test: fix and undisable parallel/node-crypto (#27689)

patches/node/.patches

@@ -17,7 +17,6 @@ refactor_allow_embedder_overriding_of_internal_fs_calls.patch
 chore_prevent_warn_non_context-aware_native_modules_being_loaded.patch
 chore_read_nobrowserglobals_from_global_not_process.patch
 build_bring_back_node_with_ltcg_configuration.patch
-revert_crypto_add_oaeplabel_option.patch
 enable_31_bit_smis_on_64bit_arch_and_ptr_compression.patch
 fix_use_crypto_impls_for_compat.patch
 fix_comment_out_incompatible_crypto_modules.patch
@@ -32,4 +31,4 @@ fix_add_safeforterminationscopes_for_sigint_interruptions.patch
 remove_makeexternal_case_for_uncached_internal_strings.patch
 fix_remove_outdated_--experimental-wasm-bigint_flag.patch
 darwin_libuv_use_posix_spawn.patch
-fix_parallel_test-crypto-ecdh-convert-key_to_use_compatible_group.patch
+fix_crypto_tests_to_run_with_bssl.patch

patches/node/fix_comment_out_incompatible_crypto_modules.patch

@@ -9,10 +9,10 @@ with what's exposed through BoringSSL. I plan to upstream parts of this or
 otherwise introduce shims to reduce friction.
 
 diff --git a/src/node_crypto.cc b/src/node_crypto.cc
-index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e4144179575c9b502 100644
+index d7b6dbd85d6ef97370affde54bde4657f2413a06..489123d5fbd340fdceb3b6316e3fca6fb1050fef 100644
 --- a/src/node_crypto.cc
 +++ b/src/node_crypto.cc
-@@ -5192,11 +5192,11 @@ bool DiffieHellman::Init(int primeLength, int g) {
+@@ -5204,11 +5204,11 @@ bool DiffieHellman::Init(int primeLength, int g) {
  bool DiffieHellman::Init(const char* p, int p_len, int g) {
    dh_.reset(DH_new());
    if (p_len <= 0) {
@@ -26,7 +26,7 @@ index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e41441795
      return false;
    }
    BIGNUM* bn_p =
-@@ -5215,18 +5215,18 @@ bool DiffieHellman::Init(const char* p, int p_len, int g) {
+@@ -5227,18 +5227,18 @@ bool DiffieHellman::Init(const char* p, int p_len, int g) {
  bool DiffieHellman::Init(const char* p, int p_len, const char* g, int g_len) {
    dh_.reset(DH_new());
    if (p_len <= 0) {
@@ -48,7 +48,7 @@ index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e41441795
      return false;
    }
    BIGNUM* bn_p =
-@@ -5719,7 +5719,7 @@ void ECDH::SetPrivateKey(const FunctionCallbackInfo<Value>& args) {
+@@ -5731,7 +5731,7 @@ void ECDH::SetPrivateKey(const FunctionCallbackInfo<Value>& args) {
    if (!EC_KEY_set_public_key(new_key.get(), pub.get()))
      return env->ThrowError("Failed to set generated public key");
  
@@ -57,7 +57,7 @@ index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e41441795
    ecdh->group_ = EC_KEY_get0_group(ecdh->key_.get());
  }
  
-@@ -6207,6 +6207,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
+@@ -6219,6 +6219,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
    EVPKeyCtxPointer Setup() override {
      EVPKeyPointer params;
      if (prime_info_.fixed_value_) {
@@ -65,7 +65,7 @@ index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e41441795
        DHPointer dh(DH_new());
        if (!dh)
          return nullptr;
-@@ -6223,6 +6224,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
+@@ -6235,6 +6236,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
        params = EVPKeyPointer(EVP_PKEY_new());
        CHECK(params);
        EVP_PKEY_assign_DH(params.get(), dh.release());
@@ -73,7 +73,7 @@ index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e41441795
      } else {
        EVPKeyCtxPointer param_ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_DH, nullptr));
        if (!param_ctx)
-@@ -6230,7 +6232,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
+@@ -6242,7 +6244,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
  
        if (EVP_PKEY_paramgen_init(param_ctx.get()) <= 0)
          return nullptr;
@@ -82,7 +82,7 @@ index 91cb94d8dbe9db0adbee5e005649188e1ccbcbf9..2000c789d9daac835c0ecc1e41441795
        if (EVP_PKEY_CTX_set_dh_paramgen_prime_len(param_ctx.get(),
                                                   prime_info_.prime_size_) <= 0)
          return nullptr;
-@@ -6238,7 +6240,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
+@@ -6250,7 +6252,7 @@ class DHKeyPairGenerationConfig : public KeyPairGenerationConfig {
        if (EVP_PKEY_CTX_set_dh_paramgen_generator(param_ctx.get(),
                                                   generator_) <= 0)
          return nullptr;

patches/node/fix_crypto_tests_to_run_with_bssl.patch

@@ -0,0 +1,946 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jeremy Rose <[email protected]>
+Date: Tue, 9 Feb 2021 12:34:46 -0800
+Subject: fix crypto tests to run with bssl
+
+This fixes some crypto tests so that they pass when compiled with
+BoringSSL.
+
+This should be upstreamed in some form, though it may need to be tweaked
+before it's acceptable to upstream, as this patch comments out a couple
+of tests that upstream probably cares about.
+
+diff --git a/test/parallel/test-crypto-authenticated.js b/test/parallel/test-crypto-authenticated.js
+index 863907bafd81920c40bccaf89299a2bcdb1be79e..c6f1c146586d0af096def5d6ee73437323017438 100644
+--- a/test/parallel/test-crypto-authenticated.js
++++ b/test/parallel/test-crypto-authenticated.js
+@@ -49,7 +49,9 @@ const errMessages = {
+ const ciphers = crypto.getCiphers();
+ 
+ const expectedWarnings = common.hasFipsCrypto ?
+-  [] : [
++  [] : !ciphers.includes('aes-192-ccm') ? [
++    ['Use Cipheriv for counter mode of aes-192-gcm'],
++  ] : [
+     ['Use Cipheriv for counter mode of aes-192-gcm'],
+     ['Use Cipheriv for counter mode of aes-192-ccm'],
+     ['Use Cipheriv for counter mode of aes-192-ccm'],
+@@ -317,7 +319,9 @@ for (const test of TEST_CASES) {
+ 
+ // Test that create(De|C)ipher(iv)? throws if the mode is CCM and an invalid
+ // authentication tag length has been specified.
+-{
++if (!ciphers.includes('aes-256-ccm')) {
++  common.printSkipMessage(`unsupported aes-256-ccm test`);
++} else {
+   for (const authTagLength of [-1, true, false, NaN, 5.5]) {
+     assert.throws(() => {
+       crypto.createCipheriv('aes-256-ccm',
+@@ -405,6 +409,10 @@ for (const test of TEST_CASES) {
+ // authentication tag has been specified.
+ {
+   for (const mode of ['ccm', 'ocb']) {
++    if (!ciphers.includes(`aes-256-${mode}`)) {
++      common.printSkipMessage(`unsupported aes-256-${mode} test`);
++      continue;
++    }
+     assert.throws(() => {
+       crypto.createCipheriv(`aes-256-${mode}`,
+                             'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8',
+@@ -439,7 +447,9 @@ for (const test of TEST_CASES) {
+ }
+ 
+ // Test that setAAD throws if an invalid plaintext length has been specified.
+-{
++if (!ciphers.includes('aes-256-ccm')) {
++  common.printSkipMessage(`unsupported aes-256-ccm test`);
++} else {
+   const cipher = crypto.createCipheriv('aes-256-ccm',
+                                        'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8',
+                                        'qkuZpJWCewa6S',
+@@ -460,7 +470,9 @@ for (const test of TEST_CASES) {
+ }
+ 
+ // Test that setAAD and update throw if the plaintext is too long.
+-{
++if (!ciphers.includes('aes-256-ccm')) {
++  common.printSkipMessage(`unsupported aes-256-ccm test`);
++} else {
+   for (const ivLength of [13, 12]) {
+     const maxMessageSize = (1 << (8 * (15 - ivLength))) - 1;
+     const key = 'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8';
+@@ -491,7 +503,9 @@ for (const test of TEST_CASES) {
+ 
+ // Test that setAAD throws if the mode is CCM and the plaintext length has not
+ // been specified.
+-{
++if (!ciphers.includes('aes-256-ccm')) {
++  common.printSkipMessage(`unsupported aes-256-ccm test`);
++} else {
+   assert.throws(() => {
+     const cipher = crypto.createCipheriv('aes-256-ccm',
+                                          'FxLKsqdmv0E9xrQhp0b1ZgI0K7JFZJM8',
+@@ -516,7 +530,9 @@ for (const test of TEST_CASES) {
+ }
+ 
+ // Test that final() throws in CCM mode when no authentication tag is provided.
+-{
++if (!ciphers.includes('aes-128-ccm')) {
++  common.printSkipMessage(`unsupported aes-256-ccm test`);
++} else {
+   if (!common.hasFipsCrypto) {
+     const key = Buffer.from('1ed2233fa2223ef5d7df08546049406c', 'hex');
+     const iv = Buffer.from('7305220bca40d4c90e1791e9', 'hex');
+@@ -548,7 +564,9 @@ for (const test of TEST_CASES) {
+ }
+ 
+ // Test that an IV length of 11 does not overflow max_message_size_.
+-{
++if (!ciphers.includes('aes-128-ccm')) {
++  common.printSkipMessage(`unsupported aes-128-ccm test`);
++} else {
+   const key = 'x'.repeat(16);
+   const iv = Buffer.from('112233445566778899aabb', 'hex');
+   const options = { authTagLength: 8 };
+@@ -565,6 +583,10 @@ for (const test of TEST_CASES) {
+   const iv = Buffer.from('0123456789ab', 'utf8');
+ 
+   for (const mode of ['gcm', 'ocb']) {
++    if (!ciphers.includes(`aes-128-${mode}`)) {
++      common.printSkipMessage(`unsupported aes-128-${mode} test`);
++      continue;
++    }
+     for (const authTagLength of mode === 'gcm' ? [undefined, 8] : [8]) {
+       const cipher = crypto.createCipheriv(`aes-128-${mode}`, key, iv, {
+         authTagLength
+@@ -599,6 +621,10 @@ for (const test of TEST_CASES) {
+   const opts = { authTagLength: 8 };
+ 
+   for (const mode of ['gcm', 'ccm', 'ocb']) {
++    if (!ciphers.includes(`aes-128-${mode}`)) {
++      common.printSkipMessage(`unsupported aes-128-${mode} test`);
++      continue;
++    }
+     const cipher = crypto.createCipheriv(`aes-128-${mode}`, key, iv, opts);
+     const ciphertext = Buffer.concat([cipher.update(plain), cipher.final()]);
+     const tag = cipher.getAuthTag();
+@@ -621,7 +647,9 @@ for (const test of TEST_CASES) {
+ // Test chacha20-poly1305 rejects invalid IV lengths of 13, 14, 15, and 16 (a
+ // length of 17 or greater was already rejected).
+ // - https://www.openssl.org/news/secadv/20190306.txt
+-{
++if (!ciphers.includes('chacha20-poly1305')) {
++  common.printSkipMessage(`unsupported chacha20-poly1305 test`);
++} else {
+   // Valid extracted from TEST_CASES, check that it detects IV tampering.
+   const valid = {
+     algo: 'chacha20-poly1305',
+diff --git a/test/parallel/test-crypto-binary-default.js b/test/parallel/test-crypto-binary-default.js
+index a2fb2e82670567f3867936a6f0999a80acf4061e..6e789dda0a755293d0871a6353a39ba0f58a70b8 100644
+--- a/test/parallel/test-crypto-binary-default.js
++++ b/test/parallel/test-crypto-binary-default.js
+@@ -51,15 +51,15 @@ tls.createSecureContext({ pfx: certPfx, passphrase: 'sample' });
+ 
+ assert.throws(function() {
+   tls.createSecureContext({ pfx: certPfx });
+-}, /^Error: mac verify failure$/);
++}, /^Error: (mac verify failure|INCORRECT_PASSWORD)$/);
+ 
+ assert.throws(function() {
+   tls.createSecureContext({ pfx: certPfx, passphrase: 'test' });
+-}, /^Error: mac verify failure$/);
++}, /^Error: (mac verify failure|INCORRECT_PASSWORD)$/);
+ 
+ assert.throws(function() {
+   tls.createSecureContext({ pfx: 'sample', passphrase: 'test' });
+-}, /^Error: not enough data$/);
++}, /^Error: (not enough data|BAD_PKCS12_DATA)$/);
+ 
+ // Test HMAC
+ {
+@@ -462,7 +462,7 @@ assert.throws(function() {
+ function testCipher1(key) {
+   // Test encryption and decryption
+   const plaintext = 'Keep this a secret? No! Tell everyone about node.js!';
+-  const cipher = crypto.createCipher('aes192', key);
++  const cipher = crypto.createCipher('aes-192-cbc', key);
+ 
+   // Encrypt plaintext which is in utf8 format
+   // to a ciphertext which will be in hex
+@@ -470,7 +470,7 @@ function testCipher1(key) {
+   // Only use binary or hex, not base64.
+   ciph += cipher.final('hex');
+ 
+-  const decipher = crypto.createDecipher('aes192', key);
++  const decipher = crypto.createDecipher('aes-192-cbc', key);
+   let txt = decipher.update(ciph, 'hex', 'utf8');
+   txt += decipher.final('utf8');
+ 
+@@ -485,14 +485,14 @@ function testCipher2(key) {
+       '32|RmVZZkFUVmpRRkp0TmJaUm56ZU9qcnJkaXNNWVNpTTU*|iXmckfRWZBGWWELw' +
