Snippets
Created by
Steven Queue
last modified
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 | diff --git a/src/qt/paymentrequestplus.cpp b/src/qt/paymentrequestplus.cpp
index c1d8684..7369fab 100644
--- a/src/qt/paymentrequestplus.cpp
+++ b/src/qt/paymentrequestplus.cpp
@@ -14,6 +14,7 @@
#include <stdexcept>
+#include <openssl/opensslv.h>
#include <openssl/x509_vfy.h>
#include <QDateTime>
@@ -160,15 +161,25 @@ bool PaymentRequestPlus::getMerchant(X509_STORE* certStore, QString& merchant) c
std::string data_to_verify; // Everything but the signature
rcopy.SerializeToString(&data_to_verify);
- EVP_MD_CTX ctx;
EVP_PKEY *pubkey = X509_get_pubkey(signing_cert);
+
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ EVP_MD_CTX ctx;
EVP_MD_CTX_init(&ctx);
if (!EVP_VerifyInit_ex(&ctx, digestAlgorithm, NULL) ||
!EVP_VerifyUpdate(&ctx, data_to_verify.data(), data_to_verify.size()) ||
!EVP_VerifyFinal(&ctx, (const unsigned char*)paymentRequest.signature().data(), (unsigned int)paymentRequest.signature().size(), pubkey)) {
throw SSLVerifyError("Bad signature, invalid payment request.");
+#else
+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+ EVP_MD_CTX_init(ctx);
+ if (!EVP_VerifyInit_ex(ctx, digestAlgorithm, NULL) ||
+ !EVP_VerifyUpdate(ctx, data_to_verify.data(), data_to_verify.size()) ||
+ !EVP_VerifyFinal(ctx, (const unsigned char*)paymentRequest.signature().data(), (unsigned int)paymentRequest.signature().size(), pubkey)) {
+ throw SSLVerifyError("Bad signature, invalid payment request.");
+ EVP_MD_CTX_free(ctx);
+#endif
}
-
// OpenSSL API for getting human printable strings from certs is baroque.
int textlen = X509_NAME_get_text_by_NID(certname, NID_commonName, NULL, 0);
website = new char[textlen + 1];
diff --git a/src/secp256k1/src/tests.c b/src/secp256k1/src/tests.c
index 9ae7d30..662e360 100644
--- a/src/secp256k1/src/tests.c
+++ b/src/secp256k1/src/tests.c
@@ -18,6 +18,7 @@
#include "testrand_impl.h"
#ifdef ENABLE_OPENSSL_TESTS
+#include "openssl/opensslv.h"
#include "openssl/bn.h"
#include "openssl/ec.h"
#include "openssl/ecdsa.h"
@@ -3652,6 +3653,12 @@ int test_ecdsa_der_parse(const unsigned char *sig, size_t siglen, int certainly_
unsigned char roundtrip_openssl[2048];
int len_openssl = 2048;
int parsed_openssl, valid_openssl = 0, roundtrips_openssl = 0;
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ /* nothing */
+#else
+ const BIGNUM *sig_r;
+ const BIGNUM *sig_s;
+#endif
#endif
parsed_der = secp256k1_ecdsa_signature_parse_der(ctx, &sig_der, sig, siglen);
@@ -3699,15 +3706,28 @@ int test_ecdsa_der_parse(const unsigned char *sig, size_t siglen, int certainly_
sigptr = sig;
parsed_openssl = (d2i_ECDSA_SIG(&sig_openssl, &sigptr, siglen) != NULL);
if (parsed_openssl) {
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
valid_openssl = !BN_is_negative(sig_openssl->r) && !BN_is_negative(sig_openssl->s) && BN_num_bits(sig_openssl->r) > 0 && BN_num_bits(sig_openssl->r) <= 256 && BN_num_bits(sig_openssl->s) > 0 && BN_num_bits(sig_openssl->s) <= 256;
+#else
+ ECDSA_SIG_get0(sig_openssl, &sig_r, &sig_s);
+ valid_openssl = !BN_is_negative(sig_r) && !BN_is_negative(sig_s) && BN_num_bits(sig_r) > 0 && BN_num_bits(sig_r) <= 256 && BN_num_bits(sig_s) > 0 && BN_num_bits(sig_s) <= 256;
+#endif
if (valid_openssl) {
unsigned char tmp[32] = {0};
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
BN_bn2bin(sig_openssl->r, tmp + 32 - BN_num_bytes(sig_openssl->r));
+#else
+ BN_bn2bin(sig_r, tmp + 32 - BN_num_bytes(sig_r));
+#endif
valid_openssl = memcmp(tmp, max_scalar, 32) < 0;
}
if (valid_openssl) {
unsigned char tmp[32] = {0};
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
BN_bn2bin(sig_openssl->s, tmp + 32 - BN_num_bytes(sig_openssl->s));
+#else
+ BN_bn2bin(sig_s, tmp + 32 - BN_num_bytes(sig_s));
+#endif
valid_openssl = memcmp(tmp, max_scalar, 32) < 0;
}
}
diff --git a/src/wallet/crypter.cpp b/src/wallet/crypter.cpp
index 7eec96d..5feba64 100644
--- a/src/wallet/crypter.cpp
+++ b/src/wallet/crypter.cpp
@@ -12,6 +12,7 @@
#include <string>
#include <vector>
#include <boost/foreach.hpp>
+#include <openssl/opensslv.h>
#include <openssl/aes.h>
#include <openssl/evp.h>
@@ -58,16 +59,27 @@ bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned
int nLen = vchPlaintext.size();
int nCLen = nLen + AES_BLOCK_SIZE, nFLen = 0;
vchCiphertext = std::vector<unsigned char> (nCLen);
+ bool fOk = true;
+#if (OPENSSL_VERSION_NUMBER < 0X10100000L)
EVP_CIPHER_CTX ctx;
- bool fOk = true;
-
EVP_CIPHER_CTX_init(&ctx);
if (fOk) fOk = EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
if (fOk) fOk = EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen) != 0;
if (fOk) fOk = EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0]) + nCLen, &nFLen) != 0;
EVP_CIPHER_CTX_cleanup(&ctx);
+#else
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+
+ EVP_CIPHER_CTX_init(ctx);
+ if (fOk) fOk = EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
+ if (fOk) fOk = EVP_EncryptUpdate(ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen) != 0;
+ if (fOk) fOk = EVP_EncryptFinal_ex(ctx, (&vchCiphertext[0]) + nCLen, &nFLen) != 0;
+ EVP_CIPHER_CTX_cleanup(ctx);
+
+ EVP_CIPHER_CTX_free(ctx);
+#endif
if (!fOk) return false;
@@ -83,18 +95,29 @@ bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingM
// plaintext will always be equal to or lesser than length of ciphertext
int nLen = vchCiphertext.size();
int nPLen = nLen, nFLen = 0;
+ bool fOk = true;
vchPlaintext = CKeyingMaterial(nPLen);
+#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
EVP_CIPHER_CTX ctx;
- bool fOk = true;
-
EVP_CIPHER_CTX_init(&ctx);
if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
if (fOk) fOk = EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0;
if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0;
EVP_CIPHER_CTX_cleanup(&ctx);
+#else
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+
+ EVP_CIPHER_CTX_init(ctx);
+ if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
+ if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0;
+ if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0;
+ EVP_CIPHER_CTX_cleanup(ctx);
+
+ EVP_CIPHER_CTX_free(ctx);
+#endif
if (!fOk) return false;
|
Comments (0)
You can clone a snippet to your computer for local editing. Learn more.