Update to NSS 3.15.3.

nss/lib/cryptohi/seckey.c

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "cryptohi.h"
 #include "keyhi.h"
 #include "secoid.h"
 #include "secitem.h"
 #include "secder.h"
 #include "base64.h"
 #include "secasn1.h"
@@ skipping 426 matching lines @@
     }
     return seckey_UpdateCertPQGChain(subjectCert,0);
 }
    
 
 /* Decode the DSA PQG parameters.  The params could be stored in two
  * possible formats, the old fortezza-only wrapped format or
  * the normal standard format.  Store the decoded parameters in
  * a V3 certificate data structure.  */ 
 
-SECStatus
-SECKEY_DSADecodePQG(PLArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
+static SECStatus
+seckey_DSADecodePQG(PLArenaPool *arena, SECKEYPublicKey *pubk,
+                    const SECItem *params) {
     SECStatus rv;
     SECItem newparams;
 
     if (params == NULL) return SECFailure; 
     
     if (params->data == NULL) return SECFailure;
 
     PORT_Assert(arena);
 
     /* make a copy of the data into the arena so QuickDER output is valid */
@@ skipping 73 matching lines @@
         keyType = rsaKey;
         break;
       default:
         keyType = nullKey;
     }
     return keyType;
 }
 
 /* Function used to determine what kind of cert we are dealing with. */
 KeyType 
-CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki) 
+CERT_GetCertKeyType (const CERTSubjectPublicKeyInfo *spki) 
 {
     return seckey_GetKeyType(SECOID_GetAlgorithmTag(&spki->algorithm));
 }
 
 static SECKEYPublicKey *
-seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
+seckey_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki)
 {
     SECKEYPublicKey *pubk;
     SECItem os, newOs, newParms;
     SECStatus rv;
     PLArenaPool *arena;
     SECOidTag tag;
 
     arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL)
         return NULL;
@@ skipping 28 matching lines @@
         if (rv == SECSuccess)
             return pubk;
         break;
       case SEC_OID_ANSIX9_DSA_SIGNATURE:
       case SEC_OID_SDN702_DSA_SIGNATURE:
         pubk->keyType = dsaKey;
         prepare_dsa_pub_key_for_asn1(pubk);
         rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &newOs);
         if (rv != SECSuccess) break;
 
-        rv = SECKEY_DSADecodePQG(arena, pubk,
+        rv = seckey_DSADecodePQG(arena, pubk,
                                  &spki->algorithm.parameters); 
 
         if (rv == SECSuccess) return pubk;
         break;
       case SEC_OID_X942_DIFFIE_HELMAN_KEY:
         pubk->keyType = dhKey;
         prepare_dh_pub_key_for_asn1(pubk);
         rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &newOs);
         if (rv != SECSuccess) break;
 
@@ skipping 29 matching lines @@
         break;
     }
 
     SECKEY_DestroyPublicKey (pubk);
     return NULL;
 }
 
 
 /* required for JSS */
 SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
+SECKEY_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki)
 {
     return seckey_ExtractPublicKey(spki);
 }
 
 SECKEYPublicKey *
 CERT_ExtractPublicKey(CERTCertificate *cert)
 {
     SECStatus rv;
 
     if (!cert) {
@@ skipping 679 matching lines @@
     if (spki && spki->arena) {
         PORT_FreeArena(spki->arena, PR_FALSE);
     }
 }
 
 /*
  * this only works for RSA keys... need to do something
  * similiar to CERT_ExtractPublicKey for other key times.
  */
 SECKEYPublicKey *
-SECKEY_DecodeDERPublicKey(SECItem *pubkder)
+SECKEY_DecodeDERPublicKey(const SECItem *pubkder)
 {
     PLArenaPool *arena;
     SECKEYPublicKey *pubk;
     SECStatus rv;
     SECItem newPubkder;
 
     arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL) {
         PORT_SetError (SEC_ERROR_NO_MEMORY);
         return NULL;
@@ skipping 20 matching lines @@
     }
 
