This feature is well established and works across many devices and browser versions. It’s been available across browsers since January 2020.
Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
Note: This feature is available in Web Workers.
The decrypt() method of the SubtleCrypto interface decrypts some encrypted data. It takes as arguments a key to decrypt with, some optional extra parameters, and the data to decrypt (also known as "ciphertext"). It returns a Promise which will be fulfilled with the decrypted data (also known as "plaintext").
decrypt(algorithm, key, data)
algorithmAn object specifying the algorithm to be used, and any extra parameters as required. The values given for the extra parameters must match those passed into the corresponding encrypt() call.
RsaOaepParams object.AesCtrParams object.AesCbcParams object.AesGcmParams object.keyA CryptoKey containing the key to be used for decryption. If using RSA-OAEP, this is the privateKey property of the CryptoKeyPair object.
dataAn ArrayBuffer, a TypedArray, or a DataView containing the data to be decrypted (also known as ciphertext).
A Promise that fulfills with an ArrayBuffer containing the plaintext.
The promise is rejected when the following exceptions are encountered:
InvalidAccessError DOMException
Raised when the requested operation is not valid for the provided key (e.g., invalid encryption algorithm, or invalid key for the specified encryption algorithm).
OperationError DOMException
Raised when the operation failed for an operation-specific reason (e.g., algorithm parameters of invalid sizes, or there was an error decrypting the ciphertext).
The decrypt() method supports the same algorithms as the encrypt() method.
Note: You can try the working examples on GitHub.
This code decrypts ciphertext using RSA-OAEP. See the complete code on GitHub.
function decryptMessage(privateKey, ciphertext) {
return window.crypto.subtle.decrypt(
{ name: "RSA-OAEP" },
privateKey,
ciphertext,
);
}
This code decrypts ciphertext using AES in CTR mode. Note that counter must match the value that was used for encryption. See the complete code on GitHub.
function decryptMessage(key, ciphertext) {
return window.crypto.subtle.decrypt(
{ name: "AES-CTR", counter, length: 64 },
key,
ciphertext,
);
}
This code decrypts ciphertext using AES in CBC mode. Note that iv must match the value that was used for encryption. See the complete code on GitHub.
function decryptMessage(key, ciphertext) {
// The iv value is the same as that used for encryption
return window.crypto.subtle.decrypt({ name: "AES-CBC", iv }, key, ciphertext);
}
This code decrypts ciphertext using AES in GCM mode. Note that iv must match the value that was used for encryption. See the complete code on GitHub.
function decryptMessage(key, ciphertext) {
// The iv value is the same as that used for encryption
return window.crypto.subtle.decrypt({ name: "AES-GCM", iv }, key, ciphertext);
}
| Specification |
|---|
| Web Cryptography Level 2> # SubtleCrypto-method-decrypt> |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Opera | Safari | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | WebView Android | WebView on iOS | |
decrypt |
37 | 7912–79Not supported: AES-CTR. |
34 | 24 | 7 | 37 | 34 | 24 | 7 | 3.0 | 37 | 7 |
SubtleCrypto.encrypt().
© 2005–2025 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/decrypt