+       'eCBsThSsfUHLeRe0KCsK8ooHgxie0zOINpXxfZi/oNG7uq9JWFVCk70gfzQH8ZUJ' +
+       'jAfaFg**';
+-  const cipher = crypto.createCipher('aes256', key);
++  const cipher = crypto.createCipher('aes-256-cbc', key);
+ 
+   // Encrypt plaintext which is in utf8 format
+   // to a ciphertext which will be in Base64
+   let ciph = cipher.update(plaintext, 'utf8', 'base64');
+   ciph += cipher.final('base64');
+ 
+-  const decipher = crypto.createDecipher('aes256', key);
++  const decipher = crypto.createDecipher('aes-256-cbc', key);
+   let txt = decipher.update(ciph, 'base64', 'utf8');
+   txt += decipher.final('utf8');
+ 
+@@ -537,6 +537,10 @@ function testCipher4(key, iv) {
+ 
+ 
+ function testCipher5(key, iv) {
++  if (!crypto.getCiphers().includes('id-aes128-wrap')) {
++    common.printSkipMessage(`unsupported id-aes128-wrap test`);
++    return;
++  }
+   // Test encryption and decryption with explicit key with aes128-wrap
+   const plaintext =
+       '32|RmVZZkFUVmpRRkp0TmJaUm56ZU9qcnJkaXNNWVNpTTU*|iXmckfRWZBGWWELw' +
+@@ -661,6 +665,8 @@ assert.throws(
+ }
+ 
+ 
++/* NB: BoringSSL does not support using DSA through the EVP API.
++ * https://boringssl.googlesource.com/boringssl/+/a2278d4d2cabe73f6663e3299ea7808edfa306b9/PORTING.md#dsa-s
+ //
+ // Test DSA signing and verification
+ //
+@@ -681,6 +687,7 @@ assert.throws(
+ 
+   assert.strictEqual(verify.verify(publicKey, signature, 'hex'), true);
+ }
++*/
+ 
+ 
+ //
+diff --git a/test/parallel/test-crypto-cipher-decipher.js b/test/parallel/test-crypto-cipher-decipher.js
+index 4bb765d9ca408b656937bc6ee59d58a0f3518a39..50e108b6a43bdb2a6bf7e097d816354590b62efe 100644
+--- a/test/parallel/test-crypto-cipher-decipher.js
++++ b/test/parallel/test-crypto-cipher-decipher.js
+@@ -22,7 +22,7 @@ common.expectWarning({
+ function testCipher1(key) {
+   // Test encryption and decryption
+   const plaintext = 'Keep this a secret? No! Tell everyone about node.js!';
+-  const cipher = crypto.createCipher('aes192', key);
++  const cipher = crypto.createCipher('aes-192-cbc', key);
+ 
+   // Encrypt plaintext which is in utf8 format
+   // to a ciphertext which will be in hex
+@@ -30,7 +30,7 @@ function testCipher1(key) {
+   // Only use binary or hex, not base64.
+   ciph += cipher.final('hex');
+ 
+-  const decipher = crypto.createDecipher('aes192', key);
++  const decipher = crypto.createDecipher('aes-192-cbc', key);
+   let txt = decipher.update(ciph, 'hex', 'utf8');
+   txt += decipher.final('utf8');
+ 
+@@ -40,11 +40,11 @@ function testCipher1(key) {
+   // NB: In real life, it's not guaranteed that you can get all of it
+   // in a single read() like this.  But in this case, we know it's
+   // quite small, so there's no harm.
+-  const cStream = crypto.createCipher('aes192', key);
++  const cStream = crypto.createCipher('aes-192-cbc', key);
+   cStream.end(plaintext);
+   ciph = cStream.read();
+ 
+-  const dStream = crypto.createDecipher('aes192', key);
++  const dStream = crypto.createDecipher('aes-192-cbc', key);
+   dStream.end(ciph);
+   txt = dStream.read().toString('utf8');
+ 
+@@ -59,14 +59,14 @@ function testCipher2(key) {
+       '32|RmVZZkFUVmpRRkp0TmJaUm56ZU9qcnJkaXNNWVNpTTU*|iXmckfRWZBGWWELw' +
+       'eCBsThSsfUHLeRe0KCsK8ooHgxie0zOINpXxfZi/oNG7uq9JWFVCk70gfzQH8ZUJ' +
+       'jAfaFg**';
+-  const cipher = crypto.createCipher('aes256', key);
++  const cipher = crypto.createCipher('aes-256-cbc', key);
+ 
+   // Encrypt plaintext which is in utf8 format to a ciphertext which will be in
+   // Base64.
+   let ciph = cipher.update(plaintext, 'utf8', 'base64');
+   ciph += cipher.final('base64');
+ 
+-  const decipher = crypto.createDecipher('aes256', key);
++  const decipher = crypto.createDecipher('aes-256-cbc', key);
+   let txt = decipher.update(ciph, 'base64', 'utf8');
+   txt += decipher.final('utf8');
+ 
+@@ -180,7 +180,7 @@ testCipher2(Buffer.from('0123456789abcdef'));
+ // Regression test for https://github.com/nodejs/node-v0.x-archive/issues/5482:
+ // string to Cipher#update() should not assert.
+ {
+-  const c = crypto.createCipher('aes192', '0123456789abcdef');
++  const c = crypto.createCipher('aes-192-cbc', '0123456789abcdef');
+   c.update('update');
+   c.final();
+ }
+@@ -188,15 +188,15 @@ testCipher2(Buffer.from('0123456789abcdef'));
+ // https://github.com/nodejs/node-v0.x-archive/issues/5655 regression tests,
+ // 'utf-8' and 'utf8' are identical.
+ {
+-  let c = crypto.createCipher('aes192', '0123456789abcdef');
++  let c = crypto.createCipher('aes-192-cbc', '0123456789abcdef');
+   c.update('update', '');  // Defaults to "utf8".
+   c.final('utf-8');  // Should not throw.
+ 
+-  c = crypto.createCipher('aes192', '0123456789abcdef');
++  c = crypto.createCipher('aes-192-cbc', '0123456789abcdef');
+   c.update('update', 'utf8');
+   c.final('utf-8');  // Should not throw.
+ 
+-  c = crypto.createCipher('aes192', '0123456789abcdef');
++  c = crypto.createCipher('aes-192-cbc', '0123456789abcdef');
+   c.update('update', 'utf-8');
+   c.final('utf8');  // Should not throw.
+ }
+@@ -205,23 +205,23 @@ testCipher2(Buffer.from('0123456789abcdef'));
+ {
+   const key = '0123456789abcdef';
+   const plaintext = 'Top secret!!!';
+-  const c = crypto.createCipher('aes192', key);
++  const c = crypto.createCipher('aes-192-cbc', key);
+   let ciph = c.update(plaintext, 'utf16le', 'base64');
+   ciph += c.final('base64');
+ 
+-  let decipher = crypto.createDecipher('aes192', key);
++  let decipher = crypto.createDecipher('aes-192-cbc', key);
+ 
+   let txt;
+   txt = decipher.update(ciph, 'base64', 'ucs2');
+   txt += decipher.final('ucs2');
+   assert.strictEqual(txt, plaintext);
+ 
+-  decipher = crypto.createDecipher('aes192', key);
++  decipher = crypto.createDecipher('aes-192-cbc', key);
+   txt = decipher.update(ciph, 'base64', 'ucs-2');
+   txt += decipher.final('ucs-2');
+   assert.strictEqual(txt, plaintext);
+ 
+-  decipher = crypto.createDecipher('aes192', key);
++  decipher = crypto.createDecipher('aes-192-cbc', key);
+   txt = decipher.update(ciph, 'base64', 'utf-16le');
+   txt += decipher.final('utf-16le');
+   assert.strictEqual(txt, plaintext);
+diff --git a/test/parallel/test-crypto-cipheriv-decipheriv.js b/test/parallel/test-crypto-cipheriv-decipheriv.js
+index 07591fdfffd0722bd649e94911e67868a24b59ed..5c04fc9d527ccbafd17ec1b492f6bab7c754d0ba 100644
+--- a/test/parallel/test-crypto-cipheriv-decipheriv.js
++++ b/test/parallel/test-crypto-cipheriv-decipheriv.js
+@@ -60,6 +60,10 @@ function testCipher2(key, iv) {
+ 
+ 
+ function testCipher3(key, iv) {
++  if (!crypto.getCiphers().includes('id-aes128-wrap')) {
++    common.printSkipMessage(`unsupported id-aes128-wrap test`);
++    return;
++  }
+   // Test encryption and decryption with explicit key and iv.
+   // AES Key Wrap test vector comes from RFC3394
+   const plaintext = Buffer.from('00112233445566778899AABBCCDDEEFF', 'hex');
+diff --git a/test/parallel/test-crypto-classes.js b/test/parallel/test-crypto-classes.js
+index ce4e2922de806276586796e2b3abdb885fc99840..4a92a134291964003fe50a3a9fec9d3e5c8e9262 100644
+--- a/test/parallel/test-crypto-classes.js
++++ b/test/parallel/test-crypto-classes.js
+@@ -22,8 +22,8 @@ const TEST_CASES = {
+ };
+ 
+ if (!common.hasFipsCrypto) {
+-  TEST_CASES.Cipher = ['aes192', 'secret'];
+-  TEST_CASES.Decipher = ['aes192', 'secret'];
++  TEST_CASES.Cipher = ['aes-192-cbc', 'secret'];
++  TEST_CASES.Decipher = ['aes-192-cbc', 'secret'];
+   TEST_CASES.DiffieHellman = [256];
+ }
+ 
+diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
+index f51ffba042421a62aba455ec8aa786a444aed3fc..4a1338f1dab9832dcd9f98e1b82ec527d5813d44 100644
