Why does ECDSAsign change a const parameter?

KWagn.1 · ‎2021-06-25

Hello,

the cryptolib offers the function ECDSAsign. In the ecc.h it is declared as

  int32_t ECDSAsign(const uint8_t         *P_pDigest,
                    int32_t                P_digestSize,
                    const ECDSAsignature_stt *P_pSignature,
                    const ECDSAsignCtx_stt *P_pSignCtx,
                    membuf_stt *P_pMemBuf);

Testing shows that P_pSignature gets changed when ECDSAsign is invoked. That is compliant with the documentation (UM1924, Rev 7, page 138, table 138). I thought const parameters may not be changed by a function. Why is the parameter set as const?

Best regards

TDK · ‎2021-06-25

Read parameters from right to left.

const ECDSAsignature_stt *P_pSignature -> P_pSignature is a pointer to a ECDSAsignature_stt which is constant.

That means the pointer itself is not constant and can change, but the thing it points to is constant.

If you feel a post has answered your question, please click "Accept as Solution".

View solution in original post

TDK · ‎2021-06-25

Read parameters from right to left.

const ECDSAsignature_stt *P_pSignature -> P_pSignature is a pointer to a ECDSAsignature_stt which is constant.

That means the pointer itself is not constant and can change, but the thing it points to is constant.

If you feel a post has answered your question, please click "Accept as Solution".

KWagn.1 · ‎2021-06-28

I am not sure if I get your answer correctly but I interpret it like this: since P_pSignature pointer to a const ECDSAsignature_stt structure, the struct pointed to won't change. When then function ECDSAsign is invoked I can see that for example P_pSignature->pmR->mNumDigits, P_pSignature->pmR->mSignFlag and P_pSignature->pmS->mNumDigits change. In this context the keyword const ensures that the pointers P_pSignature->pmR and P_pSignature->pmS cannot change, right? Everything regarding the structures pointed to by pmR and pmS goes beyond the influence of const then. Do you know or can you assume why the keyword was chosen though? As you can tell it seemed a little bit misleading.

// in ecc.h
  typedef struct
  {
    /** R */
    BigNum_stt *pmR ;  /*!< pointer to paramter R*/
    /** S */
    BigNum_stt *pmS ; /*!< pointer to paramter S*/
  }
  ECDSAsignature_stt;
 
// in bn.h
  typedef struct
  {
    uint32_t *pmDigit;    /*!<  Used to represent the BigNum_stt * integer value; pmDigit[0] = least significant word. */
    uint16_t mNumDigits;  /*!<  Number of significant words of the vector pmDigit used to represent the actual value. */
    uint8_t mSize;        /*!<  Number of words allocated for the integer */
    int8_t mSignFlag;     /*!<  Is the integer mSignFlag: SIGN_POSITIVE positive, SIGN_NEGATIVE negative. */
  }
  BigNum_stt;

TDK · ‎2021-06-28

> since P_pSignature pointer to a const ECDSAsignature_stt structure, the struct pointed to won't change. When then function ECDSAsign is invoked I can see that for example P_pSignature->pmR->mNumDigits, P_pSignature->pmR->mSignFlag and P_pSignature->pmS->mNumDigits change. In this context the keyword const ensures that the pointers P_pSignature->pmR and P_pSignature->pmS cannot change, right? Everything regarding the structures pointed to by pmR and pmS goes beyond the influence of const then.

You got it. In this case, pmS and pmR would also be constant pointers (to non-const data).

> Do you know or can you assume why the keyword was chosen though?

Const is a function promise. If the function doesn't modify anything, there is no functional drawback to calling it const. You can still pass a non-const argument if you so choose.

If you feel a post has answered your question, please click "Accept as Solution".