From 0d741981231a237c03311238a06eac1550a4c57a Mon Sep 17 00:00:00 2001 From: Evgenii Shchepotev Date: Sun, 26 May 2019 17:15:50 +0300 Subject: [PATCH] test: cover import of a *.node file with a policy manifest Cover import of a *.node file with a policy manifest. Add invalid integrity test case. PR-URL: https://github.com/nodejs/node/pull/27903 Reviewed-By: Anna Henningsen Reviewed-By: Rich Trott --- test/node-api/test_policy/binding.c | 17 +++++++ test/node-api/test_policy/binding.gyp | 8 +++ test/node-api/test_policy/test_policy.js | 65 ++++++++++++++++++++++++ 3 files changed, 90 insertions(+) create mode 100644 test/node-api/test_policy/binding.c create mode 100644 test/node-api/test_policy/binding.gyp create mode 100644 test/node-api/test_policy/test_policy.js diff --git a/test/node-api/test_policy/binding.c b/test/node-api/test_policy/binding.c new file mode 100644 index 00000000000000..b896da2cba4d84 --- /dev/null +++ b/test/node-api/test_policy/binding.c @@ -0,0 +1,17 @@ +#include +#include "../../js-native-api/common.h" +#include + +static napi_value Method(napi_env env, napi_callback_info info) { + napi_value world; + const char* str = "world"; + size_t str_len = strlen(str); + NAPI_CALL(env, napi_create_string_utf8(env, str, str_len, &world)); + return world; +} + +NAPI_MODULE_INIT() { + napi_property_descriptor desc = DECLARE_NAPI_PROPERTY("hello", Method); + NAPI_CALL(env, napi_define_properties(env, exports, 1, &desc)); + return exports; +} diff --git a/test/node-api/test_policy/binding.gyp b/test/node-api/test_policy/binding.gyp new file mode 100644 index 00000000000000..62381d5e54f22b --- /dev/null +++ b/test/node-api/test_policy/binding.gyp @@ -0,0 +1,8 @@ +{ + "targets": [ + { + "target_name": "binding", + "sources": [ "binding.c" ] + } + ] +} diff --git a/test/node-api/test_policy/test_policy.js b/test/node-api/test_policy/test_policy.js new file mode 100644 index 00000000000000..b3f477567e37ba --- /dev/null +++ b/test/node-api/test_policy/test_policy.js @@ -0,0 +1,65 @@ +'use strict'; +const common = require('../../common'); +if (!common.hasCrypto) + common.skip('missing crypto'); + +const assert = require('assert'); +const tmpdir = require('../../common/tmpdir'); +const { spawnSync } = require('child_process'); +const crypto = require('crypto'); +const fs = require('fs'); +const path = require('path'); +const { pathToFileURL } = require('url'); + +tmpdir.refresh(); + +function hash(algo, body) { + const h = crypto.createHash(algo); + h.update(body); + return h.digest('base64'); +} + +const policyFilepath = path.join(tmpdir.path, 'policy'); + +const depFilepath = require.resolve(`./build/${common.buildType}/binding.node`); +const depURL = pathToFileURL(depFilepath); + +const tmpdirURL = pathToFileURL(tmpdir.path); +if (!tmpdirURL.pathname.endsWith('/')) { + tmpdirURL.pathname += '/'; +} + +const depBody = fs.readFileSync(depURL); +function writePolicy(...resources) { + const manifest = { resources: {} }; + for (const { url, integrity } of resources) { + manifest.resources[url] = { integrity }; + } + fs.writeFileSync(policyFilepath, JSON.stringify(manifest, null, 2)); +} + + +function test(shouldFail, resources) { + writePolicy(...resources); + const { status, stdout, stderr } = spawnSync(process.execPath, [ + '--experimental-policy', + policyFilepath, + depFilepath + ]); + + console.log(stdout.toString(), stderr.toString()); + if (shouldFail) { + assert.notStrictEqual(status, 0); + } else { + assert.strictEqual(status, 0); + } +} + +test(false, [{ + url: depURL, + integrity: `sha256-${hash('sha256', depBody)}` +}]); +test(true, [{ + url: depURL, + integrity: `sha256akjsalkjdlaskjdk-${hash('sha256', depBody)}` +}]);