build: combine and elaborate on exposed `BoringSSL` ciphers (#38522)

build: combine and elaborate on exposed BoringSSL ciphers

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <[email protected]>

patches/boringssl/.patches

@@ -1,6 +1,3 @@
 expose_ripemd160.patch
-expose_aes-cfb.patch
-expose_des-ede3.patch
-fix_sync_evp_get_cipherbynid_and_evp_get_cipherbyname.patch
-expose_blowfish_ciphers.patch
 revert_track_ssl_error_zero_return_explicitly.patch
+feat_expose_several_extra_cipher_functions.patch

patches/boringssl/expose_aes-cfb.patch

@@ -1,71 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Jeremy Apthorp <[email protected]>
-Date: Fri, 18 Jan 2019 14:23:28 -0800
-Subject: expose aes-{128,256}-cfb
-
-This exposes AES-CFB ciphers through the EVP APIs. BoringSSL has
-implementations for these ciphers, but Node doesn't realise that because
-without this patch, they're not listed in the APIs that Node uses.
-
-This should be upstreamed. See e.g.
-https://boringssl-review.googlesource.com/c/boringssl/+/33984 for a
-similar patch that was merged upstream.
-
-diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
-index 62850ab6a216d401d023f81007fb59a33b4585f3..0c30b0329d32b94b22f342f95035e927797d0aaf 100644
---- a/crypto/cipher_extra/cipher_extra.c
-+++ b/crypto/cipher_extra/cipher_extra.c
-@@ -73,6 +73,7 @@ static const struct {
-   const EVP_CIPHER *(*func)(void);
- } kCiphers[] = {
-     {NID_aes_128_cbc, "aes-128-cbc", EVP_aes_128_cbc},
-+    {NID_aes_128_cfb128, "aes-128-cfb", EVP_aes_128_cfb128},
-     {NID_aes_128_ctr, "aes-128-ctr", EVP_aes_128_ctr},
-     {NID_aes_128_ecb, "aes-128-ecb", EVP_aes_128_ecb},
-     {NID_aes_128_gcm, "aes-128-gcm", EVP_aes_128_gcm},
-@@ -83,6 +84,7 @@ static const struct {
-     {NID_aes_192_gcm, "aes-192-gcm", EVP_aes_192_gcm},
-     {NID_aes_192_ofb128, "aes-192-ofb", EVP_aes_192_ofb},
-     {NID_aes_256_cbc, "aes-256-cbc", EVP_aes_256_cbc},
-+    {NID_aes_256_cfb128, "aes-256-cfb", EVP_aes_256_cfb128},
-     {NID_aes_256_ctr, "aes-256-ctr", EVP_aes_256_ctr},
-     {NID_aes_256_ecb, "aes-256-ecb", EVP_aes_256_ecb},
-     {NID_aes_256_gcm, "aes-256-gcm", EVP_aes_256_gcm},
-diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
-index 852b76bea69988e0b3ac76a17b603128f239dde0..d443f4dc2daea0b7aa86ae75d31d995fae667ba9 100644
---- a/decrepit/evp/evp_do_all.c
-+++ b/decrepit/evp/evp_do_all.c
-@@ -20,8 +20,10 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
-                                                const char *unused, void *arg),
-                               void *arg) {
-   callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);
-+  callback(EVP_aes_128_cfb128(), "AES-128-CFB", NULL, arg);
-   callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg);
-   callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);
-+  callback(EVP_aes_256_cfb128(), "AES-256-CFB", NULL, arg);
-   callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
-   callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg);
-   callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);
-@@ -44,8 +46,10 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
- 
-   // OpenSSL returns everything twice, the second time in lower case.
-   callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);
-+  callback(EVP_aes_128_cfb128(), "aes-128-cfb", NULL, arg);
-   callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg);
-   callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);
-+  callback(EVP_aes_256_cfb128(), "aes-256-cfb", NULL, arg);
-   callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
-   callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg);
-   callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);
-diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
-index 310d7c237fd884ba715e3fa97ccf1393b6d04fbb..66e69d487fbb767438b7d0dfdf3770f54e3cf7b2 100644
---- a/include/openssl/cipher.h
-+++ b/include/openssl/cipher.h
-@@ -476,6 +476,7 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_ecb(void);
- 
- // EVP_aes_128_cfb128 is only available in decrepit.
- OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_cfb128(void);
-+OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cfb128(void);
- 
- // EVP_aes_128_cfb is an alias for |EVP_aes_128_cfb128| and is only available in
- // decrepit.

