Use LowStar.ConstBuffer, all the way up to the top-level EverCrypt APIs

[niekbouman]

Hi,

When using the Evercrypt C API, I noticed that the API could slightly be improved by adding the keyword const at various places.

For example, the function prototype:

EverCrypt_Error_error_code
EverCrypt_CTR_create_in(
  Spec_Agile_Cipher_cipher_alg a,
  EverCrypt_CTR_state_s **dst,
  uint8_t *k,
  uint8_t *iv,
  uint32_t iv_len,
  uint32_t c
);

could be adapted to:

EverCrypt_Error_error_code
EverCrypt_CTR_create_in(
  Spec_Agile_Cipher_cipher_alg a,
  EverCrypt_CTR_state_s **dst,
  const uint8_t *k,
  const uint8_t *iv,
  uint32_t iv_len,
  uint32_t c
);

Would you agree, or is there a specific reason for not using const at those places?

Kind regards,
Niek

And last but not least: thank you all for doing this great work and contributing it as open source!

[msprotz]

Hi Niek,

Absolutely agreed, it's just a matter of "upgrading" a bunch of code to use the (somewhat recent) const pointer abstraction that until recently was not available in our modeling of C. I'll leave this issue open so that we can post updates if we upgrade some code to rely on const more.

Thanks,

Jonathan

[niekbouman]

Cool 👍