Makes it possible to avoid initialization part of the (large and slow to compute) tables if you only need signing or verification.
Split up signing and verification initialization #60
pull sipa wants to merge 2 commits into bitcoin-core:master from sipa:splitsignver changing 5 files +69 −12-
sipa commented at 9:10 PM on September 8, 2014: contributor
- sipa force-pushed on Sep 8, 2014
-
- sipa force-pushed on Sep 8, 2014
-
gmaxwell commented at 10:09 PM on September 8, 2014: contributor
If it's a seperate function then the linker can omit the code when statically linking. The code is so small that I don't know if we care. Alternatively, we could later provide _sign_init and _verify_init functions which the original init just calls, so I think we're not comitted to this way even while keeping the API compatible.
Have you considered setting a canary value on each of the inits? e.g. instead of depending on behavior around null making sure that if it's initilized its set to some particular unlikely value at the end of init, and reset to something else at the beginning of free? (then checked on all entry)
-
Split up signing and verification initialization 04e34d18c3
-
c259a7cbc0
Set precomputation table late and unset early.
Set the global pointer to the precomputation table only after initializing it completely, and unset it before doing any uninitialization. This causes fail-fast behavior in case of race conditions between initialization and operations using it.
- sipa force-pushed on Sep 13, 2014
-
sipa commented at 3:23 PM on September 13, 2014: contributor
@gmaxwell Added a commit to switch the global pointer late on initialize, and early on uninitialize. I believe that this should have almost the same effect as canary values inside the structures (apart from unintentional overwrite, of course).
- sipa merged this on Sep 28, 2014
- sipa closed this on Sep 28, 2014
- sipa referenced this in commit b00982fdbd on Sep 28, 2014
- real-or-random referenced this in commit 57e6539a7b on May 31, 2019
