restore `global-context-less-secure` feature

This commit is contained in:
Andrew Poelstra 2022-02-16 23:46:52 +00:00
parent ef59aea888
commit 2a25e5eae8
2 changed files with 8 additions and 1 deletions

View File

@ -27,6 +27,13 @@ rand-std = ["rand/std"]
recovery = ["secp256k1-sys/recovery"] recovery = ["secp256k1-sys/recovery"]
lowmemory = ["secp256k1-sys/lowmemory"] lowmemory = ["secp256k1-sys/lowmemory"]
global-context = ["std"] global-context = ["std"]
# disable re-randomization of the global context, which provides some
# defense-in-depth against sidechannel attacks. You should only use
# this feature if you expect the `rand` crate's thread_rng to panic.
# (If you are sure the `rand-std` feature will not be enabled, e.g.
# if you are doing a no-std build, then this feature does nothing
# and is not necessary.)
global-context-less-secure = []
[dependencies] [dependencies]
secp256k1-sys = { version = "0.4.2", default-features = false, path = "./secp256k1-sys" } secp256k1-sys = { version = "0.4.2", default-features = false, path = "./secp256k1-sys" }

View File

@ -48,7 +48,7 @@ pub mod global {
static mut CONTEXT: Option<Secp256k1<All>> = None; static mut CONTEXT: Option<Secp256k1<All>> = None;
ONCE.call_once(|| unsafe { ONCE.call_once(|| unsafe {
let mut ctx = Secp256k1::new(); let mut ctx = Secp256k1::new();
#[cfg(feature = "rand-std")] #[cfg(all(feature = "rand-std", not(feature = "global-context-less-secure")))]
{ {
ctx.randomize(&mut rand::thread_rng()); ctx.randomize(&mut rand::thread_rng());
} }