+--- a/test/parallel/test-crypto-dh.js
++++ b/test/parallel/test-crypto-dh.js
+@@ -41,7 +41,7 @@ for (const bits of [-1, 0, 1]) {
+   assert.throws(() => crypto.createDiffieHellman(bits), {
+     code: 'ERR_OSSL_BN_BITS_TOO_SMALL',
+     name: 'Error',
+-    message: /bits too small/,
++    message: /bits too small|BITS_TOO_SMALL/,
+   });
+ }
+ 
+@@ -56,7 +56,7 @@ for (const g of [-1, 1]) {
+   const ex = {
+     code: 'ERR_OSSL_DH_BAD_GENERATOR',
+     name: 'Error',
+-    message: /bad generator/,
++    message: /bad generator|BAD_GENERATOR/,
+   };
+   assert.throws(() => crypto.createDiffieHellman('abcdef', g), ex);
+   assert.throws(() => crypto.createDiffieHellman('abcdef', 'hex', g), ex);
+@@ -70,7 +70,7 @@ for (const g of [Buffer.from([]),
+   const ex = {
+     code: 'ERR_OSSL_DH_BAD_GENERATOR',
+     name: 'Error',
+-    message: /bad generator/,
++    message: /bad generator|BAD_GENERATOR/,
+   };
+   assert.throws(() => crypto.createDiffieHellman('abcdef', g), ex);
+   assert.throws(() => crypto.createDiffieHellman('abcdef', 'hex', g), ex);
+@@ -147,11 +147,10 @@ const secret4 = dh4.computeSecret(key2, 'hex', 'base64');
+ assert.strictEqual(secret1, secret4);
+ 
+ const wrongBlockLength = {
+-  message: 'error:0606506D:digital envelope' +
+-    ' routines:EVP_DecryptFinal_ex:wrong final block length',
+-  code: 'ERR_OSSL_EVP_WRONG_FINAL_BLOCK_LENGTH',
+-  library: 'digital envelope routines',
+-  reason: 'wrong final block length'
++  message: /error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length|error:1e00007b:Cipher functions:OPENSSL_internal:WRONG_FINAL_BLOCK_LENGTH/,
++  code: /ERR_OSSL_(EVP_)?WRONG_FINAL_BLOCK_LENGTH/,
++  library: /digital envelope routines|Cipher functions/,
++  reason: /wrong final block length|WRONG_FINAL_BLOCK_LENGTH/
+ };
+ 
+ // Run this one twice to make sure that the dh3 clears its error properly
+diff --git a/test/parallel/test-crypto-ecdh-convert-key.js b/test/parallel/test-crypto-ecdh-convert-key.js
+index 69ee339aa7a653a8f2b4523bf8b28f1b2254c705..93074a42f770fb4d26c609520fa4c72f520c0d1b 100644
+--- a/test/parallel/test-crypto-ecdh-convert-key.js
++++ b/test/parallel/test-crypto-ecdh-convert-key.js
+@@ -117,7 +117,7 @@ if (getCurves().includes('secp256k1')) {
+   // rather than Node's generic error message.
+   const badKey = 'f'.repeat(128);
+   assert.throws(
+-    () => ECDH.convertKey(badKey, 'secp256k1', 'hex', 'hex', 'compressed'),
++    () => ECDH.convertKey(badKey, 'secp521r1', 'hex', 'hex', 'compressed'),
+     /Failed to convert Buffer to EC_POINT/);
+ 
+   // Next statement should not throw an exception.
+diff --git a/test/parallel/test-crypto-hash-stream-pipe.js b/test/parallel/test-crypto-hash-stream-pipe.js
+index d22281abbd5c3cab3aaa3ac494301fa6b4a8a968..5f0c6a4aed2e868a1a1049212edf218791cd6868 100644
+--- a/test/parallel/test-crypto-hash-stream-pipe.js
++++ b/test/parallel/test-crypto-hash-stream-pipe.js
+@@ -30,11 +30,11 @@ const crypto = require('crypto');
+ 
+ const stream = require('stream');
+ const s = new stream.PassThrough();
+-const h = crypto.createHash('sha3-512');
+-const expect = '36a38a2a35e698974d4e5791a3f05b05' +
+-               '198235381e864f91a0e8cd6a26b677ec' +
+-               'dcde8e2b069bd7355fabd68abd6fc801' +
+-               '19659f25e92f8efc961ee3a7c815c758';
++const h = crypto.createHash('sha512');
++const expect = 'fba055c6fd0c5b6645407749ed7a8b41' +
++               'b8f629f2163c3ca3701d864adabda1f8' +
++               '93c37bf82b22fdd151ba8e357f611da4' +
++               '88a74b6a5525dd9b69554c6ce5138ad7';
+ 
+ s.pipe(h).on('data', common.mustCall(function(c) {
+   assert.strictEqual(c, expect);
+diff --git a/test/parallel/test-crypto-hash.js b/test/parallel/test-crypto-hash.js
+index f3f4df928c4bc49621a93a548927af67571ee766..b6189bcb96b65a25fa5272bb7d94c8588d6338da 100644
+--- a/test/parallel/test-crypto-hash.js
++++ b/test/parallel/test-crypto-hash.js
+@@ -184,6 +184,7 @@ assert.throws(
+ 
+ // Test XOF hash functions and the outputLength option.
+ {
++  /*
+   // Default outputLengths.
+   assert.strictEqual(crypto.createHash('shake128').digest('hex'),
+                      '7f9c2ba4e88f827d616045507605853e');
+@@ -238,6 +239,7 @@ assert.throws(
+   assert.strictEqual(superLongHash.length, 2 * 1024 * 1024);
+   assert.ok(superLongHash.endsWith('193414035ddba77bf7bba97981e656ec'));
+   assert.ok(superLongHash.startsWith('a2a28dbc49cfd6e5d6ceea3d03e77748'));
++  */
+ 
+   // Non-XOF hash functions should accept valid outputLength options as well.
+   assert.strictEqual(crypto.createHash('sha224', { outputLength: 28 })
+diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js
+index d3011db79d65b4e80d8a546e122e462951acef9f..0a47a2b658d0cd749b149532624aa5e75f28a0e4 100644
+--- a/test/parallel/test-crypto-key-objects.js
++++ b/test/parallel/test-crypto-key-objects.js
+@@ -212,11 +212,11 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+   assert.throws(() => {
+     createPrivateKey({ key: '' });
+   }, {
+-    message: 'error:2007E073:BIO routines:BIO_new_mem_buf:null parameter',
+-    code: 'ERR_OSSL_BIO_NULL_PARAMETER',
+-    reason: 'null parameter',
+-    library: 'BIO routines',
+-    function: 'BIO_new_mem_buf',
++    message: /error:2007E073:BIO routines:BIO_new_mem_buf:null parameter|error:0900006e:PEM routines:OPENSSL_internal:NO_START_LINE/,
++    code: /ERR_OSSL_BIO_NULL_PARAMETER|ERR_OSSL_PEM_NO_START_LINE/,
++    reason: /null parameter|NO_START_LINE/,
++    library: /BIO routines|PEM routines/,
++    function: /BIO_new_mem_buf|OPENSSL_internal/,
+   });
+ 
+   // This should not abort either: https://github.com/nodejs/node/issues/29904
+@@ -236,8 +236,8 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+     });
+     createPrivateKey({ key, format: 'der', type: 'pkcs1' });
+   }, {
+-    message: /asn1 encoding/,
+-    library: 'asn1 encoding routines'
++    message: /asn1 encoding|DECODE_ERROR/,
++    library: /asn1 encoding routines|public key routines/
+   });
+ }
+ 
+@@ -245,6 +245,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+   { private: fixtures.readKey('ed25519_private.pem', 'ascii'),
+     public: fixtures.readKey('ed25519_public.pem', 'ascii'),
+     keyType: 'ed25519' },
++  /*
+   { private: fixtures.readKey('ed448_private.pem', 'ascii'),
+     public: fixtures.readKey('ed448_public.pem', 'ascii'),
+     keyType: 'ed448' },
+@@ -254,6 +255,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+   { private: fixtures.readKey('x448_private.pem', 'ascii'),
+     public: fixtures.readKey('x448_public.pem', 'ascii'),
+     keyType: 'x448' },
++    */
+ ].forEach((info) => {
+   const keyType = info.keyType;
+ 
+@@ -304,7 +306,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+     format: 'pem',
+     passphrase: Buffer.alloc(1024, 'a')
+   }), {
+-    message: /bad decrypt/
++    message: /bad decrypt|BAD_DECRYPT/
+   });
+ 
+   const publicKey = createPublicKey(publicDsa);
+@@ -323,6 +325,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+ 
+ }
+ 
++/*
+ {
+   // Test RSA-PSS.
+   {
+@@ -461,6 +464,7 @@ const privateDsa = fixtures.readKey('dsa_private_encrypted_1025.pem',
+     }
+   }
+ }
++*/
+ 
+ {
+   // Exporting an encrypted private key requires a cipher
+diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js
+index 5da5715bcbd206864cb77ffc3dc8a7ef3303599b..8ec07d11c754e7acecee669dad93fa41efa7cadc 100644
+--- a/test/parallel/test-crypto-keygen.js
++++ b/test/parallel/test-crypto-keygen.js
+@@ -257,6 +257,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+   }));
+ }
+ 
++  /*
+ {
+   // Test RSA-PSS.
+   generateKeyPair('rsa-pss', {
+@@ -291,7 +292,9 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     testSignVerify(publicKey, privateKey);
+   }));
+ }
++*/
+ 
++  /*
+ {
+   const privateKeyEncoding = {
+     type: 'pkcs8',
+@@ -340,6 +343,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     });
+   }));
+ }
++*/
+ 
+ {
+   // Test async elliptic curve key generation, e.g. for ECDSA, with a SEC1
+@@ -364,6 +368,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     testSignVerify(publicKey, privateKey);
+   }));
+ 
++  /*
+   // Test async elliptic curve key generation, e.g. for ECDSA, with a SEC1
+   // private key with paramEncoding explicit.
+   generateKeyPair('ec', {
+@@ -385,6 +390,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+ 
+     testSignVerify(publicKey, privateKey);
+   }));
++  */
+ 
+   // Do the same with an encrypted private key.
+   generateKeyPair('ec', {
+@@ -416,6 +422,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     testSignVerify(publicKey, { key: privateKey, passphrase: 'secret' });
+   }));
+ 
++  /*
+   // Do the same with an encrypted private key with paramEncoding explicit.
+   generateKeyPair('ec', {
+     namedCurve: 'prime256v1',
+@@ -445,6 +452,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+ 
+     testSignVerify(publicKey, { key: privateKey, passphrase: 'secret' });
+   }));
++  */
+ }
+ 
+ {
+@@ -482,6 +490,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     });
+   }));
+ 
++  /*
+   // Test async elliptic curve key generation, e.g. for ECDSA, with an encrypted
+   // private key with paramEncoding explicit.
+   generateKeyPair('ec', {
+@@ -515,6 +524,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+       passphrase: 'top secret'
+     });
+   }));
++  */
+ }
+ 
+ // Test invalid parameter encoding.
+@@ -867,6 +877,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+   }
+ }
+ 
++  /*
+ // Test DSA parameters.
+ {
+   // Test invalid modulus lengths.
+@@ -898,6 +909,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     });
+   }
+ }
++*/
+ 
+ // Test EC parameters.
+ {
+@@ -938,7 +950,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+   }));
+ 
+   generateKeyPair('ec', {
+-    namedCurve: 'secp256k1',
++    namedCurve: 'secp521r1',
+     publicKeyEncoding: { type: 'spki', format: 'pem' },
+     privateKeyEncoding: { type: 'pkcs8', format: 'pem' }
+   }, common.mustSucceed((publicKey, privateKey) => {
+@@ -948,7 +960,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+ // Test EdDSA key generation.
+ {
+   if (!/^1\.1\.0/.test(process.versions.openssl)) {
+-    ['ed25519', 'ed448', 'x25519', 'x448'].forEach((keyType) => {
++    ['ed25519'/*, 'ed448', 'x25519', 'x448'*/].forEach((keyType) => {
+       generateKeyPair(keyType, common.mustSucceed((publicKey, privateKey) => {
+         assert.strictEqual(publicKey.type, 'public');
+         assert.strictEqual(publicKey.asymmetricKeyType, keyType);
+@@ -960,6 +972,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+   }
+ }
+ 
++/*
+ // Test classic Diffie-Hellman key generation.
+ {
+   generateKeyPair('dh', {
+@@ -1026,6 +1039,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher);
+     });
+   }
+ }
++*/
+ 
+ // Test invalid key encoding types.
+ {
+diff --git a/test/parallel/test-crypto-padding-aes256.js b/test/parallel/test-crypto-padding-aes256.js
+index 14d853bdfd0a5dcc5bdb6e00cb20fdbeaabd2aff..3ae6fc47d4c6a8296a2c3c70daf464fad886a88d 100644
+--- a/test/parallel/test-crypto-padding-aes256.js
++++ b/test/parallel/test-crypto-padding-aes256.js
+@@ -32,13 +32,13 @@ const key = Buffer.from('0123456789abcdef0123456789abcdef' +
+                         '0123456789abcdef0123456789abcdef', 'hex');
+ 
+ function encrypt(val, pad) {
+-  const c = crypto.createCipheriv('aes256', key, iv);
++  const c = crypto.createCipheriv('aes-256-cbc', key, iv);
+   c.setAutoPadding(pad);
+   return c.update(val, 'utf8', 'latin1') + c.final('latin1');
+ }
+ 
+ function decrypt(val, pad) {
+-  const c = crypto.createDecipheriv('aes256', key, iv);
++  const c = crypto.createDecipheriv('aes-256-cbc', key, iv);
+   c.setAutoPadding(pad);
+   return c.update(val, 'latin1', 'utf8') + c.final('utf8');
+ }
+diff --git a/test/parallel/test-crypto-padding.js b/test/parallel/test-crypto-padding.js
+index 909c014bd0f87a401096c1a55a3a362dc042cdd1..8496eb353b2a384db3f8ee1c0d01043387c1e2f9 100644
+--- a/test/parallel/test-crypto-padding.js
++++ b/test/parallel/test-crypto-padding.js
+@@ -83,10 +83,9 @@ assert.throws(function() {
+   // Input must have block length %.
+   enc(ODD_LENGTH_PLAIN, false);
+ }, {
+-  message: 'error:0607F08A:digital envelope routines:EVP_EncryptFinal_ex:' +
+-    'data not multiple of block length',
+-  code: 'ERR_OSSL_EVP_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH',
+-  reason: 'data not multiple of block length',
++  message: /error:0607F08A:digital envelope routines:EVP_EncryptFinal_ex:data not multiple of block length|error:1e00006a:Cipher functions:OPENSSL_internal:DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH/,
++  code: /ERR_OSSL(_EVP)?_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH/,
++  reason: /data not multiple of block length|DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH/,
+ });
+ 
+ assert.strictEqual(
+@@ -105,10 +104,9 @@ assert.throws(function() {
+   // Must have at least 1 byte of padding (PKCS):
+   assert.strictEqual(dec(EVEN_LENGTH_ENCRYPTED_NOPAD, true), EVEN_LENGTH_PLAIN);
+ }, {
+-  message: 'error:06065064:digital envelope routines:EVP_DecryptFinal_ex:' +
+-    'bad decrypt',
+-  reason: 'bad decrypt',
+-  code: 'ERR_OSSL_EVP_BAD_DECRYPT',
++  message: /error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt|error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT/,
++  reason: /bad decrypt|BAD_DECRYPT/,
++  code: /ERR_OSSL(_EVP)?_BAD_DECRYPT/,
+ });
+ 
+ // No-pad encrypted string should return the same:
+diff --git a/test/parallel/test-crypto-private-decrypt-gh32240.js b/test/parallel/test-crypto-private-decrypt-gh32240.js
+index 4b48774145a3f81367d30f1e2d20f3d98bb31d75..5d192d60447a2600861c6ecac9a46aca21821295 100644
+--- a/test/parallel/test-crypto-private-decrypt-gh32240.js
++++ b/test/parallel/test-crypto-private-decrypt-gh32240.js
+@@ -24,7 +24,7 @@ const pkeyEncrypted =
+   pair.privateKey.export({
+     type: 'pkcs1',
+     format: 'pem',
+-    cipher: 'aes128',
++    cipher: 'aes-128-cbc',
+     passphrase: 'secret',
+   });
+ 
+diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js
+index 9b8c3f67a242f2be4716918fbbce482a9befe22d..ce14d333fdf163bdb17b0a9a69571ee63ede3846 100644
+--- a/test/parallel/test-crypto-rsa-dsa.js
++++ b/test/parallel/test-crypto-rsa-dsa.js
+@@ -26,12 +26,11 @@ const rsaPkcs8KeyPem = fixtures.readKey('rsa_private_pkcs8.pem');
+ const dsaPkcs8KeyPem = fixtures.readKey('dsa_private_pkcs8.pem');
+ 
+ const decryptError = {
+-  message: 'error:06065064:digital envelope routines:EVP_DecryptFinal_ex:' +
+-    'bad decrypt',
+-  code: 'ERR_OSSL_EVP_BAD_DECRYPT',
+-  reason: 'bad decrypt',
+-  function: 'EVP_DecryptFinal_ex',
+-  library: 'digital envelope routines',
++  message: /error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt|error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT/,
++  code: /ERR_OSSL(_EVP)?_BAD_DECRYPT/,
++  reason: /bad decrypt|BAD_DECRYPT/,
++  function: /EVP_DecryptFinal_ex|OPENSSL_internal/,
++  library: /digital envelope routines|Cipher functions/,
+ };
+ 
+ // Test RSA encryption/decryption
+@@ -335,6 +334,7 @@ assert.throws(() => {
+ }
+ 
+ 
++/*
+ //
+ // Test DSA signing and verification
+ //
+@@ -409,3 +409,4 @@ const input = 'I AM THE WALRUS';
+ 
+   assert.strictEqual(verify.verify(dsaPubPem, signature, 'hex'), true);
+ }
++*/
+diff --git a/test/parallel/test-crypto-scrypt.js b/test/parallel/test-crypto-scrypt.js
+index 6c19dee23291bb1e0c1058a4b898b0a7af33f712..b7adf1d0cfba807ff8b40abb2904d234647948fa 100644
+--- a/test/parallel/test-crypto-scrypt.js
++++ b/test/parallel/test-crypto-scrypt.js
+@@ -156,9 +156,7 @@ for (const options of good) {
+ 
+ for (const options of bad) {
+   const expected = {
+-    code: 'ERR_CRYPTO_SCRYPT_INVALID_PARAMETER',
+-    message: 'Invalid scrypt parameter',
+-    name: 'Error',
++    message: /error:06000085:public key routines:OPENSSL_internal:INVALID_PARAMETERS|Invalid scrypt parameter/,
+   };
+   assert.throws(() => crypto.scrypt('pass', 'salt', 1, options, () => {}),
+                 expected);
+@@ -168,8 +166,8 @@ for (const options of bad) {
+ 
+ for (const options of toobig) {
+   const expected = {
+-    message: new RegExp('error:[^:]+:digital envelope routines:' +
+-                        '(?:EVP_PBE_scrypt|scrypt_alg):memory limit exceeded'),
++    message: new RegExp('error:[^:]+:(?:digital envelope routines|public key routines):' +
++                        '(?:EVP_PBE_scrypt|scrypt_alg|OPENSSL_internal):(?:memory limit exceeded|INVALID_PARAMETERS|MEMORY_LIMIT_EXCEEDED)'),
+     name: 'Error',
+   };
+   assert.throws(() => crypto.scrypt('pass', 'salt', 1, options, () => {}),
+diff --git a/test/parallel/test-crypto-sign-verify.js b/test/parallel/test-crypto-sign-verify.js
+index ff410dcf00fa6a8d27733422161fe7a99d0b296b..55251f9647816bd66a196654d5d5ad27b31de6c7 100644
+--- a/test/parallel/test-crypto-sign-verify.js
++++ b/test/parallel/test-crypto-sign-verify.js
+@@ -29,6 +29,7 @@ const keySize = 2048;
+                                      'instance when called without `new`');
+ }
+ 
++/*
+ // Test handling of exceptional conditions
+ {
+   const library = {
+@@ -67,6 +68,7 @@ const keySize = 2048;
+ 
+   delete Object.prototype.opensslErrorStack;
+ }
++*/
+ 
+ assert.throws(
+   () => crypto.createVerify('SHA256').verify({
+@@ -340,12 +342,14 @@ assert.throws(
+         padding: crypto.constants.RSA_PKCS1_OAEP_PADDING
+       });
+   }, {
+-    code: 'ERR_OSSL_RSA_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE',
+-    message: /illegal or unsupported padding mode/,
++    code: /^ERR_OSSL_(RSA|EVP)_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE$/,
++    message: /illegal or unsupported padding mode|ILLEGAL_OR_UNSUPPORTED_PADDING_MODE/,
++    /*
+     opensslErrorStack: [
+       'error:06089093:digital envelope routines:EVP_PKEY_CTX_ctrl:' +
+       'command not supported',
+     ],
++    */
+   });
+ }
+ 
+@@ -429,10 +433,12 @@ assert.throws(
+     public: fixtures.readKey('ed25519_public.pem', 'ascii'),
+     algo: null,
+     sigLen: 64 },
++  /*
+   { private: fixtures.readKey('ed448_private.pem', 'ascii'),
+     public: fixtures.readKey('ed448_public.pem', 'ascii'),
+     algo: null,
+     sigLen: 114 },
++    */
+   { private: fixtures.readKey('rsa_private_2048.pem', 'ascii'),
+     public: fixtures.readKey('rsa_public_2048.pem', 'ascii'),
+     algo: 'sha1',
+@@ -516,7 +522,7 @@ assert.throws(
+ 
+ {
+   const data = Buffer.from('Hello world');
+-  const keys = [['ec-key.pem', 64], ['dsa_private_1025.pem', 40]];
++  const keys = [['ec-key.pem', 64]/*, ['dsa_private_1025.pem', 40]*/];
+ 
+   for (const [file, length] of keys) {
+     const privKey = fixtures.readKey(file);
+diff --git a/test/parallel/test-crypto-stream.js b/test/parallel/test-crypto-stream.js
+index 2d005c89db3f09657469a73dca2d28eecae756e2..e2da39f3f87c557db43aa33cf3505e14dd3cc57c 100644
+--- a/test/parallel/test-crypto-stream.js
++++ b/test/parallel/test-crypto-stream.js
+@@ -72,10 +72,10 @@ const decipher = crypto.createDecipheriv('aes-128-cbc', badkey, iv);
+ 
+ cipher.pipe(decipher)
+   .on('error', common.expectsError({
+-    message: /bad decrypt/,
+-    function: 'EVP_DecryptFinal_ex',
+-    library: 'digital envelope routines',
+-    reason: 'bad decrypt',
++    message: /bad decrypt|BAD_DECRYPT/,
++    function: /EVP_DecryptFinal_ex|OPENSSL_internal/,
++    library: /digital envelope routines|Cipher functions/,
++    reason: /bad decrypt|BAD_DECRYPT/,
+   }));
+ 
+ cipher.end('Papaya!');  // Should not cause an unhandled exception.
+diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js
+index 6b72dbd21cd07dcd0c6fc01d36195b33aeb295a2..1729094574d1ee0321ad0118e3cf97d30cc598b6 100644
+--- a/test/parallel/test-crypto.js
++++ b/test/parallel/test-crypto.js
+@@ -67,7 +67,7 @@ assert.throws(() => {
+   // Throws general Error, so there is no opensslErrorStack property.
+   return err instanceof Error &&
+          err.name === 'Error' &&
+-         /^Error: mac verify failure$/.test(err) &&
++         (/^Error: (mac verify failure|INCORRECT_PASSWORD)$/.test(err)) &&
+          !('opensslErrorStack' in err);
+ });
+ 
+@@ -77,7 +77,7 @@ assert.throws(() => {
+   // Throws general Error, so there is no opensslErrorStack property.
+   return err instanceof Error &&
+          err.name === 'Error' &&
+-         /^Error: mac verify failure$/.test(err) &&
++         (/^Error: (mac verify failure|INCORRECT_PASSWORD)$/.test(err)) &&
+          !('opensslErrorStack' in err);
+ });
+ 
+@@ -87,7 +87,7 @@ assert.throws(() => {
+   // Throws general Error, so there is no opensslErrorStack property.
+   return err instanceof Error &&
+          err.name === 'Error' &&
+-         /^Error: not enough data$/.test(err) &&
++         /^Error: (not enough data|BAD_PKCS12_DATA)$/.test(err) &&
+          !('opensslErrorStack' in err);
+ });
+ 
+@@ -137,8 +137,6 @@ assert(crypto.getHashes().includes('sha1'));
+ assert(crypto.getHashes().includes('sha256'));
+ assert(!crypto.getHashes().includes('SHA1'));
+ assert(!crypto.getHashes().includes('SHA256'));
+-assert(crypto.getHashes().includes('RSA-SHA1'));
+-assert(!crypto.getHashes().includes('rsa-sha1'));
+ validateList(crypto.getHashes());
+ 
+ // Assume that we have at least secp384r1.
+@@ -172,7 +170,7 @@ const encodingError = {
+ // hex input that's not a power of two should throw, not assert in C++ land.
+ ['createCipher', 'createDecipher'].forEach((funcName) => {
+   assert.throws(
+-    () => crypto[funcName]('aes192', 'test').update('0', 'hex'),
++    () => crypto[funcName]('aes-192-cbc', 'test').update('0', 'hex'),
+     (error) => {
+       assert.ok(!('opensslErrorStack' in error));
+       if (common.hasFipsCrypto) {
+@@ -219,15 +217,16 @@ assert.throws(() => {
+   assert.ok(!('opensslErrorStack' in err));
+   assert.throws(() => { throw err; }, {
+     name: 'Error',
+-    message: /routines:RSA_sign:digest too big for rsa key$/,
+-    library: 'rsa routines',
+-    function: 'RSA_sign',
+-    reason: 'digest too big for rsa key',
++    message: /routines:RSA_sign:digest too big for rsa key$|routines:OPENSSL_internal:DIGEST_TOO_BIG_FOR_RSA_KEY$/,
++    library: /rsa routines|RSA routines/,
++    function: /RSA_sign|OPENSSL_internal/,
++    reason: /digest too big for rsa key|DIGEST_TOO_BIG_FOR_RSA_KEY/,
+     code: 'ERR_OSSL_RSA_DIGEST_TOO_BIG_FOR_RSA_KEY'
+   });
+   return true;
+ });
+ 
++/*
+ assert.throws(() => {
+   // The correct header inside `rsa_private_pkcs8_bad.pem` should have been
+   // -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY-----
+@@ -252,6 +251,7 @@ assert.throws(() => {
+   assert(err.opensslErrorStack.length > 0);
+   return true;
+ });
++*/
+ 
+ // Make sure memory isn't released before being returned
+ console.log(crypto.randomBytes(16));

patches/node/fix_parallel_test-crypto-ecdh-convert-key_to_use_compatible_group.patch

@@ -1,23 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Jeremy Rose <[email protected]>
-Date: Tue, 9 Feb 2021 11:59:08 -0800
-Subject: fix parallel/test-crypto-ecdh-convert-key to use compatible group
-
-This fixes a node crypto test to use an algorithm that's boringssl also
-supports.
-
-This should be upstreamed.
-
-diff --git a/test/parallel/test-crypto-ecdh-convert-key.js b/test/parallel/test-crypto-ecdh-convert-key.js
-index 69ee339aa7a653a8f2b4523bf8b28f1b2254c705..93074a42f770fb4d26c609520fa4c72f520c0d1b 100644
---- a/test/parallel/test-crypto-ecdh-convert-key.js
-+++ b/test/parallel/test-crypto-ecdh-convert-key.js
-@@ -117,7 +117,7 @@ if (getCurves().includes('secp256k1')) {
-   // rather than Node's generic error message.
-   const badKey = 'f'.repeat(128);
-   assert.throws(
--    () => ECDH.convertKey(badKey, 'secp256k1', 'hex', 'hex', 'compressed'),
-+    () => ECDH.convertKey(badKey, 'secp521r1', 'hex', 'hex', 'compressed'),
-     /Failed to convert Buffer to EC_POINT/);
- 
-   // Next statement should not throw an exception.

