crypto: forbid setting the PBKDF2 iter count to 0

RFC 2898 does not permit an iteration count of zero, and OpenSSL 1.1.1
will treat it as one iteration internally.

Future OpenSSL versions will reject such inputs (already on master
branch), but until that happens, Node.js should manually reject them.

Refs: https://github.com/nodejs/webcrypto/pull/29

PR-URL: https://github.com/nodejs/node/pull/30578
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>

1 files changed, 8 insertions, 0 deletions

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 6bf1dcea36..84b67ebdd3 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -2294,6 +2294,10 @@ console.log(hashes); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...]
 <!-- YAML
 added: v0.5.5
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/30578
+    description: The `iterations` parameter is now restricted to positive
+                 values. Earlier releases treated other values as one.
   - version: v8.0.0
     pr-url: https://github.com/nodejs/node/pull/11305
     description: The `digest` parameter is always required now.
@@ -2369,6 +2373,10 @@ negative performance implications for some applications; see the
 <!-- YAML
 added: v0.9.3
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/30578
+    description: The `iterations` parameter is now restricted to positive
+                 values. Earlier releases treated other values as one.
   - version: v6.0.0
     pr-url: https://github.com/nodejs/node/pull/4047
     description: Calling this function without passing the `digest` parameter