dictionary of the
Web 加密 API
represents the object that should be passed as the
, when using the
AES is a block cipher, meaning that it splits the message into blocks and encrypts it a block at a time. In CTR mode, every time a block of the message is encrypted, an extra block of data is mixed in. This extra block is called the "counter block".
A given counter block value must never be used more than once with the same key:
Typically this is achieved by splitting the initial counter block value into two concatenated parts:
Essentially: the nonce should ensure that counter blocks are not reused from one message to the next, while the counter should ensure that counter blocks are not reused within a single message.
注意 : See Appendix B of the NIST SP800-38A standard 了解更多信息。
DOMString. This should be set to
BufferSource— the initial value of the counter block. This must be 16 bytes long (the AES block size). The rightmost
lengthbits of this block are used for the counter, and the rest is used for the nonce. For example, if
lengthis set to 64, then the first half of
counteris the nonce and the second half is used for the counter.
Number— the number of bits in the counter block that are used for the actual counter. The counter must be big enough that it doesn't wrap: if the message is
nblocks and the counter is
mbits long, then the following must be true:
n <= 2 m。 NIST SP800-38A standard, which defines CTR, suggests that the counter should occupy half of the counter block (see Appendix B.2 ), so for AES it would be 64.
Web Cryptography API
The definition of 'SubtleCrypto.AesCtrParams' in that specification.