Secure contextThis feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
The decrypt()
method of the SubtleCrypto
interface decrypts some encrypted data. It takes as arguments a key to decrypt with, some optional extra parameters, and the data to decrypt (also known as "ciphertext"). It returns a Promise
which will be fulfilled with the decrypted data (also known as "plaintext").
Syntax
const result = crypto.subtle.decrypt(algorithm, key, data);
Parameters
algorithm
is an object specifying the algorithm to be used, and any extra parameters as required. The values given for the extra parameters must match those passed into the correspondingencrypt()
call.- To use RSA-OAEP, pass an
RsaOaepParams
object. - To use AES-CTR, pass an
AesCtrParams
object. - To use AES-CBC, pass an
AesCbcParams
object. - To use AES-GCM, pass an
AesGcmParams
object.
- To use RSA-OAEP, pass an
key
is aCryptoKey
containing the key to be used for decryption. If using RSA-OAEP, this is theprivateKey
property of theCryptoKeyPair
object.data
is aBufferSource
containing the data to be decrypted (also known as ciphertext).
Return value
result
is aPromise
that fulfills with anArrayBuffer
containing the plaintext.
Exceptions
The promise is rejected when the following exceptions are encountered:
- InvalidAccessError
- Raised when the requested operation is not valid for the provided key (e.g. invalid encryption algorithm, or invalid key for the specified encryption algorithm).
- OperationError
- Raised when the operation failed for an operation-specific reason (e.g. algorithm parameters of invalid sizes, or there was an error decrypting the ciphertext).
Supported algorithms
The decrypt()
method supports the same algorithms as the encrypt()
method.
Examples
Note: You can [[../../../../../../../mdn.github.io/dom-examples/web-crypto/encrypt-decrypt/index|try the working examples]] on GitHub.
RSA-OAEP
This code decrypts ciphertext
using RSA-OAEP. See the complete code on GitHub.
function decryptMessage(privateKey, ciphertext) {
return window.crypto.subtle.decrypt(
{
name: "RSA-OAEP"
},
privateKey,
ciphertext
);
}
AES-CTR
This code decrypts ciphertext
using AES in CTR mode. Note that counter
must match the value that was used for encryption. See the complete code on GitHub.
function decryptMessage(key, ciphertext) {
return window.crypto.subtle.decrypt(
{
name: "AES-CTR",
counter,
length: 64
},
key,
ciphertext
);
}
AES-CBC
This code decrypts ciphertext
using AES in CBC mode. Note that iv
must match the value that was used for encryption. See the complete code on GitHub.
function decryptMessage(key, ciphertext) {
return window.crypto.subtle.decrypt(
{
name: "AES-CBC",
iv: iv
},
key,
ciphertext
);
}
AES-GCM
This code decrypts ciphertext
using AES in GCM mode. Note that iv
must match the value that was used for encryption. See the complete code on GitHub.
function decryptMessage(key, ciphertext) {
return window.crypto.subtle.decrypt(
{
name: "AES-GCM",
iv: iv
},
key,
ciphertext
);
}
Specifications
Specification | Status | Comment |
Web Cryptography APIThe definition of 'SubtleCrypto.decrypt()' in that specification. | Recommendation | Initial definition. |
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
Update compatibility data on GitHub
Desktop | Mobile | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
decrypt
|
Chrome
Full support 37 |
Edge Partial support 12 Partial support 12 Notes' Not supported: AES-CTR. |
Firefox Full support 34 Full support 34 No support 32 — 34 Disabled' From version 32 until version 34 (exclusive): this feature is behind the |
IE Partial support 11 Partial support 11 Notes' Returns |
Opera
Full support 24 |
Safari
Full support 7 |
WebView Android
Full support 37 |
Chrome Android
Full support 37 |
Firefox Android Full support 34 Full support 34 No support 32 — 34 Disabled' From version 32 until version 34 (exclusive): this feature is behind the |
Opera Android
Full support 24 |
Safari iOS
Full support 7 |
Samsung Internet Android
Full support 6.0 |
Legend
- Full support
- Full support
- Partial support
- Partial support
- See implementation notes.'
- See implementation notes.
- User must explicitly enable this feature.'
- User must explicitly enable this feature.
See also
SubtleCrypto.encrypt()
.- RFC 3447 specifies RSAOAEP.
- NIST SP800-38A specifies CTR mode.
- NIST SP800-38A specifies CBC mode.
- NIST SP800-38D specifies GCM mode.
- FIPS 198-1 specifies HMAC.
SubtleCrypto.decrypt() by Mozilla Contributors is licensed under CC-BY-SA 2.5.