From 43c8567b0d20e61827d78d3230dab6d53664f640 Mon Sep 17 00:00:00 2001
From: Ylian Saint-Hilaire <ysainthilaire@hotmail.com>
Date: Sun, 3 May 2020 14:12:26 -0700
Subject: [PATCH] Fixed GCM cookie decoding authtag.

---
 db.js          | 2 +-
 meshcentral.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/db.js b/db.js
index 40f32379..fc81d1f2 100644
--- a/db.js
+++ b/db.js
@@ -296,7 +296,7 @@ module.exports.CreateDB = function (parent, func) {
         const iv = ciphertextBytes.slice(0, 12);
         const data = ciphertextBytes.slice(28);
         const aes = parent.crypto.createDecipheriv('aes-256-gcm', obj.dbRecordsDecryptKey, iv);
-        aes.setAuthTag(ciphertextBytes.slice(12, 16));
+        aes.setAuthTag(ciphertextBytes.slice(12, 28));
         var plaintextBytes, r;
         try {
             plaintextBytes = Buffer.from(aes.update(data));
diff --git a/meshcentral.js b/meshcentral.js
index b1088fa2..8131e582 100644
--- a/meshcentral.js
+++ b/meshcentral.js
@@ -2236,7 +2236,7 @@ function CreateMeshCentralServer(config, args) {
             if (key == null) { key = obj.serverKey; }
             cookie = Buffer.from(cookie.replace(/\@/g, '+').replace(/\$/g, '/'), obj.args.cookieencoding ? obj.args.cookieencoding : 'base64');
             const decipher = obj.crypto.createDecipheriv('aes-256-gcm', key.slice(0, 32), cookie.slice(0, 12));
-            decipher.setAuthTag(cookie.slice(12, 16));
+            decipher.setAuthTag(cookie.slice(12, 28));
             const o = JSON.parse(decipher.update(cookie.slice(28), 'binary', 'utf8') + decipher.final('utf8'));
             if ((o.time == null) || (o.time == null) || (typeof o.time != 'number')) { obj.debug('cookie', 'ERR: Bad cookie due to invalid time'); return null; }
             o.time = o.time * 1000; // Decode the cookie creation time