     PORT_FreeArena (arena, PR_FALSE);
     return NULL;
 }
 
 /*
  * Decode a base64 ascii encoded DER encoded public key.
  */
 SECKEYPublicKey *
-SECKEY_ConvertAndDecodePublicKey(char *pubkstr)
+SECKEY_ConvertAndDecodePublicKey(const char *pubkstr)
 {
     SECKEYPublicKey *pubk;
     SECStatus rv;
     SECItem der;
 
     rv = ATOB_ConvertAsciiToItem (&der, pubkstr);
     if (rv != SECSuccess)
         return NULL;
 
     pubk = SECKEY_DecodeDERPublicKey (&der);
@@ skipping 19 matching lines @@
                                         CERT_SubjectPublicKeyInfoTemplate);
 
     SECKEY_DestroySubjectPublicKeyInfo(spki);
 
 finish:
     return spkiDER;
 }
 
 
 CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider)
+SECKEY_DecodeDERSubjectPublicKeyInfo(const SECItem *spkider)
 {
     PLArenaPool *arena;
     CERTSubjectPublicKeyInfo *spki;
     SECStatus rv;
     SECItem newSpkider;
 
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if (arena == NULL) {
         PORT_SetError(SEC_ERROR_NO_MEMORY);
         return NULL;
@@ skipping 18 matching lines @@
     }
 
     PORT_FreeArena(arena, PR_FALSE);
     return NULL;
 }
 
 /*
  * Decode a base64 ascii encoded DER encoded subject public key info.
  */
 CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr)
+SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(const char *spkistr)
 {
     CERTSubjectPublicKeyInfo *spki;
     SECStatus rv;
     SECItem der;
 
     rv = ATOB_ConvertAsciiToItem(&der, spkistr);
     if (rv != SECSuccess)
         return NULL;
 
     spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
@@ skipping 162 matching lines @@
             if(freeit == PR_TRUE) {
                 PORT_Free(epki);
             }
         }
     }
 }
 
 SECStatus
 SECKEY_CopyPrivateKeyInfo(PLArenaPool *poolp,
                           SECKEYPrivateKeyInfo *to,
-                          SECKEYPrivateKeyInfo *from)
+                          const SECKEYPrivateKeyInfo *from)
 {
     SECStatus rv = SECFailure;
 
     if((to == NULL) || (from == NULL)) {
         return SECFailure;
     }
 
     rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
     if(rv != SECSuccess) {
         return SECFailure;
     }
     rv = SECITEM_CopyItem(poolp, &to->privateKey, &from->privateKey);
     if(rv != SECSuccess) {
         return SECFailure;
     }
     rv = SECITEM_CopyItem(poolp, &to->version, &from->version);
 
     return rv;
 }
 
 SECStatus
 SECKEY_CopyEncryptedPrivateKeyInfo(PLArenaPool *poolp,
                                    SECKEYEncryptedPrivateKeyInfo *to,
-                                   SECKEYEncryptedPrivateKeyInfo *from)
+                                   const SECKEYEncryptedPrivateKeyInfo *from)
 {
     SECStatus rv = SECFailure;
 
     if((to == NULL) || (from == NULL)) {
         return SECFailure;
     }
 
     rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
     if(rv != SECSuccess) {
         return SECFailure;
     }
     rv = SECITEM_CopyItem(poolp, &to->encryptedData, &from->encryptedData);
 
     return rv;
 }
 
 KeyType
-SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey)
+SECKEY_GetPrivateKeyType(const SECKEYPrivateKey *privKey)
 {
    return privKey->keyType;
 }
 
 KeyType
-SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey)
+SECKEY_GetPublicKeyType(const SECKEYPublicKey *pubKey)
 {
    return pubKey->keyType;
 }
 
 SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type)
+SECKEY_ImportDERPublicKey(const SECItem *derKey, CK_KEY_TYPE type)
 {
     SECKEYPublicKey *pubk = NULL;
     SECStatus rv = SECFailure;
     SECItem newDerKey;
     PLArenaPool *arena = NULL;
 
     if (!derKey) {
         return NULL;
     } 
 
@@ skipping 213 matching lines @@
 {
     SECStatus rv = SECFailure;
     if (key && key->pkcs11Slot && key->pkcs11ID) {
         key->staticflags |= SECKEY_Attributes_Cached;
         SECKEY_CacheAttribute(key, CKA_PRIVATE);
         SECKEY_CacheAttribute(key, CKA_ALWAYS_AUTHENTICATE);
         rv = SECSuccess;
     }
     return rv;
 }