diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index f9e5a9d53d4d9..1b3a30f238164 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -73,7 +73,7 @@ jobs: config: - name: Linux os: ubuntu-16.04 - packages: python3-zmq qtbase5-dev qttools5-dev-tools libqt5svg5-dev libssl-dev libevent-dev bsdmainutils libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb5.3++-dev libminiupnpc-dev libzmq3-dev libqrencode-dev libgmp-dev libsodium-dev cargo + packages: python3-zmq qtbase5-dev qttools5-dev-tools libqt5svg5-dev libevent-dev bsdmainutils libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb5.3++-dev libminiupnpc-dev libzmq3-dev libqrencode-dev libgmp-dev libsodium-dev cargo cc: gcc cxx: g++ @@ -299,7 +299,7 @@ jobs: - name: x86_64 Linux [GOAL:install] [xenial] [no depends only system libs] os: ubuntu-16.04 host: x86_64-unknown-linux-gnu - apt_get: python3-zmq qtbase5-dev qttools5-dev-tools libqt5svg5-dev libssl-dev libevent-dev bsdmainutils libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb5.3++-dev libminiupnpc-dev libzmq3-dev libqrencode-dev libgmp-dev libsodium-dev cargo + apt_get: python3-zmq qtbase5-dev qttools5-dev-tools libqt5svg5-dev libevent-dev bsdmainutils libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb5.3++-dev libminiupnpc-dev libzmq3-dev libqrencode-dev libgmp-dev libsodium-dev cargo unit_tests: true functional_tests: true no_depends: 1 @@ -310,7 +310,7 @@ jobs: - name: x86_64 Linux [GOAL:install] [bionic] [no depends only system libs] os: ubuntu-18.04 host: x86_64-unknown-linux-gnu - apt_get: python3-zmq qtbase5-dev qttools5-dev-tools libqt5svg5-dev libqt5charts5-dev libssl1.0-dev libevent-dev bsdmainutils libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb5.3++-dev libminiupnpc-dev libzmq3-dev libqrencode-dev libgmp-dev libsodium-dev cargo + apt_get: python3-zmq qtbase5-dev qttools5-dev-tools libqt5svg5-dev libqt5charts5-dev libevent-dev bsdmainutils libboost-system-dev libboost-filesystem-dev libboost-chrono-dev libboost-test-dev libboost-thread-dev libdb5.3++-dev libminiupnpc-dev libzmq3-dev libqrencode-dev libgmp-dev libsodium-dev cargo unit_tests: true no_depends: 1 goal: install diff --git a/CMakeLists.txt b/CMakeLists.txt index 36f60e8c577e0..eaaa854c4f7ec 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -38,7 +38,6 @@ if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin") set(ENV{target} "Mac") add_definitions("-DMAC_OSX") list(APPEND CMAKE_PREFIX_PATH /usr/local/opt/qt5) - list(APPEND CMAKE_PREFIX_PATH /usr/local/opt/openssl@1.1) list(APPEND CMAKE_PREFIX_PATH /usr/local/Cellar/berkeley-db@4) set(BerkeleyDB_ROOT_DIR "/usr/local/Cellar/berkeley-db@4/${BDB_VER}/") set(Boost_USE_MULTITHREADED ON) @@ -74,15 +73,6 @@ if(BerkeleyDB_FOUND) endif() endif() -find_package(OpenSSL COMPONENTS Crypto REQUIRED) -if(OPENSSL_FOUND) - message(STATUS "Found OpenSSL (${OPENSSL_VERSION}): ${OPENSSL_LIBRARIES}") - if(OPENSSL_VERSION VERSION_GREATER_EQUAL 1.1) - message(STATUS "Found unsupported OpenSSL version!") - set(SSL_CONFIGURE_FLAGS "--with-unsupported-ssl") - endif() -endif() - find_package(LibEvent REQUIRED) find_package(GMP REQUIRED) @@ -105,7 +95,7 @@ endif() if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/src/config/pivx-config.h") else() execute_process( - COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/configure ${CONFIGSITE} ${BDB_CONFIGURE_FLAGS} ${BIGNUM_CONFIGURE_FLAGS} ${SSL_CONFIGURE_FLAGS} + COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/configure ${CONFIGSITE} ${BDB_CONFIGURE_FLAGS} ${BIGNUM_CONFIGURE_FLAGS} WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} ) endif() @@ -245,7 +235,7 @@ target_include_directories(SERVER_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}/src/leveldb/include ${CMAKE_CURRENT_SOURCE_DIR}/src/leveldb/helpers/memenv ${CMAKE_CURRENT_SOURCE_DIR}/src/rust/include - ${ZMQ_INCLUDE_DIR} ${LIBEVENT_INCLUDE_DIR} ${OPENSSL_INCLUDE_DIR} ${BerkeleyDB_INCLUDE_DIRS} + ${ZMQ_INCLUDE_DIR} ${LIBEVENT_INCLUDE_DIR} ${BerkeleyDB_INCLUDE_DIRS} ) if(ZMQ_FOUND) @@ -255,7 +245,7 @@ if(ZMQ_FOUND) ./src/zmq/zmqpublishnotifier.cpp ) add_library(ZMQ_A STATIC ${BitcoinHeaders} ${ZMQ_SOURCES} ${ZMQ_LIB}) - target_include_directories(ZMQ_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${ZMQ_INCLUDE_DIR} ${OPENSSL_INCLUDE_DIR}) + target_include_directories(ZMQ_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${ZMQ_INCLUDE_DIR}) target_compile_definitions(ZMQ_A PUBLIC "-DZMQ_STATIC") endif() @@ -297,7 +287,6 @@ target_include_directories(WALLET_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}/src/secp256k1/include ${CMAKE_CURRENT_SOURCE_DIR}/src/univalue/include ${CMAKE_CURRENT_SOURCE_DIR}/src/leveldb/include - ${OPENSSL_INCLUDE_DIR} ${BerkeleyDB_INCLUDE_DIRS} ) @@ -338,7 +327,7 @@ set(BITCOIN_CRYPTO_SOURCES ./src/crypto/sph_types.h ) add_library(BITCOIN_CRYPTO_A STATIC ${BITCOIN_CRYPTO_SOURCES}) -target_include_directories(BITCOIN_CRYPTO_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${OPENSSL_INCLUDE_DIR}) +target_include_directories(BITCOIN_CRYPTO_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src) set(ZEROCOIN_SOURCES ./src/libzerocoin/bignum.h @@ -360,9 +349,7 @@ set(ZEROCOIN_SOURCES ./src/libzerocoin/Params.cpp ) add_library(ZEROCOIN_A STATIC ${ZEROCOIN_SOURCES}) -target_include_directories(ZEROCOIN_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src - ${OPENSSL_INCLUDE_DIR} - ) +target_include_directories(ZEROCOIN_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src) set(COMMON_SOURCES ./src/base58.cpp @@ -410,7 +397,6 @@ target_include_directories(COMMON_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}/src/secp256k1/include ${CMAKE_CURRENT_SOURCE_DIR}/src/leveldb/include ${CMAKE_CURRENT_SOURCE_DIR}/src/univalue/include - ${OPENSSL_INCLUDE_DIR} ${BerkeleyDB_INCLUDE_DIRS} ) @@ -441,7 +427,6 @@ add_library(UTIL_A STATIC ${BitcoinHeaders} ${UTIL_SOURCES}) target_include_directories(UTIL_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}/src/univalue/include ${CMAKE_CURRENT_SOURCE_DIR}/src/rust/include - ${OPENSSL_INCLUDE_DIR} ) set(CLI_A_SOURCES ./src/rpc/client.cpp) @@ -474,7 +459,6 @@ target_include_directories(SAPLING_A PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR}/src/sapling ${CMAKE_CURRENT_SOURCE_DIR}/src/rust/include ${CMAKE_CURRENT_SOURCE_DIR}/src/univalue/include - ${OPENSSL_INCLUDE_DIR} ${BerkeleyDB_INCLUDE_DIRS} ) @@ -499,7 +483,7 @@ target_link_libraries(pivx-cli BITCOIN_CRYPTO_A SAPLING_A rustzcash - ${Boost_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY} ${LIBEVENT_LIB} ${sodium_LIBRARY_RELEASE} -ldl pthread + ${Boost_LIBRARIES} ${LIBEVENT_LIB} ${sodium_LIBRARY_RELEASE} -ldl pthread ) if($ENV{target} MATCHES "Windows") target_link_libraries(pivx-cli ${WINDOWS_LDADD}) @@ -523,7 +507,7 @@ target_link_libraries(pivx-tx secp256k1 SAPLING_A rustzcash - ${Boost_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY} ${LIBEVENT_LIB} ${sodium_LIBRARY_RELEASE} ${GMP_LIBRARY} -ldl pthread + ${Boost_LIBRARIES} ${LIBEVENT_LIB} ${sodium_LIBRARY_RELEASE} ${GMP_LIBRARY} -ldl pthread ) if($ENV{target} MATCHES "Windows") target_link_libraries(pivx-tx ${WINDOWS_LDADD}) @@ -558,7 +542,7 @@ target_link_libraries(pivxd crc32c secp256k1 rustzcash - ${BerkeleyDB_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY} ${Boost_LIBRARIES} ${LIBEVENT_LIB} ${GMP_LIBRARY} pthread + ${BerkeleyDB_LIBRARIES} ${Boost_LIBRARIES} ${LIBEVENT_LIB} ${GMP_LIBRARY} pthread ) if($ENV{target} MATCHES "Windows") set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wstack-protector -fstack-protector-all -fPIE -pipe -O2 -pthread -Wl,--dynamicbase -Wl,--nxcompat -Wl,--high-entropy-va -pie --static") diff --git a/build-aux/snap/snapcraft.yaml b/build-aux/snap/snapcraft.yaml index 62c9c77d93bb8..187fbc1187a31 100644 --- a/build-aux/snap/snapcraft.yaml +++ b/build-aux/snap/snapcraft.yaml @@ -311,7 +311,6 @@ parts: - python3 - help2man - doxygen - - libssl-dev - libgmp-dev - libevent-dev - libboost-all-dev diff --git a/configure.ac b/configure.ac index fb799895982d3..6bba0543d3ceb 100644 --- a/configure.ac +++ b/configure.ac @@ -558,13 +558,8 @@ case $host in dnl It's safe to add these paths even if the functionality is disabled by dnl the user (--without-wallet or --without-gui for example). - openssl_prefix=`$BREW --prefix openssl 2>/dev/null` bdb_prefix=`$BREW --prefix berkeley-db4 2>/dev/null` qt5_prefix=`$BREW --prefix qt5 2>/dev/null` - if test x$openssl_prefix != x; then - PKG_CONFIG_PATH="$openssl_prefix/lib/pkgconfig:$PKG_CONFIG_PATH" - export PKG_CONFIG_PATH - fi if test x$bdb_prefix != x; then CPPFLAGS="$CPPFLAGS -I$bdb_prefix/include" LIBS="$LIBS -L$bdb_prefix/lib" @@ -1118,7 +1113,6 @@ if test x$use_pkgconfig = xyes; then m4_ifdef( [PKG_CHECK_MODULES], [ - PKG_CHECK_MODULES([CRYPTO], [libcrypto],,[AC_MSG_ERROR(libcrypto not found.)]) BITCOIN_QT_CHECK([PKG_CHECK_MODULES([QR], [libqrencode],,[BITCOIN_QT_FAIL(libqrencode not found)])]) if test x$use_qtcharts != xno; then BITCOIN_QT_CHECK([PKG_CHECK_MODULES([CHARTS], [Qt5Charts],[have_qtcharts=yes], [have_qtcharts=no])]) @@ -1144,8 +1138,6 @@ if test x$use_pkgconfig = xyes; then ] ) else - AC_CHECK_HEADER([openssl/crypto.h],,AC_MSG_ERROR(libcrypto headers missing)) - AC_CHECK_LIB([crypto], [main],CRYPTO_LIBS=-lcrypto, AC_MSG_ERROR(libcrypto missing)) if test x$build_bitcoin_utils$build_bitcoind$bitcoin_enable_qt$use_tests != xnononono; then AC_CHECK_HEADER([event2/event.h],, AC_MSG_ERROR(libevent headers missing),) @@ -1481,7 +1473,6 @@ AC_SUBST(BOOST_LIBS) AC_SUBST(TESTDEFS) AC_SUBST(MINIUPNPC_CPPFLAGS) AC_SUBST(MINIUPNPC_LIBS) -AC_SUBST(CRYPTO_LIBS) AC_SUBST(EVENT_LIBS) AC_SUBST(EVENT_PTHREADS_LIBS) AC_SUBST(SODIUM_LIBS) diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk deleted file mode 100644 index eb97ec53e092c..0000000000000 --- a/depends/packages/openssl.mk +++ /dev/null @@ -1,86 +0,0 @@ -package=openssl -$(package)_version=1.0.1k -$(package)_download_path=https://www.openssl.org/source/old/1.0.1 -$(package)_file_name=$(package)-$($(package)_version).tar.gz -$(package)_sha256_hash=8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c - -define $(package)_set_vars -$(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)" -$(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl -$(package)_config_opts+=no-camellia -$(package)_config_opts+=no-capieng -$(package)_config_opts+=no-cast -$(package)_config_opts+=no-comp -$(package)_config_opts+=no-dso -$(package)_config_opts+=no-dtls1 -$(package)_config_opts+=no-ec_nistp_64_gcc_128 -$(package)_config_opts+=no-gost -$(package)_config_opts+=no-gmp -$(package)_config_opts+=no-heartbeats -$(package)_config_opts+=no-idea -$(package)_config_opts+=no-jpake -$(package)_config_opts+=no-krb5 -$(package)_config_opts+=no-libunbound -$(package)_config_opts+=no-md2 -$(package)_config_opts+=no-mdc2 -$(package)_config_opts+=no-rc4 -$(package)_config_opts+=no-rc5 -$(package)_config_opts+=no-rdrand -$(package)_config_opts+=no-rfc3779 -$(package)_config_opts+=no-rsax -$(package)_config_opts+=no-sctp -$(package)_config_opts+=no-seed -$(package)_config_opts+=no-sha0 -$(package)_config_opts+=no-shared -$(package)_config_opts+=no-ssl-trace -$(package)_config_opts+=no-ssl2 -$(package)_config_opts+=no-ssl3 -$(package)_config_opts+=no-static_engine -$(package)_config_opts+=no-store -$(package)_config_opts+=no-unit-test -$(package)_config_opts+=no-weak-ssl-ciphers -$(package)_config_opts+=no-whirlpool -$(package)_config_opts+=no-zlib -$(package)_config_opts+=no-zlib-dynamic -$(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags) -$(package)_config_opts_linux=-fPIC -Wa,--noexecstack -$(package)_config_opts_x86_64_linux=linux-x86_64 -$(package)_config_opts_i686_linux=linux-generic32 -$(package)_config_opts_arm_linux=linux-generic32 -$(package)_config_opts_armv7l_linux=linux-generic32 -$(package)_config_opts_aarch64_linux=linux-generic64 -$(package)_config_opts_mipsel_linux=linux-generic32 -$(package)_config_opts_mips_linux=linux-generic32 -$(package)_config_opts_powerpc_linux=linux-generic32 -$(package)_config_opts_riscv32_linux=linux-generic32 -$(package)_config_opts_riscv64_linux=linux-generic64 -$(package)_config_opts_powerpc64le_linux=linux-generic64 -$(package)_config_opts_sparc64_linux=linux-generic64 -$(package)_config_opts_s390x_linux=linux-generic64 -$(package)_config_opts_alpha_linux=linux-generic64 -$(package)_config_opts_m68k_linux=linux-generic32 -$(package)_config_opts_x86_64_darwin=darwin64-x86_64-cc -$(package)_config_opts_x86_64_mingw32=mingw64 -$(package)_config_opts_i686_mingw32=mingw -endef - -define $(package)_preprocess_cmds - sed -i.old "/define DATE/d" util/mkbuildinf.pl && \ - sed -i.old "s|engines apps test|engines|" Makefile.org -endef - -define $(package)_config_cmds - ./Configure $($(package)_config_opts) -endef - -define $(package)_build_cmds - $(MAKE) -j1 build_crypto libcrypto.pc libssl.pc openssl.pc -endef - -define $(package)_stage_cmds - $(MAKE) INSTALL_PREFIX=$($(package)_staging_dir) -j1 install_sw -endef - -define $(package)_postprocess_cmds - rm -rf share bin etc -endef diff --git a/depends/packages/packages.mk b/depends/packages/packages.mk index 3305f806c5974..85bb81960708e 100644 --- a/depends/packages/packages.mk +++ b/depends/packages/packages.mk @@ -72,7 +72,7 @@ rust_crates := \ crate_zcash_proofs rust_packages := rust $(rust_crates) -packages:=boost openssl libevent gmp $(zcash_packages) libsodium +packages:=boost libevent gmp $(zcash_packages) libsodium qt_packages = qrencode zlib diff --git a/doc/build-osx.md b/doc/build-osx.md index a768dadf5e259..465ef08e66187 100644 --- a/doc/build-osx.md +++ b/doc/build-osx.md @@ -16,7 +16,7 @@ Then install [Homebrew](https://brew.sh). Dependencies ---------------------- - brew install autoconf automake berkeley-db4 libtool boost miniupnpc openssl pkg-config python3 qt5 zmq libevent qrencode gmp libsodium rust + brew install autoconf automake berkeley-db4 libtool boost miniupnpc pkg-config python3 qt5 zmq libevent qrencode gmp libsodium rust See [dependencies.md](dependencies.md) for a complete overview. diff --git a/doc/build-unix.md b/doc/build-unix.md index 7097a04ca7ed3..6d07dd7c2edc3 100644 --- a/doc/build-unix.md +++ b/doc/build-unix.md @@ -31,7 +31,6 @@ These dependencies are required: Library | Purpose | Description ------------|--------------------|---------------------- - libssl | Crypto | Random Number Generation, Elliptic Curve Cryptography libboost | Utility | Library for threading, data structures, etc libevent | Networking | OS independent asynchronous networking libgmp | Bignum Arithmetic | Precision arithmetic @@ -72,7 +71,7 @@ Build requirements: Now, you can either build from self-compiled [depends](/depends/README.md) or install the required dependencies: - sudo apt-get install libssl-dev libgmp-dev libevent-dev libboost-all-dev libsodium-dev cargo + sudo apt-get install libgmp-dev libevent-dev libboost-all-dev libsodium-dev cargo BerkeleyDB is required for the wallet. @@ -124,7 +123,7 @@ built by default. Build requirements: - sudo dnf install which gcc-c++ libtool make autoconf automake compat-openssl10-devel libevent-devel boost-devel libdb4-devel libdb4-cxx-devel gmp-devel libsodium-devel cargo python3 + sudo dnf install which gcc-c++ libtool make autoconf automake libevent-devel boost-devel libdb4-devel libdb4-cxx-devel gmp-devel libsodium-devel cargo python3 Optional: diff --git a/doc/dependencies.md b/doc/dependencies.md index ad5764f1e78b6..9ff685e6885a3 100644 --- a/doc/dependencies.md +++ b/doc/dependencies.md @@ -19,7 +19,6 @@ These are the dependencies currently used by PIVX Core. You can find instruction | libpng | | | | | [Yes](https://github.com/pivx-project/pivx/blob/master/depends/packages/qt.mk#L64) | | librsvg | | | | | | | MiniUPnPc | [2.2.2](https://miniupnp.tuxfamily.org/files) | | No | | | -| OpenSSL | [1.0.1k](https://www.openssl.org/source) | | Yes | | | | GMP | [6.1.2](https://gmplib.org/) | | No | | | | PCRE | | | | | [Yes](https://github.com/pivx-project/pivx/blob/master/depends/packages/qt.mk#L66) | | Python (tests) | | [3.5](https://www.python.org/downloads) | | | | diff --git a/doc/release-notes.md b/doc/release-notes.md index cac3a40e0ea74..309068646b426 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -135,6 +135,11 @@ The `autocombine` RPC command has been replaced with specific set/get commands ( The minimum supported miniUPnPc API version is set to 10. This keeps compatibility with Ubuntu 16.04 LTS and Debian 8 `libminiupnpc-dev` packages. Please note, on Debian this package is still vulnerable to [CVE-2017-8798](https://security-tracker.debian.org/tracker/CVE-2017-8798) (in jessie only) and [CVE-2017-1000494](https://security-tracker.debian.org/tracker/CVE-2017-1000494) (both in jessie and in stretch). +#### Build System + +OpenSSL is no longer used by PIVX Core + + #### Disable PoW mining RPC Commands A new configure flag has been introduced to allow more granular control over weather or not the PoW mining RPC commands are compiled into the wallet. By default they are not. This behavior can be overridden by passing `--enable-mining-rpc` to the `configure` script. diff --git a/libbitcoinconsensus.pc.in b/libbitcoinconsensus.pc.in index eb920c47eb521..1ceab280bb114 100644 --- a/libbitcoinconsensus.pc.in +++ b/libbitcoinconsensus.pc.in @@ -8,4 +8,3 @@ Description: Library for the Bitcoin consensus protocol. Version: @PACKAGE_VERSION@ Libs: -L${libdir} -lbitcoinconsensus Cflags: -I${includedir} -Requires.private: libcrypto diff --git a/src/Makefile.am b/src/Makefile.am index 28a316231f64b..75a59b125d0d5 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -20,7 +20,7 @@ LIBUNIVALUE = $(UNIVALUE_LIBS) endif BITCOIN_CONFIG_INCLUDES=-I$(builddir)/config -BITCOIN_INCLUDES=-I$(builddir) -I$(builddir)/obj $(BDB_CPPFLAGS) $(BOOST_CPPFLAGS) $(LEVELDB_CPPFLAGS) $(CRYPTO_CFLAGS) +BITCOIN_INCLUDES=-I$(builddir) -I$(builddir)/obj $(BDB_CPPFLAGS) $(BOOST_CPPFLAGS) $(LEVELDB_CPPFLAGS) BITCOIN_INCLUDES += -I$(srcdir)/rust/include BITCOIN_INCLUDES += -I$(srcdir)/secp256k1/include @@ -621,7 +621,7 @@ pivxd_LDADD = \ $(LIBRUSTZCASH) \ $(LIBZCASH_LIBS) -pivxd_LDADD += $(BOOST_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(ZMQ_LIBS) +pivxd_LDADD += $(BOOST_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) $(ZMQ_LIBS) # pivx-cli binary # pivx_cli_SOURCES = pivx-cli.cpp @@ -642,7 +642,7 @@ pivx_cli_LDADD = \ $(LIBRUSTZCASH) \ $(LIBZCASH_LIBS) -pivx_cli_LDADD += $(BOOST_LIBS) $(CRYPTO_LIBS) $(EVENT_LIBS) +pivx_cli_LDADD += $(BOOST_LIBS) $(EVENT_LIBS) # # pivx-tx binary # @@ -666,7 +666,7 @@ pivx_tx_LDADD = \ $(LIBRUSTZCASH) \ $(LIBZCASH_LIBS) -pivx_tx_LDADD += $(BOOST_LIBS) $(CRYPTO_LIBS) +pivx_tx_LDADD += $(BOOST_LIBS) # # bitcoinconsensus library # diff --git a/src/Makefile.bench.include b/src/Makefile.bench.include index 05385d36742f2..80c81c30276b7 100644 --- a/src/Makefile.bench.include +++ b/src/Makefile.bench.include @@ -47,7 +47,7 @@ if ENABLE_ZMQ bench_bench_pivx_LDADD += $(LIBBITCOIN_ZMQ) $(ZMQ_LIBS) endif -bench_bench_pivx_LDADD += $(LIBBITCOIN_CONSENSUS) $(BOOST_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) +bench_bench_pivx_LDADD += $(LIBBITCOIN_CONSENSUS) $(BOOST_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) bench_bench_pivx_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) # !TODO: .raw.h generated test files are not removed with make clean diff --git a/src/Makefile.qt.include b/src/Makefile.qt.include index 0496d05993cd4..0c0e91983ae33 100644 --- a/src/Makefile.qt.include +++ b/src/Makefile.qt.include @@ -646,7 +646,7 @@ if ENABLE_ZMQ qt_pivx_qt_LDADD += $(LIBBITCOIN_ZMQ) $(ZMQ_LIBS) endif qt_pivx_qt_LDADD += $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) $(LIBBITCOIN_ZEROCOIN) $(LIBSAPLING) $(LIBRUSTZCASH) $(LIBZCASH_LIBS) $(LIBLEVELDB) $(LIBLEVELDB_SSE42) $(LIBMEMENV) \ - $(BOOST_LIBS) $(QT_LIBS) $(QT_DBUS_LIBS) $(QR_LIBS) $(SVG_LIBS) $(CHARTS_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(LIBSECP256K1) \ + $(BOOST_LIBS) $(QT_LIBS) $(QT_DBUS_LIBS) $(QR_LIBS) $(SVG_LIBS) $(CHARTS_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(LIBSECP256K1) \ $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) qt_pivx_qt_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(QT_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) qt_pivx_qt_LIBTOOLFLAGS = $(AM_LIBTOOLFLAGS) --tag CXX diff --git a/src/Makefile.qttest.include b/src/Makefile.qttest.include index ac5b0345418c1..b80ec1fa5e6a4 100644 --- a/src/Makefile.qttest.include +++ b/src/Makefile.qttest.include @@ -28,7 +28,7 @@ qt_test_test_pivx_qt_LDADD += $(LIBBITCOIN_ZMQ) $(ZMQ_LIBS) endif qt_test_test_pivx_qt_LDADD += $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CRYPTO) $(LIBUNIVALUE) $(LIBBITCOIN_ZEROCOIN) $(LIBLEVELDB) $(LIBSAPLING) $(LIBRUSTZCASH) $(LIBZCASH_LIBS) \ $(LIBLEVELDB_SSE42) $(LIBMEMENV) $(BOOST_LIBS) $(QT_DBUS_LIBS) $(QT_TEST_LIBS) $(QT_LIBS) \ - $(QR_LIBS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(LIBSECP256K1) \ + $(QR_LIBS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(LIBSECP256K1) \ $(EVENT_PTHREADS_LIBS) $(EVENT_LIBS) qt_test_test_pivx_qt_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(QT_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) qt_test_test_pivx_qt_CXXFLAGS = $(AM_CXXFLAGS) $(QT_PIE_FLAGS) diff --git a/src/Makefile.test.include b/src/Makefile.test.include index bb3222c55298a..9c47b82879459 100644 --- a/src/Makefile.test.include +++ b/src/Makefile.test.include @@ -143,7 +143,7 @@ endif test_test_pivx_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) -test_test_pivx_LDADD += $(LIBRUSTZCASH) $(LIBBITCOIN_CONSENSUS) $(BDB_LIBS) $(CRYPTO_LIBS) $(MINIUPNPC_LIBS) $(LIBZCASH_LIBS) +test_test_pivx_LDADD += $(LIBRUSTZCASH) $(LIBBITCOIN_CONSENSUS) $(BDB_LIBS) $(MINIUPNPC_LIBS) $(LIBZCASH_LIBS) test_test_pivx_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) -static if ENABLE_ZMQ diff --git a/src/bip38.cpp b/src/bip38.cpp index 6a14e235e7d8e..fa4516cf98c9a 100644 --- a/src/bip38.cpp +++ b/src/bip38.cpp @@ -3,14 +3,15 @@ // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include "bip38.h" + #include "base58.h" +#include "crypto/aes.h" #include "hash.h" #include "pubkey.h" #include "util.h" #include "utilstrencodings.h" #include "random.h" -#include #include #include @@ -26,9 +27,7 @@ void DecryptAES(uint256 encryptedIn, uint256 decryptionKey, uint256& output) { - AES_KEY key; - AES_set_decrypt_key(decryptionKey.begin(), 256, &key); - AES_decrypt(encryptedIn.begin(), output.begin(), &key); + AES256Decrypt(decryptionKey.begin()).Decrypt(output.begin(), encryptedIn.begin()); } void ComputePreFactor(std::string strPassphrase, std::string strSalt, uint256& prefactor) @@ -42,8 +41,7 @@ void ComputePassfactor(std::string ownersalt, uint256 prefactor, uint256& passfa { //concat prefactor and ownersalt uint512 temp = uint512S(ReverseEndianString(HexStr(prefactor) + ownersalt)); - Hash(temp.begin(), 40, passfactor.begin()); //40 bytes is the length of prefactor + salt - Hash(passfactor.begin(), 32, passfactor.begin()); + Hash(temp.begin(), temp.end(), passfactor.begin(), passfactor.end()); } bool ComputePasspoint(uint256 passfactor, CPubKey& passpoint) @@ -89,15 +87,12 @@ void ComputeSeedBPass(CPubKey passpoint, std::string strAddressHash, std::string void ComputeFactorB(uint256 seedB, uint256& factorB) { //factorB - a double sha256 hash of seedb - Hash(seedB.begin(), 24, factorB.begin()); //seedB is only 24 bytes - Hash(factorB.begin(), 32, factorB.begin()); + Hash(seedB.begin(), seedB.end(), factorB.begin(), factorB.end()); } -std::string AddressToBip38Hash(std::string address) +std::string AddressToBip38Hash(const std::string& address) { - uint256 addrCheck; - Hash((void*)address.c_str(), address.size(), addrCheck.begin()); - Hash(addrCheck.begin(), 32, addrCheck.begin()); + uint256 addrCheck = Hash(address.begin(), address.end()); return HexStr(addrCheck).substr(0, 8); } @@ -118,9 +113,8 @@ std::string BIP38_Encrypt(std::string strAddress, std::string strPassphrase, uin //encrypt part 1 arith_uint512 encrypted1; - AES_KEY key; - AES_set_encrypt_key(derivedHalf2.begin(), 256, &key); - AES_encrypt(block1.begin(), encrypted1.begin(), &key); + AES256Encrypt enc(derivedHalf2.begin()); + enc.Encrypt(encrypted1.begin(), block1.begin()); //block2 = (pointb[17...32] xor derivedhalf1[16...31] arith_uint256 p2 = UintToArith256(privKey) >> 128; @@ -129,7 +123,7 @@ std::string BIP38_Encrypt(std::string strAddress, std::string strPassphrase, uin //encrypt part 2 arith_uint512 encrypted2; - AES_encrypt(block2.begin(), encrypted2.begin(), &key); + enc.Encrypt(encrypted2.begin(), block2.begin()); std::string strPrefix = "0142"; strPrefix += (fCompressed ? "E0" : "C0"); diff --git a/src/bip38.h b/src/bip38.h index c1ffd48afeec5..89d3c35ce9680 100644 --- a/src/bip38.h +++ b/src/bip38.h @@ -35,6 +35,6 @@ void ComputeFactorB(uint256 seedB, uint256& factorB); std::string BIP38_Encrypt(std::string strAddress, std::string strPassphrase, uint256 privKey, bool fCompressed); bool BIP38_Decrypt(std::string strPassphrase, std::string strEncryptedKey, uint256& privKey, bool& fCompressed); -std::string AddressToBip38Hash(std::string address); +std::string AddressToBip38Hash(const std::string& address); #endif // BIP38_H diff --git a/src/crypto/scrypt.cpp b/src/crypto/scrypt.cpp index 42be66bb5b425..8e91927b990a1 100644 --- a/src/crypto/scrypt.cpp +++ b/src/crypto/scrypt.cpp @@ -28,9 +28,12 @@ */ #include "crypto/scrypt.h" + +#include "crypto/hmac_sha256.h" +#include "crypto/sha256.h" #include "uint256.h" #include "utilstrencodings.h" -#include + #include #include @@ -47,73 +50,6 @@ static inline void be32enc(void *pp, uint32_t x) } #endif -typedef struct HMAC_SHA256Context { - SHA256_CTX ictx; - SHA256_CTX octx; -} HMAC_SHA256_CTX; - -/* Initialize an HMAC-SHA256 operation with the given key. */ -static void -HMAC_SHA256_Init(HMAC_SHA256_CTX *ctx, const void *_K, size_t Klen) -{ - unsigned char pad[64]; - unsigned char khash[32]; - const unsigned char *K = (const unsigned char *)_K; - size_t i; - - /* If Klen > 64, the key is really SHA256(K). */ - if (Klen > 64) { - SHA256_Init(&ctx->ictx); - SHA256_Update(&ctx->ictx, K, Klen); - SHA256_Final(khash, &ctx->ictx); - K = khash; - Klen = 32; - } - - /* Inner SHA256 operation is SHA256(K xor [block of 0x36] || data). */ - SHA256_Init(&ctx->ictx); - memset(pad, 0x36, 64); - for (i = 0; i < Klen; i++) - pad[i] ^= K[i]; - SHA256_Update(&ctx->ictx, pad, 64); - - /* Outer SHA256 operation is SHA256(K xor [block of 0x5c] || hash). */ - SHA256_Init(&ctx->octx); - memset(pad, 0x5c, 64); - for (i = 0; i < Klen; i++) - pad[i] ^= K[i]; - SHA256_Update(&ctx->octx, pad, 64); - - /* Clean the stack. */ - memset(khash, 0, 32); -} - -/* Add bytes to the HMAC-SHA256 operation. */ -static void -HMAC_SHA256_Update(HMAC_SHA256_CTX *ctx, const void *in, size_t len) -{ - /* Feed data to the inner SHA256 operation. */ - SHA256_Update(&ctx->ictx, in, len); -} - -/* Finish an HMAC-SHA256 operation. */ -static void -HMAC_SHA256_Final(unsigned char digest[32], HMAC_SHA256_CTX *ctx) -{ - unsigned char ihash[32]; - - /* Finish the inner SHA256 operation. */ - SHA256_Final(ihash, &ctx->ictx); - - /* Feed the inner hash to the outer SHA256 operation. */ - SHA256_Update(&ctx->octx, ihash, 32); - - /* Finish the outer SHA256 operation. */ - SHA256_Final(digest, &ctx->octx); - - /* Clean the stack. */ - memset(ihash, 0, 32); -} /** * PBKDF2_SHA256(passwd, passwdlen, salt, saltlen, c, buf, dkLen): @@ -124,7 +60,6 @@ void PBKDF2_SHA256(const uint8_t *passwd, size_t passwdlen, const uint8_t *salt, size_t saltlen, uint64_t c, uint8_t *buf, size_t dkLen) { - HMAC_SHA256_CTX PShctx, hctx; size_t i; uint8_t ivec[4]; uint8_t U[32]; @@ -134,8 +69,7 @@ PBKDF2_SHA256(const uint8_t *passwd, size_t passwdlen, const uint8_t *salt, size_t clen; /* Compute HMAC state after processing P and S. */ - HMAC_SHA256_Init(&PShctx, passwd, passwdlen); - HMAC_SHA256_Update(&PShctx, salt, saltlen); + CHMAC_SHA256 PShctx = CHMAC_SHA256(passwd, passwdlen).Write(salt, saltlen); /* Iterate through the blocks. */ for (i = 0; i * 32 < dkLen; i++) { @@ -143,18 +77,14 @@ PBKDF2_SHA256(const uint8_t *passwd, size_t passwdlen, const uint8_t *salt, be32enc(ivec, (uint32_t)(i + 1)); /* Compute U_1 = PRF(P, S || INT(i)). */ - memcpy(&hctx, &PShctx, sizeof(HMAC_SHA256_CTX)); - HMAC_SHA256_Update(&hctx, ivec, 4); - HMAC_SHA256_Final(U, &hctx); + CHMAC_SHA256(PShctx).Write(ivec, 4).Finalize(U); /* T_i = U_1 ... */ memcpy(T, U, 32); for (j = 2; j <= c; j++) { /* Compute U_j. */ - HMAC_SHA256_Init(&hctx, passwd, passwdlen); - HMAC_SHA256_Update(&hctx, U, 32); - HMAC_SHA256_Final(U, &hctx); + CHMAC_SHA256(passwd, passwdlen).Write(U, 32).Finalize(U); /* ... xor U_j ... */ for (k = 0; k < 32; k++) @@ -168,8 +98,6 @@ PBKDF2_SHA256(const uint8_t *passwd, size_t passwdlen, const uint8_t *salt, memcpy(&buf[i * 32], T, clen); } - /* Clean PShctx, since we never called _Final on it. */ - memset(&PShctx, 0, sizeof(HMAC_SHA256_CTX)); } static inline uint32_t diff --git a/src/hash.h b/src/hash.h index d8a375b9a5fd0..172f019470eea 100644 --- a/src/hash.h +++ b/src/hash.h @@ -25,7 +25,6 @@ #include "crypto/sha512.h" #include -#include #include #include @@ -151,30 +150,6 @@ class CHash160 } }; -/** Compute the 256-bit hash of a std::string */ -inline std::string Hash(std::string input) -{ - unsigned char hash[SHA256_DIGEST_LENGTH]; - SHA256_CTX sha256; - SHA256_Init(&sha256); - SHA256_Update(&sha256, input.c_str(), input.size()); - SHA256_Final(hash, &sha256); - std::stringstream ss; - for (int i = 0; i < SHA256_DIGEST_LENGTH; i++) { - ss << std::hex << std::setw(2) << std::setfill('0') << (int)hash[i]; - } - return ss.str(); -} - -/** Compute the 256-bit hash of a void pointer */ -inline void Hash(void* in, unsigned int len, unsigned char* out) -{ - SHA256_CTX sha256; - SHA256_Init(&sha256); - SHA256_Update(&sha256, in, len); - SHA256_Final(out, &sha256); -} - /** Compute the 512-bit hash of an object. */ template inline uint512 Hash512(const T1 pbegin, const T1 pend) diff --git a/src/init.cpp b/src/init.cpp index c7f1e7f6e9e72..200d6ea340dc5 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -625,7 +625,7 @@ std::string LicenseInfo() "\n" + FormatParagraph(_("Distributed under the MIT software license, see the accompanying file COPYING or .")) + "\n" + "\n" + - FormatParagraph(_("This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit and cryptographic software written by Eric Young and UPnP software written by Thomas Bernard.")) + + FormatParagraph(_("This product includes UPnP software written by Thomas Bernard.")) + "\n"; } diff --git a/src/key.h b/src/key.h index d7e9dda3f1161..9ee98a159704e 100644 --- a/src/key.h +++ b/src/key.h @@ -97,7 +97,7 @@ class CKey //! Check whether the public key corresponding to this private key is (to be) compressed. bool IsCompressed() const { return fCompressed; } - //! Initialize from a CPrivKey (serialized OpenSSL private key data). + //! Initialize from a CPrivKey (serialized secp256k1 private key data). bool SetPrivKey(const