1'use strict'; 2 3const common = require('../common'); 4if (!common.hasCrypto) 5 common.skip('missing crypto'); 6 7if (common.isWindows) 8 common.skip('Not supported on Windows'); 9 10if (process.config.variables.asan) 11 common.skip('ASAN does not play well with secure heap allocations'); 12 13const assert = require('assert'); 14const { fork } = require('child_process'); 15const fixtures = require('../common/fixtures'); 16const { 17 secureHeapUsed, 18 createDiffieHellman, 19} = require('crypto'); 20 21if (process.argv[2] === 'child') { 22 23 const a = secureHeapUsed(); 24 25 assert(a); 26 assert.strictEqual(typeof a, 'object'); 27 assert.strictEqual(a.total, 65536); 28 assert.strictEqual(a.min, 4); 29 assert.strictEqual(a.used, 0); 30 31 { 32 const size = common.hasFipsCrypto || common.hasOpenSSL3 ? 1024 : 256; 33 const dh1 = createDiffieHellman(size); 34 const p1 = dh1.getPrime('buffer'); 35 const dh2 = createDiffieHellman(p1, 'buffer'); 36 const key1 = dh1.generateKeys(); 37 const key2 = dh2.generateKeys('hex'); 38 dh1.computeSecret(key2, 'hex', 'base64'); 39 dh2.computeSecret(key1, 'latin1', 'buffer'); 40 41 const b = secureHeapUsed(); 42 assert(b); 43 assert.strictEqual(typeof b, 'object'); 44 assert.strictEqual(b.total, 65536); 45 assert.strictEqual(b.min, 4); 46 // The amount used can vary on a number of factors 47 assert(b.used > 0); 48 assert(b.utilization > 0.0); 49 } 50 51 return; 52} 53 54const child = fork( 55 process.argv[1], 56 ['child'], 57 { execArgv: ['--secure-heap=65536', '--secure-heap-min=4'] }); 58 59child.on('exit', common.mustCall((code) => { 60 assert.strictEqual(code, 0); 61})); 62 63{ 64 const child = fork(fixtures.path('a.js'), { 65 execArgv: ['--secure-heap=3', '--secure-heap-min=3'], 66 stdio: 'pipe' 67 }); 68 let res = ''; 69 child.on('exit', common.mustCall((code) => { 70 assert.notStrictEqual(code, 0); 71 assert.match(res, /--secure-heap must be a power of 2/); 72 assert.match(res, /--secure-heap-min must be a power of 2/); 73 })); 74 child.stderr.setEncoding('utf8'); 75 child.stderr.on('data', (chunk) => res += chunk); 76} 77