-
Notifications
You must be signed in to change notification settings - Fork 15.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: backport patch to sync exposed crypto (backport: 4-0-x) (#16912)
- Loading branch information
Showing
3 changed files
with
96 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
implement_ssl_get_tlsext_status_type.patch | ||
expose_ripemd160.patch | ||
expose_aes-cfb.patch | ||
sync_sorted_ciphers.patch |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 | ||
From: Shelley Vohr <shelley.vohr@gmail.com> | ||
Date: Thu, 7 Feb 2019 11:11:35 -0800 | ||
Subject: sync EVP_get_cipherbyname with EVP_do_all_sorted | ||
|
||
EVP_get_cipherbyname should work on everything that EVP_do_all_sorted | ||
lists, and conversely, there should be nothing that | ||
EVP_get_cipherbyname works on that EVP_do_all_sorted doesn't list. | ||
This thus does that. | ||
|
||
diff --git a/crypto/cipher_extra/cipher_extra.c b/crypto/cipher_extra/cipher_extra.c | ||
index be7ef07b2c188a76890deb0f305cf92fcc57a64e..588a4773437c311877f275bf3679f9688cda3c46 100644 | ||
--- a/crypto/cipher_extra/cipher_extra.c | ||
+++ b/crypto/cipher_extra/cipher_extra.c | ||
@@ -133,6 +133,14 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) { | ||
return EVP_aes_192_ofb(); | ||
} else if (OPENSSL_strcasecmp(name, "aes-256-ofb") == 0) { | ||
return EVP_aes_256_ofb(); | ||
+ } else if (OPENSSL_strcasecmp(name, "des-ecb") == 0) { | ||
+ return EVP_des_ecb(); | ||
+ } else if (OPENSSL_strcasecmp(name, "des-ede") == 0) { | ||
+ return EVP_des_ede(); | ||
+ } else if (OPENSSL_strcasecmp(name, "des-ede-cbc") == 0) { | ||
+ return EVP_des_ede_cbc(); | ||
+ } else if (OPENSSL_strcasecmp(name, "rc2-cbc") == 0) { | ||
+ return EVP_rc2_cbc(); | ||
} | ||
|
||
return NULL; | ||
diff --git a/decrepit/evp/evp_do_all.c b/decrepit/evp/evp_do_all.c | ||
index 8b008a401ec2f2d0673f6876609dd5786cace4c2..3e88b29cb599730d2e8682070aaa4be38d06ed80 100644 | ||
--- a/decrepit/evp/evp_do_all.c | ||
+++ b/decrepit/evp/evp_do_all.c | ||
@@ -21,15 +21,21 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher, | ||
void *arg) { | ||
callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg); | ||
callback(EVP_aes_128_cfb128(), "AES-128-CFB", NULL, arg); | ||
- callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg); | ||
- callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg); | ||
- callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg); | ||
+ callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg); | ||
callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg); | ||
+ callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg); | ||
+ callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg); | ||
callback(EVP_aes_256_cfb128(), "AES-256-CFB", NULL, arg); | ||
callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg); | ||
+ callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg); | ||
+ callback(EVP_aes_192_ecb(), "AES-192-ECB", NULL, arg); | ||
callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg); | ||
+ callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg); | ||
+ callback(EVP_aes_192_ofb(), "AES-192-OFB", NULL, arg); | ||
callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg); | ||
- callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg); | ||
+ callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg); | ||
+ callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg); | ||
+ callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg); | ||
callback(EVP_des_cbc(), "DES-CBC", NULL, arg); | ||
callback(EVP_des_ecb(), "DES-ECB", NULL, arg); | ||
callback(EVP_des_ede(), "DES-EDE", NULL, arg); | ||
@@ -41,15 +47,21 @@ void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher, | ||
// OpenSSL returns everything twice, the second time in lower case. | ||
callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg); | ||
callback(EVP_aes_128_cfb128(), "aes-128-cfb", NULL, arg); | ||
- callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg); | ||
- callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg); | ||
- callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg); | ||
+ callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg); | ||
callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg); | ||
+ callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg); | ||
+ callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg); | ||
callback(EVP_aes_256_cfb128(), "aes-256-cfb", NULL, arg); | ||
callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg); | ||
+ callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg); | ||
+ callback(EVP_aes_192_ecb(), "aes-192-ecb", NULL, arg); | ||
callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg); | ||
+ callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg); | ||
+ callback(EVP_aes_192_ofb(), "aes-192-ofb", NULL, arg); | ||
callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg); | ||
- callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg); | ||
+ callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg); | ||
+ callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg); | ||
+ callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg); | ||
callback(EVP_des_cbc(), "des-cbc", NULL, arg); | ||
callback(EVP_des_ecb(), "des-ecb", NULL, arg); | ||
callback(EVP_des_ede(), "des-ede", NULL, arg); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters