chore: bump node to v22.14.0 (main) (#45578)

* chore: bump node in DEPS to v22.14.0 * src: move more crypto impl detail to ncrypto dep https://github.com/nodejs/node/pull/56421 * test: move crypto related common utilities in common/crypto https://github.com/nodejs/node/pull/56714 * module: add findPackageJSON util https://github.com/nodejs/node/pull/55412 * module: mark evaluation rejection in require(esm) as handled https://github.com/nodejs/node/pull/56122 * chore: fixup patch indices * deps: move inspector_protocol to deps https://github.com/nodejs/node/pull/56649 * fixup! src: move more crypto impl detail to ncrypto dep * fixup! deps: move inspector_protocol to deps * fixup! src: move more crypto impl detail to ncrypto dep * crypto: fix checkPrime crash with large buffers https://github.com/nodejs/node/pull/56559 * tls: fix error stack conversion in cryptoErrorListToException() https://github.com/nodejs/node/pull/56554 * module: add findPackageJSON util https://github.com/nodejs/node/pull/55412 Our revert of native legacyMainResolve makes this very difficult to make work, so disable for now. * lib: add typescript support to STDIN eval https://github.com/nodejs/node/pull/56359 --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
2026-01-09 07:28:12 -05:00 · 2025-02-14 11:05:01 +01:00
parent 2af57c4b6a
commit a841d6484c
86 changed files with 729 additions and 526 deletions
--- a/patches/node/fix_crypto_tests_to_run_with_bssl.patch
+++ b/patches/node/fix_crypto_tests_to_run_with_bssl.patch
@@ -11,19 +11,19 @@ before it's acceptable to upstream, as this patch comments out a couple
 of tests that upstream probably cares about.

 diff --git a/test/common/index.js b/test/common/index.js
-index d1eaf6e69f603b0a7037e44be6ef185283972090..e3f26d32dbad2e4ccb47dea028dbf1a855525cfb 100644
+index 92c7294e6f6298f511b5a289e1e0e3a4be68cc77..63a350c5ed912a785b042a238c064c98ed423af4 100644
 --- a/test/common/index.js
 +++ b/test/common/index.js
-@@ -65,6 +65,8 @@ const opensslVersionNumber = (major = 0, minor = 0, patch = 0) => {
-   return (major << 28) | (minor << 20) | (patch << 4);
- };
+@@ -56,6 +56,8 @@ const hasCrypto = Boolean(process.versions.openssl) &&
+ 
+ const hasQuic = hasCrypto && !!process.config.variables.openssl_quic;
 
 +const openSSLIsBoringSSL = process.versions.openssl === '0.0.0';
 +
- let OPENSSL_VERSION_NUMBER;
- const hasOpenSSL = (major = 0, minor = 0, patch = 0) => {
-   if (!hasCrypto) return false;
-@@ -1008,6 +1010,7 @@ const common = {
+ function parseTestFlags(filename = process.argv[1]) {
+   // The copyright notice is relatively big and the flags could come afterwards.
+   const bytesToRead = 1500;
+@@ -889,6 +891,7 @@ const common = {
   mustNotMutateObjectDeep,
   mustSucceed,
   nodeProcessAborted,
@@ -95,10 +95,10 @@ index 4a5f1f149fe6c739f7f1d2ee17df6e61a942d621..b3287f428ce6b3fde11d449c601a57ff
 
 {
 diff --git a/test/parallel/test-crypto-cipheriv-decipheriv.js b/test/parallel/test-crypto-cipheriv-decipheriv.js
-index 3e3632203af72c54f2795d8de0cf345862a043bb..a066bbb803d41d9d1f26a02e41115b71233988d6 100644
+index 88d07c3b957f57b85861542d174a0fd0ba8ceb66..1f430197579ff5f31322bfa0fa5e92e4c58588e2 100644
 --- a/test/parallel/test-crypto-cipheriv-decipheriv.js
 +++ b/test/parallel/test-crypto-cipheriv-decipheriv.js
-@@ -60,6 +60,10 @@ function testCipher2(key, iv) {
+@@ -62,6 +62,10 @@ function testCipher2(key, iv) {
 
 
 function testCipher3(key, iv) {
@@ -123,10 +123,10 @@ index 81a469c226c261564dee1e0b06b6571b18a41f1f..58b66045dba4201b7ebedd78b129420f
 
 const availableCurves = new Set(crypto.getCurves());
 diff --git a/test/parallel/test-crypto-dh-errors.js b/test/parallel/test-crypto-dh-errors.js
-index 476ca64b4425b5b8b0fa2dc8352ee6f03d563813..2250a8f24a875d6af198426891870b450078ee5f 100644
+index 0af4db0310750cea9350ecff7fc44404c6df6c83..85ab03f6019989ad4fe93b779c3b4772ce1f5130 100644
 --- a/test/parallel/test-crypto-dh-errors.js
 +++ b/test/parallel/test-crypto-dh-errors.js
-@@ -32,9 +32,9 @@ for (const bits of [-1, 0, 1]) {
+@@ -33,9 +33,9 @@ for (const bits of [-1, 0, 1]) {
     });
   } else {
     assert.throws(() => crypto.createDiffieHellman(bits), {
@@ -139,12 +139,12 @@ index 476ca64b4425b5b8b0fa2dc8352ee6f03d563813..2250a8f24a875d6af198426891870b45
   }
 }
 diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
-index 9ebe14011eed223994e0901bc22dcc582b4b0739..e78f90eb76380916ce7098fb517c83a954edb053 100644
+index d7ffbe5eca92734aa2380f482c7f9bfe7e2a36c7..21ab2333431ea70bdf98dde43624e0b712566395 100644
 --- a/test/parallel/test-crypto-dh.js
 +++ b/test/parallel/test-crypto-dh.js
-@@ -55,18 +55,17 @@ const crypto = require('crypto');
+@@ -60,18 +60,17 @@ const {
   let wrongBlockLength;
-   if (common.hasOpenSSL3) {
+   if (hasOpenSSL3) {
     wrongBlockLength = {
 -      message: 'error:1C80006B:Provider routines::wrong final block length',
 -      code: 'ERR_OSSL_WRONG_FINAL_BLOCK_LENGTH',
@@ -169,9 +169,9 @@ index 9ebe14011eed223994e0901bc22dcc582b4b0739..e78f90eb76380916ce7098fb517c83a9
     };
   }
 
-@@ -93,17 +92,23 @@ const crypto = require('crypto');
+@@ -98,17 +97,23 @@ const {
       dh3.computeSecret('');
-     }, { message: common.hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
+     }, { message: hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
       'Unspecified validation error' :
 -      'Supplied key is too small' });
 +      'Supplied key is invalid' });
@@ -237,43 +237,36 @@ index d22281abbd5c3cab3aaa3ac494301fa6b4a8a968..5f0c6a4aed2e868a1a1049212edf2187
 s.pipe(h).on('data', common.mustCall(function(c) {
   assert.strictEqual(c, expect);
 diff --git a/test/parallel/test-crypto-hash.js b/test/parallel/test-crypto-hash.js
-index 83218c105a4596e0ae0381136f176bb8d759899e..afb3c8c592d2a8e2a053fd44f455af06c592a85e 100644
+index 61145aee0727fbe0b9781acdb3eeb641e7010729..fd7d4bd7d3f86caa30ffd03ea880eeac023bbcbb 100644
 --- a/test/parallel/test-crypto-hash.js
 +++ b/test/parallel/test-crypto-hash.js
-@@ -182,6 +182,7 @@ assert.throws(
+@@ -183,7 +183,7 @@ assert.throws(
+ }
 
