crypto.createCipheriv(algorithm, key, iv[, options])
algorithm
<string>key
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> | <CryptoKey>iv
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <null>options
<Object>stream.transform
选项- 返回: <Cipher>
使用给定的 algorithm
、key
和初始化向量(iv
)创建并返回 Cipher
对象。
options
参数控制流行为并且是可选的,除非使用 CCM 或 OCB 模式(例如 'aes-128-ccm'
)的密码。
在这种情况下,需要 authTagLength
选项并指定身份验证标签的长度(以字节为单位),请参阅 CCM 模式。
在 GCM 模式下,authTagLength
选项不是必需的,但可用于设置 getAuthTag()
将返回的身份验证标签的长度,默认为 16 字节。
对于 chacha20-poly1305
,authTagLength
选项默认为 16 字节。
algorithm
依赖于 OpenSSL,例如 'aes192'
等。
在最近的 OpenSSL 版本中,openssl list -cipher-algorithms
将显示可用的密码算法。
key
是 algorithm
使用的原始密钥,iv
是初始化向量。
两个参数都必须是 'utf8'
编码的字符串、缓冲区、TypedArray
或 DataView
。
key
可以是 secret
类型的 KeyObject
。
如果加密不需要初始化向量,则 iv
可以是 null
。
当为 key
或 iv
传入字符串时,请考虑到当使用字符串作为加密 API 输入时的注意事项。
初始化向量应该是不可预测的和独特的;理想情况下,它们将是加密随机的。 它们不必是机密的:IV 通常不加密就添加到密文消息中。 必须是不可预测的和独特的,但不必是机密的,这听起来可能有些矛盾。请记住,一定不能让攻击者提前预测到给定的 IV。
algorithm
<string>key
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> | <CryptoKey>iv
<string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <null>options
<Object>stream.transform
options- Returns: <Cipher>
Creates and returns a Cipher
object, with the given algorithm
, key
and
initialization vector (iv
).
The options
argument controls stream behavior and is optional except when a
cipher in CCM or OCB mode (e.g. 'aes-128-ccm'
) is used. In that case, the
authTagLength
option is required and specifies the length of the
authentication tag in bytes, see CCM mode. In GCM mode, the authTagLength
option is not required but can be used to set the length of the authentication
tag that will be returned by getAuthTag()
and defaults to 16 bytes.
For chacha20-poly1305
, the authTagLength
option defaults to 16 bytes.
The algorithm
is dependent on OpenSSL, examples are 'aes192'
, etc. On
recent OpenSSL releases, openssl list -cipher-algorithms
will
display the available cipher algorithms.
The key
is the raw key used by the algorithm
and iv
is an
initialization vector. Both arguments must be 'utf8'
encoded strings,
Buffers, TypedArray
, or DataView
s. The key
may optionally be
a KeyObject
of type secret
. If the cipher does not need
an initialization vector, iv
may be null
.
When passing strings for key
or iv
, please consider
caveats when using strings as inputs to cryptographic APIs.
Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; remember that an attacker must not be able to predict ahead of time what a given IV will be.