diff options
Diffstat (limited to 'net-p2p/bitcoin-qt/files/0.8-openssl-101k.patch')
-rw-r--r-- | net-p2p/bitcoin-qt/files/0.8-openssl-101k.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/net-p2p/bitcoin-qt/files/0.8-openssl-101k.patch b/net-p2p/bitcoin-qt/files/0.8-openssl-101k.patch new file mode 100644 index 0000000..5eaaba9 --- /dev/null +++ b/net-p2p/bitcoin-qt/files/0.8-openssl-101k.patch @@ -0,0 +1,31 @@ +diff --git a/src/key.cpp b/src/key.cpp +index 75114c6..7fcb17d 100644 +--- a/src/key.cpp ++++ b/src/key.cpp +@@ -376,11 +376,23 @@ bool CKey::SetCompactSignature(uint256 hash, const std::vector<unsigned char>& v + + bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSig) + { +- // -1 = error, 0 = bad sig, 1 = good +- if (ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), &vchSig[0], vchSig.size(), pkey) != 1) ++ if (vchSig.empty()) + return false; + +- return true; ++ // New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first. ++ unsigned char *norm_der = NULL; ++ ECDSA_SIG *norm_sig = ECDSA_SIG_new(); ++ const unsigned char* sigptr = &vchSig[0]; ++ d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()); ++ int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der); ++ ECDSA_SIG_free(norm_sig); ++ if (derlen <= 0) ++ return false; ++ ++ // -1 = error, 0 = bad sig, 1 = good ++ bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1; ++ OPENSSL_free(norm_der); ++ return ret; + } + + bool CKey::VerifyCompact(uint256 hash, const std::vector<unsigned char>& vchSig) |