diff --git a/crypto/pkcs8/internal.h b/crypto/pkcs8/internal.h index 99c6b377..d29a4afb 100644 --- a/crypto/pkcs8/internal.h +++ b/crypto/pkcs8/internal.h @@ -99,7 +99,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, X509_ALGOR *PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, int saltlen); X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen); + const unsigned char *salt, int saltlen); #if defined(__cplusplus) diff --git a/crypto/pkcs8/p5_pbev2.c b/crypto/pkcs8/p5_pbev2.c index 2fd438a3..1a901a63 100644 --- a/crypto/pkcs8/p5_pbev2.c +++ b/crypto/pkcs8/p5_pbev2.c @@ -110,8 +110,8 @@ static int param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) return ASN1_TYPE_set_octetstring(type, c->oiv, iv_len); } -static X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen) +static X509_ALGOR *PKCS5_pbkdf2_set(int iter, const unsigned char *salt, + int saltlen, int prf_nid, int keylen) { X509_ALGOR *keyfunc = NULL; PBKDF2PARAM *kdf = NULL; @@ -197,7 +197,7 @@ static X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, * Extended version to allow application supplied PRF NID and IV. */ static X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen, + const unsigned char *salt, int saltlen, unsigned char *aiv, int prf_nid) { X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; @@ -300,7 +300,7 @@ static X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, } X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen) + const unsigned char *salt, int saltlen) { return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); } diff --git a/crypto/pkcs8/pkcs8.c b/crypto/pkcs8/pkcs8.c index e965bc9e..2e81adf4 100644 --- a/crypto/pkcs8/pkcs8.c +++ b/crypto/pkcs8/pkcs8.c @@ -540,7 +540,7 @@ static ASN1_OCTET_STRING *pkcs12_item_i2d_encrypt(X509_ALGOR *algor, } X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, - int pass_len, uint8_t *salt, size_t salt_len, + int pass_len, const uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; @@ -560,7 +560,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, const uint8_t *pass_raw, size_t pass_raw_len, - uint8_t *salt, size_t salt_len, + const uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { X509_SIG *pkcs8 = NULL; X509_ALGOR *pbe; diff --git a/include/openssl/pkcs8.h b/include/openssl/pkcs8.h index e04a4f34..141ed8d0 100644 --- a/include/openssl/pkcs8.h +++ b/include/openssl/pkcs8.h @@ -88,7 +88,7 @@ OPENSSL_EXPORT X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, const uint8_t *pass_raw, size_t pass_raw_len, - uint8_t *salt, size_t salt_len, + const uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf); @@ -123,7 +123,7 @@ OPENSSL_EXPORT int PKCS12_get_key_and_certs(EVP_PKEY **out_key, * unchanged. */ OPENSSL_EXPORT X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int pass_len, - uint8_t *salt, size_t salt_len, + const uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf);