Commit d5af86a80b for openssl.org
commit d5af86a80bfdd1c327d6df135e13052d20795b9e
Author: Caolán McNamara <caolanm@gmail.com>
Date: Wed Sep 17 19:17:53 2025 +0100
const up various low hanging things
to move these symbols out of the .data section
remaining list approx-sorted by size with:
objdump -t libcrypto.so libssl.so | grep -v \\.data.rel.ro | grep \\.data | sort -r -k 4
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28588)
diff --git a/apps/ca.c b/apps/ca.c
index a356b53b72..3a5689ce5b 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2315,7 +2315,7 @@ int do_updatedb(CA_DB *db, time_t *now)
return cnt;
}
-static const char *crl_reasons[] = {
+static const char *const crl_reasons[] = {
/* CRL reason strings */
"unspecified",
"keyCompromise",
diff --git a/crypto/asn1/standard_methods.h b/crypto/asn1/standard_methods.h
index 639cb75b7d..8b3d068de7 100644
--- a/crypto/asn1/standard_methods.h
+++ b/crypto/asn1/standard_methods.h
@@ -13,7 +13,7 @@
* represents (corresponding to the pkey_id field) as OBJ_bsearch
* is used to search it.
*/
-static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
+static const EVP_PKEY_ASN1_METHOD *const standard_methods[] = {
&ossl_rsa_asn1_meths[0],
&ossl_rsa_asn1_meths[1],
#ifndef OPENSSL_NO_DH
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index 3c9c9d84ca..4e3a4c8ad2 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -65,7 +65,7 @@ OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg)
const char *ossl_cmp_bodytype_to_string(int type)
{
- static const char *type_names[] = {
+ static const char *const type_names[] = {
"IR", "IP", "CR", "CP", "P10CR",
"POPDECC", "POPDECR", "KUR", "KUP",
"KRR", "KRP", "RR", "RP", "CCR", "CCP",
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 59b26d7369..a7c6930162 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -39,7 +39,7 @@ static int dsa_finish(DSA *dsa);
static BIGNUM *dsa_mod_inverse_fermat(const BIGNUM *k, const BIGNUM *q,
BN_CTX *ctx);
-static DSA_METHOD openssl_dsa_meth = {
+static const DSA_METHOD openssl_dsa_meth = {
"OpenSSL DSA method",
dsa_do_sign,
dsa_sign_setup_no_digest,
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 63a1bf192a..a127988a0d 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -86,7 +86,7 @@ static const ERR_STRING_DATA ERR_str_libraries[] = {
* Should make sure that all ERR_R_ reasons defined in include/openssl/err.h.in
* are listed. For maintainability, please keep all reasons in the same order.
*/
-static ERR_STRING_DATA ERR_str_reasons[] = {
+static const ERR_STRING_DATA ERR_str_reasons[] = {
{ERR_R_SYS_LIB, "system lib"},
{ERR_R_BN_LIB, "BN lib"},
{ERR_R_RSA_LIB, "RSA lib"},
diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
index a06e9a6682..03bf63b502 100644
--- a/crypto/evp/e_chacha20_poly1305.c
+++ b/crypto/evp/e_chacha20_poly1305.c
@@ -609,7 +609,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
}
}
-static EVP_CIPHER chacha20_poly1305 = {
+static const EVP_CIPHER chacha20_poly1305 = {
NID_chacha20_poly1305,
1, /* block_size */
CHACHA_KEY_SIZE, /* key_len */
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index 4ea382815c..ec7dd02ce5 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -246,7 +246,7 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