 // Test XOF hash functions and the outputLength option.
- {
-+  /*
-   // Default outputLengths.
-   assert.strictEqual(crypto.createHash('shake128').digest('hex'),
-                      '7f9c2ba4e88f827d616045507605853e');
-@@ -236,6 +237,7 @@ assert.throws(
-   assert.strictEqual(superLongHash.length, 2 * 1024 * 1024);
-   assert.ok(superLongHash.endsWith('193414035ddba77bf7bba97981e656ec'));
-   assert.ok(superLongHash.startsWith('a2a28dbc49cfd6e5d6ceea3d03e77748'));
-+  */
- 
-   // Non-XOF hash functions should accept valid outputLength options as well.
-   assert.strictEqual(crypto.createHash('sha224', { outputLength: 28 })
+-{
+if (!common.openSSLIsBoringSSL) {
+   // Default outputLengths. Since OpenSSL 3.4 an outputLength is mandatory
+   if (!hasOpenSSL(3, 4)) {
+     assert.strictEqual(crypto.createHash('shake128').digest('hex'),
 diff --git a/test/parallel/test-crypto-hkdf.js b/test/parallel/test-crypto-hkdf.js
-index ff3abdf291efcd076b36e755de4147b0aad0b345..d29854cf0c0ce89f84c912def672e7c4e11427a3 100644
+index 3f7e61e9b2ebc0ca7c367d7c229afe9ab87762b8..36bd78105d153b75b42e4736f11d80a257916607 100644
 --- a/test/parallel/test-crypto-hkdf.js
 +++ b/test/parallel/test-crypto-hkdf.js
-@@ -124,8 +124,6 @@ const algorithms = [
+@@ -125,7 +125,7 @@ const algorithms = [
   ['sha256', '', 'salt', '', 10],
   ['sha512', 'secret', 'salt', '', 15],
 ];
-if (!common.hasOpenSSL3)
-  algorithms.push(['whirlpool', 'secret', '', 'info', 20]);
+-if (!hasOpenSSL3)
+if (!hasOpenSSL3 && !common.openSSLIsBoringSSL)
+   algorithms.push(['whirlpool', 'secret', '', 'info', 20]);
 
 algorithms.forEach(([ hash, secret, salt, info, length ]) => {
-   {
 diff --git a/test/parallel/test-crypto-padding.js b/test/parallel/test-crypto-padding.js
-index f1f14b472997e76bb4100edb1c6cf4fc24d1074d..5057e3f9bc5bb78aceffa5e79530f8ceed84e6f7 100644
+index 48cd1ed4df61aaddeee8785cb90f83bdd9628187..a18aeb2bdffcc7a7e9ef12328b849994e39d6c27 100644
 --- a/test/parallel/test-crypto-padding.js
 +++ b/test/parallel/test-crypto-padding.js
-@@ -87,10 +87,9 @@ assert.throws(function() {
+@@ -88,10 +88,9 @@ assert.throws(function() {
   code: 'ERR_OSSL_WRONG_FINAL_BLOCK_LENGTH',
   reason: 'wrong final block length',
 } : {
@@ -287,7 +280,7 @@ index f1f14b472997e76bb4100edb1c6cf4fc24d1074d..5057e3f9bc5bb78aceffa5e79530f8ce
 }
 );
 
-@@ -114,10 +113,9 @@ assert.throws(function() {
+@@ -115,10 +114,9 @@ assert.throws(function() {
   reason: 'bad decrypt',
   code: 'ERR_OSSL_BAD_DECRYPT',
 } : {
@@ -301,11 +294,29 @@ index f1f14b472997e76bb4100edb1c6cf4fc24d1074d..5057e3f9bc5bb78aceffa5e79530f8ce
 });
 
 // No-pad encrypted string should return the same:
+diff --git a/test/parallel/test-crypto-prime.js b/test/parallel/test-crypto-prime.js
+index 5ffdc1394282be046150e3759f82f8787f5604f7..e1c7a7b4824a2df20a405355696022398216fa4f 100644
+--- a/test/parallel/test-crypto-prime.js
+++ b/test/parallel/test-crypto-prime.js
+@@ -259,11 +259,11 @@ for (const checks of [-(2 ** 31), -1, 2 ** 31, 2 ** 32 - 1, 2 ** 32, 2 ** 50]) {
+   bytes[0] = 0x1;
+   assert.throws(() => checkPrime(bytes, common.mustNotCall()), {
+     code: 'ERR_OSSL_BN_BIGNUM_TOO_LONG',
+-    message: /bignum too long/
+    message: /bignum[_ ]too[_ ]long/i
+   });
+   assert.throws(() => checkPrimeSync(bytes), {
+     code: 'ERR_OSSL_BN_BIGNUM_TOO_LONG',
+-    message: /bignum too long/
+    message: /bignum[_ ]too[_ ]long/i
+   });
+ }
+ 
 diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js
-index 5f4fafdfffbf726b7cb39c472baa3df25c9794cf..d52376da2cddd90adcdf8a9b7dcd03e348d9f2b4 100644
+index dcd5045daaf58c60e27c1e2f7941033302241339..6ac75565792b92a97c622baba73f821d754b8d01 100644
 --- a/test/parallel/test-crypto-rsa-dsa.js
 +++ b/test/parallel/test-crypto-rsa-dsa.js
-@@ -28,12 +28,11 @@ const dsaPkcs8KeyPem = fixtures.readKey('dsa_private_pkcs8.pem');
+@@ -29,12 +29,11 @@ const dsaPkcs8KeyPem = fixtures.readKey('dsa_private_pkcs8.pem');
 const ec = new TextEncoder();
 
 const openssl1DecryptError = {
@@ -322,34 +333,25 @@ index 5f4fafdfffbf726b7cb39c472baa3df25c9794cf..d52376da2cddd90adcdf8a9b7dcd03e3
 +  library: /digital envelope routines|Cipher functions/,
 };
 
