Error while decrypting temp ID. Unsupported state or unable to authenticate data"

[nifrali]

I got this error, after uploading, a simulation for a Positive case. I tried tracing the code and it somewhere at the decryptTempID method that is having an issue. Can you help explain how the process or algorithm on this?

Thanks.

[alexissinglaire]

@nifrali : the error has something to do with the encryption key took from secret manager . Can you verify again your config.ts value especially on the section encryption for following parameters : defaultAlgorithm, keyPath and defaultVersion.

Those value should match with your secret value definition.

Good luck.

[sethupathiramalingam]

Hi Team,

I have the same problem. Even My encryption section "defaultAlgorithm, keyPath and defaultVersion" those parameters added properly. Previously it's was working as we expected.

OpenTrace team: Please give your input.

Thanks in advance :)

Please help me.

[jandresnc]

I had the same problem, I solved it changing the UID_SIZE parameter in getTempIDs.ts. The UID size is in fact 21 bytes long but when it is encrypted it starts coded as base64 that makes it appear longer. Obviously it changes the size of the final frame as well. In order to get the solution I used CyberChef to do the operations in both ways, encrypting and decrypting the tempId frame

https://gchq.github.io/CyberChef/

const decryptedB64 = customEncrypter.decodeAndDecrypt(payloadData, [UID_SIZE + 19, IV_SIZE, AUTHTAG_SIZE]); // <-- first field must be 40 bytes

. Moreover, I changed the CustomEncrypter.ts in the following parts of the code since it was not able to compile. Here my changes:

  // @ts-ignore
    //let plainText = decipher.update(cipherText, 'base64', 'base64'); <- it cannot be both the same according to the documentation**
    let plainText = decipher.update(cipherText, 'base64', 'utf8');   // <-- my change was base64 to utf8
    plainText += decipher.final('utf8');  // <-- final method also must be changed
    return plainText;
  }

 let cipherText = cipher.update(dataB64, 'base64', 'base64');  // <-- original
let cipherText = cipher.update(dataB64, 'utf8', 'base64');  // <-- my change 
    cipherText += cipher.final('base64');
    return [
      cipherText,
      iv.toString('base64'),
      cipher.getAuthTag().toString('base64')
    ];
  }`

Good luck!

[sethupathiramalingam]

Hi @jandresnc,

Thanks for the update. I have tried your solution but it is not working for me. Kindly suggest some other way to resolve this issue.

Other on the thread did you find any solution on the reported issue. Please help me.

Thanks in advance.

[jandresnc]

Hello @sethupathiramalingam , I suggest taking the encrption and decryption process step by step in your code, I did it showing with console.log all the steps in order to identify the part that was not according to the documentation, also I inspected the bytes lenght in each step. At the same time I took the message and I followed the same process using Cyberchef in order to compare the results, and when I detected the difference I got that solution. Maybe you could post one of your messages here to try to decrypt it and show you the steps.