[PATCH 5/5] public-keys: make const

[Sascha Hauer]

public keys should not be modified once created, so make them const.
This also has the effect that the statically initialized keys can live
in the RO data section and thus are protected from modification.

Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
 include/crypto/public_key.h | 8 ++++----
 include/crypto/rsa.h        | 4 ++--
 scripts/keytoc.c            | 8 ++++----
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index 3a484eced110b179c5c411c4e06c47770e965613..5c0234acc06bd05b27cb86d62efe55f9f4e50d5c 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -14,13 +14,13 @@ enum public_key_type {
 
 struct public_key {
 	enum public_key_type type;
-	char *key_name_hint;
-	unsigned char *hash;
+	const char *key_name_hint;
+	const unsigned char *hash;
 	unsigned int hashlen;
 
 	union {
-		struct rsa_public_key *rsa;
-		struct ecdsa_public_key *ecdsa;
+		const struct rsa_public_key *rsa;
+		const struct ecdsa_public_key *ecdsa;
 	};
 };
 
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index fce94df094f90359ef500088277a0c1bf9130c14..bff25e02375d6da488981c8dbfab404e830d1f68 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -26,8 +26,8 @@
 struct rsa_public_key {
 	uint len;		/* len of modulus[] in number of uint32_t */
 	uint32_t n0inv;		/* -1 / modulus[0] mod 2^32 */
-	uint32_t *modulus;	/* modulus as little endian array */
-	uint32_t *rr;		/* R^2 as little endian array */
+	const uint32_t *modulus;/* modulus as little endian array */
+	const uint32_t *rr;	/* R^2 as little endian array */
 	uint64_t exponent;	/* public exponent */
 };
 
diff --git a/scripts/keytoc.c b/scripts/keytoc.c
index 074af6f0b44017572cc43be3ef559abd9fec1da3..9d6ec376c124f36e1f07f3e198bb245cfa033cd0 100644
--- a/scripts/keytoc.c
+++ b/scripts/keytoc.c
@@ -529,14 +529,14 @@ static int gen_key_ecdsa(EVP_PKEY *key, const char *key_name, const char *key_na
 
 		fprintf(outfilep, "\n};\n\n");
 
-		fprintf(outfilep, "\nstatic uint64_t %s_x[] = {", key_name_c);
+		fprintf(outfilep, "\nstatic const uint64_t %s_x[] = {", key_name_c);
 		ret = print_bignum(key_x, bits, 64);
 		if (ret)
 			return ret;
 
 		fprintf(outfilep, "\n};\n\n");
 
-		fprintf(outfilep, "static uint64_t %s_y[] = {", key_name_c);
+		fprintf(outfilep, "static const uint64_t %s_y[] = {", key_name_c);
 		ret = print_bignum(key_y, bits, 64);
 		if (ret)
 			return ret;
@@ -627,14 +627,14 @@ static int gen_key_rsa(EVP_PKEY *key, const char *key_name, const char *key_name
 
 		fprintf(outfilep, "\n};\n\n");
 
-		fprintf(outfilep, "\nstatic uint32_t %s_modulus[] = {", key_name_c);
+		fprintf(outfilep, "\nstatic const uint32_t %s_modulus[] = {", key_name_c);
 		ret = print_bignum(modulus, bits, 32);
 		if (ret)
 			return ret;
 
 		fprintf(outfilep, "\n};\n\n");
 
-		fprintf(outfilep, "static uint32_t %s_rr[] = {", key_name_c);
+		fprintf(outfilep, "static const uint32_t %s_rr[] = {", key_name_c);
 		ret = print_bignum(r_squared, bits, 32);
 		if (ret)
 			return ret;

-- 
2.47.3