- const decryptError = common.hasOpenSSL3 ?
-@@ -222,7 +221,8 @@ function test_rsa(padding, encryptOaepHash, decryptOaepHash) {
+ const decryptError = hasOpenSSL3 ?
+@@ -223,7 +222,7 @@ function test_rsa(padding, encryptOaepHash, decryptOaepHash) {
   }, bufferToEncrypt);
 
 
 -  if (padding === constants.RSA_PKCS1_PADDING) {
-+  // BoringSSL does not support RSA_PKCS1_PADDING.
-+  if (false) {
+  if (!common.openSSLIsBoringSSL) {
     if (!process.config.variables.node_shared_openssl) {
       assert.throws(() => {
         crypto.privateDecrypt({
-@@ -466,10 +466,10 @@ assert.throws(() => {
-   assert.strictEqual(verify2.verify(publicKey, signature, 'hex'), true);
- }
- 
-
+@@ -471,7 +470,7 @@ assert.throws(() => {
 //
 // Test DSA signing and verification
 //
+-{
 +if (!common.openSSLIsBoringSSL) {
- {
   const input = 'I AM THE WALRUS';
 
-@@ -541,3 +541,4 @@ const input = 'I AM THE WALRUS';
- 
-   assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true);
- }
-+}
+   // DSA signatures vary across runs so there is no static string to verify
 diff --git a/test/parallel/test-crypto-scrypt.js b/test/parallel/test-crypto-scrypt.js
 index 338a19b0e88ad6f08d2f6b6a5d38b9980996ce11..a4ee215575d072450ba66c558ddca88bfb23d85f 100644
 --- a/test/parallel/test-crypto-scrypt.js
@@ -364,10 +366,10 @@ index 338a19b0e88ad6f08d2f6b6a5d38b9980996ce11..a4ee215575d072450ba66c558ddca88b
   };
   assert.throws(() => crypto.scrypt('pass', 'salt', 1, options, () => {}),
 diff --git a/test/parallel/test-crypto-sign-verify.js b/test/parallel/test-crypto-sign-verify.js
-index 8a263ec3350f5540591ac02e70fa2f552b9ac477..dcc4c2ec816d28f1b27df1c358cfce66f1a3a03b 100644
+index 0589d60736e377f24dc8550f87a6b7624173fc44..547f22cdc130cf0c68d117f92068e3ac53a0efc2 100644
 --- a/test/parallel/test-crypto-sign-verify.js
 +++ b/test/parallel/test-crypto-sign-verify.js
-@@ -29,7 +29,7 @@ const keySize = 2048;
+@@ -33,7 +33,7 @@ const keySize = 2048;
 }
 
 // Test handling of exceptional conditions
@@ -376,10 +378,10 @@ index 8a263ec3350f5540591ac02e70fa2f552b9ac477..dcc4c2ec816d28f1b27df1c358cfce66
   const library = {
     configurable: true,
     set() {
-@@ -341,15 +341,17 @@ assert.throws(
+@@ -345,15 +345,15 @@ assert.throws(
         padding: crypto.constants.RSA_PKCS1_OAEP_PADDING
       });
-   }, common.hasOpenSSL3 ? {
+   }, hasOpenSSL3 ? {
 -    code: 'ERR_OSSL_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE',
 -    message: /illegal or unsupported padding mode/,
 +    code: /^ERR_OSSL_(RSA|EVP)_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE$/,
@@ -387,18 +389,18 @@ index 8a263ec3350f5540591ac02e70fa2f552b9ac477..dcc4c2ec816d28f1b27df1c358cfce66
   } : {
 -    code: 'ERR_OSSL_RSA_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE',
 -    message: /illegal or unsupported padding mode/,
+-    opensslErrorStack: [
 +    code: /^ERR_OSSL_(RSA|EVP)_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE$/,
 +    message: /illegal or unsupported padding mode|ILLEGAL_OR_UNSUPPORTED_PADDING_MODE/,
-+    /*
-     opensslErrorStack: [
+    /*opensslErrorStack: [
       'error:06089093:digital envelope routines:EVP_PKEY_CTX_ctrl:' +
       'command not supported',
-     ],
-+    */
+-    ],
+    ],*/
   });
 }
 