CPrivKey& vchPrivKey, bool fCompressed); //! Generate a new private key using a cryptographic PRNG. @@ -106,7 +106,7 @@ class CKey uint256 GetPrivKey_256(); /** - * Convert the private key to a CPrivKey (serialized OpenSSL private key data). + * Convert the private key to a CPrivKey (serialized secp256k1 private key data). * This is expensive. */ CPrivKey GetPrivKey() const; diff --git a/src/libzerocoin/bignum.cpp b/src/libzerocoin/bignum.cpp index 3a05b2a9fd27a..5c784150e1cf8 100644 --- a/src/libzerocoin/bignum.cpp +++ b/src/libzerocoin/bignum.cpp @@ -48,7 +48,7 @@ CBigNum::CBigNum(const std::vector& vch) setvch(vch); } -/** PRNGs use OpenSSL for consistency with seed initialization **/ +/** PRNGs use GMP for consistency with seed initialization **/ /** Generates a cryptographically secure random number between zero and range-1 (inclusive) * i.e. 0 <= returned number < range diff --git a/src/qt/CMakeLists.txt b/src/qt/CMakeLists.txt index be80498154a31..fd4131b419e9b 100644 --- a/src/qt/CMakeLists.txt +++ b/src/qt/CMakeLists.txt @@ -180,7 +180,6 @@ target_include_directories(qt_stuff PUBLIC ${CMAKE_SOURCE_DIR}/src ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/pivx ${CMAKE_CURRENT_SOURCE_DIR}/pivx/settings - ${OPENSSL_INCLUDE_DIR} ${BerkeleyDB_INCLUDE_DIRS} ) set_property(TARGET qt_stuff PROPERTY CXX_STANDARD 14) @@ -204,7 +203,7 @@ target_link_libraries(pivx-qt univalue SERVER_A WALLET_A COMMON_A ZEROCOIN_A UTIL_A SAPLING_A BITCOIN_CRYPTO_A CLI_A leveldb crc32c secp256k1 rustzcash - ${BerkeleyDB_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY} ${Boost_LIBRARIES} ${LIBEVENT_LIB} + ${BerkeleyDB_LIBRARIES} ${Boost_LIBRARIES} ${LIBEVENT_LIB} ${sodium_LIBRARY_RELEASE} ${GMP_LIBRARY} -ldl pthread ) diff --git a/src/qt/pivx/settings/settingsconsolewidget.cpp b/src/qt/pivx/settings/settingsconsolewidget.cpp index 26df0358f778d..0e1fd165a542f 100644 --- a/src/qt/pivx/settings/settingsconsolewidget.cpp +++ b/src/qt/pivx/settings/settingsconsolewidget.cpp @@ -20,8 +20,6 @@ #include "wallet/wallet.h" #endif // ENABLE_WALLET -#include - #include #ifdef ENABLE_WALLET diff --git a/src/random.cpp b/src/random.cpp index c033403df2723..fbabb90f250c3 100644 --- a/src/random.cpp +++ b/src/random.cpp @@ -46,12 +46,6 @@ #include #endif -#include - -#include -#include -#include - [[noreturn]] static void RandFailure() { LogPrintf("Failed to read randomness, aborting\n"); @@ -352,8 +346,6 @@ void GetOSRand(unsigned char *ent32) #endif } -void LockingCallbackOpenSSL(int mode, int i, const char* file, int line); - namespace { class RNGState { @@ -369,7 +361,6 @@ class RNGState { unsigned char m_state[32] GUARDED_BY(m_mutex) = {0}; uint64_t m_counter GUARDED_BY(m_mutex) = 0; bool m_strongly_seeded GUARDED_BY(m_mutex) = false; - std::unique_ptr m_mutex_openssl; Mutex m_events_mutex; CSHA256 m_events_hasher GUARDED_BY(m_events_mutex); @@ -378,25 +369,10 @@ class RNGState { RNGState() noexcept { InitHardwareRand(); - - // Init OpenSSL library multithreading support - m_mutex_openssl.reset(new Mutex[CRYPTO_num_locks()]); - CRYPTO_set_locking_callback(LockingCallbackOpenSSL); - - // OpenSSL can optionally load a config file which lists optional loadable modules and engines. - // We don't use them so we don't require the config. However some of our libs may call functions - // which attempt to load the config file, possibly resulting in an exit() or crash if it is missing - // or corrupt. Explicitly tell OpenSSL not to try to load the file. The result for our libs will be - // that the config appears to have been loaded and there are no modules/engines available. - OPENSSL_no_config(); } ~RNGState() { - // Securely erase the memory used by the OpenSSL PRNG - RAND_cleanup(); - // Shutdown OpenSSL library multithreading support - CRYPTO_set_locking_callback(nullptr); } void AddEvent(uint32_t event_info) noexcept @@ -461,8 +437,6 @@ class RNGState { memory_cleanse(buf, 64); return ret; } - - Mutex& GetOpenSSLMutex(int i) { return m_mutex_openssl[i]; } }; RNGState& GetRNGState() noexcept @@ -474,17 +448,6 @@ RNGState& GetRNGState() noexcept } } -void LockingCallbackOpenSSL(int mode, int i, const char* file, int line) NO_THREAD_SAFETY_ANALYSIS -{ - RNGState& rng = GetRNGState(); - - if (mode & CRYPTO_LOCK) { - rng.GetOpenSSLMutex(i).lock(); - } else { - rng.GetOpenSSLMutex(i).unlock(); - } -} - /* A note on the use of noexcept in the seeding functions below: * * None of the RNG code should ever throw any exception. @@ -522,10 +485,6 @@ static void SeedSlow(CSHA512& hasher, RNGState& rng) noexcept GetOSRand(buffer); hasher.Write(buffer, sizeof(buffer)); - // OpenSSL RNG (for now) - RAND_bytes(buffer, sizeof(buffer)); - hasher.Write(buffer, sizeof(buffer)); - // Add the events hasher into the mix rng.SeedEvents(hasher); @@ -615,14 +574,6 @@ static void ProcRand(unsigned char* out, int num, RNGLevel level) noexcept SeedStartup(startup_hasher, rng); rng.MixExtract(out, num, std::move(startup_hasher), true); } - - // For anything but the 'fast' level, feed the resulting RNG output (after an additional hashing step) back into OpenSSL. - if (level != RNGLevel::FAST) { - unsigned char