How to fix - 'createCipherIv' of crypto-browserify(react-native-crypto) is always using and returning 16 bytes auth tag for 'aes-256-gcm'?

Question

During createCipheriv(), the option to set the tag length is not being considered in crypto-browserify/react-native-crypto.

I have correctly followed the steps where to make crypto compatible with react native and I'm able to build the app without any issue, however, the authTagLength option is ignored in crypto-browserify/react-native-crypto implementations.

     const encryptedGcmBuffer = crypto.createCipheriv('aes-256-gcm', this.aesKey, aesGcmIvAdd, {
        authTagLength: 4,
    });
    /* Get the auth Tag */
    encryptedGcmBuffer.getAuthTag()

This code snippet uses and returns auth tag length as 4 bytes in Node.js for aes gcm encryption, while in react native it's always using 16 bytes.

Is there a way we can fix this inconsitency?

Answer 1

The current implementation of createCipheriv in crypto-browserify doesn't use the options 4th argument. https://github.com/crypto-browserify/browserify-aes/blob/master/encrypter.js#L86

authTagLength should be handled here, but it seems unsupported for now.