crypto.createDecipheriv(algorithm, key, iv[, options])

版本历史

版本	变更
v17.9.0	The `authTagLength` option is now optional when using the `chacha20-poly1305` cipher and defaults to 16 bytes.
v11.6.0	The `key` argument can now be a `KeyObject`.
v11.2.0, v10.17.0	The cipher `chacha20-poly1305` (the IETF variant of ChaCha20-Poly1305) is now supported.
v10.10.0	Ciphers in OCB mode are now supported.
v10.2.0	The `authTagLength` option can now be used to restrict accepted GCM authentication tag lengths.
v9.9.0	The `iv` parameter may now be `null` for ciphers which do not need an initialization vector.
v0.1.94	新增于: v0.1.94

algorithm <string>
key <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <KeyObject> | <CryptoKey>
iv <string> | <ArrayBuffer> | <Buffer> | <TypedArray> | <DataView> | <null>
options <Object> stream.transform 选项
返回：<Decipher>

创建并返回一个使用指定 algorithm、key 和初始化向量 (iv) 的 Decipher 对象。

【Creates and returns a Decipher object that uses the given algorithm, key and initialization vector (iv).】

options 参数用于控制流的行为，通常是可选的，除非使用 CCM 或 OCB 模式的加密算法（例如 'aes-128-ccm'）。在这种情况下，authTagLength 选项是必需的，用于指定认证标签的字节长度，详见 CCM 模式。在 GCM 模式下，authTagLength 选项不是必需的，但可以用来限制接受的认证标签必须具有指定长度。对于 chacha20-poly1305，authTagLength 选项默认为 16 字节。

【The options argument controls stream behavior and is optional except when a cipher in CCM or OCB mode (e.g. 'aes-128-ccm') is used. In that case, the authTagLength option is required and specifies the length of the authentication tag in bytes, see CCM mode. In GCM mode, the authTagLength option is not required but can be used to restrict accepted authentication tags to those with the specified length. For chacha20-poly1305, the authTagLength option defaults to 16 bytes.】

algorithm 依赖于 OpenSSL，例如 'aes192' 等。在最新的 OpenSSL 版本中，运行 openssl list -cipher-algorithms 将显示可用的加密算法。

【The algorithm is dependent on OpenSSL, examples are 'aes192', etc. On recent OpenSSL releases, openssl list -cipher-algorithms will display the available cipher algorithms.】

key 是由 algorithm 使用的原始密钥，而 iv 是一个初始化向量。两个参数都必须是 'utf8' 编码的字符串、缓冲区、TypedArray 或 DataView。key 可以选择性地是类型为 secret 的 KeyObject。如果密码不需要初始化向量，iv 可以为 null。

【The key is the raw key used by the algorithm and iv is an initialization vector. Both arguments must be 'utf8' encoded strings, Buffers, TypedArray, or DataViews. The key may optionally be a KeyObject of type secret. If the cipher does not need an initialization vector, iv may be null.】

在传递 key 或 iv 的字符串时，请考虑将字符串用作加密 API 输入时的注意事项。

【When passing strings for key or iv, please consider caveats when using strings as inputs to cryptographic APIs.】

初始化向量应该是不可预测的且唯一的；理想情况下，它们将是加密学上随机的。它们不必保密：IV 通常只是被添加到密文消息中而不加密。听起来可能有些矛盾：某些东西必须是不可预测和唯一的，但不必保密；请记住，攻击者不能提前预测某个特定的 IV 会是什么。

【Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; remember that an attacker must not be able to predict ahead of time what a given IV will be.】