crypto: fix SHAKE128/256 breaking change introduced with OpenSSL 3.4

[panva]

Background:

• This bug surfaces when using linked OpenSSL >= 3.4
• OpenSSL removed default digest lengths for SHAKE128 and SHAKE256 in Set secure defaults for the SHAKE 128/256 digest output length. openssl/openssl#23877 (first appeared in 3.4)
• Before we had 3.5 in CI test: make test-crypto-hash compatible with OpenSSL > 3.4.0 #56160 skipped the tests that would break and let us know, @nodejs/crypto was not pinged there

This PR:

• Adds a --pending-deprecate doc-only deprecation for creating SHAKE128/256 digests without an explicit output length
• Reinstantes pre-3.4 defaults in crypto.createHash()
• Pushes shake128/256 digests from crypto.hash() through crypto.createHash().update().digest() until crypto: support outputLength option in crypto.hash for XOF functions #58121 gets on track

After this lands a semver-major PRs that contain breaking changes and should be released in the next major version. will follow with a runtime deprecation.

This will need backporting all the way back to 20.x

Reverts: #56160
Fixes: #56159
Fixes: #58913
Refs: #58121

Note: FWIW #56160 should not have landed. Any OpenSSL version-related test changes should only accomodate changes in codes, not behaviour.

[nodejs-github-bot]

Review requested:

• @nodejs/crypto

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/67797/

[codecov]

Codecov Report

Attention: Patch coverage is 75.55556% with 11 lines in your changes missing coverage. Please review.

Project coverage is 90.08%. Comparing base (ec41686) to head (68fb47c).
Report is 87 commits behind head on main.

Files with missing lines	Patch %	Lines
src/crypto/crypto_hash.cc	0.00%	9 Missing and 1 partial ⚠️
lib/internal/crypto/hash.js	96.77%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #58942      +/-   ##
==========================================
+ Coverage   90.07%   90.08%   +0.01%     
==========================================
  Files         640      640              
  Lines      188473   188516      +43     
  Branches    36972    36986      +14     
==========================================
+ Hits       169763   169830      +67     
+ Misses      11427    11392      -35     
- Partials     7283     7294      +11     

Files with missing lines	Coverage Δ
lib/internal/util.js	96.75% <100.00%> (-0.10%)	⬇️
lib/internal/crypto/hash.js	98.43% <96.77%> (-0.23%)	⬇️
src/crypto/crypto_hash.cc	70.56% <0.00%> (-2.45%)	⬇️

... and 30 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/67802/

[panva]

✅ [email protected] https://ci.nodejs.org/job/node-test-commit-linux-containered/nodes=ubuntu2204_sharedlibs_openssl111_x64/51512/
✅ [email protected] https://ci.nodejs.org/job/node-test-commit-linux-containered/nodes=ubuntu2204_sharedlibs_openssl35_x64/51512/

[panva]

Actually, this PR is backportable to 20.x as a fix, #58121 is a new feature in a Stability: 1.2 - Release candidate API that we don't have to backport to maintenance LTS.

I'll land this and update #58121 with the deprecation when this lands.

[nodejs-github-bot]

Landed in f5da8f8