Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: expose blowfish cipher family #32356

Merged
merged 7 commits into from Jan 12, 2022
Merged

feat: expose blowfish cipher family #32356

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
7466bd0
feat: expose blowfish cipher family
nornagon Jan 5, 2022
9436329
update build.gn
nornagon Jan 6, 2022
783b4f6
fix nids in cipher list
nornagon Jan 10, 2022
6869951
fix nid name for bf-cfb
nornagon Jan 10, 2022
f006123
chore: update patches
patchup[bot] Jan 10, 2022
fe0da13
Merge branch 'main' into expose-blowfish
nornagon Jan 11, 2022
19c1d92
chore: update patches
patchup[bot] Jan 11, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions patches/boringssl/.patches
View file
Open in desktop
Expand Up @@ -2,3 +2,4 @@ expose_ripemd160.patch
expose_aes-cfb.patch
expose_des-ede3.patch
fix_sync_evp_get_cipherbynid_and_evp_get_cipherbyname.patch
expose_blowfish_ciphers.patch
47 changes: 47 additions & 0 deletions patches/boringssl/expose_blowfish_ciphers.patch
View file
Open in desktop
@@ -0,0 +1,47 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Rose <nornagon@nornagon.net>
Date: Wed, 5 Jan 2022 13:08:10 -0800
Subject: expose blowfish ciphers

This exposes the (decrepit) blowfish cipher family, bf-cbc, bf-cfb and
bf-ecb through the EVP interface. This adds references to decrepit code
from non-decrepit code, so upstream is unlikely to take the patch.

diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
index cfdb69e3c556fea11aa7c2d28d4b7da524df15c3..95bd172c99874610ec9157c52df4fe0232e78c7f 100644
--- a/crypto/cipher_extra/cipher_extra.c
+++ b/crypto/cipher_extra/cipher_extra.c
@@ -89,6 +89,9 @@ static const struct {
{NID_aes_256_ecb, "aes-256-ecb", EVP_aes_256_ecb},
{NID_aes_256_gcm, "aes-256-gcm", EVP_aes_256_gcm},
{NID_aes_256_ofb128, "aes-256-ofb", EVP_aes_256_ofb},
+ {NID_bf_cbc, "bf-cbc", EVP_bf_cbc},
+ {NID_bf_cfb64, "bf-cfb", EVP_bf_cfb},
+ {NID_bf_ecb, "bf-ecb", EVP_bf_ecb},
{NID_des_cbc, "des-cbc", EVP_des_cbc},
{NID_des_ecb, "des-ecb", EVP_des_ecb},
{NID_des_ede_cbc, "des-ede-cbc", EVP_des_ede_cbc},
diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
index 5e71420b765019edea82a33884ace539cd91bda5..43fc792697519325725e9ce87801c5dc176c70a1 100644
--- a/decrepit/evp/evp_do_all.c
+++ b/decrepit/evp/evp_do_all.c
@@ -36,6 +36,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
+ callback(EVP_bf_cbc(), "BF-CBC", NULL, arg);
+ callback(EVP_bf_cfb(), "BF-CFB", NULL, arg);
+ callback(EVP_bf_ecb(), "BF-ECB", NULL, arg);
callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
callback(EVP_des_ede(), "DES-EDE", NULL, arg);
@@ -63,6 +66,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
+ callback(EVP_bf_cbc(), "bf-cbc", NULL, arg);
+ callback(EVP_bf_cfb(), "bf-cfb", NULL, arg);
+ callback(EVP_bf_ecb(), "bf-ecb", NULL, arg);
callback(EVP_des_cbc(), "des-cbc", NULL, arg);
callback(EVP_des_ecb(), "des-ecb", NULL, arg);
callback(EVP_des_ede(), "des-ede", NULL, arg);
7 changes: 4 additions & 3 deletions patches/chromium/boringssl_build_gn.patch
View file
Open in desktop
Expand Up @@ -6,10 +6,10 @@ Subject: boringssl BUILD.gn
Build BoringSSL with some extra functions that nodejs needs.

diff --git a/third_party/boringssl/BUILD.gn b/third_party/boringssl/BUILD.gn
index 68654482b9133cfd6e1e8b94fb5781f62fd44145..81f8bb74fae4d4f039dd41980bf2549c2b667aee 100644
index 68654482b9133cfd6e1e8b94fb5781f62fd44145..08a42fd486e1bc94bd8f8fb84ad7029a26981005 100644
--- a/third_party/boringssl/BUILD.gn
+++ b/third_party/boringssl/BUILD.gn
@@ -47,6 +47,19 @@ config("no_asm_config") {
@@ -47,6 +47,20 @@ config("no_asm_config") {

all_sources = crypto_sources + ssl_sources
all_headers = crypto_headers + ssl_headers
Expand All @@ -21,9 +21,10 @@ index 68654482b9133cfd6e1e8b94fb5781f62fd44145..81f8bb74fae4d4f039dd41980bf2549c
+ ]
+
+ all_sources += [
+ "src/decrepit/blowfish/blowfish.c",
+ "src/decrepit/cfb/cfb.c",
+ "src/decrepit/ripemd/internal.h",
+ "src/decrepit/ripemd/ripemd.c",
+ "src/decrepit/cfb/cfb.c",
+ ]
+}

Expand Down
6 changes: 6 additions & 0 deletions spec/node-spec.js
View file
Open in desktop
Expand Up @@ -396,6 +396,12 @@ describe('node feature', () => {
require('crypto').createCipheriv('aes-256-cfb', '0123456789abcdef0123456789abcdef', '0123456789abcdef');
});

it('should be able to create a bf-{cbc,cfb,ecb} ciphers', () => {
require('crypto').createCipheriv('bf-cbc', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
require('crypto').createCipheriv('bf-cfb', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
require('crypto').createCipheriv('bf-ecb', Buffer.from('0123456789abcdef'), Buffer.from('01234567'));
});

it('should list des-ede-cbc in getCiphers', () => {
expect(require('crypto').getCiphers()).to.include('des-ede-cbc');
});
Expand Down