Skip to content
Permalink
Browse files

doc: improve CCM example

Applications should never attempt to use the deciphered message
if authentication fails. In reality, this is usually not a problem
since OpenSSL does not disclose the plaintext in this case, but it
is still a design mistake and can lead to critical security problems
in other cipher modes and implementations.

PR-URL: #27396
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rich Trott <rtrott@gmail.com>
  • Loading branch information...
tniessen committed Apr 24, 2019
1 parent 8c4bd2a commit 153c101a12d8dc6e149a57f0d4b94d5a310add16
Showing with 1 addition and 0 deletions.
  1. +1 −0 doc/api/crypto.md
@@ -2885,6 +2885,7 @@ try {
decipher.final();
} catch (err) {
console.error('Authentication failed!');
return;
}
console.log(receivedPlaintext);

0 comments on commit 153c101

Please sign in to comment.
You can’t perform that action at this time.