node:crypto: split #2013 argument-validation parity tail

[andrewtdiz]

Summary

Split from #2013 after the fs validation reconciliation. The broad #2013 tracker named crypto as a historical stdlib validation cluster, but the current open crypto issues mostly cover manifest/export shape, KeyObject surface, algorithms, or behavior-specific gaps rather than a validation-only child.

This issue owns Node-compatible argument validation and error-code parity for the claimed node:crypto surface.

Local scope signals

Current curated crypto fixtures include validation/error coverage such as:

• test-parity/node-suite/crypto/random/arg-validation.ts
• test-parity/node-suite/crypto/random/random-fill-validation.ts
• test-parity/node-suite/crypto/random/random-int-range-validation.ts
• test-parity/node-suite/crypto/random/random-uuid-validation.ts
• test-parity/node-suite/crypto/timing/timing-safe-equal-validation.ts
• test-parity/node-suite/crypto/x509/invalid-constructor.ts
• test-parity/node-suite/crypto/hash/unknown-algorithm.ts
• test-parity/node-suite/crypto/hmac/unknown-algorithm.ts
• test-parity/node-suite/crypto/webcrypto/errors/*

Scope

Validate and, where needed, fix invalid argument behavior for supported crypto APIs, including random bytes/fill/int/UUID options, timingSafeEqual, hash/HMAC/cipher/sign/KDF constructors and update/finalization paths, X509 constructor validation, WebCrypto algorithm/key mismatch errors, and key-generation/key-object validation where covered.

Match Node's thrown or rejected error class and .code where applicable, including ERR_INVALID_ARG_TYPE, ERR_OUT_OF_RANGE, ERR_INVALID_ARG_VALUE, ERR_CRYPTO_*, and DOMException names used by WebCrypto.

Acceptance

• ./run_parity_tests.sh --suite node-suite --module crypto passes, or any remaining validation failures are split by exact fixture/API.
• Validation fixtures above produce Node-compatible error names/codes for covered invalid inputs.
• Existing crypto export-shape issues such as node:crypto: add implemented helper exports to the API manifest #2694, node:crypto: expose DiffieHellman constructor exports #2706, and KeyObject behavior node:crypto: expose KeyObject class, from(), and asymmetric toCryptoKey #2565 remain separate unless fixed in the same PR.
• stdlib doesn't throw Node arg-validation errors (ERR_INVALID_ARG_TYPE/EBADF/...) on bad input — ~85 tests across fs/buffer/net/http/crypto/zlib/process #2013 can reference this as the precise node:crypto validation child.

[proggeramlug]

Progress (v0.5.1059→next): the node:crypto constructor-export fixtures (hash/constructor-export, hmac/constructor-export, asymmetric/sign-verify-constructor-export) are now green — Hash/Hmac/Sign/Verify are exposed as named exports (PR incoming).

Remaining node:crypto node-suite failures (deeper, not plain arg-validation — recommend splitting):

• crypto/cipher/invalid-state-errors (output mismatch) — tracked by node:crypto: AES-GCM cipher state still diverges after invalid-state fix #3873 (AES-GCM state).
• crypto/webcrypto/errors/unwrap-aes-gcm-bad-tag (output mismatch).
• crypto/inventory/fips-api (compile error).
• crypto/prime/generate-check (compile error).

[proggeramlug]

Fixed in #4068 (v0.5.1099). crypto.getCipherInfo() is now exposed through the API manifest — its runtime implementation already existed; only the manifest row gating it (#463) was missing. Both node-suite fixtures (get-cipher-info, get-cipher-info-ecb-wrap) match Node byte-for-byte.

[andrewtdiz]

I am taking a focused current-main node:crypto FIPS callable-dispatch slice.

Planned scope: make the crypto.getFips callable export path used by named imports and detached method calls return Node’s default 0, matching the already-existing static crypto.getFips() lowering. This is surfaced by node-suite/crypto/inventory/fips-api.

Non-goals: enabling OpenSSL FIPS mode, broader crypto validation, WebCrypto algorithm work, and prime generation behavior.

[andrewtdiz]

Opened draft PR #4345 for the focused crypto.getFips callable-export dispatch slice: #4345

Scope:

• makes stdlib crypto native dispatch return 0 for getFips, matching Node’s default non-FIPS mode and the existing static crypto.getFips() lowering;
• covers the named-import/detached-call path with a focused unit test.

Validation:

• Node 26 oracle for node-suite/crypto/inventory/fips-api
• cargo test -p perry-stdlib crypto_native_dispatch_get_fips_matches_default_node_mode --lib -- --nocapture
• cargo fmt --all -- --check
• git diff --check
• ./scripts/check_file_size.sh

A warmed-target cargo build -p perry was attempted for an end-to-end Perry fixture run but was terminated by the environment before completion.

[andrewtdiz]

Opened draft PR #4345 for the focused crypto.getFips callable-dispatch slice:

#4345

Scope: direct crypto.getFips() already returned 0, but callable export dispatch for named/detached getFips was missing. The PR adds that dispatcher arm and a focused stdlib unit test.

Validation completed:

• Node 26 oracle for test-parity/node-suite/crypto/inventory/fips-api.ts
• direct Perry debug compile/run of the same fixture, matching Node output
• cargo test -p perry-stdlib crypto_native_dispatch_get_fips_matches_default_node_mode -- --nocapture
• cargo build -p perry -p perry-stdlib
• cargo build -p perry-runtime
• cargo fmt --all -- --check
• git diff --check
• ./scripts/check_file_size.sh