patches/boringssl/expose_blowfish_ciphers.patch

@@ -1,47 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Jeremy Rose <[email protected]>
-Date: Wed, 5 Jan 2022 13:08:10 -0800
-Subject: expose blowfish ciphers
-
-This exposes the (decrepit) blowfish cipher family, bf-cbc, bf-cfb and
-bf-ecb through the EVP interface. This adds references to decrepit code
-from non-decrepit code, so upstream is unlikely to take the patch.
-
-diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
-index cfdb69e3c556fea11aa7c2d28d4b7da524df15c3..95bd172c99874610ec9157c52df4fe0232e78c7f 100644
---- a/crypto/cipher_extra/cipher_extra.c
-+++ b/crypto/cipher_extra/cipher_extra.c
-@@ -89,6 +89,9 @@ static const struct {
-     {NID_aes_256_ecb, "aes-256-ecb", EVP_aes_256_ecb},
-     {NID_aes_256_gcm, "aes-256-gcm", EVP_aes_256_gcm},
-     {NID_aes_256_ofb128, "aes-256-ofb", EVP_aes_256_ofb},
-+    {NID_bf_cbc, "bf-cbc", EVP_bf_cbc},
-+    {NID_bf_cfb64, "bf-cfb", EVP_bf_cfb},
-+    {NID_bf_ecb, "bf-ecb", EVP_bf_ecb},
-     {NID_des_cbc, "des-cbc", EVP_des_cbc},
-     {NID_des_ecb, "des-ecb", EVP_des_ecb},
-     {NID_des_ede_cbc, "des-ede-cbc", EVP_des_ede_cbc},
-diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
-index 5e71420b765019edea82a33884ace539cd91bda5..43fc792697519325725e9ce87801c5dc176c70a1 100644
---- a/decrepit/evp/evp_do_all.c
-+++ b/decrepit/evp/evp_do_all.c
-@@ -36,6 +36,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
-   callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
-   callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
-   callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
-+  callback(EVP_bf_cbc(), "BF-CBC", NULL, arg);
-+  callback(EVP_bf_cfb(), "BF-CFB", NULL, arg);
-+  callback(EVP_bf_ecb(), "BF-ECB", NULL, arg);
-   callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
-   callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
-   callback(EVP_des_ede(), "DES-EDE", NULL, arg);
-@@ -63,6 +66,9 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
-   callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
-   callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
-   callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
-+  callback(EVP_bf_cbc(), "bf-cbc", NULL, arg);
-+  callback(EVP_bf_cfb(), "bf-cfb", NULL, arg);
-+  callback(EVP_bf_ecb(), "bf-ecb", NULL, arg);
-   callback(EVP_des_cbc(), "des-cbc", NULL, arg);
-   callback(EVP_des_ecb(), "des-ecb", NULL, arg);
-   callback(EVP_des_ede(), "des-ede", NULL, arg);

patches/boringssl/expose_des-ede3.patch

@@ -1,39 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Jeremy Rose <[email protected]>
-Date: Wed, 24 Feb 2021 11:08:34 -0800
-Subject: expose des-ede3
-
-This should be upstreamed.
-
-diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
-index 0c30b0329d32b94b22f342f95035e927797d0aaf..d97f67fb03756169446edf6b41d3a33fe3ae8205 100644
---- a/crypto/cipher_extra/cipher_extra.c
-+++ b/crypto/cipher_extra/cipher_extra.c
-@@ -93,6 +93,7 @@ static const struct {
-     {NID_des_ecb, "des-ecb", EVP_des_ecb},
-     {NID_des_ede_cbc, "des-ede-cbc", EVP_des_ede_cbc},
-     {NID_des_ede_ecb, "des-ede", EVP_des_ede},
-+    {NID_des_ede3_ecb, "des-ede3", EVP_des_ede3},
-     {NID_des_ede3_cbc, "des-ede3-cbc", EVP_des_ede3_cbc},
-     {NID_rc2_cbc, "rc2-cbc", EVP_rc2_cbc},
-     {NID_rc4, "rc4", EVP_rc4},
-diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
-index d443f4dc2daea0b7aa86ae75d31d995fae667ba9..5e71420b765019edea82a33884ace539cd91bda5 100644
---- a/decrepit/evp/evp_do_all.c
-+++ b/decrepit/evp/evp_do_all.c
-@@ -39,6 +39,7 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
-   callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
-   callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
-   callback(EVP_des_ede(), "DES-EDE", NULL, arg);
-+  callback(EVP_des_ede3(), "DES-EDE3", NULL, arg);
-   callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg);
-   callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg);
-   callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg);
-@@ -65,6 +66,7 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
-   callback(EVP_des_cbc(), "des-cbc", NULL, arg);
-   callback(EVP_des_ecb(), "des-ecb", NULL, arg);
-   callback(EVP_des_ede(), "des-ede", NULL, arg);
-+  callback(EVP_des_ede3(), "des-ede3", NULL, arg);
-   callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg);
-   callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg);
-   callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg);

