Exit if OpenSSL doesn't have secp256k1 support (RIPD-900)

src/ripple/crypto/impl/GenerateDeterministicKey.cpp

@@ -22,6 +22,7 @@
 #include <ripple/crypto/impl/ec_key.h>
 #include <ripple/crypto/impl/openssl.h>
 #include <ripple/protocol/digest.h>
+#include <beast/module/core/diagnostic/FatalError.h>
 #include <array>
 #include <string>
 #include <openssl/pem.h>
@@ -31,10 +32,24 @@ namespace ripple {
 
 namespace openssl {
 
-static EC_GROUP const* const secp256k1_group =
+struct secp256k1_data
-        EC_GROUP_new_by_curve_name (NID_secp256k1);
+{
-static bignum const secp256k1_order =
+    EC_GROUP const* group;
-        get_order (secp256k1_group);
+    bignum order;
+
+    secp256k1_data ()
+    {
+        group = EC_GROUP_new_by_curve_name (NID_secp256k1);
+
+        if (!group)
+            beast::FatalError ("The OpenSSL library on this system lacks elliptic curve support.");
+
+        bn_ctx ctx;
+        order = get_order (group, ctx);
+    }
+};
+
+static secp256k1_data const secp256k1curve;
 
 }  // namespace openssl
 
@@ -83,7 +98,7 @@ static bignum generateRootDeterministicKey (uint128 const& seed)
         privKey.assign ((unsigned char const*) &root, sizeof (root));
         root.zero(); // security erase
     }
-    while (privKey.is_zero()  ||  privKey >= secp256k1_order);
+    while (privKey.is_zero() || privKey >= secp256k1curve.order);
 
     return privKey;
 }
@@ -97,7 +112,7 @@ Blob generateRootDeterministicPublicKey (uint128 const& seed)
     bignum privKey = generateRootDeterministicKey (seed);
 
     // compute the corresponding public key point
-    ec_point pubKey = multiply (secp256k1_group, privKey, ctx);
+    ec_point pubKey = multiply (secp256k1curve.group, privKey, ctx);
 
     privKey.clear();  // security erase
 
@@ -116,7 +131,7 @@ uint256 generateRootDeterministicPrivateKey (uint128 const& seed)
 // <-- root public generator in EC format
 static ec_point generateRootPubKey (bignum&& pubGenerator)
 {
-    ec_point pubPoint = bn2point (secp256k1_group, pubGenerator.get());
+    ec_point pubPoint = bn2point (secp256k1curve.group, pubGenerator.get());
 
     return pubPoint;
 }
@@ -155,13 +170,13 @@ Blob generatePublicDeterministicKey (Blob const& pubGen, int seq)
     bn_ctx ctx;
 
     // Calculate the private additional key.
-    bignum hash = makeHash (pubGen, seq, secp256k1_order);
+    bignum hash = makeHash (pubGen, seq, secp256k1curve.order);
 
     // Calculate the corresponding public key.
-    ec_point newPoint = multiply (secp256k1_group, hash, ctx);
+    ec_point newPoint = multiply (secp256k1curve.group, hash, ctx);
 
     // Add the master public key and set.
-    add_to (secp256k1_group, rootPubKey, newPoint, ctx);
+    add_to (secp256k1curve.group, rootPubKey, newPoint, ctx);
 
     return serialize_ec_point (newPoint);
 }
@@ -176,10 +191,10 @@ uint256 generatePrivateDeterministicKey (
     bn_ctx ctx;
 
     // calculate the private additional key
-    bignum privKey = makeHash (pubGen, seq, secp256k1_order);
+    bignum privKey = makeHash (pubGen, seq, secp256k1curve.order);
 
     // calculate the final private key
-    add_to (rootPrivKey, privKey, secp256k1_order, ctx);
+    add_to (rootPrivKey, privKey, secp256k1curve.order, ctx);
 
     rootPrivKey.clear();  // security erase
 

src/ripple/crypto/impl/openssl.h

@@ -130,13 +130,6 @@ public:
 
 bignum get_order (EC_GROUP const* group, bn_ctx& ctx);
 
-inline bignum get_order (EC_GROUP const* group)
-{
-    bn_ctx ctx;
-
-    return get_order (group, ctx);
-}
-
 inline void add_to (bignum const& a,
                     bignum& b,
                     bignum const& modulus,