diff options
Diffstat (limited to 'lib/internal/crypto/pbkdf2.js')
-rw-r--r-- | lib/internal/crypto/pbkdf2.js | 44 |
1 files changed, 40 insertions, 4 deletions
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js index 5398321ece..2fc211a87d 100644 --- a/lib/internal/crypto/pbkdf2.js +++ b/lib/internal/crypto/pbkdf2.js @@ -5,9 +5,13 @@ const { getDefaultEncoding, toBuf } = require('internal/crypto/util'); +const { isArrayBufferView } = require('internal/util/types'); const { PBKDF2 } = process.binding('crypto'); +const { + INT_MAX +} = process.binding('constants').crypto; function pbkdf2(password, salt, iterations, keylen, digest, callback) { if (typeof digest === 'function') { @@ -34,10 +38,39 @@ function _pbkdf2(password, salt, iterations, keylen, digest, callback) { password = toBuf(password); salt = toBuf(salt); + if (!isArrayBufferView(password)) { + throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'password', + ['string', 'Buffer', 'TypedArray']); + } + + if (!isArrayBufferView(salt)) { + throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'salt', + ['string', 'Buffer', 'TypedArray']); + } + + if (typeof iterations !== 'number') + throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'iterations', 'number'); + + if (iterations < 0) + throw new errors.RangeError('ERR_OUT_OF_RANGE', 'iterations'); + + if (typeof keylen !== 'number') + throw new errors.TypeError('ERR_INVALID_ARG_TYPE', 'keylen', 'number'); + + if (keylen < 0 || + !Number.isFinite(keylen) || + keylen > INT_MAX) { + throw new errors.RangeError('ERR_OUT_OF_RANGE', 'keylen'); + } + const encoding = getDefaultEncoding(); - if (encoding === 'buffer') - return PBKDF2(password, salt, iterations, keylen, digest, callback); + if (encoding === 'buffer') { + const ret = PBKDF2(password, salt, iterations, keylen, digest, callback); + if (ret === -1) + throw new errors.TypeError('ERR_CRYPTO_INVALID_DIGEST', digest); + return ret; + } // at this point, we need to handle encodings. if (callback) { @@ -46,9 +79,12 @@ function _pbkdf2(password, salt, iterations, keylen, digest, callback) { ret = ret.toString(encoding); callback(er, ret); } - PBKDF2(password, salt, iterations, keylen, digest, next); + if (PBKDF2(password, salt, iterations, keylen, digest, next) === -1) + throw new errors.TypeError('ERR_CRYPTO_INVALID_DIGEST', digest); } else { - var ret = PBKDF2(password, salt, iterations, keylen, digest); + const ret = PBKDF2(password, salt, iterations, keylen, digest); + if (ret === -1) + throw new errors.TypeError('ERR_CRYPTO_INVALID_DIGEST', digest); return ret.toString(encoding); } } |