patches/node/fix_use_crypto_impls_for_compat.patch

@@ -8,7 +8,7 @@ by using the implementations of those functions as found in the OpenSSL repo.
 I plan to try and upstream a version of this.
 
 diff --git a/src/node_crypto.cc b/src/node_crypto.cc
-index 5e0c0fe3530de1f1801c45233613620b84c88140..91cb94d8dbe9db0adbee5e005649188e1ccbcbf9 100644
+index 3c9345fb46f65294b005102eafbaf60604a475f9..d7b6dbd85d6ef97370affde54bde4657f2413a06 100644
 --- a/src/node_crypto.cc
 +++ b/src/node_crypto.cc
 @@ -4571,7 +4571,7 @@ static unsigned int GetBytesOfRS(const ManagedEVPPKey& pkey) {

patches/node/revert_crypto_add_oaeplabel_option.patch

@@ -1,32 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Shelley Vohr <[email protected]>
-Date: Tue, 15 Oct 2019 11:30:27 -0700
-Subject: Revert "crypto: add oaepLabel option"
-
-This partially reverts https://github.com/nodejs/node/pull/29489.
-The BoringSSL incompatibilities (OPENSSL_memdup) will be shimmed in and this should
-be removed when the associated update is rolled into Chromium.
-
-diff --git a/src/node_crypto.cc b/src/node_crypto.cc
-index 3c9345fb46f65294b005102eafbaf60604a475f9..5e0c0fe3530de1f1801c45233613620b84c88140 100644
---- a/src/node_crypto.cc
-+++ b/src/node_crypto.cc
-@@ -5059,18 +5059,6 @@ bool PublicKeyCipher::Cipher(Environment* env,
-       return false;
-   }
- 
--  if (oaep_label_len != 0) {
--    // OpenSSL takes ownership of the label, so we need to create a copy.
--    void* label = OPENSSL_memdup(oaep_label, oaep_label_len);
--    CHECK_NOT_NULL(label);
--    if (0 >= EVP_PKEY_CTX_set0_rsa_oaep_label(ctx.get(),
--                reinterpret_cast<unsigned char*>(label),
--                                      oaep_label_len)) {
--      OPENSSL_free(label);
--      return false;
--    }
--  }
--
-   size_t out_len = 0;
-   if (EVP_PKEY_cipher(ctx.get(), nullptr, &out_len, data, len) <= 0)
-     return false;

script/node-disabled-tests.json

@@ -14,27 +14,12 @@
   "parallel/test-child-process-fork-exec-path",
   "parallel/test-cli-node-print-help",
   "parallel/test-code-cache",
-  "parallel/test-crypto",
   "parallel/test-crypto-aes-wrap",
-  "parallel/test-crypto-authenticated",
-  "parallel/test-crypto-binary-default",
   "parallel/test-crypto-certificate",
-  "parallel/test-crypto-cipher-decipher",
-  "parallel/test-crypto-cipheriv-decipheriv",
-  "parallel/test-crypto-classes",
   "parallel/test-crypto-des3-wrap",
-  "parallel/test-crypto-dh",
+  "parallel/test-crypto-dh-stateless",
   "parallel/test-crypto-ecb",
   "parallel/test-crypto-engine",
-  "parallel/test-crypto-hash-stream-pipe",
-  "parallel/test-crypto-key-objects",
-  "parallel/test-crypto-keygen",
-  "parallel/test-crypto-padding",
-  "parallel/test-crypto-padding-aes256",
-  "parallel/test-crypto-rsa-dsa",
-  "parallel/test-crypto-scrypt",
-  "parallel/test-crypto-sign-verify",
-  "parallel/test-crypto-stream",
   "parallel/test-debug-usage",
   "parallel/test-debugger-pid",
   "parallel/test-domain-abort-on-uncaught",