crypto: disable ciphers not supported by EVP
OpenSSL lists certain ciphers as not conforming with the standard EVP AEAD interface and these ciphers should be avoided,
aes-128-cbc-hmac-sha1
aes-128-cbc-hmac-sha256
aes-256-cbc-hmac-sha1
aes-256-cbc-hmac-sha256
While experimenting with these, the cipher text produced by Node
for aes-128-cbc-hmac-sha1
does not differ from cipher text
produced by aes-128-cbc
meaning that the HMAC is not automatically
taken into account. Since there is no facility to set the HMAC key
in Node, it's best to have these disabled when using crypto.Cipher
as all usage is wrong by definition.
Fixes: https://github.com/nodejs/node/issues/43040 Reference: https://www.openssl.org/docs/man1.1.1/man3/EVP_aes_128_cbc_hmac_sha1.html