fix(encryption): specify authTagLength on all AES-GCM cipher/decipher calls (#3883)

* fix: specify authTagLength in AES-GCM decipheriv calls

Fixes missing authTagLength parameter in createDecipheriv calls using
AES-256-GCM mode. Without explicit tag length specification, the
application may be tricked into accepting shorter authentication tags,
potentially allowing ciphertext spoofing.

CWE-310: Cryptographic Issues (gcm-no-tag-length)

* fix: specify authTagLength on createCipheriv calls for AES-GCM consistency

Complements #3881 by adding explicit authTagLength: 16 to the encrypt
side as well, ensuring both cipher and decipher specify the tag length.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* refactor: clean up crypto modules

- Fix error: any → error: unknown with proper type guard in encryption.ts
- Eliminate duplicate iv.toString('hex') calls in both encrypt functions
- Remove redundant string split in decryptApiKey (was splitting twice)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* new turborepo version

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Lakee Sivaraya <71339072+lakeesiv@users.noreply.github.com>
Co-authored-by: Vikhyath Mondreti <vikhyath@simstudio.ai>
Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Siddharth Ganesan <33737564+Sg312@users.noreply.github.com>
Co-authored-by: NLmejiro <kuroda.k1021@gmail.com>

Author: 6 people

apps/sim/lib/api-key/crypto.ts

@@ -36,16 +36,17 @@ export async function encryptApiKey(apiKey: string): Promise<{ encrypted: string
   }
 
   const iv = randomBytes(16)
-  const cipher = createCipheriv('aes-256-gcm', key, iv)
+  const cipher = createCipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
   let encrypted = cipher.update(apiKey, 'utf8', 'hex')
   encrypted += cipher.final('hex')
 
   const authTag = cipher.getAuthTag()
+  const ivHex = iv.toString('hex')
 
   // Format: iv:encrypted:authTag
   return {
-    encrypted: `${iv.toString('hex')}:${encrypted}:${authTag.toString('hex')}`,
-    iv: iv.toString('hex'),
+    encrypted: `${ivHex}:${encrypted}:${authTag.toString('hex')}`,
+    iv: ivHex,
   }
 }
 
@@ -55,8 +56,10 @@ export async function encryptApiKey(apiKey: string): Promise<{ encrypted: string
  * @returns A promise that resolves to an object containing the decrypted API key
  */
 export async function decryptApiKey(encryptedValue: string): Promise<{ decrypted: string }> {
+  const parts = encryptedValue.split(':')
+
   // Check if this is actually encrypted (contains colons)
-  if (!encryptedValue.includes(':') || encryptedValue.split(':').length !== 3) {
+  if (parts.length !== 3) {
     // This is a plain text key, return as-is
     return { decrypted: encryptedValue }
   }
@@ -68,10 +71,9 @@ export async function decryptApiKey(encryptedValue: string): Promise<{ decrypted
     return { decrypted: encryptedValue }
   }
 
-  const parts = encryptedValue.split(':')
   const ivHex = parts[0]
-  const authTagHex = parts[parts.length - 1]
-  const encrypted = parts.slice(1, -1).join(':')
+  const authTagHex = parts[2]
+  const encrypted = parts[1]
 
   if (!ivHex || !encrypted || !authTagHex) {
     throw new Error('Invalid encrypted API key format. Expected "iv:encrypted:authTag"')
@@ -81,7 +83,7 @@ export async function decryptApiKey(encryptedValue: string): Promise<{ decrypted
   const authTag = Buffer.from(authTagHex, 'hex')
 
   try {
-    const decipher = createDecipheriv('aes-256-gcm', key, iv)
+    const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
     decipher.setAuthTag(authTag)
 
     let decrypted = decipher.update(encrypted, 'hex', 'utf8')

apps/sim/lib/core/security/encryption.ts

@@ -21,16 +21,17 @@ export async function encryptSecret(secret: string): Promise<{ encrypted: string
   const iv = randomBytes(16)
   const key = getEncryptionKey()
 
-  const cipher = createCipheriv('aes-256-gcm', key, iv)
+  const cipher = createCipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
   let encrypted = cipher.update(secret, 'utf8', 'hex')
   encrypted += cipher.final('hex')
 
   const authTag = cipher.getAuthTag()
+  const ivHex = iv.toString('hex')
 
   // Format: iv:encrypted:authTag
   return {
-    encrypted: `${iv.toString('hex')}:${encrypted}:${authTag.toString('hex')}`,
-    iv: iv.toString('hex'),
+    encrypted: `${ivHex}:${encrypted}:${authTag.toString('hex')}`,
+    iv: ivHex,
   }
 }
 
@@ -54,15 +55,17 @@ export async function decryptSecret(encryptedValue: string): Promise<{ decrypted
   const authTag = Buffer.from(authTagHex, 'hex')
 
   try {
-    const decipher = createDecipheriv('aes-256-gcm', key, iv)
+    const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
     decipher.setAuthTag(authTag)
 
     let decrypted = decipher.update(encrypted, 'hex', 'utf8')
     decrypted += decipher.final('utf8')
 
     return { decrypted }
-  } catch (error: any) {
-    logger.error('Decryption error:', { error: error.message })
+  } catch (error: unknown) {
+    logger.error('Decryption error:', {
+      error: error instanceof Error ? error.message : 'Unknown error',
+    })
     throw error
   }
 }

bun.lock

@@ -39,7 +39,7 @@
     "glob": "13.0.0",
     "husky": "9.1.7",
     "lint-staged": "16.0.0",
-    "turbo": "2.9.1"
+    "turbo": "2.9.3"
   },
   "lint-staged": {
     "*.{js,jsx,ts,tsx,json,css,scss}": [

package.json

@@ -125,7 +125,7 @@ function getEncryptionKeyBuffer(): Buffer {
 async function encryptSecret(secret: string): Promise<string> {
   const iv = randomBytes(16)
   const key = getEncryptionKeyBuffer()
-  const cipher = createCipheriv('aes-256-gcm', key, iv)
+  const cipher = createCipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
   let encrypted = cipher.update(secret, 'utf8', 'hex')
   encrypted += cipher.final('hex')
   const authTag = cipher.getAuthTag()
@@ -146,7 +146,7 @@ async function decryptSecret(encryptedValue: string): Promise<string> {
   const iv = Buffer.from(ivHex, 'hex')
   const authTag = Buffer.from(authTagHex, 'hex')
 
-  const decipher = createDecipheriv('aes-256-gcm', key, iv)
+  const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
   decipher.setAuthTag(authTag)
 
   let decrypted = decipher.update(encrypted, 'hex', 'utf8')