Web Crypto API
Baseline Widely available
This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.
Secure context: This feature is available only insecure contexts (HTTPS), in some or allsupporting browsers.
Note: This feature is available inWeb Workers.
TheWeb Crypto API is an interface allowing a script to use cryptographic primitives in order to build systems using cryptography.
Some browsers implemented an interface calledCrypto without having it well defined or being cryptographically sound.In order to avoid confusion, methods and properties of this interface have been removed from browsers implementing the Web Crypto API, and all Web Crypto API methods are available on a new interface:SubtleCrypto.TheCrypto.subtle property gives access to an object implementing it.
Warning:The Web Crypto API provides a number of low-level cryptographic primitives. It's very easy to misuse them, and the pitfalls involved can be very subtle.
Even assuming you use the basic cryptographic functions correctly, secure key management and overall security system design are extremely hard to get right, and are generally the domain of specialist security experts.
Errors in security system design and implementation can make the security of the system completely ineffective.
Please learn and experiment, but don't guarantee or imply the security of your work before an individual knowledgeable in this subject matter thoroughly reviews it. TheCrypto 101 Course can be a great place to start learning about the design and implementation of secure systems.
Interfaces
CryptoProvides basic cryptography features, such as a cryptographically strong random number generator, and access to cryptographic primitives via a
SubtleCryptoobject.An object of this type can be accessed in the global scope usingWindow.cryptoorWorkerGlobalScope.crypto.SubtleCryptoRepresents an object that provides low-level cryptographic functions for key generation, encryption, decryption, key wrapping and unwrapping, and so on.
CryptoKeyRepresents a cryptographickey obtained from one of the
SubtleCryptomethodsgenerateKey(),deriveKey(),importKey(), orunwrapKey().
Dictionaries
AesCbcParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theAES-CBC algorithm.AesCtrParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theAES-CTR algorithm.AesGcmParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theAES-GCM algorithm.AesKeyGenParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.generateKey(), when generating an AES key: that is, when the algorithm is identified as any ofAES-CBC,AES-CTR,AES-GCM, orAES-KW.CryptoKeyPairRepresents a public and private key pair used for an asymmetric cryptography algorithm.
EcKeyGenParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.generateKey(), when generating any elliptic-curve-based key pair: that is, when the algorithm is identified as either ofECDSA orECDH.EcKeyImportParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.importKey()orSubtleCrypto.unwrapKey(), when generating any elliptic-curve-based key pair: that is, when the algorithm is identified as either ofECDSA orECDH.EcdhKeyDeriveParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.deriveKey(), when using theECDH algorithm.EcdsaParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.sign()orSubtleCrypto.verify()when using theECDSA algorithm.HkdfParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.deriveKey(), when using theHKDF algorithm.HmacImportParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.importKey()orSubtleCrypto.unwrapKey(), when generating a key for theHMAC algorithm.HmacKeyGenParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.generateKey(), when generating a key for theHMAC algorithm.Pbkdf2ParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.deriveKey(), when using thePBKDF2 algorithm.RsaHashedImportParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.importKey()orSubtleCrypto.unwrapKey(), when importing any RSA-based key pair: that is, when the algorithm is identified as any ofRSASSA-PKCS1-v1_5,RSA-PSS, orRSA-OAEP.RsaHashedKeyGenParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.generateKey(), when generating any RSA-based key pair: that is, when the algorithm is identified as any ofRSASSA-PKCS1-v1_5,RSA-PSS, orRSA-OAEP.RsaOaepParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.encrypt(),SubtleCrypto.decrypt(),SubtleCrypto.wrapKey(), orSubtleCrypto.unwrapKey(), when using theRSA_OAEP algorithm.RsaPssParamsRepresents the object that should be passed as the
algorithmparameter intoSubtleCrypto.sign()orSubtleCrypto.verify(), when using theRSA-PSS algorithm.
Extensions to other interfaces
Window.cryptoRepresents the
Cryptoobject associated with the global object in the main thread scope.WorkerGlobalScope.cryptoRepresents
Cryptoobject associated with the global object in worker scope.
Specifications
| Specification |
|---|
| Web Cryptography Level 2 # crypto-interface |