In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material. The subtle.unwrapKey()
method attempts to decrypt a wrapped key and create a <CryptoKey>
instance. It is equivalent to calling subtle.decrypt()
first on the encrypted key data (using the wrappedKey
, unwrapAlgo
, and unwrappingKey
arguments as input) then passing the results in to the subtle.importKey()
method using the unwrappedKeyAlgo
, extractable
, and keyUsages
arguments as inputs. If successful, the returned promise is resolved with a <CryptoKey>
object.
The wrapping algorithms currently supported include:
'AES-CBC'
'AES-CTR'
'AES-GCM'
'AES-KW'
'AES-OCB'
'ChaCha20-Poly1305'
'RSA-OAEP'
The unwrapped key algorithms supported include:
'AES-CBC'
'AES-CTR'
'AES-GCM'
'AES-KW'
'AES-OCB'
'ChaCha20-Poly1305'
'ECDH'
'ECDSA'
'Ed25519'
'Ed448'
'HMAC'
'ML-DSA-44'
'ML-DSA-65'
'ML-DSA-87'
'ML-KEM-512'
'ML-KEM-768'
'ML-KEM-1024'
'RSA-OAEP'
'RSA-PSS'
'RSASSA-PKCS1-v1_5'
'X25519'
'X448'