patches/boringssl/feat_expose_several_extra_cipher_functions.patch

@@ -0,0 +1,131 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Shelley Vohr <[email protected]>
+Date: Wed, 31 May 2023 11:36:48 +0200
+Subject: feat: expose several extra cipher functions
+
+This patch exposes the following ciphers:
+
+AES_CFB Ciphers: aes-128-cfb, aes-256-cfb
+
+Implementations for these ciphers exist but aren't exposed, so they're
+unusable without this patch. We should upstream this as similar
+patches for implemented cipher functions have been accepted.
+
+Blowfish Ciphers: bf-cbc, bf-cfb, bf-ecb
+
+The addition of Blowfish ciphers adds references decrepit code
+from non-decrepit code, so upstream is unlikely to take the patch.
+
+DES Ciphers: des-ede3
+
+An implementation for this cipher exists but isn't exposed, so it's
+unusable without this patch. Akin to the AES_CFB exposures, we should
+upstream this as similar patches for implemented cipher functions have
+been accepted.
+
+RC2 Ciphers: rc2-40-cbc
+
+It's unclear whether this would be accepted upstream. We should try regardless.
+
+diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
+index 62850ab6a216d401d023f81007fb59a33b4585f3..95bd172c99874610ec9157c52df4fe0232e78c7f 100644
+--- a/crypto/cipher_extra/cipher_extra.c
++++ b/crypto/cipher_extra/cipher_extra.c
+@@ -73,6 +73,7 @@ static const struct {
+   const EVP_CIPHER *(*func)(void);
+ } kCiphers[] = {
+     {NID_aes_128_cbc, "aes-128-cbc", EVP_aes_128_cbc},
++    {NID_aes_128_cfb128, "aes-128-cfb", EVP_aes_128_cfb128},
+     {NID_aes_128_ctr, "aes-128-ctr", EVP_aes_128_ctr},
+     {NID_aes_128_ecb, "aes-128-ecb", EVP_aes_128_ecb},
+     {NID_aes_128_gcm, "aes-128-gcm", EVP_aes_128_gcm},
+@@ -83,17 +84,23 @@ static const struct {
+     {NID_aes_192_gcm, "aes-192-gcm", EVP_aes_192_gcm},
+     {NID_aes_192_ofb128, "aes-192-ofb", EVP_aes_192_ofb},
+     {NID_aes_256_cbc, "aes-256-cbc", EVP_aes_256_cbc},
++    {NID_aes_256_cfb128, "aes-256-cfb", EVP_aes_256_cfb128},
+     {NID_aes_256_ctr, "aes-256-ctr", EVP_aes_256_ctr},
+     {NID_aes_256_ecb, "aes-256-ecb", EVP_aes_256_ecb},
+     {NID_aes_256_gcm, "aes-256-gcm", EVP_aes_256_gcm},
+     {NID_aes_256_ofb128, "aes-256-ofb", EVP_aes_256_ofb},
++    {NID_bf_cbc, "bf-cbc", EVP_bf_cbc},
++    {NID_bf_cfb64, "bf-cfb", EVP_bf_cfb},
++    {NID_bf_ecb, "bf-ecb", EVP_bf_ecb},
+     {NID_des_cbc, "des-cbc", EVP_des_cbc},
+     {NID_des_ecb, "des-ecb", EVP_des_ecb},
+     {NID_des_ede_cbc, "des-ede-cbc", EVP_des_ede_cbc},
+     {NID_des_ede_ecb, "des-ede", EVP_des_ede},
++    {NID_des_ede3_ecb, "des-ede3", EVP_des_ede3},
+     {NID_des_ede3_cbc, "des-ede3-cbc", EVP_des_ede3_cbc},
+     {NID_rc2_cbc, "rc2-cbc", EVP_rc2_cbc},
+     {NID_rc4, "rc4", EVP_rc4},
++    {NID_rc2_40_cbc, "rc2-40-cbc", EVP_rc2_40_cbc}
+ };
+ 
+ const EVP_CIPHER *EVP_get_cipherbynid(int nid) {
+diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c
+index 852b76bea69988e0b3ac76a17b603128f239dde0..43fc792697519325725e9ce87801c5dc176c70a1 100644
+--- a/decrepit/evp/evp_do_all.c
++++ b/decrepit/evp/evp_do_all.c
+@@ -20,8 +20,10 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+                                                const char *unused, void *arg),
+                               void *arg) {
+   callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);
++  callback(EVP_aes_128_cfb128(), "AES-128-CFB", NULL, arg);
+   callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg);
+   callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);
++  callback(EVP_aes_256_cfb128(), "AES-256-CFB", NULL, arg);
+   callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
+   callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg);
+   callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);
+@@ -34,9 +36,13 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+   callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
+   callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
+   callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
++  callback(EVP_bf_cbc(), "BF-CBC", NULL, arg);
++  callback(EVP_bf_cfb(), "BF-CFB", NULL, arg);
++  callback(EVP_bf_ecb(), "BF-ECB", NULL, arg);
+   callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
+   callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
+   callback(EVP_des_ede(), "DES-EDE", NULL, arg);
++  callback(EVP_des_ede3(), "DES-EDE3", NULL, arg);
+   callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg);
+   callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg);
+   callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg);
+@@ -44,8 +50,10 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+ 
+   // OpenSSL returns everything twice, the second time in lower case.
+   callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);
++  callback(EVP_aes_128_cfb128(), "aes-128-cfb", NULL, arg);
+   callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg);
+   callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);
++  callback(EVP_aes_256_cfb128(), "aes-256-cfb", NULL, arg);
+   callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
+   callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg);
+   callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);
+@@ -58,9 +66,13 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
+   callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
+   callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
+   callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
++  callback(EVP_bf_cbc(), "bf-cbc", NULL, arg);
++  callback(EVP_bf_cfb(), "bf-cfb", NULL, arg);
++  callback(EVP_bf_ecb(), "bf-ecb", NULL, arg);
+   callback(EVP_des_cbc(), "des-cbc", NULL, arg);
+   callback(EVP_des_ecb(), "des-ecb", NULL, arg);
+   callback(EVP_des_ede(), "des-ede", NULL, arg);
++  callback(EVP_des_ede3(), "des-ede3", NULL, arg);
+   callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg);
+   callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg);
+   callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg);
+diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
+index 310d7c237fd884ba715e3fa97ccf1393b6d04fbb..66e69d487fbb767438b7d0dfdf3770f54e3cf7b2 100644
+--- a/include/openssl/cipher.h
++++ b/include/openssl/cipher.h
+@@ -476,6 +476,7 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_ecb(void);
+ 
+ // EVP_aes_128_cfb128 is only available in decrepit.
+ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_cfb128(void);
++OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cfb128(void);
+ 
+ // EVP_aes_128_cfb is an alias for |EVP_aes_128_cfb128| and is only available in
+ // decrepit.

