From fcbd0f9909355b1aa01e1d0030f56d44b3997336 Mon Sep 17 00:00:00 2001 From: Matthew Mitchell Date: Sat, 6 Jan 2018 12:55:49 +0000 Subject: [PATCH] Apply fixes to allow compilation with OpenSSL 1.1. Some deprecation warnings remain. --- src/base58.h | 4 +- src/bignum.h | 172 ++++++++++++++++++++++++++---------------------- src/crypter.cpp | 28 ++++---- src/key.cpp | 74 ++++++++++++++++++--- src/script.cpp | 139 -------------------------------------- 5 files changed, 175 insertions(+), 242 deletions(-) diff --git a/src/base58.h b/src/base58.h index 2af4224..eaf274d 100644 --- a/src/base58.h +++ b/src/base58.h @@ -48,7 +48,7 @@ inline std::string EncodeBase58(const unsigned char* pbegin, const unsigned char CBigNum rem; while (bn > bn0) { - if (!BN_div(&dv, &rem, &bn, &bn58, pctx)) + if (!BN_div(dv.get(), rem.get(), bn.cget(), bn58.cget(), pctx)) throw bignum_error("EncodeBase58 : BN_div failed"); bn = dv; unsigned int c = rem.getulong(); @@ -95,7 +95,7 @@ inline bool DecodeBase58(const char* psz, std::vector& vchRet) break; } bnChar.setulong(p1 - pszBase58); - if (!BN_mul(&bn, &bn, &bn58, pctx)) + if (!BN_mul(bn.get(), bn.cget(), bn58.cget(), pctx)) throw bignum_error("DecodeBase58 : BN_mul failed"); bn += bnChar; } diff --git a/src/bignum.h b/src/bignum.h index b262931..69d0e9d 100644 --- a/src/bignum.h +++ b/src/bignum.h @@ -55,52 +55,64 @@ class CAutoBN_CTX /** C++ wrapper for BIGNUM (OpenSSL bignum) */ -class CBigNum : public BIGNUM +class CBigNum { +private: + BIGNUM *self; + + void init() + { + if (self) BN_clear_free(self); + self = BN_new(); + if (!self) + throw bignum_error("CBigNum::init() : BN_new() returned NULL"); + } + public: - CBigNum() + BIGNUM* get() { return self; } + const BIGNUM* cget() const { return self; } + + CBigNum() : self(NULL) { - BN_init(this); + init(); } - CBigNum(const CBigNum& b) + CBigNum(const CBigNum& b) : self(NULL) { - BN_init(this); - if (!BN_copy(this, &b)) + init(); + if (!BN_copy(self, b.cget())) { - BN_clear_free(this); + BN_clear_free(self); throw bignum_error("CBigNum::CBigNum(const CBigNum&) : BN_copy failed"); } } CBigNum& operator=(const CBigNum& b) { - if (!BN_copy(this, &b)) + if (!BN_copy(self, b.cget())) throw bignum_error("CBigNum::operator= : BN_copy failed"); return (*this); } ~CBigNum() { - BN_clear_free(this); + if (self) BN_clear_free(self); } //CBigNum(char n) is not portable. Use 'signed char' or 'unsigned char'. - CBigNum(signed char n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(short n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(int n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(long n) { BN_init(this); if (n >= 0) setulong(n); else setint64(n); } - CBigNum(long long n) { BN_init(this); setint64(n); } - CBigNum(unsigned char n) { BN_init(this); setulong(n); } - CBigNum(unsigned short n) { BN_init(this); setulong(n); } - CBigNum(unsigned int n) { BN_init(this); setulong(n); } - CBigNum(unsigned long n) { BN_init(this); setulong(n); } - CBigNum(unsigned long long n) { BN_init(this); setuint64(n); } - explicit CBigNum(uint256 n) { BN_init(this); setuint256(n); } - - explicit CBigNum(const std::vector& vch) - { - BN_init(this); + CBigNum(signed char n) : self(NULL) { init(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(short