fix: specify authTagLength in AES-GCM decipheriv calls

NLmejiro · NLmejiro · commit 84fe77868426 · 2026-04-01T13:17:05.000Z
Fixes missing authTagLength parameter in createDecipheriv calls using
AES-256-GCM mode. Without explicit tag length specification, the
application may be tricked into accepting shorter authentication tags,
potentially allowing ciphertext spoofing.

CWE-310: Cryptographic Issues (gcm-no-tag-length)
diff --git a/apps/sim/lib/api-key/crypto.ts b/apps/sim/lib/api-key/crypto.ts
@@ -81,7 +81,7 @@ export async function decryptApiKey(encryptedValue: string): Promise<{ decrypted
   const authTag = Buffer.from(authTagHex, 'hex')
 
   try {
-    const decipher = createDecipheriv('aes-256-gcm', key, iv)
+    const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
     decipher.setAuthTag(authTag)
 
     let decrypted = decipher.update(encrypted, 'hex', 'utf8')
diff --git a/apps/sim/lib/core/security/encryption.ts b/apps/sim/lib/core/security/encryption.ts
@@ -54,7 +54,7 @@ export async function decryptSecret(encryptedValue: string): Promise<{ decrypted
   const authTag = Buffer.from(authTagHex, 'hex')
 
   try {
-    const decipher = createDecipheriv('aes-256-gcm', key, iv)
+    const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
     decipher.setAuthTag(authTag)
 
     let decrypted = decipher.update(encrypted, 'hex', 'utf8')
diff --git a/packages/db/scripts/migrate-block-api-keys-to-byok.ts b/packages/db/scripts/migrate-block-api-keys-to-byok.ts
@@ -146,7 +146,7 @@ async function decryptSecret(encryptedValue: string): Promise<string> {
   const iv = Buffer.from(ivHex, 'hex')
   const authTag = Buffer.from(authTagHex, 'hex')
 
-  const decipher = createDecipheriv('aes-256-gcm', key, iv)
+  const decipher = createDecipheriv('aes-256-gcm', key, iv, { authTagLength: 16 })
   decipher.setAuthTag(authTag)
 
   let decrypted = decipher.update(encrypted, 'hex', 'utf8')
