crypto: upgrade pbkdf2 without digest to an error

Commit a1163582 added a deprecation warning when pbkdf2 was called without an
explicit `digest` argument. This was because the default digest is `sha1`,
which is not-recommended from a security point of view. This upgrades it
to a runtime error when `digest` is undefined per the plan discussed in
the original issue.

Ref: https://github.com/nodejs/node/commit/a1163582c53dc6e00f3680084269600913b1cad2

PR-URL: https://github.com/nodejs/node/pull/11305
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>

1 files changed, 6 insertions, 10 deletions

diff --git a/lib/crypto.js b/lib/crypto.js
index 2d4695dc97..da381463fd 100644
--- a/lib/crypto.js
+++ b/lib/crypto.js
@@ -537,11 +537,6 @@ ECDH.prototype.getPublicKey = function getPublicKey(encoding, format) {
 };
 
 
-const pbkdf2DeprecationWarning =
-    internalUtil.deprecate(() => {}, 'crypto.pbkdf2 without specifying' +
-      ' a digest is deprecated. Please specify a digest', 'DEP0009');
-
-
 exports.pbkdf2 = function(password,
                           salt,
                           iterations,
@@ -551,7 +546,6 @@ exports.pbkdf2 = function(password,
   if (typeof digest === 'function') {
     callback = digest;
     digest = undefined;
-    pbkdf2DeprecationWarning();
   }
 
   if (typeof callback !== 'function')
@@ -562,15 +556,17 @@ exports.pbkdf2 = function(password,
 
 
 exports.pbkdf2Sync = function(password, salt, iterations, keylen, digest) {
-  if (typeof digest === 'undefined') {
-    digest = undefined;
-    pbkdf2DeprecationWarning();
-  }
   return pbkdf2(password, salt, iterations, keylen, digest);
 };
 
 
 function pbkdf2(password, salt, iterations, keylen, digest, callback) {
+
+  if (digest === undefined) {
+    throw new TypeError(
+        'The "digest" argument is required and must not be undefined');
+  }
+
   password = toBuf(password);
   salt = toBuf(salt);