Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: expose blowfish cipher family #32356

Merged
merged 7 commits into from Jan 12, 2022
Merged

feat: expose blowfish cipher family #32356

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
7466bd0
feat: expose blowfish cipher family
nornagon Jan 5, 2022
9436329
update build.gn
nornagon Jan 6, 2022
783b4f6
fix nids in cipher list
nornagon Jan 10, 2022
6869951
fix nid name for bf-cfb
nornagon Jan 10, 2022
f006123
chore: update patches
patchup[bot] Jan 10, 2022
fe0da13
Merge branch 'main' into expose-blowfish
nornagon Jan 11, 2022
19c1d92
chore: update patches
patchup[bot] Jan 11, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions patches/boringssl/.patches
View file
Open in desktop
Expand Up @@ -2,3 +2,4 @@ expose_ripemd160.patch
expose_aes-cfb.patch
expose_des-ede3.patch
fix_sync_evp_get_cipherbynid_and_evp_get_cipherbyname.patch
expose_blowfish_ciphers.patch
47 changes: 47 additions & 0 deletions patches/boringssl/expose_blowfish_ciphers.patch
View file
Open in desktop
@@ -0,0 +1,47 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Rose <nornagon@nornagon.net>
Date: Wed, 5 Jan 2022 13:08:10 -0800
Subject: expose blowfish ciphers

This exposes the (decrepit) blowfish cipher family, bf-cbc, bf-cfb and
bf-ecb through the EVP interface. This adds references to decrepit code
from non-decrepit code, so upstream is unlikely to take the patch.

diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
index cfdb69e3c556fea11aa7c2d28d4b7da524df15c3..95bd172c99874610ec9157c52df4fe0232e78c7f 100644
--- a/crypto/cipher_extra/cipher_extra.c
+++ b/crypto/cipher_extra/cipher_extra.c
@@ -89,6 +89,9 @@ static const struct {
{NID_aes_256_ecb, "aes-256-ecb", EVP_aes_256_ecb},
{NID_aes_256_gcm, "aes-256-gcm", EVP_aes_256_gcm},
{NID_aes_256_ofb128, "aes-256-ofb", EVP_aes_256_ofb},
+ {NID_bf_cbc, "bf-cbc", EVP_bf_cbc},
+ {NID_bf_cfb64, "bf-cfb", EVP_bf_cfb},
+ {NID_bf_ecb, "bf-ecb", EVP_bf_ecb},
{NID_des_cbc, "des-cbc", EVP_des_cbc},
{NID_des_ecb, "des-ecb", EVP_des_ecb},
{NID_des_ede_cbc, "des-ede-cbc", EVP_des_ede_cbc},
diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
index 5e71420b765019edea82a33884ace539cd91bda5..43fc792697519325725e9ce87801c5dc176c70a1 100644
--- a/decrepit/evp/evp_do_all.c
+++ b/decrepit/evp/evp_do_all.c
@@ -36,6 +36,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
+ callback(EVP_bf_cbc(), "BF-CBC", NULL, arg);
+ callback(EVP_bf_cfb(), "BF-CFB", NULL, arg);
+ callback(EVP_bf_ecb(), "BF-ECB", NULL, arg);
callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
callback(EVP_des_ede(), "DES-EDE", NULL, arg);
@@ -63,6 +66,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
+ callback(EVP_bf_cbc(), "bf-cbc", NULL, arg);
+ callback(EVP_bf_cfb(), "bf-cfb", NULL, arg);
+ callback(EVP_bf_ecb(), "bf-ecb", NULL, arg);
callback(EVP_des_cbc(), "des-cbc", NULL, arg);
callback(EVP_des_ecb(), "des-ecb", NULL, arg);
callback(EVP_des_ede(), "des-ede", NULL, arg);
7 changes: 4 additions & 3 deletions patches/chromium/boringssl_build_gn.patch
View file
Open in desktop
Expand Up @@ -6,10 +6,10 @@ Subject: boringssl BUILD.gn
Build BoringSSL with some extra functions that nodejs needs.

diff --git a/third_party/boringssl/BUILD.gn b/third_party/boringssl/BUILD.gn
index 91ce539f2cdf3c17645126088ecb00e36befd1b8..8f3c9ccc10f8204c21d1f28444eef77724255aa9 100644
index 91ce539f2cdf3c17645126088ecb00e36befd1b8..8e1d78fdb56372836cea73e35cb4e03059cf5ec5 100644
--- a/third_party/boringssl/BUILD.gn
+++ b/third_party/boringssl/BUILD.gn
@@ -47,6 +47,19 @@ config("no_asm_config") {
@@ -47,6 +47,20 @@ config("no_asm_config") {

all_sources = crypto_sources + ssl_sources
all_headers = crypto_headers + ssl_headers
Expand All @@ -21,9 +21,10 @@ index 91ce539f2cdf3c17645126088ecb00e36befd1b8..8f3c9ccc10f8204c21d1f28444eef777
+ ]
+
+ all_sources += [
+ "src/decrepit/blowfish/blowfish.c",
+ "src/decrepit/cfb/cfb.c",
+ "src/decrepit/ripemd/internal.h",
+ "src/decrepit/ripemd/ripemd.c",
+ "src/decrepit/cfb/cfb.c",
+ ]
+}

Expand Down
6 changes: 6 additions & 0 deletions spec/node-spec.js
View file
Open in desktop
Expand Up @@ -396,6 +396,12 @@ describe('node feature', () => {
require('crypto').createCipheriv('aes-256-cfb', '0123456789abcdef0123456789abcdef', '0123456789abcdef');
});

it('should be able to create a bf-{cbc,cfb,ecb} ciphers', () => {
require('crypto').createCipheriv('bf-cbc', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
require('crypto').createCipheriv('bf-cfb', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
require('crypto').createCipheriv('bf-ecb', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
});

it('should list des-ede-cbc in getCiphers', () => {
expect(require('crypto').getCiphers()).to.include('des-ede-cbc');
});
Expand Down