mirror of
https://github.com/nodejs/node.git
synced 2025-12-28 07:50:41 +00:00
761de815c5
Since `common/crypto` already exists, it makes sense to keep crypto-related utilities there. The only exception being common.hasCrypto which is needed up front to determine if tests should be skipped. Eliminate the redundant check in hasFipsCrypto and just use crypto.getFips() directly where needed. PR-URL: https://github.com/nodejs/node/pull/56714 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
41 lines
1.4 KiB
JavaScript
41 lines
1.4 KiB
JavaScript
'use strict';
|
|
|
|
const common = require('../common');
|
|
if (!common.hasCrypto)
|
|
common.skip('missing crypto');
|
|
|
|
const { hasOpenSSL3 } = require('../common/crypto');
|
|
|
|
if (!hasOpenSSL3)
|
|
common.skip('this test requires OpenSSL 3.x');
|
|
|
|
const assert = require('node:assert/strict');
|
|
const crypto = require('node:crypto');
|
|
|
|
if (common.isMainThread) {
|
|
// TODO(richardlau): Decide if `crypto.setFips` should error if the
|
|
// provider named "fips" is not available.
|
|
crypto.setFips(1);
|
|
crypto.randomBytes(20, common.mustCall((err) => {
|
|
// crypto.randomBytes should either succeed or fail but not hang.
|
|
if (err) {
|
|
assert.match(err.message, /digital envelope routines::unsupported/);
|
|
const expected = /random number generator::unable to fetch drbg/;
|
|
assert(err.opensslErrorStack.some((msg) => expected.test(msg)),
|
|
`did not find ${expected} in ${err.opensslErrorStack}`);
|
|
}
|
|
}));
|
|
}
|
|
|
|
{
|
|
// Startup test. Should not hang.
|
|
const { path } = require('../common/fixtures');
|
|
const { spawnSync } = require('node:child_process');
|
|
const baseConf = path('openssl3-conf', 'base_only.cnf');
|
|
const cp = spawnSync(process.execPath,
|
|
[ `--openssl-config=${baseConf}`, '-p', '"hello"' ],
|
|
{ encoding: 'utf8' });
|
|
assert(common.nodeProcessAborted(cp.status, cp.signal),
|
|
`process did not abort, code:${cp.status} signal:${cp.signal}`);
|
|
}
|