From c3731481c7dcb81bad8355f72029fb6cf91c7459 Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Wed, 3 Nov 2021 14:45:41 +0100 Subject: [PATCH] refactor(node): skip concat on counter mode de/encrypt --- src/runtime/node/decrypt.ts | 14 ++++++++------ src/runtime/node/encrypt.ts | 3 ++- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/runtime/node/decrypt.ts b/src/runtime/node/decrypt.ts index 86cb969040..93368eb6ca 100644 --- a/src/runtime/node/decrypt.ts +++ b/src/runtime/node/decrypt.ts @@ -51,8 +51,8 @@ async function cbcDecrypt( let plaintext!: Uint8Array try { - const cipher = createDecipheriv(algorithm, encKey, iv) - plaintext = concat(cipher.update(ciphertext), cipher.final()) + const decipher = createDecipheriv(algorithm, encKey, iv) + plaintext = concat(decipher.update(ciphertext), decipher.final()) } catch { // } @@ -77,13 +77,15 @@ async function gcmDecrypt( throw new JOSENotSupported(`alg ${enc} is not supported by your javascript runtime`) } try { - const cipher = createDecipheriv(algorithm, cek, iv, { authTagLength: 16 }) - cipher.setAuthTag(tag) + const decipher = createDecipheriv(algorithm, cek, iv, { authTagLength: 16 }) + decipher.setAuthTag(tag) if (aad.byteLength) { - cipher.setAAD(aad, { plaintextLength: ciphertext.length }) + decipher.setAAD(aad, { plaintextLength: ciphertext.length }) } - return concat(cipher.update(ciphertext), cipher.final()) + const plaintext = decipher.update(ciphertext) + decipher.final() + return plaintext } catch { throw new JWEDecryptionFailed() } diff --git a/src/runtime/node/encrypt.ts b/src/runtime/node/encrypt.ts index e4f29aebc1..ab63732024 100644 --- a/src/runtime/node/encrypt.ts +++ b/src/runtime/node/encrypt.ts @@ -61,7 +61,8 @@ async function gcmEncrypt( cipher.setAAD(aad, { plaintextLength: plaintext.length }) } - const ciphertext = concat(cipher.update(plaintext), cipher.final()) + const ciphertext = cipher.update(plaintext) + cipher.final() const tag = cipher.getAuthTag() return { ciphertext, tag }