doc: ref OpenSSL legacy provider from crypto docs

This adds a link to the --openssl-legacy-provider flag to the "Support for weak or compromised algorithms" section. PR-URL: #40593 Refs: #40478 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Voltrex <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
nodejs · Nov 6, 2021 · 71bac70 · 71bac70
1 parent 8f41022
commit 71bac70
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/doc/api/crypto.md b/doc/api/crypto.md
@@ -5378,6 +5378,10 @@ Based on the recommendations of [NIST SP 800-131A][]:
 
 See the reference for other recommendations and details.
 
+Some algorithms that have known weaknesses and are of little relevance in
+practice are only available through the [legacy provider][], which is not
+enabled by default.
+
 ### CCM mode
 
 CCM is one of the supported [AEAD algorithms][]. Applications which use this
@@ -5912,6 +5916,7 @@ See the [list of SSL OP Flags][] for details.
 [certificate object]: tls.md#certificate-object
 [encoding]: buffer.md#buffers-and-character-encodings
 [initialization vector]: https://en.wikipedia.org/wiki/Initialization_vector
+[legacy provider]: cli.md#--openssl-legacy-provider
 [list of SSL OP Flags]: https://wiki.openssl.org/index.php/List_of_SSL_OP_Flags#Table_of_Options
 [modulo bias]: https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Modulo_bias
 [safe integers]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/isSafeInteger