From 316881df2f6bda055888a28ed839a3021ffde809 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Thu, 7 Feb 2019 11:24:33 -0800
Subject: [PATCH 1/4] fix: backport patch to sync exposed crypto

---
 patches/common/boringssl/.patches             |  1 +
 .../boringssl/sync_sorted_ciphers.patch       | 85 +++++++++++++++++++
 2 files changed, 86 insertions(+)
 create mode 100644 patches/common/boringssl/sync_sorted_ciphers.patch

diff --git a/patches/common/boringssl/.patches b/patches/common/boringssl/.patches
index 71091233a0f59..9e5a6baca3969 100644
--- a/patches/common/boringssl/.patches
+++ b/patches/common/boringssl/.patches
@@ -1,3 +1,4 @@
 implement_ssl_get_tlsext_status_type.patch
 expose_ripemd160.patch
 expose_aes-cfb.patch
+sync_sorted_ciphers.patch
diff --git a/patches/common/boringssl/sync_sorted_ciphers.patch b/patches/common/boringssl/sync_sorted_ciphers.patch
new file mode 100644
index 0000000000000..7d66f98ffb320
--- /dev/null
+++ b/patches/common/boringssl/sync_sorted_ciphers.patch
@@ -0,0 +1,85 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Shelley Vohr <shelley.vohr@gmail.com>
+Date: Thurs, 7 Feb 2019 11:11:35 -0800
+Subject: sync EVP_get_cipherbyname with EVP_do_all_sorted
+
+EVP_get_cipherbyname should work on everything that EVP_do_all_sorted
+lists, and conversely, there should be nothing that
+EVP_get_cipherbyname works on that EVP_do_all_sorted doesn't list.
+This thus does that.
+
+diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
+index be7ef07b2..588a47734 100644
+--- a/crypto/cipher_extra/cipher_extra.c
++++ b/crypto/cipher_extra/cipher_extra.c
+@@ -133,6 +133,14 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {
+     return EVP_aes_192_ofb();
+   } else if (OPENSSL_strcasecmp(name, "aes-256-ofb") == 0) {
+     return EVP_aes_256_ofb();
++  } else if (OPENSSL_strcasecmp(name, "des-ecb") == 0) {
++    return EVP_des_ecb();
++  } else if (OPENSSL_strcasecmp(name, "des-ede") == 0) {
++    return EVP_des_ede();
++  } else if (OPENSSL_strcasecmp(name, "des-ede-cbc") == 0) {
++    return EVP_des_ede_cbc();
++  } else if (OPENSSL_strcasecmp(name, "rc2-cbc") == 0) {
++    return EVP_rc2_cbc();
+   }
+ 
+   return NULL;
+diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
+index 8b008a401..3e88b29cb 100644
+--- a/decrepit/evp/evp_do_all.c
++++ b/decrepit/evp/evp_do_all.c
+@@ -21,15 +21,21 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+                               void *arg) {
+   callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);
+   callback(EVP_aes_128_cfb128(), "AES-128-CFB", NULL, arg);
+-  callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
+-  callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg);
+-  callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg);
++  callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg);
+   callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);
++  callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
++  callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg);
+   callback(EVP_aes_256_cfb128(), "AES-256-CFB", NULL, arg);
+   callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);
++  callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg);
++  callback(EVP_aes_192_ecb(), "AES-192-ECB", NULL, arg);
+   callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg);
++  callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg);
++  callback(EVP_aes_192_ofb(), "AES-192-OFB", NULL, arg);
+   callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg);
+-  callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg);
++  callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
++  callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
++  callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
+   callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
+   callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
+   callback(EVP_des_ede(), "DES-EDE", NULL, arg);
+@@ -41,15 +47,21 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+   // OpenSSL returns everything twice, the second time in lower case.
+   callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);
+   callback(EVP_aes_128_cfb128(), "aes-128-cfb", NULL, arg);
+-  callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
+-  callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg);
+-  callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg);
++  callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg);
+   callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);
++  callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
++  callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg);
+   callback(EVP_aes_256_cfb128(), "aes-256-cfb", NULL, arg);
+   callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);
++  callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg);
++  callback(EVP_aes_192_ecb(), "aes-192-ecb", NULL, arg);
+   callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg);
++  callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg);
++  callback(EVP_aes_192_ofb(), "aes-192-ofb", NULL, arg);
+   callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg);
+-  callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg);
++  callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
++  callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
++  callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
+   callback(EVP_des_cbc(), "des-cbc", NULL, arg);
+   callback(EVP_des_ecb(), "des-ecb", NULL, arg);
+   callback(EVP_des_ede(), "des-ede", NULL, arg);

