Before this change, the patch release was left open. This patch
pinpoints it exactly, down to the patch release.
Signed-off-by: wucke13 <wucke13+github@gmail.com>
Supplying different memory locations to the memcmp function
in the test is not constant time; this was an issue wit
the test and not with memcmp itself.
The issue mainly showed up in the Release build where the
correlation coefficient was in the ballpark of just below
-0.01 with enough variance to sometimes but not usually fail
the test. The precise reason for this is unknown but some
optimization applied in the release build is most likely the
culprit.
This should increase the stability of our CI which occasionally
was flaky.
The compare function should do a little-endian comparision, therefore
copy the code from quinier/memsec and don't revert the loop, tada, le.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This finishes the last step of removing sodium.rs from the rosenpass crate
itself and also removes the NOTHING and NONCE0 constants.
Hashing functions now use destination parameters;
rosenpass_constant_time::xor now does too.
