Changes for BouncyCastle interoperability

eccrypto.h

@@ -322,7 +322,8 @@ struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMe
 };
 
 //! Elliptic Curve Integrated Encryption Scheme, AKA <a href="http://www.weidai.com/scan-mirror/ca.html#ECIES">ECIES</a>
-/*! Default to (NoCofactorMultiplication and DHAES_MODE = false) for compatibilty with SEC1 and Crypto++ 4.2.
+/*!$ Default to (NoCofactorMultiplication and DHAES_MODE = true) for compatibilty with BouncyCastle and Botan-1.11.
+ *      For cmpatibility with SEC1 and Crypto++ 4.2 set DHAES_MODE = false.
 	The combination of (IncompatibleCofactorMultiplication and DHAES_MODE = true) is recommended for best
 	efficiency and security. */
 template <class EC, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = false>
@@ -340,13 +341,7 @@ struct ECIES
 	virtual ~ECIES() {}
 #endif
 
-#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800)
-} __attribute__((deprecated ("ECIES will be changing in the near future due to (1) an implementation bug and (2) an interop issue")));
-#elif (CRYPTOPP_GCC_VERSION)
-} __attribute__((deprecated));
-#else
 };
-#endif
 
 NAMESPACE_END
 

gfpcrypt.h

@@ -532,8 +532,8 @@ public:
 		mac.Update(encodingParameters.begin(), encodingParameters.size());
 		if (DHAES_MODE)
 		{
-			byte L[8] = {0,0,0,0};
+			byte L[8] = {0,0,0,0,0,0,0,0};
-			PutWord(false, BIG_ENDIAN_ORDER, L+4, word32(encodingParameters.size()));
+			PutWord(false, BIG_ENDIAN_ORDER, L, word64(encodingParameters.size()));
 			mac.Update(L, 8);
 		}
 		mac.Final(ciphertext + plaintextLength);
@@ -561,8 +561,8 @@ public:
 		mac.Update(encodingParameters.begin(), encodingParameters.size());
 		if (DHAES_MODE)
 		{
-			byte L[8] = {0,0,0,0};
+			byte L[8] = {0,0,0,0,0,0,0,0};
-			PutWord(false, BIG_ENDIAN_ORDER, L+4, word32(encodingParameters.size()));
+			PutWord(false, BIG_ENDIAN_ORDER, L, word64(encodingParameters.size()));
 			mac.Update(L, 8);
 		}
 		if (!mac.Verify(ciphertext + plaintextLength))