From e63126a9a4bd281acadd38f795433ad5c0883a71 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Thu, 7 Feb 2019 12:53:11 -0800
Subject: [PATCH 2/4] add two new specs

---
 spec/node-spec.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/spec/node-spec.js b/spec/node-spec.js
index 6c2aaffa36b2d..e61956e649821 100644
--- a/spec/node-spec.js
+++ b/spec/node-spec.js
@@ -442,6 +442,14 @@ describe('node feature', () => {
     it('should be able to create an aes-256-cfb cipher', () => {
       require('crypto').createCipheriv('aes-256-cfb', '0123456789abcdef0123456789abcdef', '0123456789abcdef')
     })
+
+    it('should list des-ede-cbc in getCiphers', () => {
+      expect(require('crypto').getCiphers()).to.include('des-ede-cbc')
+    })
+
+    it('should be able to create an des-ede-cbc cipher', () => {
+      require('crypto').createCipheriv('des-ede-cbc', '0123456789abcdeff1e0d3c2b5a49786', 'fedcba9876543210')
+    })
   })
 
   it('includes the electron version in process.versions', () => {

From c257a5b9c7a9ba0e1ca8cce8451a64976f401d67 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 11 Feb 2019 20:31:34 -0800
Subject: [PATCH 3/4] fix iv length

---
 spec/node-spec.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/spec/node-spec.js b/spec/node-spec.js
index e61956e649821..c2b1b3f9618e7 100644
--- a/spec/node-spec.js
+++ b/spec/node-spec.js
@@ -448,7 +448,9 @@ describe('node feature', () => {
     })
 
     it('should be able to create an des-ede-cbc cipher', () => {
-      require('crypto').createCipheriv('des-ede-cbc', '0123456789abcdeff1e0d3c2b5a49786', 'fedcba9876543210')
+      const key = Buffer.from('0123456789abcdeff1e0d3c2b5a49786', 'hex')
+      const iv = Buffer.from('fedcba9876543210', 'hex')
+      require('crypto').createCipheriv('des-ede-cbc', key, iv)
     })
   })
 

From feff98de0d6ad9b1f362255f27715894aec5407e Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Tue, 12 Feb 2019 10:03:54 -0800
Subject: [PATCH 4/4] fix formatting

---
 patches/common/boringssl/sync_sorted_ciphers.patch | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/patches/common/boringssl/sync_sorted_ciphers.patch b/patches/common/boringssl/sync_sorted_ciphers.patch
index 7d66f98ffb320..9787324c58f9a 100644
--- a/patches/common/boringssl/sync_sorted_ciphers.patch
+++ b/patches/common/boringssl/sync_sorted_ciphers.patch
@@ -1,6 +1,6 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Shelley Vohr <shelley.vohr@gmail.com>
-Date: Thurs, 7 Feb 2019 11:11:35 -0800
+Date: Thu, 7 Feb 2019 11:11:35 -0800
 Subject: sync EVP_get_cipherbyname with EVP_do_all_sorted
 
 EVP_get_cipherbyname should work on everything that EVP_do_all_sorted
@@ -9,7 +9,7 @@ EVP_get_cipherbyname works on that EVP_do_all_sorted doesn't list.
 This thus does that.
 
 diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
-index be7ef07b2..588a47734 100644
+index be7ef07b2c188a76890deb0f305cf92fcc57a64e..588a4773437c311877f275bf3679f9688cda3c46 100644
 --- a/crypto/cipher_extra/cipher_extra.c
 +++ b/crypto/cipher_extra/cipher_extra.c
 @@ -133,6 +133,14 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) {
@@ -28,7 +28,7 @@ index be7ef07b2..588a47734 100644
  
    return NULL;
 diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
-index 8b008a401..3e88b29cb 100644
+index 8b008a401ec2f2d0673f6876609dd5786cace4c2..3e88b29cb599730d2e8682070aaa4be38d06ed80 100644
 --- a/decrepit/evp/evp_do_all.c
 +++ b/decrepit/evp/evp_do_all.c
 @@ -21,15 +21,21 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,