Skip to content

Commit f10439c

Browse files
WarrowsWarrows
committed
[Crypto] Add ctx initialisation for bip38
1 parent 21234db commit f10439c

File tree

1 file changed

+27
-4
lines changed

1 file changed

+27
-4
lines changed

src/bip38.cpp

Lines changed: 27 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
#include "pubkey.h"
99
#include "util.h"
1010
#include "utilstrencodings.h"
11+
#include "random.h"
1112

1213
#include <openssl/aes.h>
1314
#include <openssl/sha.h>
@@ -49,14 +50,25 @@ void ComputePassfactor(std::string ownersalt, uint256 prefactor, uint256& passfa
4950
bool ComputePasspoint(uint256 passfactor, CPubKey& passpoint)
5051
{
5152
size_t clen = 65;
52-
secp256k1_context *ctx = NULL;
53+
secp256k1_context *ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
54+
assert(ctx != nullptr);
55+
{
56+
// Pass in a random blinding seed to the secp256k1 context.
57+
std::vector<unsigned char, secure_allocator<unsigned char>> vseed(32);
58+
GetRandBytes(vseed.data(), 32);
59+
bool ret = secp256k1_context_randomize(ctx, vseed.data());
60+
assert(ret);
61+
}
5362
secp256k1_pubkey pubkey;
5463

5564
//passpoint is the ec_mult of passfactor on secp256k1
56-
if (!secp256k1_ec_pubkey_create(ctx, &pubkey, passfactor.begin()))
65+
if (!secp256k1_ec_pubkey_create(ctx, &pubkey, passfactor.begin())) {
66+
secp256k1_context_destroy(ctx);
5767
return false;
68+
}
5869

5970
secp256k1_ec_pubkey_serialize(ctx, (unsigned char*)passpoint.begin(), &clen, &pubkey, SECP256K1_EC_COMPRESSED);
71+
secp256k1_context_destroy(ctx);
6072

6173
if (passpoint.size() != clen)
6274
return false;
@@ -241,10 +253,21 @@ bool BIP38_Decrypt(std::string strPassphrase, std::string strEncryptedKey, uint2
241253
ComputeFactorB(seedB, factorB);
242254

243255
//multiply passfactor by factorb mod N to yield the priv key
244-
secp256k1_context *ctx = NULL;
256+
secp256k1_context *ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
257+
assert(ctx != nullptr);
258+
{
259+
// Pass in a random blinding seed to the secp256k1 context.
260+
std::vector<unsigned char, secure_allocator<unsigned char>> vseed(32);
261+
GetRandBytes(vseed.data(), 32);
262+
bool ret = secp256k1_context_randomize(ctx, vseed.data());
263+
assert(ret);
264+
}
245265
privKey = factorB;
246-
if (!secp256k1_ec_privkey_tweak_mul(ctx, privKey.begin(), passfactor.begin()))
266+
if (!secp256k1_ec_privkey_tweak_mul(ctx, privKey.begin(), passfactor.begin())) {
267+
secp256k1_context_destroy(ctx);
247268
return false;
269+
}
270+
secp256k1_context_destroy(ctx);
248271

249272
//double check that the address hash matches our final privkey
250273
CKey k;

0 commit comments

Comments
 (0)