mirrors/nodejs
mirrors/nodejs
0
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
Code Issues Releases Activity

doc: improve CCM example

Browse Source 
Applications should never attempt to use the deciphered message
if authentication fails. In reality, this is usually not a problem
since OpenSSL does not disclose the plaintext in this case, but it
is still a design mistake and can lead to critical security problems
in other cipher modes and implementations.

PR-URL: https://github.com/nodejs/node/pull/27396
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rich Trott <rtrott@gmail.com>
This commit is contained in:
Tobias Nießen 2019-04-24 22:43:31 +02:00
parent 8c4bd2af4f
commit 153c101a12
No known key found for this signature in database
GPG Key ID: 718207F8FD156B70
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doc/api/crypto.md
View File

@ -2885,6 +2885,7 @@ try {
decipher.final();
} catch (err) {
console.error('Authentication failed!');
return;
}
console.log(receivedPlaintext);