Add a global-context-less-secure feature which skips randomization

TheBlueMatt · TheBlueMatt · commit ce930ab6b743 · 2021-06-08T01:48:50.000Z
This is useful for us downstream as we wish to target WASM with a
global context, and using rand in such a build doesn't seem like a
safe idea.
diff --git a/Cargo.toml b/Cargo.toml
@@ -23,7 +23,8 @@ std = ["secp256k1-sys/std"]
 rand-std = ["rand/std"]
 recovery = ["secp256k1-sys/recovery"]
 lowmemory = ["secp256k1-sys/lowmemory"]
-global-context = ["std", "rand-std"]
+global-context = ["std", "rand-std", "global-context-less-secure"]
+global-context-less-secure = []
 
 [dependencies]
 secp256k1-sys = { version = "0.4.0", default-features = false, path = "./secp256k1-sys" }
diff --git a/src/context.rs b/src/context.rs
@@ -8,10 +8,12 @@ use Secp256k1;
 #[cfg(feature = "std")]
 pub use self::std_only::*;
 
-#[cfg(feature = "global-context")]
+#[cfg(feature = "global-context-less-secure")]
 /// Module implementing a singleton pattern for a global `Secp256k1` context
 pub mod global {
+    #[cfg(feature = "global-context")]
     use rand;
+
     use std::ops::Deref;
     use std::sync::Once;
     use {Secp256k1, All};
@@ -22,6 +24,9 @@ pub mod global {
     }
 
     /// A global, static context to avoid repeatedly creating contexts where one can't be passed
+    ///
+    /// If the global-context feature is enabled (and not just the global-context-less-secure),
+    /// this will have been randomized.
     pub static SECP256K1: &GlobalContext = &GlobalContext { __private: () };
 
     impl Deref for GlobalContext {
@@ -32,7 +37,10 @@ pub mod global {
             static mut CONTEXT: Option<Secp256k1<All>> = None;
             ONCE.call_once(|| unsafe {
                 let mut ctx = Secp256k1::new();
-                ctx.randomize(&mut rand::thread_rng());
+                #[cfg(feature = "global-context")]
+                {
+                    ctx.randomize(&mut rand::thread_rng());
+                }
                 CONTEXT = Some(ctx);
             });
             unsafe { CONTEXT.as_ref().unwrap() }
diff --git a/src/lib.rs b/src/lib.rs
@@ -158,7 +158,7 @@ use core::ops::Deref;
 use core::mem;
 use ffi::{CPtr, types::AlignedType};
 
-#[cfg(feature = "global-context")]
+#[cfg(feature = "global-context-less-secure")]
 pub use context::global::SECP256K1;
 
 #[cfg(feature = "bitcoin_hashes")]
@@ -1269,7 +1269,7 @@ mod tests {
 
     }
 
-    #[cfg(feature = "global-context")]
+    #[cfg(feature = "global-context-less-secure")]
     #[test]
     fn test_global_context() {
         use super::SECP256K1;
