Skip to content

Commit a116358

Browse files
tomgcoShigeki Ohtsu
tomgco
authored and
Shigeki Ohtsu
committed
crypto: pbkdf2 deprecate digest overload.
As per #3292, this PR introduces a deprecation notice about removing the 'default digest' overload which currently defaults to the soon to be defunct SHA1 digest. Instead it should be left up to the documentation and implementor to suggest a suitable digest function. Ref: #3292 PR-URL: #4047 Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor@indutny.com> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
1 parent db9e122 commit a116358

4 files changed

Lines changed: 42 additions & 34 deletions

File tree

doc/api/crypto.markdown

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1062,13 +1062,12 @@ const hashes = crypto.getHashes();
10621062
console.log(hashes); // ['sha', 'sha1', 'sha1WithRSAEncryption', ...]
10631063
```
10641064

1065-
### crypto.pbkdf2(password, salt, iterations, keylen[, digest], callback)
1065+
### crypto.pbkdf2(password, salt, iterations, keylen, digest, callback)
10661066

10671067
Provides an asynchronous Password-Based Key Derivation Function 2 (PBKDF2)
10681068
implementation. A selected HMAC digest algorithm specified by `digest` is
10691069
applied to derive a key of the requested byte length (`keylen`) from the
1070-
`password`, `salt` and `iterations`. If the `digest` algorithm is not specified,
1071-
a default of `'sha1'` is used.
1070+
`password`, `salt` and `iterations`.
10721071

10731072
The supplied `callback` function is called with two arguments: `err` and
10741073
`derivedKey`. If an error occurs, `err` will be set; otherwise `err` will be
@@ -1095,13 +1094,12 @@ crypto.pbkdf2('secret', 'salt', 100000, 512, 'sha512', (err, key) => {
10951094
An array of supported digest functions can be retrieved using
10961095
[`crypto.getHashes()`][].
10971096

1098-
### crypto.pbkdf2Sync(password, salt, iterations, keylen[, digest])
1097+
### crypto.pbkdf2Sync(password, salt, iterations, keylen, digest)
10991098

11001099
Provides a synchronous Password-Based Key Derivation Function 2 (PBKDF2)
11011100
implementation. A selected HMAC digest algorithm specified by `digest` is
11021101
applied to derive a key of the requested byte length (`keylen`) from the
1103-
`password`, `salt` and `iterations`. If the `digest` algorithm is not specified,
1104-
a default of `'sha1'` is used.
1102+
`password`, `salt` and `iterations`.
11051103

11061104
If an error occurs an Error will be thrown, otherwise the derived key will be
11071105
returned as a [`Buffer`][].

lib/crypto.js

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -531,6 +531,11 @@ ECDH.prototype.getPublicKey = function getPublicKey(encoding, format) {
531531
};
532532

533533

534+
const pbkdf2DeprecationWarning =
535+
internalUtil.deprecate(() => {}, 'crypto.pbkdf2 without specifying' +
536+
' a digest is deprecated. Please specify a digest');
537+
538+
534539
exports.pbkdf2 = function(password,
535540
salt,
536541
iterations,
@@ -540,6 +545,7 @@ exports.pbkdf2 = function(password,
540545
if (typeof digest === 'function') {
