Investigation shows erratic behaviour of the CSPRNG. It may block at times
because it needs to go to the kernel and obtain more random information in
the system. Once this happens, you are blocked for quite a long time, but
we don't generally know when this happens. So just execute these directly
on the dirty scheduler.
* Introduce enacl:verify/0 to verify the integrity of the library.
* Always run keypair functions on the dirty schedulers.
* Do not call NIFs when creating zerobytes. Avoid constructing new binary data, but reuse a constant.
* The box/box_open and box_seal/box_seal_open API is so expensive to call there is little overhead in
running it on the DS always.
* Call the functions `box_seal` and `box_seal_open` to match the libsodium names in module `enacl`.
* Fix a bug in the C NIF: We should fail if the input is `<` SEALBYTES but not on `<=` SEALBYTES. The latter made it impossible to encode empty messages.
* Add variants which run directly on the interpreter scheduler for small messages.
Also:
* Provide full EQC functions for the testing purposes. This generated around 13000 random test cases in a 5 minute run, all passing.# Please enter the commit message for your changes. Lines starting
Provide non-dirty-scheduler variants for small strings, accurately bump
reductions for these strings.
While here, provide EQC test cases for the two functions.
* Generalize binary generation because it is used again and again.
* Use generalized binary generation in the hash functions since they are much faster as generators.
This is not like the `crypto` subsystem, where a runner is needed to keep the
crypto system up and running. Rather, we can run without an application runner.
Negative testing means we inject faulty data into the test now and then. When this happens, we make sure the SUT will
return some kind of badarg error for bad arguments. This means we should make sure things actually work out as they should.
As a side-effect, this can also be used to test for memory leaks. If run for a while, it makes sure there are no leaks in the code base,
and it probably also makes sure there are no ways to crash the server by any means of use of these NIFs. As such, it looks like the
NIFs are fairly stable.
