doc: note that setAuthTag throws on invalid length

PR-URL: https://github.com/nodejs/node/pull/17825 Refs: https://github.com/nodejs/node/issues/17523 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2017-12-28 14:33:19 +01:00 · 2017-12-28 14:33:19 +01:00 · cf350856cf
commit cf350856cf
parent d81a7b4baa
1 changed files with 6 additions and 1 deletions
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@ -419,6 +419,9 @@ The `decipher.setAAD()` method must be called before [`decipher.update()`][].
 <!-- YAML
 added: v1.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/17825
+    description: This method now throws if the GCM tag length is invalid.
  - version: v7.2.0
    pr-url: https://github.com/nodejs/node/pull/9398
    description: This method now returns a reference to `decipher`.
@ -430,7 +433,9 @@ When using an authenticated encryption mode (only `GCM` and `CCM` are currently
 supported), the `decipher.setAuthTag()` method is used to pass in the
 received _authentication tag_. If no tag is provided, or if the cipher text
 has been tampered with, [`decipher.final()`][] will throw, indicating that the
-cipher text should be discarded due to failed authentication.
+cipher text should be discarded due to failed authentication. If the tag length
+is invalid according to [NIST SP 800-38D][], `decipher.setAuthTag()` will throw
+an error.

 Note that this Node.js version does not verify the length of GCM authentication
 tags. Such a check *must* be implemented by applications and is crucial to the