Constify X509_get0_signature()

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/apps/x509.c b/apps/x509.c
index 27a928c10316f31be2492f51c53cbbe70aea0126..6f72f82c8b603146ef93d76a464a7316819b3b13 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -604,7 +604,8 @@ int x509_main(int argc, char **argv)
     }
 
     if (badsig) {
-        ASN1_BIT_STRING *signature;
+        const ASN1_BIT_STRING *signature;
+
         X509_get0_signature(&signature, NULL, x);
         corrupt_signature(signature);
     }

diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
index bfd6f6d8ff821036a6744b4f85cc186ea2b692b1..5d7c130d463a800307b4562a8ad77e998b6d5e19 100644 (file)
--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c
@@ -191,8 +191,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
                                 X509_get0_extensions(x), cflag, 8);
 
     if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
-        X509_ALGOR *sig_alg;
-        ASN1_BIT_STRING *sig;
+        const X509_ALGOR *sig_alg;
+        const ASN1_BIT_STRING *sig;
         X509_get0_signature(&sig, &sig_alg, x);
         if (X509_signature_print(bp, sig_alg, sig) <= 0)
             goto err;

diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c
index 7d9f9816e64d6632e32821a67b8f14b0ffbd036e..6783fd872849fd92e2f7bf6b7f88304e45fc7f7a 100644 (file)
--- a/crypto/x509/x_x509.c
+++ b/crypto/x509/x_x509.c
@@ -209,7 +209,8 @@ int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
     return i2d_X509_CINF(&x->cert_info, pp);
 }
 
-void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509 *x)
+void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                         const X509_ALGOR **palg, const X509 *x)
 {
     if (psig)
         *psig = &x->signature;

diff --git a/doc/crypto/X509_get0_signature.pod b/doc/crypto/X509_get0_signature.pod
index 86b0b40f127b822986e3be3adf5f23988d06367e..0741dfba39e3e7c4fae6eea62a08271a6da9c711 100644 (file)
--- a/doc/crypto/X509_get0_signature.pod
+++ b/doc/crypto/X509_get0_signature.pod
@@ -10,7 +10,8 @@ X509_CRL_get_signature_nid - signature information
 
  #include <openssl/x509.h>
 
- void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                          const X509_ALGOR **palg,
                           const X509 *x);
  int X509_get_signature_nid(const X509 *x);
  const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 7e649eb381692be4e0715cc5b3150a08aef7461d..fc23d9b91b4b11e97ae532bcd817c8d023fa9522 100644 (file)
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -548,7 +548,8 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
 
 int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
 
-void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, X509 *x);
+void X509_get0_signature(const ASN1_BIT_STRING **psig,
+                         const X509_ALGOR **palg, const X509 *x);
 int X509_get_signature_nid(const X509 *x);
 
 int X509_trusted(const X509 *x);