-
Notifications
You must be signed in to change notification settings - Fork 29.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
crypto: implement basic secure heap support
Adds two new command line arguments: * `--secure-heap=n`, which causes node.js to initialize an openssl secure heap of `n` bytes on openssl initialization. * `--secure-heap-min=n`, which specifies the minimum allocation from the secure heap. * A new method `crypto.secureHeapUsed()` that returns details about the total and used secure heap allocation. The secure heap is an openssl feature that allows certain kinds of potentially sensitive information (such as private key BigNums) to be allocated from a dedicated memory area that is protected against pointer over- and underruns. The secure heap is a fixed size, so it's important that users pick a large enough size to cover the crypto operations they intend to utilize. The secure heap is disabled by default. Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #36779 Refs: #36729 Reviewed-By: Tobias Nießen <tniessen@tnie.de>
- Loading branch information
1 parent
42aca13
commit 53cf996
Showing
10 changed files
with
211 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
'use strict'; | ||
|
||
const common = require('../common'); | ||
if (!common.hasCrypto) | ||
common.skip('missing crypto'); | ||
|
||
if (common.isWindows) | ||
common.skip('Not supported on Windows'); | ||
|
||
const assert = require('assert'); | ||
const { fork } = require('child_process'); | ||
const fixtures = require('../common/fixtures'); | ||
const { | ||
secureHeapUsed, | ||
createDiffieHellman, | ||
} = require('crypto'); | ||
|
||
if (process.argv[2] === 'child') { | ||
|
||
const a = secureHeapUsed(); | ||
|
||
assert(a); | ||
assert.strictEqual(typeof a, 'object'); | ||
assert.strictEqual(a.total, 65536); | ||
assert.strictEqual(a.min, 4); | ||
assert.strictEqual(a.used, 0); | ||
|
||
{ | ||
const dh1 = createDiffieHellman(common.hasFipsCrypto ? 1024 : 256); | ||
const p1 = dh1.getPrime('buffer'); | ||
const dh2 = createDiffieHellman(p1, 'buffer'); | ||
const key1 = dh1.generateKeys(); | ||
const key2 = dh2.generateKeys('hex'); | ||
dh1.computeSecret(key2, 'hex', 'base64'); | ||
dh2.computeSecret(key1, 'latin1', 'buffer'); | ||
|
||
const b = secureHeapUsed(); | ||
assert(b); | ||
assert.strictEqual(typeof b, 'object'); | ||
assert.strictEqual(b.total, 65536); | ||
assert.strictEqual(b.min, 4); | ||
// The amount used can vary on a number of factors | ||
assert(b.used > 0); | ||
assert(b.utilization > 0.0); | ||
} | ||
|
||
return; | ||
} | ||
|
||
const child = fork( | ||
process.argv[1], | ||
['child'], | ||
{ execArgv: ['--secure-heap=65536', '--secure-heap-min=4'] }); | ||
|
||
child.on('exit', common.mustCall((code) => { | ||
assert.strictEqual(code, 0); | ||
})); | ||
|
||
{ | ||
const child = fork(fixtures.path('a.js'), { | ||
execArgv: ['--secure-heap=3', '--secure-heap-min=3'], | ||
stdio: 'pipe' | ||
}); | ||
let res = ''; | ||
child.on('exit', common.mustCall((code) => { | ||
assert.notStrictEqual(code, 0); | ||
assert.match(res, /--secure-heap must be a power of 2/); | ||
assert.match(res, /--secure-heap-min must be a power of 2/); | ||
})); | ||
child.stderr.setEncoding('utf8'); | ||
child.stderr.on('data', (chunk) => res += chunk); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters