chore: fix BoringSSL conflict in patches (#29748)

This commit is contained in:
Shelley Vohr 2021-06-17 13:06:19 +02:00 committed by GitHub
parent 542abcd6fd
commit b3daa2d672
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 0 additions and 69 deletions

View file

@ -1,5 +1,3 @@
expose_ripemd160.patch
expose_aes-cfb.patch
expose_des-ede3.patch
src_add_impl_for_evp_pkey_get0.patch
ensure_name_not_null_in_evp_get_cipherbyname.patch

View file

@ -1,29 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Wed, 2 Jun 2021 11:58:18 +0200
Subject: Ensure name not null in EVP_get_cipherbyname
This adds a check to EVP_get_cipherbyname which ensures that name
is not null when passed to OPENSSL_strcasecmp, which cannot handle
null values.
OpenSSL already ensures this in their implementation of
EVP_get_cipherbyname by using OBJ_NAME_get, so this improves parity.
Upstreamed at https://boringssl-review.googlesource.com/c/boringssl/+/47844.
diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
index e771ed6589b4579cc35300d5b2a1b68d92e444f5..8205e121c152fe4e2d8df34a1ac2fe0498381f31 100644
--- a/crypto/cipher_extra/cipher_extra.c
+++ b/crypto/cipher_extra/cipher_extra.c
@@ -89,6 +89,10 @@ const EVP_CIPHER *EVP_get_cipherbynid(int nid) {
}
const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {
+ if (name == NULL) {
+ return NULL;
+ }
+
if (OPENSSL_strcasecmp(name, "rc4") == 0) {
return EVP_rc4();
} else if (OPENSSL_strcasecmp(name, "des-cbc") == 0) {

View file

@ -1,38 +0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 31 May 2021 11:30:38 +0200
Subject: src: add impl for EVP_PKEY_get0
This adds the missing implementation for EVP_PKEY_get0, which Node.js
uses and which is present in OpenSSL but not BoringSSL.
This will be upstreamed either fully or as a shim.
diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c
index 653d6573fdf1c542010698e9f6d1cf8170ea2f0c..738cec60a9fed4bfad56c7b2b75c44eb225abfcf 100644
--- a/crypto/evp/evp.c
+++ b/crypto/evp/evp.c
@@ -224,6 +224,10 @@ int EVP_PKEY_type(int nid) {
return meth->pkey_id;
}
+void *EVP_PKEY_get0(const EVP_PKEY *pkey) {
+ return pkey->pkey.ptr;
+}
+
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) {
if (EVP_PKEY_assign_RSA(pkey, key)) {
RSA_up_ref(key);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 378eb320f7c01df33850cca9d0111db32ffa6175..9eebf9c609abd31ed63c1f1c720c716d074e3f6d 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -156,6 +156,8 @@ OPENSSL_EXPORT int EVP_PKEY_type(int nid);
// returned lower-level objects are considered to also mutate the |EVP_PKEY| and
// may not be called concurrently with other operations on the |EVP_PKEY|.
+OPENSSL_EXPORT void *EVP_PKEY_get0(const EVP_PKEY *pkey);
+
OPENSSL_EXPORT int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
OPENSSL_EXPORT int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
OPENSSL_EXPORT RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);