Open 2l42h3r opened 5 months ago
Helper script
import * as crypto from "crypto"
function generateKey() {
const key = crypto.randomBytes(32) // Generate a 256-bit key
const base64Key = key.toString("base64") // Encode key in base64
console.log(base64Key)
}
What is the improvement or update you wish to see?
Documentation around NEXT_SERVER_ACTIONS_ENCRYPTION_KEY does not mention the expected format of the key.
Docs should include information that the key must be a base64 encoded string generated from a Uint8Array of length valid for AES-GCM (e.g. 16) – as set here: https://github.com/vercel/next.js/blob/142584cb5986a850caec700c3aae670229976e12/packages/next/src/server/app-render/action-encryption-utils.ts#L158
Is there any context that might help us understand?
Setting the NEXT_SERVER_ACTIONS_ENCRYPTION_KEY variable incorrectly can cause the following error:
Internal error: DataError: Invalid key length at new DOMException (node:internal/per_context/domexception:53:5) at __node_internal_ (node:internal/util:695:10) at validateKeyLength (node:internal/crypto/aes:77:11) at Object.aesImportKey (node:internal/crypto/aes:271:7) at SubtleCrypto.importKey (node:internal/crypto/webcrypto:645:10) at getActionEncryptionKey (../../node_modules/next/dist/server/app-render/action-encryption-utils.js:142:52) at encodeActionBoundArg (../../node_modules/next/dist/server/app-render/action-encryption.js:46:73) at encryptActionBoundArgs (../../node_modules/next/dist/server/app-render/action-encryption.js:64:29)
Does the docs page already exist? Please link to it.
https://nextjs.org/docs/app/building-your-application/data-fetching/server-actions-and-mutations#overwriting-encryption-keys-advanced