On Sun, Nov 20, 2022 at 01:53:53AM +0100, Jason A. Donenfeld wrote: > shouldn't fork or something, but that seems disappointing. Or more state > could be allocated in the zeroing region, to hold a chacha state, so > another 64 bytes, which would be sort of unfortunate. Or something else? > I'd be interested to hear your impression of this quandary. Another 128 bytes, actually. And the current chacha in there isn't cleaning up its stack as one might hope. So maybe the cleanest solution would be to just bite the bullet and allocate another 128 bytes per state and make a mini chacha that operates over that? (And I guess hope it doesn't need to spill and such...) Jason
