diff --git a/des-compat.c b/des-compat.c
index 407dda4456850db6cd998797f7ab2ca3086c9d17..5c0bf3f38282eba5f9d6489cbd5fe3973723f588 100644
--- a/des-compat.c
+++ b/des-compat.c
@@ -57,7 +57,7 @@ des_compat_des3_decrypt(struct des_compat_des3 *ctx,
 }
 
 void
-des_ecb3_encrypt(const des_cblock *src, des_cblock *dst,
+des_ecb3_encrypt(const_des_cblock *src, des_cblock *dst,
 		 des_key_schedule k1,
 		 des_key_schedule k2,
 		 des_key_schedule k3, int enc)
@@ -72,9 +72,9 @@ des_ecb3_encrypt(const des_cblock *src, des_cblock *dst,
 }
 
 uint32_t
-des_cbc_cksum(const des_cblock *src, des_cblock *dst,
+des_cbc_cksum(const uint8_t *src, des_cblock *dst,
 	      long length, des_key_schedule ctx,
-	      const des_cblock *iv)
+	      const_des_cblock *iv)
 {
   /* FIXME: I'm not entirely sure how this function is supposed to
    * work, in particular what it should return, and if iv can be
@@ -86,7 +86,7 @@ des_cbc_cksum(const des_cblock *src, des_cblock *dst,
   
   assert(!(length % DES_BLOCK_SIZE));
   
-  for (p = *src; length; length -= DES_BLOCK_SIZE, p += DES_BLOCK_SIZE)
+  for (p = src; length; length -= DES_BLOCK_SIZE, p += DES_BLOCK_SIZE)
     {
       memxor(block, p, DES_BLOCK_SIZE);
       nettle_des_encrypt(ctx, DES_BLOCK_SIZE, block, block);
@@ -97,7 +97,7 @@ des_cbc_cksum(const des_cblock *src, des_cblock *dst,
 }
 
 void
-des_ncbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
+des_ncbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
                  des_key_schedule ctx, des_cblock *iv,
                  int enc)
 {
@@ -120,8 +120,8 @@ des_ncbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
 }
 
 void
-des_cbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
-		des_key_schedule ctx, const des_cblock *civ,
+des_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
+		des_key_schedule ctx, const_des_cblock *civ,
 		int enc)
 {
   des_cblock iv;
@@ -133,7 +133,7 @@ des_cbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
 
 
 void
-des_ecb_encrypt(const des_cblock *src, des_cblock *dst,
+des_ecb_encrypt(const_des_cblock *src, des_cblock *dst,
 		des_key_schedule ctx,
 		int enc)
 {
@@ -142,7 +142,7 @@ des_ecb_encrypt(const des_cblock *src, des_cblock *dst,
 }
 
 void
-des_ede3_cbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
+des_ede3_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
 		     des_key_schedule k1,
 		     des_key_schedule k2,
 		     des_key_schedule k3,
@@ -191,7 +191,7 @@ des_set_odd_parity(des_cblock *key)
 int des_check_key = 0;
 
 int
-des_key_sched(const des_cblock *key, des_key_schedule ctx)
+des_key_sched(const_des_cblock *key, des_key_schedule ctx)
 {
   des_cblock nkey;
   const uint8_t *pkey;
@@ -229,7 +229,7 @@ des_key_sched(const des_cblock *key, des_key_schedule ctx)
 }
 
 int
-des_is_weak_key(const des_cblock *key)
+des_is_weak_key(const_des_cblock *key)
 {
   struct des_ctx ctx;
 
diff --git a/des-compat.h b/des-compat.h
index 8dd4cf65a962c9dc34f8afc9b52d59253523456e..5545e548862a39156cfb54a0a37f5425ea663582 100644
--- a/des-compat.h
+++ b/des-compat.h
@@ -56,14 +56,26 @@
 enum { DES_DECRYPT = 0, DES_ENCRYPT = 1 };
 
 /* Types */
-/* NOTE: Typedef:ed arrays should be avoided, but they're used here
- * for compatibility. */
-
 typedef uint32_t DES_LONG;
 
+/* Note: Typedef:ed arrays should be avoided, but they're used here
+ * for compatibility. */
 typedef struct des_ctx des_key_schedule[1];
 
 typedef uint8_t des_cblock[DES_BLOCK_SIZE];
+/* Note: The proper definition,
+
+     typedef const uint8_t const_des_cblock[DES_BLOCK_SIZE];
+
+   would have worked, *if* all the prototypes had used arguments like
+   foo(const_des_cblock src, des_cblock dst), letting argument arrays
+   "decay" into pointers of type uint8_t * and const uint8_t *.
+
+   But since openssl's prototypes use *pointers const_des_cblock *src,
+   des_cblock *dst, this ends up in type conflicts, and the workaround
+   is to not use const at all.
+*/
+#define const_des_cblock des_cblock
 
 /* Aliases */
 #define des_ecb2_encrypt(i,o,k1,k2,e) \
@@ -86,7 +98,7 @@ extern int des_check_key;
    des_key_schedule arguments, which is equivalent to pointers to
    struct des_ctx.  */
 void
-des_ecb3_encrypt(const des_cblock *src, des_cblock *dst,
+des_ecb3_encrypt(const_des_cblock *src, des_cblock *dst,
 		 des_key_schedule k1,
 		 des_key_schedule k2,
 		 des_key_schedule k3, int enc);
@@ -94,28 +106,28 @@ des_ecb3_encrypt(const des_cblock *src, des_cblock *dst,
 /* des_cbc_cksum in libdes returns a 32 bit integer, representing the
  * latter half of the output block, using little endian byte order. */
 uint32_t
-des_cbc_cksum(const des_cblock *src, des_cblock *dst,
+des_cbc_cksum(const uint8_t *src, des_cblock *dst,
               long length, des_key_schedule ctx,
-              const des_cblock *iv);
+              const_des_cblock *iv);
 
