patch for [email protected], ref nodejs/node#20039

Author: TheNorthMemory

lib/aes.js

@@ -149,7 +149,17 @@ class AesGcm extends Aes {
 
     const decipher = crypto.createDecipheriv(
       this.ALGO_AES_256_GCM, key, iv
-    ).setAuthTag(tag).setAAD(Buffer.from(aad))
+    )
+
+    // Restrict valid GCM tag length, patches for Node < 11.0.0
+    // more @see https://github.com/nodejs/node/pull/20039
+    const tagLen = tag.length
+    if (tagLen > 16 || (tagLen < 12 && tagLen != 8 && tagLen != 4)) {
+      let backport = new TypeError(`Invalid authentication tag length: ${tagLen}`)
+      backport.code = 'ERR_CRYPTO_INVALID_AUTH_TAG'
+      throw backport
+    }
+    decipher.setAuthTag(tag).setAAD(Buffer.from(aad))
 
     return Buffer.concat([
       decipher.update(payload, this.hex),

tests/lib/aes.test.js

@@ -226,8 +226,8 @@ describe('lib/aes', () => {
       should(() => {
         aes.decrypt(mockupIv, mockupKey, '')
       }).throw(Error, {
+        code: 'ERR_CRYPTO_INVALID_AUTH_TAG',
         message: 'Invalid authentication tag length: 0',
-        stack: /at Decipheriv\.setAuthTag/,
       })
     })