test-crypto-fips.js - OpenGrok cross reference for /third_party/node/test/parallel/test-crypto-fips.js

Lines Matching +full:enable +full:- +full:fips
1 // Flags: --expose-internals
17   'Error [ERR_CRYPTO_FIPS_FORCED]: Cannot set FIPS mode, it was forced with ' +
18   '--force-fips at startup.';
19 const FIPS_UNSUPPORTED_ERROR_STRING = 'fips mode not supported';
20 const FIPS_ENABLE_ERROR_STRING = 'OpenSSL error when trying to enable FIPS:';
32   const fullArgs = args.concat(['-e', `console.log(${cmd})`]);
55         // Normal path where we expect either FIPS enabled or disabled.
64 // --enable-fips should raise an error if OpenSSL is not FIPS enabled.
67   ['--enable-fips'],
72 // --force-fips should raise an error if OpenSSL is not FIPS enabled.
75   ['--force-fips'],
80 // By default FIPS should be off in both FIPS and non-FIPS builds
81 // unless Node.js was configured using --shared-openssl in
92 // This should succeed for both FIPS and non-FIPS builds in combination with
97 // If Node was configured using --shared-openssl fips support might be
98 // available depending on how OpenSSL was built. If fips support is
102 // Note that this case is different from when calling the fips setter as the
104 // to try to call the fips setter, to try to detect this situation, as
106 // ("Error: Cannot set FIPS mode in a non-FIPS build.").
108 // with --shared-openssl.
110   // OpenSSL config file should be able to turn on FIPS mode
113     [`--openssl-config=${CNF_FIPS_ON}`],
118   // OPENSSL_CONF should be able to turn on FIPS mode
126   // --openssl-config option should override OPENSSL_CONF
129     [`--openssl-config=${CNF_FIPS_ON}`],
137 // TODO(danbev) Revisit these test once FIPS support is available in
142     [`--openssl-config=${CNF_FIPS_OFF}`],
147   // --enable-fips should take precedence over OpenSSL config file
150     ['--enable-fips', `--openssl-config=${CNF_FIPS_OFF}`],
154   // --force-fips should take precedence over OpenSSL config file
157     ['--force-fips', `--openssl-config=${CNF_FIPS_OFF}`],
161   // --enable-fips should turn FIPS mode on
164     ['--enable-fips'],
169   // --force-fips should turn FIPS mode on
172     ['--force-fips'],
177   // OPENSSL_CONF should _not_ make a difference to --enable-fips
180     ['--enable-fips'],
185   // Using OPENSSL_CONF should not make a difference to --force-fips
188     ['--force-fips'],
193   // setFipsCrypto should be able to turn FIPS mode on
202   // setFipsCrypto should be able to turn FIPS mode on and off
212   // setFipsCrypto takes precedence over OpenSSL config file, FIPS on
215     [`--openssl-config=${CNF_FIPS_OFF}`],
221   // setFipsCrypto takes precedence over OpenSSL config file, FIPS off
224     [`--openssl-config=${CNF_FIPS_ON}`],
230   // --enable-fips does not prevent use of setFipsCrypto API
233     ['--enable-fips'],
239   // --force-fips prevents use of setFipsCrypto API
242     ['--force-fips'],
247   // --force-fips makes setFipsCrypto enable a no-op (FIPS stays on)
250     ['--force-fips'],
256   // --force-fips and --enable-fips order does not matter
259     ['--force-fips', '--enable-fips'],
264   // --enable-fips and --force-fips order does not matter
267     ['--enable-fips', '--force-fips'],