clarify the safety of core::hint::black_box #243
Labels
client-security
Security of the Rust Rosenpass implementation
maintenance
Part of maintenance activities
The project uses Rust's
core::hint::black_box
inconstant-time/src/lib.rs
(and also inrosenpass/benches/handshake.rs
).The function's documentation (v.s.) says:
For a non-cryptographer like me who just skims the source code, this is of course alarming. A comment in the code explaining why this usage of
black_box
is safe nevertheless (assuming it is) would help the reader a lot.The text was updated successfully, but these errors were encountered: