Use libsecp256k1 instead of openssl for crypto.

We still use openssl for bignums (base58) and for ripemd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

test-cli/check-anchor-scriptsigs.c

@@ -15,7 +15,6 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])

test-cli/check-commit-sig.c

@@ -14,8 +14,8 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -30,7 +30,7 @@ int main(int argc, char *argv[])
 	struct pubkey pubkey1, pubkey2;
 	struct bitcoin_signature sig1, sig2;
 	char *tx_hex;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	struct sha256 rhash;
 
@@ -50,8 +50,7 @@ int main(int argc, char *argv[])
 	o2 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open;
 	cs2 = pkt_from_file(argv[3], PKT__PKT_OPEN_COMMIT_SIG)->open_commit_sig;
 
-	privkey = key_from_base58(argv[4], strlen(argv[4]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[4]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[4]);
@@ -84,7 +83,7 @@ int main(int argc, char *argv[])
 	sig1.stype = SIGHASH_ALL;
 	subscript = bitcoin_redeem_2of2(ctx, &pubkey1, &pubkey2);
 	sign_tx_input(ctx, commit, 0, subscript, tal_count(subscript),
-		      privkey, &pubkey1, &sig1.sig);
+		      &privkey, &pubkey1, &sig1.sig);
 
 	/* Signatures well-formed? */
 	if (!proto_to_signature(cs2->sig, &sig2.sig))

test-cli/close-channel.c

@@ -13,10 +13,10 @@
 #include "permute_tx.h"
 #include "bitcoin/signature.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "close_tx.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -27,7 +27,7 @@ int main(int argc, char *argv[])
 	struct sha256_double anchor_txid;
 	struct pkt *pkt;
 	struct signature sig;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet, complete = false;
 	struct pubkey pubkey1, pubkey2;
 	u8 *redeemscript;
@@ -53,8 +53,7 @@ int main(int argc, char *argv[])
 	o1 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[3], PKT__PKT_OPEN)->open;
 
-	privkey = key_from_base58(argv[4], strlen(argv[4]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[4]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[4]);
@@ -88,7 +87,7 @@ int main(int argc, char *argv[])
 
 	/* Sign it for them. */
 	sign_tx_input(ctx, close_tx, 0, redeemscript, tal_count(redeemscript),
-		      privkey, &pubkey1, &sig);
+		      &privkey, &pubkey1, &sig);
 
 	if (complete)
 		pkt = close_channel_complete_pkt(ctx, &sig);

test-cli/create-close-tx.c

@@ -16,7 +16,6 @@
 #include "close_tx.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])

test-cli/create-commit-spend-tx.c

@@ -15,11 +15,11 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "bitcoin/address.h"
 #include "opt_bits.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -28,7 +28,7 @@ int main(int argc, char *argv[])
 	OpenChannel *o1, *o2;
 	struct bitcoin_tx *commit, *tx;
 	struct bitcoin_signature sig;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	struct pubkey pubkey1, pubkey2, outpubkey;
 	u8 *redeemscript, *tx_arr;
@@ -63,8 +63,7 @@ int main(int argc, char *argv[])
 		errx(1, "Invalid locktime in o1");
 
  	/* We need our private key to spend commit output. */
-	privkey = key_from_base58(argv[4], strlen(argv[4]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[4]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[4]);
@@ -112,7 +111,7 @@ int main(int argc, char *argv[])
 
 	/* Now get signature, to set up input script. */
 	if (!sign_tx_input(tx, tx, 0, redeemscript, tal_count(redeemscript),
-			   privkey, &pubkey1, &sig.sig))
+			   &privkey, &pubkey1, &sig.sig))
 		errx(1, "Could not sign tx");
 	sig.stype = SIGHASH_ALL;
 	tx->input[0].script = scriptsig_p2sh_single_sig(tx, redeemscript,

test-cli/create-commit-tx.c

@@ -14,9 +14,9 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 /* FIXME: this code doesn't work if we're not the ones proposing the delta */
@@ -27,7 +27,7 @@ int main(int argc, char *argv[])
 	Pkt *pkt;
 	struct bitcoin_tx *anchor, *commit;
 	struct sha256_double anchor_txid;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	struct bitcoin_signature sig1, sig2;
 	size_t i;
@@ -54,8 +54,7 @@ int main(int argc, char *argv[])
 	o1 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[3], PKT__PKT_OPEN)->open;
 
