We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 4a54ebc commit 4957562Copy full SHA for 4957562
lib/internal/crypto/pbkdf2.js
@@ -4,19 +4,15 @@ const {
4
ERR_INVALID_ARG_TYPE,
5
ERR_INVALID_CALLBACK,
6
ERR_CRYPTO_INVALID_DIGEST,
7
- ERR_OUT_OF_RANGE
8
} = require('internal/errors').codes;
9
const {
10
checkIsArrayBufferView,
+ checkIsUint,
11
getDefaultEncoding,
12
- toBuf
13
} = require('internal/crypto/util');
14
15
PBKDF2
16
} = process.binding('crypto');
17
-const {
18
- INT_MAX
19
-} = process.binding('constants').crypto;
20
21
function pbkdf2(password, salt, iterations, keylen, digest, callback) {
22
if (typeof digest === 'function') {
@@ -39,22 +35,12 @@ function _pbkdf2(password, salt, iterations, keylen, digest, callback) {
39
35
if (digest !== null && typeof digest !== 'string')
40
36
throw new ERR_INVALID_ARG_TYPE('digest', ['string', 'null'], digest);
41
37
42
- password = checkIsArrayBufferView('password', toBuf(password));
43
- salt = checkIsArrayBufferView('salt', toBuf(salt));
44
-
45
- if (typeof iterations !== 'number')
46
- throw new ERR_INVALID_ARG_TYPE('iterations', 'number', iterations);
47
48
- if (iterations < 0)
49
- throw new ERR_OUT_OF_RANGE('iterations',
50
- 'a non-negative number',
51
- iterations);
52
53
- if (typeof keylen !== 'number')
54
- throw new ERR_INVALID_ARG_TYPE('keylen', 'number', keylen);
55
56
- if (keylen < 0 || !Number.isInteger(keylen) || keylen > INT_MAX)
57
- throw new ERR_OUT_OF_RANGE('keylen', `>= 0 && <= ${INT_MAX}`, keylen);
38
+ password = checkIsArrayBufferView('password', password);
+ salt = checkIsArrayBufferView('salt', salt);
+ // FIXME(bnoordhuis) The error message is in fact wrong since |iterations|
+ // cannot be > INT_MAX. Adjust in the next major release.
+ iterations = checkIsUint('iterations', iterations, 'a non-negative number');
+ keylen = checkIsUint('keylen', keylen);
58
59
const encoding = getDefaultEncoding();
60
lib/internal/crypto/sig.js
@@ -77,7 +77,7 @@ Sign.prototype.sign = function sign(options, encoding) {
77
78
var pssSaltLength = getSaltLength(options);
79
80
- key = checkIsArrayBufferView('key', toBuf(key));
+ key = checkIsArrayBufferView('key', key);
81
82
var ret = this._handle.sign(key, passphrase, rsaPadding, pssSaltLength);
83
@@ -114,7 +114,7 @@ Verify.prototype.verify = function verify(options, signature, sigEncoding) {
114
115
116
117
118
119
signature = checkIsArrayBufferView('signature',
120
toBuf(signature, sigEncoding));
lib/internal/crypto/util.js
@@ -15,7 +15,8 @@ const {
ERR_CRYPTO_ENGINE_UNKNOWN,
ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH,
- ERR_INVALID_ARG_TYPE
+ ERR_INVALID_ARG_TYPE,
+ ERR_OUT_OF_RANGE,
const { Buffer } = require('buffer');
@@ -25,6 +26,9 @@ const {
25
26
27
isArrayBufferView
28
} = require('internal/util/types');
29
+const {
30
+ INT_MAX
31
+} = process.binding('constants').crypto;
32
33
var defaultEncoding = 'buffer';
34
@@ -84,6 +88,7 @@ function timingSafeEqual(buf1, buf2) {
84
88
}
85
89
86
90
function checkIsArrayBufferView(name, buffer) {
91
+ buffer = toBuf(buffer);
87
92
if (!isArrayBufferView(buffer)) {
93
throw new ERR_INVALID_ARG_TYPE(
94
name,
@@ -94,8 +99,19 @@ function checkIsArrayBufferView(name, buffer) {
99
return buffer;
95
100
96
101
102
+function checkIsUint(name, value, errmsg = `>= 0 && <= ${INT_MAX}`) {
103
+ if (typeof value !== 'number')
104
+ throw new ERR_INVALID_ARG_TYPE(name, 'number', value);
105
+
106
+ if (value < 0 || !Number.isInteger(value) || value > INT_MAX)
107
+ throw new ERR_OUT_OF_RANGE(name, errmsg, value);
108
109
+ return value;
110
+}
111
97
112
module.exports = {
98
113
getCiphers,
getCurves,