Cryptography Reference
In-Depth Information
the GNU compiler
gcc
, the macro
__FLINT_API_A
is defined by
__cdecl
, and
some compilers understand this as an instruction that the assembler functions
corresponding to the C name and calling conventions are to be called.
For modules that import FLINT/C functions and constants from a dynamic
link library (DLL) under Microsoft Visual C/C++, in translation the macros
-D__FLINT_API=__cdecl
and
-D__FLINT_API_DATA= __declspec (dllimport)
must be defined. This has already been taken into account in
flint.h
,andit
suffices in this case to define the macro
FLINT_USEDLL
for compilation. For other
development environments analogous definitions should be employed.
The small amount of work involved in initializing a FLINT/C DLL is taken care
of by the function
FLINTInit_l()
, which provides initial values for the random
number generator
4
and generates a set of dynamic registers (see Chapter 9).
The complementary function
FLINTExit_l()
deallocates the dynamic registers.
Sensibly enough, the initialization is not handed over to every individual process
that uses the DLL, but is executed once at the start of the DLL. As a rule, a function
with creator-specific signature and calling convention should be used, which is
executed automatically when the DLL is loaded by the run-time system. This
function can take over the FLINT/C initialization and use the two functions
mentioned above. All of this should be considered when a DLL is created.
Some effort was made to make the software usable in security-critical
applications. To this end, in
security mode
local variables in functions, in
particular
CLINT
and
LINT
objects, are deleted after use by being overwritten
with zeros. For the C functions this is accomplished with the help of the macro
PURGEVARS_L()
and the associated function
purgevars_l()
. For the C++ functions
the destructor
∼
LINT()
is similarly equipped. The assembler functions overwrite
their working memory. The deletion of variables that are passed as arguments to
functions is the responsibility of the calling functions.
If the deletion of variables, which requires a certain additional expenditure
of time, is to be omitted, then in compilation the macro
FLINT_UNSECURE
must
be defined. At run time the function
char* verstr_l()
gives information about
the modes set at compile time, in which additionally to the version label
X.x
,
the letters “
a
” for assembler support and “
s
” for security mode are output in a
character string if these modes have been turned on.
4
The initial values are made up of 32-bit numbers taken from the system clock. For applications
in which security is critical it is advisable to use suitable random values from a sufficiently large
interval as initial values.
