| /third_party/node/test/parallel/ |
| D | test-crypto-fips.js | 1 // Flags: --expose-internals
17 'Error [ERR_CRYPTO_FIPS_FORCED]: Cannot set FIPS mode, it was forced with ' +
18 '--force-fips at startup.';
19 const FIPS_UNSUPPORTED_ERROR_STRING = 'fips mode not supported';
20 const FIPS_ENABLE_ERROR_STRING = 'OpenSSL error when trying to enable FIPS:';
32 const fullArgs = args.concat(['-e', `console.log(${cmd})`]);
55 // Normal path where we expect either FIPS enabled or disabled.
64 // --enable-fips should raise an error if OpenSSL is not FIPS enabled.
67 ['--enable-fips'],
72 // --force-fips should raise an error if OpenSSL is not FIPS enabled.
[all …]
|
| D | test-cli-node-print-help.js | 1 // Flags: --expose-internals
15 exec(`${process.execPath} --help`, common.mustSucceed((stdout, stderr) => {
28 flags: [ '--openssl-config=...', '--tls-cipher-list=...',
29 '--use-bundled-ca', '--use-openssl-ca',
30 '--enable-fips', '--force-fips' ] },
32 flags: [ '--icu-data-dir=...', 'NODE_ICU_DATA' ] },
34 flags: [ '--inspect-brk[=[host:]port]', '--inspect-port=[host:]port',
35 '--inspect[=[host:]port]' ] },
44 assert.strictEqual(stdOut.indexOf(flag) !== -1, true,
49 assert.strictEqual(stdOut.indexOf(flag), -1,
|
| D | test-process-env-allowed-flags-are-documented.js | 24 '<!-- node-options-node start -->',
25 '<!-- node-options-node end -->');
27 '<!-- node-options-v8 start -->',
28 '<!-- node-options-v8 end -->');
36 for (const match of line.matchAll(/`(-[^`]+)`/g)) {
38 const option = match[1].replace('--no-', '--');
47 documented.delete('--openssl-legacy-provider');
48 documented.delete('--openssl-shared-config');
57 '--openssl-config',
58 common.hasOpenSSL3 ? '--openssl-legacy-provider' : '',
[all …]
|
| /third_party/node/deps/openssl/openssl/ |
| D | README-FIPS.md | 1 OpenSSL FIPS support
5 FIPS validated. The module is implemented as an OpenSSL provider.
7 cryptographic algorithms, see the [README-PROVIDERS](README-PROVIDERS.md) file
10 A cryptographic module is only FIPS validated after it has gone through the complex
11 FIPS 140 validation process. As this process takes a very long time, it is not
13 If you need a FIPS validated module then you must ONLY generate a FIPS provider
14 using OpenSSL versions that have valid FIPS certificates. A FIPS certificate
16 in the Security Policy in order to be FIPS compliant.
18 FIPS certificates and Security Policies.
22 legacy providers) without any restrictions, but the FIPS provider must be built
[all …]
|
| D | INSTALL.md | 11 - [Prerequisites](#prerequisites)
12 - [Notational Conventions](#notational-conventions)
13 - [Quick Installation Guide](#quick-installation-guide)
14 - [Building OpenSSL](#building-openssl)
15 - [Installing OpenSSL](#installing-openssl)
16 - [Configuration Options](#configuration-options)
17 - [API Level](#api-level)
18 - [Cross Compile Prefix](#cross-compile-prefix)
19 - [Build Type](#build-type)
20 - [Directories](#directories)
[all …]
|
| D | NOTES-NONSTOP.md | 5 -------------------
11 Specify the `--with-rand-seed=rdcpu` option to the `./Configure` script.
13 be used if FIPS is selected.
15 specify the `--with-rand-seed=egd` option to the `./Configure` script.
18 ------------------
27 ----------------
31 the TNS/X (L-Series) platform:
33 * `nonstop-nsx` or default will select an unthreaded build.
34 * `nonstop-nsx_put` selects the PUT build.
35 * `nonstop-nsx_64_put` selects the 64 bit file length PUT build.