}
}
-static EVP_CIPHER r4_hmac_md5_cipher = {
+static const EVP_CIPHER r4_hmac_md5_cipher = {
# ifdef NID_rc4_hmac_md5
NID_rc4_hmac_md5,
# else
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index 90ad0f53fa..acebee9145 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -43,7 +43,7 @@ static int rsa_ossl_finish(RSA *rsa);
#ifdef S390X_MOD_EXP
static int rsa_ossl_s390x_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
BN_CTX *ctx);
-static RSA_METHOD rsa_pkcs1_ossl_meth = {
+static const RSA_METHOD rsa_pkcs1_ossl_meth = {
"OpenSSL PKCS#1 RSA",
rsa_ossl_public_encrypt,
rsa_ossl_public_decrypt, /* signature verification */
@@ -61,7 +61,7 @@ static RSA_METHOD rsa_pkcs1_ossl_meth = {
NULL /* rsa_multi_prime_keygen */
};
#else
-static RSA_METHOD rsa_pkcs1_ossl_meth = {
+static const RSA_METHOD rsa_pkcs1_ossl_meth = {
"OpenSSL PKCS#1 RSA",
rsa_ossl_public_encrypt,
rsa_ossl_public_decrypt, /* signature verification */
diff --git a/crypto/sm4/sm4.c b/crypto/sm4/sm4.c
index 194ef7e4bb..d1881b7c7e 100644
--- a/crypto/sm4/sm4.c
+++ b/crypto/sm4/sm4.c
@@ -85,7 +85,7 @@ static const uint32_t SM4_SBOX_T0[256] = {
0x794C3535, 0xA0208080, 0x9D78E5E5, 0x56EDBBBB, 0x235E7D7D, 0xC63EF8F8,
0x8BD45F5F, 0xE7C82F2F, 0xDD39E4E4, 0x68492121 };
-static uint32_t SM4_SBOX_T1[256] = {
+static const uint32_t SM4_SBOX_T1[256] = {
0x5B8ED55B, 0x42D09242, 0xA74DEAA7, 0xFB06FDFB, 0x33FCCF33, 0x8765E287,
0xF4C93DF4, 0xDE6BB5DE, 0x584E1658, 0xDA6EB4DA, 0x50441450, 0x0BCAC10B,
0xA08828A0, 0xEF17F8EF, 0xB09C2CB0, 0x14110514, 0xAC872BAC, 0x9DFB669D,
@@ -130,7 +130,7 @@ static uint32_t SM4_SBOX_T1[256] = {
0x35794C35, 0x80A02080, 0xE59D78E5, 0xBB56EDBB, 0x7D235E7D, 0xF8C63EF8,
0x5F8BD45F, 0x2FE7C82F, 0xE4DD39E4, 0x21684921};
-static uint32_t SM4_SBOX_T2[256] = {
+static const uint32_t SM4_SBOX_T2[256] = {
0x5B5B8ED5, 0x4242D092, 0xA7A74DEA, 0xFBFB06FD, 0x3333FCCF, 0x878765E2,
0xF4F4C93D, 0xDEDE6BB5, 0x58584E16, 0xDADA6EB4, 0x50504414, 0x0B0BCAC1,
0xA0A08828, 0xEFEF17F8, 0xB0B09C2C, 0x14141105, 0xACAC872B, 0x9D9DFB66,
@@ -175,7 +175,7 @@ static uint32_t SM4_SBOX_T2[256] = {
0x3535794C, 0x8080A020, 0xE5E59D78, 0xBBBB56ED, 0x7D7D235E, 0xF8F8C63E,
0x5F5F8BD4, 0x2F2FE7C8, 0xE4E4DD39, 0x21216849};
-static uint32_t SM4_SBOX_T3[256] = {
+static const uint32_t SM4_SBOX_T3[256] = {
0xD55B5B8E, 0x924242D0, 0xEAA7A74D, 0xFDFBFB06, 0xCF3333FC, 0xE2878765,
0x3DF4F4C9, 0xB5DEDE6B, 0x1658584E, 0xB4DADA6E, 0x14505044, 0xC10B0BCA,
0x28A0A088, 0xF8EFEF17, 0x2CB0B09C, 0x05141411, 0x2BACAC87, 0x669D9DFB,
diff --git a/crypto/ts/ts_rsp_print.c b/crypto/ts/ts_rsp_print.c
index ca2d8a6dc1..c002239905 100644
--- a/crypto/ts/ts_rsp_print.c
+++ b/crypto/ts/ts_rsp_print.c
@@ -41,7 +41,7 @@ int TS_RESP_print_bio(BIO *bio, TS_RESP *a)
int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a)
{
- static const char *status_map[] = {
+ static const char *const status_map[] = {
"Granted.",
"Granted with modifications.",
"Rejected.",
diff --git a/crypto/x509/standard_exts.h b/crypto/x509/standard_exts.h
index 7449fb0ff6..aef70c2598 100644
--- a/crypto/x509/standard_exts.h
+++ b/crypto/x509/standard_exts.h
@@ -12,7 +12,7 @@
* of the ext_nid values.
