From 6372fca9467c39522f40c748ee136fe5d7fb3697 Mon Sep 17 00:00:00 2001
From: Adrien Nader <adrien.nader@canonical.com>
Date: Tue, 17 Dec 2024 17:18:14 +0100
Subject: [PATCH] test: skip sha128/256 createHash()/hash() on openssl 3.4.

OpenSSL 3.4 has intentionally broken EVP_DigestFinal for SHAKE128 and
SHAKE256 when OSSL_DIGEST_PARAM_XOFLEN is not set because a) the default
length used weakened them from their maximum strength and b) a static
length does not fully make sense for XOFs (which SHAKE* are).

Unfortunately, while crypto.createHash accepts an option argument that can
be something like `{ outputLength: 128 }`, crypto.hash doesn't offer a
similar API. Therefore there is little choice but to skip the test
completely for shake128 and shake256 on openssl >= 3.4.

Fixes: https://github.com/nodejs/node/issues/56159
Refs: https://github.com/openssl/openssl/commit/b911fef216d1386210ec24e201d54d709528abb4
Refs: https://github.com/openssl/openssl/commit/ad3f28c5fbd5dcbc763a650313fd666b0e339cca
---
 test/parallel/test-crypto-oneshot-hash.js | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/test/parallel/test-crypto-oneshot-hash.js b/test/parallel/test-crypto-oneshot-hash.js
index 56b4c04a65a1c1..ba8db856352e6a 100644
--- a/test/parallel/test-crypto-oneshot-hash.js
+++ b/test/parallel/test-crypto-oneshot-hash.js
@@ -32,12 +32,14 @@ const input = fs.readFileSync(fixtures.path('utf8_test_text.txt'));
 
 for (const method of methods) {
   for (const outputEncoding of ['buffer', 'hex', 'base64', undefined]) {
-    const oldDigest = crypto.createHash(method).update(input).digest(outputEncoding || 'hex');
-    const digestFromBuffer = crypto.hash(method, input, outputEncoding);
-    assert.deepStrictEqual(digestFromBuffer, oldDigest,
-                           `different result from ${method} with encoding ${outputEncoding}`);
-    const digestFromString = crypto.hash(method, input.toString(), outputEncoding);
-    assert.deepStrictEqual(digestFromString, oldDigest,
-                           `different result from ${method} with encoding ${outputEncoding}`);
+    if (method !== 'shake128' && method !== 'shake256' || !common.hasOpenSSL(3, 4)) {
+      const oldDigest = crypto.createHash(method).update(input).digest(outputEncoding || 'hex');
+      const digestFromBuffer = crypto.hash(method, input, outputEncoding);
+      assert.deepStrictEqual(digestFromBuffer, oldDigest,
+                             `different result from ${method} with encoding ${outputEncoding}`);
+      const digestFromString = crypto.hash(method, input.toString(), outputEncoding);
+      assert.deepStrictEqual(digestFromString, oldDigest,
+                             `different result from ${method} with encoding ${outputEncoding}`);
+    }
   }
 }