From b863a27da7d1a2bd143c67a7c05881dcf4d82e2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Sun, 27 Mar 2022 01:28:19 +0100 Subject: [PATCH] crypto: make authTagLength optional for CC20P1305 PR-URL: https://github.com/nodejs/node/pull/42427 Reviewed-By: James M Snell Reviewed-By: Filip Skokan --- doc/api/crypto.md | 32 ++++++++++---- src/crypto/crypto_cipher.cc | 14 +++++-- test/parallel/test-crypto-authenticated.js | 49 ++++++++++++++++++++-- 3 files changed, 80 insertions(+), 15 deletions(-) diff --git a/doc/api/crypto.md b/doc/api/crypto.md index a2796a0b27f301..9aa0829ac70bc6 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -2930,6 +2930,10 @@ Checks the primality of the `candidate`. added: v0.1.94 deprecated: v10.0.0 changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/42427 + description: The `authTagLength` option is now optional when using the + `chacha20-poly1305` cipher and defaults to 16 bytes. - version: v15.0.0 pr-url: https://github.com/nodejs/node/pull/35093 description: The password argument can be an ArrayBuffer and is limited to @@ -2954,12 +2958,12 @@ Creates and returns a `Cipher` object that uses the given `algorithm` and `password`. The `options` argument controls stream behavior and is optional except when a -cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) or `chacha20-poly1305` is used. -In that case, the +cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the authentication tag in bytes, see [CCM mode][]. In GCM mode, the `authTagLength` option is not required but can be used to set the length of the authentication tag that will be returned by `getAuthTag()` and defaults to 16 bytes. +For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes. The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On recent OpenSSL releases, `openssl list -cipher-algorithms` will @@ -2990,6 +2994,10 @@ Adversaries][] for details.