Throw OperationError if PBKDF2 iterations is zero

nodejs / webcrypto

This repository has been archived. The WebCrypto API has been implemented in recent versions of Node.js and does not require additional packages.

69 stars 20 forks source link

Throw OperationError if PBKDF2 iterations is zero #29

Closed tniessen closed 4 years ago

tniessen commented 4 years ago

Node.js accepts an iteration count of zero, but WebCrypto requires an OperationError. This fixes 468 WPTs.

tniessen commented 4 years ago

@bnoordhuis I think it would be a breaking change. But I tend to agree, and I considered going one step further and suggesting the change to OpenSSL. According to RFC 2898, zero is not a valid parameter, but I am not so sure about NIST SP 800-132. The latter does not seem to explicitely forbid setting iterations to zero.

tniessen commented 4 years ago

I just looked at OpenSSL, and the implementation in OpenSSL 1.1.1 seems to treat values <= 1 as 1. OpenSSL master, however, appears to forbid such inputs.

Experimentally confirmed: Setting the iteration count to zero in Node.js results in the same output as setting it to one.

I probably should have looked at the documentation first: "Any iter less than 1 is treated as a single iteration."