[all …]
|
| D | README.md | 4 This is a fork of [OpenSSL](https://www.openssl.org) to enable QUIC. In addition
7 [README-OpenSSL.md](https://github.com/quictls/openssl/blob/openssl-3.0.10%2Bquic/README-OpenSSL.md)
11 [charter](https://datatracker.ietf.org/wg/quic/about/), QUIC is a "UDP-based,
12 stream-multiplexing, encrypted transport protocol." If you don't need QUIC, you
22 [blog post](https://www.openssl.org/blog/blog/2020/02/17/QUIC-and-OpenSSL/) and
23 [openssl-project email](https://github.com/quictls/openssl/discussions/54)
27 (released 2021-09-07), and does not intend to add QUIC functionality to 1.1.x.
28 There is a community need for a QUIC-capable TLS library. This fork is intended
29 as stopgap solution to enable higher level frameworks and runtimes to use QUIC
42 --------------------
[all …]
|
| D | appveyor.yml | 2 - Visual Studio 2017
5 - x64
6 - x86
11 - VSVER: 15
14 - shared
15 - minimal
18 -
21 - master
23 - shared
24 - plain
[all …]
|
| /third_party/openssl/ |
| D | README-FIPS.md | 1 OpenSSL FIPS support
5 FIPS 140-2 validated. The module is implemented as an OpenSSL provider.
7 cryptographic algorithms, see the [README-PROVIDERS](README-PROVIDERS.md) file
10 A cryptographic module is only FIPS validated after it has gone through the complex
11 FIPS 140 validation process. As this process takes a very long time, it is not
13 If you need a FIPS validated module then you must ONLY generate a FIPS provider
14 using OpenSSL versions that have valid FIPS certificates. A FIPS certificate
16 in the Security Policy in order to be FIPS compliant.
18 FIPS certificates and Security Policies.
22 legacy providers) without any restrictions, but the FIPS provider must be built
[all …]
|
| D | INSTALL.md | 11 - [Prerequisites](#prerequisites)
12 - [Notational Conventions](#notational-conventions)
13 - [Quick Installation Guide](#quick-installation-guide)
14 - [Building OpenSSL](#building-openssl)
15 - [Installing OpenSSL](#installing-openssl)
16 - [Configuration Options](#configuration-options)
17 - [API Level](#api-level)
18 - [Cross Compile Prefix](#cross-compile-prefix)
19 - [Build Type](#build-type)
20 - [Directories](#directories)
[all …]
|
| D | NOTES-NONSTOP.md | 5 -------------------
11 Specify the `--with-rand-seed=rdcpu` option to the `./Configure` script.
13 be used if FIPS is selected.
15 specify the `--with-rand-seed=egd` option to the `./Configure` script.
18 ------------------
27 ----------------
31 the TNS/X (L-Series) platform:
33 * `nonstop-nsx` or default will select an unthreaded build.
34 * `nonstop-nsx_put` selects the PUT build.
35 * `nonstop-nsx_64_put` selects the 64 bit file length PUT build.
[all …]
|
| D | appveyor.yml | 2 - Visual Studio 2017
5 - x64
6 - x86
11 - VSVER: 15
14 - shared
15 - minimal
18 -
21 - master
23 - shared
24 - plain
[all …]
|
| /third_party/node/doc/ |
| D | node.1 | 8 .\" https://atom.io/packages/language-roff
11 .\" mandoc -Wall -Tlint /path/to/this.file # BSD
12 .\" groff -w all -z /path/to/this.file # GNU/Linux, macOS
18 .\" the Roff formatter better control over text-spacing, line-wrapping,
29 .tr -\-^\(ha~\(ti`\(ga
35 .Nd server-side JavaScript runtime
41 .Op Ar v8-options
43 .Op Fl -
52 .Op Fl -v8-options
57 It is primarily focused on creating simple, easy-to-build network clients and servers.
[all …]
|
| /third_party/openssl/doc/man3/ |
| D | EVP_set_default_properties.pod | 7 - Set default properties for future algorithm fetches
14 int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable);
31 EVP_default_properties_enable_fips() sets the 'fips=yes' to be a default property
32 if I<enable> is non zero, otherwise it clears 'fips' from the default property
33 query for the given I<libctx>. It merges the fips default property query with any
36 EVP_default_properties_is_fips_enabled() indicates if 'fips=yes' is a default
51 EVP_default_properties_is_fips_enabled() returns 1 if the 'fips=yes' default
64 Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
|
| /third_party/rust/crates/rust-openssl/openssl/src/ |
| D | fips.rs | 1 //! FIPS 140-2 support.