541546
callback = digest;
542547
digest = undefined;
548+
pbkdf2DeprecationWarning();
543549
}
544550

545551
if (typeof callback !== 'function')
@@ -550,6 +556,10 @@ exports.pbkdf2 = function(password,
550556

551557

552558
exports.pbkdf2Sync = function(password, salt, iterations, keylen, digest) {
559+
if (typeof digest === 'undefined') {
560+
digest = undefined;
561+
pbkdf2DeprecationWarning();
562+
}
553563
return pbkdf2(password, salt, iterations, keylen, digest);
554564
};
555565

test/parallel/test-crypto-binary-default.js

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -633,34 +633,34 @@ assert.strictEqual(rsaVerify.verify(rsaPubPem, rsaSignature, 'hex'), true);
633633
// Test PBKDF2 with RFC 6070 test vectors (except #4)
634634
//
635635
function testPBKDF2(password, salt, iterations, keylen, expected) {
636-
var actual = crypto.pbkdf2Sync(password, salt, iterations, keylen);
636+
var actual = crypto.pbkdf2Sync(password, salt, iterations, keylen, 'sha256');
637637
assert.equal(actual, expected);
638638

639-
crypto.pbkdf2(password, salt, iterations, keylen, function(err, actual) {
639+
crypto.pbkdf2(password, salt, iterations, keylen, 'sha256', (err, actual) => {
640640
assert.equal(actual, expected);
641641
});
642642
}
643643

644644

645645
testPBKDF2('password', 'salt', 1, 20,
646-
'\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9\xb5\x24' +
647-
'\xaf\x60\x12\x06\x2f\xe0\x37\xa6');
646+
'\x12\x0f\xb6\xcf\xfc\xf8\xb3\x2c\x43\xe7\x22\x52' +
647+
'\x56\xc4\xf8\x37\xa8\x65\x48\xc9');
648648

649649
testPBKDF2('password', 'salt', 2, 20,
650-
'\xea\x6c\x01\x4d\xc7\x2d\x6f\x8c\xcd\x1e\xd9\x2a' +
651-
'\xce\x1d\x41\xf0\xd8\xde\x89\x57');
650+
'\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9' +
651+
'\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e');
652652

653653
testPBKDF2('password', 'salt', 4096, 20,
654-
'\x4b\x00\x79\x01\xb7\x65\x48\x9a\xbe\xad\x49\xd9\x26' +
655-
'\xf7\x21\xd0\x65\xa4\x29\xc1');
654+
'\xc5\xe4\x78\xd5\x92\x88\xc8\x41\xaa\x53\x0d\xb6' +
655+
'\x84\x5c\x4c\x8d\x96\x28\x93\xa0');
656656

657657
testPBKDF2('passwordPASSWORDpassword',
658658
'saltSALTsaltSALTsaltSALTsaltSALTsalt',
659659
4096,
660660
25,
661-
'\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8\xd8\x36\x62' +
662-
'\xc0\xe4\x4a\x8b\x29\x1a\x96\x4c\xf2\xf0\x70\x38');
661+
'\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8\x14\xb8' +
662+
'\x11\x6e\x84\xcf\x2b\x17\x34\x7e\xbc\x18\x00\x18\x1c');
663663

664664
testPBKDF2('pass\0word', 'sa\0lt', 4096, 16,
665-
'\x56\xfa\x6a\xa7\x55\x48\x09\x9d\xcc\x37\xd7\xf0\x34' +
666-
'\x25\xe0\xc3');
665+
'\x89\xb6\x9d\x05\x16\xf8\x29\x89\x3c\x69\x62\x26' +
666+
'\x65\x0a\x86\x87');

test/parallel/test-crypto-pbkdf2.js

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -12,37 +12,37 @@ var crypto = require('crypto');
1212
// Test PBKDF2 with RFC 6070 test vectors (except #4)
1313
//
1414
function testPBKDF2(password, salt, iterations, keylen, expected) {
15-
var actual = crypto.pbkdf2Sync(password, salt, iterations, keylen);
15+
var actual = crypto.pbkdf2Sync(password, salt, iterations, keylen, 'sha256');