*/
-static const X509V3_EXT_METHOD *standard_exts[] = {
+static const X509V3_EXT_METHOD *const standard_exts[] = {
&ossl_v3_nscert,
&ossl_v3_ns_ia5_list[0],
&ossl_v3_ns_ia5_list[1],
diff --git a/crypto/x509/v3_timespec.c b/crypto/x509/v3_timespec.c
index 30f6590826..a9cda1f9ba 100644
--- a/crypto/x509/v3_timespec.c
+++ b/crypto/x509/v3_timespec.c
@@ -13,7 +13,7 @@
#include <crypto/asn1.h>
#include "ext_dat.h"
-static const char *WEEKDAY_NAMES[7] = {
+static const char *const WEEKDAY_NAMES[7] = {
"SUN",
"MON",
"TUE",
@@ -23,7 +23,7 @@ static const char *WEEKDAY_NAMES[7] = {
"SAT"
};
-static const char *WEEK_NAMES[5] = {
+static const char *const WEEK_NAMES[5] = {
"first",
"second",
"third",
@@ -31,7 +31,7 @@ static const char *WEEK_NAMES[5] = {
"final"
};
-static const char *MONTH_NAMES[12] = {
+static const char *const MONTH_NAMES[12] = {
"JAN",
"FEB",
"MAR",
diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c
index 5eba9fff39..9c963b180c 100644
--- a/providers/implementations/encode_decode/decode_pem2der.c
+++ b/providers/implementations/encode_decode/decode_pem2der.c
@@ -129,7 +129,7 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
* PEM names we recognise. Other PEM names should be recognised by
* other decoder implementations.
*/
- static struct pem_name_map_st {
+ static const struct pem_name_map_st {
const char *pem_name;
int object_type;
const char *data_type;
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c
index 9e96dffd2c..89571bb4fc 100644
--- a/providers/implementations/keymgmt/ec_kmgmt.c
+++ b/providers/implementations/keymgmt/ec_kmgmt.c
@@ -1224,7 +1224,7 @@ err:
static const OSSL_PARAM *ec_gen_settable_params(ossl_unused void *genctx,
ossl_unused void *provctx)
{
- static OSSL_PARAM settable[] = {
+ static const OSSL_PARAM settable[] = {
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0),
OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL),
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, NULL, 0),
diff --git a/providers/implementations/keymgmt/ec_kmgmt_imexport.inc b/providers/implementations/keymgmt/ec_kmgmt_imexport.inc
index b142e0df0c..b242fd17ee 100644
--- a/providers/implementations/keymgmt/ec_kmgmt_imexport.inc
+++ b/providers/implementations/keymgmt/ec_kmgmt_imexport.inc
@@ -89,7 +89,7 @@ static const OSSL_PARAM ec_all_types[] = {
OSSL_PARAM_END
};
-static const OSSL_PARAM *ec_types[] = {
+static const OSSL_PARAM *const ec_types[] = {
NULL,
ec_private_key_types,
ec_public_key_types,
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
index 31d65586af..e2dbe78c0b 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -579,7 +579,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[])
static const OSSL_PARAM *rsa_gen_settable_params(ossl_unused void *genctx,
ossl_unused void *provctx)
{
- static OSSL_PARAM settable[] = {
+ static const OSSL_PARAM settable[] = {
rsa_gen_basic,
OSSL_PARAM_END
};
@@ -590,7 +590,7 @@ static const OSSL_PARAM *rsa_gen_settable_params(ossl_unused void *genctx,
static const OSSL_PARAM *rsapss_gen_settable_params(ossl_unused void *genctx,
ossl_unused void *provctx)
{
- static OSSL_PARAM settable[] = {
+ static const OSSL_PARAM settable[] = {
rsa_gen_basic,
rsa_gen_pss,
OSSL_PARAM_END
diff --git a/test/asn1_internal_test.c b/test/asn1_internal_test.c
index 55bc92cb64..5b65402905 100644
--- a/test/asn1_internal_test.c
+++ b/test/asn1_internal_test.c
@@ -71,7 +71,7 @@ static int test_tbl_standard(void)
static int test_standard_methods(void)
{
- const EVP_PKEY_ASN1_METHOD **tmp;
+ const EVP_PKEY_ASN1_METHOD * const *tmp;
int last_pkey_id = -1;
size_t i;
int ok = 1;
diff --git a/test/x509_internal_test.c b/test/x509_internal_test.c
index e36c3a6aeb..f5e5fb6808 100644
--- a/test/x509_internal_test.c
+++ b/test/x509_internal_test.c
@@ -32,7 +32,7 @@ static int test_standard_exts(void)
{
size_t i;
int prev = -1, good = 1;
- const X509V3_EXT_METHOD **tmp;
+ const X509V3_EXT_METHOD * const *tmp;
tmp = standard_exts;
for (i = 0; i < OSSL_NELEM(standard_exts); i++, tmp++) {