From 257d96bcbc543e1a4a45cdd3d6a036a04d2c3eb6 Mon Sep 17 00:00:00 2001 From: Mark Herrmann Date: Sat, 23 Apr 2022 16:36:54 +0200 Subject: [PATCH] throw exception instead of returning false. BREAKING CHANGE! Major update. If aes gcm tag validation evaluates to invalid, an error / exception should be thrown, following the gcm specification: https://csrc.nist.rip/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf Otherwise the user of this library has to check the validation which could be forgotten. Libraries always should do all checks they can do, so library using developers can just use it. --- lib/cipherModes.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib/cipherModes.js b/lib/cipherModes.js index 339915cc1..1583e96b5 100644 --- a/lib/cipherModes.js +++ b/lib/cipherModes.js @@ -731,6 +731,8 @@ modes.gcm.prototype.decrypt = function(input, output, finish) { } }; +var unauthenticException = new Error('Error: MAC Mispatch. Content and/or MAC has been tempared with'); + modes.gcm.prototype.afterFinish = function(output, options) { var rval = true; @@ -760,7 +762,7 @@ modes.gcm.prototype.afterFinish = function(output, options) { // check authentication tag if(options.decrypt && this.tag.bytes() !== this._tag) { - rval = false; + throw unauthenticException; } return rval;