Skip to content

Commit cf35085

Browse files
tniessenjasnell
authored andcommitted
doc: note that setAuthTag throws on invalid length
PR-URL: #17825 Refs: #17523 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent d81a7b4 commit cf35085

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

doc/api/crypto.md

+6-1
Original file line numberDiff line numberDiff line change
@@ -419,6 +419,9 @@ The `decipher.setAAD()` method must be called before [`decipher.update()`][].
419419
<!-- YAML
420420
added: v1.0.0
421421
changes:
422+
- version: REPLACEME
423+
pr-url: https://github.com/nodejs/node/pull/17825
424+
description: This method now throws if the GCM tag length is invalid.
422425
- version: v7.2.0
423426
pr-url: https://github.com/nodejs/node/pull/9398
424427
description: This method now returns a reference to `decipher`.
@@ -430,7 +433,9 @@ When using an authenticated encryption mode (only `GCM` and `CCM` are currently
430433
supported), the `decipher.setAuthTag()` method is used to pass in the
431434
received _authentication tag_. If no tag is provided, or if the cipher text
432435
has been tampered with, [`decipher.final()`][] will throw, indicating that the
433-
cipher text should be discarded due to failed authentication.
436+
cipher text should be discarded due to failed authentication. If the tag length
437+
is invalid according to [NIST SP 800-38D][], `decipher.setAuthTag()` will throw
438+
an error.
434439

435440
Note that this Node.js version does not verify the length of GCM authentication
436441
tags. Such a check *must* be implemented by applications and is crucial to the

0 commit comments

Comments
 (0)