 /* NOTE: Doesn't update iv. */
 void
-des_cbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
-		des_key_schedule ctx, const des_cblock *iv,
+des_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
+		des_key_schedule ctx, const_des_cblock *iv,
 		int enc);
 
 /* Similar, but updates iv. */
 void
-des_ncbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
+des_ncbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
 		 des_key_schedule ctx, des_cblock *iv,
                  int enc);
 
 void
-des_ecb_encrypt(const des_cblock *src, des_cblock *dst,
+des_ecb_encrypt(const_des_cblock *src, des_cblock *dst,
 		des_key_schedule ctx, int enc);
 
 void
-des_ede3_cbc_encrypt(const des_cblock *src, des_cblock *dst, long length,
+des_ede3_cbc_encrypt(const_des_cblock *src, des_cblock *dst, long length,
 		     des_key_schedule k1,
 		     des_key_schedule k2,
 		     des_key_schedule k3,
@@ -126,9 +138,9 @@ int
 des_set_odd_parity(des_cblock *key);
 
 int
-des_key_sched(const des_cblock *key, des_key_schedule ctx);
+des_key_sched(const_des_cblock *key, des_key_schedule ctx);
 
 int
-des_is_weak_key(const des_cblock *key);
+des_is_weak_key(const_des_cblock *key);
 
 #endif /* NETTLE_DES_COMPAT_H_INCLUDED */
diff --git a/testsuite/des-compat-test.c b/testsuite/des-compat-test.c
index b2c70b034e4deecb80b8ceff14c91c8ad8e1a4f9..c820c4e6bd03cd0ccd69ca09d0e81cff447cbfa0 100644
--- a/testsuite/des-compat-test.c
+++ b/testsuite/des-compat-test.c
@@ -66,7 +66,7 @@
 /* tisk tisk - the test keys don't all have odd parity :-( */
 /* test data */
 #define NUM_TESTS 34
-static const des_cblock key_data[NUM_TESTS] = {
+static const_des_cblock key_data[NUM_TESTS] = {
 	{0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
 	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
 	{0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
@@ -209,11 +209,11 @@ static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
 	{0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
 	{0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
 
-static const des_cblock cbc_key = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
-static const des_cblock cbc2_key = {0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
-static const des_cblock cbc3_key = {0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
-static const des_cblock cbc_iv = {0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
-static const des_cblock cbc_data[4] ={ "7654321 ", "Now is t", "he time ", "for " };
+static const_des_cblock cbc_key = {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static const_des_cblock cbc2_key = {0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static const_des_cblock cbc3_key = {0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static const_des_cblock cbc_iv = {0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static const_des_cblock cbc_data[4] ={ "7654321 ", "Now is t", "he time ", "for " };
 
 static unsigned char cbc_ok[32]={
 	0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
@@ -322,8 +322,8 @@ test_main(void)
 		memcpy(in,plain_data[i],8);
 		memset(out,0,8);
 		memset(outin,0,8);
-		des_ecb_encrypt( (const des_cblock *) &in, &out, ks, DES_ENCRYPT);
-		des_ecb_encrypt( (const des_cblock *) &out, &outin, ks, DES_DECRYPT);
+		des_ecb_encrypt(&in, &out, ks, DES_ENCRYPT);
+		des_ecb_encrypt(&out, &outin, ks, DES_DECRYPT);
 
 		if (memcmp(out,cipher_data[i],8) != 0)
 			{
@@ -362,9 +362,9 @@ test_main(void)
 		memcpy(in,plain_data[i],8);
 		memset(out,0,8);
 		memset(outin,0,8);
-		des_ecb2_encrypt( (const des_cblock *) &in, &out, ks, ks2,
+		des_ecb2_encrypt(&in, &out, ks, ks2,
 			DES_ENCRYPT);
-		des_ecb2_encrypt( (const des_cblock *) &out, &outin, ks, ks2,
+		des_ecb2_encrypt(&out, &outin, ks, ks2,
 			DES_DECRYPT);
 
 		if (memcmp(out,cipher_ecb2[i],8) != 0)
@@ -399,7 +399,7 @@ test_main(void)
 		printf("cbc_encrypt encrypt error\n");
 
 	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_ncbc_encrypt( (const des_cblock *) cbc_out, cbc_in,
+	des_ncbc_encrypt(cbc_out, cbc_in,
 		sizeof(cbc_data),ks,
 		&iv3,DES_DECRYPT);
 	if (memcmp(cbc_in,cbc_data,sizeof(cbc_data)) != 0)
@@ -474,7 +474,7 @@ test_main(void)
 		}
 
 	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
-	des_ede3_cbc_encrypt( (const des_cblock *) cbc_out, cbc_in,
+	des_ede3_cbc_encrypt(cbc_out, cbc_in,
 		(long)i, ks, ks2, ks3, &iv3, DES_DECRYPT);
 	if (memcmp(cbc_in,cbc_data,sizeof(cbc_data)) != 0)
 		{
@@ -633,7 +633,7 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
         
 	printf("Doing cbc_cksum\n");
 	des_key_sched(&cbc_key,ks);
-	cs=des_cbc_cksum(cbc_data, &cret,
+	cs=des_cbc_cksum(cbc_data[0], &cret,
 		sizeof(cbc_data), ks, &cbc_iv);
 	if (cs != cbc_cksum_ret)
 		{