n) : self(NULL) { init(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(int n) : self(NULL) { init(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(long n) : self(NULL) { init(); if (n >= 0) setulong(n); else setint64(n); } + CBigNum(unsigned char n) : self(NULL) { init(); setulong(n); } + CBigNum(unsigned short n) : self(NULL) { init(); setulong(n); } + CBigNum(unsigned int n) : self(NULL) { init(); setulong(n); } + CBigNum(unsigned long n) : self(NULL) { init(); setulong(n); } + explicit CBigNum(uint256 n) : self(NULL) { init(); setuint256(n); } + + explicit CBigNum(const std::vector& vch) : self(NULL) + { + init(); setvch(vch); } @@ -111,7 +123,7 @@ class CBigNum : public BIGNUM */ static CBigNum randBignum(const CBigNum& range) { CBigNum ret; - if(!BN_rand_range(&ret, &range)){ + if(!BN_rand_range(ret.get(), range.cget())){ throw bignum_error("CBigNum:rand element : BN_rand_range failed"); } return ret; @@ -123,7 +135,7 @@ class CBigNum : public BIGNUM */ static CBigNum RandKBitBigum(const uint32_t k){ CBigNum ret; - if(!BN_rand(&ret, k, -1, 0)){ + if(!BN_rand(ret.get(), k, -1, 0)){ throw bignum_error("CBigNum:rand element : BN_rand failed"); } return ret; @@ -134,30 +146,30 @@ class CBigNum : public BIGNUM * @return the size */ int bitSize() const{ - return BN_num_bits(this); + return BN_num_bits(self); } void setulong(unsigned long n) { - if (!BN_set_word(this, n)) + if (!BN_set_word(self, n)) throw bignum_error("CBigNum conversion from unsigned long : BN_set_word failed"); } unsigned long getulong() const { - return BN_get_word(this); + return BN_get_word(self); } unsigned int getuint() const { - return BN_get_word(this); + return BN_get_word(self); } int getint() const { - unsigned long n = BN_get_word(this); - if (!BN_is_negative(this)) + unsigned long n = BN_get_word(self); + if (!BN_is_negative(self)) return (n > (unsigned long)std::numeric_limits::max() ? std::numeric_limits::max() : n); else return (n > (unsigned long)std::numeric_limits::max() ? std::numeric_limits::min() : -(int)n); @@ -203,16 +215,16 @@ class CBigNum : public BIGNUM pch[1] = (nSize >> 16) & 0xff; pch[2] = (nSize >> 8) & 0xff; pch[3] = (nSize) & 0xff; - BN_mpi2bn(pch, p - pch, this); + BN_mpi2bn(pch, p - pch, self); } uint64_t getuint64() { - unsigned int nSize = BN_bn2mpi(this, NULL); + unsigned int nSize = BN_bn2mpi(self, NULL); if (nSize < 4) return 0; std::vector vch(nSize); - BN_bn2mpi(this, &vch[0]); + BN_bn2mpi(self, &vch[0]); if (vch.size() > 4) vch[4] &= 0x7f; uint64_t n = 0; @@ -245,7 +257,7 @@ class CBigNum : public BIGNUM pch[1] = (nSize >> 16) & 0xff; pch[2] = (nSize >> 8) & 0xff; pch[3] = (nSize) & 0xff; - BN_mpi2bn(pch, p - pch, this); + BN_mpi2bn(pch, p - pch, self); } void setuint256(uint256 n) @@ -273,16 +285,16 @@ class CBigNum : public BIGNUM pch[1] = (nSize >> 16) & 0xff; pch[2] = (nSize >> 8) & 0xff; pch[3] = (nSize >> 0) & 0xff; - BN_mpi2bn(pch, p - pch, this); + BN_mpi2bn(pch, p - pch, self); } uint256 getuint256() const { - unsigned int nSize = BN_bn2mpi(this, NULL); + unsigned int nSize = BN_bn2mpi(self, NULL); if (nSize < 4) return 0; std::vector vch(nSize); - BN_bn2mpi(this, &vch[0]); + BN_bn2mpi(self, &vch[0]); if (vch.size() > 4) vch[4] &= 0x7f; uint256 n = 0; @@ -304,16 +316,16 @@ class CBigNum : public BIGNUM vch2[3] = (nSize >> 0) & 0xff; // swap data to big endian reverse_copy(vch.begin(), vch.end(), vch2.begin() + 4); - BN_mpi2bn(&vch2[0], vch2.size(), this); + BN_mpi2bn(&vch2[0], vch2.size(), self); } std::vector getvch() const { - unsigned int nSize = BN_bn2mpi(this, NULL); + unsigned int nSize = BN_bn2mpi(self, NULL); if (nSize <= 4) return std::vector(); std::vector vch(nSize); - BN_bn2mpi(this, &vch[0]); + BN_bn2mpi(self, &vch[0]); vch.erase(vch.begin(), vch.begin() + 4); reverse(vch.begin(), vch.end()); return vch; @@ -327,16 +339,16 @@ class CBigNum : public BIGNUM if (nSize >= 1) vch[4] = (nCompact >> 16) & 0xff; if (nSize >= 2) vch[5] = (nCompact >> 8) & 0xff; if (nSize >= 3) vch[6] = (nCompact >> 0) & 0xff; - BN_mpi2bn(&vch[0], vch.size(), this); + BN_mpi2bn(&vch[0], vch.size(), self); return *this; } unsigned int GetCompact() const { - unsigned int nSize = BN_bn2mpi(this, NULL); + unsigned int nSize = BN_bn2mpi(self, NULL); std::vector vch(nSize); nSize -= 4; - BN_bn2mpi(this, &vch[0]); + BN_bn2mpi(self, &vch[0]); unsigned int nCompact = nSize << 24; if (nSize >= 1) nCompact |= (vch[4] << 16); if (nSize >= 2) nCompact |= (vch[5] << 8); @@ -381,20 +393,20 @@ class CBigNum : public BIGNUM CBigNum bn0 = 0; std::string str; CBigNum bn = *this; - BN_set_negative(&bn, false); + BN_set_negative(bn.get(), false); CBigNum dv; CBigNum rem; - if (BN_cmp(&bn, &bn0) == 0) + if (BN_cmp(bn.get(), bn0.cget()) == 0) return "0"; - while (BN_cmp(&bn, &bn0) > 0) + while (BN_cmp(bn.get(), bn0.cget()) > 0) { - if (!BN_div(&dv, &rem, &bn, &bnBase, pctx)) + if (!BN_div(dv.get(), rem.get(), bn.cget(), bnBase.cget(), pctx)) throw bignum_error("CBigNum::ToString() : BN_div failed"); bn = dv; unsigned int c = rem.getulong(); str += "0123456789abcdef"[c]; } - if (BN_is_negative(this)) + if (BN_is_negative(self)) str += "-"; reverse(str.begin(), str.end()); return str; @@ -441,7 +453,7 @@ class CBigNum : public BIGNUM CBigNum pow(const CBigNum& e) const { CAutoBN_CTX pctx; CBigNum ret; - if (!BN_exp(&ret, this, &e, pctx)) + if (!BN_exp(ret.get(), self, e.cget(), pctx)) throw bignum_error("CBigNum::pow : BN_exp failed"); return ret; } @@ -454,7 +466,7 @@ class CBigNum : public BIGNUM CBigNum mul_mod(const CBigNum& b, const CBigNum& m) const { CAutoBN_CTX pctx; CBigNum ret; - if (!BN_mod_mul(&ret, this, &b, &m, pctx)) + if (!BN_mod_mul(ret.get(), self, b.cget(), m.cget(), pctx)) throw bignum_error("CBigNum::mul_mod : BN_mod_mul failed"); return ret; @@ -472,10 +484,10 @@ class CBigNum : public BIGNUM // g^-x = (g^-1)^x CBigNum inv = this->inverse(m); CBigNum posE = e * -1; - if (!BN_mod_exp(&ret, &inv, &posE, &m, pctx)) + if (!BN_mod_exp(ret.get(), inv.cget(), posE.cget(), m.cget(), pctx)) throw bignum_error("CBigNum::pow_mod: BN_mod_exp failed on negative exponent"); }else - if (!BN_mod_exp(&ret, this, &e, &m, pctx)) + if (!BN_mod_exp(ret.get(), self, e.cget(), m.cget(), pctx)) throw bignum_error("CBigNum::pow_mod : BN_mod_exp failed"); return ret; @@ -490,7 +502,7 @@ class CBigNum : public BIGNUM CBigNum inverse(const CBigNum& m) const { CAutoBN_CTX pctx; CBigNum ret; - if (!BN_mod_inverse(&ret, this, &m, pctx)) + if (!BN_mod_inverse(ret.get(), self, m.cget(), pctx)) throw bignum_error("CBigNum::inverse*= :BN_mod_inverse"); return ret; } @@ -503,7 +515,7 @@ class