Skip to content

Commit a1653ac

Browse files
gribnoysupgribnoysup
authored
crypto: do not allow to call setFips from the worker thread
PR-URL: #43624 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
1 parent 1523a18 commit a1653ac

File tree

3 files changed

+19
-2
lines changed

3 files changed

+19
-2
lines changed

lib/crypto.js

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ assertCrypto();
3737

3838
const {
3939
ERR_CRYPTO_FIPS_FORCED,
40+
ERR_WORKER_UNSUPPORTED_OPERATION,
4041
} = require('internal/errors').codes;
4142
const constants = internalBinding('constants').crypto;
4243
const { getOptionValue } = require('internal/options');
@@ -127,6 +128,12 @@ function lazyWebCrypto() {
127128
return webcrypto;
128129
}
129130

131+
let ownsProcessState;
132+
function lazyOwnsProcessState() {
133+
ownsProcessState ??= require('internal/worker').ownsProcessState;
134+
return ownsProcessState;
135+
}
136+
130137
// These helper functions are needed because the constructors can
131138
// use new, in which case V8 cannot inline the recursive constructor call
132139
function createHash(algorithm, options) {
@@ -250,6 +257,9 @@ function setFips(val) {
250257
if (val) return;
251258
throw new ERR_CRYPTO_FIPS_FORCED();
252259
} else {
260+
if (!lazyOwnsProcessState()) {
261+
throw new ERR_WORKER_UNSUPPORTED_OPERATION('Calling crypto.setFips()');
262+
}
253263
setFipsCrypto(val);
254264
}
255265
}

src/crypto/crypto_util.cc

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -218,8 +218,7 @@ void SetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
218218

219219
CHECK(!per_process::cli_options->force_fips_crypto);
220220
Environment* env = Environment::GetCurrent(args);
221-
// TODO(addaleax): This should not be possible to set from worker threads.
222-
// CHECK(env->owns_process_state());
221+
CHECK(env->owns_process_state());
223222
bool enable = args[0]->BooleanValue(env->isolate());
224223

225224
#if OPENSSL_VERSION_MAJOR >= 3

test/parallel/test-crypto-fips.js

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,6 +85,14 @@ testHelper(
8585
'require("crypto").getFips()',
8686
{ ...process.env, 'OPENSSL_CONF': ' ' });
8787

88+
// Toggling fips with setFips should not be allowed from a worker thread
89+
testHelper(
90+
'stderr',
91+
[],
92+
'Calling crypto.setFips() is not supported in workers',
93+
'new worker_threads.Worker(\'require("crypto").setFips(true);\', { eval: true })',
94+
process.env);
95+
8896
// This should succeed for both FIPS and non-FIPS builds in combination with
8997
// OpenSSL 1.1.1 or OpenSSL 3.0
9098
const test_result = testFipsCrypto();

0 commit comments

Comments
 (0)