parent
de436f040f
commit
0a7bc4f5d1
4 changed files with 58 additions and 3 deletions
|
@ -2,3 +2,4 @@ expose_ripemd160.patch
|
||||||
expose_aes-cfb.patch
|
expose_aes-cfb.patch
|
||||||
expose_des-ede3.patch
|
expose_des-ede3.patch
|
||||||
fix_sync_evp_get_cipherbynid_and_evp_get_cipherbyname.patch
|
fix_sync_evp_get_cipherbynid_and_evp_get_cipherbyname.patch
|
||||||
|
expose_blowfish_ciphers.patch
|
||||||
|
|
47
patches/boringssl/expose_blowfish_ciphers.patch
Normal file
47
patches/boringssl/expose_blowfish_ciphers.patch
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jeremy Rose <nornagon@nornagon.net>
|
||||||
|
Date: Wed, 5 Jan 2022 13:08:10 -0800
|
||||||
|
Subject: expose blowfish ciphers
|
||||||
|
|
||||||
|
This exposes the (decrepit) blowfish cipher family, bf-cbc, bf-cfb and
|
||||||
|
bf-ecb through the EVP interface. This adds references to decrepit code
|
||||||
|
from non-decrepit code, so upstream is unlikely to take the patch.
|
||||||
|
|
||||||
|
diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
|
||||||
|
index cfdb69e3c556fea11aa7c2d28d4b7da524df15c3..95bd172c99874610ec9157c52df4fe0232e78c7f 100644
|
||||||
|
--- a/crypto/cipher_extra/cipher_extra.c
|
||||||
|
+++ b/crypto/cipher_extra/cipher_extra.c
|
||||||
|
@@ -89,6 +89,9 @@ static const struct {
|
||||||
|
{NID_aes_256_ecb, "aes-256-ecb", EVP_aes_256_ecb},
|
||||||
|
{NID_aes_256_gcm, "aes-256-gcm", EVP_aes_256_gcm},
|
||||||
|
{NID_aes_256_ofb128, "aes-256-ofb", EVP_aes_256_ofb},
|
||||||
|
+ {NID_bf_cbc, "bf-cbc", EVP_bf_cbc},
|
||||||
|
+ {NID_bf_cfb64, "bf-cfb", EVP_bf_cfb},
|
||||||
|
+ {NID_bf_ecb, "bf-ecb", EVP_bf_ecb},
|
||||||
|
{NID_des_cbc, "des-cbc", EVP_des_cbc},
|
||||||
|
{NID_des_ecb, "des-ecb", EVP_des_ecb},
|
||||||
|
{NID_des_ede_cbc, "des-ede-cbc", EVP_des_ede_cbc},
|
||||||
|
diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
|
||||||
|
index 5e71420b765019edea82a33884ace539cd91bda5..43fc792697519325725e9ce87801c5dc176c70a1 100644
|
||||||
|
--- a/decrepit/evp/evp_do_all.c
|
||||||
|
+++ b/decrepit/evp/evp_do_all.c
|
||||||
|
@@ -36,6 +36,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
|
||||||
|
callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
|
||||||
|
callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
|
||||||
|
callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
|
||||||
|
+ callback(EVP_bf_cbc(), "BF-CBC", NULL, arg);
|
||||||
|
+ callback(EVP_bf_cfb(), "BF-CFB", NULL, arg);
|
||||||
|
+ callback(EVP_bf_ecb(), "BF-ECB", NULL, arg);
|
||||||
|
callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
|
||||||
|
callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
|
||||||
|
callback(EVP_des_ede(), "DES-EDE", NULL, arg);
|
||||||
|
@@ -63,6 +66,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
|
||||||
|
callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
|
||||||
|
callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
|
||||||
|
callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
|
||||||
|
+ callback(EVP_bf_cbc(), "bf-cbc", NULL, arg);
|
||||||
|
+ callback(EVP_bf_cfb(), "bf-cfb", NULL, arg);
|
||||||
|
+ callback(EVP_bf_ecb(), "bf-ecb", NULL, arg);
|
||||||
|
callback(EVP_des_cbc(), "des-cbc", NULL, arg);
|
||||||
|
callback(EVP_des_ecb(), "des-ecb", NULL, arg);
|
||||||
|
callback(EVP_des_ede(), "des-ede", NULL, arg);
|
|
@ -6,10 +6,10 @@ Subject: boringssl BUILD.gn
|
||||||
Build BoringSSL with some extra functions that nodejs needs.
|
Build BoringSSL with some extra functions that nodejs needs.
|
||||||
|
|
||||||
diff --git a/third_party/boringssl/BUILD.gn b/third_party/boringssl/BUILD.gn
|
diff --git a/third_party/boringssl/BUILD.gn b/third_party/boringssl/BUILD.gn
|
||||||
index 91ce539f2cdf3c17645126088ecb00e36befd1b8..8f3c9ccc10f8204c21d1f28444eef77724255aa9 100644
|
index 91ce539f2cdf3c17645126088ecb00e36befd1b8..8e1d78fdb56372836cea73e35cb4e03059cf5ec5 100644
|
||||||
--- a/third_party/boringssl/BUILD.gn
|
--- a/third_party/boringssl/BUILD.gn
|
||||||
+++ b/third_party/boringssl/BUILD.gn
|
+++ b/third_party/boringssl/BUILD.gn
|
||||||
@@ -47,6 +47,19 @@ config("no_asm_config") {
|
@@ -47,6 +47,20 @@ config("no_asm_config") {
|
||||||
|
|
||||||
all_sources = crypto_sources + ssl_sources
|
all_sources = crypto_sources + ssl_sources
|
||||||
all_headers = crypto_headers + ssl_headers
|
all_headers = crypto_headers + ssl_headers
|
||||||
|
@ -21,9 +21,10 @@ index 91ce539f2cdf3c17645126088ecb00e36befd1b8..8f3c9ccc10f8204c21d1f28444eef777
|
||||||
+ ]
|
+ ]
|
||||||
+
|
+
|
||||||
+ all_sources += [
|
+ all_sources += [
|
||||||
|
+ "src/decrepit/blowfish/blowfish.c",
|
||||||
|
+ "src/decrepit/cfb/cfb.c",
|
||||||
+ "src/decrepit/ripemd/internal.h",
|
+ "src/decrepit/ripemd/internal.h",
|
||||||
+ "src/decrepit/ripemd/ripemd.c",
|
+ "src/decrepit/ripemd/ripemd.c",
|
||||||
+ "src/decrepit/cfb/cfb.c",
|
|
||||||
+ ]
|
+ ]
|
||||||
+}
|
+}
|
||||||
|
|
||||||
|
|
|
@ -396,6 +396,12 @@ describe('node feature', () => {
|
||||||
require('crypto').createCipheriv('aes-256-cfb', '0123456789abcdef0123456789abcdef', '0123456789abcdef');
|
require('crypto').createCipheriv('aes-256-cfb', '0123456789abcdef0123456789abcdef', '0123456789abcdef');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should be able to create a bf-{cbc,cfb,ecb} ciphers', () => {
|
||||||
|
require('crypto').createCipheriv('bf-cbc', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
|
||||||
|
require('crypto').createCipheriv('bf-cfb', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
|
||||||
|
require('crypto').createCipheriv('bf-ecb', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
|
||||||
|
});
|
||||||
|
|
||||||
it('should list des-ede-cbc in getCiphers', () => {
|
it('should list des-ede-cbc in getCiphers', () => {
|
||||||
expect(require('crypto').getCiphers()).to.include('des-ede-cbc');
|
expect(require('crypto').getCiphers()).to.include('des-ede-cbc');
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in a new issue