electron/patches/boringssl/expose_ripemd160.patch
electron-roller[bot] af58931efa
chore: bump chromium to 131.0.6744.0 (main) (#43948)
* chore: bump chromium in DEPS to 131.0.6738.0

* chore: bump chromium in DEPS to 131.0.6740.0

* 5889025: [LaCrOS] Remove LaCrOS screen capturer. | https://chromium-review.googlesource.com/c/chromium/src/+/5889025

* https://boringssl.googlesource.com/boringssl.git/+/40dd94116ba03678226443ba20c5887459c9bf16/crypto/fipsmodule/digest/digests.c.inc

* chore: update patches

* 5878695: Add IsolationInfo for embedders handling external protocols | https://chromium-review.googlesource.com/c/chromium/src/+/5878695

* 5854304: [UI] Remove alias of mojom  | https://chromium-review.googlesource.com/c/chromium/src/+/5854304

* chore: bump chromium in DEPS to 131.0.6742.0

* chore: update patches

* chore: bump chromium in DEPS to 131.0.6744.0

* fixup! 5889025: [LaCrOS] Remove LaCrOS screen capturer. | https://chromium-review.googlesource.com/c/chromium/src/+/5889025

* chore: e patches all

* chore: update chore_provide_iswebcontentscreationoverridden_with_full_params.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5894233

* [UI] Remove alias of mojom 'WindowShowState'

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5854304

* chore: gen-libc++-filenames.js

* chore: partially revert https://chromium-review.googlesource.com/c/chromium/src/+/5894233

see patch commit message for description

* Clean up stale base::Feature "kFileSystemAccessLocalUNCPathBlock"

This feature is always on by default and doesn't have active finch
experiments.

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5881253

* fix: asar integrity test recognizes SIGABRT as a crash

https://chromium-review.googlesource.com/c/chromium/src/+/5882758

ValidateIntegrityOrDie() exits via LOG(FATAL)'s call to
base::ImmediateCrash(). There's been churn there upstream between
5332940 and 5882758 on whether to use SIGTRAP or SIGABRT.  For now,
let's accept both until the churn is done.

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: alice <alice@makenotion.com>
Co-authored-by: Charles Kerr <charles@charleskerr.com>
2024-09-30 14:54:44 +02:00

97 lines
4.1 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Apthorp <nornagon@nornagon.net>
Date: Fri, 18 Jan 2019 13:56:52 -0800
Subject: expose ripemd160
This adds references to the decrepit/ module from non-decrepit source,
which is not allowed in upstream. Until upstream has a way to interface
with node.js that allows exposing additional digests without patching,
this patch is required to provide ripemd160 support in the nodejs crypto
module.
diff --git a/crypto/digest_extra/digest_extra.c b/crypto/digest_extra/digest_extra.c
index 7033d9c9cc2a2e11c5d6b4bc8575b1f6d271170c..97107c022f6997c56581317feee230bd6b1ed542 100644
--- a/crypto/digest_extra/digest_extra.c
+++ b/crypto/digest_extra/digest_extra.c
@@ -87,6 +87,7 @@ static const struct nid_to_digest nid_to_digest_mapping[] = {
{NID_sha512, EVP_sha512, SN_sha512, LN_sha512},
{NID_sha512_256, EVP_sha512_256, SN_sha512_256, LN_sha512_256},
{NID_md5_sha1, EVP_md5_sha1, SN_md5_sha1, LN_md5_sha1},
+ {NID_ripemd160, EVP_ripemd160, SN_ripemd160, LN_ripemd160},
// As a remnant of signing |EVP_MD|s, OpenSSL returned the corresponding
// hash function when given a signature OID. To avoid unintended lax parsing
// of hash OIDs, this is no longer supported for lookup by OID or NID.
diff --git a/crypto/fipsmodule/digest/digests.c.inc b/crypto/fipsmodule/digest/digests.c.inc
index 9ead2c65c43f6f4899fa84d095c025b2b7c0bedc..1644bba5c1b87037b681372db89d93c2e637ebf2 100644
--- a/crypto/fipsmodule/digest/digests.c.inc
+++ b/crypto/fipsmodule/digest/digests.c.inc
@@ -60,6 +60,7 @@
#include <string.h>
#include <openssl/nid.h>
+#include <openssl/ripemd.h>
#include "internal.h"
#include "../delocate.h"
@@ -215,4 +216,27 @@ DEFINE_METHOD_FUNCTION(EVP_MD, EVP_sha512_256) {
out->ctx_size = sizeof(SHA512_CTX);
}
+static void ripemd160_init(EVP_MD_CTX *ctx) {
+ CHECK(RIPEMD160_Init(ctx->md_data));
+}
+
+static void ripemd160_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+ CHECK(RIPEMD160_Update(ctx->md_data, data, count));
+}
+
+static void ripemd160_final(EVP_MD_CTX *ctx, uint8_t *md) {
+ CHECK(RIPEMD160_Final(md, ctx->md_data));
+}
+
+DEFINE_METHOD_FUNCTION(EVP_MD, EVP_ripemd160) {
+ out->type = NID_ripemd160;
+ out->md_size = RIPEMD160_DIGEST_LENGTH;
+ out->flags = 0;
+ out->init = ripemd160_init;
+ out->update = ripemd160_update;
+ out->final = ripemd160_final;
+ out->block_size = 64;
+ out->ctx_size = sizeof(RIPEMD160_CTX);
+}
+
#undef CHECK
diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
index a3fb077b9b9e66d1bc524fd7987622e73aa4776a..852b76bea69988e0b3ac76a17b603128f239dde0 100644
--- a/decrepit/evp/evp_do_all.c
+++ b/decrepit/evp/evp_do_all.c
@@ -79,6 +79,7 @@ void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher,
callback(EVP_sha384(), "SHA384", NULL, arg);
callback(EVP_sha512(), "SHA512", NULL, arg);
callback(EVP_sha512_256(), "SHA512-256", NULL, arg);
+ callback(EVP_ripemd160(), "ripemd160", NULL, arg);
callback(EVP_md4(), "md4", NULL, arg);
callback(EVP_md5(), "md5", NULL, arg);
@@ -88,6 +89,7 @@ void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher,
callback(EVP_sha384(), "sha384", NULL, arg);
callback(EVP_sha512(), "sha512", NULL, arg);
callback(EVP_sha512_256(), "sha512-256", NULL, arg);
+ callback(EVP_ripemd160(), "ripemd160", NULL, arg);
}
void EVP_MD_do_all(void (*callback)(const EVP_MD *cipher, const char *name,
diff --git a/include/openssl/digest.h b/include/openssl/digest.h
index 6e889993edc1caa7e10670529dd270c337b5ae4c..f61f7e5009a9b4f5630cda2c3a5a21b44e5b88d8 100644
--- a/include/openssl/digest.h
+++ b/include/openssl/digest.h
@@ -90,6 +90,9 @@ OPENSSL_EXPORT const EVP_MD *EVP_blake2b256(void);
// MD5 and SHA-1, as used in TLS 1.1 and below.
OPENSSL_EXPORT const EVP_MD *EVP_md5_sha1(void);
+// EVP_ripemd160 is in decrepit and not available by default.
+OPENSSL_EXPORT const EVP_MD *EVP_ripemd160(void);
+
// EVP_get_digestbynid returns an |EVP_MD| for the given NID, or NULL if no
// such digest is known.
OPENSSL_EXPORT const EVP_MD *EVP_get_digestbynid(int nid);