Commit ff60ee6c authored by Paul Bakker's avatar Paul Bakker
Browse files

- Added const-correctness to main codebase

parent 9120018f
......@@ -5,6 +5,7 @@ Changes
* Added option parsing for host and port selection to
ssl_client2
* Added support for GeneralizedTime in X509 parsing
* Added const correctness for main code base
Bug fixes
* Fixed bug resulting in failure to send the last
......
......@@ -52,7 +52,7 @@ extern "C" {
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize );
int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize );
/**
* \brief AES key schedule (decryption)
......@@ -63,7 +63,7 @@ int aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize );
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize );
int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize );
/**
* \brief AES-ECB block encryption/decryption
......@@ -75,7 +75,7 @@ int aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize );
*/
void aes_crypt_ecb( aes_context *ctx,
int mode,
unsigned char input[16],
const unsigned char input[16],
unsigned char output[16] );
/**
......@@ -94,7 +94,7 @@ void aes_crypt_cbc( aes_context *ctx,
int mode,
int length,
unsigned char iv[16],
unsigned char *input,
const unsigned char *input,
unsigned char *output );
/**
......@@ -113,7 +113,7 @@ void aes_crypt_cfb128( aes_context *ctx,
int length,
int *iv_off,
unsigned char iv[16],
unsigned char *input,
const unsigned char *input,
unsigned char *output );
/**
......
......@@ -45,7 +45,7 @@ extern "C" {
* \param key the secret key
* \param keylen length of the key
*/
void arc4_setup( arc4_context *ctx, unsigned char *key, int keylen );
void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen );
/**
* \brief ARC4 cipher function
......
......@@ -46,7 +46,7 @@ extern "C" {
* required buffer size in *dlen
*/
int base64_encode( unsigned char *dst, int *dlen,
unsigned char *src, int slen );
const unsigned char *src, int slen );
/**
* \brief Decode a base64-formatted buffer
......@@ -65,7 +65,7 @@ int base64_encode( unsigned char *dst, int *dlen,
* required buffer size in *dlen
*/
int base64_decode( unsigned char *dst, int *dlen,
unsigned char *src, int slen );
const unsigned char *src, int slen );
/**
* \brief Checkup routine
......
......@@ -108,7 +108,7 @@ int mpi_grow( mpi *X, int nblimbs );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_copy( mpi *X, mpi *Y );
int mpi_copy( mpi *X, const mpi *Y );
/**
* \brief Swap the contents of X and Y
......@@ -134,21 +134,21 @@ int mpi_lset( mpi *X, int z );
*
* \param X MPI to use
*/
int mpi_lsb( mpi *X );
int mpi_lsb( const mpi *X );
/**
* \brief Return the number of most significant bits
*
* \param X MPI to use
*/
int mpi_msb( mpi *X );
int mpi_msb( const mpi *X );
/**
* \brief Return the total size in bytes
*
* \param X MPI to use
*/
int mpi_size( mpi *X );
int mpi_size( const mpi *X );
/**
* \brief Import from an ASCII string
......@@ -159,7 +159,7 @@ int mpi_size( mpi *X );
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
*/
int mpi_read_string( mpi *X, int radix, char *s );
int mpi_read_string( mpi *X, int radix, const char *s );
/**
* \brief Export into an ASCII string
......@@ -169,12 +169,14 @@ int mpi_read_string( mpi *X, int radix, char *s );
* \param s String buffer
* \param slen String buffer size
*
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code
* \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code.
* *slen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen.
*/
int mpi_write_string( mpi *X, int radix, char *s, int *slen );
int mpi_write_string( const mpi *X, int radix, char *s, int *slen );
/**
* \brief Read X from an opened file
......@@ -199,7 +201,7 @@ int mpi_read_file( mpi *X, int radix, FILE *fin );
*
* \note Set fout == NULL to print X on the console.