-	privkey = key_from_base58(argv[4], strlen(argv[4]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[4]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[4]);
@@ -110,7 +109,7 @@ int main(int argc, char *argv[])
 	/* We generate our signature. */
 	sig1.stype = SIGHASH_ALL;
 	sign_tx_input(ctx, commit, 0, redeemscript, tal_count(redeemscript),
-		      privkey, &pubkey1, &sig1.sig);
+		      &privkey, &pubkey1, &sig1.sig);
 
 	if (!check_2of2_sig(commit, 0, redeemscript, tal_count(redeemscript),
 			    &pubkey1, &pubkey2, &sig1, &sig2))

test-cli/create-steal-tx.c

@@ -14,8 +14,8 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -30,7 +30,7 @@ int main(int argc, char *argv[])
 	struct pubkey pubkey1, pubkey2, outpubkey;
 	struct bitcoin_signature sig;
 	char *tx_hex;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	u32 locktime_seconds;
 
@@ -62,8 +62,7 @@ int main(int argc, char *argv[])
 		errx(1, "Expected update or update-complete in %s", argv[2]);
 	}
 
-	privkey = key_from_base58(argv[3], strlen(argv[3]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[3], strlen(argv[3]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[3]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[3]);
@@ -112,7 +111,7 @@ int main(int argc, char *argv[])
 
 	/* Now get signature, to set up input script. */
 	if (!sign_tx_input(tx, tx, 0, redeemscript, tal_count(redeemscript),
-			   privkey, &pubkey1, &sig.sig))
+			   &privkey, &pubkey1, &sig.sig))
 		errx(1, "Could not sign tx");
 	sig.stype = SIGHASH_ALL;
 	tx->input[0].script = scriptsig_p2sh_revoke(tx, &revoke_preimage, &sig,

test-cli/get-anchor-depth.c

@@ -14,7 +14,6 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])

test-cli/open-anchor-scriptsigs.c

@@ -10,8 +10,8 @@
 #include "bitcoin/base58.h"
 #include "anchor.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 
-#include <openssl/ec.h>
 #include <unistd.h>
 
 /* All the input scripts are already set to 0.  We just need to make this one. */
@@ -19,7 +19,7 @@ static u8 *tx_scriptsig(const tal_t *ctx,
 			struct bitcoin_tx *tx,
 			unsigned int i,
 			const BitcoinInput *input,
-			EC_KEY *privkey,
+			struct privkey *privkey,
 			const struct pubkey *pubkey)
 {
 	struct bitcoin_signature sig;
@@ -75,19 +75,18 @@ int main(int argc, char *argv[])
 	sigs = tal_arr(ctx, u8 *, o1->anchor->n_inputs);
 	for (i = 0; i < o1->anchor->n_inputs; i++) {
 		struct pubkey pubkey;
-		EC_KEY *privkey;
+		struct privkey privkey;
 		bool testnet;
 
-		privkey = key_from_base58(argv[3+i], strlen(argv[3+i]),
-					  &testnet, &pubkey);
-		if (!privkey)
+		if (!key_from_base58(argv[3+i], strlen(argv[3+i]),
+							 &testnet, &privkey, &pubkey))
 			errx(1, "Invalid private key '%s'", argv[3+i]);
 		if (!testnet)
 			errx(1, "Private key '%s' not on testnet!", argv[3+i]);
 		
 		sigs[i] = tx_scriptsig(sigs, anchor, map[i],
 				       o1->anchor->inputs[i],
-				       privkey, &pubkey);
+				       &privkey, &pubkey);
 	}
 
 	pkt = open_anchor_sig_pkt(ctx, sigs, o1->anchor->n_inputs);

test-cli/open-channel.c

@@ -12,10 +12,11 @@
 #include "bitcoin/address.h"
 #include "bitcoin/tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "bitcoin/shadouble.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
+#include <time.h>
 #include "opt_bits.h"
 
 /* Bitcoin nodes are allowed to be 2 hours in the future. */ 
@@ -76,7 +77,7 @@ int main(int argc, char *argv[])
 	bool testnet;
 	size_t i;
 	struct pubkey commitkey, outkey, changekey;
-	EC_KEY *commitprivkey, *outprivkey;
+	struct privkey commitprivkey, outprivkey;
 
 	err_set_progname(argv[0]);
 
@@ -123,16 +124,14 @@ int main(int argc, char *argv[])
 
 	/* We don't really need the privkey here, but it's the most
 	 * convenient way to get the pubkey from bitcoind. */
-	commitprivkey = key_from_base58(argv[4], strlen(argv[4]), &testnet,
-					&commitkey);
-	if (!commitprivkey)
+	if (!key_from_base58(argv[4], strlen(argv[4]), &testnet,
+			     &commitprivkey, &commitkey))
 		errx(1, "Invalid private key '%s'", argv[4]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[4]);
 
