11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ci 31cb0ef41Sopenharmony_ciconst common = require('../common'); 41cb0ef41Sopenharmony_ciif (!common.hasCrypto) common.skip('missing crypto'); 51cb0ef41Sopenharmony_cicommon.requireNoPackageJSONAbove(); 61cb0ef41Sopenharmony_ci 71cb0ef41Sopenharmony_ciconst tmpdir = require('../common/tmpdir'); 81cb0ef41Sopenharmony_ciconst assert = require('assert'); 91cb0ef41Sopenharmony_ciconst { spawnSync } = require('child_process'); 101cb0ef41Sopenharmony_ciconst crypto = require('crypto'); 111cb0ef41Sopenharmony_ciconst fs = require('fs'); 121cb0ef41Sopenharmony_ciconst path = require('path'); 131cb0ef41Sopenharmony_ciconst { pathToFileURL } = require('url'); 141cb0ef41Sopenharmony_ci 151cb0ef41Sopenharmony_citmpdir.refresh(); 161cb0ef41Sopenharmony_ci 171cb0ef41Sopenharmony_cifunction hash(algo, body) { 181cb0ef41Sopenharmony_ci const h = crypto.createHash(algo); 191cb0ef41Sopenharmony_ci h.update(body); 201cb0ef41Sopenharmony_ci return h.digest('base64'); 211cb0ef41Sopenharmony_ci} 221cb0ef41Sopenharmony_ci 231cb0ef41Sopenharmony_ciconst tmpdirPath = path.join(tmpdir.path, 'test-policy-parse-integrity'); 241cb0ef41Sopenharmony_cifs.rmSync(tmpdirPath, { maxRetries: 3, recursive: true, force: true }); 251cb0ef41Sopenharmony_cifs.mkdirSync(tmpdirPath, { recursive: true }); 261cb0ef41Sopenharmony_ci 271cb0ef41Sopenharmony_ciconst policyFilepath = path.join(tmpdirPath, 'policy'); 281cb0ef41Sopenharmony_ci 291cb0ef41Sopenharmony_ciconst parentFilepath = path.join(tmpdirPath, 'parent.js'); 301cb0ef41Sopenharmony_ciconst parentBody = "require('./dep.js')"; 311cb0ef41Sopenharmony_ci 321cb0ef41Sopenharmony_ciconst depFilepath = path.join(tmpdirPath, 'dep.js'); 331cb0ef41Sopenharmony_ciconst depURL = pathToFileURL(depFilepath); 341cb0ef41Sopenharmony_ciconst depBody = ''; 351cb0ef41Sopenharmony_ci 361cb0ef41Sopenharmony_cifs.writeFileSync(parentFilepath, parentBody); 371cb0ef41Sopenharmony_cifs.writeFileSync(depFilepath, depBody); 381cb0ef41Sopenharmony_ci 391cb0ef41Sopenharmony_ciconst tmpdirURL = pathToFileURL(tmpdirPath); 401cb0ef41Sopenharmony_ciif (!tmpdirURL.pathname.endsWith('/')) { 411cb0ef41Sopenharmony_ci tmpdirURL.pathname += '/'; 421cb0ef41Sopenharmony_ci} 431cb0ef41Sopenharmony_ci 441cb0ef41Sopenharmony_ciconst packageFilepath = path.join(tmpdirPath, 'package.json'); 451cb0ef41Sopenharmony_ciconst packageURL = pathToFileURL(packageFilepath); 461cb0ef41Sopenharmony_ciconst packageBody = '{"main": "dep.js"}'; 471cb0ef41Sopenharmony_ci 481cb0ef41Sopenharmony_cifunction test({ shouldFail, integrity, manifest = {} }) { 491cb0ef41Sopenharmony_ci manifest.resources = {}; 501cb0ef41Sopenharmony_ci const resources = { 511cb0ef41Sopenharmony_ci [packageURL]: { 521cb0ef41Sopenharmony_ci body: packageBody, 531cb0ef41Sopenharmony_ci integrity: `sha256-${hash('sha256', packageBody)}` 541cb0ef41Sopenharmony_ci }, 551cb0ef41Sopenharmony_ci [depURL]: { 561cb0ef41Sopenharmony_ci body: depBody, 571cb0ef41Sopenharmony_ci integrity 581cb0ef41Sopenharmony_ci } 591cb0ef41Sopenharmony_ci }; 601cb0ef41Sopenharmony_ci for (const [url, { body, integrity }] of Object.entries(resources)) { 611cb0ef41Sopenharmony_ci manifest.resources[url] = { 621cb0ef41Sopenharmony_ci integrity, 631cb0ef41Sopenharmony_ci }; 641cb0ef41Sopenharmony_ci fs.writeFileSync(new URL(url, tmpdirURL.href), body); 651cb0ef41Sopenharmony_ci } 661cb0ef41Sopenharmony_ci fs.writeFileSync(policyFilepath, JSON.stringify(manifest, null, 2)); 671cb0ef41Sopenharmony_ci const { status } = spawnSync(process.execPath, [ 681cb0ef41Sopenharmony_ci '--experimental-policy', 691cb0ef41Sopenharmony_ci policyFilepath, 701cb0ef41Sopenharmony_ci depFilepath, 711cb0ef41Sopenharmony_ci ]); 721cb0ef41Sopenharmony_ci if (shouldFail) { 731cb0ef41Sopenharmony_ci assert.notStrictEqual(status, 0); 741cb0ef41Sopenharmony_ci } else { 751cb0ef41Sopenharmony_ci assert.strictEqual(status, 0); 761cb0ef41Sopenharmony_ci } 771cb0ef41Sopenharmony_ci} 781cb0ef41Sopenharmony_ci 791cb0ef41Sopenharmony_citest({ 801cb0ef41Sopenharmony_ci shouldFail: false, 811cb0ef41Sopenharmony_ci integrity: `sha256-${hash('sha256', depBody)}`, 821cb0ef41Sopenharmony_ci}); 831cb0ef41Sopenharmony_citest({ 841cb0ef41Sopenharmony_ci shouldFail: true, 851cb0ef41Sopenharmony_ci integrity: `1sha256-${hash('sha256', depBody)}`, 861cb0ef41Sopenharmony_ci}); 871cb0ef41Sopenharmony_citest({ 881cb0ef41Sopenharmony_ci shouldFail: true, 891cb0ef41Sopenharmony_ci integrity: 'hoge', 901cb0ef41Sopenharmony_ci}); 911cb0ef41Sopenharmony_citest({ 921cb0ef41Sopenharmony_ci shouldFail: true, 931cb0ef41Sopenharmony_ci integrity: `sha256-${hash('sha256', depBody)}sha256-${hash( 941cb0ef41Sopenharmony_ci 'sha256', 951cb0ef41Sopenharmony_ci depBody 961cb0ef41Sopenharmony_ci )}`, 971cb0ef41Sopenharmony_ci}); 981cb0ef41Sopenharmony_citest({ 991cb0ef41Sopenharmony_ci shouldFail: true, 1001cb0ef41Sopenharmony_ci integrity: `sha256-${hash('sha256', 'file:///')}`, 1011cb0ef41Sopenharmony_ci manifest: { 1021cb0ef41Sopenharmony_ci onerror: 'exit' 1031cb0ef41Sopenharmony_ci } 1041cb0ef41Sopenharmony_ci}); 1051cb0ef41Sopenharmony_citest({ 1061cb0ef41Sopenharmony_ci shouldFail: false, 1071cb0ef41Sopenharmony_ci integrity: `sha256-${hash('sha256', 'file:///')}`, 1081cb0ef41Sopenharmony_ci manifest: { 1091cb0ef41Sopenharmony_ci onerror: 'log' 1101cb0ef41Sopenharmony_ci } 1111cb0ef41Sopenharmony_ci}); 112