*/
int mpi_write_file( char *p, mpi *X, int radix, FILE *fout );
int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
/**
* \brief Import X from unsigned binary data, big endian
......@@ -211,7 +213,7 @@ int mpi_write_file( char *p, mpi *X, int radix, FILE *fout );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_read_binary( mpi *X, unsigned char *buf, int buflen );
int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen );
/**
* \brief Export X into unsigned binary data, big endian
......@@ -223,7 +225,7 @@ int mpi_read_binary( mpi *X, unsigned char *buf, int buflen );
* \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
*/
int mpi_write_binary( mpi *X, unsigned char *buf, int buflen );
int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen );
/**
* \brief Left-shift: X <<= count
......@@ -257,7 +259,7 @@ int mpi_shift_r( mpi *X, int count );
* -1 if |X| is lesser than |Y| or
* 0 if |X| is equal to |Y|
*/
int mpi_cmp_abs( mpi *X, mpi *Y );
int mpi_cmp_abs( const mpi *X, const mpi *Y );
/**
* \brief Compare signed values
......@@ -269,7 +271,7 @@ int mpi_cmp_abs( mpi *X, mpi *Y );
* -1 if X is lesser than Y or
* 0 if X is equal to Y
*/
int mpi_cmp_mpi( mpi *X, mpi *Y );
int mpi_cmp_mpi( const mpi *X, const mpi *Y );
/**
* \brief Compare signed values
......@@ -281,7 +283,7 @@ int mpi_cmp_mpi( mpi *X, mpi *Y );
* -1 if X is lesser than z or
* 0 if X is equal to z
*/
int mpi_cmp_int( mpi *X, int z );
int mpi_cmp_int( const mpi *X, int z );
/**
* \brief Unsigned addition: X = |A| + |B|
......@@ -293,7 +295,7 @@ int mpi_cmp_int( mpi *X, int z );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_add_abs( mpi *X, mpi *A, mpi *B );
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Unsigned substraction: X = |A| - |B|
......@@ -305,7 +307,7 @@ int mpi_add_abs( mpi *X, mpi *A, mpi *B );
* \return 0 if successful,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A
*/
int mpi_sub_abs( mpi *X, mpi *A, mpi *B );
int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Signed addition: X = A + B
......@@ -317,7 +319,7 @@ int mpi_sub_abs( mpi *X, mpi *A, mpi *B );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_add_mpi( mpi *X, mpi *A, mpi *B );
int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Signed substraction: X = A - B
......@@ -329,7 +331,7 @@ int mpi_add_mpi( mpi *X, mpi *A, mpi *B );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_sub_mpi( mpi *X, mpi *A, mpi *B );
int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Signed addition: X = A + b
......@@ -341,7 +343,7 @@ int mpi_sub_mpi( mpi *X, mpi *A, mpi *B );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_add_int( mpi *X, mpi *A, int b );
int mpi_add_int( mpi *X, const mpi *A, int b );
/**
* \brief Signed substraction: X = A - b
......@@ -353,7 +355,7 @@ int mpi_add_int( mpi *X, mpi *A, int b );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_sub_int( mpi *X, mpi *A, int b );
int mpi_sub_int( mpi *X, const mpi *A, int b );
/**
* \brief Baseline multiplication: X = A * B
......@@ -365,7 +367,7 @@ int mpi_sub_int( mpi *X, mpi *A, int b );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_mul_mpi( mpi *X, mpi *A, mpi *B );
int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Baseline multiplication: X = A * b
......@@ -379,7 +381,7 @@ int mpi_mul_mpi( mpi *X, mpi *A, mpi *B );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_mul_int( mpi *X, mpi *A, t_int b );
int mpi_mul_int( mpi *X, const mpi *A, t_int b );
/**
* \brief Division by mpi: A = Q * B + R
......@@ -395,7 +397,7 @@ int mpi_mul_int( mpi *X, mpi *A, t_int b );
*
* \note Either Q or R can be NULL.
*/
int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B );
int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B );
/**
* \brief Division by int: A = Q * b + R
......@@ -411,7 +413,7 @@ int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B );
*
* \note Either Q or R can be NULL.
*/
int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b );
int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b );
/**
* \brief Modulo: R = A mod B
......@@ -425,12 +427,12 @@ int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b );
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0
*/
int mpi_mod_mpi( mpi *R, mpi *A, mpi *B );
int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B );
/**
* \brief Modulo: r = A mod b
*
* \param a Destination t_int
* \param r Destination t_int
* \param A Left-hand MPI
* \param b Integer to divide by
*
......@@ -439,7 +441,7 @@ int mpi_mod_mpi( mpi *R, mpi *A, mpi *B );
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
*/
int mpi_mod_int( t_int *r, mpi *A, int b );
int mpi_mod_int( t_int *r, const mpi *A, int b );
/**
* \brief Sliding-window exponentiation: X = A^E mod N
......@@ -458,7 +460,7 @@ int mpi_mod_int( t_int *r, mpi *A, int b );
* multiple calls, which speeds up things a bit. It can
* be set to NULL if the extra performance is unneeded.
*/
int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR );
int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
/**
* \brief Greatest common divisor: G = gcd(A, B)
......@@ -470,7 +472,7 @@ int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR );
* \return 0 if successful,
* 1 if memory allocation failed
*/
int mpi_gcd( mpi *G, mpi *A, mpi *B );
int mpi_gcd( mpi *G, const mpi *A, const mpi *B );
/**
* \brief Modular inverse: X = A^-1 mod N
......@@ -484,7 +486,7 @@ int mpi_gcd( mpi *G, mpi *A, mpi *B );
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/
int mpi_inv_mod( mpi *X, mpi *A, mpi *N );
int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N );
/**
* \brief Miller-Rabin primality test
......
