Refactor GenerateDeterministicKey and its call sites:

Remove the use of ec_key parameters and return values from ECDSA crypto
prototypes.  Don't store key data into an ec_key variable only to fetch
it back into the original type again.  Use uint256 and Blob explicitly.

Pass private keys as uint256, and pass public keys as either pointer and
length or Blob in calls to ECDSA{Sign,Verify}() and {en,de}cryptECIES().

Replace GenerateRootDeterministicKey() with separate functions returning
either the public or private key, since no caller needs both at once.

Simplify the use of GenerateDeterministicKey within RippleAddress.  Call
a single routine rather than pass the result of one as input to another.

Add openssl unit with RAII classes for bignum, bn_ctx, and ec_point plus
free utility functions.

Rewrite the functions in GenerateDeterministicKey.cpp to use RAII rather
than explicit cleanup code:
  * factor out secp256k1_group and secp256k1_order for reuse rather than
    computing them each time
  * replace getPublicKey() with serialize_ec_point(), which makes, sets,
    and destroys an ec_key internally (sparing the caller those details)
    and calls i2o_ECPublicKey() directly
  * return bignum rather than ec_key from GenerateRootDeterministicKey()
  * return ec_point rather than EC_KEY* from GenerateRootPubKey()

Move ECDSA{Private,Public}Key() to a new ECDSAKey unit.
Move ec_key.h into impl/ since it's no longer used outside crypto/.

Remove now-unused member functions from ec_key.

Change tabs to spaces; trim trailing whitespace (including blank lines).

src/ripple/crypto/impl/openssl.cpp

@@ -0,0 +1,154 @@
+//------------------------------------------------------------------------------
+/*
+    This file is part of rippled: https://github.com/ripple/rippled
+    Copyright (c) 2014 Ripple Labs Inc.
+
+    Permission to use, copy, modify, and/or distribute this software for any
+    purpose  with  or without fee is hereby granted, provided that the above
+    copyright notice and this permission notice appear in all copies.
+
+    THE  SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+    WITH  REGARD  TO  THIS  SOFTWARE  INCLUDING  ALL  IMPLIED  WARRANTIES  OF
+    MERCHANTABILITY  AND  FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+    ANY  SPECIAL ,  DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+    WHATSOEVER  RESULTING  FROM  LOSS  OF USE, DATA OR PROFITS, WHETHER IN AN
+    ACTION  OF  CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+*/
+//==============================================================================
+
+#include <ripple/crypto/impl/openssl.h>
+#include <openssl/hmac.h>
+
+namespace ripple  {
+namespace openssl {
+
+bignum::bignum()
+{
+    ptr = BN_new();
+
+    if (ptr == nullptr)
+    {
+        throw std::runtime_error ("BN_new() failed");
+    }
+}
+
+void bignum::assign (uint8_t const* data, size_t size)
+{
+    // This reuses and assigns ptr
+    BIGNUM* bn = BN_bin2bn (data, size, ptr);
+
+    if (bn == nullptr)
+    {
+        throw std::runtime_error ("BN_bin2bn() failed");
+    }
+}
+
+void bignum::assign_new (uint8_t const* data, size_t size)
+{
+    // ptr must not be allocated
+
+    ptr = BN_bin2bn (data, size, nullptr);
+
+    if (ptr == nullptr)
+    {
+        throw std::runtime_error ("BN_bin2bn() failed");
+    }
+}
+
+bn_ctx::bn_ctx()
+{
+    ptr = BN_CTX_new();
+
+    if (ptr == nullptr)
+    {
+        throw std::runtime_error ("BN_CTX_new() failed");
+    }
+}
+
+bignum get_order (EC_GROUP const* group, bn_ctx& ctx)
+{
+    bignum result;
+
+    if (!EC_GROUP_get_order (group, result.get(), ctx.get()))
+    {
+        throw std::runtime_error ("EC_GROUP_get_order() failed");
+    }
+
+    return result;
+}
+
+ec_point::ec_point (EC_GROUP const* group)
+{
+    ptr = EC_POINT_new (group);
+
+    if (ptr == nullptr)
+    {
+        throw std::runtime_error ("EC_POINT_new() failed");
+    }
+}
+
+void add_to (EC_GROUP const* group,
+             ec_point const& a,
+             ec_point& b,
+             bn_ctx& ctx)
+{
+    if (!EC_POINT_add (group, b.get(), a.get(), b.get(), ctx.get()))
+    {
+        throw std::runtime_error ("EC_POINT_add() failed");
+    }
+}
+
+ec_point multiply (EC_GROUP const* group,
+                   bignum const& n,
+                   bn_ctx& ctx)
+{
+    ec_point result (group);
+
+    if (!EC_POINT_mul (group, result.get(), n.get(), nullptr, nullptr, ctx.get()))
+    {
+        throw std::runtime_error ("EC_POINT_mul() failed");
+    }
+
+    return result;
+}
+
+ec_point bn2point (EC_GROUP const* group, BIGNUM const* number)
+{
+    EC_POINT* result = EC_POINT_bn2point (group, number, nullptr, nullptr);
+
+    if (result == nullptr)
+    {
+        throw std::runtime_error ("EC_POINT_bn2point() failed");
+    }
+
+    return ec_point::acquire (result);
+}
+
+static ec_key ec_key_new_secp256k1_compressed()
+{
+    EC_KEY* key = EC_KEY_new_by_curve_name (NID_secp256k1);
+
+    if (key == nullptr)  throw std::runtime_error ("EC_KEY_new_by_curve_name() failed");
+
+    EC_KEY_set_conv_form (key, POINT_CONVERSION_COMPRESSED);
+
+    return ec_key::acquire ((ec_key::pointer_t) key);
+}
+
+void serialize_ec_point (ec_point const& point, std::uint8_t* ptr)
+{
+    ec_key key = ec_key_new_secp256k1_compressed();
+
+    if (EC_KEY_set_public_key((EC_KEY*) key.get(), point.get()) <= 0)
+    {
+        throw std::runtime_error ("EC_KEY_set_public_key() failed");
+    }
+
+    int const size = i2o_ECPublicKey ((EC_KEY*) key.get(), &ptr);
+
+    assert (size <= 33);
+}
+
+} // openssl
+} // ripple