mirror of
https://github.com/nodejs/node.git
synced 2024-11-21 10:59:27 +00:00
aac2dccf1c
Avoid an endless loop if no algorithm is available to seed the cryptographically secure pseudorandom number generator (CSPRNG). Co-authored-by: Anna Henningsen <anna@addaleax.net> PR-URL: https://github.com/nodejs/node/pull/46237 Fixes: https://github.com/nodejs/node/issues/46200 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
39 lines
1.3 KiB
JavaScript
39 lines
1.3 KiB
JavaScript
'use strict';
|
|
|
|
const common = require('../common');
|
|
if (!common.hasCrypto)
|
|
common.skip('missing crypto');
|
|
|
|
if (!common.hasOpenSSL3)
|
|
common.skip('this test requires OpenSSL 3.x');
|
|
|
|
const assert = require('node:assert/strict');
|
|
const crypto = require('node:crypto');
|
|
|
|
if (common.isMainThread) {
|
|
// TODO(richardlau): Decide if `crypto.setFips` should error if the
|
|
// provider named "fips" is not available.
|
|
crypto.setFips(1);
|
|
crypto.randomBytes(20, common.mustCall((err) => {
|
|
// crypto.randomBytes should either succeed or fail but not hang.
|
|
if (err) {
|
|
assert.match(err.message, /digital envelope routines::unsupported/);
|
|
const expected = /random number generator::unable to fetch drbg/;
|
|
assert(err.opensslErrorStack.some((msg) => expected.test(msg)),
|
|
`did not find ${expected} in ${err.opensslErrorStack}`);
|
|
}
|
|
}));
|
|
}
|
|
|
|
{
|
|
// Startup test. Should not hang.
|
|
const { path } = require('../common/fixtures');
|
|
const { spawnSync } = require('node:child_process');
|
|
const baseConf = path('openssl3-conf', 'base_only.cnf');
|
|
const cp = spawnSync(process.execPath,
|
|
[ `--openssl-config=${baseConf}`, '-p', '"hello"' ],
|
|
{ encoding: 'utf8' });
|
|
assert(common.nodeProcessAborted(cp.status, cp.signal),
|
|
`process did not abort, code:${cp.status} signal:${cp.signal}`);
|
|
}
|