Snippets

Steven Queue Bitcoin Unlimited dev branch changes

Created by Steven Queue last modified
snippet.diff
Raw 
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
diff --git a/src/qt/paymentrequestplus.cpp b/src/qt/paymentrequestplus.cpp
index c1d8684..7369fab 100644
--- a/src/qt/paymentrequestplus.cpp
+++ b/src/qt/paymentrequestplus.cpp
@@ -14,6 +14,7 @@
 
 #include <stdexcept>
 
+#include <openssl/opensslv.h>
 #include <openssl/x509_vfy.h>
 
 #include <QDateTime>
@@ -160,15 +161,25 @@ bool PaymentRequestPlus::getMerchant(X509_STORE* certStore, QString& merchant) c
         std::string data_to_verify;                     // Everything but the signature
         rcopy.SerializeToString(&data_to_verify);
 
-        EVP_MD_CTX ctx;
         EVP_PKEY *pubkey = X509_get_pubkey(signing_cert);
+
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+        EVP_MD_CTX ctx;
         EVP_MD_CTX_init(&ctx);
         if (!EVP_VerifyInit_ex(&ctx, digestAlgorithm, NULL) ||
             !EVP_VerifyUpdate(&ctx, data_to_verify.data(), data_to_verify.size()) ||
             !EVP_VerifyFinal(&ctx, (const unsigned char*)paymentRequest.signature().data(), (unsigned int)paymentRequest.signature().size(), pubkey)) {
             throw SSLVerifyError("Bad signature, invalid payment request.");
+#else
+            EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+            EVP_MD_CTX_init(ctx);
+            if (!EVP_VerifyInit_ex(ctx, digestAlgorithm, NULL) ||
+                !EVP_VerifyUpdate(ctx, data_to_verify.data(), data_to_verify.size()) ||
+                !EVP_VerifyFinal(ctx, (const unsigned char*)paymentRequest.signature().data(), (unsigned int)paymentRequest.signature().size(), pubkey)) {
+                throw SSLVerifyError("Bad signature, invalid payment request.");
+            EVP_MD_CTX_free(ctx);
+#endif
         }
-
         // OpenSSL API for getting human printable strings from certs is baroque.
         int textlen = X509_NAME_get_text_by_NID(certname, NID_commonName, NULL, 0);
         website = new char[textlen + 1];
diff --git a/src/secp256k1/src/tests.c b/src/secp256k1/src/tests.c
index 9ae7d30..662e360 100644
--- a/src/secp256k1/src/tests.c
+++ b/src/secp256k1/src/tests.c
@@ -18,6 +18,7 @@
 #include "testrand_impl.h"
 
 #ifdef ENABLE_OPENSSL_TESTS
+#include "openssl/opensslv.h"
 #include "openssl/bn.h"
 #include "openssl/ec.h"
 #include "openssl/ecdsa.h"
@@ -3652,6 +3653,12 @@ int test_ecdsa_der_parse(const unsigned char *sig, size_t siglen, int certainly_
     unsigned char roundtrip_openssl[2048];
     int len_openssl = 2048;
     int parsed_openssl, valid_openssl = 0, roundtrips_openssl = 0;
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+    /* nothing */
+#else
+    const BIGNUM *sig_r;
+    const BIGNUM *sig_s;
+#endif
 #endif
 
     parsed_der = secp256k1_ecdsa_signature_parse_der(ctx, &sig_der, sig, siglen);
@@ -3699,15 +3706,28 @@ int test_ecdsa_der_parse(const unsigned char *sig, size_t siglen, int certainly_
     sigptr = sig;
     parsed_openssl = (d2i_ECDSA_SIG(&sig_openssl, &sigptr, siglen) != NULL);
     if (parsed_openssl) {
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
         valid_openssl = !BN_is_negative(sig_openssl->r) && !BN_is_negative(sig_openssl->s) && BN_num_bits(sig_openssl->r) > 0 && BN_num_bits(sig_openssl->r) <= 256 && BN_num_bits(sig_openssl->s) > 0 && BN_num_bits(sig_openssl->s) <= 256;
+#else
+        ECDSA_SIG_get0(sig_openssl, &sig_r, &sig_s);
+        valid_openssl = !BN_is_negative(sig_r) && !BN_is_negative(sig_s) && BN_num_bits(sig_r) > 0 && BN_num_bits(sig_r) <= 256 && BN_num_bits(sig_s) > 0 && BN_num_bits(sig_s) <= 256;
+#endif
         if (valid_openssl) {
             unsigned char tmp[32] = {0};
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
             BN_bn2bin(sig_openssl->r, tmp + 32 - BN_num_bytes(sig_openssl->r));
+#else
+            BN_bn2bin(sig_r, tmp + 32 - BN_num_bytes(sig_r));
+#endif
             valid_openssl = memcmp(tmp, max_scalar, 32) < 0;
         }
         if (valid_openssl) {
             unsigned char tmp[32] = {0};
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
             BN_bn2bin(sig_openssl->s, tmp + 32 - BN_num_bytes(sig_openssl->s));
+#else
+            BN_bn2bin(sig_s, tmp + 32 - BN_num_bytes(sig_s));
+#endif
             valid_openssl = memcmp(tmp, max_scalar, 32) < 0;
         }
     }
diff --git a/src/wallet/crypter.cpp b/src/wallet/crypter.cpp
index 7eec96d..5feba64 100644
--- a/src/wallet/crypter.cpp
+++ b/src/wallet/crypter.cpp
@@ -12,6 +12,7 @@
 #include <string>
 #include <vector>
 #include <boost/foreach.hpp>
+#include <openssl/opensslv.h>
 #include <openssl/aes.h>
 #include <openssl/evp.h>
 
@@ -58,16 +59,27 @@ bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned
     int nLen = vchPlaintext.size();
     int nCLen = nLen + AES_BLOCK_SIZE, nFLen = 0;
     vchCiphertext = std::vector<unsigned char> (nCLen);
+    bool fOk = true;
 
+#if (OPENSSL_VERSION_NUMBER < 0X10100000L)
     EVP_CIPHER_CTX ctx;
 
-    bool fOk = true;
-
     EVP_CIPHER_CTX_init(&ctx);
     if (fOk) fOk = EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
     if (fOk) fOk = EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen) != 0;
     if (fOk) fOk = EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0]) + nCLen, &nFLen) != 0;
     EVP_CIPHER_CTX_cleanup(&ctx);
+#else
+    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+
+    EVP_CIPHER_CTX_init(ctx);
+    if (fOk) fOk = EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
+    if (fOk) fOk = EVP_EncryptUpdate(ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen) != 0;
+    if (fOk) fOk = EVP_EncryptFinal_ex(ctx, (&vchCiphertext[0]) + nCLen, &nFLen) != 0;
+    EVP_CIPHER_CTX_cleanup(ctx);
+
+    EVP_CIPHER_CTX_free(ctx);
+#endif
 
     if (!fOk) return false;
 
@@ -83,18 +95,29 @@ bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingM
     // plaintext will always be equal to or lesser than length of ciphertext
     int nLen = vchCiphertext.size();
     int nPLen = nLen, nFLen = 0;
+    bool fOk = true;
 
     vchPlaintext = CKeyingMaterial(nPLen);
 
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
     EVP_CIPHER_CTX ctx;
 
-    bool fOk = true;
-
     EVP_CIPHER_CTX_init(&ctx);
     if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
     if (fOk) fOk = EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0;
     if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0;
     EVP_CIPHER_CTX_cleanup(&ctx);
+#else
+    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+
+    EVP_CIPHER_CTX_init(ctx);
+    if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
+    if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0;
+    if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0;
+    EVP_CIPHER_CTX_cleanup(ctx);
+
+    EVP_CIPHER_CTX_free(ctx);
+#endif
 
     if (!fOk) return false;

Comments (0)

HTTPS SSH

You can clone a snippet to your computer for local editing. Learn more.