crypto: coerce -0 keylen to +0 in pbkdf2

`validateInt32(keylen, 'keylen', 0)` lets `-0` through: `typeof -0` is
`'number'`, `Number.isInteger(-0)` is `true`, and `-0 < 0` is `false`.
The value then reaches the PBKDF2Job binding, whose `IsInt32()` check
fails (V8 boxes `-0` as a HeapNumber rather than a tagged SMI) and
aborts the process with SIGABRT.
Coerce `keylen` to `+0` after validation so the binding sees a true Int32.

Reachable from any caller that forwards a JSON-parsed value,
since `JSON.parse('{"keylen":-0}').keylen` preserves the sign.

Signed-off-by: Jordan Harband <ljharb@gmail.com>

Author: ljharb

lib/internal/crypto/pbkdf2.js

@@ -92,6 +92,8 @@ function check(password, salt, iterations, keylen, digest) {
   // to the 31-bit range here (which is plenty).
   validateInt32(iterations, 'iterations', 1);
   validateInt32(keylen, 'keylen', 0);
+  // Coerce -0 to +0.
+  keylen += 0;
 
   return { password, salt, iterations, keylen, digest };
 }

test/parallel/test-crypto-pbkdf2.js

@@ -110,6 +110,20 @@ for (const iterations of [-1, 0, 2147483648]) {
     });
 });
 
+// `-0` keylen must be coerced to `+0` (would otherwise abort the process
+// via the native binding's IsInt32() assertion).
+{
+  const empty = Buffer.alloc(0);
+  assert.deepStrictEqual(
+    crypto.pbkdf2Sync('password', 'salt', 1, -0, 'sha256'),
+    empty,
+  );
+  crypto.pbkdf2('password', 'salt', 1, -0, 'sha256',
+                common.mustSucceed((result) => {
+                  assert.deepStrictEqual(result, empty);
+                }));
+}
+
 // Should not get FATAL ERROR with empty password and salt
 // https://github.com/nodejs/node/issues/8571
 crypto.pbkdf2('', '', 1, 32, 'sha256', common.mustSucceed());