doc: improve CCM example

Applications should never attempt to use the deciphered message if authentication fails. In reality, this is usually not a problem since OpenSSL does not disclose the plaintext in this case, but it is still a design mistake and can lead to critical security problems in other cipher modes and implementations. PR-URL: #27396 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Rich Trott <[email protected]>
nodejs · May 6, 2019 · 153c101 · 153c101
1 parent 8c4bd2a
commit 153c101
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/doc/api/crypto.md b/doc/api/crypto.md
@@ -2885,6 +2885,7 @@ try {
   decipher.final();
 } catch (err) {
   console.error('Authentication failed!');
+  return;
 }
 
 console.log(receivedPlaintext);