-@@ -419,10 +421,12 @@ assert.throws(
+@@ -423,10 +423,12 @@ assert.throws(
     public: fixtures.readKey('ed25519_public.pem', 'ascii'),
     algo: null,
     sigLen: 64 },
@@ -411,7 +413,7 @@ index 8a263ec3350f5540591ac02e70fa2f552b9ac477..dcc4c2ec816d28f1b27df1c358cfce66
   { private: fixtures.readKey('rsa_private_2048.pem', 'ascii'),
     public: fixtures.readKey('rsa_public_2048.pem', 'ascii'),
     algo: 'sha1',
-@@ -493,7 +497,7 @@ assert.throws(
+@@ -497,7 +499,7 @@ assert.throws(
 
 {
   const data = Buffer.from('Hello world');
@@ -421,10 +423,10 @@ index 8a263ec3350f5540591ac02e70fa2f552b9ac477..dcc4c2ec816d28f1b27df1c358cfce66
   for (const [file, length] of keys) {
     const privKey = fixtures.readKey(file);
 diff --git a/test/parallel/test-crypto-stream.js b/test/parallel/test-crypto-stream.js
-index 008ab129f0e019c659eecf5a76b7eb412c947fe3..6688f5d916f50e1e4fcfff1619c8634a3233f820 100644
+index 62be4eaf6edfb01ce275e7db3e56b51d09ac66ce..3fb6cd833d959d1c3c8522ebacc8f18352672628 100644
 --- a/test/parallel/test-crypto-stream.js
 +++ b/test/parallel/test-crypto-stream.js
-@@ -76,10 +76,10 @@ cipher.pipe(decipher)
+@@ -78,10 +78,10 @@ cipher.pipe(decipher)
     library: 'Provider routines',
     reason: 'bad decrypt',
   } : {
@@ -440,10 +442,10 @@ index 008ab129f0e019c659eecf5a76b7eb412c947fe3..6688f5d916f50e1e4fcfff1619c8634a
 
 cipher.end('Papaya!');  // Should not cause an unhandled exception.
 diff --git a/test/parallel/test-crypto-x509.js b/test/parallel/test-crypto-x509.js
-index bd906c25b9ee194ff34fe5fb8ecb68d7a672138c..5b631a32d07bd916ff7cd847e52b26f694bd00c6 100644
+index f75e1d63470bfb7ce7fb354118b87a1a6fe5e4cc..5c0852e83a466ab4b255e8c9c9a33aca1beb9b94 100644
 --- a/test/parallel/test-crypto-x509.js
 +++ b/test/parallel/test-crypto-x509.js
-@@ -96,8 +96,10 @@ const der = Buffer.from(
+@@ -97,8 +97,10 @@ const der = Buffer.from(
   assert.strictEqual(x509.infoAccess, infoAccessCheck);
   assert.strictEqual(x509.validFrom, 'Sep  3 21:40:37 2022 GMT');
   assert.strictEqual(x509.validTo, 'Jun 17 21:40:37 2296 GMT');
@@ -454,7 +456,7 @@ index bd906c25b9ee194ff34fe5fb8ecb68d7a672138c..5b631a32d07bd916ff7cd847e52b26f6
   assert.strictEqual(
     x509.fingerprint,
     '8B:89:16:C4:99:87:D2:13:1A:64:94:36:38:A5:32:01:F0:95:3B:53');
-@@ -325,6 +327,7 @@ oans248kpal88CGqsN2so/wZKxVnpiXlPHMdiNL7hRSUqlHkUi07FrP2Htg8kjI=
+@@ -326,6 +328,7 @@ oans248kpal88CGqsN2so/wZKxVnpiXlPHMdiNL7hRSUqlHkUi07FrP2Htg8kjI=
     legacyObjectCheck.serialNumberPattern);
 }
 
@@ -462,7 +464,7 @@ index bd906c25b9ee194ff34fe5fb8ecb68d7a672138c..5b631a32d07bd916ff7cd847e52b26f6
 {
   // This X.509 Certificate can be parsed by OpenSSL because it contains a
   // structurally sound TBSCertificate structure. However, the SPKI field of the
-@@ -363,6 +366,7 @@ UcXd/5qu2GhokrKU2cPttU+XAN2Om6a0
+@@ -364,6 +367,7 @@ UcXd/5qu2GhokrKU2cPttU+XAN2Om6a0
 
   assert.strictEqual(cert.checkIssued(cert), false);
 }
@@ -470,7 +472,7 @@ index bd906c25b9ee194ff34fe5fb8ecb68d7a672138c..5b631a32d07bd916ff7cd847e52b26f6
 
 {
   // Test date parsing of `validFromDate` and `validToDate` fields, according to RFC 5280.
-@@ -400,8 +404,10 @@ UidvpWWipVLZgK+oDks+bKTobcoXGW9oXobiIYqslXPy
+@@ -401,8 +405,10 @@ UidvpWWipVLZgK+oDks+bKTobcoXGW9oXobiIYqslXPy
 -----END CERTIFICATE-----`.trim();
   const c1 = new X509Certificate(certPemUTCTime);
 
@@ -481,7 +483,7 @@ index bd906c25b9ee194ff34fe5fb8ecb68d7a672138c..5b631a32d07bd916ff7cd847e52b26f6
 
   // The GeneralizedTime format is used for dates in 2050 or later.
   const certPemGeneralizedTime = `-----BEGIN CERTIFICATE-----
-@@ -435,6 +441,8 @@ CWwQO8JZjJqFtqtuzy2n+gLCvqePgG/gmSqHOPm2ZbLW
+@@ -436,6 +442,8 @@ CWwQO8JZjJqFtqtuzy2n+gLCvqePgG/gmSqHOPm2ZbLW
 -----END CERTIFICATE-----`.trim();
   const c2 = new X509Certificate(certPemGeneralizedTime);
 
@@ -491,10 +493,10 @@ index bd906c25b9ee194ff34fe5fb8ecb68d7a672138c..5b631a32d07bd916ff7cd847e52b26f6
 +  }
 }
 diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js
-index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87e561bffa 100644
+index 93644e016de447d2aadc519123f18cd72b7a5750..8b16c83cd47bd8969654242296c987ecc97ccaeb 100644
 --- a/test/parallel/test-crypto.js
 +++ b/test/parallel/test-crypto.js
-@@ -61,7 +61,7 @@ assert.throws(() => {
+@@ -62,7 +62,7 @@ assert.throws(() => {
   // Throws general Error, so there is no opensslErrorStack property.
   return err instanceof Error &&
          err.name === 'Error' &&
@@ -503,7 +505,7 @@ index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87
          !('opensslErrorStack' in err);
 });
 
-@@ -71,7 +71,7 @@ assert.throws(() => {
+@@ -72,7 +72,7 @@ assert.throws(() => {
   // Throws general Error, so there is no opensslErrorStack property.
   return err instanceof Error &&
          err.name === 'Error' &&
@@ -512,7 +514,7 @@ index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87
          !('opensslErrorStack' in err);
 });
 
-@@ -81,7 +81,7 @@ assert.throws(() => {
+@@ -82,7 +82,7 @@ assert.throws(() => {
   // Throws general Error, so there is no opensslErrorStack property.
   return err instanceof Error &&
          err.name === 'Error' &&
@@ -521,7 +523,7 @@ index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87
          !('opensslErrorStack' in err);
 });
 
-@@ -144,8 +144,6 @@ assert(crypto.getHashes().includes('sha1'));
+@@ -145,8 +145,6 @@ assert(crypto.getHashes().includes('sha1'));
 assert(crypto.getHashes().includes('sha256'));
 assert(!crypto.getHashes().includes('SHA1'));
 assert(!crypto.getHashes().includes('SHA256'));
@@ -530,7 +532,7 @@ index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87
 validateList(crypto.getHashes());
 // Make sure all of the hashes are supported by OpenSSL
 for (const algo of crypto.getHashes())
-@@ -196,6 +194,7 @@ assert.throws(
+@@ -197,6 +195,7 @@ assert.throws(
   }
 );
 
