Skip to content

Commit

Permalink
fix: defer AES CBC w/ HMAC decryption after tag verification passes
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Apr 9, 2021
1 parent 9a8404a commit 08e1bc5
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion lib/jwa/aes_cbc_hmac_sha2.js
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,17 @@ const decrypt = (size, sign, { [KEYOBJECT]: keyObject }, ciphertext, { iv, tag =
const expectedTag = sign({ [KEYOBJECT]: macKey }, macData, tag).slice(0, keySize)
const macCheckPassed = timingSafeEqual(tag, expectedTag)

if (!macCheckPassed) {
throw new JWEDecryptionFailed()
}

let cleartext
try {
const cipher = createDecipheriv(`aes-${size}-cbc`, encKey, iv)
cleartext = Buffer.concat([cipher.update(ciphertext), cipher.final()])
} catch (err) {}

if (!cleartext || !macCheckPassed) {
if (!cleartext) {
throw new JWEDecryptionFailed()
}

Expand Down

0 comments on commit 08e1bc5

Please sign in to comment.