From a7fce274241c3fb2ad6d624541e64f2776f31f6a Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Mon, 30 Apr 2018 13:46:13 +0200
Subject: [PATCH] Safari 8 compatibility

---
 src/crypto/eax.js        | 2 +-
 src/crypto/ocb.js        | 2 +-
 src/packet/secret_key.js | 2 +-
 test/crypto/eax.js       | 2 +-
 test/crypto/ocb.js       | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/crypto/eax.js b/src/crypto/eax.js
index d2b578a1..acad0d67 100644
--- a/src/crypto/eax.js
+++ b/src/crypto/eax.js
@@ -140,7 +140,7 @@ async function EAX(cipher, key) {
       for (let i = 0; i < tagLength; i++) {
         tag[i] ^= omacAdata[i] ^ omacNonce[i];
       }
-      if (!util.equalsUint8Array(ctTag, tag)) throw new Error('Authentication tag mismatch in EAX ciphertext');
+      if (!util.equalsUint8Array(ctTag, tag)) throw new Error('Authentication tag mismatch');
       const plaintext = await ctr(ciphered, omacNonce);
       return plaintext;
     }
diff --git a/src/crypto/ocb.js b/src/crypto/ocb.js
index ef4c7830..62a2b6d5 100644
--- a/src/crypto/ocb.js
+++ b/src/crypto/ocb.js
@@ -248,7 +248,7 @@ async function OCB(cipher, key) {
       if (util.equalsUint8Array(tag, crypted.subarray(-tagLength))) {
         return crypted.subarray(0, -tagLength);
       }
-      throw new Error('Authentication tag mismatch in OCB ciphertext');
+      throw new Error('Authentication tag mismatch');
     }
   };
 }
diff --git a/src/packet/secret_key.js b/src/packet/secret_key.js
index 491d60ae..dd9eb56c 100644
--- a/src/packet/secret_key.js
+++ b/src/packet/secret_key.js
@@ -309,7 +309,7 @@ SecretKey.prototype.decrypt = async function (passphrase) {
       const modeInstance = await mode(symmetric, key);
       cleartext = await modeInstance.decrypt(ciphertext, iv.subarray(0, mode.ivLength), new Uint8Array());
     } catch(err) {
-      if (err.message.startsWith('Authentication tag mismatch')) {
+      if (err.message === 'Authentication tag mismatch') {
         throw new Error('Incorrect key passphrase: ' + err.message);
       }
     }
diff --git a/test/crypto/eax.js b/test/crypto/eax.js
index 3158428a..6b4191ed 100644
--- a/test/crypto/eax.js
+++ b/test/crypto/eax.js
@@ -108,7 +108,7 @@ function testAESEAX() {
       ct = await eax.encrypt(msgBytes, nonceBytes, headerBytes);
       ct[2] ^= 8;
       pt = eax.decrypt(ct, nonceBytes, headerBytes);
-      await expect(pt).to.eventually.be.rejectedWith('Authentication tag mismatch in EAX ciphertext')
+      await expect(pt).to.eventually.be.rejectedWith('Authentication tag mismatch')
 
       // testing without additional data
       ct = await eax.encrypt(msgBytes, nonceBytes, new Uint8Array());
diff --git a/test/crypto/ocb.js b/test/crypto/ocb.js
index 290e8b88..5983434c 100644
--- a/test/crypto/ocb.js
+++ b/test/crypto/ocb.js
@@ -136,7 +136,7 @@ describe('Symmetric AES-OCB', function() {
       ct = await ocb.encrypt(msgBytes, nonceBytes, headerBytes);
       ct[2] ^= 8;
       pt = ocb.decrypt(ct, nonceBytes, headerBytes);
-      await expect(pt).to.eventually.be.rejectedWith('Authentication tag mismatch in OCB ciphertext')
+      await expect(pt).to.eventually.be.rejectedWith('Authentication tag mismatch')
 
       // testing without additional data
       ct = await ocb.encrypt(msgBytes, nonceBytes, new Uint8Array());