1<!DOCTYPE html> 2<html lang="en"> 3<head> 4 <meta charset="utf-8"> 5 <meta name="viewport" content="width=device-width"> 6 <meta name="nodejs.org:node-version" content="v18.20.1"> 7 <title>Web Crypto API | Node.js v18.20.1 Documentation</title> 8 <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lato:400,700,400italic&display=fallback"> 9 <link rel="stylesheet" href="assets/style.css"> 10 <link rel="stylesheet" href="assets/hljs.css"> 11 <link rel="canonical" href="https://nodejs.org/api/webcrypto.html"> 12 <script async defer src="assets/api.js" type="text/javascript"></script> 13 14</head> 15<body class="alt apidoc" id="api-section-webcrypto"> 16 <div id="content" class="clearfix"> 17 <div id="column2" class="interior"> 18 <div id="intro" class="interior"> 19 <a href="/" title="Go back to the home page"> 20 Node.js 21 </a> 22 </div> 23 <ul> 24<li><a href="documentation.html" class="nav-documentation">About this documentation</a></li> 25<li><a href="synopsis.html" class="nav-synopsis">Usage and example</a></li> 26</ul> 27<hr class="line"> 28<ul> 29<li><a href="assert.html" class="nav-assert">Assertion testing</a></li> 30<li><a href="async_context.html" class="nav-async_context">Asynchronous context tracking</a></li> 31<li><a href="async_hooks.html" class="nav-async_hooks">Async hooks</a></li> 32<li><a href="buffer.html" class="nav-buffer">Buffer</a></li> 33<li><a href="addons.html" class="nav-addons">C++ addons</a></li> 34<li><a href="n-api.html" class="nav-n-api">C/C++ addons with Node-API</a></li> 35<li><a href="embedding.html" class="nav-embedding">C++ embedder API</a></li> 36<li><a href="child_process.html" class="nav-child_process">Child processes</a></li> 37<li><a href="cluster.html" class="nav-cluster">Cluster</a></li> 38<li><a href="cli.html" class="nav-cli">Command-line options</a></li> 39<li><a href="console.html" class="nav-console">Console</a></li> 40<li><a href="corepack.html" class="nav-corepack">Corepack</a></li> 41<li><a href="crypto.html" class="nav-crypto">Crypto</a></li> 42<li><a href="debugger.html" class="nav-debugger">Debugger</a></li> 43<li><a href="deprecations.html" class="nav-deprecations">Deprecated APIs</a></li> 44<li><a href="diagnostics_channel.html" class="nav-diagnostics_channel">Diagnostics Channel</a></li> 45<li><a href="dns.html" class="nav-dns">DNS</a></li> 46<li><a href="domain.html" class="nav-domain">Domain</a></li> 47<li><a href="errors.html" class="nav-errors">Errors</a></li> 48<li><a href="events.html" class="nav-events">Events</a></li> 49<li><a href="fs.html" class="nav-fs">File system</a></li> 50<li><a href="globals.html" class="nav-globals">Globals</a></li> 51<li><a href="http.html" class="nav-http">HTTP</a></li> 52<li><a href="http2.html" class="nav-http2">HTTP/2</a></li> 53<li><a href="https.html" class="nav-https">HTTPS</a></li> 54<li><a href="inspector.html" class="nav-inspector">Inspector</a></li> 55<li><a href="intl.html" class="nav-intl">Internationalization</a></li> 56<li><a href="modules.html" class="nav-modules">Modules: CommonJS modules</a></li> 57<li><a href="esm.html" class="nav-esm">Modules: ECMAScript modules</a></li> 58<li><a href="module.html" class="nav-module">Modules: <code>node:module</code> API</a></li> 59<li><a href="packages.html" class="nav-packages">Modules: Packages</a></li> 60<li><a href="net.html" class="nav-net">Net</a></li> 61<li><a href="os.html" class="nav-os">OS</a></li> 62<li><a href="path.html" class="nav-path">Path</a></li> 63<li><a href="perf_hooks.html" class="nav-perf_hooks">Performance hooks</a></li> 64<li><a href="permissions.html" class="nav-permissions">Permissions</a></li> 65<li><a href="process.html" class="nav-process">Process</a></li> 66<li><a href="punycode.html" class="nav-punycode">Punycode</a></li> 67<li><a href="querystring.html" class="nav-querystring">Query strings</a></li> 68<li><a href="readline.html" class="nav-readline">Readline</a></li> 69<li><a href="repl.html" class="nav-repl">REPL</a></li> 70<li><a href="report.html" class="nav-report">Report</a></li> 71<li><a href="single-executable-applications.html" class="nav-single-executable-applications">Single executable applications</a></li> 72<li><a href="stream.html" class="nav-stream">Stream</a></li> 73<li><a href="string_decoder.html" class="nav-string_decoder">String decoder</a></li> 74<li><a href="test.html" class="nav-test">Test runner</a></li> 75<li><a href="timers.html" class="nav-timers">Timers</a></li> 76<li><a href="tls.html" class="nav-tls">TLS/SSL</a></li> 77<li><a href="tracing.html" class="nav-tracing">Trace events</a></li> 78<li><a href="tty.html" class="nav-tty">TTY</a></li> 79<li><a href="dgram.html" class="nav-dgram">UDP/datagram</a></li> 80<li><a href="url.html" class="nav-url">URL</a></li> 81<li><a href="util.html" class="nav-util">Utilities</a></li> 82<li><a href="v8.html" class="nav-v8">V8</a></li> 83<li><a href="vm.html" class="nav-vm">VM</a></li> 84<li><a href="wasi.html" class="nav-wasi">WASI</a></li> 85<li><a href="webcrypto.html" class="nav-webcrypto active">Web Crypto API</a></li> 86<li><a href="webstreams.html" class="nav-webstreams">Web Streams API</a></li> 87<li><a href="worker_threads.html" class="nav-worker_threads">Worker threads</a></li> 88<li><a href="zlib.html" class="nav-zlib">Zlib</a></li> 89</ul> 90<hr class="line"> 91<ul> 92<li><a href="https://github.com/nodejs/node" class="nav-https-github-com-nodejs-node">Code repository and issue tracker</a></li> 93</ul> 94 </div> 95 96 <div id="column1" data-id="webcrypto" class="interior"> 97 <header class="header"> 98 <div class="header-container"> 99 <h1>Node.js v18.20.1 documentation</h1> 100 <button class="theme-toggle-btn" id="theme-toggle-btn" title="Toggle dark mode/light mode" aria-label="Toggle dark mode/light mode" hidden> 101 <svg xmlns="http://www.w3.org/2000/svg" class="icon dark-icon" height="24" width="24"> 102 <path fill="none" d="M0 0h24v24H0z" /> 103 <path d="M11.1 12.08c-2.33-4.51-.5-8.48.53-10.07C6.27 2.2 1.98 6.59 1.98 12c0 .14.02.28.02.42.62-.27 1.29-.42 2-.42 1.66 0 3.18.83 4.1 2.15A4.01 4.01 0 0111 18c0 1.52-.87 2.83-2.12 3.51.98.32 2.03.5 3.11.5 3.5 0 6.58-1.8 8.37-4.52-2.36.23-6.98-.97-9.26-5.41z"/> 104 <path d="M7 16h-.18C6.4 14.84 5.3 14 4 14c-1.66 0-3 1.34-3 3s1.34 3 3 3h3c1.1 0 2-.9 2-2s-.9-2-2-2z"/> 105 </svg> 106 <svg xmlns="http://www.w3.org/2000/svg" class="icon light-icon" height="24" width="24"> 107 <path d="M0 0h24v24H0z" fill="none" /> 108 <path d="M6.76 4.84l-1.8-1.79-1.41 1.41 1.79 1.79 1.42-1.41zM4 10.5H1v2h3v-2zm9-9.95h-2V3.5h2V.55zm7.45 3.91l-1.41-1.41-1.79 1.79 1.41 1.41 1.79-1.79zm-3.21 13.7l1.79 1.8 1.41-1.41-1.8-1.79-1.4 1.4zM20 10.5v2h3v-2h-3zm-8-5c-3.31 0-6 2.69-6 6s2.69 6 6 6 6-2.69 6-6-2.69-6-6-6zm-1 16.95h2V19.5h-2v2.95zm-7.45-3.91l1.41 1.41 1.79-1.8-1.41-1.41-1.79 1.8z"/> 109 </svg> 110 </button> 111 </div> 112 <div id="gtoc"> 113 <ul> 114 <li class="pinned-header">Node.js v18.20.1</li> 115 116 <li class="picker-header"> 117 <a href="#"> 118 <span class="collapsed-arrow">►</span><span class="expanded-arrow">▼</span> 119 Table of contents 120 </a> 121 122 <div class="picker"><div class="toc"><ul> 123<li><span class="stability_1"><a href="#web-crypto-api">Web Crypto API</a></span> 124<ul> 125<li><a href="#examples">Examples</a> 126<ul> 127<li><a href="#generating-keys">Generating keys</a> 128<ul> 129<li><a href="#aes-keys">AES keys</a></li> 130<li><a href="#ecdsa-key-pairs">ECDSA key pairs</a></li> 131<li><span class="stability_1"><a href="#ed25519ed448x25519x448-key-pairs">Ed25519/Ed448/X25519/X448 key pairs</a></span></li> 132<li><a href="#hmac-keys">HMAC keys</a></li> 133<li><a href="#rsa-key-pairs">RSA key pairs</a></li> 134</ul> 135</li> 136<li><a href="#encryption-and-decryption">Encryption and decryption</a></li> 137<li><a href="#exporting-and-importing-keys">Exporting and importing keys</a></li> 138<li><a href="#wrapping-and-unwrapping-keys">Wrapping and unwrapping keys</a></li> 139<li><a href="#sign-and-verify">Sign and verify</a></li> 140<li><a href="#deriving-bits-and-keys">Deriving bits and keys</a></li> 141<li><a href="#digest">Digest</a></li> 142</ul> 143</li> 144<li><a href="#algorithm-matrix">Algorithm matrix</a></li> 145<li><a href="#class-crypto">Class: <code>Crypto</code></a> 146<ul> 147<li><a href="#cryptosubtle"><code>crypto.subtle</code></a></li> 148<li><a href="#cryptogetrandomvaluestypedarray"><code>crypto.getRandomValues(typedArray)</code></a></li> 149<li><a href="#cryptorandomuuid"><code>crypto.randomUUID()</code></a></li> 150</ul> 151</li> 152<li><a href="#class-cryptokey">Class: <code>CryptoKey</code></a> 153<ul> 154<li><a href="#cryptokeyalgorithm"><code>cryptoKey.algorithm</code></a></li> 155<li><a href="#cryptokeyextractable"><code>cryptoKey.extractable</code></a></li> 156<li><a href="#cryptokeytype"><code>cryptoKey.type</code></a></li> 157<li><a href="#cryptokeyusages"><code>cryptoKey.usages</code></a></li> 158</ul> 159</li> 160<li><a href="#class-cryptokeypair">Class: <code>CryptoKeyPair</code></a> 161<ul> 162<li><a href="#cryptokeypairprivatekey"><code>cryptoKeyPair.privateKey</code></a></li> 163<li><a href="#cryptokeypairpublickey"><code>cryptoKeyPair.publicKey</code></a></li> 164</ul> 165</li> 166<li><a href="#class-subtlecrypto">Class: <code>SubtleCrypto</code></a> 167<ul> 168<li><a href="#subtledecryptalgorithm-key-data"><code>subtle.decrypt(algorithm, key, data)</code></a></li> 169<li><a href="#subtlederivebitsalgorithm-basekey-length"><code>subtle.deriveBits(algorithm, baseKey, length)</code></a></li> 170<li><a href="#subtlederivekeyalgorithm-basekey-derivedkeyalgorithm-extractable-keyusages"><code>subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)</code></a></li> 171<li><a href="#subtledigestalgorithm-data"><code>subtle.digest(algorithm, data)</code></a></li> 172<li><a href="#subtleencryptalgorithm-key-data"><code>subtle.encrypt(algorithm, key, data)</code></a></li> 173<li><a href="#subtleexportkeyformat-key"><code>subtle.exportKey(format, key)</code></a></li> 174<li><a href="#subtlegeneratekeyalgorithm-extractable-keyusages"><code>subtle.generateKey(algorithm, extractable, keyUsages)</code></a></li> 175<li><a href="#subtleimportkeyformat-keydata-algorithm-extractable-keyusages"><code>subtle.importKey(format, keyData, algorithm, extractable, keyUsages)</code></a></li> 176<li><a href="#subtlesignalgorithm-key-data"><code>subtle.sign(algorithm, key, data)</code></a></li> 177<li><a href="#subtleunwrapkeyformat-wrappedkey-unwrappingkey-unwrapalgo-unwrappedkeyalgo-extractable-keyusages"><code>subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)</code></a></li> 178<li><a href="#subtleverifyalgorithm-key-signature-data"><code>subtle.verify(algorithm, key, signature, data)</code></a></li> 179<li><a href="#subtlewrapkeyformat-key-wrappingkey-wrapalgo"><code>subtle.wrapKey(format, key, wrappingKey, wrapAlgo)</code></a></li> 180</ul> 181</li> 182<li><a href="#algorithm-parameters">Algorithm parameters</a> 183<ul> 184<li><a href="#class-algorithmidentifier">Class: <code>AlgorithmIdentifier</code></a> 185<ul> 186<li><a href="#algorithmidentifiername"><code>algorithmIdentifier.name</code></a></li> 187</ul> 188</li> 189<li><a href="#class-aescbcparams">Class: <code>AesCbcParams</code></a> 190<ul> 191<li><a href="#aescbcparamsiv"><code>aesCbcParams.iv</code></a></li> 192<li><a href="#aescbcparamsname"><code>aesCbcParams.name</code></a></li> 193</ul> 194</li> 195<li><a href="#class-aesctrparams">Class: <code>AesCtrParams</code></a> 196<ul> 197<li><a href="#aesctrparamscounter"><code>aesCtrParams.counter</code></a></li> 198<li><a href="#aesctrparamslength"><code>aesCtrParams.length</code></a></li> 199<li><a href="#aesctrparamsname"><code>aesCtrParams.name</code></a></li> 200</ul> 201</li> 202<li><a href="#class-aesgcmparams">Class: <code>AesGcmParams</code></a> 203<ul> 204<li><a href="#aesgcmparamsadditionaldata"><code>aesGcmParams.additionalData</code></a></li> 205<li><a href="#aesgcmparamsiv"><code>aesGcmParams.iv</code></a></li> 206<li><a href="#aesgcmparamsname"><code>aesGcmParams.name</code></a></li> 207<li><a href="#aesgcmparamstaglength"><code>aesGcmParams.tagLength</code></a></li> 208</ul> 209</li> 210<li><a href="#class-aeskeygenparams">Class: <code>AesKeyGenParams</code></a> 211<ul> 212<li><a href="#aeskeygenparamslength"><code>aesKeyGenParams.length</code></a></li> 213<li><a href="#aeskeygenparamsname"><code>aesKeyGenParams.name</code></a></li> 214</ul> 215</li> 216<li><a href="#class-ecdhkeyderiveparams">Class: <code>EcdhKeyDeriveParams</code></a> 217<ul> 218<li><a href="#ecdhkeyderiveparamsname"><code>ecdhKeyDeriveParams.name</code></a></li> 219<li><a href="#ecdhkeyderiveparamspublic"><code>ecdhKeyDeriveParams.public</code></a></li> 220</ul> 221</li> 222<li><a href="#class-ecdsaparams">Class: <code>EcdsaParams</code></a> 223<ul> 224<li><a href="#ecdsaparamshash"><code>ecdsaParams.hash</code></a></li> 225<li><a href="#ecdsaparamsname"><code>ecdsaParams.name</code></a></li> 226</ul> 227</li> 228<li><a href="#class-eckeygenparams">Class: <code>EcKeyGenParams</code></a> 229<ul> 230<li><a href="#eckeygenparamsname"><code>ecKeyGenParams.name</code></a></li> 231<li><a href="#eckeygenparamsnamedcurve"><code>ecKeyGenParams.namedCurve</code></a></li> 232</ul> 233</li> 234<li><a href="#class-eckeyimportparams">Class: <code>EcKeyImportParams</code></a> 235<ul> 236<li><a href="#eckeyimportparamsname"><code>ecKeyImportParams.name</code></a></li> 237<li><a href="#eckeyimportparamsnamedcurve"><code>ecKeyImportParams.namedCurve</code></a></li> 238</ul> 239</li> 240<li><a href="#class-ed448params">Class: <code>Ed448Params</code></a> 241<ul> 242<li><a href="#ed448paramsname"><code>ed448Params.name</code></a></li> 243<li><a href="#ed448paramscontext"><code>ed448Params.context</code></a></li> 244</ul> 245</li> 246<li><a href="#class-hkdfparams">Class: <code>HkdfParams</code></a> 247<ul> 248<li><a href="#hkdfparamshash"><code>hkdfParams.hash</code></a></li> 249<li><a href="#hkdfparamsinfo"><code>hkdfParams.info</code></a></li> 250<li><a href="#hkdfparamsname"><code>hkdfParams.name</code></a></li> 251<li><a href="#hkdfparamssalt"><code>hkdfParams.salt</code></a></li> 252</ul> 253</li> 254<li><a href="#class-hmacimportparams">Class: <code>HmacImportParams</code></a> 255<ul> 256<li><a href="#hmacimportparamshash"><code>hmacImportParams.hash</code></a></li> 257<li><a href="#hmacimportparamslength"><code>hmacImportParams.length</code></a></li> 258<li><a href="#hmacimportparamsname"><code>hmacImportParams.name</code></a></li> 259</ul> 260</li> 261<li><a href="#class-hmackeygenparams">Class: <code>HmacKeyGenParams</code></a> 262<ul> 263<li><a href="#hmackeygenparamshash"><code>hmacKeyGenParams.hash</code></a></li> 264<li><a href="#hmackeygenparamslength"><code>hmacKeyGenParams.length</code></a></li> 265<li><a href="#hmackeygenparamsname"><code>hmacKeyGenParams.name</code></a></li> 266</ul> 267</li> 268<li><a href="#class-pbkdf2params">Class: <code>Pbkdf2Params</code></a> 269<ul> 270<li><a href="#pbkdb2paramshash"><code>pbkdb2Params.hash</code></a></li> 271<li><a href="#pbkdf2paramsiterations"><code>pbkdf2Params.iterations</code></a></li> 272<li><a href="#pbkdf2paramsname"><code>pbkdf2Params.name</code></a></li> 273<li><a href="#pbkdf2paramssalt"><code>pbkdf2Params.salt</code></a></li> 274</ul> 275</li> 276<li><a href="#class-rsahashedimportparams">Class: <code>RsaHashedImportParams</code></a> 277<ul> 278<li><a href="#rsahashedimportparamshash"><code>rsaHashedImportParams.hash</code></a></li> 279<li><a href="#rsahashedimportparamsname"><code>rsaHashedImportParams.name</code></a></li> 280</ul> 281</li> 282<li><a href="#class-rsahashedkeygenparams">Class: <code>RsaHashedKeyGenParams</code></a> 283<ul> 284<li><a href="#rsahashedkeygenparamshash"><code>rsaHashedKeyGenParams.hash</code></a></li> 285<li><a href="#rsahashedkeygenparamsmoduluslength"><code>rsaHashedKeyGenParams.modulusLength</code></a></li> 286<li><a href="#rsahashedkeygenparamsname"><code>rsaHashedKeyGenParams.name</code></a></li> 287<li><a href="#rsahashedkeygenparamspublicexponent"><code>rsaHashedKeyGenParams.publicExponent</code></a></li> 288</ul> 289</li> 290<li><a href="#class-rsaoaepparams">Class: <code>RsaOaepParams</code></a> 291<ul> 292<li><a href="#rsaoaepparamslabel"><code>rsaOaepParams.label</code></a></li> 293<li><a href="#rsaoaepparamsname"><code>rsaOaepParams.name</code></a></li> 294</ul> 295</li> 296<li><a href="#class-rsapssparams">Class: <code>RsaPssParams</code></a> 297<ul> 298<li><a href="#rsapssparamsname"><code>rsaPssParams.name</code></a></li> 299<li><a href="#rsapssparamssaltlength"><code>rsaPssParams.saltLength</code></a></li> 300</ul> 301</li> 302</ul> 303</li> 304</ul> 305</li> 306</ul></div></div> 307 </li> 308 309 310 <li class="picker-header"> 311 <a href="#"> 312 <span class="collapsed-arrow">►</span><span class="expanded-arrow">▼</span> 313 Index 314 </a> 315 316 <div class="picker"><ul> 317<li><a href="documentation.html" class="nav-documentation">About this documentation</a></li> 318<li><a href="synopsis.html" class="nav-synopsis">Usage and example</a></li> 319 320 <li> 321 <a href="index.html">Index</a> 322 </li> 323 </ul> 324 325<hr class="line"> 326<ul> 327<li><a href="assert.html" class="nav-assert">Assertion testing</a></li> 328<li><a href="async_context.html" class="nav-async_context">Asynchronous context tracking</a></li> 329<li><a href="async_hooks.html" class="nav-async_hooks">Async hooks</a></li> 330<li><a href="buffer.html" class="nav-buffer">Buffer</a></li> 331<li><a href="addons.html" class="nav-addons">C++ addons</a></li> 332<li><a href="n-api.html" class="nav-n-api">C/C++ addons with Node-API</a></li> 333<li><a href="embedding.html" class="nav-embedding">C++ embedder API</a></li> 334<li><a href="child_process.html" class="nav-child_process">Child processes</a></li> 335<li><a href="cluster.html" class="nav-cluster">Cluster</a></li> 336<li><a href="cli.html" class="nav-cli">Command-line options</a></li> 337<li><a href="console.html" class="nav-console">Console</a></li> 338<li><a href="corepack.html" class="nav-corepack">Corepack</a></li> 339<li><a href="crypto.html" class="nav-crypto">Crypto</a></li> 340<li><a href="debugger.html" class="nav-debugger">Debugger</a></li> 341<li><a href="deprecations.html" class="nav-deprecations">Deprecated APIs</a></li> 342<li><a href="diagnostics_channel.html" class="nav-diagnostics_channel">Diagnostics Channel</a></li> 343<li><a href="dns.html" class="nav-dns">DNS</a></li> 344<li><a href="domain.html" class="nav-domain">Domain</a></li> 345<li><a href="errors.html" class="nav-errors">Errors</a></li> 346<li><a href="events.html" class="nav-events">Events</a></li> 347<li><a href="fs.html" class="nav-fs">File system</a></li> 348<li><a href="globals.html" class="nav-globals">Globals</a></li> 349<li><a href="http.html" class="nav-http">HTTP</a></li> 350<li><a href="http2.html" class="nav-http2">HTTP/2</a></li> 351<li><a href="https.html" class="nav-https">HTTPS</a></li> 352<li><a href="inspector.html" class="nav-inspector">Inspector</a></li> 353<li><a href="intl.html" class="nav-intl">Internationalization</a></li> 354<li><a href="modules.html" class="nav-modules">Modules: CommonJS modules</a></li> 355<li><a href="esm.html" class="nav-esm">Modules: ECMAScript modules</a></li> 356<li><a href="module.html" class="nav-module">Modules: <code>node:module</code> API</a></li> 357<li><a href="packages.html" class="nav-packages">Modules: Packages</a></li> 358<li><a href="net.html" class="nav-net">Net</a></li> 359<li><a href="os.html" class="nav-os">OS</a></li> 360<li><a href="path.html" class="nav-path">Path</a></li> 361<li><a href="perf_hooks.html" class="nav-perf_hooks">Performance hooks</a></li> 362<li><a href="permissions.html" class="nav-permissions">Permissions</a></li> 363<li><a href="process.html" class="nav-process">Process</a></li> 364<li><a href="punycode.html" class="nav-punycode">Punycode</a></li> 365<li><a href="querystring.html" class="nav-querystring">Query strings</a></li> 366<li><a href="readline.html" class="nav-readline">Readline</a></li> 367<li><a href="repl.html" class="nav-repl">REPL</a></li> 368<li><a href="report.html" class="nav-report">Report</a></li> 369<li><a href="single-executable-applications.html" class="nav-single-executable-applications">Single executable applications</a></li> 370<li><a href="stream.html" class="nav-stream">Stream</a></li> 371<li><a href="string_decoder.html" class="nav-string_decoder">String decoder</a></li> 372<li><a href="test.html" class="nav-test">Test runner</a></li> 373<li><a href="timers.html" class="nav-timers">Timers</a></li> 374<li><a href="tls.html" class="nav-tls">TLS/SSL</a></li> 375<li><a href="tracing.html" class="nav-tracing">Trace events</a></li> 376<li><a href="tty.html" class="nav-tty">TTY</a></li> 377<li><a href="dgram.html" class="nav-dgram">UDP/datagram</a></li> 378<li><a href="url.html" class="nav-url">URL</a></li> 379<li><a href="util.html" class="nav-util">Utilities</a></li> 380<li><a href="v8.html" class="nav-v8">V8</a></li> 381<li><a href="vm.html" class="nav-vm">VM</a></li> 382<li><a href="wasi.html" class="nav-wasi">WASI</a></li> 383<li><a href="webcrypto.html" class="nav-webcrypto active">Web Crypto API</a></li> 384<li><a href="webstreams.html" class="nav-webstreams">Web Streams API</a></li> 385<li><a href="worker_threads.html" class="nav-worker_threads">Worker threads</a></li> 386<li><a href="zlib.html" class="nav-zlib">Zlib</a></li> 387</ul> 388<hr class="line"> 389<ul> 390<li><a href="https://github.com/nodejs/node" class="nav-https-github-com-nodejs-node">Code repository and issue tracker</a></li> 391</ul></div> 392 </li> 393 394 395 <li class="picker-header"> 396 <a href="#"> 397 <span class="collapsed-arrow">►</span><span class="expanded-arrow">▼</span> 398 Other versions 399 </a> 400 <div class="picker"><ol id="alt-docs"><li><a href="https://nodejs.org/docs/latest-v21.x/api/webcrypto.html">21.x</a></li> 401<li><a href="https://nodejs.org/docs/latest-v20.x/api/webcrypto.html">20.x <b>LTS</b></a></li> 402<li><a href="https://nodejs.org/docs/latest-v19.x/api/webcrypto.html">19.x</a></li> 403<li><a href="https://nodejs.org/docs/latest-v18.x/api/webcrypto.html">18.x <b>LTS</b></a></li> 404<li><a href="https://nodejs.org/docs/latest-v17.x/api/webcrypto.html">17.x</a></li> 405<li><a href="https://nodejs.org/docs/latest-v16.x/api/webcrypto.html">16.x</a></li> 406<li><a href="https://nodejs.org/docs/latest-v15.x/api/webcrypto.html">15.x</a></li></ol></div> 407 </li> 408 409 <li class="picker-header"> 410 <a href="#"> 411 <span class="collapsed-arrow">►</span><span class="expanded-arrow">▼</span> 412 Options 413 </a> 414 415 <div class="picker"> 416 <ul> 417 <li> 418 <a href="all.html">View on single page</a> 419 </li> 420 <li> 421 <a href="webcrypto.json">View as JSON</a> 422 </li> 423 <li class="edit_on_github"><a href="https://github.com/nodejs/node/edit/main/doc/api/webcrypto.md">Edit on GitHub</a></li> 424 </ul> 425 </div> 426 </li> 427 </ul> 428 </div> 429 <hr> 430 </header> 431 432 <details id="toc" open><summary>Table of contents</summary><ul> 433<li><span class="stability_1"><a href="#web-crypto-api">Web Crypto API</a></span> 434<ul> 435<li><a href="#examples">Examples</a> 436<ul> 437<li><a href="#generating-keys">Generating keys</a> 438<ul> 439<li><a href="#aes-keys">AES keys</a></li> 440<li><a href="#ecdsa-key-pairs">ECDSA key pairs</a></li> 441<li><span class="stability_1"><a href="#ed25519ed448x25519x448-key-pairs">Ed25519/Ed448/X25519/X448 key pairs</a></span></li> 442<li><a href="#hmac-keys">HMAC keys</a></li> 443<li><a href="#rsa-key-pairs">RSA key pairs</a></li> 444</ul> 445</li> 446<li><a href="#encryption-and-decryption">Encryption and decryption</a></li> 447<li><a href="#exporting-and-importing-keys">Exporting and importing keys</a></li> 448<li><a href="#wrapping-and-unwrapping-keys">Wrapping and unwrapping keys</a></li> 449<li><a href="#sign-and-verify">Sign and verify</a></li> 450<li><a href="#deriving-bits-and-keys">Deriving bits and keys</a></li> 451<li><a href="#digest">Digest</a></li> 452</ul> 453</li> 454<li><a href="#algorithm-matrix">Algorithm matrix</a></li> 455<li><a href="#class-crypto">Class: <code>Crypto</code></a> 456<ul> 457<li><a href="#cryptosubtle"><code>crypto.subtle</code></a></li> 458<li><a href="#cryptogetrandomvaluestypedarray"><code>crypto.getRandomValues(typedArray)</code></a></li> 459<li><a href="#cryptorandomuuid"><code>crypto.randomUUID()</code></a></li> 460</ul> 461</li> 462<li><a href="#class-cryptokey">Class: <code>CryptoKey</code></a> 463<ul> 464<li><a href="#cryptokeyalgorithm"><code>cryptoKey.algorithm</code></a></li> 465<li><a href="#cryptokeyextractable"><code>cryptoKey.extractable</code></a></li> 466<li><a href="#cryptokeytype"><code>cryptoKey.type</code></a></li> 467<li><a href="#cryptokeyusages"><code>cryptoKey.usages</code></a></li> 468</ul> 469</li> 470<li><a href="#class-cryptokeypair">Class: <code>CryptoKeyPair</code></a> 471<ul> 472<li><a href="#cryptokeypairprivatekey"><code>cryptoKeyPair.privateKey</code></a></li> 473<li><a href="#cryptokeypairpublickey"><code>cryptoKeyPair.publicKey</code></a></li> 474</ul> 475</li> 476<li><a href="#class-subtlecrypto">Class: <code>SubtleCrypto</code></a> 477<ul> 478<li><a href="#subtledecryptalgorithm-key-data"><code>subtle.decrypt(algorithm, key, data)</code></a></li> 479<li><a href="#subtlederivebitsalgorithm-basekey-length"><code>subtle.deriveBits(algorithm, baseKey, length)</code></a></li> 480<li><a href="#subtlederivekeyalgorithm-basekey-derivedkeyalgorithm-extractable-keyusages"><code>subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)</code></a></li> 481<li><a href="#subtledigestalgorithm-data"><code>subtle.digest(algorithm, data)</code></a></li> 482<li><a href="#subtleencryptalgorithm-key-data"><code>subtle.encrypt(algorithm, key, data)</code></a></li> 483<li><a href="#subtleexportkeyformat-key"><code>subtle.exportKey(format, key)</code></a></li> 484<li><a href="#subtlegeneratekeyalgorithm-extractable-keyusages"><code>subtle.generateKey(algorithm, extractable, keyUsages)</code></a></li> 485<li><a href="#subtleimportkeyformat-keydata-algorithm-extractable-keyusages"><code>subtle.importKey(format, keyData, algorithm, extractable, keyUsages)</code></a></li> 486<li><a href="#subtlesignalgorithm-key-data"><code>subtle.sign(algorithm, key, data)</code></a></li> 487<li><a href="#subtleunwrapkeyformat-wrappedkey-unwrappingkey-unwrapalgo-unwrappedkeyalgo-extractable-keyusages"><code>subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)</code></a></li> 488<li><a href="#subtleverifyalgorithm-key-signature-data"><code>subtle.verify(algorithm, key, signature, data)</code></a></li> 489<li><a href="#subtlewrapkeyformat-key-wrappingkey-wrapalgo"><code>subtle.wrapKey(format, key, wrappingKey, wrapAlgo)</code></a></li> 490</ul> 491</li> 492<li><a href="#algorithm-parameters">Algorithm parameters</a> 493<ul> 494<li><a href="#class-algorithmidentifier">Class: <code>AlgorithmIdentifier</code></a> 495<ul> 496<li><a href="#algorithmidentifiername"><code>algorithmIdentifier.name</code></a></li> 497</ul> 498</li> 499<li><a href="#class-aescbcparams">Class: <code>AesCbcParams</code></a> 500<ul> 501<li><a href="#aescbcparamsiv"><code>aesCbcParams.iv</code></a></li> 502<li><a href="#aescbcparamsname"><code>aesCbcParams.name</code></a></li> 503</ul> 504</li> 505<li><a href="#class-aesctrparams">Class: <code>AesCtrParams</code></a> 506<ul> 507<li><a href="#aesctrparamscounter"><code>aesCtrParams.counter</code></a></li> 508<li><a href="#aesctrparamslength"><code>aesCtrParams.length</code></a></li> 509<li><a href="#aesctrparamsname"><code>aesCtrParams.name</code></a></li> 510</ul> 511</li> 512<li><a href="#class-aesgcmparams">Class: <code>AesGcmParams</code></a> 513<ul> 514<li><a href="#aesgcmparamsadditionaldata"><code>aesGcmParams.additionalData</code></a></li> 515<li><a href="#aesgcmparamsiv"><code>aesGcmParams.iv</code></a></li> 516<li><a href="#aesgcmparamsname"><code>aesGcmParams.name</code></a></li> 517<li><a href="#aesgcmparamstaglength"><code>aesGcmParams.tagLength</code></a></li> 518</ul> 519</li> 520<li><a href="#class-aeskeygenparams">Class: <code>AesKeyGenParams</code></a> 521<ul> 522<li><a href="#aeskeygenparamslength"><code>aesKeyGenParams.length</code></a></li> 523<li><a href="#aeskeygenparamsname"><code>aesKeyGenParams.name</code></a></li> 524</ul> 525</li> 526<li><a href="#class-ecdhkeyderiveparams">Class: <code>EcdhKeyDeriveParams</code></a> 527<ul> 528<li><a href="#ecdhkeyderiveparamsname"><code>ecdhKeyDeriveParams.name</code></a></li> 529<li><a href="#ecdhkeyderiveparamspublic"><code>ecdhKeyDeriveParams.public</code></a></li> 530</ul> 531</li> 532<li><a href="#class-ecdsaparams">Class: <code>EcdsaParams</code></a> 533<ul> 534<li><a href="#ecdsaparamshash"><code>ecdsaParams.hash</code></a></li> 535<li><a href="#ecdsaparamsname"><code>ecdsaParams.name</code></a></li> 536</ul> 537</li> 538<li><a href="#class-eckeygenparams">Class: <code>EcKeyGenParams</code></a> 539<ul> 540<li><a href="#eckeygenparamsname"><code>ecKeyGenParams.name</code></a></li> 541<li><a href="#eckeygenparamsnamedcurve"><code>ecKeyGenParams.namedCurve</code></a></li> 542</ul> 543</li> 544<li><a href="#class-eckeyimportparams">Class: <code>EcKeyImportParams</code></a> 545<ul> 546<li><a href="#eckeyimportparamsname"><code>ecKeyImportParams.name</code></a></li> 547<li><a href="#eckeyimportparamsnamedcurve"><code>ecKeyImportParams.namedCurve</code></a></li> 548</ul> 549</li> 550<li><a href="#class-ed448params">Class: <code>Ed448Params</code></a> 551<ul> 552<li><a href="#ed448paramsname"><code>ed448Params.name</code></a></li> 553<li><a href="#ed448paramscontext"><code>ed448Params.context</code></a></li> 554</ul> 555</li> 556<li><a href="#class-hkdfparams">Class: <code>HkdfParams</code></a> 557<ul> 558<li><a href="#hkdfparamshash"><code>hkdfParams.hash</code></a></li> 559<li><a href="#hkdfparamsinfo"><code>hkdfParams.info</code></a></li> 560<li><a href="#hkdfparamsname"><code>hkdfParams.name</code></a></li> 561<li><a href="#hkdfparamssalt"><code>hkdfParams.salt</code></a></li> 562</ul> 563</li> 564<li><a href="#class-hmacimportparams">Class: <code>HmacImportParams</code></a> 565<ul> 566<li><a href="#hmacimportparamshash"><code>hmacImportParams.hash</code></a></li> 567<li><a href="#hmacimportparamslength"><code>hmacImportParams.length</code></a></li> 568<li><a href="#hmacimportparamsname"><code>hmacImportParams.name</code></a></li> 569</ul> 570</li> 571<li><a href="#class-hmackeygenparams">Class: <code>HmacKeyGenParams</code></a> 572<ul> 573<li><a href="#hmackeygenparamshash"><code>hmacKeyGenParams.hash</code></a></li> 574<li><a href="#hmackeygenparamslength"><code>hmacKeyGenParams.length</code></a></li> 575<li><a href="#hmackeygenparamsname"><code>hmacKeyGenParams.name</code></a></li> 576</ul> 577</li> 578<li><a href="#class-pbkdf2params">Class: <code>Pbkdf2Params</code></a> 579<ul> 580<li><a href="#pbkdb2paramshash"><code>pbkdb2Params.hash</code></a></li> 581<li><a href="#pbkdf2paramsiterations"><code>pbkdf2Params.iterations</code></a></li> 582<li><a href="#pbkdf2paramsname"><code>pbkdf2Params.name</code></a></li> 583<li><a href="#pbkdf2paramssalt"><code>pbkdf2Params.salt</code></a></li> 584</ul> 585</li> 586<li><a href="#class-rsahashedimportparams">Class: <code>RsaHashedImportParams</code></a> 587<ul> 588<li><a href="#rsahashedimportparamshash"><code>rsaHashedImportParams.hash</code></a></li> 589<li><a href="#rsahashedimportparamsname"><code>rsaHashedImportParams.name</code></a></li> 590</ul> 591</li> 592<li><a href="#class-rsahashedkeygenparams">Class: <code>RsaHashedKeyGenParams</code></a> 593<ul> 594<li><a href="#rsahashedkeygenparamshash"><code>rsaHashedKeyGenParams.hash</code></a></li> 595<li><a href="#rsahashedkeygenparamsmoduluslength"><code>rsaHashedKeyGenParams.modulusLength</code></a></li> 596<li><a href="#rsahashedkeygenparamsname"><code>rsaHashedKeyGenParams.name</code></a></li> 597<li><a href="#rsahashedkeygenparamspublicexponent"><code>rsaHashedKeyGenParams.publicExponent</code></a></li> 598</ul> 599</li> 600<li><a href="#class-rsaoaepparams">Class: <code>RsaOaepParams</code></a> 601<ul> 602<li><a href="#rsaoaepparamslabel"><code>rsaOaepParams.label</code></a></li> 603<li><a href="#rsaoaepparamsname"><code>rsaOaepParams.name</code></a></li> 604</ul> 605</li> 606<li><a href="#class-rsapssparams">Class: <code>RsaPssParams</code></a> 607<ul> 608<li><a href="#rsapssparamsname"><code>rsaPssParams.name</code></a></li> 609<li><a href="#rsapssparamssaltlength"><code>rsaPssParams.saltLength</code></a></li> 610</ul> 611</li> 612</ul> 613</li> 614</ul> 615</li> 616</ul></details> 617 618 <div id="apicontent"> 619 <h2>Web Crypto API<span><a class="mark" href="#web-crypto-api" id="web-crypto-api">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_web_crypto_api"></a></h2> 620<div class="api_metadata"> 621<details class="changelog"><summary>History</summary> 622<table> 623<tbody><tr><th>Version</th><th>Changes</th></tr> 624<tr><td>v18.17.0</td> 625<td><p>Arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations.</p></td></tr> 626<tr><td>v18.4.0</td> 627<td><p>Removed proprietary <code>'node.keyObject'</code> import/export format.</p></td></tr> 628<tr><td>v18.4.0</td> 629<td><p>Removed proprietary <code>'NODE-DSA'</code>, <code>'NODE-DH'</code>, and <code>'NODE-SCRYPT'</code> algorithms.</p></td></tr> 630<tr><td>v18.4.0</td> 631<td><p>Added <code>'Ed25519'</code>, <code>'Ed448'</code>, <code>'X25519'</code>, and <code>'X448'</code> algorithms.</p></td></tr> 632<tr><td>v18.4.0</td> 633<td><p>Removed proprietary <code>'NODE-ED25519'</code> and <code>'NODE-ED448'</code> algorithms.</p></td></tr> 634<tr><td>v18.4.0</td> 635<td><p>Removed proprietary <code>'NODE-X25519'</code> and <code>'NODE-X448'</code> named curves from the <code>'ECDH'</code> algorithm.</p></td></tr> 636</tbody></table> 637</details> 638</div> 639 640<p></p><div class="api_stability api_stability_1"><a href="documentation.html#stability-index">Stability: 1</a> - Experimental</div><p></p> 641<p>Node.js provides an implementation of the standard <a href="https://www.w3.org/TR/WebCryptoAPI/">Web Crypto API</a>.</p> 642<p>Use <code>require('node:crypto').webcrypto</code> to access this module.</p> 643<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 644 645(<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span>(<span class="hljs-params"></span>) { 646 647 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">generateKey</span>({ 648 <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, 649 <span class="hljs-attr">hash</span>: <span class="hljs-string">'SHA-256'</span>, 650 <span class="hljs-attr">length</span>: <span class="hljs-number">256</span>, 651 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 652 653 <span class="hljs-keyword">const</span> enc = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 654 <span class="hljs-keyword">const</span> message = enc.<span class="hljs-title function_">encode</span>(<span class="hljs-string">'I love cupcakes'</span>); 655 656 <span class="hljs-keyword">const</span> digest = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">sign</span>({ 657 <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, 658 }, key, message); 659 660})();</code> <button class="copy-button">copy</button></pre> 661<section><h3>Examples<span><a class="mark" href="#examples" id="examples">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_examples"></a></h3> 662<h4>Generating keys<span><a class="mark" href="#generating-keys" id="generating-keys">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_generating_keys"></a></h4> 663<p>The <a href="webcrypto.html#class-subtlecrypto" class="type"><SubtleCrypto></a> class can be used to generate symmetric (secret) keys 664or asymmetric key pairs (public key and private key).