Node: workers, crypto: passing KeyObject as workerData crashes

Ok... yeah, it's what I suspected... KeyObjectHandle::Create() depends on env->crypto_key_object_handle_constructor() being set, which it is not until internalBinding('crypto') is called... so when the attempt is made to deserialize the KeyObject in the Worker, we get a crash.

I added a CHECK to verify in my local branch:

./node[21545]: ../src/crypto/crypto_keys.cc:863:static v8::MaybeLocal<v8::Object> node::crypto::KeyObjectHandle::Create(node::Environment*, std::shared_ptr<node::crypto::KeyObjectData>): Assertion `!env->crypto_key_object_handle_constructor().IsEmpty()' failed.
 1: 0x55a2986f0c80 node::Abort() [./node]
 2: 0x55a2986f0d14  [./node]
 3: 0x55a2988acc3c node::crypto::KeyObjectHandle::Create(node::Environment*, std::shared_ptr<node::crypto::KeyObjectData>) [./node]
 4: 0x55a2988aee01 node::crypto::NativeKeyObject::KeyObjectTransferData::Deserialize(node::Environment*, v8::Local<v8::Context>, std::unique_ptr<node::worker::TransferData, std::default_delete<node::worker::TransferData> >) [./node]
 5: 0x55a29873b130 node::worker::Message::Deserialize(node::Environment*, v8::Local<v8::Context>) [./node]
 6: 0x55a298740335 node::worker::MessagePort::ReceiveMessage(v8::Local<v8::Context>, bool) [./node]
 7: 0x55a2987408b8 node::worker::MessagePort::OnMessage() [./node]
 8: 0x55a299234736  [./node]
 9: 0x55a299248df4  [./node]
10: 0x55a29923506a uv_run [./node]
11: 0x55a2987c8336 node::worker::Worker::Run() [./node]
12: 0x55a2987c8707  [./node]
13: 0x7fba8b6af6db  [/lib/x86_64-linux-gnu/libpthread.so.0]
14: 0x7fba8b3d1a3f clone [/lib/x86_64-linux-gnu/libc.so.6]
Aborted (core dumped)

We could probably make KeyObjectHandle::Initialize() in node_crypto.cc do something like we do in GetMessagePortConstructorTemplate() in node_messaging.cc, where we create the FunctionTemplate only once, and then afterwards return the cached value.

I’ve marked this good first issue, but if you want to pick this up, you’ll probably want to know some C++ and maybe also be a bit familiar with the V8 API (if you are not, https://github.com/nodejs/node/blob/master/src/README.md has some overview over the concepts involved here).

I was going to work up the fix this next week as part of #35093 but if someone wants to pick it up, feel free!

@addaleax @jasnell I want to pick it up. As a starter how much c++ should i know be knowing to tackle this issue?

Edit: I am going through the relevant details from https://github.com/nodejs/node/blob/master/src/README.md and i will try to work on it.

Thanks

@ThakurKarthik I don’t think it requires a deep knowledge of the language, but some basic understanding would be helpful.

Fwiw, the relevant parts of the code base are:

https://github.com/nodejs/node/blob/a8971f87d3573ac247110e6afde0dc475fe21264/src/node_crypto.cc#L3268-L3288

https://github.com/nodejs/node/blob/a8971f87d3573ac247110e6afde0dc475fe21264/src/node_crypto.cc#L6953-L6954

And this is how we’ve solved this for the MessagePort case, another situation where the same problem occurred:

https://github.com/nodejs/node/blob/a8971f87d3573ac247110e6afde0dc475fe21264/src/node_messaging.cc#L1076-L1094

Thanks @addaleax for the pointers

Hi @addaleax with your reference I made these changes and ran ./configure && make -j4 test it was successful .
But running this code still showing error.

./out/Release/node test.js
Hello world 123 true
Segmentation fault (core dumped)

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 05da3af09c..8ef2adebeb 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -3265,8 +3265,11 @@ size_t KeyObjectData::GetSymmetricKeySize() const {
   return symmetric_key_len_;
 }

-Local<Function> KeyObjectHandle::Initialize(Environment* env,
-                                            Local<Object> target) {
+Local<Function> KeyObjectHandle::Initialize(Environment* env) {
+  Local<Function> templ = env->crypto_key_object_handle_constructor();
+  if (!templ.IsEmpty()) {
+    return templ;
+  }
   Local<FunctionTemplate> t = env->NewFunctionTemplate(New);
   t->InstanceTemplate()->SetInternalFieldCount(
       KeyObjectHandle::kInternalFieldCount);
@@ -3280,20 +3283,16 @@ Local<Function> KeyObjectHandle::Initialize(Environment* env,
   env->SetProtoMethod(t, "export", Export);

   auto function = t->GetFunction(env->context()).ToLocalChecked();
-  target->Set(env->context(),
-              FIXED_ONE_BYTE_STRING(env->isolate(), "KeyObjectHandle"),
-              function).Check();
-
-  return function;
+  env->set_crypto_key_object_handle_constructor(function);
+  return KeyObjectHandle::Initialize(env);
 }

 MaybeLocal<Object> KeyObjectHandle::Create(
     Environment* env,
     std::shared_ptr<KeyObjectData> data) {
   Local<Object> obj;
-  if (!env->crypto_key_object_handle_constructor()
-           ->NewInstance(env->context(), 0, nullptr)
-           .ToLocal(&obj)) {
+  Local<Function> fctun = KeyObjectHandle::Initialize(env);
+  if (!fctun->NewInstance(env->context(), 0, nullptr).ToLocal(&obj)) {
     return MaybeLocal<Object>();
   }

@@ -6950,8 +6949,9 @@ void Initialize(Local<Object> target,

   Environment* env = Environment::GetCurrent(context);
   SecureContext::Initialize(env, target);
-  env->set_crypto_key_object_handle_constructor(
-      KeyObjectHandle::Initialize(env, target));
+  target->Set(env->context(),
+            FIXED_ONE_BYTE_STRING(env->isolate(), "KeyObjectHandle"),
+            KeyObjectHandle::Initialize(env)).Check();
   env->SetMethod(target, "createNativeKeyObjectClass",
                  CreateNativeKeyObjectClass);
   CipherBase::Initialize(env, target);
diff --git a/src/node_crypto.h b/src/node_crypto.h
index 63468e4f18..8f78103560 100644
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@@ -447,8 +447,7 @@ class KeyObjectData {

 class KeyObjectHandle : public BaseObject {
  public:
-  static v8::Local<v8::Function> Initialize(Environment* env,
-                                            v8::Local<v8::Object> target);
+  static v8::Local<v8::Function> Initialize(Environment* env);

   static v8::MaybeLocal<v8::Object> Create(Environment* env,
                                            std::shared_ptr<KeyObjectData> data);



md5-d12f5f2d90a8b84c5c0039c1a279dd79



./configure --debug
make -j4

Can you guide me how to proceed further ?
Thanks

@ThakurKarthik

For some reason i am not able to generate the debug build.

It’s hard to tell without further information, but the only reason that I know of why this might not work is that debug builds take up a lot more memory and disk space. In this case, using ./configure --debug-node instead of ./configure --debug might be more helpful anyway, because you only want to debug the Node.js part, not dependencies like V8 (I assume).

Hi @addaleax I was able to generate the debug build with --debug-node and used gdb, the ouput is similar to what @jasnell has posted earlier. I tried debugging step by step
I can see env->crypto_key_object_handle_constructor() is defined and giving some value when printed but i think this is
key_ctor = env->crypto_key_object_secret_constructor(); undefined. It is set inside this function CreateNativeKeyObjectClass. So maybe i need to call this inside Deserialize method.
You can see the different variables i printed in this screenshot

@ThakurKarthik Oh, right, that’s … unfortunate, sorry

It is set inside this function CreateNativeKeyObjectClass. So maybe i need to call this inside Deserialize method.

That’s probably the best approach here – the function is called from lib/internal/crypto/keys.js. I think you should be able to load that via env->native_module_require()->Call(context, Null(isolate), 1, &arg)) where arg is FIXED_ONE_BYTE_STRING(isolate, "internal/crypto/keys"), maybe you could try that? (It’s basically the C++ equivalent of writing require('internal/crypto/keys'))