Const-correct X509_alias_get0 and X509_keyid_get0

All callers I found seem to be compatible with this. Using the non-const
pointer isn't very useful because you cannot resize the value. Let's try
const-correcting it and we'll revert if it's too annoying to fix.

Update-Note: The above functions are now const-correct. Store the result
in a const pointer to avoid compatibility issues.

Change-Id: Id4a1c7223fbb333716906e20844bf8795118a8ea
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65128
Commit-Queue: David Benjamin <[email protected]>
Reviewed-by: Bob Beck <[email protected]>
(cherry picked from commit 3ef8cbc419c3143fb3218eac1b1162515573ecb0)

Author: davidben

crypto/x509/x_x509a.c

@@ -90,7 +90,7 @@ static X509_CERT_AUX *aux_get(X509 *x) {
   return x->aux;
 }
 
-int X509_alias_set1(X509 *x, const unsigned char *name, ossl_ssize_t len) {
+int X509_alias_set1(X509 *x, const uint8_t *name, ossl_ssize_t len) {
   X509_CERT_AUX *aux;
   // TODO(davidben): Empty aliases are not meaningful in PKCS#12, and the
   // getters cannot quite represent them. Also erase the object if |len| is
@@ -112,7 +112,7 @@ int X509_alias_set1(X509 *x, const unsigned char *name, ossl_ssize_t len) {
   return ASN1_STRING_set(aux->alias, name, len);
 }
 
-int X509_keyid_set1(X509 *x, const unsigned char *id, ossl_ssize_t len) {
+int X509_keyid_set1(X509 *x, const uint8_t *id, ossl_ssize_t len) {
   X509_CERT_AUX *aux;
   // TODO(davidben): Empty key IDs are not meaningful in PKCS#12, and the
   // getters cannot quite represent them. Also erase the object if |len| is
@@ -134,15 +134,15 @@ int X509_keyid_set1(X509 *x, const unsigned char *id, ossl_ssize_t len) {
   return ASN1_STRING_set(aux->keyid, id, len);
 }
 
-unsigned char *X509_alias_get0(X509 *x, int *out_len) {
+const uint8_t *X509_alias_get0(const X509 *x, int *out_len) {
   const ASN1_UTF8STRING *alias = x->aux != NULL ? x->aux->alias : NULL;
   if (out_len != NULL) {
     *out_len = alias != NULL ? alias->length : 0;
   }
   return alias != NULL ? alias->data : NULL;
 }
 
-unsigned char *X509_keyid_get0(X509 *x, int *out_len) {
+const uint8_t *X509_keyid_get0(const X509 *x, int *out_len) {
   const ASN1_OCTET_STRING *keyid = x->aux != NULL ? x->aux->keyid : NULL;
   if (out_len != NULL) {
     *out_len = keyid != NULL ? keyid->length : 0;

include/openssl/x509.h

@@ -619,7 +619,9 @@ OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
 // Unlike similarly-named functions, this function does not output a single
 // ASN.1 element. Directly embedding the output in a larger ASN.1 structure will
 // not behave correctly.
-OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, unsigned char **outp);
+//
+// TODO(crbug.com/boringssl/407): |x509| should be const.
+OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, uint8_t **outp);
 
 // d2i_X509_AUX parses up to |length| bytes from |*inp| as a DER-encoded X.509
 // Certificate (RFC 5280), followed optionally by a separate, OpenSSL-specific
@@ -632,19 +634,19 @@ OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, unsigned char **outp);
 // Unlike similarly-named functions, this function does not parse a single
 // ASN.1 element. Trying to parse data directly embedded in a larger ASN.1
 // structure will not behave correctly.
-OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const unsigned char **inp,
+OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const uint8_t **inp,
                                   long length);
 
 // X509_alias_set1 sets |x509|'s alias to |len| bytes from |name|. If |name| is
 // NULL, the alias is cleared instead. Aliases are not part of the certificate
 // itself and will not be serialized by |i2d_X509|.
-OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const unsigned char *name,
+OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const uint8_t *name,
                                    ossl_ssize_t len);
 
 // X509_keyid_set1 sets |x509|'s key ID to |len| bytes from |id|. If |id| is
 // NULL, the key ID is cleared instead. Key IDs are not part of the certificate
 // itself and will not be serialized by |i2d_X509|.
-OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const unsigned char *id,
+OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const uint8_t *id,
                                    ossl_ssize_t len);
 
 // X509_alias_get0 looks up |x509|'s alias. If found, it sets |*out_len| to the
@@ -659,7 +661,7 @@ OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const unsigned char *id,
 // WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
 // missing. Callers that target both OpenSSL and BoringSSL should set the value
 // to zero before calling this function.
-OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x509, int *out_len);
+OPENSSL_EXPORT const uint8_t *X509_alias_get0(const X509 *x509, int *out_len);
 
 // X509_keyid_get0 looks up |x509|'s key ID. If found, it sets |*out_len| to the
 // key ID's length and returns a pointer to a buffer containing the contents. If
@@ -669,7 +671,7 @@ OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x509, int *out_len);
 // WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
 // missing. Callers that target both OpenSSL and BoringSSL should set the value
 // to zero before calling this function.
-OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x509, int *out_len);
+OPENSSL_EXPORT const uint8_t *X509_keyid_get0(const X509 *x509, int *out_len);
 
 // X509_add1_trust_object configures |x509| as a valid trust anchor for |obj|.
 // It returns one on success and zero on error. |obj| should be a certificate