</p> 665<h5>AES keys<span><a class="mark" href="#aes-keys" id="aes-keys">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aes_keys"></a></h5> 666<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 667 668<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateAesKey</span>(<span class="hljs-params">length = <span class="hljs-number">256</span></span>) { 669 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">generateKey</span>({ 670 <span class="hljs-attr">name</span>: <span class="hljs-string">'AES-CBC'</span>, 671 length, 672 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'encrypt'</span>, <span class="hljs-string">'decrypt'</span>]); 673 674 <span class="hljs-keyword">return</span> key; 675}</code> <button class="copy-button">copy</button></pre> 676<h5>ECDSA key pairs<span><a class="mark" href="#ecdsa-key-pairs" id="ecdsa-key-pairs">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ecdsa_key_pairs"></a></h5> 677<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 678 679<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateEcKey</span>(<span class="hljs-params">namedCurve = <span class="hljs-string">'P-521'</span></span>) { 680 <span class="hljs-keyword">const</span> { 681 publicKey, 682 privateKey, 683 } = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">generateKey</span>({ 684 <span class="hljs-attr">name</span>: <span class="hljs-string">'ECDSA'</span>, 685 namedCurve, 686 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 687 688 <span class="hljs-keyword">return</span> { publicKey, privateKey }; 689}</code> <button class="copy-button">copy</button></pre> 690<h5>Ed25519/Ed448/X25519/X448 key pairs<span><a class="mark" href="#ed25519ed448x25519x448-key-pairs" id="ed25519ed448x25519x448-key-pairs">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ed25519_ed448_x25519_x448_key_pairs"></a></h5> 691<p></p><div class="api_stability api_stability_1"><a href="documentation.html#stability-index">Stability: 1</a> - Experimental</div><p></p> 692<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 693 694<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateEd25519Key</span>(<span class="hljs-params"></span>) { 695 <span class="hljs-keyword">return</span> subtle.<span class="hljs-title function_">generateKey</span>({ 696 <span class="hljs-attr">name</span>: <span class="hljs-string">'Ed25519'</span>, 697 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 698} 699 700<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateX25519Key</span>(<span class="hljs-params"></span>) { 701 <span class="hljs-keyword">return</span> subtle.<span class="hljs-title function_">generateKey</span>({ 702 <span class="hljs-attr">name</span>: <span class="hljs-string">'X25519'</span>, 703 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'deriveKey'</span>]); 704}</code> <button class="copy-button">copy</button></pre> 705<h5>HMAC keys<span><a class="mark" href="#hmac-keys" id="hmac-keys">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmac_keys"></a></h5> 706<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 707 708<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateHmacKey</span>(<span class="hljs-params">hash = <span class="hljs-string">'SHA-256'</span></span>) { 709 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">generateKey</span>({ 710 <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, 711 hash, 712 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 713 714 <span class="hljs-keyword">return</span> key; 715}</code> <button class="copy-button">copy</button></pre> 716<h5>RSA key pairs<span><a class="mark" href="#rsa-key-pairs" id="rsa-key-pairs">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsa_key_pairs"></a></h5> 717<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 718<span class="hljs-keyword">const</span> publicExponent = <span class="hljs-keyword">new</span> <span class="hljs-title class_">Uint8Array</span>([<span class="hljs-number">1</span>, <span class="hljs-number">0</span>, <span class="hljs-number">1</span>]); 719 720<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateRsaKey</span>(<span class="hljs-params">modulusLength = <span class="hljs-number">2048</span>, hash = <span class="hljs-string">'SHA-256'</span></span>) { 721 <span class="hljs-keyword">const</span> { 722 publicKey, 723 privateKey, 724 } = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">generateKey</span>({ 725 <span class="hljs-attr">name</span>: <span class="hljs-string">'RSASSA-PKCS1-v1_5'</span>, 726 modulusLength, 727 publicExponent, 728 hash, 729 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 730 731 <span class="hljs-keyword">return</span> { publicKey, privateKey }; 732}</code> <button class="copy-button">copy</button></pre> 733<h4>Encryption and decryption<span><a class="mark" href="#encryption-and-decryption" id="encryption-and-decryption">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_encryption_and_decryption"></a></h4> 734<pre><code class="language-js"><span class="hljs-keyword">const</span> crypto = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 735 736<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">aesEncrypt</span>(<span class="hljs-params">plaintext</span>) { 737 <span class="hljs-keyword">const</span> ec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 738 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> <span class="hljs-title function_">generateAesKey</span>(); 739 <span class="hljs-keyword">const</span> iv = crypto.<span class="hljs-title function_">getRandomValues</span>(<span class="hljs-keyword">new</span> <span class="hljs-title class_">Uint8Array</span>(<span class="hljs-number">16</span>)); 740 741 <span class="hljs-keyword">const</span> ciphertext = <span class="hljs-keyword">await</span> crypto.<span class="hljs-property">subtle</span>.<span class="hljs-title function_">encrypt</span>({ 742 <span class="hljs-attr">name</span>: <span class="hljs-string">'AES-CBC'</span>, 743 iv, 744 }, key, ec.<span class="hljs-title function_">encode</span>(plaintext)); 745 746 <span class="hljs-keyword">return</span> { 747 key, 748 iv, 749 ciphertext, 750 }; 751} 752 753<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">aesDecrypt</span>(<span class="hljs-params">ciphertext, key, iv</span>) { 754 <span class="hljs-keyword">const</span> dec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextDecoder</span>(); 755 <span class="hljs-keyword">const</span> plaintext = <span class="hljs-keyword">await</span> crypto.<span class="hljs-property">subtle</span>.<span class="hljs-title function_">decrypt</span>({ 756 <span class="hljs-attr">name</span>: <span class="hljs-string">'AES-CBC'</span>, 757 iv, 758 }, key, ciphertext); 759 760 <span class="hljs-keyword">return</span> dec.<span class="hljs-title function_">decode</span>(plaintext); 761}</code> <button class="copy-button">copy</button></pre> 762<h4>Exporting and importing keys<span><a class="mark" href="#exporting-and-importing-keys" id="exporting-and-importing-keys">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_exporting_and_importing_keys"></a></h4> 763<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 764 765<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateAndExportHmacKey</span>(<span class="hljs-params">format = <span class="hljs-string">'jwk'</span>, hash = <span class="hljs-string">'SHA-512'</span></span>) { 766 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">generateKey</span>({ 767 <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, 768 hash, 769 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 770 771 <span class="hljs-keyword">return</span> subtle.<span class="hljs-title function_">exportKey</span>(format, key); 772} 773 774<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">importHmacKey</span>(<span class="hljs-params">keyData, format = <span class="hljs-string">'jwk'</span>, hash = <span class="hljs-string">'SHA-512'</span></span>) { 775 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.importKey(format, keyData, { 776 <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, 777 hash, 778 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 779 780 <span class="hljs-keyword">return</span> key; 781}</code> <button class="copy-button">copy</button></pre> 782<h4>Wrapping and unwrapping keys<span><a class="mark" href="#wrapping-and-unwrapping-keys" id="wrapping-and-unwrapping-keys">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_wrapping_and_unwrapping_keys"></a></h4> 783<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 784 785<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">generateAndWrapHmacKey</span>(<span class="hljs-params">format = <span class="hljs-string">'jwk'</span>, hash = <span class="hljs-string">'SHA-512'</span></span>) { 786 <span class="hljs-keyword">const</span> [ 787 key, 788 wrappingKey, 789 ] = <span class="hljs-keyword">await</span> <span class="hljs-title class_">Promise</span>.