1616
assert.equal(actual.toString('binary'), expected);
1717

18-
crypto.pbkdf2(password, salt, iterations, keylen, function(err, actual) {
18+
crypto.pbkdf2(password, salt, iterations, keylen, 'sha256', (err, actual) => {
1919
assert.equal(actual.toString('binary'), expected);
2020
});
2121
}
2222

2323

2424
testPBKDF2('password', 'salt', 1, 20,
25-
'\x0c\x60\xc8\x0f\x96\x1f\x0e\x71\xf3\xa9\xb5\x24' +
26-
'\xaf\x60\x12\x06\x2f\xe0\x37\xa6');
25+
'\x12\x0f\xb6\xcf\xfc\xf8\xb3\x2c\x43\xe7\x22\x52' +
26+
'\x56\xc4\xf8\x37\xa8\x65\x48\xc9');
2727

2828
testPBKDF2('password', 'salt', 2, 20,
29-
'\xea\x6c\x01\x4d\xc7\x2d\x6f\x8c\xcd\x1e\xd9\x2a' +
30-
'\xce\x1d\x41\xf0\xd8\xde\x89\x57');
29+
'\xae\x4d\x0c\x95\xaf\x6b\x46\xd3\x2d\x0a\xdf\xf9' +
30+
'\x28\xf0\x6d\xd0\x2a\x30\x3f\x8e');
3131

3232
testPBKDF2('password', 'salt', 4096, 20,
33-
'\x4b\x00\x79\x01\xb7\x65\x48\x9a\xbe\xad\x49\xd9\x26' +
34-
'\xf7\x21\xd0\x65\xa4\x29\xc1');
33+
'\xc5\xe4\x78\xd5\x92\x88\xc8\x41\xaa\x53\x0d\xb6' +
34+
'\x84\x5c\x4c\x8d\x96\x28\x93\xa0');
3535

3636
testPBKDF2('passwordPASSWORDpassword',
3737
'saltSALTsaltSALTsaltSALTsaltSALTsalt',
3838
4096,
3939
25,
40-
'\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8\xd8\x36\x62' +
41-
'\xc0\xe4\x4a\x8b\x29\x1a\x96\x4c\xf2\xf0\x70\x38');
40+
'\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8\x14\xb8\x11' +
41+
'\x6e\x84\xcf\x2b\x17\x34\x7e\xbc\x18\x00\x18\x1c');
4242

4343
testPBKDF2('pass\0word', 'sa\0lt', 4096, 16,
44-
'\x56\xfa\x6a\xa7\x55\x48\x09\x9d\xcc\x37\xd7\xf0\x34' +
45-
'\x25\xe0\xc3');
44+
'\x89\xb6\x9d\x05\x16\xf8\x29\x89\x3c\x69\x62\x26\x65' +
45+
'\x0a\x86\x87');
4646

4747
var expected =
4848
'64c486c55d30d4c5a079b8823b7d7cb37ff0556f537da8410233bcec330ed956';
@@ -62,28 +62,28 @@ assert.throws(function() {
6262

6363
// Should not work with Infinity key length
6464
assert.throws(function() {
65-
crypto.pbkdf2('password', 'salt', 1, Infinity, common.fail);
65+
crypto.pbkdf2('password', 'salt', 1, Infinity, 'sha256', common.fail);
6666
}, function(err) {
6767
return err instanceof Error && err.message === 'Bad key length';
6868
});
6969

7070
// Should not work with negative Infinity key length
7171
assert.throws(function() {
72-
crypto.pbkdf2('password', 'salt', 1, -Infinity, common.fail);
72+
crypto.pbkdf2('password', 'salt', 1, -Infinity, 'sha256', common.fail);
7373
}, function(err) {
7474
return err instanceof Error && err.message === 'Bad key length';
7575
});
7676

7777
// Should not work with NaN key length
7878
assert.throws(function() {
79-
crypto.pbkdf2('password', 'salt', 1, NaN, common.fail);
79+
crypto.pbkdf2('password', 'salt', 1, NaN, 'sha256', common.fail);
8080
}, function(err) {
8181
return err instanceof Error && err.message === 'Bad key length';
8282
});
8383

8484
// Should not work with negative key length
8585
assert.throws(function() {
86-
crypto.pbkdf2('password', 'salt', 1, -1, common.fail);
86+
crypto.pbkdf2('password', 'salt', 1, -1, 'sha256', common.fail);
8787
}, function(err) {
8888
return err instanceof Error && err.message === 'Bad key length';
8989
});

0 commit comments

Comments
 (0)