CBigNum : public BIGNUM */ static CBigNum generatePrime(const unsigned int numBits, bool safe = false) { CBigNum ret; - if(!BN_generate_prime_ex(&ret, numBits, (safe == true), NULL, NULL, NULL)) + if(!BN_generate_prime_ex(ret.get(), numBits, (safe == true), NULL, NULL, NULL)) throw bignum_error("CBigNum::generatePrime*= :BN_generate_prime_ex"); return ret; } @@ -516,7 +528,7 @@ class CBigNum : public BIGNUM CBigNum gcd( const CBigNum& b) const{ CAutoBN_CTX pctx; CBigNum ret; - if (!BN_gcd(&ret, this, &b, pctx)) + if (!BN_gcd(ret.get(), self, b.cget(), pctx)) throw bignum_error("CBigNum::gcd*= :BN_gcd"); return ret; } @@ -529,7 +541,7 @@ class CBigNum : public BIGNUM */ bool isPrime(const int checks=BN_prime_checks) const { CAutoBN_CTX pctx; - int ret = BN_is_prime(this, checks, NULL, pctx, NULL); + int ret = BN_is_prime(self, checks, NULL, pctx, NULL); if(ret < 0){ throw bignum_error("CBigNum::isPrime :BN_is_prime"); } @@ -537,18 +549,18 @@ class CBigNum : public BIGNUM } bool isOne() const { - return BN_is_one(this); + return BN_is_one(self); } bool operator!() const { - return BN_is_zero(this); + return BN_is_zero(self); } CBigNum& operator+=(const CBigNum& b) { - if (!BN_add(this, this, &b)) + if (!BN_add(self, self, b.cget())) throw bignum_error("CBigNum::operator+= : BN_add failed"); return *this; } @@ -562,7 +574,7 @@ class CBigNum : public BIGNUM CBigNum& operator*=(const CBigNum& b) { CAutoBN_CTX pctx; - if (!BN_mul(this, this, &b, pctx)) + if (!BN_mul(self, self, b.cget(), pctx)) throw bignum_error("CBigNum::operator*= : BN_mul failed"); return *this; } @@ -581,7 +593,7 @@ class CBigNum : public BIGNUM CBigNum& operator<<=(unsigned int shift) { - if (!BN_lshift(this, this, shift)) + if (!BN_lshift(self, self, shift)) throw bignum_error("CBigNum:operator<<= : BN_lshift failed"); return *this; } @@ -592,13 +604,13 @@ class CBigNum : public BIGNUM // if built on ubuntu 9.04 or 9.10, probably depends on version of OpenSSL CBigNum a = 1; a <<= shift; - if (BN_cmp(&a, this) > 0) + if (BN_cmp(a.cget(), self) > 0) { *this = 0; return *this; } - if (!BN_rshift(this, this, shift)) + if (!BN_rshift(self, self, shift)) throw bignum_error("CBigNum:operator>>= : BN_rshift failed"); return *this; } @@ -607,7 +619,7 @@ class CBigNum : public BIGNUM CBigNum& operator++() { // prefix operator - if (!BN_add(this, this, BN_value_one())) + if (!BN_add(self, self, BN_value_one())) throw bignum_error("CBigNum::operator++ : BN_add failed"); return *this; } @@ -624,7 +636,7 @@ class CBigNum : public BIGNUM { // prefix operator CBigNum r; - if (!BN_sub(&r, this, BN_value_one())) + if (!BN_sub(r.get(), self, BN_value_one())) throw bignum_error("CBigNum::operator-- : BN_sub failed"); *this = r; return *this; @@ -651,7 +663,7 @@ class CBigNum : public BIGNUM inline const CBigNum operator+(const CBigNum& a, const CBigNum& b) { CBigNum r; - if (!BN_add(&r, &a, &b)) + if (!BN_add(r.get(), a.cget(), b.cget())) throw bignum_error("CBigNum::operator+ : BN_add failed"); return r; } @@ -659,7 +671,7 @@ inline const CBigNum operator+(const CBigNum& a, const CBigNum& b) inline const CBigNum operator-(const CBigNum& a, const CBigNum& b) { CBigNum r; - if (!BN_sub(&r, &a, &b)) + if (!BN_sub(r.get(), a.cget(), b.cget())) throw bignum_error("CBigNum::operator- : BN_sub failed"); return r; } @@ -667,7 +679,7 @@ inline const CBigNum operator-(const CBigNum& a, const CBigNum& b) inline const CBigNum operator-(const CBigNum& a) { CBigNum r(a); - BN_set_negative(&r, !BN_is_negative(&r)); + BN_set_negative(r.get(), !BN_is_negative(r.cget())); return r; } @@ -675,7 +687,7 @@ inline const CBigNum operator*(const CBigNum& a, const CBigNum& b) { CAutoBN_CTX pctx; CBigNum r; - if (!BN_mul(&r, &a, &b, pctx)) + if (!BN_mul(r.get(), a.cget(), b.cget(), pctx)) throw bignum_error("CBigNum::operator* : BN_mul failed"); return r; } @@ -684,7 +696,7 @@ inline const CBigNum operator/(const CBigNum& a, const CBigNum& b) { CAutoBN_CTX pctx; CBigNum r; - if (!BN_div(&r, NULL, &a, &b, pctx)) + if (!BN_div(r.get(), NULL, a.cget(), b.cget(), pctx)) throw bignum_error("CBigNum::operator/ : BN_div failed"); return r; } @@ -693,7 +705,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b) { CAutoBN_CTX pctx; CBigNum r; - if (!BN_nnmod(&r, &a, &b, pctx)) + if (!BN_mod(r.get(), a.cget(), b.cget(), pctx)) throw bignum_error("CBigNum::operator% : BN_div failed"); return r; } @@ -701,7 +713,7 @@ inline const CBigNum operator%(const CBigNum& a, const CBigNum& b) inline const CBigNum operator<<(const CBigNum& a, unsigned int shift) { CBigNum r; - if (!BN_lshift(&r, &a, shift)) + if (!BN_lshift(r.get(), a.cget(), shift)) throw bignum_error("CBigNum:operator<< : BN_lshift failed"); return r; } @@ -713,12 +725,12 @@ inline const CBigNum operator>>(const CBigNum& a, unsigned int shift) return r; } -inline bool operator==(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) == 0); } -inline bool operator!=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) != 0); } -inline bool operator<=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) <= 0); } -inline bool operator>=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) >= 0); } -inline bool operator<(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) < 0); } -inline bool operator>(const CBigNum& a, const CBigNum& b) { return (BN_cmp(&a, &b) > 0); } +inline bool operator==(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.cget(), b.cget()) == 0); } +inline bool operator!=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.cget(), b.cget()) != 0); } +inline bool operator<=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.cget(), b.cget()) <= 0); } +inline bool operator>=(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.cget(), b.cget()) >= 0); } +inline bool operator<(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.cget(), b.cget()) < 0); } +inline bool operator>(const CBigNum& a, const CBigNum& b) { return (BN_cmp(a.cget(), b.cget()) > 0); } inline std::ostream& operator<<(std::ostream &strm, const CBigNum &b) { return strm << b.ToString(10); } diff --git a/src/crypter.cpp b/src/crypter.cpp index 75801df..fe6fe57 100644 --- a/src/crypter.cpp +++ b/src/crypter.cpp @@ -71,15 +71,17 @@ bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector (nCLen); - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); + if (!ctx) return false; bool fOk = true; - EVP_CIPHER_CTX_init(&ctx); - if (fOk) fOk = EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); - if (fOk) fOk = EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen); - if (fOk) fOk = EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0])+nCLen, &nFLen); - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_init(ctx); + if (fOk) fOk = EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); + if (fOk) fOk = EVP_EncryptUpdate(ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen); + if (fOk) fOk = EVP_EncryptFinal_ex(ctx, (&vchCiphertext[0])+nCLen, &nFLen); + EVP_CIPHER_CTX_cleanup(ctx); + EVP_CIPHER_CTX_free(ctx); if (!fOk) return false; @@ -98,15 +100,17 @@ bool CCrypter::Decrypt(const std::vector& vchCiphertext, CKeyingM vchPlaintext = CKeyingMaterial(nPLen); - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); + if (!ctx) return false; bool fOk = true; - EVP_CIPHER_CTX_init(&ctx); - if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); - if (fOk) fOk = EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen); - if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen); - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_init(ctx); + if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); + if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen); + if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0])+nPLen, &nFLen); + EVP_CIPHER_CTX_cleanup(ctx); + EVP_CIPHER_CTX_free(ctx); if (!fOk) return false; diff --git a/src/key.cpp b/src/key.cpp index df50f60..45e820e 100644 --- a/src/key.cpp +++ b/src/key.cpp @@ -5,7 +5,10 @@ #include +#if OPENSSL_VERSION_NUMBER < 0x10100000L #include +#endif + #include #include "key.h" @@ -54,6 +57,14 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch { if (!eckey) return 0; + const BIGNUM *sig_r, *sig_s; + #if OPENSSL_VERSION_NUMBER > 0x1000ffffL + ECDSA_SIG_get0(ecsig, &sig_r, &sig_s); + #else + sig_r = ecsig->r; + sig_s = ecsig->s; + #endif + int ret = 0; BN_CTX *ctx = NULL; @@ -79,7 +90,7 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch x = BN_CTX_get(ctx); if (!BN_copy(x, order)) { ret=-1; goto err; } if (!BN_mul_word(x, i)) { ret=-1; goto err; } - if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; } + if (!BN_add(x, x, sig_r)) { ret=-1; goto err; } field = BN_CTX_get(ctx); if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; } if (BN_cmp(x, field) >= 0) { ret=0; goto err; } @@ -100,9 +111,9 @@ int ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned ch if (!BN_zero(zero)) { ret=-1; goto err; } if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; } rr = BN_CTX_get(ctx); - if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; } + if (!BN_mod_inverse(rr, sig_r, order, ctx)) { ret=-1; goto err; } sor = BN_CTX_get(ctx); - if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; } + if (!BN_mod_mul(sor, sig_s, rr, order, ctx)) { ret=-1; goto err; } eor = BN_CTX_get(ctx); if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; } if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; } @@ -334,30 +345,55 @@ CPubKey CKey::GetPubKey() const bool CKey::Sign(uint256 hash, std::vector& vchSig) { + vchSig.clear(); ECDSA_SIG *sig = ECDSA_do_sign((unsigned char*)&hash, sizeof(hash), pkey); if (sig == NULL) return false; + + const BIGNUM *sig_r, *sig_s; + #if OPENSSL_VERSION_NUMBER > 0x1000ffffL + ECDSA_SIG_get0(sig, &sig_r, &sig_s); + #else + sig_r = sig->r; + sig_s = sig->s; + #endif + BN_CTX *ctx = BN_CTX_new(); BN_CTX_start(ctx); const