<span class="hljs-title function_">all</span>([ 790 subtle.<span class="hljs-title function_">generateKey</span>({ 791 <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, hash, 792 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]), 793 subtle.<span class="hljs-title function_">generateKey</span>({ 794 <span class="hljs-attr">name</span>: <span class="hljs-string">'AES-KW'</span>, 795 <span class="hljs-attr">length</span>: <span class="hljs-number">256</span>, 796 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'wrapKey'</span>, <span class="hljs-string">'unwrapKey'</span>]), 797 ]); 798 799 <span class="hljs-keyword">const</span> wrappedKey = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">wrapKey</span>(format, key, wrappingKey, <span class="hljs-string">'AES-KW'</span>); 800 801 <span class="hljs-keyword">return</span> { wrappedKey, wrappingKey }; 802} 803 804<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">unwrapHmacKey</span>(<span class="hljs-params"> 805 wrappedKey, 806 wrappingKey, 807 format = <span class="hljs-string">'jwk'</span>, 808 hash = <span class="hljs-string">'SHA-512'</span></span>) { 809 810 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">unwrapKey</span>( 811 format, 812 wrappedKey, 813 wrappingKey, 814 <span class="hljs-string">'AES-KW'</span>, 815 { <span class="hljs-attr">name</span>: <span class="hljs-string">'HMAC'</span>, hash }, 816 <span class="hljs-literal">true</span>, 817 [<span class="hljs-string">'sign'</span>, <span class="hljs-string">'verify'</span>]); 818 819 <span class="hljs-keyword">return</span> key; 820}</code> <button class="copy-button">copy</button></pre> 821<h4>Sign and verify<span><a class="mark" href="#sign-and-verify" id="sign-and-verify">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_sign_and_verify"></a></h4> 822<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 823 824<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">sign</span>(<span class="hljs-params">key, data</span>) { 825 <span class="hljs-keyword">const</span> ec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 826 <span class="hljs-keyword">const</span> signature = 827 <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">sign</span>(<span class="hljs-string">'RSASSA-PKCS1-v1_5'</span>, key, ec.<span class="hljs-title function_">encode</span>(data)); 828 <span class="hljs-keyword">return</span> signature; 829} 830 831<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">verify</span>(<span class="hljs-params">key, signature, data</span>) { 832 <span class="hljs-keyword">const</span> ec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 833 <span class="hljs-keyword">const</span> verified = 834 <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">verify</span>( 835 <span class="hljs-string">'RSASSA-PKCS1-v1_5'</span>, 836 key, 837 signature, 838 ec.<span class="hljs-title function_">encode</span>(data)); 839 <span class="hljs-keyword">return</span> verified; 840}</code> <button class="copy-button">copy</button></pre> 841<h4>Deriving bits and keys<span><a class="mark" href="#deriving-bits-and-keys" id="deriving-bits-and-keys">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_deriving_bits_and_keys"></a></h4> 842<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 843 844<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">pbkdf2</span>(<span class="hljs-params">pass, salt, iterations = <span class="hljs-number">1000</span>, length = <span class="hljs-number">256</span></span>) { 845 <span class="hljs-keyword">const</span> ec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 846 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.importKey( 847 <span class="hljs-string">'raw'</span>, 848 ec.<span class="hljs-title function_">encode</span>(pass), 849 <span class="hljs-string">'PBKDF2'</span>, 850 <span class="hljs-literal">false</span>, 851 [<span class="hljs-string">'deriveBits'</span>]); 852 <span class="hljs-keyword">const</span> bits = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">deriveBits</span>({ 853 <span class="hljs-attr">name</span>: <span class="hljs-string">'PBKDF2'</span>, 854 <span class="hljs-attr">hash</span>: <span class="hljs-string">'SHA-512'</span>, 855 <span class="hljs-attr">salt</span>: ec.<span class="hljs-title function_">encode</span>(salt), 856 iterations, 857 }, key, length); 858 <span class="hljs-keyword">return</span> bits; 859} 860 861<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">pbkdf2Key</span>(<span class="hljs-params">pass, salt, iterations = <span class="hljs-number">1000</span>, length = <span class="hljs-number">256</span></span>) { 862 <span class="hljs-keyword">const</span> ec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 863 <span class="hljs-keyword">const</span> keyMaterial = <span class="hljs-keyword">await</span> subtle.importKey( 864 <span class="hljs-string">'raw'</span>, 865 ec.<span class="hljs-title function_">encode</span>(pass), 866 <span class="hljs-string">'PBKDF2'</span>, 867 <span class="hljs-literal">false</span>, 868 [<span class="hljs-string">'deriveKey'</span>]); 869 <span class="hljs-keyword">const</span> key = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">deriveKey</span>({ 870 <span class="hljs-attr">name</span>: <span class="hljs-string">'PBKDF2'</span>, 871 <span class="hljs-attr">hash</span>: <span class="hljs-string">'SHA-512'</span>, 872 <span class="hljs-attr">salt</span>: ec.<span class="hljs-title function_">encode</span>(salt), 873 iterations, 874 }, keyMaterial, { 875 <span class="hljs-attr">name</span>: <span class="hljs-string">'AES-GCM'</span>, 876 <span class="hljs-attr">length</span>: <span class="hljs-number">256</span>, 877 }, <span class="hljs-literal">true</span>, [<span class="hljs-string">'encrypt'</span>, <span class="hljs-string">'decrypt'</span>]); 878 <span class="hljs-keyword">return</span> key; 879}</code> <button class="copy-button">copy</button></pre> 880<h4>Digest<span><a class="mark" href="#digest" id="digest">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_digest"></a></h4> 881<pre><code class="language-js"><span class="hljs-keyword">const</span> { subtle } = <span class="hljs-built_in">require</span>(<span class="hljs-string">'node:crypto'</span>).<span class="hljs-property">webcrypto</span>; 882 883<span class="hljs-keyword">async</span> <span class="hljs-keyword">function</span> <span class="hljs-title function_">digest</span>(<span class="hljs-params">data, algorithm = <span class="hljs-string">'SHA-512'</span></span>) { 884 <span class="hljs-keyword">const</span> ec = <span class="hljs-keyword">new</span> <span class="hljs-title class_">TextEncoder</span>(); 885 <span class="hljs-keyword">const</span> digest = <span class="hljs-keyword">await</span> subtle.<span class="hljs-title function_">digest</span>(algorithm, ec.<span class="hljs-title function_">encode</span>(data)); 886 <span class="hljs-keyword">return</span> digest; 887}</code> <button class="copy-button">copy</button></pre> 888</section><section><h3>Algorithm matrix<span><a class="mark" href="#algorithm-matrix" id="algorithm-matrix">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_algorithm_matrix"></a></h3> 889<p>The table details the algorithms supported by the Node.js Web Crypto API 890implementation and the APIs supported for each:</p> 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211<table><thead><tr><th>Algorithm</th><th><code>generateKey</code></th><th><code>exportKey</code></th><th><code>importKey</code></th><th><code>encrypt</code></th><th><code>decrypt</code></th><th><code>wrapKey</code></th><th><code>unwrapKey</code></th><th><code>deriveBits</code></th><th><code>deriveKey</code></th><th><code>sign</code></th><th><code>verify</code></th><th><code>digest</code></th></tr></thead><tbody><tr><td><code>'RSASSA-PKCS1-v1_5'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'RSA-PSS'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'RSA-OAEP'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'ECDSA'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-2" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'ECDH'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td></tr><tr><td><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-3" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td></tr><tr><td><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-4" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td></tr><tr><td><code>'AES-CTR'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'AES-CBC'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'AES-GCM'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'AES-KW'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'HMAC'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'HKDF'</code></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td></tr><tr><td><code>'PBKDF2'</code></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td></tr><tr><td><code>'SHA-1'</code></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td></tr><tr><td><code>'SHA-256'</code></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td></tr><tr><td><code>'SHA-384'</code></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td></tr><tr><td><code>'SHA-512'</code></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td></tr></tbody></table> 1212</section><section><h3>Class: <code>Crypto</code><span><a class="mark" href="#class-crypto" id="class-crypto">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_crypto"></a></h3> 1213<div class="api_metadata"> 1214<span>Added in: v15.0.0</span> 1215</div> 1216<p>Calling <code>require('node:crypto').webcrypto</code> returns an instance of the <code>Crypto</code> 1217class. <code>Crypto</code> is a singleton that provides access to the remainder of the 1218crypto API.</p> 1219<h4><code>crypto.subtle</code><span><a class="mark" href="#cryptosubtle" id="cryptosubtle">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_crypto_subtle"></a></h4> 1220<div class="api_metadata"> 1221<span>Added in: v15.0.0</span> 1222</div> 1223<ul> 1224<li>Type: <a href="webcrypto.html#class-subtlecrypto" class="type"><SubtleCrypto></a></li> 1225</ul> 1226<p>Provides access to the <code>SubtleCrypto</code> API.</p> 1227<h4><code>crypto.getRandomValues(typedArray)</code><span><a class="mark" href="#cryptogetrandomvaluestypedarray" id="cryptogetrandomvaluestypedarray">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_crypto_getrandomvalues_typedarray"></a></h4> 1228<div class="api_metadata"> 1229<span>Added in: v15.0.0</span> 1230</div> 1231<ul> 1232<li><code>typedArray</code> <a href="buffer.html#class-buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a></li> 1233<li>Returns: <a href="buffer.html#class-buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a></li> 1234</ul> 1235<p>Generates cryptographically strong random values. The given <code>typedArray</code> is 1236filled with random values, and a reference to <code>typedArray</code> is returned.</p> 1237<p>The given <code>typedArray</code> must be an integer-based instance of <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a>, 1238i.e. <code>Float32Array</code> and <code>Float64Array</code> are not accepted.</p> 1239<p>An error will be thrown if the given <code>typedArray</code> is larger than 65,536 bytes.</p> 1240<h4><code>crypto.randomUUID()</code><span><a class="mark" href="#cryptorandomuuid" id="cryptorandomuuid">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_crypto_randomuuid"></a></h4> 1241<div class="api_metadata"> 1242<span>Added in: v16.7.0</span> 1243</div> 1244<ul> 1245<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a></li> 1246</ul> 1247<p>Generates a random <a href="https://www.rfc-editor.org/rfc/rfc4122.txt">RFC 4122</a> version 4 UUID. The UUID is generated using a 1248cryptographic pseudorandom number generator.</p> 1249</section><section><h3>Class: <code>CryptoKey</code><span><a class="mark" href="#class-cryptokey" id="class-cryptokey">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_cryptokey"></a></h3> 1250<div class="api_metadata"> 1251<span>Added in: v15.0.0</span> 1252</div> 1253<h4><code>cryptoKey.algorithm</code><span><a class="mark" href="#cryptokeyalgorithm" id="cryptokeyalgorithm">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_cryptokey_algorithm"></a></h4> 1254<div class="api_metadata"> 1255<span>Added in: v15.0.0</span> 1256</div> 1257<!--lint disable maximum-line-length remark-lint--> 1258<ul> 1259<li>Type: <a href="webcrypto.html#class-aeskeygenparams" class="type"><AesKeyGenParams></a> | <a href="webcrypto.html#class-rsahashedkeygenparams" class="type"><RsaHashedKeyGenParams></a> | <a href="webcrypto.html#class-eckeygenparams" class="type"><EcKeyGenParams></a> | <a href="webcrypto.html#class-hmackeygenparams" class="type"><HmacKeyGenParams></a></li> 1260</ul> 1261<!--lint enable maximum-line-length remark-lint--> 1262<p>An object detailing the algorithm for which the key can be used along with 1263additional algorithm-specific parameters.</p> 1264<p>Read-only.</p> 1265<h4><code>cryptoKey.extractable</code><span><a class="mark" href="#cryptokeyextractable" id="cryptokeyextractable">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_cryptokey_extractable"></a></h4> 1266<div class="api_metadata"> 1267<span>Added in: v15.0.0</span> 1268</div> 1269<ul> 1270<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li> 1271</ul> 1272<p>When <code>true</code>, the <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> can be extracted using either 1273<code>subtleCrypto.exportKey()</code> or <code>subtleCrypto.wrapKey()</code>.</p> 1274<p>Read-only.</p> 1275<h4><code>cryptoKey.type</code><span><a class="mark" href="#cryptokeytype" id="cryptokeytype">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_cryptokey_type"></a></h4> 1276<div class="api_metadata"> 1277<span>Added in: v15.0.0</span> 1278</div> 1279<ul> 1280<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> One of <code>'secret'</code>, <code>'private'</code>, or <code>'public'</code>.</li> 1281</ul> 1282<p>A string identifying whether the key is a symmetric (<code>'secret'</code>) or 1283asymmetric (<code>'private'</code> or <code>'public'</code>) key.</p> 1284<h4><code>cryptoKey.usages</code><span><a class="mark" href="#cryptokeyusages" id="cryptokeyusages">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_cryptokey_usages"></a></h4> 1285<div class="api_metadata"> 1286<span>Added in: v15.0.0</span> 1287</div> 1288<ul> 1289<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string[]></a></li> 1290</ul> 1291<p>An array of strings identifying the operations for which the 1292key may be used.</p> 1293<p>The possible usages are:</p> 1294<ul> 1295<li><code>'encrypt'</code> - The key may be used to encrypt data.</li> 1296<li><code>'decrypt'</code> - The key may be used to decrypt data.</li> 1297<li><code>'sign'</code> - The key may be used to generate digital signatures.</li> 1298<li><code>'verify'</code> - The key may be used to verify digital signatures.</li> 1299<li><code>'deriveKey'</code> - The key may be used to derive a new key.</li> 1300<li><code>'deriveBits'</code> - The key may be used to derive bits.</li> 1301<li><code>'wrapKey'</code> - The key may be used to wrap another key.</li> 1302<li><code>'unwrapKey'</code> - The key may be used to unwrap another key.</li> 1303</ul> 1304<p>Valid key usages depend on the key algorithm (identified by 1305<code>cryptokey.algorithm.name</code>).</p> 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498<table><thead><tr><th>Key Type</th><th><code>'encrypt'</code></th><th><code>'decrypt'</code></th><th><code>'sign'</code></th><th><code>'verify'</code></th><th><code>'deriveKey'</code></th><th><code>'deriveBits'</code></th><th><code>'wrapKey'</code></th><th><code>'unwrapKey'</code></th></tr></thead><tbody><tr><td><code>'AES-CBC'</code></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-CTR'</code></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-GCM'</code></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-KW'</code></td><td></td><td></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'ECDH'</code></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td></tr><tr><td><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-5" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td></tr><tr><td><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-6" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td></tr><tr><td><code>'ECDSA'</code></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td></tr><tr><td><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-7" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td></tr><tr><td><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-8" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td></tr><tr><td><code>'HDKF'</code></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td></tr><tr><td><code>'HMAC'</code></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td></tr><tr><td><code>'PBKDF2'</code></td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td></tr><tr><td><code>'RSA-OAEP'</code></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'RSA-PSS'</code></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td></tr><tr><td><code>'RSASSA-PKCS1-v1_5'</code></td><td></td><td></td><td>✔</td><td>✔</td><td></td><td></td><td></td><td></td></tr></tbody></table> 1499</section><section><h3>Class: <code>CryptoKeyPair</code><span><a class="mark" href="#class-cryptokeypair" id="class-cryptokeypair">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_cryptokeypair"></a></h3> 1500<div class="api_metadata"> 1501<span>Added in: v15.0.0</span> 1502</div> 1503<p>The <code>CryptoKeyPair</code> is a simple dictionary object with <code>publicKey</code> and 1504<code>privateKey</code> properties, representing an asymmetric key pair.