@@ -538,7 +540,7 @@ index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87
 assert.throws(() => {
   const priv = [
     '-----BEGIN RSA PRIVATE KEY-----',
-@@ -216,10 +215,10 @@ assert.throws(() => {
+@@ -217,10 +216,10 @@ assert.throws(() => {
     library: 'rsa routines',
   } : {
     name: 'Error',
@@ -553,7 +555,7 @@ index 4271121881379b6c6892e89e520345f77e4181df..7a17285deee18ffbccf1d01d9d1b7b87
     code: 'ERR_OSSL_RSA_DIGEST_TOO_BIG_FOR_RSA_KEY'
   });
   return true;
-@@ -252,7 +251,7 @@ if (!common.hasOpenSSL3) {
+@@ -253,7 +252,7 @@ if (!hasOpenSSL3) {
     return true;
   });
 }
@@ -585,10 +587,10 @@ index 543ee176fb6af38874fee9f14be76f3fdda11060..fef9f1bc2f9fc6c220cf47847e86e038
 }
 
 diff --git a/test/parallel/test-https-agent-session-eviction.js b/test/parallel/test-https-agent-session-eviction.js
-index e0986e53c1103b63cf15002a7fa4ce8bc4844d90..33c8a2aa72c56dd4a98558aab2102f03fae2b3cf 100644
+index 6f88e81e9ff29defe73800fc038b0d96d1ebd846..c0b92e2bdf86d3d2638c973f8be3110d5ae31f78 100644
 --- a/test/parallel/test-https-agent-session-eviction.js
 +++ b/test/parallel/test-https-agent-session-eviction.js
-@@ -14,7 +14,7 @@ const options = {
+@@ -17,7 +17,7 @@ const options = {
   key: readKey('agent1-key.pem'),
   cert: readKey('agent1-cert.pem'),
   secureOptions: SSL_OP_NO_TICKET,
@@ -598,10 +600,10 @@ index e0986e53c1103b63cf15002a7fa4ce8bc4844d90..33c8a2aa72c56dd4a98558aab2102f03
 
 // Create TLS1.2 server
 diff --git a/test/parallel/test-tls-getprotocol.js b/test/parallel/test-tls-getprotocol.js
-index a9c8775e2f112f2b5e1f4e80f22264f219bf6a9d..4550d28125379e6043962826b8e97b692d63804b 100644
+index b1eab88fd6517e3698934dea17752ef2bb8d8d54..3ad6db20316baa8490e3787dd55903b58a54ad06 100644
 --- a/test/parallel/test-tls-getprotocol.js
 +++ b/test/parallel/test-tls-getprotocol.js
-@@ -27,7 +27,7 @@ const clientConfigs = [
+@@ -29,7 +29,7 @@ const clientConfigs = [
 
 const serverConfig = {
   secureProtocol: 'TLS_method',
@@ -708,10 +710,10 @@ index d1ca571af4be713082d32093bfb8a65f2aef9800..57b8df2ce18df58ff54b2d828af67e3c
 
 function generateWrappingKeys() {
 diff --git a/test/parallel/test-x509-escaping.js b/test/parallel/test-x509-escaping.js
-index e6ae4d886908cbc0e56787009db855dad8b12ba7..a17147daa0576ec49e560c05448f1ed0ae8d5640 100644
+index b507af88e1f7f3424b7b5d6d683a295b9d208e5e..825ba4c8dce775f401080a0522565bb7a087bcc3 100644
 --- a/test/parallel/test-x509-escaping.js
 +++ b/test/parallel/test-x509-escaping.js
-@@ -447,7 +447,7 @@ const { hasOpenSSL3 } = common;
+@@ -448,7 +448,7 @@ const { hasOpenSSL3 } = require('../common/crypto');
   assert.strictEqual(certX509.checkHost(servername, { subject: 'default' }),
                      undefined);
   assert.strictEqual(certX509.checkHost(servername, { subject: 'always' }),
@@ -720,7 +722,7 @@ index e6ae4d886908cbc0e56787009db855dad8b12ba7..a17147daa0576ec49e560c05448f1ed0
   assert.strictEqual(certX509.checkHost(servername, { subject: 'never' }),
                      undefined);
 
-@@ -482,11 +482,11 @@ const { hasOpenSSL3 } = common;
+@@ -483,11 +483,11 @@ const { hasOpenSSL3 } = require('../common/crypto');
   assert.strictEqual(certX509.subjectAltName, 'IP Address:1.2.3.4');
 
   // The newer X509Certificate API allows customizing this behavior: