AES-GCM decryption bug

[ostapvolanuk]

Hey The bug is that when you try to decrypt a message that is not a multiple of 16 bytes, it is truncated to the minimal multiple. To reproduce the bug:

const forge = require('node-forge'); //random data var key = Buffer.from('53672edd97ec5352189082c00c8b00f91e10bf502ecedf664101235a9390238e', 'hex'); var iv = Buffer.from('4c3257ea042e6e8f284060c1', 'hex'); var tag = Buffer.from('8a4328c41d3f035f240fac44d32f5891', 'hex'); //config var decipher = forge.cipher.createDecipher('AES-GCM', forge.util.createBuffer(key)); decipher.start({ iv: forge.util.createBuffer(iv), tagLength: 128, tag: forge.util.createBuffer(tag) }); //not multiple of 16 bytes input decipher.update(forge.util.createBuffer(Buffer.from('12345678901234567890', 'hex'))); console.log('10 bytes output: "' + decipher.output.toHex() + '"'); // 0 bytes output: " " //multiple of 16 bytes input decipher.update(forge.util.createBuffer(Buffer.from('1234567890123456789012345678901234', 'hex'))); console.log('16 bytes output: "' + decipher.output.toHex() + '"'); // 16 bytes output: "97a54267d69ad519fae8102f6eed11eb"