Deal with the consequences of constifying getters

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

13 files changed, 22 insertions, 19 deletions

diff --git a/apps/apps.c b/apps/apps.c
index fca3775b77..ec1cfe9927 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1148,7 +1148,7 @@ void print_name(BIO *out, const char *title, X509_NAME *nm,
     }
 }
 
-void print_bignum_var(BIO *out, BIGNUM *in, const char *var,
+void print_bignum_var(BIO *out, const BIGNUM *in, const char *var,
                       int len, unsigned char *buffer)
 {
     BIO_printf(out, "    static unsigned char %s_%d[] = {", var, len);
diff --git a/apps/apps.h b/apps/apps.h
index 6a0acab58c..d56c07df31 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -380,7 +380,8 @@ int dump_cert_text(BIO *out, X509 *x);
 void print_name(BIO *out, const char *title, X509_NAME *nm,
                 unsigned long lflags);
 # endif
-void print_bignum_var(BIO *, BIGNUM *, const char*, int, unsigned char *);
+void print_bignum_var(BIO *, const BIGNUM *, const char*,
+                      int, unsigned char *);
 void print_array(BIO *, const char *, int, const unsigned char *);
 int set_cert_ex(unsigned long *flags, const char *arg);
 int set_name_ex(unsigned long *flags, const char *arg);
diff --git a/apps/dhparam.c b/apps/dhparam.c
index f86e315599..ab2e787f76 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -298,7 +298,7 @@ int dhparam_main(int argc, char **argv)
     if (C) {
         unsigned char *data;
         int len, bits;
-        BIGNUM *pbn, *gbn;
+        const BIGNUM *pbn, *gbn;
 
         len = DH_size(dh);
         bits = DH_bits(dh);
@@ -337,7 +337,7 @@ int dhparam_main(int argc, char **argv)
     }
 
     if (!noout) {
-        BIGNUM *q;
+        const BIGNUM *q;
         DH_get0_pqg(dh, NULL, &q, NULL);
         if (outformat == FORMAT_ASN1)
             i = i2d_DHparams_bio(out, dh);
diff --git a/apps/dsa.c b/apps/dsa.c
index ef50fede78..6ac9a40282 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -195,7 +195,7 @@ int dsa_main(int argc, char **argv)
     }
 
     if (modulus) {
-        BIGNUM *pub_key = NULL;
+        const BIGNUM *pub_key = NULL;
         DSA_get0_key(dsa, &pub_key, NULL);
         BIO_printf(out, "Public Key=");
         BN_print(out, pub_key);
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index cd2ca4c3f7..404266009e 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -215,7 +215,7 @@ int dsaparam_main(int argc, char **argv)
     }
 
     if (C) {
-        BIGNUM *p = NULL, *q = NULL, *g = NULL;
+        const BIGNUM *p = NULL, *q = NULL, *g = NULL;
         unsigned char *data;
         int len, bits_p;
 
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 2be3b9a055..5dacf1b9fc 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -53,7 +53,7 @@ int gendsa_main(int argc, char **argv)
     char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
     OPTION_CHOICE o;
     int ret = 1, private = 0;
-    BIGNUM *p = NULL;
+    const BIGNUM *p = NULL;
 
     prog = opt_init(argc, argv, gendsa_options);
     while ((o = opt_next()) != OPT_EOF) {
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 79e2dae800..4d104d2882 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -59,7 +59,7 @@ int genrsa_main(int argc, char **argv)
     ENGINE *eng = NULL;
     BIGNUM *bn = BN_new();
     BIO *out = NULL;
-    BIGNUM *e;
+    const BIGNUM *e;
     RSA *rsa = NULL;
     const EVP_CIPHER *enc = NULL;
     int ret = 1, num = DEFBITS, private = 0;
diff --git a/apps/req.c b/apps/req.c
index ca8a9af874..d1f5dcb345 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -768,7 +768,7 @@ int req_main(int argc, char **argv)
         fprintf(stdout, "Modulus=");
 #ifndef OPENSSL_NO_RSA
         if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) {
-            BIGNUM *n;
+            const BIGNUM *n;
             RSA_get0_key(EVP_PKEY_get0_RSA(tpubkey), &n, NULL, NULL);
             BN_print(out, n);
         } else
diff --git a/apps/rsa.c b/apps/rsa.c
index 3a1195f566..63e88e6762 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -214,7 +214,7 @@ int rsa_main(int argc, char **argv)
     }
 
     if (modulus) {
-        BIGNUM *n;
+        const BIGNUM *n;
         RSA_get0_key(rsa, &n, NULL, NULL);
         BIO_printf(out, "Modulus=");
         BN_print(out, n);
diff --git a/apps/x509.c b/apps/x509.c
index 0753817257..4191a345bb 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -684,14 +684,14 @@ int x509_main(int argc, char **argv)
                 BIO_printf(out, "Modulus=");
 #ifndef OPENSSL_NO_RSA
                 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
-                    BIGNUM *n;
+                    const BIGNUM *n;
                     RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &n, NULL, NULL);
                     BN_print(out, n);
                 } else
 #endif
 #ifndef OPENSSL_NO_DSA
                 if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) {
-                    BIGNUM *dsapub = NULL;
+                    const BIGNUM *dsapub = NULL;
                     DSA_get0_key(EVP_PKEY_get0_DSA(pkey), &dsapub, NULL);
                     BN_print(out, dsapub);
                 } else
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 4c07aee8f2..bf512ecdf0 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -467,7 +467,8 @@ static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
 static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
 {
     int bitlen;
-    BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL;
+    const BIGNUM *p = NULL, *q = NULL, *g = NULL;
+    const BIGNUM *pub_key = NULL, *priv_key = NULL;
 
     DSA_get0_pqg(dsa, &p, &q, &g);
     DSA_get0_key(dsa, &pub_key, &priv_key);
@@ -494,7 +495,7 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
 static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
 {
     int nbyte, hnbyte, bitlen;
-    BIGNUM *e;
+    const BIGNUM *e;
 
     RSA_get0_key(rsa, &e, NULL, NULL);
     if (BN_num_bits(e) > 32)
@@ -506,7 +507,7 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
         *pmagic = MS_RSA1MAGIC;
         return bitlen;
     } else {
-        BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1;
+        const BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1;
 
         *pmagic = MS_RSA2MAGIC;
 
@@ -534,7 +535,7 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
 static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
 {
     int nbyte, hnbyte;
-    BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1;
+    const BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1;
 
     nbyte = RSA_size(rsa);
     hnbyte = (RSA_bits(rsa) + 15) >> 4;
@@ -556,7 +557,8 @@ static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
 static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
 {
     int nbyte;
-    BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL;
+    const BIGNUM *p = NULL, *q = NULL, *g = NULL;
+    const BIGNUM *pub_key = NULL, *priv_key = NULL;
 
     DSA_get0_pqg(dsa, &p, &q, &g);
     DSA_get0_key(dsa, &pub_key, &priv_key);
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 078349fbb1..9fae19028c 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2178,7 +2178,7 @@ psk_err:
 #ifndef OPENSSL_NO_DH
     else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {
         DH *dh_clnt = NULL;
-        BIGNUM *pub_key;
+        const BIGNUM *pub_key;
         skey = s->s3->peer_tmp;
         if (skey == NULL) {
             SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE,
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index f4fe2b9f40..f88b6c8194 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1602,7 +1602,7 @@ int tls_construct_server_key_exchange(SSL *s)
     int al, i;
     unsigned long type;
     int n;
-    BIGNUM *r[4];
+    const BIGNUM *r[4];
     int nr[4], kn;
     BUF_MEM *buf;
     EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();