Skip to content

Commit 5f8c681

Browse files
davidbenBoringssl LUCI CQ
davidben
authored and
Boringssl LUCI CQ
committed
Const-correct ASN1_item_verify a bit more.
Change-Id: I188feff6d62986554e34a10d148108b19a4eae0b Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48226 Commit-Queue: David Benjamin <[email protected]> Reviewed-by: Adam Langley <[email protected]>
1 parent 5206782 commit 5f8c681

File tree

5 files changed

+11
-7
lines changed

5 files changed

+11
-7
lines changed

crypto/x509/a_verify.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@
6969

7070
#include "internal.h"
7171

72-
int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
72+
int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *a,
7373
const ASN1_BIT_STRING *signature, void *asn,
7474
EVP_PKEY *pkey) {
7575
if (!pkey) {

crypto/x509/algorithm.c

+1-1
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
110110
return 1;
111111
}
112112

113-
int x509_digest_verify_init(EVP_MD_CTX *ctx, X509_ALGOR *sigalg,
113+
int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,
114114
EVP_PKEY *pkey) {
115115
/* Convert the signature OID into digest and public key OIDs. */
116116
int sigalg_nid = OBJ_obj2nid(sigalg->algorithm);

crypto/x509/internal.h

+3-2
Original file line numberDiff line numberDiff line change
@@ -139,7 +139,8 @@ struct X509_VERIFY_PARAM_st {
139139
* signature algorithm parameters in |sigalg| (which must have type
140140
* |NID_rsassaPss|) and key |pkey|. It returns one on success and zero on
141141
* error. */
142-
int x509_rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey);
142+
int x509_rsa_pss_to_ctx(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,
143+
EVP_PKEY *pkey);
143144

144145
/* x509_rsa_pss_to_ctx sets |algor| to the signature algorithm parameters for
145146
* |ctx|, which must have been configured for an RSA-PSS signing operation. It
@@ -164,7 +165,7 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor);
164165
* with public key |pkey| and parameters from |algor|. The |ctx| argument must
165166
* have been initialised with |EVP_MD_CTX_init|. It returns one on success, or
166167
* zero on error. */
167-
int x509_digest_verify_init(EVP_MD_CTX *ctx, X509_ALGOR *sigalg,
168+
int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,
168169
EVP_PKEY *pkey);
169170

170171

crypto/x509/rsa_pss.c

+4-2
Original file line numberDiff line numberDiff line change
@@ -167,7 +167,8 @@ static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg) {
167167
}
168168

169169
/* convert MGF1 algorithm ID to EVP_MD, default SHA1 */
170-
static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash) {
170+
static const EVP_MD *rsa_mgf1_to_md(const X509_ALGOR *alg,
171+
X509_ALGOR *maskHash) {
171172
const EVP_MD *md;
172173
if (!alg) {
173174
return EVP_sha1();
@@ -246,7 +247,8 @@ int x509_rsa_ctx_to_pss(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
246247
return ret;
247248
}
248249

249-
int x509_rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) {
250+
int x509_rsa_pss_to_ctx(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,
251+
EVP_PKEY *pkey) {
250252
assert(OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss);
251253

252254
/* Decode PSS parameters */

include/openssl/x509.h

+2-1
Original file line numberDiff line numberDiff line change
@@ -1074,7 +1074,8 @@ OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
10741074
void *data, unsigned char *md,
10751075
unsigned int *len);
10761076

1077-
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
1077+
OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
1078+
const X509_ALGOR *algor1,
10781079
const ASN1_BIT_STRING *signature,
10791080
void *data, EVP_PKEY *pkey);
10801081

0 commit comments

Comments
 (0)