An implementation of the Web Crypto API standard.
See the Web Crypto API documentation for details.
namespace
An implementation of the Web Crypto API standard.
See the Web Crypto API documentation for details.
Importing the webcrypto
object (import { webcrypto } from 'node:crypto'
) gives an instance of the Crypto
class. Crypto
is a singleton that provides access to the remainder of the crypto API.
Generates cryptographically strong random values. The given typedArray
is filled with random values, and a reference to typedArray
is returned.
The given typedArray
must be an integer-based instance of NodeJS.TypedArray, i.e. Float32Array
and Float64Array
are not accepted.
An error will be thrown if the given typedArray
is larger than 65,536 bytes.
Generates a random RFC 4122 version 4 UUID. The UUID is generated using a cryptographic pseudorandom number generator.
An object detailing the algorithm for which the key can be used along with additional algorithm-specific parameters.
When true
, the CryptoKey can be extracted using either subtleCrypto.exportKey()
or subtleCrypto.wrapKey()
.
An array of strings identifying the operations for which the key may be used.
The possible usages are:
'encrypt'
- The key may be used to encrypt data.'decrypt'
- The key may be used to decrypt data.'sign'
- The key may be used to generate digital signatures.'verify'
- The key may be used to verify digital signatures.'deriveKey'
- The key may be used to derive a new key.'deriveBits'
- The key may be used to derive bits.'wrapKey'
- The key may be used to wrap another key.'unwrapKey'
- The key may be used to unwrap another key.Valid key usages depend on the key algorithm (identified by cryptokey.algorithm.name
).
The CryptoKeyPair
is a simple dictionary object with publicKey
and privateKey
properties, representing an asymmetric key pair.
Using the method and parameters specified in algorithm
and the keying material provided by key
, subtle.decrypt()
attempts to decipher the provided data
. If successful, the returned promise will be resolved with an <ArrayBuffer>
containing the plaintext result.
The algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
Using the method and parameters specified in algorithm
and the keying material provided by baseKey
, subtle.deriveBits()
attempts to generate length
bits. The Node.js implementation requires that when length
is a number it must be multiple of 8
. When length
is null
the maximum number of bits for a given algorithm is generated. This is allowed for the 'ECDH'
, 'X25519'
, and 'X448'
algorithms. If successful, the returned promise will be resolved with an <ArrayBuffer>
containing the generated data.
The algorithms currently supported include:
'ECDH'
'X25519'
'X448'
'HKDF'
'PBKDF2'
Using the method and parameters specified in algorithm
, and the keying material provided by baseKey
, subtle.deriveKey()
attempts to generate a new <CryptoKey>based on the method and parameters in
derivedKeyAlgorithm`.
Calling subtle.deriveKey()
is equivalent to calling subtle.deriveBits()
to generate raw keying material, then passing the result into the subtle.importKey()
method using the deriveKeyAlgorithm
, extractable
, and keyUsages
parameters as input.
The algorithms currently supported include:
'ECDH'
'X25519'
'X448'
'HKDF'
'PBKDF2'
See Key usages.
Using the method identified by algorithm
, subtle.digest()
attempts to generate a digest of data
. If successful, the returned promise is resolved with an <ArrayBuffer>
containing the computed digest.
If algorithm
is provided as a <string>
, it must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If algorithm
is provided as an <Object>
, it must have a name
property whose value is one of the above.
Using the method and parameters specified by algorithm
and the keying material provided by key
, subtle.encrypt()
attempts to encipher data
. If successful, the returned promise is resolved with an <ArrayBuffer>
containing the encrypted result.
The algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
Exports the given key into the specified format, if supported.
If the <CryptoKey>
is not extractable, the returned promise will reject.
When format
is either 'pkcs8'
or 'spki'
and the export is successful, the returned promise will be resolved with an <ArrayBuffer>
containing the exported key data.
When format
is 'jwk'
and the export is successful, the returned promise will be resolved with a JavaScript object conforming to the JSON Web Key specification.
Must be one of 'raw'
, 'pkcs8'
, 'spki'
, or 'jwk'
.
<Promise>
containing <ArrayBuffer>
.
Using the method and parameters provided in algorithm
, subtle.generateKey()
attempts to generate new keying material. Depending the method used, the method may generate either a single <CryptoKey>
or a <CryptoKeyPair>
.
The <CryptoKeyPair>
(public and private key) generating algorithms supported include:
'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'RSA-OAEP'
'ECDSA'
'Ed25519'
'Ed448'
'ECDH'
'X25519'
'X448'
The <CryptoKey>
(secret key) generating algorithms supported include:
'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
See Key usages.
The subtle.importKey()
method attempts to interpret the provided keyData
as the given format
to create a <CryptoKey>
instance using the provided algorithm
, extractable
, and keyUsages
arguments. If the import is successful, the returned promise will be resolved with the created <CryptoKey>
.
If importing a 'PBKDF2'
key, extractable
must be false
.
Must be one of 'raw'
, 'pkcs8'
, 'spki'
, or 'jwk'
.
See Key usages.
Using the method and parameters given by algorithm
and the keying material provided by key
, subtle.sign()
attempts to generate a cryptographic signature of data
. If successful, the returned promise is resolved with an <ArrayBuffer>
containing the generated signature.
The algorithms currently supported include:
'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'ECDSA'
'Ed25519'
'Ed448'
'HMAC'
In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material. The subtle.unwrapKey()
method attempts to decrypt a wrapped key and create a <CryptoKey>
instance. It is equivalent to calling subtle.decrypt()
first on the encrypted key data (using the wrappedKey
, unwrapAlgo
, and unwrappingKey
arguments as input) then passing the results in to the subtle.importKey()
method using the unwrappedKeyAlgo
, extractable
, and keyUsages
arguments as inputs. If successful, the returned promise is resolved with a <CryptoKey>
object.
The wrapping algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
The unwrapped key algorithms supported include:
'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'RSA-OAEP'
'ECDSA'
'Ed25519'
'Ed448'
'ECDH'
'X25519'
'X448'
'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
Must be one of 'raw'
, 'pkcs8'
, 'spki'
, or 'jwk'
.
See Key usages.
Using the method and parameters given in algorithm
and the keying material provided by key
, subtle.verify()
attempts to verify that signature
is a valid cryptographic signature of data
. The returned promise is resolved with either true
or false
.
The algorithms currently supported include:
'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'ECDSA'
'Ed25519'
'Ed448'
'HMAC'
In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material. The subtle.wrapKey()
method exports the keying material into the format identified by format
, then encrypts it using the method and parameters specified by wrapAlgo
and the keying material provided by wrappingKey
. It is the equivalent to calling subtle.exportKey()
using format
and key
as the arguments, then passing the result to the subtle.encrypt()
method using wrappingKey
and wrapAlgo
as inputs. If successful, the returned promise will be resolved with an <ArrayBuffer>
containing the encrypted key data.
The wrapping algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
Must be one of 'raw'
, 'pkcs8'
, 'spki'
, or 'jwk'
.