You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a cipher is generated with AES-GCM using integration with webcrypto, the third parameter of the gcm function, ADD, is optional, however undefined is not accepted by the webcrypto API and error is launched. It didn't happen in nodejs, only in a browser environment.
See the reproduction of the bug:
My user agent:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
When a cipher is generated with AES-GCM using integration with webcrypto, the third parameter of the gcm function, ADD, is optional, however
undefined
is not accepted by the webcrypto API and error is launched. It didn't happen in nodejs, only in a browser environment.See the reproduction of the bug:
![webcrypto-aes-gcm-bug](https://private-user-images.githubusercontent.com/91137293/326271305-8e9cc21d-9dc3-4faa-8b69-72fbc3d00a42.gif?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjA5MjAxNDcsIm5iZiI6MTcyMDkxOTg0NywicGF0aCI6Ii85MTEzNzI5My8zMjYyNzEzMDUtOGU5Y2MyMWQtOWRjMy00ZmFhLThiNjktNzJmYmMzZDAwYTQyLmdpZj9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MTQlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzE0VDAxMTcyN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWY1ZWQzODA5NDBlNTFjMjUxNjFmZGExZWM1M2MzMjE2ZDg1NGJiNWI3MTcxNGRjYjlhZTc2OTQ3NmM3NmFhYjAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.RRsiLP2ZQZXRw-sTEhJlus4HH_OgFPeeYwnfajCjpc4)
My user agent:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
But you can reproduce by yourself in the following repository:
https://antonioconselheiro.github.io/noble-cipher-bug-in-webcrypto-aes-gcm-integration/
I've opened a PR with the fix:
#34
The text was updated successfully, but these errors were encountered: