summaryrefslogtreecommitdiff
path: root/lib/internal/crypto/pbkdf2.js
diff options
context:
space:
mode:
Diffstat (limited to 'lib/internal/crypto/pbkdf2.js')
-rw-r--r--lib/internal/crypto/pbkdf2.js44
1 files changed, 40 insertions, 4 deletions
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js
index 5398321ece..2fc211a87d 100644
--- a/lib/internal/crypto/pbkdf2.js
+++ b/lib/internal/crypto/pbkdf2.js
@@ -5,9 +5,13 @@ const {
getDefaultEncoding,
toBuf
} = require('internal/crypto/util');
+const { isArrayBufferView } = require('internal/util/types');
const {
PBKDF2
} = process.binding('crypto');
+const {
+ INT_MAX
+} = process.binding('constants').crypto;
function pbkdf2(password, salt, iterations, keylen, digest, callback) {
if (typeof digest === 'function') {
@@ -34,10 +38,39 @@ function _pbkdf2(password, salt, iterations, keylen, digest, callback) {
password = toBuf(password);
salt = toBuf(salt);
+ if (!isArrayBufferView(password)) {
+ throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'password',
+ ['string', 'Buffer', 'TypedArray']);
+ }
+
+ if (!isArrayBufferView(salt)) {
+ throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'salt',
+ ['string', 'Buffer', 'TypedArray']);
+ }
+
+ if (typeof iterations !== 'number')
+ throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'iterations', 'number');
+
+ if (iterations < 0)
+ throw new errors.RangeError('ERR_OUT_OF_RANGE', 'iterations');
+
+ if (typeof keylen !== 'number')
+ throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'keylen', 'number');
+
+ if (keylen < 0 ||
+ !Number.isFinite(keylen) ||
+ keylen > INT_MAX) {
+ throw new errors.RangeError('ERR_OUT_OF_RANGE', 'keylen');
+ }
+
const encoding = getDefaultEncoding();
- if (encoding === 'buffer')
- return PBKDF2(password, salt, iterations, keylen, digest, callback);
+ if (encoding === 'buffer') {
+ const ret = PBKDF2(password, salt, iterations, keylen, digest, callback);
+ if (ret === -1)
+ throw new errors.TypeError('ERR_CRYPTO_INVALID_DIGEST', digest);
+ return ret;
+ }
// at this point, we need to handle encodings.
if (callback) {
@@ -46,9 +79,12 @@ function _pbkdf2(password, salt, iterations, keylen, digest, callback) {
ret = ret.toString(encoding);
callback(er, ret);
}
- PBKDF2(password, salt, iterations, keylen, digest, next);
+ if (PBKDF2(password, salt, iterations, keylen, digest, next) === -1)
+ throw new errors.TypeError('ERR_CRYPTO_INVALID_DIGEST', digest);
} else {
- var ret = PBKDF2(password, salt, iterations, keylen, digest);
+ const ret = PBKDF2(password, salt, iterations, keylen, digest);
+ if (ret === -1)
+ throw new errors.TypeError('ERR_CRYPTO_INVALID_DIGEST', digest);
return ret.toString(encoding);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-10 18:46:31 +0000