto/evp/e_des.c
+++ b/crypto/evp/e_des.c
@@ -63,33 +63,39 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 
-static int des_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			const unsigned char *iv, int enc);
 
 /* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
 
-static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			  const unsigned char *in, unsigned int inl)
 {
 	BLOCK_CIPHER_ecb_loop()
 		des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt);
 	return 1;
 }
 
-static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			  const unsigned char *in, unsigned int inl)
 {
 	des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num);
 	return 1;
 }
 
-static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			  const unsigned char *in, unsigned int inl)
 {
-	des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, ctx->encrypt);
+	des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks,
+			 (des_cblock *)ctx->iv, ctx->encrypt);
 	return 1;
 }
 
-static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			  const unsigned char *in, unsigned int inl)
 {
-	des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+	des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks,
+			  (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
 	return 1;
 }
 
@@ -100,8 +106,8 @@ BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8,
 			NULL)
 
 
-static int des_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			const unsigned char *iv, int enc)
 	{
 	des_cblock *deskey = (des_cblock *)key;
 
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index c11c2b6856..a9aba4ae70 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -63,15 +63,16 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			    const unsigned char *iv,int enc);
 
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			     const unsigned char *iv,int enc);
 
 /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
 
-static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			      const unsigned char *in, unsigned int inl)
 {
 	BLOCK_CIPHER_ecb_loop()
 		des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), 
@@ -80,7 +81,8 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned
 	return 1;
 }
 
-static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			      const unsigned char *in, unsigned int inl)
 {
 	des_ede3_ofb64_encrypt(in, out, (long)inl,
 			ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
@@ -88,7 +90,8 @@ static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned
 	return 1;
 }
 
-static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			      const unsigned char *in, unsigned int inl)
 {
 	des_ede3_cbc_encrypt(in, out, (long)inl,
 			ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
@@ -96,7 +99,8 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned
 	return 1;
 }
 
-static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			      const unsigned char *in, unsigned int inl)
 {
 	des_ede3_cfb64_encrypt(in, out, (long)inl, 
 			ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3,
@@ -124,8 +128,8 @@ BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8,
 			EVP_CIPHER_get_asn1_iv,
 			NULL)
 
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			    const unsigned char *iv, int enc)
 	{
 	des_cblock *deskey = (des_cblock *)key;
 
@@ -137,8 +141,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
 	return 1;
 	}
 
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			     const unsigned char *iv, int enc)
 	{
 	des_cblock *deskey = (des_cblock *)key;
 
diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c
index c643a063a6..8d3c88deb7 100644
--- a/crypto/evp/e_idea.c
+++ b/crypto/evp/e_idea.c
@@ -64,14 +64,15 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 
-static int idea_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			 const unsigned char *iv,int enc);
 
 /* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
  * case 
  */
 
-static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl)
+static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			   const unsigned char *in, unsigned int inl)
 {
 	BLOCK_CIPHER_ecb_loop()
 		idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks);
@@ -88,8 +89,8 @@ BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8,
 			0, idea_init_key, NULL, 
 			EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
 
-static int idea_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			 const unsigned char *iv, int enc)
 	{
 	if(!enc) {
 		if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
index d507337df6..e0702cf818 100644
--- a/crypto/evp/e_null.c
+++ b/crypto/evp/e_null.c
@@ -61,10 +61,10 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 
-static int null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	const unsigned char *iv,int enc);
 static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
+	const unsigned char *in, unsigned int inl);
 static EVP_CIPHER n_cipher=
 	{
 	NID_undef,
@@ -84,15 +84,15 @@ EVP_CIPHER *EVP_enc_null(void)
 	return(&n_cipher);
 	}
 
-static int null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	     const unsigned char *iv, int enc)
 	{
 	memset(&(ctx->c),0,sizeof(ctx->c));
 	return 1;
 	}
 
 static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
+	     const unsigned char *in, unsigned int inl)
 	{
 	if (in != out)
 		memcpy((char *)out,(char *)in,(int)inl);
diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
index bf1ebbf2c9..3955c3ef84 100644
--- a/crypto/evp/e_rc2.c
+++ b/crypto/evp/e_rc2.c
@@ -64,8 +64,8 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			const unsigned char *iv,int enc);
 static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
 static int rc2_magic_to_meth(int i);
 static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
@@ -126,8 +126,8 @@ EVP_CIPHER *EVP_rc2_40_cbc(void)
 	return(&r2_40_cbc_cipher);
 	}
 	
