Hello,
I have just pushed a "libsecp256k1" branch to both libbitcoin and
libwallet. This branch makes a good start at integrating libsecp256k1
as an EC crypto solution in place of OpenSSL.
There is a new source file, ec_keys, which contains the libsecp256k1
wrapper. This wrapper provides a generic interface to EC crypto stuff,
and doesn't expose any details of the underlying library. Amir and I
spent a while talking about how this interface should look, both in
terms of high-level concept and in terms of little details like proper
whitespacing. If we change our minds on our dependencies, this wrapper
could just as easily be reimplemented using OpenSSL.
This wrapper obsoletes the elliptic_curve_key class, which we can
eventually remove.
With this wrapper in place, I went ahead and ported my bip32 hd_keys
classes to the new system. Now there are zero references to OpenSSL in
the HD wallet code, not even for bignums. All unit tests pass as
before.
There is still a bit of work to do going forward. The secp256k1 and
gmp libraries need to be packaged for Windows, and the rest of the
codebase needs to be ported to the new wrapper class. The wrapper is
also missing the ability to generate random nonces for it's EC
signatures. This is a *CRITICAL* security hole, but fortunately, it's
an easy fix.
I will be rebasing the libsecp256k1 branches from time to time as I
continue to work on this stuff.