twisterarmy
/
twister-core
mirror of https://github.com/twisterarmy/twister-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

twisterd 0.9.40 adding openssl 1.1.x support

miguelfreitas
Miguel Freitas 7 years ago
parent
6b157f10c0
commit
9102cae4b5
4 changed files with 151 additions and 75 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      src/base58.h
  2. 135
      src/bignum.h
  3. 2
      src/clientversion.h
  4. 85
      src/key.cpp

4
src/base58.h
Unescape View File

@ -51,7 +51,7 @@ inline std::string EncodeBase58(const unsigned char* pbegin, const unsigned char @@ -51,7 +51,7 @@ inline std::string EncodeBase58(const unsigned char* pbegin, const unsigned char
CBigNum rem;
while (bn > bn0)
{
if (!BN_div(&dv, &rem, &bn, &bn58, pctx))
if (!BN_div(dv.bn, rem.bn, bn.bn, bn58.bn, pctx))
throw bignum_error("EncodeBase58 : BN_div failed");
bn = dv;
unsigned int c = rem.getulong();
@ -98,7 +98,7 @@ inline bool DecodeBase58(const char* psz, std::vector<unsigned char>& vchRet) @@ -98,7 +98,7 @@ inline bool DecodeBase58(const char* psz, std::vector<unsigned char>& vchRet)
break;
}
bnChar.setulong(p1 - pszBase58);
if (!BN_mul(&bn, &bn, &bn58, pctx))
if (!BN_mul(bn.bn, bn.bn, bn58.bn, pctx))
throw bignum_error("DecodeBase58 : BN_mul failed");
bn += bnChar;
}

135
src/bignum.h
Unescape View File

@ -48,75 +48,76 @@ public: @@ -48,75 +48,76 @@ public:
/** C++ wrapper for BIGNUM (OpenSSL bignum) */
class CBigNum : public BIGNUM
class CBigNum
{
public:
BIGNUM *bn;
CBigNum()
{
BN_init(this);
this->bn = BN_new();
}
CBigNum(const CBigNum& b)
{
BN_init(this);
if (!BN_copy(this, &b))
this->bn = BN_new();
if (!BN_copy(this->bn, b.bn))
{
BN_clear_free(this);
BN_clear_free(this->bn);
throw bignum_error("CBigNum::CBigNum(const CBigNum&) : BN_copy failed");
}
}
CBigNum& operator=(const CBigNum& b)
{
if (!BN_copy(this, &b))
if (!BN_copy(this->bn, b.bn))
throw bignum_error("CBigNum::operator= : BN_copy failed");
return (*this);
}
~CBigNum()
{
BN_clear_free(this);
BN_clear_free(this->bn);
}
//CBigNum(char n) is not portable. Use 'signed char' or 'unsigned char'.
CBigNum(signed char n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(short n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(int n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(long n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(int64 n) { BN_init(this); setint64(n); }
CBigNum(unsigned char n) { BN_init(this); setulong(n); }
CBigNum(unsigned short n) { BN_init(this); setulong(n); }
CBigNum(unsigned int n) { BN_init(this); setulong(n); }
CBigNum(unsigned long n) { BN_init(this); setulong(n); }
CBigNum(uint64 n) { BN_init(this); setuint64(n); }
explicit CBigNum(uint256 n) { BN_init(this); setuint256(n); }
CBigNum(signed char n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(short n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(int n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(long n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); }
CBigNum(int64 n) { this->bn = BN_new(); setint64(n); }
CBigNum(unsigned char n) { this->bn = BN_new(); setulong(n); }
CBigNum(unsigned short n) { this->bn = BN_new(); setulong(n); }
CBigNum(unsigned int n) { this->bn = BN_new(); setulong(n); }
CBigNum(unsigned long n) { this->bn = BN_new(); setulong(n); }
CBigNum(uint64 n) { this->bn = BN_new(); setuint64(n); }
explicit CBigNum(uint256 n) { this->bn = BN_new(); setuint256(n); }
explicit CBigNum(const std::vector<unsigned char>& vch)
{
BN_init(this);
this->bn = BN_new();
setvch(vch);
}
void setulong(unsigned long n)
{
if (!BN_set_word(this, n))
if (!BN_set_word(this->bn, n))
throw bignum_error("CBigNum conversion from unsigned long : BN_set_word failed");
}
unsigned long getulong() const
{
return BN_get_word(this);
return BN_get_word(this->bn);
}
unsigned int getuint() const
{
return BN_get_word(this);
return BN_get_word(this->bn);
}
int getint() const
{
unsigned long n = BN_get_word(this);
if (!BN_is_negative(this))
unsigned long n = BN_get_word(this->bn);
if (!BN_is_negative(this->bn))
return (n > (unsigned long)std::numeric_limits<int>::max() ? std::numeric_limits<int>::max() : n);
else
return (n > (unsigned long)std::numeric_limits<int>::max() ? std::numeric_limits<int>::min() : -(int)n);
@ -164,7 +165,7 @@ public: @@ -164,7 +165,7 @@ public:
pch[1] = (nSize >> 16) & 0xff;
pch[2] = (nSize >> 8) & 0xff;
pch[3] = (nSize) & 0xff;
BN_mpi2bn(pch, p - pch, this);
BN_mpi2bn(pch, p - pch, this->bn);
}
void setuint64(uint64 n)
@ -191,7 +192,7 @@ public: @@ -191,7 +192,7 @@ public:
pch[1] = (nSize >> 16) & 0xff;
pch[2] = (nSize >> 8) & 0xff;
pch[3] = (nSize) & 0xff;
BN_mpi2bn(pch, p - pch, this);
BN_mpi2bn(pch, p - pch, this->bn);
}
void setuint256(uint256 n)
@ -219,16 +220,16 @@ public: @@ -219,16 +220,16 @@ public:
pch[1] = (nSize >> 16) & 0xff;
pch[2] = (nSize >> 8) & 0xff;
pch[3] = (nSize >> 0) & 0xff;
BN_mpi2bn(pch, p - pch, this);
BN_mpi2bn(pch, p - pch, this->bn);
}
uint256 getuint256() const
{
unsigned int nSize = BN_bn2mpi(this, NULL);
unsigned int nSize = BN_bn2mpi(this->bn, NULL);
if (nSize < 4)
return 0;
std::vector<unsigned char> vch(nSize);
BN_bn2mpi(this, &vch[0]);
BN_bn2mpi(this->bn, &vch[0]);
if (vch.size() > 4)
vch[4] &= 0x7f;
uint256 n = 0;
@ -249,16 +250,16 @@ public: @@ -249,16 +250,16 @@ public:
vch2[3] = (nSize >> 0) & 0xff;
// swap data to big endian
reverse_copy(vch.begin(), vch.end(), vch2.begin() + 4);
BN_mpi2bn(&vch2[0], vch2.size(), this);
BN_mpi2bn(&vch2[0], vch2.size(), this->bn);
}
std::vector<unsigned char> getvch() const
{
unsigned int nSize = BN_bn2mpi(this, NULL);
unsigned int nSize = BN_bn2mpi(this->bn, NULL);
if (nSize <= 4)
return std::vector<unsigned char>();
std::vector<unsigned char> vch(nSize);
BN_bn2mpi(this, &vch[0]);
BN_bn2mpi(this->bn, &vch[0]);
vch.erase(vch.begin(), vch.begin() + 4);
reverse(vch.begin(), vch.end());
return vch;
@ -294,28 +295,28 @@ public: @@ -294,28 +295,28 @@ public:
if (nSize <= 3)
{
nWord >>= 8*(3-nSize);
BN_set_word(this, nWord);
BN_set_word(this->bn, nWord);
}
else
{
BN_set_word(this, nWord);
BN_lshift(this, this, 8*(nSize-3));
BN_set_word(this->bn, nWord);
BN_lshift(this->bn, this->bn, 8*(nSize-3));
}
BN_set_negative(this, fNegative);
BN_set_negative(this->bn, fNegative);
return *this;
}
unsigned int GetCompact() const
{
unsigned int nSize = BN_num_bytes(this);
unsigned int nSize = BN_num_bytes(this->bn);
unsigned int nCompact = 0;
if (nSize <= 3)
nCompact = BN_get_word(this) << 8*(3-nSize);
nCompact = BN_get_word(this->bn) << 8*(3-nSize);
else
{
CBigNum bn;
BN_rshift(&bn, this, 8*(nSize-3));
nCompact = BN_get_word(&bn);
BN_rshift(bn.bn, this->bn, 8*(nSize-3));
nCompact = BN_get_word(bn.bn);
}
// The 0x00800000 bit denotes the sign.
// Thus, if it is already set, divide the mantissa by 256 and increase the exponent.
@ -325,7 +326,7 @@ public: @@ -325,7 +326,7 @@ public:
nSize++;
}
nCompact |= nSize << 24;
nCompact |= (BN_is_negative(this) ? 0x00800000 : 0);
nCompact |= (BN_is_negative(this->bn) ? 0x00800000 : 0);
return nCompact;
}
@ -366,20 +367,20 @@ public: @@ -366,20 +367,20 @@ public:
CBigNum bn0 = 0;
std::string str;
CBigNum bn = *this;
BN_set_negative(&bn, false);
BN_set_negative(bn.bn, false);
CBigNum dv;
CBigNum rem;
if (BN_cmp(&bn, &bn0) == 0)
if (BN_cmp(bn.bn, bn0.bn) == 0)
return "0";
while (BN_cmp(&bn, &bn0) > 0)
while (BN_cmp(bn.bn, bn0.bn) > 0)
{
if (!BN_div(&dv, &rem, &bn, &bnBase, pctx))
if (!BN_div(dv.bn, rem.bn, bn.bn, bnBase.bn, pctx))
throw bignum_error("CBigNum::ToString() : BN_div failed");
bn = dv;
unsigned int c = rem.getulong();
str += "0123456789abcdef"[c];
}
if (BN_is_negative(this))
if (BN_is_negative(this->bn))
str += "-";
reverse(str.begin(), str.end());
return str;
@ -412,12 +413,12 @@ public: @@ -412,12 +413,12 @@ public:
bool operator!() const
{
return BN_is_zero(this);
return BN_is_zero(this->bn);
}
CBigNum& operator+=(const CBigNum& b)
{
if (!BN_add(this, this, &b))
if (!BN_add(this->bn, this->bn, b.bn))
throw bignum_error("CBigNum::operator+= : BN_add failed");
return *this;
}
@ -431,7 +432,7 @@ public: @@ -431,7 +432,7 @@ public:
CBigNum& operator*=(const CBigNum& b)
{
CAutoBN_CTX pctx;
if (!BN_mul(this, this, &b, pctx))
if (!BN_mul(this->bn, this->bn, b.bn, pctx))
throw bignum_error("CBigNum::operator*= : BN_mul failed");
return *this;
}
@ -450,7 +451,7 @@ public: @@ -450,7 +451,7 @@ public:
CBigNum& operator<<=(unsigned int shift)
{
if (!BN_lshift(this, this, shift))
if (!BN_lshift(this->bn, this->bn, shift))
throw bignum_error("CBigNum:operator<<= : BN_lshift failed");
return *this;
}
@ -461,13 +462,13 @@ public: @@ -461,13 +462,13 @@ public:
// if built on ubuntu 9.04 or 9.10, probably depends on version of OpenSSL
CBigNum a = 1;
a <<= shift;
if (BN_cmp(&a, this) > 0)
if (BN_cmp(a.bn, this->bn) > 0)
{
*this = 0;
return *this;
}
if (!BN_rshift(this, this, shift))
if (!BN_rshift(this->bn, this->bn, shift))
throw bignum_error("CBigNum:operator>>= : BN_rshift failed");
return *this;
}
@ -476,7 +477,7 @@ public: @@ -476,7 +477,7 @@ public:
CBigNum& operator++()
{
// prefix operator
if (!BN_add(this, this, BN_value_one()))
if (!BN_add(this->bn, this->bn, BN_value_one()))
throw bignum_error("CBigNum::operator++ : BN_add failed");
return *this;
}
@ -493,7 +494,7 @@ public: @@ -493,7 +494,7 @@ public:
{
// prefix operator
CBigNum r;
if (!BN_sub(&r, this, BN_value_one()))
if (!BN_sub(r.bn, this->bn, BN_value_one()))
throw bignum_error("CBigNum::operator-- : BN_sub failed");
*this = r;
return *this;
@ -518,7 +519,7 @@ public: @@ -518,7 +519,7 @@ public:
inline const CBigNum operator+(const CBigNum& a, const CBigNum& b)
{
CBigNum r;
if (!BN_add(&r, &a, &b))
if (!BN_add(r.bn, a.bn, b.bn))
throw bignum_error("CBigNum::operator+ : BN_add failed");
return r;
}
@ -526,7 +527,7 @@ inline const CBigNum operator+(const CBigNum& a, const CBigNum& b) @@ -526,7 +527,7 @@ inline const CBigNum operator+(const CBigNum& a, const CBigNum& b)
inline const CBigNum operator-(const CBigNum& a, const CBigNum& b)
{
CBigNum r;
if (!BN_sub(&r, &a, &b))
if (!BN_sub(r.bn, a.bn, b.bn))
throw bignum_error("CBigNum::operator- : BN_sub failed");
return r;
}
@ -534,7 +535,7 @@ inline const CBigNum operator-(const CBigNum& a, const CBigNum& b) @@ -534,7 +535,7 @@ inline const CBigNum operator-(const CBigNum& a, const CBigNum& b)
inline const CBigNum operator-(const CBigNum& a)
{
CBigNum r(a);
BN_set_negative(&r, !BN_is_negative(&r));
BN_set_negative(r.bn, !BN_is_negative(r.bn));
return r;
}
@ -542,7 +543,7 @@ inline const CBigNum operator*(const CBigNum& a, const CBigNum& b) @@ -542,7 +543,7 @@ inline const CBigNum operator*(const CBigNum& a, const CBigNum& b)
{
CAutoBN_CTX pctx;
CBigNum r;
if (!BN_mul(&r, &a, &b, pctx))
if (!BN_mul(r.bn, a.bn, b.bn, pctx))
throw bignum_error("CBigNum::operator* : BN_mul failed");
return r;
}
@ -551,7 +552,7 @@ inline const CBigNum operator/(const CBigNum& a, const CBigNum& b) @@ -551,7 +552,7 @@ inline const CBigNum operator/(const CBigNum& a, const CBigNum& b)
{
CAutoBN_CTX pctx;
CBigNum r;
if (!BN_div(&r, NULL, &a, &b, pctx))
if (!BN_div(r.bn, NULL, a.bn, b.bn, pctx))
throw bignum_error("CBigNum::operator/ : BN_div failed");
return r;
}
@ -560,7 +561,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b) @@ -560,7 +561,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b)
{
CAutoBN_CTX pctx;
CBigNum r;
if (!BN_mod(&r, &a, &b, pctx))
if (!BN_mod(r.bn, a.bn, b.bn, pctx))
throw bignum_error("CBigNum::operator% : BN_div failed");
return r;
}
@ -568,7 +569,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b) @@ -568,7 +569,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b)
inline const CBigNum operator<<(const CBigNum& a, unsigned int shift)
{
CBigNum r;
if (!BN_lshift(&r, &a, shift))
if (!BN_lshift(r.bn, a.bn, shift))
throw bignum_error("CBigNum:operator<< : BN_lshift failed");
return r;
}
@ -580,11 +581,11 @@ inline const CBigNum operator>>(const CBigNum& a, unsigned int shift) @@ -580,11 +581,11 @@ inline const CBigNum operator>>(const CBigNum& a, unsigned int shift)
return r;
}
inline bool operator==(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) == 0); }
inline bool operator!=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) != 0); }
inline bool operator<=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) <= 0); }
inline bool operator>=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) >= 0); }
inline bool operator<(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) < 0); }
inline bool operator>(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) > 0); }
inline bool operator==(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) == 0); }
inline bool operator!=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) != 0); }
inline bool operator<=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) <= 0); }
inline bool operator>=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) >= 0); }
inline bool operator<(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) < 0); }
inline bool operator>(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) > 0); }
#endif

2
src/clientversion.h
Unescape View File

@ -8,7 +8,7 @@ @@ -8,7 +8,7 @@
// These need to be macros, as version.cpp's and bitcoin-qt.rc's voodoo requires it
#define CLIENT_VERSION_MAJOR 0
#define CLIENT_VERSION_MINOR 9
#define CLIENT_VERSION_REVISION 39
#define CLIENT_VERSION_REVISION 40
#define CLIENT_VERSION_BUILD 0
// Set to true for release, false for prerelease or test build

85
src/key.cpp
Unescape View File

@ -87,7 +87,13 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch @@ -87,7 +87,13 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch
x = BN_CTX_get(ctx);
if (!BN_copy(x, order)) { ret=-1; goto err; }
if (!BN_mul_word(x, i)) { ret=-1; goto err; }
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; }
#else
const BIGNUM *ecsig_r, *ecsig_s;
ECDSA_SIG_get0(ecsig, &ecsig_r, &ecsig_s);
if (!BN_add(x, x, ecsig_r)) { ret=-1; goto err; }
#endif
field = BN_CTX_get(ctx);
if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; }
if (BN_cmp(x, field) >= 0) { ret=0; goto err; }
@ -108,9 +114,17 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch @@ -108,9 +114,17 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch
if (!BN_zero(zero)) { ret=-1; goto err; }
if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; }
rr = BN_CTX_get(ctx);
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; }
#else
if (!BN_mod_inverse(rr, ecsig_r, order, ctx)) { ret=-1; goto err; }
#endif
sor = BN_CTX_get(ctx);
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; }
#else
if (!BN_mod_mul(sor, ecsig_s, rr, order, ctx)) { ret=-1; goto err; }
#endif
eor = BN_CTX_get(ctx);
if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; }
if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; }
@ -162,13 +176,16 @@ public: @@ -162,13 +176,16 @@ public:
}
void SetSecretBytes(const unsigned char vch[32]) {
BIGNUM bn;
BN_init(&bn);
bool check = BN_bin2bn(vch, 32, &bn);
BIGNUM *bn;
bn = BN_new();
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
BN_init(bn);
#endif
bool check = BN_bin2bn(vch, 32, bn);
assert(check);
check = EC_KEY_regenerate_key(pkey, &bn);
check = EC_KEY_regenerate_key(pkey, bn);
assert(check);
BN_clear_free(&bn);
BN_clear_free(bn);
}
void GetPrivKey(CPrivKey &privkey, bool fCompressed) {
@ -231,8 +248,15 @@ public: @@ -231,8 +248,15 @@ public:
if (sig==NULL)
return false;
memset(p64, 0, 64);
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
int nBitsR = BN_num_bits(sig->r);
int nBitsS = BN_num_bits(sig->s);
#else
const BIGNUM *sig_r, *sig_s;
ECDSA_SIG_get0(sig, &sig_r, &sig_s);
int nBitsR = BN_num_bits(sig_r);
int nBitsS = BN_num_bits(sig_s);
#endif
if (nBitsR <= 256 && nBitsS <= 256) {
CPubKey pubkey;
GetPubKey(pubkey, true);
@ -249,8 +273,14 @@ public: @@ -249,8 +273,14 @@ public:
}
}
assert(fOk);
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
BN_bn2bin(sig->r,&p64[32-(nBitsR+7)/8]);
BN_bn2bin(sig->s,&p64[64-(nBitsS+7)/8]);
#else
ECDSA_SIG_get0(sig, &sig_r, &sig_s);
BN_bn2bin(sig_r,&p64[32-(nBitsR+7)/8]);
BN_bn2bin(sig_s,&p64[64-(nBitsS+7)/8]);
#endif
}
ECDSA_SIG_free(sig);
return fOk;
@ -265,8 +295,16 @@ public: @@ -265,8 +295,16 @@ public:
if (rec<0 || rec>=3)
return false;
ECDSA_SIG *sig = ECDSA_SIG_new();
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
BN_bin2bn(&p64[0], 32, sig->r);
BN_bin2bn(&p64[32], 32, sig->s);
#else
BIGNUM *sig_r = BN_new();
BIGNUM *sig_s = BN_new();
BN_bin2bn(&p64[0], 32, sig_r);
BN_bin2bn(&p64[32], 32, sig_s);
ECDSA_SIG_set0(sig, sig_r, sig_s);
#endif
bool ret = ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), rec, 0) == 1;
ECDSA_SIG_free(sig);
return ret;
@ -460,8 +498,12 @@ public: @@ -460,8 +498,12 @@ public:
EVP_CIPHER_CTX_free(cipher);
// Generate an authenticated hash which can be used to validate the data during decryption.
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
HMAC_CTX hmac;
HMAC_CTX_init(&hmac);
#else
HMAC_CTX *hmac = HMAC_CTX_new();
#endif
unsigned int mac_length = cryptex.mac.size();
// At the moment we are generating the hash using encrypted data. At some point we may want to validate the original text instead.
@ -470,18 +512,32 @@ public: @@ -470,18 +512,32 @@ public:
HMAC_Update(&hmac, reinterpret_cast<const unsigned char *>(cryptex.body.data()), cryptex.body.size());
HMAC_Final(&hmac, reinterpret_cast<unsigned char *>(&cryptex.mac[0]), &mac_length);
#else
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
if (HMAC_Init_ex(&hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 ||
HMAC_Update(&hmac, reinterpret_cast<const unsigned char *>(cryptex.body.data()), cryptex.body.size()) != 1 ||
HMAC_Final(&hmac, reinterpret_cast<unsigned char *>(&cryptex.mac[0]), &mac_length) != 1) {
#else
if (HMAC_Init_ex(hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 ||
HMAC_Update(hmac, reinterpret_cast<const unsigned char *>(cryptex.body.data()), cryptex.body.size()) != 1 ||
HMAC_Final(hmac, reinterpret_cast<unsigned char *>(&cryptex.mac[0]), &mac_length) != 1) {
#endif
#ifdef DEBUG_ECIES
printf("Unable to generate a data authentication code.\n");
#endif
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
HMAC_CTX_cleanup(&hmac);
#else
HMAC_CTX_free(hmac);
#endif
return false;
}
#endif
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
HMAC_CTX_cleanup(&hmac);
#else
HMAC_CTX_free(hmac);
#endif
return true;
}
@ -575,8 +631,12 @@ public: @@ -575,8 +631,12 @@ public:
EC_KEY_free(ephemeral);
// Use the authenticated hash of the ciphered data to ensure it was not modified after being encrypted.
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
HMAC_CTX hmac;
HMAC_CTX_init(&hmac);
#else
HMAC_CTX *hmac = HMAC_CTX_new();
#endif
unsigned int mac_length = EVP_MAX_MD_SIZE;
unsigned char md[EVP_MAX_MD_SIZE];
@ -586,18 +646,33 @@ public: @@ -586,18 +646,33 @@ public:
HMAC_Update(&hmac, reinterpret_cast<const unsigned char *>(cryptex.body.data()), cryptex.body.size());
HMAC_Final(&hmac, md, &mac_length);
#else
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
if (HMAC_Init_ex(&hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 ||
HMAC_Update(&hmac, reinterpret_cast<const unsigned char *>(cryptex.body.data()), cryptex.body.size()) != 1 ||
HMAC_Final(&hmac, md, &mac_length) != 1) {
#else
if (HMAC_Init_ex(hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 ||
HMAC_Update(hmac, reinterpret_cast<const unsigned char *>(cryptex.body.data()), cryptex.body.size()) != 1 ||
HMAC_Final(hmac, md, &mac_length) != 1) {
#endif
#ifdef DEBUG_ECIES
printf("Unable to generate a data authentication code.\n");
#endif
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
HMAC_CTX_cleanup(&hmac);
#else
HMAC_CTX_free(hmac);
#endif
return false;
}
#endif
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
HMAC_CTX_cleanup(&hmac);
#else
HMAC_CTX_free(hmac);
#endif
// We can use the generated hash to ensure the encrypted data was not altered after being encrypted.
if (mac_length != cryptex.mac.size() || memcmp(md, cryptex.mac.data(), mac_length)) {

Write Preview
Loading…
Cancel
Save