pbkdf2 Improper Input Validation Vulnerability Allowing Signature Spoofing

A vulnerability in the pbkdf2 library, versions 3.0.10 through 3.1.2, allows for signature spoofing due to improper input validation. This issue arises in the context of key derivation functions, where the library fails to correctly handle certain algorithm representations, particularly in a browser environment or when bundled with tools that polyfill Node.js crypto functions.

Impact

Exploitation of this vulnerability could lead to the generation of cryptographic keys that are either predictable or improperly initialized, undermining the security of applications that rely on this library for key derivation.

Reproduction

The vulnerability can be reproduced by using the pbkdf2 library in a JavaScript environment that supports Node.js crypto polyfills, such as a browser or with a bundler like Webpack or Vite. The issue occurs when pbkdf2 is called with unsupported or non-normalized algorithm names, such as 'sha3-256' or 'SHA1'. In these cases, the library returns a zero-filled buffer instead of a proper key, which can be verified by checking the output against expected values.

Remediation

Users should update to pbkdf2 version 3.1.3 or later. If the library was used with unsupported or non-normalized algorithms, it's important to review where the derived keys were used and take appropriate action.