......@@ -56,7 +56,7 @@ extern "C" {
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
int camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize );
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize );
/**
* \brief CAMELLIA key schedule (decryption)
......@@ -67,7 +67,7 @@ int camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
int camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize );
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize );
/**
* \brief CAMELLIA-ECB block encryption/decryption
......@@ -79,7 +79,7 @@ int camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize
*/
void camellia_crypt_ecb( camellia_context *ctx,
int mode,
unsigned char input[16],
const unsigned char input[16],
unsigned char output[16] );
/**
......@@ -98,7 +98,7 @@ void camellia_crypt_cbc( camellia_context *ctx,
int mode,
int length,
unsigned char iv[16],
unsigned char *input,
const unsigned char *input,
unsigned char *output );
/**
......@@ -117,7 +117,7 @@ void camellia_crypt_cfb128( camellia_context *ctx,
int length,
int *iv_off,
unsigned char iv[16],
unsigned char *input,
const unsigned char *input,
unsigned char *output );
/**
......
......@@ -27,14 +27,13 @@
extern "C" {
#endif
extern char test_ca_crt[];
extern char test_ca_key[];
extern char test_ca_pwd[];
extern char test_srv_crt[];
extern char test_srv_key[];
extern char test_cli_crt[];
extern char test_cli_key[];
extern char xyssl_ca_crt[];
extern const char test_ca_crt[];
extern const char test_ca_key[];
extern const char test_ca_pwd[];
extern const char test_srv_crt[];
extern const char test_srv_key[];
extern const char test_cli_crt[];
extern const char test_cli_key[];
#ifdef __cplusplus
}
......
......@@ -59,21 +59,24 @@ extern "C" {
char *debug_fmt( const char *format, ... );
void debug_print_msg( ssl_context *ssl, int level,
char *file, int line, char *text );
void debug_print_msg( const ssl_context *ssl, int level,
const char *file, int line, const char *text );
void debug_print_ret( ssl_context *ssl, int level,
char *file, int line, char *text, int ret );
void debug_print_ret( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, int ret );
void debug_print_buf( ssl_context *ssl, int level,
char *file, int line, char *text,
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
unsigned char *buf, int len );
void debug_print_mpi( ssl_context *ssl, int level,
char *file, int line, char *text, mpi *X );
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mpi *X );
void debug_print_crt( ssl_context *ssl, int level,
char *file, int line, char *text, x509_cert *crt );
void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_cert *crt );
#ifdef __cplusplus
}
......
......@@ -56,7 +56,7 @@ extern "C" {
* \param ctx DES context to be initialized
* \param key 8-byte secret key
*/
void des_setkey_enc( des_context *ctx, unsigned char key[8] );
void des_setkey_enc( des_context *ctx, const unsigned char key[8] );
/**
* \brief DES key schedule (56-bit, decryption)
......@@ -64,7 +64,7 @@ void des_setkey_enc( des_context *ctx, unsigned char key[8] );
* \param ctx DES context to be initialized
* \param key 8-byte secret key
*/
void des_setkey_dec( des_context *ctx, unsigned char key[8] );
void des_setkey_dec( des_context *ctx, const unsigned char key[8] );
/**
* \brief Triple-DES key schedule (112-bit, encryption)
......@@ -72,7 +72,7 @@ void des_setkey_dec( des_context *ctx, unsigned char key[8] );
* \param ctx 3DES context to be initialized
* \param key 16-byte secret key
*/
void des3_set2key_enc( des3_context *ctx, unsigned char key[16] );
void des3_set2key_enc( des3_context *ctx, const unsigned char key[16] );
/**
* \brief Triple-DES key schedule (112-bit, decryption)
......@@ -80,7 +80,7 @@ void des3_set2key_enc( des3_context *ctx, unsigned char key[16] );
* \param ctx 3DES context to be initialized
* \param key 16-byte secret key
*/
void des3_set2key_dec( des3_context *ctx, unsigned char key[16] );
void des3_set2key_dec( des3_context *ctx, const unsigned char key[16] );
/**
* \brief Triple-DES key schedule (168-bit, encryption)
......@@ -88,7 +88,7 @@ void des3_set2key_dec( des3_context *ctx, unsigned char key[16] );
* \param ctx 3DES context to be initialized
* \param key 24-byte secret key
*/
void des3_set3key_enc( des3_context *ctx, unsigned char key[24] );
void des3_set3key_enc( des3_context *ctx, const unsigned char key[24] );
/**
* \brief Triple-DES key schedule (168-bit, decryption)
......@@ -96,7 +96,7 @@ void des3_set3key_enc( des3_context *ctx, unsigned char key[24] );
