milksad
/
rust-secp256k1-unsafe-fast
14
0
Fork 0
Code Issues Pull Requests Activity

Remove feature global-context-less-secure 

Instead of providing a mechanism for users to opt out of randomization
we can just feature gate the call site i.e., opportunistically randomize
the global context on creation if `rand-std` feature is enabled.
This commit is contained in:
Tobin Harding 2022-02-01 15:43:46 +11:00
parent 7a3736a0f9
commit a0465ea279
4 changed files with 23 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Cargo.toml
View File

@ -26,8 +26,7 @@ alloc = []
rand-std = ["rand/std"] rand-std = ["rand/std"]
recovery = ["secp256k1-sys/recovery"] recovery = ["secp256k1-sys/recovery"]
lowmemory = ["secp256k1-sys/lowmemory"] lowmemory = ["secp256k1-sys/lowmemory"]
global-context = ["std", "rand-std", "global-context-less-secure"] global-context = ["std"]
global-context-less-secure = []
[dependencies] [dependencies]
secp256k1-sys = { version = "0.4.2", default-features = false, path = "./secp256k1-sys" } secp256k1-sys = { version = "0.4.2", default-features = false, path = "./secp256k1-sys" }

23
src/context.rs
View File

@ -9,11 +9,11 @@ use Secp256k1;
#[cfg_attr(docsrs, doc(cfg(any(feature = "std", feature = "alloc"))))] #[cfg_attr(docsrs, doc(cfg(any(feature = "std", feature = "alloc"))))]
pub use self::alloc_only::*; pub use self::alloc_only::*;
#[cfg(all(feature = "global-context-less-secure", feature = "std"))] #[cfg(all(feature = "global-context", feature = "std"))]
#[cfg_attr(docsrs, doc(cfg(any(feature = "global-context", feature = "global-context-less-secure"))))] #[cfg_attr(docsrs, doc(cfg(all(feature = "global-context", feature = "std"))))]
/// Module implementing a singleton pattern for a global `Secp256k1` context /// Module implementing a singleton pattern for a global `Secp256k1` context
pub mod global { pub mod global {
#[cfg(feature = "global-context")] #[cfg(feature = "rand-std")]
use rand; use rand;
use std::ops::Deref; use std::ops::Deref;
@ -26,22 +26,29 @@ pub mod global {
__private: (), __private: (),
} }
/// A global, static context to avoid repeatedly creating contexts where one can't be passed /// A global static context to avoid repeatedly creating contexts.
/// ///
/// If the global-context feature is enabled (and not just the global-context-less-secure), /// If `rand-std` feature is enabled, context will have been randomized using `thread_rng`.
/// this will have been randomized. ///
/// ```
/// # #[cfg(all(feature = "global-context", feature = "rand-std"))] {
/// use secp256k1::{PublicKey, SECP256K1};
/// use secp256k1::rand::thread_rng;
/// let _ = SECP256K1.generate_keypair(&mut thread_rng());
/// # }
/// ```
pub static SECP256K1: &GlobalContext = &GlobalContext { __private: () }; pub static SECP256K1: &GlobalContext = &GlobalContext { __private: () };
impl Deref for GlobalContext { impl Deref for GlobalContext {
type Target = Secp256k1<All>; type Target = Secp256k1<All>;
#[allow(unused_mut)] // Unused when "global-context" is not enabled. #[allow(unused_mut)] // Unused when `rand-std` is not enabled.
fn deref(&self) -> &Self::Target { fn deref(&self) -> &Self::Target {
static ONCE: Once = Once::new(); static ONCE: Once = Once::new();
static mut CONTEXT: Option<Secp256k1<All>> = None; static mut CONTEXT: Option<Secp256k1<All>> = None;
ONCE.call_once(|| unsafe { ONCE.call_once(|| unsafe {
let mut ctx = Secp256k1::new(); let mut ctx = Secp256k1::new();
#[cfg(feature = "global-context")] #[cfg(feature = "rand-std")]
{ {
ctx.randomize(&mut rand::thread_rng()); ctx.randomize(&mut rand::thread_rng());
} }