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			const unsigned char *iv, int enc)
 	{
 	RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx),
 			key,ctx->c.rc2.key_bits);
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index 42839aef6b..1c1e3b3857 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -63,10 +63,10 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			const unsigned char *iv,int enc);
 static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
+		      const unsigned char *in, unsigned int inl);
 static EVP_CIPHER r4_cipher=
 	{
 	NID_rc4,
@@ -107,8 +107,8 @@ EVP_CIPHER *EVP_rc4_40(void)
 	return(&r4_40_cipher);
 	}
 
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			const unsigned char *iv, int enc)
 	{
 	memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
 	RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
@@ -117,7 +117,7 @@ static int rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
 	}
 
 static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
+		      const unsigned char *in, unsigned int inl)
 	{
 	RC4(&(ctx->c.rc4.ks),inl,in,out);
 	return 1;
diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
index 668b21756a..5885f1826b 100644
--- a/crypto/evp/e_rc5.c
+++ b/crypto/evp/e_rc5.c
@@ -64,8 +64,8 @@
 #include <openssl/objects.h>
 #include "evp_locl.h"
 
-static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			       const unsigned char *iv,int enc);
 static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
 
 IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, rc5.ks, RC5_32, rc5, NID_rc5,
@@ -107,8 +107,8 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 		}
 	}
 
-static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			       const unsigned char *iv, int enc)
 	{
 	RC5_32_set_key(&(ctx->c.rc5.ks),EVP_CIPHER_CTX_key_length(ctx),
 			key,ctx->c.rc5.rounds);
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
index e5dcdebe16..e5b15acc7d 100644
--- a/crypto/evp/e_xcbc_d.c
+++ b/crypto/evp/e_xcbc_d.c
@@ -62,10 +62,10 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	unsigned char *iv,int enc);
+static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			     const unsigned char *iv,int enc);
 static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	unsigned char *in, unsigned int inl);
+			   const unsigned char *in, unsigned int inl);
 static EVP_CIPHER d_xcbc_cipher=
 	{
 	NID_desx_cbc,
@@ -86,8 +86,8 @@ EVP_CIPHER *EVP_desx_cbc(void)
 	return(&d_xcbc_cipher);
 	}
 	
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
-	     unsigned char *iv, int enc)
+static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+			     const unsigned char *iv, int enc)
 	{
 	des_cblock *deskey = (des_cblock *)key;
 
@@ -99,7 +99,7 @@ static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
 	}
 
 static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	     unsigned char *in, unsigned int inl)
+			   const unsigned char *in, unsigned int inl)
 	{
 	des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks,
 		(des_cblock *)&(ctx->iv[0]),
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 7db80c3d52..56a7e08189 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -328,8 +328,10 @@ struct evp_cipher_st
 	int key_len;		/* Default value for variable length ciphers */
 	int iv_len;
 	unsigned long flags;	/* Various flags */
-	int (*init)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, int);	/* init key */
-	int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *, unsigned char *, unsigned int);/* encrypt/decrypt data */
+	int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+		    const unsigned char *iv, int enc);	/* init key */
+	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
+			 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */
 	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
 	int ctx_size;		/* how big the ctx needs to be */
 	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index d3a626003f..f3414b9a7b 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -67,7 +67,7 @@
 	for(i=0; i <= inl; i+=8) \
 
 #define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \
+static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
 	BLOCK_CIPHER_ecb_loop() \
 		cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.##kname, ctx->encrypt);\
@@ -75,21 +75,21 @@ static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned
 }
 
 #define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \
+static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
 	cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, &ctx->num);\
 	return 1;\
 }
 
 #define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \
+static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
 	cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, ctx->encrypt);\
 	return 1;\
 }
 
