libQtShadowsocks icon indicating copy to clipboard operation
libQtShadowsocks copied to clipboard
verified publisher icon shadowsocks

AEAD cyphers ERROR - Remote: Integrity failure: GCM tag check failed

Open sgww2 opened this issue 7 years ago • 3 comments

Hello

I use shadowsocks-libqss 2.0.2 on Windows 10 as a client and shadowsocks-libqss 2.0.2 on ubuntu 18.04 LTS as a server. Everything goes well if I use CFB cyphers, but with AEAD cyphers I get the following error

2018-03-26 0:14:20.627 ERROR: Remote: Integrity failure: GCM tag check failed

I also tried shadowsocks-libev as a server but with the same result. What is the reason for the error and how to fix it?

More detailed log:

2018-03-26 0:13:02.208 INFO: Initialising cipher: aes-128-gcm
2018-03-26 0:13:02.224 INFO: Running in local mode.
2018-03-26 0:13:02.224 DEBUG: Listen UDP socket state changed to QAbstractSocket::BoundState
2018-03-26 0:13:02.239 INFO: TCP server listening at 127.0.0.1:10800
2018-03-26 0:13:02.333 INFO: The shadowsocks connection is okay.
2018-03-26 0:13:05.943 INFO: Connecting some server here:443 from 127.0.0.1:62105
2018-03-26 0:13:41.998 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:13:41.998 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:13:41.998 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:13:42.186 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:13:42.201 DEBUG: AEAD data chunk is incomplete (too small for length)
2018-03-26 0:13:42.201 ERROR: Remote: Integrity failure: GCM tag check failed
2018-03-26 0:13:47.249 INFO: Connecting some server:443 from 127.0.0.1:62160
2018-03-26 0:13:47.546 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:13:56.547 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:14:20.612 DEBUG: AEAD data chunk is incomplete (too small for payload)
2018-03-26 0:14:20.627 DEBUG: AEAD data chunk is incomplete (too small for length)
2018-03-26 0:14:20.627 ERROR: Remote: Integrity failure: GCM tag check failed
2018-03-26 0:14:25.665 INFO: Connecting some server:443 from 127.0.0.1:62191
2018-03-26 0:14:40.970 DEBUG: AEAD data chunk is incomplete (too small for payload)

Thanks

sgww2 avatar Mar 25 '18 21:03 sgww2

I do see this error sometimes but I'm not sure why this would happen

librehat avatar Apr 08 '18 21:04 librehat

Same issue. Maybe Botan's crypto is incompatible with libsodium?

testcaoy7 avatar Apr 11 '18 02:04 testcaoy7

@librehat @testcaoy7

As I am not a developer I can not find what is wrong, however I tested shadowsocks-libev (AEAD ciphers) version both client and server and didn't get this issue. So this issue is only for the QT version.

sgww2 avatar Apr 11 '18 13:04 sgww2