chore: remove mips64el patches as they've largely been upstreamed (#18628)

patches/boringssl/.patches

@@ -0,0 +1,2 @@
+expose_ripemd160.patch
+expose_aes-cfb.patch

patches/boringssl/expose_aes-cfb.patch

@@ -0,0 +1,80 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jeremy Apthorp <nornagon@nornagon.net>
+Date: Fri, 18 Jan 2019 14:23:28 -0800
+Subject: expose aes-{128,256}-cfb
+
+
+diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
+index b132265bc103658dba3de6e0c3dc50d3634da5b0..588a4773437c311877f275bf3679f9688cda3c46 100644
+--- a/crypto/cipher_extra/cipher_extra.c
++++ b/crypto/cipher_extra/cipher_extra.c
+@@ -101,10 +101,14 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {
+     return EVP_des_ede3_cbc();
+   } else if (OPENSSL_strcasecmp(name, "aes-128-cbc") == 0) {
+     return EVP_aes_128_cbc();
++  } else if (OPENSSL_strcasecmp(name, "aes-128-cfb") == 0) {
++    return EVP_aes_128_cfb128();
+   } else if (OPENSSL_strcasecmp(name, "aes-192-cbc") == 0) {
+     return EVP_aes_192_cbc();
+   } else if (OPENSSL_strcasecmp(name, "aes-256-cbc") == 0) {
+     return EVP_aes_256_cbc();
++  } else if (OPENSSL_strcasecmp(name, "aes-256-cfb") == 0) {
++    return EVP_aes_256_cfb128();
+   } else if (OPENSSL_strcasecmp(name, "aes-128-ctr") == 0) {
+     return EVP_aes_128_ctr();
+   } else if (OPENSSL_strcasecmp(name, "aes-192-ctr") == 0) {
+diff --git a/decrepit/cfb/cfb.c b/decrepit/cfb/cfb.c
+index d3a176163303a202baeb1f95727c6ed3525439d6..21d108a7b73d454aa6b0e324df4b67088d60302a 100644
+--- a/decrepit/cfb/cfb.c
++++ b/decrepit/cfb/cfb.c
+@@ -57,4 +57,12 @@ static const EVP_CIPHER aes_128_cfb128 = {
+     NULL /* cleanup */,  NULL /* ctrl */,
+ };
+ 
++static const EVP_CIPHER aes_256_cfb128 = {
++    NID_aes_128_cfb128,  1 /* block_size */,  32 /* key_size */,
++    16 /* iv_len */,     sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
++    NULL /* app_data */, aes_cfb_init_key,    aes_cfb128_cipher,
++    NULL /* cleanup */,  NULL /* ctrl */,
++};
++
+ const EVP_CIPHER *EVP_aes_128_cfb128(void) { return &aes_128_cfb128; }
++const EVP_CIPHER *EVP_aes_256_cfb128(void) { return &aes_256_cfb128; }
+diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
+index 53cb9d2dc8f1962a70dc12b648d27c32be8aca4b..84af06fc56e4aa72d4d48801d7c037add0221747 100644
+--- a/decrepit/evp/evp_do_all.c
++++ b/decrepit/evp/evp_do_all.c
+@@ -20,8 +20,10 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+                                                const char *unused, void *arg),
+                               void *arg) {
+   callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);
++  callback(EVP_aes_128_cfb128(), "AES-128-CFB", NULL, arg);
+   callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg);
+   callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);
++  callback(EVP_aes_256_cfb128(), "AES-256-CFB", NULL, arg);
+   callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
+   callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg);
+   callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);
+@@ -44,8 +46,10 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+ 
+   // OpenSSL returns everything twice, the second time in lower case.
+   callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);
++  callback(EVP_aes_128_cfb128(), "aes-128-cfb", NULL, arg);
+   callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg);
+   callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);
++  callback(EVP_aes_256_cfb128(), "aes-256-cfb", NULL, arg);
+   callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
+   callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg);
+   callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);
+diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
+index ea7a940ab3003f6919322ef1c4b7caaa9dea8588..5320d5d84c10c6396eb869dc1767b31afeeac4ef 100644
+--- a/include/openssl/cipher.h
++++ b/include/openssl/cipher.h
+@@ -424,6 +424,7 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_ecb(void);
+ 
+ // EVP_aes_128_cfb128 is only available in decrepit.
+ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_cfb128(void);
++OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cfb128(void);
+ 
+ // EVP_bf_ecb is Blowfish in ECB mode and is only available in decrepit.
+ OPENSSL_EXPORT const EVP_CIPHER *EVP_bf_ecb(void);

