mirage-crypto-ec: move API to string (instead of cstruct)

[hannesm]

No description provided.

[hannesm]

note it may be useful to be able to pass a ?off in here (but that may as well be premature optimization) -- eventually you receive in some data stream the public you want to use in key_exchange, and with the revised API you always need to copy it out and create a fresh string. I'm rather undecided about that.

[hannesm]

Asking @reynir @Firobe @dinosaure @palainp about opinions? I get some (10% - 20%) speedup for EC operations on my laptop with this.

[palainp]

Thank you @hannesm . I'm away from my computer for some days, but I'm in favor of that patch esp. as an improvement is observed :)

[reynir]

On a Intel(R) Core(TM) i7-9700F CPU @ 3.00GHz I don't see any significant speedup (maybe <1% speedup). I'm unsure why not. Maybe it's the CPU architecture. On the other hand I don't observe a slowdown!

I'm in favor of this PR at least for the new interface.

[hannesm]

it's not 10%, but here:

main branch (61721c2):

• [ecdsa-sign]
  P256: 7541.426 ops per second (81300 iters in 10.780)
  P384: 3121.375 ops per second (29994 iters in 9.609)
  P521: 443.783 ops per second (4373 iters in 9.854)
  Ed25519: 10687.773 ops per second (103734 iters in 9.706)

• [ecdsa-verify]
  P256: 1267.141 ops per second (14961 iters in 11.807)
  P384: 544.710 ops per second (5587 iters in 10.257)
  P521: 217.304 ops per second (2211 iters in 10.175)
  Ed25519: 7964.725 ops per second (79113 iters in 9.933)

• [ecdh-share]
  P256: 1759.999 ops per second (17793 iters in 10.110)
  P384: 663.540 ops per second (6988 iters in 10.531)
  P521: 238.729 ops per second (2773 iters in 11.616)
  X25519: 12318.587 ops per second (123762 iters in 10.047)

this PR (ff2b4d4):

• [ecdsa-sign]
  P256: 7600.079 ops per second (79239 iters in 10.426)
  P384: 3198.844 ops per second (31426 iters in 9.824)
  P521: 434.125 ops per second (4339 iters in 9.995)
  Ed25519: 11074.989 ops per second (109170 iters in 9.857)

• [ecdsa-verify]
  P256: 1502.747 ops per second (14318 iters in 9.528)
  P384: 552.742 ops per second (5490 iters in 9.932)
  P521: 215.123 ops per second (2249 iters in 10.454)
  Ed25519: 8069.081 ops per second (85178 iters in 10.556)

• [ecdh-share]
  P256: 1876.072 ops per second (17458 iters in 9.306)
  P384: 694.453 ops per second (6801 iters in 9.793)
  P521: 267.895 ops per second (2816 iters in 10.512)
  X25519: 12567.524 ops per second (142045 iters in 11.303)

so, likely it is noise in the end. but I prefer the interface over the cstruct one ;)