crypto.createDecipheriv(algorithm, key, iv[, options])

版本历史

版本	变更
v11.6.0	参数 `key` 现在可以是 `KeyObject`。
v11.2.0, v10.17.0	现在支持加密 `chacha20-poly1305`。
v10.10.0	现在支持 OCB 模式下的加密。
v10.2.0	选项 `authTagLength` 现在可用于限制接受的 GCM 身份验证标签长度。
v9.9.0	对于不需要初始化向量的加密，`iv` 参数现在可以为 `null`。
v0.1.94	新增于: v0.1.94

algorithm <string>
key <string> | <Buffer> | <TypedArray> | <DataView> | <KeyObject>
iv <string> | <Buffer> | <TypedArray> | <DataView> | <null>
options <Object> stream.transform 选项
返回: <Decipher>

创建并返回使用给定的 algorithm、key 和初始化向量（iv）的 Decipher 对象。

options 参数控制流的行为，并且是可选的，除非使用 CCM 或 OCB 模式的加密（例如 'aes-128-ccm'）。在这种情况下，需要 authTagLength 选项并指定身份验证标签的长度（以字节为单位），请参阅 CCM 模式。在 GCM 模式下，authTagLength 选项不是必需的，但可用于将接受的身份验证标签限制为指定的长度。

algorithm 依赖于 OpenSSL，例如 'aes192' 等。在 OpenSSL 的最新版本中，openssl list -cipher-algorithms（在 OpenSSL 的旧版本中为 openssl list-cipher-algorithms）将显示可用的加密算法。

key 是 algorithm 使用的原始密钥，iv 是初始化向量。两个参数都必须是 'utf8' 编码的字符串、缓冲区、TypedArray 或 DataView。 key 可以是 secret 类型的 KeyObject。如果加密不需要初始化向量，则 iv 可以是 null。

初始化向量应该是不可预测的和独特的；理想情况下，它们将是加密随机的。它们不必是机密的：IV 通常不加密就添加到密文消息中。必须是不可预测的和独特的，但不必是机密的，这听起来可能有些矛盾。请记住，一定不能让攻击者提前预测到给定的 IV。

History

Version	Changes
v11.6.0	The `key` argument can now be a `KeyObject`.
v11.2.0, v10.17.0	The cipher `chacha20-poly1305` is now supported.
v10.10.0	Ciphers in OCB mode are now supported.
v10.2.0	The `authTagLength` option can now be used to restrict accepted GCM authentication tag lengths.
v9.9.0	The `iv` parameter may now be `null` for ciphers which do not need an initialization vector.
v0.1.94	Added in: v0.1.94

algorithm <string>
key <string> | <Buffer> | <TypedArray> | <DataView> | <KeyObject>
iv <string> | <Buffer> | <TypedArray> | <DataView> | <null>
options <Object> stream.transform options
Returns: <Decipher>

Creates and returns a Decipher object that uses the given algorithm, key and initialization vector (iv).

The options argument controls stream behavior and is optional except when a cipher in CCM or OCB mode is used (e.g. 'aes-128-ccm'). In that case, the authTagLength option is required and specifies the length of the authentication tag in bytes, see CCM mode. In GCM mode, the authTagLength option is not required but can be used to restrict accepted authentication tags to those with the specified length.

The algorithm is dependent on OpenSSL, examples are 'aes192', etc. On recent OpenSSL releases, openssl list -cipher-algorithms (openssl list-cipher-algorithms for older versions of OpenSSL) will display the available cipher algorithms.

The key is the raw key used by the algorithm and iv is an initialization vector. Both arguments must be 'utf8' encoded strings, Buffers, TypedArray, or DataViews. The key may optionally be a KeyObject of type secret. If the cipher does not need an initialization vector, iv may be null.

Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; remember that an attacker must not be able to predict ahead of time what a given IV will be.