Web Crypto API

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since ⁨July 2015⁩.

Secure context: This feature is available only insecure contexts (HTTPS), in some or allsupporting browsers.

Note: This feature is available inWeb Workers.

TheWeb Crypto API is an interface allowing a script to use cryptographic primitives in order to build systems using cryptography.

Some browsers implemented an interface calledCrypto without having it well defined or being cryptographically sound.In order to avoid confusion, methods and properties of this interface have been removed from browsers implementing the Web Crypto API, and all Web Crypto API methods are available on a new interface:SubtleCrypto.TheCrypto.subtle property gives access to an object implementing it.

Warning:The Web Crypto API provides a number of low-level cryptographic primitives. It's very easy to misuse them, and the pitfalls involved can be very subtle.

Even assuming you use the basic cryptographic functions correctly, secure key management and overall security system design are extremely hard to get right, and are generally the domain of specialist security experts.

Errors in security system design and implementation can make the security of the system completely ineffective.

Please learn and experiment, but don't guarantee or imply the security of your work before an individual knowledgeable in this subject matter thoroughly reviews it. TheCrypto 101 Course can be a great place to start learning about the design and implementation of secure systems.

Interfaces

Crypto: Provides basic cryptography features, such as a cryptographically strong random number generator, and access to cryptographic primitives via aSubtleCrypto object.An object of this type can be accessed in the global scope usingWindow.crypto orWorkerGlobalScope.crypto.
SubtleCrypto: Represents an object that provides low-level cryptographic functions for key generation, encryption, decryption, key wrapping and unwrapping, and so on.
CryptoKey: Represents a cryptographickey obtained from one of theSubtleCrypto methodsgenerateKey(),deriveKey(),importKey(), orunwrapKey().

Dictionaries

AesCbcParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theAES-CBC algorithm.
AesCtrParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theAES-CTR algorithm.
AesGcmParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theAES-GCM algorithm.
AesKeyGenParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.generateKey(), when generating an AES key: that is, when the algorithm is identified as any ofAES-CBC,AES-CTR,AES-GCM, orAES-KW.
CryptoKeyPair: Represents a public and private key pair used for an asymmetric cryptography algorithm.
EcKeyGenParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.generateKey(), when generating any elliptic-curve-based key pair: that is, when the algorithm is identified as either ofECDSA orECDH.
EcKeyImportParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.importKey() orSubtleCrypto.unwrapKey(), when generating any elliptic-curve-based key pair: that is, when the algorithm is identified as either ofECDSA orECDH.
EcdhKeyDeriveParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.deriveKey(), when using theECDH algorithm.
EcdsaParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.sign() orSubtleCrypto.verify() when using theECDSA algorithm.
HkdfParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.deriveKey(), when using theHKDF algorithm.
HmacImportParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.importKey() orSubtleCrypto.unwrapKey(), when generating a key for theHMAC algorithm.
HmacKeyGenParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.generateKey(), when generating a key for theHMAC algorithm.
Pbkdf2Params: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.deriveKey(), when using thePBKDF2 algorithm.
RsaHashedImportParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.importKey() orSubtleCrypto.unwrapKey(), when importing any RSA-based key pair: that is, when the algorithm is identified as any ofRSASSA-PKCS1-v1_5,RSA-PSS, orRSA-OAEP.
RsaHashedKeyGenParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.generateKey(), when generating any RSA-based key pair: that is, when the algorithm is identified as any ofRSASSA-PKCS1-v1_5,RSA-PSS, orRSA-OAEP.
RsaOaepParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theRSA_OAEP algorithm.
RsaPssParams: Represents the object that should be passed as thealgorithm parameter intoSubtleCrypto.sign() orSubtleCrypto.verify(), when using theRSA-PSS algorithm.

Extensions to other interfaces

Window.crypto: Represents theCrypto object associated with the global object in the main thread scope.
WorkerGlobalScope.crypto: RepresentsCrypto object associated with the global object in worker scope.