diff options
author | Bradley Farias <bradley.meck@gmail.com> | 2019-06-05 13:33:07 -0500 |
---|---|---|
committer | Michaƫl Zasso <targos@protonmail.com> | 2019-07-22 21:20:42 +0200 |
commit | 2eeb44f3facb58dacbcb2f270d4f169a2c81ee08 (patch) | |
tree | cb3ecdb07852362d181312eb6ffd204d86199b09 /lib/internal/bootstrap/pre_execution.js | |
parent | cf811ecd47cf2c4f5bec2b27577c6d414842b703 (diff) | |
download | android-node-v8-2eeb44f3facb58dacbcb2f270d4f169a2c81ee08.tar.gz android-node-v8-2eeb44f3facb58dacbcb2f270d4f169a2c81ee08.tar.bz2 android-node-v8-2eeb44f3facb58dacbcb2f270d4f169a2c81ee08.zip |
policy: add policy-integrity to mitigate policy tampering
PR-URL: https://github.com/nodejs/node/pull/28734
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Diffstat (limited to 'lib/internal/bootstrap/pre_execution.js')
-rw-r--r-- | lib/internal/bootstrap/pre_execution.js | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js index bbb0786dcd..104ebaff32 100644 --- a/lib/internal/bootstrap/pre_execution.js +++ b/lib/internal/bootstrap/pre_execution.js @@ -4,6 +4,7 @@ const { Object, SafeWeakMap } = primordials; const { getOptionValue } = require('internal/options'); const { Buffer } = require('buffer'); +const { ERR_MANIFEST_ASSERT_INTEGRITY } = require('internal/errors').codes; function prepareMainThreadExecution(expandArgv1 = false) { // Patch the process object with legacy properties and normalizations @@ -332,6 +333,32 @@ function initializePolicy() { } const fs = require('fs'); const src = fs.readFileSync(manifestURL, 'utf8'); + const experimentalPolicyIntegrity = getOptionValue('--policy-integrity'); + if (experimentalPolicyIntegrity) { + const SRI = require('internal/policy/sri'); + const { createHash, timingSafeEqual } = require('crypto'); + const realIntegrities = new Map(); + const integrityEntries = SRI.parse(experimentalPolicyIntegrity); + let foundMatch = false; + for (var i = 0; i < integrityEntries.length; i++) { + const { + algorithm, + value: expected + } = integrityEntries[i]; + const hash = createHash(algorithm); + hash.update(src); + const digest = hash.digest(); + if (digest.length === expected.length && + timingSafeEqual(digest, expected)) { + foundMatch = true; + break; + } + realIntegrities.set(algorithm, digest.toString('base64')); + } + if (!foundMatch) { + throw new ERR_MANIFEST_ASSERT_INTEGRITY(manifestURL, realIntegrities); + } + } require('internal/process/policy') .setup(src, manifestURL.href); } |