EC_GROUP *group = EC_KEY_get0_group(pkey); BIGNUM *order = BN_CTX_get(ctx); BIGNUM *halforder = BN_CTX_get(ctx); EC_GROUP_get_order(group, order, ctx); + BN_rshift1(halforder, order); - if (BN_cmp(sig->s, halforder) > 0) { + + if (BN_cmp(sig_s, halforder) > 0) { // enforce low S values, by negating the value (modulo the order) if above order/2. - BN_sub(sig->s, order, sig->s); + + BIGNUM *new_r = BN_dup(sig_r); + BIGNUM *new_s = BN_new(); + + BN_sub(new_s, order, sig_s); + ECDSA_SIG_set0(sig, new_r, new_s); + } + BN_CTX_end(ctx); BN_CTX_free(ctx); + unsigned int nSize = ECDSA_size(pkey); vchSig.resize(nSize); // Make sure it is big enough + unsigned char *pos = &vchSig[0]; + nSize = i2d_ECDSA_SIG(sig, &pos); + ECDSA_SIG_free(sig); vchSig.resize(nSize); // Shrink to fit actual size + return true; + } // create a compact signature (65 bytes), which allows reconstructing the used public key @@ -372,8 +408,17 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) return false; vchSig.clear(); vchSig.resize(65,0); - int nBitsR = BN_num_bits(sig->r); - int nBitsS = BN_num_bits(sig->s); + + const BIGNUM *sig_r, *sig_s; + #if OPENSSL_VERSION_NUMBER > 0x1000ffffL + ECDSA_SIG_get0(sig, &sig_r, &sig_s); + #else + sig_r = sig->r; + sig_s = sig->s; + #endif + + int nBitsR = BN_num_bits(sig_r); + int nBitsS = BN_num_bits(sig_s); if (nBitsR <= 256 && nBitsS <= 256) { int nRecId = -1; @@ -398,8 +443,8 @@ bool CKey::SignCompact(uint256 hash, std::vector& vchSig) } vchSig[0] = nRecId+27+(fCompressedPubKey ? 4 : 0); - BN_bn2bin(sig->r,&vchSig[33-(nBitsR+7)/8]); - BN_bn2bin(sig->s,&vchSig[65-(nBitsS+7)/8]); + BN_bn2bin(sig_r,&vchSig[33-(nBitsR+7)/8]); + BN_bn2bin(sig_s,&vchSig[65-(nBitsS+7)/8]); fOk = true; } ECDSA_SIG_free(sig); @@ -418,8 +463,19 @@ bool CKey::SetCompactSignature(uint256 hash, const std::vector& v if (nV<27 || nV>=35) return false; ECDSA_SIG *sig = ECDSA_SIG_new(); + if (!sig) return false; + + #if OPENSSL_VERSION_NUMBER > 0x1000ffffL + // sig_r and sig_s are deallocated by ECDSA_SIG_free(sig); + BIGNUM *sig_r = BN_bin2bn(&vchSig[1],32,BN_new()); + BIGNUM *sig_s = BN_bin2bn(&vchSig[33],32,BN_new()); + if (!sig_r || !sig_s) return false; + // copy and transfer ownership to sig + ECDSA_SIG_set0(sig, sig_r, sig_s); + #else BN_bin2bn(&vchSig[1],32,sig->r); BN_bin2bn(&vchSig[33],32,sig->s); + #endif EC_KEY_free(pkey); pkey = EC_KEY_new_by_curve_name(NID_secp256k1); diff --git a/src/script.cpp b/src/script.cpp index 24463ce..e2e953d 100644 --- a/src/script.cpp +++ b/src/script.cpp @@ -666,64 +666,6 @@ bool EvalScript(vector >& stack, const CScript& script, co break; - // - // Splice ops - // - case OP_CAT: - { - // (x1 x2 -- out) - if (stack.size() < 2) - return false; - valtype& vch1 = stacktop(-2); - valtype& vch2 = stacktop(-1); - vch1.insert(vch1.end(), vch2.begin(), vch2.end()); - popstack(stack); - if (stacktop(-1).size() > MAX_SCRIPT_ELEMENT_SIZE) - return false; - } - break; - - case OP_SUBSTR: - { - // (in begin size -- out) - if (stack.size() < 3) - return false; - valtype& vch = stacktop(-3); - int nBegin = CastToBigNum(stacktop(-2)).getint(); - int nEnd = nBegin + CastToBigNum(stacktop(-1)).getint(); - if (nBegin < 0 || nEnd < nBegin) - return false; - if (nBegin > (int)vch.size()) - nBegin = vch.size(); - if (nEnd > (int)vch.size()) - nEnd = vch.size(); - vch.erase(vch.begin() + nEnd, vch.end()); - vch.erase(vch.begin(), vch.begin() + nBegin); - popstack(stack); - popstack(stack); - } - break; - - case OP_LEFT: - case OP_RIGHT: - { - // (in size -- out) - if (stack.size() < 2) - return false; - valtype& vch = stacktop(-2); - int nSize = CastToBigNum(stacktop(-1)).getint(); - if (nSize < 0) - return false; - if (nSize > (int)vch.size()) - nSize = vch.size(); - if (opcode == OP_LEFT) - vch.erase(vch.begin() + nSize, vch.end()); - else - vch.erase(vch.begin(), vch.end() - nSize); - popstack(stack); - } - break; - case OP_SIZE: { // (in -- in size) @@ -738,51 +680,6 @@ bool EvalScript(vector >& stack, const CScript& script, co // // Bitwise logic // - case OP_INVERT: - { - // (in - out) - if (stack.size() < 1) - return false; - valtype& vch = stacktop(-1); - for (unsigned int i = 0; i < vch.size(); i++) - vch[i] = ~vch[i]; - } - break; - - // - // WARNING: These disabled opcodes exhibit unexpected behavior - // when used on signed integers due to a bug in MakeSameSize() - // [see definition of MakeSameSize() above]. - // - case OP_AND: - case OP_OR: - case OP_XOR: - { - // (x1 x2 - out) - if (stack.size() < 2) - return false; - valtype& vch1 = stacktop(-2); - valtype& vch2 = stacktop(-1); - MakeSameSize(vch1, vch2); // <-- NOT SAFE FOR SIGNED VALUES - if (opcode == OP_AND) - { - for (unsigned int i = 0; i < vch1.size(); i++) - vch1[i] &= vch2[i]; - } - else if (opcode == OP_OR) - { - for (unsigned int i = 0; i < vch1.size(); i++) - vch1[i] |= vch2[i]; - } - else if (opcode == OP_XOR) - { - for (unsigned int i = 0; i < vch1.size(); i++) - vch1[i] ^= vch2[i]; - } - popstack(stack); - } - break; - case OP_EQUAL: case OP_EQUALVERIFY: //case OP_NOTEQUAL: // use OP_NUMNOTEQUAL @@ -817,8 +714,6 @@ bool EvalScript(vector >& stack, const CScript& script, co // case OP_1ADD: case OP_1SUB: - case OP_2MUL: - case OP_2DIV: case OP_NEGATE: case OP_ABS: case OP_NOT: @@ -832,8 +727,6 @@ bool EvalScript(vector >& stack, const CScript& script, co { case OP_1ADD: bn += bnOne; break; case OP_1SUB: bn -= bnOne; break; - case OP_2MUL: bn <<= 1; break; - case OP_2DIV: bn >>= 1; break; case OP_NEGATE: bn = -bn; break; case OP_ABS: if (bn < bnZero) bn = -bn; break; case OP_NOT: bn = (bn == bnZero); break; @@ -847,11 +740,6 @@ bool EvalScript(vector >& stack, const CScript& script, co case OP_ADD: case OP_SUB: - case OP_MUL: - case OP_DIV: - case OP_MOD: - case OP_LSHIFT: - case OP_RSHIFT: case OP_BOOLAND: case OP_BOOLOR: case OP_NUMEQUAL: @@ -880,33 +768,6 @@ bool EvalScript(vector >& stack, const CScript& script, co bn = bn1 - bn2; break; - case OP_MUL: - if (!BN_mul(&bn, &bn1, &bn2, pctx)) - return false; - break; - - case OP_DIV: - if (!BN_div(&bn, NULL, &bn1, &bn2, pctx)) - return false; - break; - - case OP_MOD: - if (!BN_mod(&bn, &bn1, &bn2, pctx)) - return false; - break; - - case OP_LSHIFT: - if (bn2 < bnZero || bn2 > CBigNum(2048)) - return false; - bn = bn1 << bn2.getulong(); - break; - - case OP_RSHIFT: - if (bn2 < bnZero || bn2 > CBigNum(2048)) - return false; - bn = bn1 >> bn2.getulong(); - break; - case OP_BOOLAND: bn = (bn1 != bnZero && bn2 != bnZero); break; case OP_BOOLOR: bn = (bn1 != bnZero || bn2 != bnZero); break; case OP_NUMEQUAL: bn = (bn1 == bn2); break;