diff --git a/src/base58.h b/src/base58.h index 630d6fe9..b3efd32a 100644 --- a/src/base58.h +++ b/src/base58.h @@ -51,7 +51,7 @@ inline std::string EncodeBase58(const unsigned char* pbegin, const unsigned char CBigNum rem; while (bn > bn0) { - if (!BN_div(&dv, &rem, &bn, &bn58, pctx)) + if (!BN_div(dv.bn, rem.bn, bn.bn, bn58.bn, pctx)) throw bignum_error("EncodeBase58 : BN_div failed"); bn = dv; unsigned int c = rem.getulong(); @@ -98,7 +98,7 @@ inline bool DecodeBase58(const char* psz, std::vector& vchRet) break; } bnChar.setulong(p1 - pszBase58); - if (!BN_mul(&bn, &bn, &bn58, pctx)) + if (!BN_mul(bn.bn, bn.bn, bn58.bn, pctx)) throw bignum_error("DecodeBase58 : BN_mul failed"); bn += bnChar; } diff --git a/src/bignum.h b/src/bignum.h index 0881807d..63720274 100644 --- a/src/bignum.h +++ b/src/bignum.h @@ -48,75 +48,76 @@ public: /** C++ wrapper for BIGNUM (OpenSSL bignum) */ -class CBigNum : public BIGNUM +class CBigNum { public: + BIGNUM *bn; CBigNum() { - BN_init(this); + this->bn = BN_new(); } CBigNum(const CBigNum& b) { - BN_init(this); - if (!BN_copy(this, &b)) + this->bn = BN_new(); + if (!BN_copy(this->bn, b.bn)) { - BN_clear_free(this); + BN_clear_free(this->bn); throw bignum_error("CBigNum::CBigNum(const CBigNum&) : BN_copy failed"); } } CBigNum& operator=(const CBigNum& b) { - if (!BN_copy(this, &b)) + if (!BN_copy(this->bn, b.bn)) throw bignum_error("CBigNum::operator= : BN_copy failed"); return (*this); } ~CBigNum() { - BN_clear_free(this); + BN_clear_free(this->bn); } //CBigNum(char n) is not portable. Use 'signed char' or 'unsigned char'. - CBigNum(signed char n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(short n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(int n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(long n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(int64 n) { BN_init(this); setint64(n); } - CBigNum(unsigned char n) { BN_init(this); setulong(n); } - CBigNum(unsigned short n) { BN_init(this); setulong(n); } - CBigNum(unsigned int n) { BN_init(this); setulong(n); } - CBigNum(unsigned long n) { BN_init(this); setulong(n); } - CBigNum(uint64 n) { BN_init(this); setuint64(n); } - explicit CBigNum(uint256 n) { BN_init(this); setuint256(n); } + CBigNum(signed char n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(short n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(int n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(long n) { this->bn = BN_new(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(int64 n) { this->bn = BN_new(); setint64(n); } + CBigNum(unsigned char n) { this->bn = BN_new(); setulong(n); } + CBigNum(unsigned short n) { this->bn = BN_new(); setulong(n); } + CBigNum(unsigned int n) { this->bn = BN_new(); setulong(n); } + CBigNum(unsigned long n) { this->bn = BN_new(); setulong(n); } + CBigNum(uint64 n) { this->bn = BN_new(); setuint64(n); } + explicit CBigNum(uint256 n) { this->bn = BN_new(); setuint256(n); } explicit CBigNum(const std::vector& vch) { - BN_init(this); + this->bn = BN_new(); setvch(vch); } void setulong(unsigned long n) { - if (!BN_set_word(this, n)) + if (!BN_set_word(this->bn, n)) throw bignum_error("CBigNum conversion from unsigned long : BN_set_word failed"); } unsigned long getulong() const { - return BN_get_word(this); + return BN_get_word(this->bn); } unsigned int getuint() const { - return BN_get_word(this); + return BN_get_word(this->bn); } int getint() const { - unsigned long n = BN_get_word(this); - if (!BN_is_negative(this)) + unsigned long n = BN_get_word(this->bn); + if (!BN_is_negative(this->bn)) return (n > (unsigned long)std::numeric_limits::max() ? std::numeric_limits::max() : n); else return (n > (unsigned long)std::numeric_limits::max() ? std::numeric_limits::min() : -(int)n); @@ -164,7 +165,7 @@ public: pch[1] = (nSize >> 16) & 0xff; pch[2] = (nSize >> 8) & 0xff; pch[3] = (nSize) & 0xff; - BN_mpi2bn(pch, p - pch, this); + BN_mpi2bn(pch, p - pch, this->bn); } void setuint64(uint64 n) @@ -191,7 +192,7 @@ public: pch[1] = (nSize >> 16) & 0xff; pch[2] = (nSize >> 8) & 0xff; pch[3] = (nSize) & 0xff; - BN_mpi2bn(pch, p - pch, this); + BN_mpi2bn(pch, p - pch, this->bn); } void setuint256(uint256 n) @@ -219,16 +220,16 @@ public: pch[1] = (nSize >> 16) & 0xff; pch[2] = (nSize >> 8) & 0xff; pch[3] = (nSize >> 0) & 0xff; - BN_mpi2bn(pch, p - pch, this); + BN_mpi2bn(pch, p - pch, this->bn); } uint256 getuint256() const { - unsigned int nSize = BN_bn2mpi(this, NULL); + unsigned int nSize = BN_bn2mpi(this->bn, NULL); if (nSize < 4) return 0; std::vector vch(nSize); - BN_bn2mpi(this, &vch[0]); + BN_bn2mpi(this->bn, &vch[0]); if (vch.size() > 4) vch[4] &= 0x7f; uint256 n = 0; @@ -249,16 +250,16 @@ public: vch2[3] = (nSize >> 0) & 0xff; // swap data to big endian reverse_copy(vch.begin(), vch.end(), vch2.begin() + 4); - BN_mpi2bn(&vch2[0], vch2.size(), this); + BN_mpi2bn(&vch2[0], vch2.size(), this->bn); } std::vector getvch() const { - unsigned int nSize = BN_bn2mpi(this, NULL); + unsigned int nSize = BN_bn2mpi(this->bn, NULL); if (nSize <= 4) return std::vector(); std::vector vch(nSize); - BN_bn2mpi(this, &vch[0]); + BN_bn2mpi(this->bn, &vch[0]); vch.erase(vch.begin(), vch.begin() + 4); reverse(vch.begin(), vch.end()); return vch; @@ -294,28 +295,28 @@ public: if (nSize <= 3) { nWord >>= 8*(3-nSize); - BN_set_word(this, nWord); + BN_set_word(this->bn, nWord); } else { - BN_set_word(this, nWord); - BN_lshift(this, this, 8*(nSize-3)); + BN_set_word(this->bn, nWord); + BN_lshift(this->bn, this->bn, 8*(nSize-3)); } - BN_set_negative(this, fNegative); + BN_set_negative(this->bn, fNegative); return *this; } unsigned int GetCompact() const { - unsigned int nSize = BN_num_bytes(this); + unsigned int nSize = BN_num_bytes(this->bn); unsigned int nCompact = 0; if (nSize <= 3) - nCompact = BN_get_word(this) << 8*(3-nSize); + nCompact = BN_get_word(this->bn) << 8*(3-nSize); else { CBigNum bn; - BN_rshift(&bn, this, 8*(nSize-3)); - nCompact = BN_get_word(&bn); + BN_rshift(bn.bn, this->bn, 8*(nSize-3)); + nCompact = BN_get_word(bn.bn); } // The 0x00800000 bit denotes the sign. // Thus, if it is already set, divide the mantissa by 256 and increase the exponent. @@ -325,7 +326,7 @@ public: nSize++; } nCompact |= nSize << 24; - nCompact |= (BN_is_negative(this) ? 0x00800000 : 0); + nCompact |= (BN_is_negative(this->bn) ? 0x00800000 : 0); return nCompact; } @@ -366,20 +367,20 @@ public: CBigNum bn0 = 0; std::string str; CBigNum bn = *this; - BN_set_negative(&bn, false); + BN_set_negative(bn.bn, false); CBigNum dv; CBigNum rem; - if (BN_cmp(&bn, &bn0) == 0) + if (BN_cmp(bn.bn, bn0.bn) == 0) return "0"; - while (BN_cmp(&bn, &bn0) > 0) + while (BN_cmp(bn.bn, bn0.bn) > 0) { - if (!BN_div(&dv, &rem, &bn, &bnBase, pctx)) + if (!BN_div(dv.bn, rem.bn, bn.bn, bnBase.bn, pctx)) throw bignum_error("CBigNum::ToString() : BN_div failed"); bn = dv; unsigned int c = rem.getulong(); str += "0123456789abcdef"[c]; } - if (BN_is_negative(this)) + if (BN_is_negative(this->bn)) str += "-"; reverse(str.begin(), str.end()); return str; @@ -412,12 +413,12 @@ public: bool operator!() const { - return BN_is_zero(this); + return BN_is_zero(this->bn); } CBigNum& operator+=(const CBigNum& b) { - if (!BN_add(this, this, &b)) + if (!BN_add(this->bn, this->bn, b.bn)) throw bignum_error("CBigNum::operator+= : BN_add failed"); return *this; } @@ -431,7 +432,7 @@ public: CBigNum& operator*=(const CBigNum& b) { CAutoBN_CTX pctx; - if (!BN_mul(this, this, &b, pctx)) + if (!BN_mul(this->bn, this->bn, b.bn, pctx)) throw bignum_error("CBigNum::operator*= : BN_mul failed"); return *this; } @@ -450,7 +451,7 @@ public: CBigNum& operator<<=(unsigned int shift) { - if (!BN_lshift(this, this, shift)) + if (!BN_lshift(this->bn, this->bn, shift)) throw bignum_error("CBigNum:operator<<= : BN_lshift failed"); return *this; } @@ -461,13 +462,13 @@ public: // if built on ubuntu 9.04 or 9.10, probably depends on version of OpenSSL CBigNum a = 1; a <<= shift; - if (BN_cmp(&a, this) > 0) + if (BN_cmp(a.bn, this->bn) > 0) { *this = 0; return *this; } - if (!BN_rshift(this, this, shift)) + if (!BN_rshift(this->bn, this->bn, shift)) throw bignum_error("CBigNum:operator>>= : BN_rshift failed"); return *this; } @@ -476,7 +477,7 @@ public: CBigNum& operator++() { // prefix operator - if (!BN_add(this, this, BN_value_one())) + if (!BN_add(this->bn, this->bn, BN_value_one())) throw bignum_error("CBigNum::operator++ : BN_add failed"); return *this; } @@ -493,7 +494,7 @@ public: { // prefix operator CBigNum r; - if (!BN_sub(&r, this, BN_value_one())) + if (!BN_sub(r.bn, this->bn, BN_value_one())) throw bignum_error("CBigNum::operator-- : BN_sub failed"); *this = r; return *this; @@ -518,7 +519,7 @@ public: inline const CBigNum operator+(const CBigNum& a, const CBigNum& b) { CBigNum r; - if (!BN_add(&r, &a, &b)) + if (!BN_add(r.bn, a.bn, b.bn)) throw bignum_error("CBigNum::operator+ : BN_add failed"); return r; } @@ -526,7 +527,7 @@ inline const CBigNum operator+(const CBigNum& a, const CBigNum& b) inline const CBigNum operator-(const CBigNum& a, const CBigNum& b) { CBigNum r; - if (!BN_sub(&r, &a, &b)) + if (!BN_sub(r.bn, a.bn, b.bn)) throw bignum_error("CBigNum::operator- : BN_sub failed"); return r; } @@ -534,7 +535,7 @@ inline const CBigNum operator-(const CBigNum& a, const CBigNum& b) inline const CBigNum operator-(const CBigNum& a) { CBigNum r(a); - BN_set_negative(&r, !BN_is_negative(&r)); + BN_set_negative(r.bn, !BN_is_negative(r.bn)); return r; } @@ -542,7 +543,7 @@ inline const CBigNum operator*(const CBigNum& a, const CBigNum& b) { CAutoBN_CTX pctx; CBigNum r; - if (!BN_mul(&r, &a, &b, pctx)) + if (!BN_mul(r.bn, a.bn, b.bn, pctx)) throw bignum_error("CBigNum::operator* : BN_mul failed"); return r; } @@ -551,7 +552,7 @@ inline const CBigNum operator/(const CBigNum& a, const CBigNum& b) { CAutoBN_CTX pctx; CBigNum r; - if (!BN_div(&r, NULL, &a, &b, pctx)) + if (!BN_div(r.bn, NULL, a.bn, b.bn, pctx)) throw bignum_error("CBigNum::operator/ : BN_div failed"); return r; } @@ -560,7 +561,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b) { CAutoBN_CTX pctx; CBigNum r; - if (!BN_mod(&r, &a, &b, pctx)) + if (!BN_mod(r.bn, a.bn, b.bn, pctx)) throw bignum_error("CBigNum::operator% : BN_div failed"); return r; } @@ -568,7 +569,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b) inline const CBigNum operator<<(const CBigNum& a, unsigned int shift) { CBigNum r; - if (!BN_lshift(&r, &a, shift)) + if (!BN_lshift(r.bn, a.bn, shift)) throw bignum_error("CBigNum:operator<< : BN_lshift failed"); return r; } @@ -580,11 +581,11 @@ inline const CBigNum operator>>(const CBigNum& a, unsigned int shift) return r; } -inline bool operator==(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) == 0); } -inline bool operator!=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) != 0); } -inline bool operator<=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) <= 0); } -inline bool operator>=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) >= 0); } -inline bool operator<(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) < 0); } -inline bool operator>(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) > 0); } +inline bool operator==(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) == 0); } +inline bool operator!