Skip to content

src: simplify handling of kNoAuthTagLength#61192

Merged
nodejs-github-bot merged 1 commit intonodejs:mainfrom
tniessen:src-simplify-knoauthtaglength
Jan 7, 2026
Merged

src: simplify handling of kNoAuthTagLength#61192
nodejs-github-bot merged 1 commit intonodejs:mainfrom
tniessen:src-simplify-knoauthtaglength

Conversation

@tniessen
Copy link
Member

@tniessen tniessen commented Dec 28, 2025

Since #61084, the kNoAuthTagLength constant is only used

  • during the entire lifetime of non-authenticating cipher/decipher objects and
  • during the initialization of authenticating cipher/decipher objects.

In particular, it is never used during the lifetime of an authenticating cipher/decipher object once that object has been initialized. (Before said change, the constant was also used for ciphers in GCM mode to indicate that the user had not specified the length of the authentication tag in advance, but the authentication tag length must now always be specified or defaults to the block size in the case of GCM mode.)

This commit simplifies the handling of kNoAuthTagLength based on the knowledge that it is not a valid value for AEAD ciphers beyond initialization.

@tniessen
src: simplify handling of kNoAuthTagLength
dc8669c 
Since nodejs#61084, the `kNoAuthTagLength`
constant is only used

- during the entire lifetime of non-authenticating cipher/decipher
  objects and
- during the initialization of authenticating cipher/decipher objects.

In particular, it is never used during the lifetime of an authenticating
cipher/decipher object once that object has been initialized. (Before
said change, the constant was also used for ciphers in GCM mode to
indicate that the user had not specified the length of the
authentication tag in advance, but the authentication tag length must
now always be specified or defaults to the block size in the case of GCM
mode.)

This commit simplifies the handling of `kNoAuthTagLength` based on the
knowledge that it is not a valid value for AEAD ciphers beyond
initialization.
@tniessen tniessen added crypto Issues and PRs related to the crypto subsystem. c++ Issues and PRs that require attention from people who are familiar with C++. labels Dec 28, 2025
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Dec 28, 2025

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added the needs-ci PRs that need a full CI run. label Dec 28, 2025
@codecov
Copy link

codecov bot commented Dec 28, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 73.07692% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.54%. Comparing base (05d6b9b) to head (dc8669c).
⚠️ Report is 139 commits behind head on main.

Files with missing lines Patch % Lines
src/crypto/crypto_cipher.cc 73.07% 2 Missing and 5 partials ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #61192   +/-   ##
=======================================
  Coverage   88.53%   88.54%           
=======================================
  Files         703      703           
  Lines      208599   208579   -20     
  Branches    40229    40220    -9     
=======================================
- Hits       184685   184676    -9     
+ Misses      15939    15911   -28     
- Partials     7975     7992   +17
Files with missing lines Coverage Δ
src/crypto/crypto_cipher.cc 77.43% <73.07%> (-1.04%) ⬇️

... and 32 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@addaleax addaleax added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. request-ci Add this label to start a Jenkins CI on a PR. labels Dec 29, 2025
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Dec 29, 2025
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Dec 29, 2025

CI: https://ci.nodejs.org/job/node-test-pull-request/70618/

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Dec 30, 2025

CI: https://ci.nodejs.org/job/node-test-pull-request/70637/

@avivkeller avivkeller added the commit-queue Add this label to land a pull request using GitHub Actions. label Jan 1, 2026
@nodejs-github-bot nodejs-github-bot added commit-queue-failed An error occurred while landing this pull request using GitHub Actions. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Jan 1, 2026
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jan 1, 2026

Commit Queue failed
- Loading data for nodejs/node/pull/61192
✔  Done loading data for nodejs/node/pull/61192
----------------------------------- PR info ------------------------------------
Title      src: simplify handling of kNoAuthTagLength (#61192)
   ⚠  Could not retrieve the email or name of the PR author's from user's GitHub profile!
Branch     tniessen:src-simplify-knoauthtaglength -> nodejs:main
Labels     crypto, c++, author ready, needs-ci
Commits    1
 - src: simplify handling of kNoAuthTagLength
Committers 1
 - Tobias Nießen <tniessen@tnie.de>
PR-URL: https://github.com/nodejs/node/pull/61192
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/61192
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
--------------------------------------------------------------------------------
   ℹ  This PR was created on Sun, 28 Dec 2025 12:25:18 GMT
   ✔  Approvals: 1
   ✔  - Colin Ihrig (@cjihrig): https://github.com/nodejs/node/pull/61192#pullrequestreview-3614804140
   ✘  This PR needs to wait 71 more hours to land (or 0 minutes if there is one more approval)
   ✔  Last GitHub CI successful
   ℹ  Last Full PR CI on 2025-12-30T19:17:12Z: https://ci.nodejs.org/job/node-test-pull-request/70637/
- Querying data for job/node-test-pull-request/70637/
✔  Build data downloaded
   ✔  Last Jenkins CI successful
--------------------------------------------------------------------------------
   ✔  Aborted `git node land` session in /home/runner/work/node/node/.ncu
https://github.com/nodejs/node/actions/runs/20639737695

@tniessen tniessen added commit-queue Add this label to land a pull request using GitHub Actions. and removed commit-queue-failed An error occurred while landing this pull request using GitHub Actions. labels Jan 7, 2026
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jan 7, 2026
@nodejs-github-bot nodejs-github-bot merged commit a86db6b into nodejs:main Jan 7, 2026
91 of 92 checks passed
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jan 7, 2026

Landed in a86db6b

@aduh95 aduh95 added dont-land-on-v20.x PRs that should not land on the v20.x-staging branch and should not be released in v20.x. dont-land-on-v22.x PRs that should not land on the v22.x-staging branch and should not be released in v22.x. dont-land-on-v24.x PRs that should not land on the v24.x-staging branch and should not be released in v24.x. dont-land-on-v25.x PRs that should not land on the v25.x-staging branch and should not be released in v25.x. labels Jan 20, 2026
islandryu pushed a commit to islandryu/node that referenced this pull request Jan 25, 2026
@tniessen @islandryu
src: simplify handling of kNoAuthTagLength
970ef07 
Since nodejs#61084, the `kNoAuthTagLength`
constant is only used

- during the entire lifetime of non-authenticating cipher/decipher
  objects and
- during the initialization of authenticating cipher/decipher objects.

In particular, it is never used during the lifetime of an authenticating
cipher/decipher object once that object has been initialized. (Before
said change, the constant was also used for ciphers in GCM mode to
indicate that the user had not specified the length of the
authentication tag in advance, but the authentication tag length must
now always be specified or defaults to the block size in the case of GCM
mode.)

This commit simplifies the handling of `kNoAuthTagLength` based on the
knowledge that it is not a valid value for AEAD ciphers beyond
initialization.

PR-URL: nodejs#61192
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cjihrig cjihrig cjihrig approved these changes

Assignees

No one assigned

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. dont-land-on-v20.x PRs that should not land on the v20.x-staging branch and should not be released in v20.x. dont-land-on-v22.x PRs that should not land on the v22.x-staging branch and should not be released in v22.x. dont-land-on-v24.x PRs that should not land on the v24.x-staging branch and should not be released in v24.x. dont-land-on-v25.x PRs that should not land on the v25.x-staging branch and should not be released in v25.x. needs-ci PRs that need a full CI run.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@tniessen @nodejs-github-bot @cjihrig @addaleax @aduh95 @avivkeller