Fix build compilation with OpenSSL 4.0-dev.

[vcsjones]

OpenSSL marked a few methods that could return const as requiring const. Add const qualifiers where needed.

If we fix this now, we can keep scouting against openssl's main branch.

Fixes vcsjones/runtime-ci#9.

[vcsjones]

This is only used by X509_PUBKEY_get0_param below, which already has the parameter qualified as const, so we can just mark our variable as const and it will still work for the call.

Okay, that is not true with OpenSSL 1.1.x. We are going to have to discard the qualifiers.

[Copilot]

Pull request overview

This PR updates the System.Security.Cryptography.Native bindings to be compatible with OpenSSL 4.0-dev by adding const qualifiers to function signatures and local variables where OpenSSL now requires them.

Key Changes:

• Updated CryptoNative_GetX509PublicKeyBytes return type to return const ASN1_BIT_STRING*
• Added const qualifiers to local X509_PUBKEY* variables in two functions

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
src/native/libs/System.Security.Cryptography.Native/openssl.h	Updated function signature for CryptoNative_GetX509PublicKeyBytes to return const pointer
src/native/libs/System.Security.Cryptography.Native/openssl.c	Added const qualifiers to function implementation and local variables to match OpenSSL 4.0-dev API requirements

[vcsjones]

This interior pointer is later fed in to CryptoNative_GetAsn1StringBytes which does not modify the structure. So while the const is "erased" across the p/invoke boundary, the uses of the interior pointer do not violate the const requirement.

[dotnet-policy-service]

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.