* \param ctx 3DES context to be initialized
* \param key 24-byte secret key
*/
void des3_set3key_dec( des3_context *ctx, unsigned char key[24] );
void des3_set3key_dec( des3_context *ctx, const unsigned char key[24] );
/**
* \brief DES-ECB block encryption/decryption
......@@ -106,7 +106,7 @@ void des3_set3key_dec( des3_context *ctx, unsigned char key[24] );
* \param output 64-bit output block
*/
void des_crypt_ecb( des_context *ctx,
unsigned char input[8],
const unsigned char input[8],
unsigned char output[8] );
/**
......@@ -123,7 +123,7 @@ void des_crypt_cbc( des_context *ctx,
int mode,
int length,
unsigned char iv[8],
unsigned char *input,
const unsigned char *input,
unsigned char *output );
/**
......@@ -134,7 +134,7 @@ void des_crypt_cbc( des_context *ctx,
* \param output 64-bit output block
*/
void des3_crypt_ecb( des3_context *ctx,
unsigned char input[8],
const unsigned char input[8],
unsigned char output[8] );
/**
......@@ -151,7 +151,7 @@ void des3_crypt_cbc( des3_context *ctx,
int mode,
int length,
unsigned char iv[8],
unsigned char *input,
const unsigned char *input,
unsigned char *output );
/*
......
......@@ -60,7 +60,7 @@ extern "C" {
*/
int dhm_read_params( dhm_context *ctx,
unsigned char **p,
unsigned char *end );
const unsigned char *end );
/**
* \brief Setup and write the ServerKeyExchange parameters
......@@ -92,7 +92,7 @@ int dhm_make_params( dhm_context *ctx, int s_size,
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_public( dhm_context *ctx,
unsigned char *input, int ilen );
const unsigned char *input, int ilen );
/**
* \brief Create own private value X and export G^X
......
......@@ -56,7 +56,7 @@ void md2_starts( md2_context *ctx );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_update( md2_context *ctx, unsigned char *input, int ilen );
void md2_update( md2_context *ctx, const unsigned char *input, int ilen );
/**
* \brief MD2 final digest
......@@ -73,7 +73,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] );
* \param ilen length of the input data
* \param output MD2 checksum result
*/
void md2( unsigned char *input, int ilen, unsigned char output[16] );
void md2( const unsigned char *input, int ilen, unsigned char output[16] );
/**
* \brief Output = MD2( file contents )
......@@ -84,7 +84,7 @@ void md2( unsigned char *input, int ilen, unsigned char output[16] );
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int md2_file( char *path, unsigned char output[16] );
int md2_file( const char *path, unsigned char output[16] );
/**
* \brief MD2 HMAC context setup
......@@ -93,7 +93,7 @@ int md2_file( char *path, unsigned char output[16] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen );
void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen );
/**
* \brief MD2 HMAC process buffer
......@@ -102,7 +102,7 @@ void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_hmac_update( md2_context *ctx, unsigned char *input, int ilen );
void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen );
/**
* \brief MD2 HMAC final digest
......@@ -121,8 +121,8 @@ void md2_hmac_finish( md2_context *ctx, unsigned char output[16] );
* \param ilen length of the input data
* \param output HMAC-MD2 result
*/
void md2_hmac( unsigned char *key, int keylen,
unsigned char *input, int ilen,
void md2_hmac( const unsigned char *key, int keylen,
const unsigned char *input, int ilen,
unsigned char output[16] );
/**
......
......@@ -55,7 +55,7 @@ void md4_starts( md4_context *ctx );
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md4_update( md4_context *ctx, unsigned char *input, int ilen );
void md4_update( md4_context *ctx, const unsigned char *input, int ilen );
/**
* \brief MD4 final digest
......@@ -72,7 +72,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] );
* \param ilen length of the input data
* \param output MD4 checksum result
*/
void md4( unsigned char *input, int ilen, unsigned char output[16] );
void md4( const unsigned char *input, int ilen, unsigned char output[16] );
/**
* \brief Output = MD4( file contents )
......@@ -83,7 +83,7 @@ void md4( unsigned char *input, int ilen, unsigned char output[16] );
* \return 0 if successful, 1 if fopen failed,
* or 2 if fread failed
*/
int md4_file( char *path, unsigned char output[16] );
int md4_file( const char *path, unsigned char output[16] );
/**
* \brief MD4 HMAC context setup
......@@ -92,7 +92,7 @@ int md4_file( char *path, unsigned char output[16] );
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen );