Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test: test hmac binding robustness #10923

Merged
merged 1 commit into from
Jan 23, 2017

Conversation

sam-github
Copy link
Contributor

@sam-github sam-github commented Jan 20, 2017

The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • commit message follows commit guidelines
Affected core subsystem(s)

test

@nodejs-github-bot nodejs-github-bot added test Issues and PRs related to the tests. dont-land-on-v7.x labels Jan 20, 2017
@@ -8,6 +8,14 @@ if (!common.hasCrypto) {
}
const crypto = require('crypto');

// Test for binding layer robustness
const binding = process.binding('crypto');
(() => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of an IIFE, can you just create a new block scope.

(() => {
const h = new binding.Hmac();
// Fail to init the Hmac with an algorithm.
assert.throws(() => h.update('hello'), TypeError);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We've been moving toward using a regular expression as the final argument to assert.throws(). It would look something like /^TypeError: whatever the error message is$/.

@sam-github sam-github added the crypto Issues and PRs related to the crypto subsystem. label Jan 20, 2017
@sam-github
Copy link
Contributor Author

@cjihrig PTAL

Copy link
Member

@Trott Trott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM if CI is green.

{
const binding = process.binding('crypto');
const h = new binding.Hmac();
// Fail to init the Hmac with an algorithm.
Copy link
Member

@Trott Trott Jan 20, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: It took me a little bit to realize this comment was saying "We fail to init the Hmac with an algorithm, so an attempt to update should throw." I read it as "We're going to fail (that is: throw) when we try to init the Hmac with an algorithm" and I was all like, "What? I do not understand this test. There's no algorithm specified at all!"

Maybe expand the comment a bit to something like: "Hmac.update() should throw if Hmac has not been initialized with an algorithm" or something like that?

The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: nodejs#10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@sam-github sam-github merged commit b4b37e8 into nodejs:master Jan 23, 2017
@sam-github sam-github deleted the test-hmac-binding branch January 23, 2017 21:02
italoacasas pushed a commit to italoacasas/node that referenced this pull request Jan 26, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: nodejs#10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request Jan 27, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: nodejs#10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@italoacasas italoacasas mentioned this pull request Jan 29, 2017
italoacasas pushed a commit to italoacasas/node that referenced this pull request Jan 30, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: nodejs#10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request Jan 30, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: nodejs#10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 8, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: #10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 8, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: #10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request Mar 9, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: #10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@MylesBorins MylesBorins mentioned this pull request Mar 9, 2017
MylesBorins pushed a commit that referenced this pull request Mar 9, 2017
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).

PR-URL: #10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@MylesBorins MylesBorins mentioned this pull request Mar 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
crypto Issues and PRs related to the crypto subsystem. test Issues and PRs related to the tests.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants