App crash when decrypting Steam messages.

[Sadzurami]

Describe the bug

When SteamUser tries to decrypt Steam message, the app can unexpectedly crash.

It's hard to replicate because it didn't happen often. But it happens and causes the entire application to crash. In our cases this happened when we run 500+ instances of SteamUser with http proxies (~64 instances per proxy), after some hours of run.

Note: we are catching all errors of 'error' event. Application logic: logOn -> gamesPlayed(440, true) -> createAuthSessionTicket(440) -> idle

Versions

4.28.4 18.16.0

Screenshots and Error Logs

In this screens i catch uncaughtException and unhandledRejection on process and logs it to console with third-party logger before process exit.

[22:22:51.064] ERROR: error:1C800064:Provider routines::bad decrypt
    context: "AppService"
    err: {
      "type": "Error",
      "message": "error:1C800064:Provider routines::bad decrypt",
      "stack":
          Error: error:1C800064:Provider routines::bad decrypt
              at Decipheriv._flush (node:internal/crypto/cipher:160:29)
              at Decipheriv.final [as _final] (node:internal/streams/transform:111:10)
              at callFinal (node:internal/streams/writable:698:12)
              at prefinish (node:internal/streams/writable:710:7)
              at finishMaybe (node:internal/streams/writable:720:5)
              at Writable.end (node:internal/streams/writable:634:5)
              at Object.symmetricDecrypt (C:\snapshot\yet-another-reward\node_modules\@doctormckay\steam-crypto\index.js:80:10)
              at TCPConnection._readMessage (C:\snapshot\yet-another-reward\node_modules\steam-user\components\connection_protocols\tcp.js:186:27)
              at Socket.emit (node:events:537:28)
              at emitReadable_ (node:internal/streams/readable:590:12)
      "library": "Provider routines",
      "reason": "bad decrypt",
      "code": "ERR_OSSL_BAD_DECRYPT"
    }

[DoctorMcKay]

I cannot reproduce this. If I intentionally corrupt an encrypted message, I still get the error event emitted as expected.

[Sadzurami]

I cannot reproduce this. If I intentionally corrupt an encrypted message, I still get the error event emitted as expected.

I got this log tonight

[02:22:28.354] DEBUG: Encrypted message authentication failed
    context: "Client#bot05"
    err: {
      "type": "SteamError",
      "message": "Encrypted message authentication failed: Encrypted message authentication failed",
      "stack":
          Error: Encrypted message authentication failed
              at SteamUser.<anonymous> (C:\snapshot\yet-another-reward\dist\commands\farm\components\client.js)
              at SteamUser.emit (node:events:537:28)
              at TCPConnection._readMessage (C:\snapshot\yet-another-reward\node_modules\steam-user\components\connection_protocols\tcp.js:188:15)
              at Socket.emit (node:events:537:28)
              at emitReadable_ (node:internal/streams/readable:590:12)
              at onEofChunk (node:internal/streams/readable:568:5)
              at readableAddChunk (node:internal/streams/readable:275:5)
              at Readable.push (node:internal/streams/readable:234:10)
              at TCP.onStreamRead (node:internal/stream_base_commons:232:12)
              at TCP.callbackTrampoline (node:internal/async_hooks:130:17)
          caused by: Error: Encrypted message authentication failed
              at TCPConnection._readMessage (C:\snapshot\yet-another-reward\node_modules\steam-user\components\connection_protocols\tcp.js:188:29)
              at Socket.emit (node:events:537:28)
              at emitReadable_ (node:internal/streams/readable:590:12)
              at onEofChunk (node:internal/streams/readable:568:5)
              at readableAddChunk (node:internal/streams/readable:275:5)
              at Readable.push (node:internal/streams/readable:234:10)
              at TCP.onStreamRead (node:internal/stream_base_commons:232:12)
              at TCP.callbackTrampoline (node:internal/async_hooks:130:17)
      "steam": true,
      "code": "STEAM_ERROR"
    }
[02:22:28.355] DEBUG: Uncaught exception
    context: "AppService"
    err: {
      "type": "Error",
      "message": "Uncaught exception: error:1C80006B:Provider routines::wrong final block length",
      "stack":
          Error: Uncaught exception
              at process.<anonymous> (C:\snapshot\yet-another-reward\dist\app.service.js)
              at process.emit (node:events:537:28)
              at process.processEmit [as emit] (C:\snapshot\yet-another-reward\node_modules\signal-exit\index.js:199:34)
              at process._fatalException (node:internal/process/execution:167:25)
          caused by: Error: error:1C80006B:Provider routines::wrong final block length
              at Decipheriv._flush (node:internal/crypto/cipher:160:29)
              at Decipheriv.final [as _final] (node:internal/streams/transform:111:10)
              at callFinal (node:internal/streams/writable:698:12)
              at prefinish (node:internal/streams/writable:710:7)
              at finishMaybe (node:internal/streams/writable:720:5)
              at Writable.end (node:internal/streams/writable:634:5)
              at Object.symmetricDecrypt (C:\snapshot\yet-another-reward\node_modules\@doctormckay\steam-crypto\index.js:80:10)
              at TCPConnection._readMessage (C:\snapshot\yet-another-reward\node_modules\steam-user\components\connection_protocols\tcp.js:186:27)
              at Socket.emit (node:events:537:28)
              at emitReadable_ (node:internal/streams/readable:590:12)
    }

As you can see, firstly we get expected Encrypted message authentication failed error. After that, possibly on next tick, we got Uncaught exception.

Note, errors that SteamUser produce by error event i catch and log as SteamError. I say this so that there is no misunderstanding of what a SteamError is.