Skip to content

Commit

Permalink
doc: correct description of decipher.setAuthTag in crypto.md
Browse files Browse the repository at this point in the history
Calling `decipher.setAuthTag` after `decipher.update` will result in
an error like `Unsupported state or unable to authenticate data`.
The example code in
[CCM mode](https://nodejs.org/docs/latest-v14.x/api/crypto.html#crypto_ccm_mode)
is correct, but to demonstrate the mistake in the documentation you
can take the same example and move the `setAuthTag` call to in between
`update` and `final` you will see the error.
  • Loading branch information
jbuhacoff authored and codebytere committed Jun 7, 2020
1 parent 0177cbf commit 0c7cf24
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions doc/api/crypto.md
Original file line number Diff line number Diff line change
Expand Up @@ -520,8 +520,9 @@ cipher text should be discarded due to failed authentication. If the tag length
is invalid according to [NIST SP 800-38D][] or does not match the value of the
`authTagLength` option, `decipher.setAuthTag()` will throw an error.

The `decipher.setAuthTag()` method must be called before
[`decipher.final()`][] and can only be called once.
The `decipher.setAuthTag()` method must be called before [`decipher.update()`][]
for `CCM` mode or before [`decipher.final()`][] for `GCM` and `OCB` modes.
`decipher.setAuthTag()` can only be called once.

### `decipher.setAutoPadding([autoPadding])`
<!-- YAML
Expand Down

0 comments on commit 0c7cf24

Please sign in to comment.