diff options
author | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-05-21 21:50:33 +0200 |
---|---|---|
committer | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-12-07 14:37:40 +0100 |
commit | 26c410bc6ac144d8300d53b1a3f39ffd4f75c6ac (patch) | |
tree | 666d007906702bb1887c584cf1e6198a0f951021 | |
parent | 89ca230dc3c58301fc2799caf6542c79ea9b567d (diff) | |
download | gnutls-26c410bc6ac144d8300d53b1a3f39ffd4f75c6ac.tar.gz |
Add const to function arguments in lib/x509
This change does not introduce functionality changes.
It just adds const promises to the caller.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
-rw-r--r-- | devel/libgnutls.abignore | 5 | ||||
-rw-r--r-- | lib/includes/gnutls/ocsp.h | 52 | ||||
-rw-r--r-- | lib/x509/common.c | 22 | ||||
-rw-r--r-- | lib/x509/common.h | 12 | ||||
-rw-r--r-- | lib/x509/key_encode.c | 36 | ||||
-rw-r--r-- | lib/x509/ocsp.c | 52 | ||||
-rw-r--r-- | lib/x509/ocsp.h | 2 | ||||
-rw-r--r-- | lib/x509/ocsp_output.c | 8 | ||||
-rw-r--r-- | lib/x509/pkcs7-crypt.c | 2 | ||||
-rw-r--r-- | lib/x509/pkcs7_int.h | 4 | ||||
-rw-r--r-- | lib/x509/privkey_pkcs8_pbes1.c | 2 | ||||
-rw-r--r-- | lib/x509/x509_int.h | 12 |
12 files changed, 108 insertions, 101 deletions
diff --git a/devel/libgnutls.abignore b/devel/libgnutls.abignore index 63e374217b..cd281518a4 100644 --- a/devel/libgnutls.abignore +++ b/devel/libgnutls.abignore @@ -50,3 +50,8 @@ changed_enumerators = GNUTLS_GROUP_MAX name = gnutls_sec_param_t changed_enumerators = GNUTLS_SEC_PARAM_MAX +[suppress_type] +name = gnutls_ocsp_req_int* + +[suppress_type] +name = gnutls_ocsp_resp_int* diff --git a/lib/includes/gnutls/ocsp.h b/lib/includes/gnutls/ocsp.h index 98a06cc29e..ca085b5880 100644 --- a/lib/includes/gnutls/ocsp.h +++ b/lib/includes/gnutls/ocsp.h @@ -142,20 +142,21 @@ typedef enum gnutls_ocsp_verify_reason_t { struct gnutls_ocsp_req_int; typedef struct gnutls_ocsp_req_int *gnutls_ocsp_req_t; +typedef const struct gnutls_ocsp_req_int *gnutls_ocsp_req_const_t; int gnutls_ocsp_req_init(gnutls_ocsp_req_t * req); void gnutls_ocsp_req_deinit(gnutls_ocsp_req_t req); int gnutls_ocsp_req_import(gnutls_ocsp_req_t req, const gnutls_datum_t * data); -int gnutls_ocsp_req_export(gnutls_ocsp_req_t req, gnutls_datum_t * data); -int gnutls_ocsp_req_print(gnutls_ocsp_req_t req, +int gnutls_ocsp_req_export(gnutls_ocsp_req_const_t req, gnutls_datum_t * data); +int gnutls_ocsp_req_print(gnutls_ocsp_req_const_t req, gnutls_ocsp_print_formats_t format, gnutls_datum_t * out); -int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req); +int gnutls_ocsp_req_get_version(gnutls_ocsp_req_const_t req); -int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req, +int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_const_t req, unsigned indx, gnutls_digest_algorithm_t * digest, gnutls_datum_t * issuer_name_hash, @@ -173,7 +174,7 @@ int gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req, gnutls_x509_crt_t issuer, gnutls_x509_crt_t cert); -int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_t req, +int gnutls_ocsp_req_get_extension(gnutls_ocsp_req_const_t req, unsigned indx, gnutls_datum_t * oid, unsigned int *critical, @@ -183,7 +184,7 @@ int gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req, unsigned int critical, const gnutls_datum_t * data); -int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_t req, +int gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_const_t req, unsigned int *critical, gnutls_datum_t * nonce); int gnutls_ocsp_req_set_nonce(gnutls_ocsp_req_t req, @@ -193,6 +194,7 @@ int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req); struct gnutls_ocsp_resp_int; typedef struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_t; +typedef const struct gnutls_ocsp_resp_int *gnutls_ocsp_resp_const_t; int gnutls_ocsp_resp_init(gnutls_ocsp_resp_t * resp); void gnutls_ocsp_resp_deinit(gnutls_ocsp_resp_t resp); @@ -202,25 +204,25 @@ int gnutls_ocsp_resp_import(gnutls_ocsp_resp_t resp, int gnutls_ocsp_resp_import2(gnutls_ocsp_resp_t resp, const gnutls_datum_t * data, gnutls_x509_crt_fmt_t fmt); -int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_export(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * data); -int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * data, gnutls_x509_crt_fmt_t fmt); -int gnutls_ocsp_resp_print(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_print(gnutls_ocsp_resp_const_t resp, gnutls_ocsp_print_formats_t format, gnutls_datum_t * out); -int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp); -int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_const_t resp); +int gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * response_type_oid, gnutls_datum_t * response); -int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp); -int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_const_t resp); +int gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * dn); -int gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * dn, unsigned flags); @@ -229,12 +231,12 @@ int gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_t resp, /* the raw DN of the responder */ #define GNUTLS_OCSP_RESP_ID_DN 2 int -gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_const_t resp, unsigned type, gnutls_datum_t * raw); -time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp); -int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp, +time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_const_t resp); +int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp, unsigned indx, gnutls_digest_algorithm_t * digest, gnutls_datum_t * issuer_name_hash, @@ -245,30 +247,30 @@ int gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp, time_t * next_update, time_t * revocation_time, unsigned int *revocation_reason); -int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp, unsigned indx, gnutls_datum_t * oid, unsigned int *critical, gnutls_datum_t * data); -int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_const_t resp, unsigned int *critical, gnutls_datum_t * nonce); -int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t resp); -int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_const_t resp); +int gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * sig); -int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t ** certs, size_t * ncerts); -int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t issuer, unsigned int *verify, unsigned int flags); -int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t resp, gnutls_x509_trust_list_t trustlist, unsigned int *verify, unsigned int flags); -int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp, +int gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_const_t resp, unsigned int indx, gnutls_x509_crt_t crt); int diff --git a/lib/x509/common.c b/lib/x509/common.c index 3f1a1776c4..04a984253e 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -274,7 +274,7 @@ const char *gnutls_x509_dn_oid_name(const char *oid, unsigned int flags) unsigned len = strlen(oid); do { - if ((_oid2str[i].oid_size == len) && + if ((_oid2str[i].oid_size == len) && strcmp(_oid2str[i].oid, oid) == 0 && _oid2str[i].ldap_desc != NULL) return _oid2str[i].ldap_desc; i++; @@ -977,7 +977,7 @@ _gnutls_x509_der_encode_and_copy(ASN1_TYPE src, const char *src_name, return 0; } -/* Writes the value of the datum in the given ASN1_TYPE. +/* Writes the value of the datum in the given ASN1_TYPE. */ int _gnutls_x509_write_value(ASN1_TYPE c, const char *root, @@ -996,7 +996,7 @@ _gnutls_x509_write_value(ASN1_TYPE c, const char *root, return 0; } -/* Writes the value of the datum in the given ASN1_TYPE as a string. +/* Writes the value of the datum in the given ASN1_TYPE as a string. */ int _gnutls_x509_write_string(ASN1_TYPE c, const char *root, @@ -1048,7 +1048,7 @@ _asnstr_append_name(char *name, size_t name_size, const char *part1, int _gnutls_x509_encode_and_copy_PKI_params(ASN1_TYPE dst, const char *dst_name, - gnutls_pk_params_st * params) + const gnutls_pk_params_st * params) { const char *oid; gnutls_datum_t der = { NULL, 0 }; @@ -1116,7 +1116,7 @@ _gnutls_x509_encode_and_copy_PKI_params(ASN1_TYPE dst, */ int _gnutls_x509_encode_PKI_params(gnutls_datum_t * der, - gnutls_pk_params_st * params) + const gnutls_pk_params_st * params) { int ret; ASN1_TYPE tmp; @@ -1187,7 +1187,7 @@ _gnutls_x509_get_pk_algorithm(ASN1_TYPE src, const char *src_name, return algo; } - /* Now read the parameters' bits + /* Now read the parameters' bits */ if (lcurve != GNUTLS_ECC_CURVE_INVALID) { /* curve present */ bits[0] = gnutls_ecc_curve_get_size(lcurve)*8; @@ -1326,7 +1326,7 @@ _gnutls_x509_get_signature(ASN1_TYPE src, const char *src_name, signature->data = NULL; signature->size = 0; - /* Read the signature + /* Read the signature */ len = 0; result = asn1_read_value(src, src_name, NULL, &len); @@ -1562,7 +1562,7 @@ int _gnutls_strdatum_to_buf(gnutls_datum_t * d, void *buf, } int -_gnutls_x509_get_raw_field2(ASN1_TYPE c2, gnutls_datum_t * raw, +_gnutls_x509_get_raw_field2(ASN1_TYPE c2, const gnutls_datum_t * raw, const char *whom, gnutls_datum_t * dn) { int result, len1; @@ -1587,7 +1587,7 @@ _gnutls_x509_get_raw_field2(ASN1_TYPE c2, gnutls_datum_t * raw, return result; } -int _gnutls_copy_string(gnutls_datum_t* str, uint8_t *out, size_t *out_size) +int _gnutls_copy_string(const gnutls_datum_t* str, uint8_t *out, size_t *out_size) { unsigned size_to_check; @@ -1610,7 +1610,7 @@ unsigned size_to_check; return 0; } -int _gnutls_copy_data(gnutls_datum_t* str, uint8_t *out, size_t *out_size) +int _gnutls_copy_data(const gnutls_datum_t* str, uint8_t *out, size_t *out_size) { if ((unsigned) str->size > *out_size) { gnutls_assert(); @@ -1682,7 +1682,7 @@ int _gnutls_x509_raw_crt_to_raw_pubkey(const gnutls_datum_t * cert, } unsigned -_gnutls_check_valid_key_id(gnutls_datum_t *key_id, +_gnutls_check_valid_key_id(const gnutls_datum_t *key_id, gnutls_x509_crt_t cert, time_t now, unsigned *has_ski) { diff --git a/lib/x509/common.h b/lib/x509/common.h index 8b60973388..5bbbdfaebd 100644 --- a/lib/x509/common.h +++ b/lib/x509/common.h @@ -191,9 +191,9 @@ _gnutls_x509_get_signature_algorithm(ASN1_TYPE src, const char *src_name); int _gnutls_x509_encode_and_copy_PKI_params(ASN1_TYPE dst, const char *dst_name, - gnutls_pk_params_st * params); + const gnutls_pk_params_st * params); int _gnutls_x509_encode_PKI_params(gnutls_datum_t * der, - gnutls_pk_params_st * params); + const gnutls_pk_params_st * params); int _gnutls_asn1_copy_node(ASN1_TYPE * dst, const char *dst_name, ASN1_TYPE src, const char *src_name); @@ -222,7 +222,7 @@ _gnutls_x509_get_raw_field(ASN1_TYPE c2, const char *whom, gnutls_datum_t *out) } int -_gnutls_x509_get_raw_field2(ASN1_TYPE c2, gnutls_datum_t * raw, +_gnutls_x509_get_raw_field2(ASN1_TYPE c2, const gnutls_datum_t * raw, const char *whom, gnutls_datum_t * dn); unsigned @@ -235,7 +235,7 @@ _gnutls_check_if_same_key2(gnutls_x509_crt_t cert1, gnutls_datum_t *cert2bin); unsigned -_gnutls_check_valid_key_id(gnutls_datum_t *key_id, +_gnutls_check_valid_key_id(const gnutls_datum_t *key_id, gnutls_x509_crt_t cert, time_t now, unsigned *has_ski); @@ -256,8 +256,8 @@ int _gnutls_strdatum_to_buf(gnutls_datum_t * d, void *buf, unsigned _gnutls_is_same_dn(gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2); -int _gnutls_copy_string(gnutls_datum_t* str, uint8_t *out, size_t *out_size); -int _gnutls_copy_data(gnutls_datum_t* str, uint8_t *out, size_t *out_size); +int _gnutls_copy_string(const gnutls_datum_t* str, uint8_t *out, size_t *out_size); +int _gnutls_copy_data(const gnutls_datum_t* str, uint8_t *out, size_t *out_size); int _gnutls_x509_decode_ext(const gnutls_datum_t *der, gnutls_x509_ext_st *out); int _gnutls_x509_raw_crt_to_raw_pubkey(const gnutls_datum_t * cert, diff --git a/lib/x509/key_encode.c b/lib/x509/key_encode.c index 9035ea1706..a589dd4f33 100644 --- a/lib/x509/key_encode.c +++ b/lib/x509/key_encode.c @@ -33,15 +33,15 @@ #include <mpi.h> #include <ecc.h> -static int _gnutls_x509_write_rsa_pubkey(gnutls_pk_params_st * params, +static int _gnutls_x509_write_rsa_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der); -static int _gnutls_x509_write_dsa_params(gnutls_pk_params_st * params, +static int _gnutls_x509_write_dsa_params(const gnutls_pk_params_st * params, gnutls_datum_t * der); -static int _gnutls_x509_write_dsa_pubkey(gnutls_pk_params_st * params, +static int _gnutls_x509_write_dsa_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der); -static int _gnutls_x509_write_gost_params(gnutls_pk_params_st * params, +static int _gnutls_x509_write_gost_params(const gnutls_pk_params_st * params, gnutls_datum_t * der); -static int _gnutls_x509_write_gost_pubkey(gnutls_pk_params_st * params, +static int _gnutls_x509_write_gost_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der); /* @@ -52,7 +52,7 @@ static int _gnutls_x509_write_gost_pubkey(gnutls_pk_params_st * params, * Allocates the space used to store the DER data. */ static int -_gnutls_x509_write_rsa_pubkey(gnutls_pk_params_st * params, +_gnutls_x509_write_rsa_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der) { int result; @@ -110,7 +110,7 @@ _gnutls_x509_write_rsa_pubkey(gnutls_pk_params_st * params, * Allocates the space used to store the DER data. */ int -_gnutls_x509_write_ecc_pubkey(gnutls_pk_params_st * params, +_gnutls_x509_write_ecc_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der) { int result; @@ -139,7 +139,7 @@ _gnutls_x509_write_ecc_pubkey(gnutls_pk_params_st * params, * Allocates the space used to store the data. */ int -_gnutls_x509_write_eddsa_pubkey(gnutls_pk_params_st * params, +_gnutls_x509_write_eddsa_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * raw) { int ret; @@ -161,7 +161,7 @@ _gnutls_x509_write_eddsa_pubkey(gnutls_pk_params_st * params, } int -_gnutls_x509_write_gost_pubkey(gnutls_pk_params_st * params, +_gnutls_x509_write_gost_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der) { bigint_t x, y; @@ -233,7 +233,7 @@ _gnutls_x509_write_gost_pubkey(gnutls_pk_params_st * params, } int -_gnutls_x509_write_pubkey_params(gnutls_pk_params_st * params, +_gnutls_x509_write_pubkey_params(const gnutls_pk_params_st * params, gnutls_datum_t * der) { switch (params->algo) { @@ -266,7 +266,7 @@ _gnutls_x509_write_pubkey_params(gnutls_pk_params_st * params, } int -_gnutls_x509_write_pubkey(gnutls_pk_params_st * params, +_gnutls_x509_write_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der) { switch (params->algo) { @@ -295,7 +295,7 @@ _gnutls_x509_write_pubkey(gnutls_pk_params_st * params, * Allocates the space used to store the DER data. */ static int -_gnutls_x509_write_dsa_params(gnutls_pk_params_st * params, +_gnutls_x509_write_dsa_params(const gnutls_pk_params_st * params, gnutls_datum_t * der) { int result; @@ -355,7 +355,7 @@ _gnutls_x509_write_dsa_params(gnutls_pk_params_st * params, * Allocates the space used to store the DER data. */ int -_gnutls_x509_write_ecc_params(gnutls_ecc_curve_t curve, +_gnutls_x509_write_ecc_params(const gnutls_ecc_curve_t curve, gnutls_datum_t * der) { int result; @@ -406,7 +406,7 @@ _gnutls_x509_write_ecc_params(gnutls_ecc_curve_t curve, } int -_gnutls_x509_write_rsa_pss_params(gnutls_x509_spki_st *params, +_gnutls_x509_write_rsa_pss_params(const gnutls_x509_spki_st *params, gnutls_datum_t *der) { int result; @@ -524,7 +524,7 @@ _gnutls_x509_write_rsa_pss_params(gnutls_x509_spki_st *params, } static int -_gnutls_x509_write_gost_params(gnutls_pk_params_st * params, +_gnutls_x509_write_gost_params(const gnutls_pk_params_st * params, gnutls_datum_t * der) { int result; @@ -618,7 +618,7 @@ _gnutls_x509_write_gost_params(gnutls_pk_params_st * params, * Allocates the space used to store the DER data. */ static int -_gnutls_x509_write_dsa_pubkey(gnutls_pk_params_st * params, +_gnutls_x509_write_dsa_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der) { int result; @@ -702,7 +702,7 @@ _gnutls_asn1_encode_rsa(ASN1_TYPE * c2, gnutls_pk_params_st * params) goto cleanup; } - /* Write PRIME + /* Write PRIME */ ret = _gnutls_x509_write_int(*c2, "modulus", @@ -963,7 +963,7 @@ _gnutls_asn1_encode_dsa(ASN1_TYPE * c2, gnutls_pk_params_st * params) return _gnutls_asn2err(result); } - /* Write PRIME + /* Write PRIME */ ret = _gnutls_x509_write_int(*c2, "p", diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c index 7ac7f65c1d..38df56ef1c 100644 --- a/lib/x509/ocsp.c +++ b/lib/x509/ocsp.c @@ -366,7 +366,7 @@ cleanup: * Returns: In case of failure a negative error code will be * returned, and 0 on success. **/ -int gnutls_ocsp_req_export(gnutls_ocsp_req_t req, gnutls_datum_t * data) +int gnutls_ocsp_req_export(gnutls_ocsp_req_const_t req, gnutls_datum_t * data) { int ret; @@ -398,7 +398,7 @@ int gnutls_ocsp_req_export(gnutls_ocsp_req_t req, gnutls_datum_t * data) * Returns: In case of failure a negative error code will be * returned, and 0 on success. **/ -int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp, gnutls_datum_t * data) +int gnutls_ocsp_resp_export(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * data) { return gnutls_ocsp_resp_export2(resp, data, GNUTLS_X509_FMT_DER); } @@ -416,7 +416,7 @@ int gnutls_ocsp_resp_export(gnutls_ocsp_resp_t resp, gnutls_datum_t * data) * * Since: 3.6.3 **/ -int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_t resp, gnutls_datum_t * data, +int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * data, gnutls_x509_crt_fmt_t fmt) { int ret; @@ -454,7 +454,7 @@ int gnutls_ocsp_resp_export2(gnutls_ocsp_resp_t resp, gnutls_datum_t * data, * * Returns: version of OCSP request, or a negative error code on error. **/ -int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req) +int gnutls_ocsp_req_get_version(gnutls_ocsp_req_const_t req) { uint8_t version[8]; int len, ret; @@ -507,7 +507,7 @@ int gnutls_ocsp_req_get_version(gnutls_ocsp_req_t req) * returned. **/ int -gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req, +gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_const_t req, unsigned indx, gnutls_digest_algorithm_t * digest, gnutls_datum_t * issuer_name_hash, @@ -814,7 +814,7 @@ gnutls_ocsp_req_add_cert(gnutls_ocsp_req_t req, * be returned. **/ int -gnutls_ocsp_req_get_extension(gnutls_ocsp_req_t req, +gnutls_ocsp_req_get_extension(gnutls_ocsp_req_const_t req, unsigned indx, gnutls_datum_t * oid, unsigned int *critical, @@ -919,7 +919,7 @@ gnutls_ocsp_req_set_extension(gnutls_ocsp_req_t req, * negative error code is returned. **/ int -gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_t req, +gnutls_ocsp_req_get_nonce(gnutls_ocsp_req_const_t req, unsigned int *critical, gnutls_datum_t * nonce) { int ret; @@ -1049,7 +1049,7 @@ int gnutls_ocsp_req_randomize_nonce(gnutls_ocsp_req_t req) * Returns: status of OCSP request as a #gnutls_ocsp_resp_status_t, or * a negative error code on error. **/ -int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp) +int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_const_t resp) { uint8_t str[1]; int len, ret; @@ -1105,7 +1105,7 @@ int gnutls_ocsp_resp_get_status(gnutls_ocsp_resp_t resp) * negative error value. **/ int -gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * response_type_oid, gnutls_datum_t * response) { @@ -1151,7 +1151,7 @@ gnutls_ocsp_resp_get_response(gnutls_ocsp_resp_t resp, * Returns: version of Basic OCSP response, or a negative error code * on error. **/ -int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp) +int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_const_t resp) { uint8_t version[8]; int len, ret; @@ -1199,7 +1199,7 @@ int gnutls_ocsp_resp_get_version(gnutls_ocsp_resp_t resp) * return success and set @dn elements to zero. **/ int -gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * dn) { int ret; @@ -1240,7 +1240,7 @@ gnutls_ocsp_resp_get_responder(gnutls_ocsp_resp_t resp, * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE. **/ int -gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * dn, unsigned flags) { if (resp == NULL || dn == NULL) { @@ -1273,7 +1273,7 @@ gnutls_ocsp_resp_get_responder2(gnutls_ocsp_resp_t resp, * negative error code is returned. **/ int -gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_const_t resp, unsigned type, gnutls_datum_t * raw) { @@ -1341,7 +1341,7 @@ gnutls_ocsp_resp_get_responder_raw_id(gnutls_ocsp_resp_t resp, * * Returns: signing time, or (time_t)-1 on error. **/ -time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp) +time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_const_t resp) { char ttime[MAX_TIME]; int len, ret; @@ -1381,7 +1381,7 @@ time_t gnutls_ocsp_resp_get_produced(gnutls_ocsp_resp_t resp) * Since: 3.1.3 **/ int -gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_const_t resp, unsigned int indx, gnutls_x509_crt_t crt) { int ret; @@ -1493,7 +1493,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp, * returned. **/ int -gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_const_t resp, unsigned indx, gnutls_digest_algorithm_t * digest, gnutls_datum_t * issuer_name_hash, @@ -1702,7 +1702,7 @@ gnutls_ocsp_resp_get_single(gnutls_ocsp_resp_t resp, * be returned. **/ int -gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_const_t resp, unsigned indx, gnutls_datum_t * oid, unsigned int *critical, @@ -1780,7 +1780,7 @@ gnutls_ocsp_resp_get_extension(gnutls_ocsp_resp_t resp, * negative error code is returned. **/ int -gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_const_t resp, unsigned int *critical, gnutls_datum_t * nonce) { int ret; @@ -1820,7 +1820,7 @@ gnutls_ocsp_resp_get_nonce(gnutls_ocsp_resp_t resp, * Returns: a #gnutls_sign_algorithm_t value, or a negative error code * on error. **/ -int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t