patches/boringssl/expose_ripemd160.patch

@@ -0,0 +1,95 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jeremy Apthorp <nornagon@nornagon.net>
+Date: Fri, 18 Jan 2019 13:56:52 -0800
+Subject: expose ripemd160
+
+This adds references to the decrepit/ module from non-decrepit source,
+which is not allowed in upstream. Until upstream has a way to interface
+with node.js that allows exposing additional digests without patching,
+this patch is required to provide ripemd160 support in the nodejs crypto
+module.
+
+diff --git a/crypto/digest_extra/digest_extra.c b/crypto/digest_extra/digest_extra.c
+index 4b4bb38135e6089eaf6f47afda0199567a2397ef..43b7eca808b82a032055f56ce726ce4f38c5f2c5 100644
+--- a/crypto/digest_extra/digest_extra.c
++++ b/crypto/digest_extra/digest_extra.c
+@@ -81,6 +81,7 @@ static const struct nid_to_digest nid_to_digest_mapping[] = {
+     {NID_sha384, EVP_sha384, SN_sha384, LN_sha384},
+     {NID_sha512, EVP_sha512, SN_sha512, LN_sha512},
+     {NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1},
++    {NID_ripemd160, EVP_ripemd160, SN_ripemd160, LN_ripemd160},
+     // As a remnant of signing |EVP_MD|s, OpenSSL returned the corresponding
+     // hash function when given a signature OID. To avoid unintended lax parsing
+     // of hash OIDs, this is no longer supported for lookup by OID or NID.
+diff --git a/crypto/fipsmodule/digest/digests.c b/crypto/fipsmodule/digest/digests.c
+index f2fa349c2b32ae88766624af3109ece4b1d69909..bcaed59c5401bef071acba9b9919d9069e3ccd4d 100644
+--- a/crypto/fipsmodule/digest/digests.c
++++ b/crypto/fipsmodule/digest/digests.c
+@@ -63,6 +63,7 @@
+ #include <openssl/md5.h>
+ #include <openssl/nid.h>
+ #include <openssl/sha.h>
++#include <openssl/ripemd.h>
+ 
+ #include "internal.h"
+ #include "../delocate.h"
+@@ -277,4 +278,27 @@ DEFINE_METHOD_FUNCTION(EVP_MD, EVP_md5_sha1) {
+   out->ctx_size = sizeof(MD5_SHA1_CTX);
+ }
+ 
++static void ripemd160_init(EVP_MD_CTX *ctx) {
++  CHECK(RIPEMD160_Init(ctx->md_data));
++}
++
++static void ripemd160_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
++  CHECK(RIPEMD160_Update(ctx->md_data, data, count));
++}
++
++static void ripemd160_final(EVP_MD_CTX *ctx, uint8_t *md) {
++  CHECK(RIPEMD160_Final(md, ctx->md_data));
++}
++
++DEFINE_METHOD_FUNCTION(EVP_MD, EVP_ripemd160) {
++  out->type = NID_ripemd160;
++  out->md_size = RIPEMD160_DIGEST_LENGTH;
++  out->flags = 0;
++  out->init = ripemd160_init;
++  out->update = ripemd160_update;
++  out->final = ripemd160_final;
++  out->block_size = 64;
++  out->ctx_size = sizeof(RIPEMD160_CTX);
++}
++
+ #undef CHECK
+diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
+index d540144b293297791c087e0b968a47d368a73695..53cb9d2dc8f1962a70dc12b648d27c32be8aca4b 100644
+--- a/decrepit/evp/evp_do_all.c
++++ b/decrepit/evp/evp_do_all.c
+@@ -78,6 +78,7 @@ void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher,
+   callback(EVP_sha256(), "SHA256", NULL, arg);
+   callback(EVP_sha384(), "SHA384", NULL, arg);
+   callback(EVP_sha512(), "SHA512", NULL, arg);
++  callback(EVP_ripemd160(), "RIPEMD160", NULL, arg);
+ 
+   callback(EVP_md4(), "md4", NULL, arg);
+   callback(EVP_md5(), "md5", NULL, arg);
+@@ -86,4 +87,5 @@ void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher,
+   callback(EVP_sha256(), "sha256", NULL, arg);
+   callback(EVP_sha384(), "sha384", NULL, arg);
+   callback(EVP_sha512(), "sha512", NULL, arg);
++  callback(EVP_ripemd160(), "ripemd160", NULL, arg);
+ }
+diff --git a/include/openssl/digest.h b/include/openssl/digest.h
+index 1a1ca29732afae317c8e8740c629e8922fc83093..48ebdd1eb93b3febecddbc2545b7aae583f21525 100644
+--- a/include/openssl/digest.h
++++ b/include/openssl/digest.h
+@@ -88,6 +88,9 @@ OPENSSL_EXPORT const EVP_MD *EVP_sha512(void);
+ // MD5 and SHA-1, as used in TLS 1.1 and below.
+ OPENSSL_EXPORT const EVP_MD *EVP_md5_sha1(void);
+ 
++// EVP_ripemd160 is in decrepit and not available by default.
++OPENSSL_EXPORT const EVP_MD *EVP_ripemd160(void);
++
+ // EVP_get_digestbynid returns an |EVP_MD| for the given NID, or NULL if no
+ // such digest is known.
+ OPENSSL_EXPORT const EVP_MD *EVP_get_digestbynid(int nid);