6
src/key.rs
View File

@ -641,7 +641,7 @@ impl Ord for PublicKey {
/// feature active. This is due to security considerations, see the [`serde_keypair`] documentation /// feature active. This is due to security considerations, see the [`serde_keypair`] documentation
/// for details. /// for details.
/// ///
/// If the `serde` and `global-context[-less-secure]` features are active `KeyPair`s can be serialized and /// If the `serde` and `global-context` features are active `KeyPair`s can be serialized and
/// deserialized by annotating them with `#[serde(with = "secp256k1::serde_keypair")]` /// deserialized by annotating them with `#[serde(with = "secp256k1::serde_keypair")]`
/// inside structs or enums for which [`Serialize`] and [`Deserialize`] are being derived. /// inside structs or enums for which [`Serialize`] and [`Deserialize`] are being derived.
/// ///
@ -1320,7 +1320,7 @@ impl<'de> ::serde::Deserialize<'de> for XOnlyPublicKey {
/// ///
/// [`SecretKey`]: crate::SecretKey /// [`SecretKey`]: crate::SecretKey
/// [global context]: crate::SECP256K1 /// [global context]: crate::SECP256K1
#[cfg(all(feature = "global-context-less-secure", feature = "serde"))] #[cfg(all(feature = "global-context", feature = "serde"))]
pub mod serde_keypair { pub mod serde_keypair {
use serde::{Deserialize, Deserializer, Serialize, Serializer}; use serde::{Deserialize, Deserializer, Serialize, Serializer};
use key::KeyPair; use key::KeyPair;
@ -1924,7 +1924,7 @@ mod test {
} }
#[test] #[test]
#[cfg(all(feature = "global-context-less-secure", feature = "serde"))] #[cfg(all(feature = "global-context", feature = "serde"))]
fn test_serde_keypair() { fn test_serde_keypair() {
use serde::{Deserialize, Deserializer, Serialize, Serializer}; use serde::{Deserialize, Deserializer, Serialize, Serializer};
use serde_test::{Configure, Token, assert_tokens}; use serde_test::{Configure, Token, assert_tokens};

10
src/lib.rs
View File

@ -125,9 +125,7 @@
//! * `rand-std` - use `rand` library with its `std` feature enabled. (Implies `rand`.) //! * `rand-std` - use `rand` library with its `std` feature enabled. (Implies `rand`.)
//! * `recovery` - enable functions that can compute the public key from signature. //! * `recovery` - enable functions that can compute the public key from signature.
//! * `lowmemory` - optimize the library for low-memory environments. //! * `lowmemory` - optimize the library for low-memory environments.
//! * `global-context` - enable use of global secp256k1 context. (Implies `std`, `rand-std` and //! * `global-context` - enable use of global secp256k1 context (implies `std`).
//! `global-context-less-secure`.)
//! * `global-context-less-secure` - enables global context without extra sidechannel protection.
//! * `serde` - implements serialization and deserialization for types in this crate using `serde`. //! * `serde` - implements serialization and deserialization for types in this crate using `serde`.
//! **Important**: `serde` encoding is **not** the same as consensus encoding! //! **Important**: `serde` encoding is **not** the same as consensus encoding!
//! * `bitcoin_hashes` - enables interaction with the `bitcoin-hashes` crate (e.g. conversions). //! * `bitcoin_hashes` - enables interaction with the `bitcoin-hashes` crate (e.g. conversions).
@ -195,8 +193,8 @@ use core::marker::PhantomData;
use core::{mem, fmt, str}; use core::{mem, fmt, str};
use ffi::{CPtr, types::AlignedType}; use ffi::{CPtr, types::AlignedType};
#[cfg(feature = "global-context-less-secure")] #[cfg(feature = "global-context")]
#[cfg_attr(docsrs, doc(cfg(any(feature = "global-context", feature = "global-context-less-secure"))))] #[cfg_attr(docsrs, doc(cfg(any(feature = "global-context", feature = "global-context"))))]
pub use context::global::SECP256K1; pub use context::global::SECP256K1;
#[cfg(feature = "bitcoin_hashes")] #[cfg(feature = "bitcoin_hashes")]
@ -955,7 +953,7 @@ mod tests {
} }
#[cfg(feature = "global-context-less-secure")] #[cfg(feature = "global-context")]
#[test] #[test]
fn test_global_context() { fn test_global_context() {
use super::SECP256K1; use super::SECP256K1;