patches/boringssl/fix_sync_evp_get_cipherbynid_and_evp_get_cipherbyname.patch

@@ -1,25 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Shelley Vohr <[email protected]>
-Date: Mon, 28 Jun 2021 10:41:09 +0200
-Subject: fix: sync EVP_get_cipherbynid and EVP_get_cipherbyname
-
-This commit syncs the results of EVP_get_cipherbynid and
-EVP_get_cipherbyname. Node.js logic assumes that calling EVP_get_cipherbynid
-on a NID returned from a call to `getCipherInfo` with the cipher name
-will return the same cipher information - this assumption holds in OpenSSL
-and should also hold in BoringSSL.
-
-This will be upstreamed.
-
-diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c
-index d97f67fb03756169446edf6b41d3a33fe3ae8205..cfdb69e3c556fea11aa7c2d28d4b7da524df15c3 100644
---- a/crypto/cipher_extra/cipher_extra.c
-+++ b/crypto/cipher_extra/cipher_extra.c
-@@ -97,6 +97,7 @@ static const struct {
-     {NID_des_ede3_cbc, "des-ede3-cbc", EVP_des_ede3_cbc},
-     {NID_rc2_cbc, "rc2-cbc", EVP_rc2_cbc},
-     {NID_rc4, "rc4", EVP_rc4},
-+    {NID_rc2_40_cbc, "rc2-40-cbc", EVP_rc2_40_cbc}
- };
- 
- const EVP_CIPHER *EVP_get_cipherbynid(int nid) {