decipher.setAuthTag(buffer[, encoding])

版本历史

版本	变更
v15.0.0	The buffer argument can be a string or ArrayBuffer and is limited to no more than 2 ** 31 - 1 bytes.
v11.0.0	This method now throws if the GCM tag length is invalid.
v7.2.0	This method now returns a reference to `decipher`.
v1.0.0	新增于: v1.0.0

buffer <string> | <Buffer> | <ArrayBuffer> | <TypedArray> | <DataView>
encoding <string> 当 buffer 是字符串时使用的字符串编码。
返回值: <Decipher>，用于方法链式调用。

在使用认证加密模式（目前支持 GCM、CCM、OCB 和 chacha20-poly1305）时，decipher.setAuthTag() 方法用于传入接收到的 认证标签。如果未提供标签，或密文已被篡改，decipher.final() 将会抛出异常，表示由于认证失败，应丢弃密文。如果标签长度不符合 NIST SP 800-38D 的规定，或与 authTagLength 选项的值不匹配，decipher.setAuthTag() 将会抛出错误。

【When using an authenticated encryption mode (GCM, CCM, OCB, and chacha20-poly1305 are currently supported), the decipher.setAuthTag() method is used to pass in the received authentication tag. If no tag is provided, or if the cipher text has been tampered with, decipher.final() will throw, indicating that the cipher text should be discarded due to failed authentication. If the tag length is invalid according to NIST SP 800-38D or does not match the value of the authTagLength option, decipher.setAuthTag() will throw an error.】

decipher.setAuthTag() 方法必须在 CCM 模式下的 decipher.update() 之前调用，或在 GCM 和 OCB 模式以及 chacha20-poly1305 下的 decipher.final() 之前调用。decipher.setAuthTag() 只能调用一次。

【The decipher.setAuthTag() method must be called before decipher.update() for CCM mode or before decipher.final() for GCM and OCB modes and chacha20-poly1305. decipher.setAuthTag() can only be called once.】

在将字符串作为认证标签传递时，请考虑将字符串用作加密 API 输入时的注意事项。

【When passing a string as the authentication tag, please consider caveats when using strings as inputs to cryptographic APIs.】