decipher.setAuthTag(buffer)

版本历史

版本	变更
v11.0.0	如果 GCM 标签长度无效，则此方法现在会抛出错误。
v7.2.0	此方法现在返回对 `decipher` 的引用。
v1.0.0	新增于: v1.0.0

buffer <Buffer> | <TypedArray> | <DataView>
返回: <Decipher> 用于方法链。

当使用认证的加密方式时（目前支持 GCM、CCM、OCB），则使用 decipher.setAuthTag() 方法传入接收到的认证标签。如果没有提供标签，或者密文被篡改，则抛出 decipher.final()，表示由于认证失败，密文应该被丢弃。如果标签长度根据 NIST SP 800-38D 无效或与 authTagLength 选项的值不匹配，则 decipher.setAuthTag() 将抛出错误。

对于 CCM 模式，必须在 decipher.update() 之前调用 decipher.setAuthTag() 方法，对于 GCM 和 OCB 模式，必须在 decipher.final() 之前调用。 decipher.setAuthTag() 只能被调用一次。

History

Version	Changes
v11.0.0	This method now throws if the GCM tag length is invalid.
v7.2.0	This method now returns a reference to `decipher`.
v1.0.0	Added in: v1.0.0

buffer <Buffer> | <TypedArray> | <DataView>
Returns: <Decipher> for method chaining.

When using an authenticated encryption mode (GCM, CCM and OCB are currently supported), the decipher.setAuthTag() method is used to pass in the received authentication tag. If no tag is provided, or if the cipher text has been tampered with, decipher.final() will throw, indicating that the cipher text should be discarded due to failed authentication. If the tag length is invalid according to NIST SP 800-38D or does not match the value of the authTagLength option, decipher.setAuthTag() will throw an error.

The decipher.setAuthTag() method must be called before decipher.update() for CCM mode or before decipher.final() for GCM and OCB modes. decipher.setAuthTag() can only be called once.