From 81bdf853d15b203ae955229357bcaf1712ed6d14 Mon Sep 17 00:00:00 2001 From: Adrien Nader Date: Tue, 17 Dec 2024 17:18:14 +0100 Subject: [PATCH] test: skip sha128/256 createHash()/hash() on openssl 3.4 OpenSSL 3.4 has intentionally broken EVP_DigestFinal for SHAKE128 and SHAKE256 when OSSL_DIGEST_PARAM_XOFLEN is not set because a) the default length used weakened them from their maximum strength and b) a static length does not fully make sense for XOFs (which SHAKE* are). Unfortunately, while crypto.createHash accepts an option argument that can be something like `{ outputLength: 128 }`, crypto.hash doesn't offer a similar API. Therefore there is little choice but to skip the test completely for shake128 and shake256 on openssl >= 3.4. PR-URL: https://github.com/nodejs/node/pull/56294 Fixes: https://github.com/nodejs/node/issues/56159 Refs: https://github.com/openssl/openssl/commit/b911fef216d1386210ec24e201d54d709528abb4 Refs: https://github.com/openssl/openssl/commit/ad3f28c5fbd5dcbc763a650313fd666b0e339cca --- test/parallel/test-crypto-oneshot-hash.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/test/parallel/test-crypto-oneshot-hash.js b/test/parallel/test-crypto-oneshot-hash.js index 56b4c04a65a1c1..4e6f62ef852c62 100644 --- a/test/parallel/test-crypto-oneshot-hash.js +++ b/test/parallel/test-crypto-oneshot-hash.js @@ -26,7 +26,18 @@ const fs = require('fs'); assert.throws(() => { crypto.hash('sha1', 'test', 'not an encoding'); }, { code: 'ERR_INVALID_ARG_VALUE' }); // Test that the output of crypto.hash() is the same as crypto.createHash(). -const methods = crypto.getHashes(); +const methods = + crypto.getHashes() + // OpenSSL 3.4 has stopped supporting shake128 and shake256 if the output + // length is not set explicitly as the a fixed output length doesn't make a + // lot of sense for them, and the default one in OpenSSL was too short and + // unexpectedly limiting the security strength + .filter( + common.hasOpenSSL(3, 4) ? + (method) => method !== 'shake128' && method !== 'shake256' : + () => true, + ) +; const input = fs.readFileSync(fixtures.path('utf8_test_text.txt'));