buf[64]; - CSHA512().Write(out, num).Finalize(buf); - RAND_add(buf, sizeof(buf), num); - memory_cleanse(buf, 64); - } } void GetRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::FAST); } diff --git a/src/random.h b/src/random.h index 632221bdae681..a594e98ed40c5 100644 --- a/src/random.h +++ b/src/random.h @@ -35,7 +35,6 @@ * that fast seeding includes, but additionally: * - OS entropy (/dev/urandom, getrandom(), ...). The application will terminate if * this entropy source fails. - * - Bytes from OpenSSL's RNG (which itself may be seeded from various sources) * - Another high-precision timestamp (indirectly committing to a benchmark of all the * previous sources). * These entropy sources are slower, but designed to make sure the RNG state contains diff --git a/src/randomenv.cpp b/src/randomenv.cpp index 3a204f119179d..f1c4dcd916872 100644 --- a/src/randomenv.cpp +++ b/src/randomenv.cpp @@ -70,7 +70,6 @@ namespace { void RandAddSeedPerfmon(CSHA512& hasher) { #ifdef WIN32 - // Don't need this on Linux, OpenSSL automatically uses /dev/urandom // Seed with the entire set of perfmon data // This can take up to 2 seconds, so only do it every 10 minutes diff --git a/src/sapling/crypter_sapling.cpp b/src/sapling/crypter_sapling.cpp index b2adb669adfe8..2921ca1d99c7f 100644 --- a/src/sapling/crypter_sapling.cpp +++ b/src/sapling/crypter_sapling.cpp @@ -10,8 +10,6 @@ #include "util.h" #include "uint256.h" -#include -#include #include "wallet/wallet.h" bool CCryptoKeyStore::AddCryptedSaplingSpendingKey( diff --git a/src/test/CMakeLists.txt b/src/test/CMakeLists.txt index 5bbf14877082e..7d6403774ccdd 100644 --- a/src/test/CMakeLists.txt +++ b/src/test/CMakeLists.txt @@ -167,7 +167,7 @@ target_link_libraries(test_pivx PRIVATE crc32c secp256k1 rustzcash - ${BerkeleyDB_LIBRARIES} ${OPENSSL_CRYPTO_LIBRARY} ${Boost_LIBRARIES} ${Boost_UNIT_TEST_FRAMEWORK_LIBRARY} ${LIBEVENT_LIB} ${GMP_LIBRARY} pthread + ${BerkeleyDB_LIBRARIES} ${Boost_LIBRARIES} ${Boost_UNIT_TEST_FRAMEWORK_LIBRARY} ${LIBEVENT_LIB} ${GMP_LIBRARY} pthread ) if(ZMQ_FOUND) target_link_libraries(test_pivx PRIVATE ZMQ_A ${ZMQ_LIB}) diff --git a/src/test/sanity_tests.cpp b/src/test/sanity_tests.cpp index 55d7f89c0dc4e..5a268d2f3229e 100644 --- a/src/test/sanity_tests.cpp +++ b/src/test/sanity_tests.cpp @@ -14,7 +14,7 @@ BOOST_AUTO_TEST_CASE(basic_sanity) { BOOST_CHECK_MESSAGE(glibc_sanity_test() == true, "libc sanity test"); BOOST_CHECK_MESSAGE(glibcxx_sanity_test() == true, "stdlib sanity test"); - BOOST_CHECK_MESSAGE(ECC_InitSanityCheck() == true, "openssl ECC test"); + BOOST_CHECK_MESSAGE(ECC_InitSanityCheck() == true, "secp256k1 sanity test"); } BOOST_AUTO_TEST_SUITE_END() diff --git a/src/utilstrencodings.cpp b/src/utilstrencodings.cpp index 4a8f6adb5d4be..ae0f5c5d56061 100644 --- a/src/utilstrencodings.cpp +++ b/src/utilstrencodings.cpp @@ -14,9 +14,7 @@ #include #include -#include -#include -#include + static const std::string CHARS_ALPHA_NUM = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; @@ -193,33 +191,6 @@ std::string DecodeBase64(const std::string& str) return (vchRet.size() == 0) ? std::string() : std::string((const char*)&vchRet[0], vchRet.size()); } -// Base64 encoding with secure memory allocation -SecureString EncodeBase64Secure(const SecureString& input) -{ - // Init openssl BIO with base64 filter and memory output - BIO *b64, *mem; - b64 = BIO_new(BIO_f_base64()); - BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); // No newlines in output - mem = BIO_new(BIO_s_mem()); - BIO_push(b64, mem); - - // Decode the string - BIO_write(b64, &input[0], input.size()); - (void)BIO_flush(b64); - - // Create output variable from buffer mem ptr - BUF_MEM* bptr; - BIO_get_mem_ptr(b64, &bptr); - SecureString output(bptr->data, bptr->length); - - // Cleanse secure data buffer from memory - memory_cleanse((void*)bptr->data, bptr->length); - - // Free memory - BIO_free_all(b64); - return output; -} - std::string EncodeBase32(const unsigned char* pch, size_t len) { static const char *pbase32 = "abcdefghijklmnopqrstuvwxyz234567"; diff --git a/src/utilstrencodings.h b/src/utilstrencodings.h index dc4fca797af98..3a84b68f36e62 100644 --- a/src/utilstrencodings.h +++ b/src/utilstrencodings.h @@ -56,8 +56,6 @@ std::vector DecodeBase64(const char* p, bool* pfInvalid = NULL); std::string DecodeBase64(const std::string& str); std::string EncodeBase64(const unsigned char* pch, size_t len); std::string EncodeBase64(const std::string& str); -SecureString DecodeBase64Secure(const SecureString& input); -SecureString EncodeBase64Secure(const SecureString& input); std::vector DecodeBase32(const char* p, bool* pfInvalid = NULL); std::string DecodeBase32(const std::string& str); std::string EncodeBase32(const unsigned char* pch, size_t len); diff --git a/test/functional/rpc_bip38.py b/test/functional/rpc_bip38.py index ef47b2c590e91..19c8f6ba491d8 100755 --- a/test/functional/rpc_bip38.py +++ b/test/functional/rpc_bip38.py @@ -22,6 +22,7 @@ def run_test(self): self.log.info('decrypt bip38 key %s' % (bip38key)) assert_equal(self.nodes[1].bip38decrypt(bip38key, password)['Address'], address) + assert_equal(self.nodes[1].dumpprivkey(address), privkey) if __name__ == '__main__': Bip38Test().main()