servers: restore constant time for absent queue/wrong key (regression in 6.4-beta.9) (#1567)

src/Simplex/Messaging/Server.hs

@@ -1272,8 +1272,8 @@ verifyCmdAuth thAuth k authenticator authorized (CorrId corrId) = case thAuth of
   Just THAuthServer {serverPrivKey = pk} -> C.cbVerify k pk (C.cbNonce corrId) authenticator authorized
   Nothing -> False
 
-dummyVerifyCmd :: Maybe (THandleAuth 'TServer) -> Maybe TAuthorizations -> ByteString -> CorrId -> Maybe Bool
-dummyVerifyCmd thAuth tAuth authorized corrId = verify <$> tAuth
+dummyVerifyCmd :: Maybe (THandleAuth 'TServer) -> Maybe TAuthorizations -> ByteString -> CorrId -> Bool
+dummyVerifyCmd thAuth tAuth authorized corrId = maybe False verify tAuth
   where
     verify = \case
       (TASignature (C.ASignature a s), _) -> C.verify' (dummySignKey a) s authorized

tests/ServerTests.hs

@@ -939,7 +939,7 @@ testTiming =
       ]
     timeRepeat n = fmap fst . timeItT . forM_ (replicate n ()) . const
     similarTime t1 t2
-      | t1 <= t2 = abs (1 - t1 / t2) < 0.35 -- normally the difference between "no queue" and "wrong key" is less than 5%
+      | t1 <= t2 = abs (1 - t1 / t2) < 0.3 -- normally the difference between "no queue" and "wrong key" is less than 5%
       | otherwise = similarTime t2 t1
     testSameTiming :: forall c. Transport c => THandleSMP c 'TClient -> THandleSMP c 'TClient -> (C.AuthAlg, C.AuthAlg, Int) -> Expectation
     testSameTiming rh sh (C.AuthAlg goodKeyAlg, C.AuthAlg badKeyAlg, n) = do