* 'main' of https://github.com/digital-phoenix/rosenpass: (46 commits)
fix: remove OSFONTDIR var from whitepaper build
feat: Add fuzzing for libsodium allocator
fix: Guaranteed results typo
feat: Move lenses into library
chore: Move kems out of rosenpass crate
feat: Add an internal library for guaranteed results
fix output of authorlist to support unlimited authors
chore: Upgrade dependencies
feat: Use the rand crate for random values instead of sodium
feat: Move prftree into ciphers crate
chore: Shorten fuzzing runtime to make sure the CI finishes quickly
feat: Wrap sodium_malloc as a custom allocator
feat: Use the zeroize crate for zeroization
chore: Move rest of coloring.rs into secret-memory crate
chore: Move Public and debug_crypto_array into secret-memory crate
Added example for additional PSK
#172 removed exchange_command
Added indications that file paths are used
Added indication that exchange_command is not used
added WireGuard config example to gen-config
...
- Use a new nomenclature for these functions based on the idea of a hash
domain (as in domain separation); this makes much more sence
- Remove the ciphers::hash export; we did not even export a hash
function in the purest sence of the word. This gets us around the
difficulty of figuring out what we should call the underlying
primitive
This finishes the last step of removing sodium.rs from the rosenpass crate
itself and also removes the NOTHING and NONCE0 constants.
Hashing functions now use destination parameters;
rosenpass_constant_time::xor now does too.
When fuzzing we are interested in what happens inside the target function
not necessarily what it returns. Functions returning errors with bogus
input in generally desired behaviour.
These targets can be used with rust nightly and cargo-fuzz to fuzz
several bits of Rosenpass's API. Fuzzing is an automated way of
exploring code paths that may not be hit in unit tests or normal
operation. For example the `handle_msg` target exposed the DoS condition
fixed in 0.2.1.
The other targets focus on the FFI with libsodium and liboqs.
Co-authored-by: Karolin Varner <karo@cupdev.net>
