From: Sascha Hauer <s.hauer@pengutronix.de>
To: BAREBOX <barebox@lists.infradead.org>
Subject: [PATCH 5/5] public-keys: make const
Date: Mon, 20 Oct 2025 13:31:02 +0200 [thread overview]
Message-ID: <20251020-public-keys-const-v1-5-301de7918b06@pengutronix.de> (raw)
In-Reply-To: <20251020-public-keys-const-v1-0-301de7918b06@pengutronix.de>
public keys should not be modified once created, so make them const.
This also has the effect that the statically initialized keys can live
in the RO data section and thus are protected from modification.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
include/crypto/public_key.h | 8 ++++----
include/crypto/rsa.h | 4 ++--
scripts/keytoc.c | 8 ++++----
3 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index 3a484eced110b179c5c411c4e06c47770e965613..5c0234acc06bd05b27cb86d62efe55f9f4e50d5c 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -14,13 +14,13 @@ enum public_key_type {
struct public_key {
enum public_key_type type;
- char *key_name_hint;
- unsigned char *hash;
+ const char *key_name_hint;
+ const unsigned char *hash;
unsigned int hashlen;
union {
- struct rsa_public_key *rsa;
- struct ecdsa_public_key *ecdsa;
+ const struct rsa_public_key *rsa;
+ const struct ecdsa_public_key *ecdsa;
};
};
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index fce94df094f90359ef500088277a0c1bf9130c14..bff25e02375d6da488981c8dbfab404e830d1f68 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -26,8 +26,8 @@
struct rsa_public_key {
uint len; /* len of modulus[] in number of uint32_t */
uint32_t n0inv; /* -1 / modulus[0] mod 2^32 */
- uint32_t *modulus; /* modulus as little endian array */
- uint32_t *rr; /* R^2 as little endian array */
+ const uint32_t *modulus;/* modulus as little endian array */
+ const uint32_t *rr; /* R^2 as little endian array */
uint64_t exponent; /* public exponent */
};
diff --git a/scripts/keytoc.c b/scripts/keytoc.c
index 074af6f0b44017572cc43be3ef559abd9fec1da3..9d6ec376c124f36e1f07f3e198bb245cfa033cd0 100644
--- a/scripts/keytoc.c
+++ b/scripts/keytoc.c
@@ -529,14 +529,14 @@ static int gen_key_ecdsa(EVP_PKEY *key, const char *key_name, const char *key_na
fprintf(outfilep, "\n};\n\n");
- fprintf(outfilep, "\nstatic uint64_t %s_x[] = {", key_name_c);
+ fprintf(outfilep, "\nstatic const uint64_t %s_x[] = {", key_name_c);
ret = print_bignum(key_x, bits, 64);
if (ret)
return ret;
fprintf(outfilep, "\n};\n\n");
- fprintf(outfilep, "static uint64_t %s_y[] = {", key_name_c);
+ fprintf(outfilep, "static const uint64_t %s_y[] = {", key_name_c);
ret = print_bignum(key_y, bits, 64);
if (ret)
return ret;
@@ -627,14 +627,14 @@ static int gen_key_rsa(EVP_PKEY *key, const char *key_name, const char *key_name
fprintf(outfilep, "\n};\n\n");
- fprintf(outfilep, "\nstatic uint32_t %s_modulus[] = {", key_name_c);
+ fprintf(outfilep, "\nstatic const uint32_t %s_modulus[] = {", key_name_c);
ret = print_bignum(modulus, bits, 32);
if (ret)
return ret;
fprintf(outfilep, "\n};\n\n");
- fprintf(outfilep, "static uint32_t %s_rr[] = {", key_name_c);
+ fprintf(outfilep, "static const uint32_t %s_rr[] = {", key_name_c);
ret = print_bignum(r_squared, bits, 32);
if (ret)
return ret;
--
2.47.3
prev parent reply other threads:[~2025-10-20 12:58 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-20 11:30 [PATCH 0/5] public_keys: " Sascha Hauer
2025-10-20 11:30 ` [PATCH 1/5] public-keys: ecdsa: remove list in ecdsa keys Sascha Hauer
2025-10-20 11:30 ` [PATCH 2/5] public-keys: move list out of struct public_key Sascha Hauer
2025-10-20 11:31 ` [PATCH 3/5] public-keys: rsa: allow struct public_key to be const Sascha Hauer
2025-10-20 11:31 ` [PATCH 4/5] public-keys: rsa: remove unused functions Sascha Hauer
2025-10-20 11:31 ` Sascha Hauer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251020-public-keys-const-v1-5-301de7918b06@pengutronix.de \
--to=s.hauer@pengutronix.de \
--cc=barebox@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox