diff options
author | Tobias Nießen <tniessen@tnie.de> | 2019-11-21 11:00:03 -0400 |
---|---|---|
committer | Anna Henningsen <anna@addaleax.net> | 2019-11-28 00:36:36 +0100 |
commit | 10f5fa75136b540487730b5c1852ea6ad795bb96 (patch) | |
tree | 43b9bb9fd6c82e14470bb26d56ec9c03bef80ba3 /doc | |
parent | 74f819612f1e9a061bf5b12c419e0e9ac00652d6 (diff) | |
download | android-node-v8-10f5fa75136b540487730b5c1852ea6ad795bb96.tar.gz android-node-v8-10f5fa75136b540487730b5c1852ea6ad795bb96.tar.bz2 android-node-v8-10f5fa75136b540487730b5c1852ea6ad795bb96.zip |
crypto: forbid setting the PBKDF2 iter count to 0
RFC 2898 does not permit an iteration count of zero, and OpenSSL 1.1.1
will treat it as one iteration internally.
Future OpenSSL versions will reject such inputs (already on master
branch), but until that happens, Node.js should manually reject them.
Refs: https://github.com/nodejs/webcrypto/pull/29
PR-URL: https://github.com/nodejs/node/pull/30578
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/api/crypto.md | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/doc/api/crypto.md b/doc/api/crypto.md index 6bf1dcea36..84b67ebdd3 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -2294,6 +2294,10 @@ console.log(hashes); // ['DSA', 'DSA-SHA', 'DSA-SHA1', ...] <!-- YAML added: v0.5.5 changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/30578 + description: The `iterations` parameter is now restricted to positive + values. Earlier releases treated other values as one. - version: v8.0.0 pr-url: https://github.com/nodejs/node/pull/11305 description: The `digest` parameter is always required now. @@ -2369,6 +2373,10 @@ negative performance implications for some applications; see the <!-- YAML added: v0.9.3 changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/30578 + description: The `iterations` parameter is now restricted to positive + values. Earlier releases treated other values as one. - version: v6.0.0 pr-url: https://github.com/nodejs/node/pull/4047 description: Calling this function without passing the `digest` parameter |