diff --git a/doc/api/crypto.md b/doc/api/crypto.md index 44a4e249759b3a..57ce4d08911722 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -3078,10 +3078,9 @@ and initialization vector (`iv`). The `options` argument controls stream behavior and is optional except when a cipher in CCM or OCB mode (e.g. `'aes-128-ccm'`) is used. In that case, the `authTagLength` option is required and specifies the length of the -authentication tag in bytes, see [CCM mode][]. In GCM mode, the `authTagLength` -option is not required but can be used to restrict accepted authentication tags -to those with the specified length. -For `chacha20-poly1305`, the `authTagLength` option defaults to 16 bytes. +authentication tag in bytes, see [CCM mode][]. +For AES-GCM and `chacha20-poly1305`, the `authTagLength` option defaults to 16 +bytes and must be set to a different value if a different length is used. The `algorithm` is dependent on OpenSSL, examples are `'aes192'`, etc. On recent OpenSSL releases, `openssl list -cipher-algorithms` will diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md index 75e3468a9c9129..1846797cbd8cb4 100644 --- a/doc/api/deprecations.md +++ b/doc/api/deprecations.md @@ -3623,15 +3623,18 @@ Please use the [`crypto.createHmac()`][] method to create Hmac instances. -Type: Documentation-only (supports [`--pending-deprecation`][]) +Type: Runtime Applications that intend to use authentication tags that are shorter than the -default authentication tag length should set the `authTagLength` option of the +default authentication tag length must set the `authTagLength` option of the [`crypto.createDecipheriv()`][] function to the appropriate length. For ciphers in GCM mode, the [`decipher.setAuthTag()`][] function accepts diff --git a/src/crypto/crypto_cipher.cc b/src/crypto/crypto_cipher.cc index 94e2957cadec16..76a2d25709a1f7 100644 --- a/src/crypto/crypto_cipher.cc +++ b/src/crypto/crypto_cipher.cc @@ -698,8 +698,7 @@ void CipherBase::SetAuthTag(const FunctionCallbackInfo& args) { } if (mode == EVP_CIPH_GCM_MODE && cipher->auth_tag_len_ == kNoAuthTagLength && - tag_len != 16 && env->options()->pending_deprecation && - env->EmitProcessEnvWarning()) { + tag_len != 16 && env->EmitProcessEnvWarning()) { if (ProcessEmitDeprecationWarning( env, "Using AES-GCM authentication tags of less than 128 bits without " diff --git a/test/parallel/test-crypto-gcm-implicit-short-tag.js b/test/parallel/test-crypto-gcm-implicit-short-tag.js index 0776506bb63523..79647f00857ee6 100644 --- a/test/parallel/test-crypto-gcm-implicit-short-tag.js +++ b/test/parallel/test-crypto-gcm-implicit-short-tag.js @@ -1,4 +1,3 @@ -// Flags: --pending-deprecation 'use strict'; const common = require('../common'); if (!common.hasCrypto)