dan/jose
1
0
Fork 0
mirror of https://github.com/danbulant/jose synced 2026-05-19 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: defer AES CBC w/ HMAC decryption after tag verification passes

Browse source
This commit is contained in:
Filip Skokan 2021-04-09 22:10:10 +02:00
parent b8b668ebbd
commit 812e03fcf4
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/jwa/aes_cbc_hmac_sha2.js
View file

@ -44,13 +44,17 @@ const decrypt = (size, sign, { [KEYOBJECT]: keyObject }, ciphertext, { iv, tag =
const expectedTag = sign({ [KEYOBJECT]: macKey }, macData, tag).slice(0, keySize)
const macCheckPassed = timingSafeEqual(tag, expectedTag)
if (!macCheckPassed) {
throw new JWEDecryptionFailed()
}
let cleartext
try {
const cipher = createDecipheriv(`aes-${size}-cbc`, encKey, iv)
cleartext = Buffer.concat([cipher.update(ciphertext), cipher.final()])
} catch (err) {}
if (!cleartext || !macCheckPassed) {
if (!cleartext) {
throw new JWEDecryptionFailed()
}