-	outprivkey = key_from_base58(argv[5], strlen(argv[5]), &testnet,
-				     &outkey);
-	if (!outprivkey)
+	if (!key_from_base58(argv[5], strlen(argv[5]), &testnet,
+			     &outprivkey, &outkey))
 		errx(1, "Invalid private key '%s'", argv[5]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[5]);

test-cli/open-commit-sig.c

@@ -14,8 +14,8 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -27,7 +27,7 @@ int main(int argc, char *argv[])
 	struct pkt *pkt;
 	struct signature sig;
 	size_t *inmap, *outmap;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	struct pubkey pubkey1, pubkey2;
 	u8 *subscript;
@@ -48,8 +48,7 @@ int main(int argc, char *argv[])
 	o1 = pkt_from_file(argv[1], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open;
 
-	privkey = key_from_base58(argv[3], strlen(argv[3]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[3], strlen(argv[3]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[3]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[3]);
@@ -81,7 +80,7 @@ int main(int argc, char *argv[])
 	/* Sign it for them. */
 	subscript = bitcoin_redeem_2of2(ctx, &pubkey1, &pubkey2);
 	sign_tx_input(ctx, commit, 0, subscript, tal_count(subscript),
-		      privkey, &pubkey1, &sig);
+		      &privkey, &pubkey1, &sig);
 
 	pkt = open_commit_sig_pkt(ctx, &sig);
 	if (!write_all(STDOUT_FILENO, pkt, pkt_totlen(pkt)))

test-cli/update-channel-accept.c

@@ -14,9 +14,9 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -29,7 +29,7 @@ int main(int argc, char *argv[])
 	struct sha256_double anchor_txid;
 	struct pkt *pkt;
 	struct bitcoin_signature sig;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	struct pubkey pubkey1, pubkey2;
 	u8 *redeemscript;
@@ -56,8 +56,7 @@ int main(int argc, char *argv[])
 	o1 = pkt_from_file(argv[3], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[4], PKT__PKT_OPEN)->open;
 
-	privkey = key_from_base58(argv[5], strlen(argv[5]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[5], strlen(argv[5]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[5]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[5]);
@@ -100,7 +99,7 @@ int main(int argc, char *argv[])
 
 	/* Sign it for them. */
 	sign_tx_input(ctx, commit, 0, redeemscript, tal_count(redeemscript),
-		      privkey, &pubkey1, &sig.sig);
+		      &privkey, &pubkey1, &sig.sig);
 
 	pkt = update_accept_pkt(ctx, &sig.sig, &revocation_hash);
 	if (!write_all(STDOUT_FILENO, pkt, pkt_totlen(pkt)))

test-cli/update-channel-complete.c

@@ -17,7 +17,6 @@
 #include "bitcoin/pubkey.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])

test-cli/update-channel-signature.c

@@ -14,9 +14,9 @@
 #include "bitcoin/signature.h"
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
+#include "bitcoin/privkey.h"
 #include "find_p2sh_out.h"
 #include "protobuf_convert.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])
@@ -30,7 +30,7 @@ int main(int argc, char *argv[])
 	struct sha256_double anchor_txid;
 	struct pkt *pkt;
 	struct bitcoin_signature sig;
-	EC_KEY *privkey;
+	struct privkey privkey;
 	bool testnet;
 	struct pubkey pubkey1, pubkey2;
 	u8 *redeemscript;
@@ -57,8 +57,7 @@ int main(int argc, char *argv[])
 	o1 = pkt_from_file(argv[3], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[4], PKT__PKT_OPEN)->open;
 
-	privkey = key_from_base58(argv[5], strlen(argv[5]), &testnet, &pubkey1);
-	if (!privkey)
+	if (!key_from_base58(argv[5], strlen(argv[5]), &testnet, &privkey, &pubkey1))
 		errx(1, "Invalid private key '%s'", argv[5]);
 	if (!testnet)
 		errx(1, "Private key '%s' not on testnet!", argv[5]);
@@ -121,7 +120,7 @@ int main(int argc, char *argv[])
 
 	/* Sign it for them. */
 	sign_tx_input(ctx, commit, 0, redeemscript, tal_count(redeemscript),
-		      privkey, &pubkey1, &sig.sig);
+		      &privkey, &pubkey1, &sig.sig);
 
 	pkt = update_signature_pkt(ctx, &sig.sig, &preimage);
 	if (!write_all(STDOUT_FILENO, pkt, pkt_totlen(pkt)))

test-cli/update-channel.c

@@ -15,7 +15,6 @@
 #include "commit_tx.h"
 #include "bitcoin/pubkey.h"
 #include "find_p2sh_out.h"
-#include <openssl/ec.h>
 #include <unistd.h>
 
 int main(int argc, char *argv[])