Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: do not allow to call setFips from the worker thread #43624

Merged
merged 1 commit into from Jul 8, 2022
Merged

crypto: do not allow to call setFips from the worker thread #43624

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
10 changes: 10 additions & 0 deletions lib/crypto.js
View file
Open in desktop
Expand Up @@ -37,6 +37,7 @@ assertCrypto();

const {
ERR_CRYPTO_FIPS_FORCED,
ERR_WORKER_UNSUPPORTED_OPERATION,
} = require('internal/errors').codes;
const constants = internalBinding('constants').crypto;
const { getOptionValue } = require('internal/options');
Expand Down Expand Up @@ -127,6 +128,12 @@ function lazyWebCrypto() {
return webcrypto;
}

let ownsProcessState;
function lazyOwnsProcessState() {
ownsProcessState ??= require('internal/worker').ownsProcessState;
return ownsProcessState;
}

// These helper functions are needed because the constructors can
// use new, in which case V8 cannot inline the recursive constructor call
function createHash(algorithm, options) {
Expand Down Expand Up @@ -250,6 +257,9 @@ function setFips(val) {
if (val) return;
throw new ERR_CRYPTO_FIPS_FORCED();
} else {
if (!lazyOwnsProcessState()) {
throw new ERR_WORKER_UNSUPPORTED_OPERATION('Calling crypto.setFips()');
}
setFipsCrypto(val);
}
}
Expand Down
3 changes: 1 addition & 2 deletions src/crypto/crypto_util.cc
View file
Open in desktop
Expand Up @@ -218,8 +218,7 @@ void SetFipsCrypto(const FunctionCallbackInfo<Value>& args) {

CHECK(!per_process::cli_options->force_fips_crypto);
Environment* env = Environment::GetCurrent(args);
// TODO(addaleax): This should not be possible to set from worker threads.
// CHECK(env->owns_process_state());
CHECK(env->owns_process_state());
bool enable = args[0]->BooleanValue(env->isolate());

#if OPENSSL_VERSION_MAJOR >= 3
Expand Down
8 changes: 8 additions & 0 deletions test/parallel/test-crypto-fips.js
View file
Open in desktop
Expand Up @@ -85,6 +85,14 @@ testHelper(
'require("crypto").getFips()',
{ ...process.env, 'OPENSSL_CONF': ' ' });

// Toggling fips with setFips should not be allowed from a worker thread
testHelper(
'stderr',
[],
'Calling crypto.setFips() is not supported in workers',
'new worker_threads.Worker(\'require("crypto").setFips(true);\', { eval: true })',
process.env);

// This should succeed for both FIPS and non-FIPS builds in combination with
// OpenSSL 1.1.1 or OpenSSL 3.0
const test_result = testFipsCrypto();
Expand Down