resp) +int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_const_t resp) { int ret; gnutls_datum_t sa; @@ -1850,7 +1850,7 @@ int gnutls_ocsp_resp_get_signature_algorithm(gnutls_ocsp_resp_t resp) * negative error value. **/ int -gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_const_t resp, gnutls_datum_t * sig) { int ret; @@ -1892,7 +1892,7 @@ gnutls_ocsp_resp_get_signature(gnutls_ocsp_resp_t resp, * negative error value. **/ int -gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t ** certs, size_t * ncerts) { int ret; @@ -1976,7 +1976,7 @@ gnutls_ocsp_resp_get_certs(gnutls_ocsp_resp_t resp, /* Search the OCSP response for a certificate matching the responderId mentioned in the OCSP response. */ -static gnutls_x509_crt_t find_signercert(gnutls_ocsp_resp_t resp) +static gnutls_x509_crt_t find_signercert(gnutls_ocsp_resp_const_t resp) { int rc; gnutls_x509_crt_t *certs = NULL; @@ -2096,7 +2096,7 @@ static gnutls_x509_crt_t find_signercert(gnutls_ocsp_resp_t resp) } static int -_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, +_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t signercert, unsigned int *verify, unsigned int flags) { @@ -2236,7 +2236,7 @@ static int check_ocsp_purpose(gnutls_x509_crt_t signercert) * negative error value. **/ int -gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_const_t resp, gnutls_x509_crt_t issuer, unsigned int *verify, unsigned int flags) { @@ -2321,7 +2321,7 @@ gnutls_ocsp_resp_verify_direct(gnutls_ocsp_resp_t resp, * negative error value. **/ int -gnutls_ocsp_resp_verify(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_verify(gnutls_ocsp_resp_const_t resp, gnutls_x509_trust_list_t trustlist, unsigned int *verify, unsigned int flags) { @@ -2544,7 +2544,7 @@ gnutls_ocsp_resp_list_import2(gnutls_ocsp_resp_t **ocsps, * time, and would otherwise treat it as too old. * Otherwise it returns the time after which that data is invalid. */ -time_t _gnutls_ocsp_get_validity(gnutls_ocsp_resp_t resp) +time_t _gnutls_ocsp_get_validity(gnutls_ocsp_resp_const_t resp) { unsigned int cert_status; time_t rtime, vtime, ntime, now; diff --git a/lib/x509/ocsp.h b/lib/x509/ocsp.h index 3f63a5bfe2..b9c47570a2 100644 --- a/lib/x509/ocsp.h +++ b/lib/x509/ocsp.h @@ -30,7 +30,7 @@ /* fifteen days */ #define MAX_OCSP_VALIDITY_SECS (15*60*60*24) -time_t _gnutls_ocsp_get_validity(gnutls_ocsp_resp_t resp); +time_t _gnutls_ocsp_get_validity(gnutls_ocsp_resp_const_t resp); #define MAX_OCSP_MSG_SIZE 128 const char *_gnutls_ocsp_verify_status_to_str(gnutls_ocsp_verify_reason_t r, char out[MAX_OCSP_MSG_SIZE]); diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c index 2c9e168047..7f31e583b2 100644 --- a/lib/x509/ocsp_output.c +++ b/lib/x509/ocsp_output.c @@ -35,7 +35,7 @@ #define addf _gnutls_buffer_append_printf #define adds _gnutls_buffer_append_str -static void print_req(gnutls_buffer_st * str, gnutls_ocsp_req_t req) +static void print_req(gnutls_buffer_st * str, gnutls_ocsp_req_const_t req) { int ret; unsigned indx; @@ -169,7 +169,7 @@ static void print_req(gnutls_buffer_st * str, gnutls_ocsp_req_t req) * negative error value. **/ int -gnutls_ocsp_req_print(gnutls_ocsp_req_t req, +gnutls_ocsp_req_print(gnutls_ocsp_req_const_t req, gnutls_ocsp_print_formats_t format, gnutls_datum_t * out) { @@ -197,7 +197,7 @@ gnutls_ocsp_req_print(gnutls_ocsp_req_t req, } static void -print_resp(gnutls_buffer_st * str, gnutls_ocsp_resp_t resp, +print_resp(gnutls_buffer_st * str, gnutls_ocsp_resp_const_t resp, gnutls_ocsp_print_formats_t format) { int ret; @@ -639,7 +639,7 @@ print_resp(gnutls_buffer_st * str, gnutls_ocsp_resp_t resp, * negative error value. **/ int -gnutls_ocsp_resp_print(gnutls_ocsp_resp_t resp, +gnutls_ocsp_resp_print(gnutls_ocsp_resp_const_t resp, gnutls_ocsp_print_formats_t format, gnutls_datum_t * out) { diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c index c6974c83c2..1a4f0370f3 100644 --- a/lib/x509/pkcs7-crypt.c +++ b/lib/x509/pkcs7-crypt.c @@ -1747,7 +1747,7 @@ _gnutls_pkcs_write_schema_params(schema_id schema, ASN1_TYPE pkcs8_asn, int _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain, const struct pbe_enc_params *enc_params, - gnutls_datum_t * key, gnutls_datum_t * encrypted) + const gnutls_datum_t * key, gnutls_datum_t * encrypted) { int result; int data_size; diff --git a/lib/x509/pkcs7_int.h b/lib/x509/pkcs7_int.h index 97a01d7a40..46c7b62fb5 100644 --- a/lib/x509/pkcs7_int.h +++ b/lib/x509/pkcs7_int.h @@ -80,7 +80,7 @@ _gnutls_decrypt_pbes1_des_md5_data(const char *password, unsigned password_len, const struct pbkdf2_params *kdf_params, const struct pbe_enc_params *enc_params, - gnutls_datum_t *encrypted_data, /* overwritten */ + const gnutls_datum_t *encrypted_data, gnutls_datum_t *decrypted_data); int _gnutls_check_pkcs_cipher_schema(const char *oid); @@ -95,7 +95,7 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, int _gnutls_pkcs_raw_encrypt_data(const gnutls_datum_t * plain, const struct pbe_enc_params *enc_params, - gnutls_datum_t * key, gnutls_datum_t * encrypted); + const gnutls_datum_t * key, gnutls_datum_t * encrypted); int _gnutls_pkcs7_decrypt_data(const gnutls_datum_t * data, const char *password, gnutls_datum_t * dec); diff --git a/lib/x509/privkey_pkcs8_pbes1.c b/lib/x509/privkey_pkcs8_pbes1.c index 5ac96f9705..7d977a3350 100644 --- a/lib/x509/privkey_pkcs8_pbes1.c +++ b/lib/x509/privkey_pkcs8_pbes1.c @@ -135,7 +135,7 @@ _gnutls_decrypt_pbes1_des_md5_data(const char *password, unsigned password_len, const struct pbkdf2_params *kdf_params, const struct pbe_enc_params *enc_params, - gnutls_datum_t *encrypted_data, /* we re-use it */ + const gnutls_datum_t *encrypted_data, gnutls_datum_t *decrypted_data) { int result; diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h index 3b94fc50da..39a25307a0 100644 --- a/lib/x509/x509_int.h +++ b/lib/x509/x509_int.h @@ -276,7 +276,7 @@ void _gnutls_x509_privkey_get_spki_params(gnutls_x509_privkey_t key, int _gnutls_x509_read_rsa_pss_params(uint8_t * der, int dersize, gnutls_x509_spki_st * params); -int _gnutls_x509_write_rsa_pss_params(gnutls_x509_spki_st * params, +int _gnutls_x509_write_rsa_pss_params(const gnutls_x509_spki_st * params, gnutls_datum_t * der); /* extensions.c */ @@ -351,18 +351,18 @@ int _gnutls_x509_read_pubkey_signature_params(gnutls_pk_algorithm_t algo, uint8_t * der, int dersize, gnutls_pk_params_st * params); -int _gnutls_x509_write_ecc_params(gnutls_ecc_curve_t curve, +int _gnutls_x509_write_ecc_params(const gnutls_ecc_curve_t curve, gnutls_datum_t * der); -int _gnutls_x509_write_ecc_pubkey(gnutls_pk_params_st * params, +int _gnutls_x509_write_ecc_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der); -int _gnutls_x509_write_eddsa_pubkey(gnutls_pk_params_st * params, +int _gnutls_x509_write_eddsa_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der); int -_gnutls_x509_write_pubkey_params(gnutls_pk_params_st * params, +_gnutls_x509_write_pubkey_params(const gnutls_pk_params_st * params, gnutls_datum_t * der); -int _gnutls_x509_write_pubkey(gnutls_pk_params_st * params, +int _gnutls_x509_write_pubkey(const gnutls_pk_params_st * params, gnutls_datum_t * der); int _gnutls_x509_read_uint(ASN1_TYPE node, const char *value, |