diff options
author | Bradley Farias <bradley.meck@gmail.com> | 2019-06-05 13:33:07 -0500 |
---|---|---|
committer | Rich Trott <rtrott@gmail.com> | 2019-07-20 13:24:58 -0700 |
commit | 6c288a704453ec7319928495efd0d3c482bcf754 (patch) | |
tree | 45793ed29535a70e9af1511111b47ac35702bb4f /lib/internal/bootstrap | |
parent | 0df3ea09faccd04dc0f0c3022e970e60403b9a6b (diff) | |
download | android-node-v8-6c288a704453ec7319928495efd0d3c482bcf754.tar.gz android-node-v8-6c288a704453ec7319928495efd0d3c482bcf754.tar.bz2 android-node-v8-6c288a704453ec7319928495efd0d3c482bcf754.zip |
policy: add policy-integrity to mitigate policy tampering
PR-URL: https://github.com/nodejs/node/pull/28734
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Diffstat (limited to 'lib/internal/bootstrap')
-rw-r--r-- | lib/internal/bootstrap/pre_execution.js | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js index e9571a89a6..1948c4e29e 100644 --- a/lib/internal/bootstrap/pre_execution.js +++ b/lib/internal/bootstrap/pre_execution.js @@ -4,6 +4,7 @@ const { Object, SafeWeakMap } = primordials; const { getOptionValue } = require('internal/options'); const { Buffer } = require('buffer'); +const { ERR_MANIFEST_ASSERT_INTEGRITY } = require('internal/errors').codes; function prepareMainThreadExecution(expandArgv1 = false) { // Patch the process object with legacy properties and normalizations @@ -332,6 +333,32 @@ function initializePolicy() { } const fs = require('fs'); const src = fs.readFileSync(manifestURL, 'utf8'); + const experimentalPolicyIntegrity = getOptionValue('--policy-integrity'); + if (experimentalPolicyIntegrity) { + const SRI = require('internal/policy/sri'); + const { createHash, timingSafeEqual } = require('crypto'); + const realIntegrities = new Map(); + const integrityEntries = SRI.parse(experimentalPolicyIntegrity); + let foundMatch = false; + for (var i = 0; i < integrityEntries.length; i++) { + const { + algorithm, + value: expected + } = integrityEntries[i]; + const hash = createHash(algorithm); + hash.update(src); + const digest = hash.digest(); + if (digest.length === expected.length && + timingSafeEqual(digest, expected)) { + foundMatch = true; + break; + } + realIntegrities.set(algorithm, digest.toString('base64')); + } + if (!foundMatch) { + throw new ERR_MANIFEST_ASSERT_INTEGRITY(manifestURL, realIntegrities); + } + } require('internal/process/policy') .setup(src, manifestURL.href); } |