Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

decipher.final(): Unsupported state or unable to authenticate data

byMR
March 31, 2022

I have the following code:

const crypto = require("crypto");

const algorithm = "aes-256-gcm"; 
const message = "This is a secret message";
const iv = crypto.randomBytes(12);
const sKey = crypto.randomBytes(32);

const cipher = crypto.createCipheriv(algorithm, sKey, iv);
const decipher = crypto.createDecipheriv(algorithm, sKey, iv)

let encryptedData = cipher.update(message, "utf-8", "hex");
encryptedData += cipher.final("hex");

let decData = decipher.update(encryptedData, "hex", "utf-8");
decData += decipher.final("utf-8");

console.log("Encrypted message: " + encryptedData);
console.log("Decrypted message: ", decData)

When I run it, I receive the following exception:

node:internal/crypto/cipher:193
  const ret = this[kHandle].final();
                            ^

Error: Unsupported state or unable to authenticate data
    at Decipheriv.final (node:internal/crypto/cipher:193:29)
    at Object.<anonymous> ([...]/crypto-test.js:15:21)
    at Module._compile (node:internal/modules/cjs/loader:1101:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:17:47

Error is thrown when calling decipher.final(). How can I fix it?

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

>Solution :

When using an authenticated cipher (which aes-256-gcm is), you’ll need the auth tag from the cipher; otherwise Decipher.final() will throw (as you can see) since the auth tag it has (or in this case, doesn’t) doesn’t match what it thinks the deciphered text’s auth tag is.

const crypto = require('crypto');

const algorithm = 'aes-256-gcm';
const message = 'This is a secret message';
const iv = crypto.randomBytes(12);
const sKey = crypto.randomBytes(32);

const cipher = crypto.createCipheriv(algorithm, sKey, iv);

let encryptedData = cipher.update(message, 'utf-8', 'hex');
encryptedData += cipher.final('hex');

const authTag = cipher.getAuthTag().toString("hex");  // <- new
console.log({authTag, encryptedData});  // for debugging

const decipher = crypto.createDecipheriv(algorithm, sKey, iv);
decipher.setAuthTag(Buffer.from(authTag, 'hex'));  // <- new
let decData = decipher.update(encryptedData, 'hex', 'utf-8');
decData += decipher.final('utf-8');
console.log('Decrypted message: ', decData)
byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading