diff --git a/src/ripple/crypto/impl/GenerateDeterministicKey.cpp b/src/ripple/crypto/impl/GenerateDeterministicKey.cpp index 54e7b728f..0cb1e19e1 100644 --- a/src/ripple/crypto/impl/GenerateDeterministicKey.cpp +++ b/src/ripple/crypto/impl/GenerateDeterministicKey.cpp @@ -22,6 +22,7 @@ #include #include #include +#include #include #include #include @@ -31,10 +32,24 @@ namespace ripple { namespace openssl { -static EC_GROUP const* const secp256k1_group = - EC_GROUP_new_by_curve_name (NID_secp256k1); -static bignum const secp256k1_order = - get_order (secp256k1_group); +struct secp256k1_data +{ + EC_GROUP const* group; + bignum order; + + secp256k1_data () + { + group = EC_GROUP_new_by_curve_name (NID_secp256k1); + + if (!group) + beast::FatalError ("The OpenSSL library on this system lacks elliptic curve support."); + + bn_ctx ctx; + order = get_order (group, ctx); + } +}; + +static secp256k1_data const secp256k1curve; } // namespace openssl @@ -83,7 +98,7 @@ static bignum generateRootDeterministicKey (uint128 const& seed) privKey.assign ((unsigned char const*) &root, sizeof (root)); root.zero(); // security erase } - while (privKey.is_zero() || privKey >= secp256k1_order); + while (privKey.is_zero() || privKey >= secp256k1curve.order); return privKey; } @@ -97,7 +112,7 @@ Blob generateRootDeterministicPublicKey (uint128 const& seed) bignum privKey = generateRootDeterministicKey (seed); // compute the corresponding public key point - ec_point pubKey = multiply (secp256k1_group, privKey, ctx); + ec_point pubKey = multiply (secp256k1curve.group, privKey, ctx); privKey.clear(); // security erase @@ -116,7 +131,7 @@ uint256 generateRootDeterministicPrivateKey (uint128 const& seed) // <-- root public generator in EC format static ec_point generateRootPubKey (bignum&& pubGenerator) { - ec_point pubPoint = bn2point (secp256k1_group, pubGenerator.get()); + ec_point pubPoint = bn2point (secp256k1curve.group, pubGenerator.get()); return pubPoint; } @@ -155,13 +170,13 @@ Blob generatePublicDeterministicKey (Blob const& pubGen, int seq) bn_ctx ctx; // Calculate the private additional key. - bignum hash = makeHash (pubGen, seq, secp256k1_order); + bignum hash = makeHash (pubGen, seq, secp256k1curve.order); // Calculate the corresponding public key. - ec_point newPoint = multiply (secp256k1_group, hash, ctx); + ec_point newPoint = multiply (secp256k1curve.group, hash, ctx); // Add the master public key and set. - add_to (secp256k1_group, rootPubKey, newPoint, ctx); + add_to (secp256k1curve.group, rootPubKey, newPoint, ctx); return serialize_ec_point (newPoint); } @@ -176,10 +191,10 @@ uint256 generatePrivateDeterministicKey ( bn_ctx ctx; // calculate the private additional key - bignum privKey = makeHash (pubGen, seq, secp256k1_order); + bignum privKey = makeHash (pubGen, seq, secp256k1curve.order); // calculate the final private key - add_to (rootPrivKey, privKey, secp256k1_order, ctx); + add_to (rootPrivKey, privKey, secp256k1curve.order, ctx); rootPrivKey.clear(); // security erase diff --git a/src/ripple/crypto/impl/openssl.h b/src/ripple/crypto/impl/openssl.h index 94d1170df..dae858f95 100644 --- a/src/ripple/crypto/impl/openssl.h +++ b/src/ripple/crypto/impl/openssl.h @@ -130,13 +130,6 @@ public: bignum get_order (EC_GROUP const* group, bn_ctx& ctx); -inline bignum get_order (EC_GROUP const* group) -{ - bn_ctx ctx; - - return get_order (group, ctx); -} - inline void add_to (bignum const& a, bignum& b, bignum const& modulus,