diff options
author | Johann <git@johann-hofmann.com> | 2015-09-23 18:42:20 +0200 |
---|---|---|
committer | Sakthipriyan Vairamani <thechargingvolcano@gmail.com> | 2015-09-25 16:17:46 +0530 |
commit | 6df47d6151b9050efaf3aef7b77554c1a310118a (patch) | |
tree | 3bdd18cc4c8bca2e4a70672ee000bdf0de08300b /test/parallel/test-crypto-pbkdf2.js | |
parent | 36b969ff44b8ffca22480c70343cf85651eb235e (diff) | |
download | android-node-v8-6df47d6151b9050efaf3aef7b77554c1a310118a.tar.gz android-node-v8-6df47d6151b9050efaf3aef7b77554c1a310118a.tar.bz2 android-node-v8-6df47d6151b9050efaf3aef7b77554c1a310118a.zip |
crypto: add more keylen sanity checks in pbkdf2
issue #2987 makes the point that crypto.pbkdf2 should not fail silently
and accept invalid but numeric values like NaN and Infinity. We already
check if the keylen is lower than 0, so extending that to NaN and
Infinity should make sense.
Fixes: https://github.com/nodejs/node/issues/2987
PR-URL: https://github.com/nodejs/node/pull/3029
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Diffstat (limited to 'test/parallel/test-crypto-pbkdf2.js')
-rw-r--r-- | test/parallel/test-crypto-pbkdf2.js | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/test/parallel/test-crypto-pbkdf2.js b/test/parallel/test-crypto-pbkdf2.js index 885831bad1..51759ca835 100644 --- a/test/parallel/test-crypto-pbkdf2.js +++ b/test/parallel/test-crypto-pbkdf2.js @@ -59,3 +59,31 @@ function ondone(err, key) { assert.throws(function() { crypto.pbkdf2('password', 'salt', 1, 20, null); }); + +// Should not work with Infinity key length +assert.throws(function() { + crypto.pbkdf2('password', 'salt', 1, Infinity, assert.fail); +}, function(err) { + return err instanceof Error && err.message === 'Bad key length'; +}); + +// Should not work with negative Infinity key length +assert.throws(function() { + crypto.pbkdf2('password', 'salt', 1, -Infinity, assert.fail); +}, function(err) { + return err instanceof Error && err.message === 'Bad key length'; +}); + +// Should not work with NaN key length +assert.throws(function() { + crypto.pbkdf2('password', 'salt', 1, NaN, assert.fail); +}, function(err) { + return err instanceof Error && err.message === 'Bad key length'; +}); + +// Should not work with negative key length +assert.throws(function() { + crypto.pbkdf2('password', 'salt', 1, -1, assert.fail); +}, function(err) { + return err instanceof Error && err.message === 'Bad key length'; +}); |