 #define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \
-static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, unsigned char *in, unsigned int inl) \
+static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
 {\
 	cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.##kname, ctx->iv, &ctx->num, ctx->encrypt);\
 	return 1;\
diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c
index 891a46532b..ecb9cb8b83 100644
--- a/crypto/idea/i_cbc.c
+++ b/crypto/idea/i_cbc.c
@@ -47,7 +47,7 @@
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * OUT OF THE USE OF THIS  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  * 
  * The licence and distribution terms for any publically available version or
@@ -59,7 +59,7 @@
 #include <openssl/idea.h>
 #include "idea_lcl.h"
 
-void idea_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 	     IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt)
 	{
 	register unsigned long tin0,tin1;
diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
index dacf3f1be3..66d49d520e 100644
--- a/crypto/idea/i_cfb64.c
+++ b/crypto/idea/i_cfb64.c
@@ -64,9 +64,9 @@
  * 64bit block we have used is contained in *num;
  */
 
-void idea_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num,
-	     int encrypt)
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+			long length, IDEA_KEY_SCHEDULE *schedule,
+			unsigned char *ivec, int *num, int encrypt)
 	{
 	register unsigned long v0,v1,t;
 	register int n= *num;
diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
index 93937d2063..fb613db595 100644
--- a/crypto/idea/i_ecb.c
+++ b/crypto/idea/i_ecb.c
@@ -70,7 +70,7 @@ const char *idea_options(void)
 		return("idea(short)");
 	}
 
-void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
 	     IDEA_KEY_SCHEDULE *ks)
 	{
 	unsigned long l0,l1,d[2];
diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
index afcbed2d14..e749e88e34 100644
--- a/crypto/idea/i_ofb64.c
+++ b/crypto/idea/i_ofb64.c
@@ -63,8 +63,9 @@
  * used.  The extra state information to record how much of the
  * 64bit block we have used is contained in *num;
  */
-void idea_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num)
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+			long length, IDEA_KEY_SCHEDULE *schedule,
+			unsigned char *ivec, int *num)
 	{
 	register unsigned long v0,v1,t;
 	register int n= *num;
diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c
index bbbda6b5c8..1c95bc9c7b 100644
--- a/crypto/idea/i_skey.c
+++ b/crypto/idea/i_skey.c
@@ -60,7 +60,7 @@
 #include "idea_lcl.h"
 
 static IDEA_INT inverse(unsigned int xin);
-void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
 	{
 	int i;
 	register IDEA_INT *kt,*kf,r0,r1,r2;
diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h
index f5efeae366..f14adf8398 100644
--- a/crypto/idea/idea.h
+++ b/crypto/idea/idea.h
@@ -80,16 +80,16 @@ typedef struct idea_key_st
 	} IDEA_KEY_SCHEDULE;
 
 const char *idea_options(void);
-void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
 	IDEA_KEY_SCHEDULE *ks);
-void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
 void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
 	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
-void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
 	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
 	int *num,int enc);
-void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
 	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
 void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
 #ifdef  __cplusplus
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index b4b12c2d74..0e149460f7 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -90,6 +90,7 @@ int  RAND_write_file(const char *file);
 const char *RAND_file_name(char *file,int num);
 int RAND_status(void);
 int RAND_egd(const char *path);
+int RAND_egd_bytes(const char *path,int bytes);
 void ERR_load_RAND_strings(void);
 
 #ifdef  __cplusplus
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index 380c7828c3..02a0d86fa3 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -64,6 +64,11 @@ int RAND_egd(const char *path)
 	{
 	return(-1);
 	}
+
+int RAND_egd_bytes(const char *path,int bytes)
+	{
+	return(-1);
+	}
 #else
 #include <openssl/opensslconf.h>
 #include OPENSSL_UNISTD
@@ -107,4 +112,56 @@ int RAND_egd(const char *path)
 	if (fd != -1) close(fd);
 	return(ret);
 	}
+
+int RAND_egd_bytes(const char *path,int bytes)
+	{
+	int ret = 0;
+	struct sockaddr_un addr;
+	int len, num;
+	int fd = -1;
+	unsigned char buf[255];
+
+	memset(&addr, 0, sizeof(addr));
+	addr.sun_family = AF_UNIX;
+	if (strlen(path) > sizeof(addr.sun_path))
+		return (-1);
+	strcpy(addr.sun_path,path);
+	len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
+	fd = socket(AF_UNIX, SOCK_STREAM, 0);
+	if (fd == -1) return (-1);
+	if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err;
+
+	while(bytes > 0)
+	    {
+	    buf[0] = 1;
+	    buf[1] = bytes < 255 ? bytes : 255;
+	    write(fd, buf, 2);
+	    if (read(fd, buf, 1) != 1)
+		{
+		ret=-1;
+		goto err;
+		}
+	    if(buf[0] == 0)
+		goto err;
+	    num = read(fd, buf, buf[0]);
+	    if (num < 1)
+		{
+		ret=-1;
+		goto err;
+		}
+	    RAND_seed(buf, num);
+	    if (RAND_status() != 1)
+		{
+		ret=-1;
+		goto err;
+		}
+	    ret += num;
+	    bytes-=num;
+	    }
+ err:
+	if (fd != -1) close(fd);
+	return(ret);
+	}
+
+
 #endif
diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h
index 099bc31b66..076c0a067c 100644
--- a/crypto/rc2/rc2.h
+++ b/crypto/rc2/rc2.h
@@ -80,17 +80,19 @@ typedef struct rc2_key_st
 	} RC2_KEY;
 
  
-void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
-void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
-	int enc);
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
+void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
+		     int enc);
 void RC2_encrypt(unsigned long *data,RC2_KEY *key);
 void RC2_decrypt(unsigned long *data,RC2_KEY *key);
-void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 	RC2_KEY *ks, unsigned char *iv, int enc);
-void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	RC2_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	RC2_KEY *schedule, unsigned char *ivec, int *num);
+void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+		       long length, RC2_KEY *schedule, unsigned char *ivec,
+		       int *num, int enc);
+void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+		       long length, RC2_KEY *schedule, unsigned char *ivec,
+		       int *num);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c
index 1202184e85..74f48d3d87 100644
--- a/crypto/rc2/rc2_cbc.c
+++ b/crypto/rc2/rc2_cbc.c
@@ -59,7 +59,7 @@
 #include <openssl/rc2.h>
 #include "rc2_locl.h"
 
-void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
 	     RC2_KEY *ks, unsigned char *iv, int encrypt)
 	{
 	register unsigned long tin0,tin1;
diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c
index 7d77b9186c..d3e8c2718a 100644
--- a/crypto/rc2/rc2_ecb.c
+++ b/crypto/rc2/rc2_ecb.c
@@ -70,8 +70,8 @@ const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT;
  * Date: 11 Feb 1996 06:45:03 GMT
  */
 
-void RC2_ecb_encrypt(unsigned char *in, unsigned char *out, RC2_KEY *ks,
-	     int encrypt)
+void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
+		     int encrypt)
 	{
 	unsigned long l,d[2];
 
diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c
index 7143c4e591..cab3080c73 100644
--- a/crypto/rc2/rc2_skey.c
+++ b/crypto/rc2/rc2_skey.c
@@ -90,7 +90,7 @@ static unsigned char key_table[256]={
  * BSAFE uses the 'retarded' version.  What I previously shipped is
  * the same as specifying 1024 for the 'bits' parameter.  Bsafe uses
  * a version where the bits parameter is the same as len*8 */
-void RC2_set_key(RC2_KEY *key, int len, unsigned char *data, int bits)
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
 	{
 	int i,j;
 	unsigned char *k;
diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c
index 5e3fa07d90..b3a0158a6e 100644
--- a/crypto/rc2/rc2cfb64.c
+++ b/crypto/rc2/rc2cfb64.c
@@ -64,8 +64,9 @@
  * 64bit block we have used is contained in *num;
  */
 
-void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     RC2_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
+void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+		       long length, RC2_KEY *schedule, unsigned char *ivec,
+		       int *num, int encrypt)
 	{
 	register unsigned long v0,v1,t;
 	register int n= *num;
diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c
index 42cdd40cdd..9e297867ed 100644
--- a/crypto/rc2/rc2ofb64.c
+++ b/crypto/rc2/rc2ofb64.c
@@ -63,8 +63,9 @@
  * used.  The extra state information to record how much of the
  * 64bit block we have used is contained in *num;
  */
-void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     RC2_KEY *schedule, unsigned char *ivec, int *num)
+void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+		       long length, RC2_KEY *schedule, unsigned char *ivec,
+		       int *num)
 	{
 	register unsigned long v0,v1,t;
 	register int n= *num;
diff --git a/crypto/rc5/rc5.h b/crypto/rc5/rc5.h
index 38e901502b..fc4cea5e36 100644
--- a/crypto/rc5/rc5.h
+++ b/crypto/rc5/rc5.h
@@ -93,18 +93,21 @@ typedef struct rc5_key_st
 	} RC5_32_KEY;
 
  
-void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data,
+void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
 	int rounds);
-void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key,
+void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key,
 	int enc);
 void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key);
 void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key);
-void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
-	RC5_32_KEY *ks, unsigned char *iv, int enc);
-void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	RC5_32_KEY *schedule, unsigned char *ivec, int *num);
+void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
+			long length, RC5_32_KEY *ks, unsigned char *iv,
+			int enc);
+void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+			  long length, RC5_32_KEY *schedule,
+			  unsigned char *ivec, int *num, int enc);
+void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+			  long length, RC5_32_KEY *schedule,
+			  unsigned char *ivec, int *num);
 
 #ifdef  __cplusplus
 }
diff --git a/crypto/rc5/rc5_ecb.c b/crypto/rc5/rc5_ecb.c
index 17e877a146..1841892b2a 100644
--- a/crypto/rc5/rc5_ecb.c
+++ b/crypto/rc5/rc5_ecb.c
@@ -62,8 +62,8 @@
 
 char *RC5_version="RC5" OPENSSL_VERSION_PTEXT;
 
-void RC5_32_ecb_encrypt(unsigned char *in, unsigned char *out, RC5_32_KEY *ks,
-	     int encrypt)
+void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
+			RC5_32_KEY *ks, int encrypt)
 	{
 	unsigned long l,d[2];
 
diff --git a/crypto/rc5/rc5_enc.c b/crypto/rc5/rc5_enc.c
index 1124fd22eb..f327d32a76 100644
--- a/crypto/rc5/rc5_enc.c
+++ b/crypto/rc5/rc5_enc.c
@@ -60,8 +60,9 @@
 #include <openssl/rc5.h>
 #include "rc5_locl.h"
 
-void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
-	     RC5_32_KEY *ks, unsigned char *iv, int encrypt)
+void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
+			long length, RC5_32_KEY *ks, unsigned char *iv,
+			int encrypt)
 	{
 	register unsigned long tin0,tin1;
 	register unsigned long tout0,tout1,xor0,xor1;
diff --git a/crypto/rc5/rc5_skey.c b/crypto/rc5/rc5_skey.c
index 64e13487bf..a2e00a41c5 100644
--- a/crypto/rc5/rc5_skey.c
+++ b/crypto/rc5/rc5_skey.c
@@ -59,8 +59,8 @@
 #include <openssl/rc5.h>
 #include "rc5_locl.h"
 
-void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data,
-	     int rounds)
+void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+		    int rounds)
 	{
 	RC5_32_INT L[64],l,ll,A,B,*S,k;
 	int i,j,m,c,t,ii,jj;
diff --git a/crypto/rc5/rc5cfb64.c b/crypto/rc5/rc5cfb64.c
index 55e03087e2..3a8b60bc7a 100644
--- a/crypto/rc5/rc5cfb64.c
+++ b/crypto/rc5/rc5cfb64.c
@@ -64,8 +64,9 @@
  * 64bit block we have used is contained in *num;
  */
 
-void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     RC5_32_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
+void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+			  long length, RC5_32_KEY *schedule,
+			  unsigned char *ivec, int *num, int encrypt)
 	{
 	register unsigned long v0,v1,t;
 	register int n= *num;
diff --git a/crypto/rc5/rc5ofb64.c b/crypto/rc5/rc5ofb64.c
index fd2ecddf6c..d412215f3c 100644
--- a/crypto/rc5/rc5ofb64.c
+++ b/crypto/rc5/rc5ofb64.c
@@ -63,8 +63,9 @@
  * used.  The extra state information to record how much of the
  * 64bit block we have used is contained in *num;
  */
-void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	     RC5_32_KEY *schedule, unsigned char *ivec, int *num)
+void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+			  long length, RC5_32_KEY *schedule,
+			  unsigned char *ivec, int *num)
 	{
 	register unsigned long v0,v1,t;
 	register int n= *num;
-- 
2.25.1