-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fs,crypto: AAD decryption of fs stream > 32768 bytes fails #31733
Comments
See here - the maximum message size is a function of the IV size. Make it bigger and it'll work. |
@bnoordhuis Thx guy, but I have read this article and tried it before. And It doesn't work even if I increase the length of IV to 13 bytes, which is the maximum length of CCM IV. const iv = $Crypto.randomBytes(13); |
I'm moving this to nodejs/node because this looks like a timing related bug with fs streams. I can reproduce what you're describing but also observe that AAD decryption works with other stream types. |
I don't have time to investigate right now but I've opened #31734 with a known issues test as a starting point for others. |
@bnoordhuis Okay, Thanks. |
Authenticated decryption works for file streams up to 32768 bytes but not beyond. Other streams and direct decryption are not affected. Refs: nodejs#31733
Authenticated decryption works for file streams up to 32768 bytes but not beyond. Other streams and direct decryption are not affected. Refs: #31733 PR-URL: #31734 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Authenticated decryption works for file streams up to 32768 bytes but not beyond. Other streams and direct decryption are not affected. Refs: #31733 PR-URL: #31734 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Authenticated decryption works for file streams up to 32768 bytes but not beyond. Other streams and direct decryption are not affected. Refs: #31733 PR-URL: #31734 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Authenticated decryption works for file streams up to 32768 bytes but not beyond. Other streams and direct decryption are not affected. Refs: #31733 PR-URL: #31734 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This might be fixed through #33981 |
The performance benefit of using a custom pool are negligable. Furthermore, it causes problems with Workers and transferrable. Rather than further adding complexity for compat with Workers, just remove the pooling logic. Refs: nodejs#33880 (comment) Fixes: nodejs#31733
The performance benefit of using a custom pool are negligable. Furthermore, it causes problems with Workers and transferrable. Rather than further adding complexity for compat with Workers, just remove the pooling logic. Refs: nodejs#33880 (comment) Fixes: nodejs#31733 PR-URL: nodejs#33981 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The performance benefit of using a custom pool are negligable. Furthermore, it causes problems with Workers and transferrable. Rather than further adding complexity for compat with Workers, just remove the pooling logic. Refs: #33880 (comment) Fixes: #31733 PR-URL: #33981 Backport-PR-URL: #38397 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
With a 32768 bytes message, the AES-128-CCM cipher and decipher both work well.
With a 32769 bytes message, the AES-128-CCM cipher works well, but the decipher failed with a message:
I can't understand why. Whatever I change the AAD/IV/authTagLength, it can‘t work.
Here is my code:
The text was updated successfully, but these errors were encountered: