From a5a6c4dc9f459b88de5f243cf1d4ea620def8d98 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Tue, 2 Mar 2021 23:58:48 +0100
Subject: [PATCH] fix(electron): only call (de)cipher.setAAD() when aad is not
 empty

---
 src/runtime/node/decrypt.ts | 4 +++-
 src/runtime/node/encrypt.ts | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/runtime/node/decrypt.ts b/src/runtime/node/decrypt.ts
index 580a3606cc..f8c861d8e3 100644
--- a/src/runtime/node/decrypt.ts
+++ b/src/runtime/node/decrypt.ts
@@ -75,7 +75,9 @@ async function gcmDecrypt(
   try {
     const cipher = createDecipheriv(algorithm, cek, iv, { authTagLength: 16 })
     cipher.setAuthTag(tag)
-    cipher.setAAD(aad)
+    if (aad.byteLength) {
+      cipher.setAAD(aad)
+    }
 
     return concat(cipher.update(ciphertext), cipher.final())
   } catch (err) {
diff --git a/src/runtime/node/encrypt.ts b/src/runtime/node/encrypt.ts
index 31d6d09d60..1c35e9b547 100644
--- a/src/runtime/node/encrypt.ts
+++ b/src/runtime/node/encrypt.ts
@@ -46,7 +46,9 @@ async function gcmEncrypt(
 
   const algorithm = <CipherGCMTypes>`aes-${keySize}-gcm`
   const cipher = createCipheriv(algorithm, cek, iv, { authTagLength: 16 })
-  cipher.setAAD(aad)
+  if (aad.byteLength) {
+    cipher.setAAD(aad)
+  }
 
   const ciphertext = concat(cipher.update(plaintext), cipher.final())
   const tag = cipher.getAuthTag()