5 //! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf
10 /// Moves the library into or out of the FIPS 140-2 mode of operation.
12 pub fn enable(enabled: bool) -> Result<(), ErrorStack> { in enable() function
17 /// Determines if the library is running in the FIPS 140-2 mode of operation.
19 pub fn enabled() -> bool { in enabled()
|
| /third_party/node/doc/api/ |
| D | cli.md | 1 # Command-line API
3 <!--introduced_in=v5.9.1-->
5 <!--type=misc-->
7 Node.js comes with a variety of CLI options. These options expose built-in
14 `node [options] [V8 options] [<program-entry-point> | -e "script" | -] [--] [arguments]`
16 `node inspect [<program-entry-point> | -e "script" | <host>:<port>] …`
18 `node --v8-options`
26 The program entry point is a specifier-like string. If the string is not an
34 * The program was started with a command-line flag that forces the entry
38 `package.json` file contains a top-level [`"type"`][] field with a value of
[all …]
|
| D | cli.json | 7 "textRaw": "Command-line API",
8 "name": "Command-line API",
11 …"desc": "<p>Node.js comes with a variety of CLI options. These options expose built-in\ndebugging,…
16 …-entry-point> | -e \"script\" | -] [--] [arguments]</code></p>\n<p><code>node inspect [<progr…
23 …-like string. If the string is not an\nabsolute path, it's resolved as a relative path from the cu…
28 … <code>.wasm</code> extensions when\n<a href=\"#--experimental-wasm-modules\"><code>--experimental…
43 "pr-url": "https://github.com/nodejs/node/pull/23020",
48 …-</code>) or underscores (<code>_</code>). For example, <code>--pending-deprecation</code> is\nequ…
51 "textRaw": "`-`",
52 "name": "`-`",
[all …]
|
| /third_party/node/src/crypto/ |
| D | crypto_util.cc | 2 #include "async_wrap-inl.h"
5 #include "env-inl.h"
6 #include "memory_tracker-inl.h"
8 #include "node_options-inl.h"
10 #include "threadpoolwork-inl.h"
11 #include "util-inl.h"
72 length -= INT_MAX; in CSPRNG()
101 size_t len = passphrase->size(); in PasswordCallback()
103 return -1; in PasswordCallback()
104 memcpy(buf, passphrase->data(), len); in PasswordCallback()
[all …]
|
| /third_party/node/deps/openssl/config/ |
| D | Makefile | 4 UNAME_S := $(shell uname -s)
12 ASM_ARCHS = aix64-gcc-as BSD-x86 BSD-x86_64 \
13 darwin64-x86_64-cc darwin-i386-cc darwin64-arm64-cc linux-aarch64 \
14 linux-armv4 linux-elf linux-x86_64 \
15 linux-ppc64le linux32-s390x linux64-s390x linux64-mips64\
16 solaris-x86-gcc solaris64-x86_64-gcc VC-WIN64A VC-WIN32
18 NO_ASM_ARCHS = VC-WIN64-ARM linux64-riscv64 linux64-loongarch64
24 # no-comp: against CRIME attack
25 # no-shared: openssl-cli needs static link
26 # no-afalgeng: old Linux kernel < 4.0 does not support it
[all …]
|
| /third_party/node/ |
| D | BUILDING.md | 13 * [Supported platforms](#supported-platforms)
16 * [Platform list](#platform-list)
17 * [Supported toolchains](#supported-toolchains)
18 * [Official binary platforms and toolchains](#official-binary-platforms-and-toolchains)
19 * [OpenSSL asm support](#openssl-asm-support)
20 * [Previous versions of this document](#previous-versions-of-this-document)
21 * [Building Node.js on supported platforms](#building-nodejs-on-supported-platforms)
22 * [Note about Python](#note-about-python)
23 * [Unix and macOS](#unix-and-macos)
24 * [Unix prerequisites](#unix-prerequisites)
[all …]
|
| /third_party/openssl/doc/man7/ |
| D | EVP_MAC-KMAC.pod | 5 EVP_MAC-KMAC, EVP_MAC-KMAC128, EVP_MAC-KMAC256
6 - The KMAC EVP_MAC implementations
19 =item "KMAC-128", "provider=default" or "provider=fips"
21 =item "KMAC-256", "provider=default" or "provider=fips"
