crypto: restrict PBKDF2 args to signed int

OpenSSL internally represents the output length and the iteration count as signed integers, which is why node's C++ implementation expects these arguments to fit into signed integers as well. The JavaScript validation logic, however, only requires the arguments to be unsigned 32-bit integers, which is a superset of non-negative (signed) 32-bit integers. Change the JavaScript validation to match the expectation within C++. Fixes: #44570
nodejs · nodejs-github-bot · Sep 10, 2022 · Sep 8, 2022 · Sep 8, 2022 · 3927e1a1f0cd970b4e83880333f831cc3f973022
commit 3927e1a1f0cd970b4e83880333f831cc3f973022
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js
@@ -15,6 +15,7 @@ const {
 
 const {
   validateFunction,
+  validateInt32,
   validateInteger,
   validateString,
   validateUint32,
@@ -91,8 +92,10 @@ function check(password, salt, iterations, keylen, digest) {
 
   password = getArrayBufferOrView(password, 'password');
   salt = getArrayBufferOrView(salt, 'salt');
-  validateUint32(iterations, 'iterations', true);
-  validateUint32(keylen, 'keylen');
+  // OpenSSL uses a signed int to represent these values, so we are restricted
+  // to the 31-bit range here (which is plenty).
+  validateInt32(iterations, 'iterations', 1);
+  validateInt32(keylen, 'keylen', 0);
 
   return { password, salt, iterations, keylen, digest };
 }

diff --git a/test/parallel/test-crypto-pbkdf2.js b/test/parallel/test-crypto-pbkdf2.js
@@ -63,7 +63,7 @@ assert.throws(
   }
 );
 
-for (const iterations of [-1, 0]) {
+for (const iterations of [-1, 0, 2147483648]) {
   assert.throws(
     () => crypto.pbkdf2Sync('password', 'salt', iterations, 20, 'sha1'),
     {
@@ -98,7 +98,7 @@ for (const iterations of [-1, 0]) {
     });
 });
 
-[-1, 4294967297].forEach((input) => {
+[-1, 2147483648, 4294967296].forEach((input) => {
   assert.throws(
     () => {
       crypto.pbkdf2('password', 'salt', 1, input, 'sha256',