authTagLength error with writing to cipher

Question

I've the following code, and I'm trying to create and write to cipher using aes192 but createCipher is deprecated.

Can someone help me on how to run this on an old nodejs runtime that will spit the exact output.

const crypto = require("crypto");
const cipher = crypto.createCipher("aes192", "abc");
let encrypted = "";
cipher.on("end", function () {
    console.log(encrypted)
});
cipher.write("abc");
cipher.end();

Answer 1

Is that really what you want to do? There are several reasons to avoid the deprecated API and the cipher bit size and mode used in the provided example.

1. The deprecated API for crypto.createCipher()/crypto.createDecipher() was done to allow the introduction of a unique IV as outlined in various security research such as NIST SP 800-38A.
2. The 192 key size for AES, while not yet antiquated in comparison to AES-128, it is still not the recommended keysize; 256, ref NIST SP 800-131A.
3. The OpenSSL (default) encryption libraries that node.js implements defaults to CBC mode which has known issues as outlined here.

Now that I have provided you with the reasons NOT to use your current implementation you should be able to use the nvm tool to quickly change between versions of node.js.

$ nvm v6

According to the node.js crypto docs, it was deprecated in anything prior to <10. I believe the 'warning' of deprecation began occurring in versions >=8 if memory serves.

And for the record you should use the following: AES 256, GCM mode and a per cipher text IV.

A quick package search using npm will yield quite a few existing modules to help, however I recommend my own library kruptein. It implements strong key derivation, supports multiple char sets & uses all of the recommended industry standards.