crypto: refactor pbkdf2() and pbkdf2Sync() methods

Use the scrypt() infrastructure to reimplement pbkdf2() in a simpler manner. PR-URL: #20816 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>

Author: bnoordhuis

doc/api/errors.md

@@ -739,6 +739,12 @@ An invalid [crypto digest algorithm][] was specified.
 A crypto method was used on an object that was in an invalid state. For
 instance, calling [`cipher.getAuthTag()`][] before calling `cipher.final()`.
 
+<aid="ERR_CRYPTO_PBKDF2_ERROR"></a>
+### ERR_CRYPTO_PBKDF2_ERROR
+
+The PBKDF2 algorithm failed for unspecified reasons. OpenSSL does not provide
+more details and therefore neither does Node.js.
+
 <aid="ERR_CRYPTO_SCRYPT_INVALID_PARAMETER"></a>
 ### ERR_CRYPTO_SCRYPT_INVALID_PARAMETER
 

lib/internal/crypto/pbkdf2.js

@@ -1,39 +1,61 @@
 'use strict';
 
+const{ AsyncWrap, Providers }=process.binding('async_wrap');
+const{ Buffer }=require('buffer');
+const{pbkdf2: _pbkdf2}=process.binding('crypto');
 const{
+ERR_CRYPTO_INVALID_DIGEST,
+ERR_CRYPTO_PBKDF2_ERROR,
 ERR_INVALID_ARG_TYPE,
 ERR_INVALID_CALLBACK,
-ERR_CRYPTO_INVALID_DIGEST,
 }=require('internal/errors').codes;
 const{
  checkIsArrayBufferView,
  checkIsUint,
  getDefaultEncoding,
 }=require('internal/crypto/util');
-const{
-PBKDF2
-}=process.binding('crypto');
 
 functionpbkdf2(password,salt,iterations,keylen,digest,callback){
 if(typeofdigest==='function'){
 callback=digest;
 digest=undefined;
 }
 
+({ password, salt, iterations, keylen, digest }=
+check(password,salt,iterations,keylen,digest,callback));
+
 if(typeofcallback!=='function')
 thrownewERR_INVALID_CALLBACK();
 
-return_pbkdf2(password,salt,iterations,keylen,digest,callback);
+constencoding=getDefaultEncoding();
+constkeybuf=Buffer.alloc(keylen);
+
+constwrap=newAsyncWrap(Providers.PBKDF2REQUEST);
+wrap.ondone=(ok)=>{// Retains keybuf while request is in flight.
+if(!ok)returncallback.call(wrap,newERR_CRYPTO_PBKDF2_ERROR());
+if(encoding==='buffer')returncallback.call(wrap,null,keybuf);
+callback.call(wrap,null,keybuf.toString(encoding));
+};
+
+handleError(keybuf,password,salt,iterations,digest,wrap);
 }
 
 functionpbkdf2Sync(password,salt,iterations,keylen,digest){
-return_pbkdf2(password,salt,iterations,keylen,digest);
+({ password, salt, iterations, keylen, digest }=
+check(password,salt,iterations,keylen,digest,pbkdf2Sync));
+constkeybuf=Buffer.alloc(keylen);
+handleError(keybuf,password,salt,iterations,digest);
+constencoding=getDefaultEncoding();
+if(encoding==='buffer')returnkeybuf;
+returnkeybuf.toString(encoding);
 }
 
-function_pbkdf2(password,salt,iterations,keylen,digest,callback){
-
-if(digest!==null&&typeofdigest!=='string')
-thrownewERR_INVALID_ARG_TYPE('digest',['string','null'],digest);
+functioncheck(password,salt,iterations,keylen,digest,callback){
+if(typeofdigest!=='string'){
+if(digest!==null)
+thrownewERR_INVALID_ARG_TYPE('digest',['string','null'],digest);
+digest='sha1';
+}
 
 password=checkIsArrayBufferView('password',password);
 salt=checkIsArrayBufferView('salt',salt);
@@ -42,30 +64,17 @@ function _pbkdf2(password, salt, iterations, keylen, digest, callback){
 iterations=checkIsUint('iterations',iterations,'a non-negative number');
 keylen=checkIsUint('keylen',keylen);
 
-constencoding=getDefaultEncoding();
+return{ password, salt, iterations, keylen, digest };
+}
 
-if(encoding==='buffer'){
-constret=PBKDF2(password,salt,iterations,keylen,digest,callback);
-if(ret===-1)
-thrownewERR_CRYPTO_INVALID_DIGEST(digest);
-returnret;
-}
+functionhandleError(keybuf,password,salt,iterations,digest,wrap){
+constrc=_pbkdf2(keybuf,password,salt,iterations,digest,wrap);
 
-// at this point, we need to handle encodings.
-if(callback){
-functionnext(er,ret){
-if(ret)
-ret=ret.toString(encoding);
-callback(er,ret);
-}
-if(PBKDF2(password,salt,iterations,keylen,digest,next)===-1)
-thrownewERR_CRYPTO_INVALID_DIGEST(digest);
-}else{
-constret=PBKDF2(password,salt,iterations,keylen,digest);
-if(ret===-1)
-thrownewERR_CRYPTO_INVALID_DIGEST(digest);
-returnret.toString(encoding);
-}
+if(rc===-1)
+thrownewERR_CRYPTO_INVALID_DIGEST(digest);
+
+if(rc===false)
+thrownewERR_CRYPTO_PBKDF2_ERROR();
 }
 
 module.exports={

lib/internal/errors.js

@@ -503,6 +503,8 @@ E('ERR_CRYPTO_HASH_FINALIZED', 'Digest already called', Error);
 E('ERR_CRYPTO_HASH_UPDATE_FAILED','Hash update failed',Error);
 E('ERR_CRYPTO_INVALID_DIGEST','Invalid digest: %s',TypeError);
 E('ERR_CRYPTO_INVALID_STATE','Invalid state for operation %s',Error);
+// TODO(bnoordhuis) Decapitalize: s/PBKDF2 Error/PBKDF2 error/
+E('ERR_CRYPTO_PBKDF2_ERROR','PBKDF2 Error',Error);
 E('ERR_CRYPTO_SCRYPT_INVALID_PARAMETER','Invalid scrypt parameter',Error);
 E('ERR_CRYPTO_SCRYPT_NOT_SUPPORTED','Scrypt algorithm not supported',Error);
 // Switch to TypeError. The current implementation does not seem right.

src/env.h

@@ -244,7 +244,6 @@ struct PackageConfig{
 V(password_string, "password") \
 V(path_string, "path") \
 V(pending_handle_string, "pendingHandle") \
-V(pbkdf2_error_string, "PBKDF2 Error") \
 V(pid_string, "pid") \
 V(pipe_string, "pipe") \
 V(pipe_target_string, "pipeTarget") \
@@ -337,7 +336,6 @@ struct PackageConfig{
 V(inspector_console_api_object, v8::Object) \
 V(message_port, v8::Object) \
 V(message_port_constructor_template, v8::FunctionTemplate) \
-V(pbkdf2_constructor_template, v8::ObjectTemplate) \
 V(pipe_constructor_template, v8::FunctionTemplate) \
 V(performance_entry_callback, v8::Function) \
 V(performance_entry_template, v8::Function) \