34 Likewise, the "block-size" parameter can be retrieved with
54 By default, it is 16 for C<KMAC-128> and 32 for C<KMAC-256>.
56 =item "block-size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
59 By default, it is 168 for C<KMAC-128> and 136 for C<KMAC-256>.
63 The "xof" parameter value is expected to be 1 or 0. Use 1 to enable XOF mode.
89 mac = EVP_MAC_fetch(NULL, "KMAC-128", NULL);
[all …]
|
| D | migration_guide.pod | 5 migration_guide - OpenSSL migration guide
32 OpenSSL 3.0 such as the availability of the FIPS module.
37 licenses|https://www.openssl.org/source/license-openssl-ssleay.txt>
39 L<Apache License v2|https://www.openssl.org/source/apache-license-2.0.txt>.
41 =head3 Providers and FIPS support
53 One of the standard providers available is the FIPS provider. This makes
54 available FIPS validated cryptographic algorithms.
55 The FIPS provider is disabled by default and needs to be enabled explicitly
56 at configuration time using the C<enable-fips> option. If it is enabled,
57 the FIPS provider gets built and installed in addition to the other standard
[all …]
|
| /third_party/node/deps/openssl/openssl/Configurations/ |
| D | unix-Makefile.tmpl | 4 ## {- join("\n## ", @autowarntext) -}
5 {-
9 our $makedepcmd = platform->makedepcmd();
17 our $sover_dirname = platform->shlib_version_as_filename();
29 $COLUMNS = int($COLUMNS) - 2; # 2 to leave space for ending ' \'
61 -}
62 PLATFORM={- $config{target} -}
63 OPTIONS={- $config{options} -}
64 CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -})
65 SRCDIR={- $config{sourcedir} -}
[all …]
|
| /third_party/openssl/Configurations/ |
| D | unix-Makefile.tmpl | 4 ## {- join("\n## ", @autowarntext) -}
5 {-
9 our $makedepcmd = platform->makedepcmd();
17 our $sover_dirname = platform->shlib_version_as_filename();
29 $COLUMNS = int($COLUMNS) - 2; # 2 to leave space for ending ' \'
61 -}
62 PLATFORM={- $config{target} -}
63 OPTIONS={- $config{options} -}
64 CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -})
65 SRCDIR={- $config{sourcedir} -}
[all …]
|
| /third_party/node/deps/openssl/openssl/crypto/evp/ |
| D | evp_fetch.c | 2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
69 if (methdata->tmp_store == NULL) in get_tmp_evp_method_store()
70 methdata->tmp_store = ossl_method_store_new(methdata->libctx); in get_tmp_evp_method_store()
71 return methdata->tmp_store; in get_tmp_evp_method_store()
91 && (store = get_evp_method_store(methdata->libctx)) == NULL) in reserve_evp_method_store()
102 && (store = get_evp_method_store(methdata->libctx)) == NULL) in unreserve_evp_method_store()
113 * The resulting identity is a 31-bit integer, composed like this:
115 * +---------23 bits--------+-8 bits-+
117 * +------------------------+--------+
126 #define METHOD_ID_OPERATION_MAX ((1 << 8) - 1)
[all …]
|