=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) != 0); } +inline bool operator<=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) <= 0); } +inline bool operator>=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) >= 0); } +inline bool operator<(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) < 0); } +inline bool operator>(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.bn, b.bn) > 0); } #endif diff --git a/src/clientversion.h b/src/clientversion.h index 6b806694..bdc660eb 100644 --- a/src/clientversion.h +++ b/src/clientversion.h @@ -8,7 +8,7 @@ // These need to be macros, as version.cpp's and bitcoin-qt.rc's voodoo requires it #define CLIENT_VERSION_MAJOR 0 #define CLIENT_VERSION_MINOR 9 -#define CLIENT_VERSION_REVISION 39 +#define CLIENT_VERSION_REVISION 40 #define CLIENT_VERSION_BUILD 0 // Set to true for release, false for prerelease or test build diff --git a/src/key.cpp b/src/key.cpp index ee3aacea..d3821ae4 100644 --- a/src/key.cpp +++ b/src/key.cpp @@ -87,7 +87,13 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch x = BN_CTX_get(ctx); if (!BN_copy(x, order)) { ret=-1; goto err; } if (!BN_mul_word(x, i)) { ret=-1; goto err; } +#if (OPENSSL_VERSION_NUMBER < 0x10100000) if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; } +#else + const BIGNUM *ecsig_r, *ecsig_s; + ECDSA_SIG_get0(ecsig, &ecsig_r, &ecsig_s); + if (!BN_add(x, x, ecsig_r)) { ret=-1; goto err; } +#endif field = BN_CTX_get(ctx); if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; } if (BN_cmp(x, field) >= 0) { ret=0; goto err; } @@ -108,9 +114,17 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch if (!BN_zero(zero)) { ret=-1; goto err; } if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; } rr = BN_CTX_get(ctx); +#if (OPENSSL_VERSION_NUMBER < 0x10100000) if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; } +#else + if (!BN_mod_inverse(rr, ecsig_r, order, ctx)) { ret=-1; goto err; } +#endif sor = BN_CTX_get(ctx); +#if (OPENSSL_VERSION_NUMBER < 0x10100000) if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; } +#else + if (!BN_mod_mul(sor, ecsig_s, rr, order, ctx)) { ret=-1; goto err; } +#endif eor = BN_CTX_get(ctx); if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; } if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; } @@ -162,13 +176,16 @@ public: } void SetSecretBytes(const unsigned char vch[32]) { - BIGNUM bn; - BN_init(&bn); - bool check = BN_bin2bn(vch, 32, &bn); + BIGNUM *bn; + bn = BN_new(); +#if (OPENSSL_VERSION_NUMBER < 0x10100000) + BN_init(bn); +#endif + bool check = BN_bin2bn(vch, 32, bn); assert(check); - check = EC_KEY_regenerate_key(pkey, &bn); + check = EC_KEY_regenerate_key(pkey, bn); assert(check); - BN_clear_free(&bn); + BN_clear_free(bn); } void GetPrivKey(CPrivKey &privkey, bool fCompressed) { @@ -231,8 +248,15 @@ public: if (sig==NULL) return false; memset(p64, 0, 64); +#if (OPENSSL_VERSION_NUMBER < 0x10100000) int nBitsR = BN_num_bits(sig->r); int nBitsS = BN_num_bits(sig->s); +#else + const BIGNUM *sig_r, *sig_s; + ECDSA_SIG_get0(sig, &sig_r, &sig_s); + int nBitsR = BN_num_bits(sig_r); + int nBitsS = BN_num_bits(sig_s); +#endif if (nBitsR <= 256 && nBitsS <= 256) { CPubKey pubkey; GetPubKey(pubkey, true); @@ -249,8 +273,14 @@ public: } } assert(fOk); +#if (OPENSSL_VERSION_NUMBER < 0x10100000) BN_bn2bin(sig->r,&p64[32-(nBitsR+7)/8]); BN_bn2bin(sig->s,&p64[64-(nBitsS+7)/8]); +#else + ECDSA_SIG_get0(sig, &sig_r, &sig_s); + BN_bn2bin(sig_r,&p64[32-(nBitsR+7)/8]); + BN_bn2bin(sig_s,&p64[64-(nBitsS+7)/8]); +#endif } ECDSA_SIG_free(sig); return fOk; @@ -265,8 +295,16 @@ public: if (rec<0 || rec>=3) return false; ECDSA_SIG *sig = ECDSA_SIG_new(); +#if (OPENSSL_VERSION_NUMBER < 0x10100000) BN_bin2bn(&p64[0], 32, sig->r); BN_bin2bn(&p64[32], 32, sig->s); +#else + BIGNUM *sig_r = BN_new(); + BIGNUM *sig_s = BN_new(); + BN_bin2bn(&p64[0], 32, sig_r); + BN_bin2bn(&p64[32], 32, sig_s); + ECDSA_SIG_set0(sig, sig_r, sig_s); +#endif bool ret = ECDSA_SIG_recover_key_GFp(pkey, sig, (unsigned char*)&hash, sizeof(hash), rec, 0) == 1; ECDSA_SIG_free(sig); return ret; @@ -460,8 +498,12 @@ public: EVP_CIPHER_CTX_free(cipher); // Generate an authenticated hash which can be used to validate the data during decryption. +#if (OPENSSL_VERSION_NUMBER < 0x10100000) HMAC_CTX hmac; HMAC_CTX_init(&hmac); +#else + HMAC_CTX *hmac = HMAC_CTX_new(); +#endif unsigned int mac_length = cryptex.mac.size(); // At the moment we are generating the hash using encrypted data. At some point we may want to validate the original text instead. @@ -470,18 +512,32 @@ public: HMAC_Update(&hmac, reinterpret_cast(cryptex.body.data()), cryptex.body.size()); HMAC_Final(&hmac, reinterpret_cast(&cryptex.mac[0]), &mac_length); #else + #if (OPENSSL_VERSION_NUMBER < 0x10100000) if (HMAC_Init_ex(&hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 || HMAC_Update(&hmac, reinterpret_cast(cryptex.body.data()), cryptex.body.size()) != 1 || HMAC_Final(&hmac, reinterpret_cast(&cryptex.mac[0]), &mac_length) != 1) { + #else + if (HMAC_Init_ex(hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 || + HMAC_Update(hmac, reinterpret_cast(cryptex.body.data()), cryptex.body.size()) != 1 || + HMAC_Final(hmac, reinterpret_cast(&cryptex.mac[0]), &mac_length) != 1) { + #endif #ifdef DEBUG_ECIES printf("Unable to generate a data authentication code.\n"); #endif +#if (OPENSSL_VERSION_NUMBER < 0x10100000) HMAC_CTX_cleanup(&hmac); +#else + HMAC_CTX_free(hmac); +#endif return false; } #endif +#if (OPENSSL_VERSION_NUMBER < 0x10100000) HMAC_CTX_cleanup(&hmac); +#else + HMAC_CTX_free(hmac); +#endif return true; } @@ -575,8 +631,12 @@ public: EC_KEY_free(ephemeral); // Use the authenticated hash of the ciphered data to ensure it was not modified after being encrypted. +#if (OPENSSL_VERSION_NUMBER < 0x10100000) HMAC_CTX hmac; HMAC_CTX_init(&hmac); +#else + HMAC_CTX *hmac = HMAC_CTX_new(); +#endif unsigned int mac_length = EVP_MAX_MD_SIZE; unsigned char md[EVP_MAX_MD_SIZE]; @@ -586,18 +646,33 @@ public: HMAC_Update(&hmac, reinterpret_cast(cryptex.body.data()), cryptex.body.size()); HMAC_Final(&hmac, md, &mac_length); #else + #if (OPENSSL_VERSION_NUMBER < 0x10100000) if (HMAC_Init_ex(&hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 || HMAC_Update(&hmac, reinterpret_cast(cryptex.body.data()), cryptex.body.size()) != 1 || HMAC_Final(&hmac, md, &mac_length) != 1) { + #else + if (HMAC_Init_ex(hmac, envelope_key + key_length, key_length, ECIES_HASHER, NULL) != 1 || + HMAC_Update(hmac, reinterpret_cast(cryptex.body.data()), cryptex.body.size()) != 1 || + HMAC_Final(hmac, md, &mac_length) != 1) { + #endif #ifdef DEBUG_ECIES printf("Unable to generate a data authentication code.\n"); #endif + +#if (OPENSSL_VERSION_NUMBER < 0x10100000) HMAC_CTX_cleanup(&hmac); +#else + HMAC_CTX_free(hmac); +#endif return false; } #endif +#if (OPENSSL_VERSION_NUMBER < 0x10100000) HMAC_CTX_cleanup(&hmac); +#else + HMAC_CTX_free(hmac); +#endif // We can use the generated hash to ensure the encrypted data was not altered after being encrypted. if (mac_length != cryptex.mac.size() || memcmp(md, cryptex.mac.data(), mac_length)) {