</p> 1505<h4><code>cryptoKeyPair.privateKey</code><span><a class="mark" href="#cryptokeypairprivatekey" id="cryptokeypairprivatekey">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_cryptokeypair_privatekey"></a></h4> 1506<div class="api_metadata"> 1507<span>Added in: v15.0.0</span> 1508</div> 1509<ul> 1510<li>Type: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> A <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> whose <code>type</code> will be <code>'private'</code>.</li> 1511</ul> 1512<h4><code>cryptoKeyPair.publicKey</code><span><a class="mark" href="#cryptokeypairpublickey" id="cryptokeypairpublickey">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_cryptokeypair_publickey"></a></h4> 1513<div class="api_metadata"> 1514<span>Added in: v15.0.0</span> 1515</div> 1516<ul> 1517<li>Type: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> A <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> whose <code>type</code> will be <code>'public'</code>.</li> 1518</ul> 1519</section><section><h3>Class: <code>SubtleCrypto</code><span><a class="mark" href="#class-subtlecrypto" id="class-subtlecrypto">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_subtlecrypto"></a></h3> 1520<div class="api_metadata"> 1521<span>Added in: v15.0.0</span> 1522</div> 1523<h4><code>subtle.decrypt(algorithm, key, data)</code><span><a class="mark" href="#subtledecryptalgorithm-key-data" id="subtledecryptalgorithm-key-data">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_decrypt_algorithm_key_data"></a></h4> 1524<div class="api_metadata"> 1525<span>Added in: v15.0.0</span> 1526</div> 1527<ul> 1528<li><code>algorithm</code>: <a href="webcrypto.html#class-rsaoaepparams" class="type"><RsaOaepParams></a> | <a href="webcrypto.html#class-aesctrparams" class="type"><AesCtrParams></a> | <a href="webcrypto.html#class-aescbcparams" class="type"><AesCbcParams></a> | <a href="webcrypto.html#class-aesgcmparams" class="type"><AesGcmParams></a></li> 1529<li><code>key</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1530<li><code>data</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 1531<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a></li> 1532</ul> 1533<p>Using the method and parameters specified in <code>algorithm</code> and the keying 1534material provided by <code>key</code>, <code>subtle.decrypt()</code> attempts to decipher the 1535provided <code>data</code>. If successful, the returned promise will be resolved with 1536an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> containing the plaintext result.</p> 1537<p>The algorithms currently supported include:</p> 1538<ul> 1539<li><code>'RSA-OAEP'</code></li> 1540<li><code>'AES-CTR'</code></li> 1541<li><code>'AES-CBC'</code></li> 1542<li><code>'AES-GCM</code>'</li> 1543</ul> 1544<h4><code>subtle.deriveBits(algorithm, baseKey, length)</code><span><a class="mark" href="#subtlederivebitsalgorithm-basekey-length" id="subtlederivebitsalgorithm-basekey-length">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_derivebits_algorithm_basekey_length"></a></h4> 1545<div class="api_metadata"> 1546<details class="changelog"><summary>History</summary> 1547<table> 1548<tbody><tr><th>Version</th><th>Changes</th></tr> 1549<tr><td>v18.4.0</td> 1550<td><p>Added <code>'X25519'</code>, and <code>'X448'</code> algorithms.</p></td></tr> 1551<tr><td>v15.0.0</td> 1552<td><p><span>Added in: v15.0.0</span></p></td></tr> 1553</tbody></table> 1554</details> 1555</div> 1556<!--lint disable maximum-line-length remark-lint--> 1557<ul> 1558<li><code>algorithm</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-ecdhkeyderiveparams" class="type"><EcdhKeyDeriveParams></a> | <a href="webcrypto.html#class-hkdfparams" class="type"><HkdfParams></a> | <a href="webcrypto.html#class-pbkdf2params" class="type"><Pbkdf2Params></a></li> 1559<li><code>baseKey</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1560<li><code>length</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Null_type" class="type"><null></a></li> 1561<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a></li> 1562</ul> 1563<!--lint enable maximum-line-length remark-lint--> 1564<p>Using the method and parameters specified in <code>algorithm</code> and the keying 1565material provided by <code>baseKey</code>, <code>subtle.deriveBits()</code> attempts to generate 1566<code>length</code> bits.</p> 1567<p>The Node.js implementation requires that when <code>length</code> is a 1568number it must be multiple of <code>8</code>.</p> 1569<p>When <code>length</code> is <code>null</code> the maximum number of bits for a given algorithm is 1570generated. This is allowed for the <code>'ECDH'</code>, <code>'X25519'</code>, and <code>'X448'</code> 1571algorithms.</p> 1572<p>If successful, the returned promise will be resolved with an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> 1573containing the generated data.</p> 1574<p>The algorithms currently supported include:</p> 1575<ul> 1576<li><code>'ECDH'</code></li> 1577<li><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-9" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1578<li><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-10" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1579<li><code>'HKDF'</code></li> 1580<li><code>'PBKDF2'</code></li> 1581</ul> 1582<h4><code>subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)</code><span><a class="mark" href="#subtlederivekeyalgorithm-basekey-derivedkeyalgorithm-extractable-keyusages" id="subtlederivekeyalgorithm-basekey-derivedkeyalgorithm-extractable-keyusages">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_derivekey_algorithm_basekey_derivedkeyalgorithm_extractable_keyusages"></a></h4> 1583<div class="api_metadata"> 1584<details class="changelog"><summary>History</summary> 1585<table> 1586<tbody><tr><th>Version</th><th>Changes</th></tr> 1587<tr><td>v18.4.0</td> 1588<td><p>Added <code>'X25519'</code>, and <code>'X448'</code> algorithms.</p></td></tr> 1589<tr><td>v15.0.0</td> 1590<td><p><span>Added in: v15.0.0</span></p></td></tr> 1591</tbody></table> 1592</details> 1593</div> 1594<!--lint disable maximum-line-length remark-lint--> 1595<ul> 1596<li><code>algorithm</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-ecdhkeyderiveparams" class="type"><EcdhKeyDeriveParams></a> | <a href="webcrypto.html#class-hkdfparams" class="type"><HkdfParams></a> | <a href="webcrypto.html#class-pbkdf2params" class="type"><Pbkdf2Params></a></li> 1597<li><code>baseKey</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1598<li><code>derivedKeyAlgorithm</code>: <a href="webcrypto.html#class-hmackeygenparams" class="type"><HmacKeyGenParams></a> | <a href="webcrypto.html#class-aeskeygenparams" class="type"><AesKeyGenParams></a></li> 1599<li><code>extractable</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li> 1600<li><code>keyUsages</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string[]></a> See <a href="#cryptokeyusages">Key usages</a>.</li> 1601<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1602</ul> 1603<!--lint enable maximum-line-length remark-lint--> 1604<p>Using the method and parameters specified in <code>algorithm</code>, and the keying 1605material provided by <code>baseKey</code>, <code>subtle.deriveKey()</code> attempts to generate 1606a new <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> based on the method and parameters in <code>derivedKeyAlgorithm</code>.</p> 1607<p>Calling <code>subtle.deriveKey()</code> is equivalent to calling <code>subtle.deriveBits()</code> to 1608generate raw keying material, then passing the result into the 1609<code>subtle.importKey()</code> method using the <code>deriveKeyAlgorithm</code>, <code>extractable</code>, and 1610<code>keyUsages</code> parameters as input.</p> 1611<p>The algorithms currently supported include:</p> 1612<ul> 1613<li><code>'ECDH'</code></li> 1614<li><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-11" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1615<li><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-12" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1616<li><code>'HKDF'</code></li> 1617<li><code>'PBKDF2'</code></li> 1618</ul> 1619<h4><code>subtle.digest(algorithm, data)</code><span><a class="mark" href="#subtledigestalgorithm-data" id="subtledigestalgorithm-data">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_digest_algorithm_data"></a></h4> 1620<div class="api_metadata"> 1621<span>Added in: v15.0.0</span> 1622</div> 1623<ul> 1624<li><code>algorithm</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 1625<li><code>data</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 1626<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a></li> 1627</ul> 1628<p>Using the method identified by <code>algorithm</code>, <code>subtle.digest()</code> attempts to 1629generate a digest of <code>data</code>. If successful, the returned promise is resolved 1630with an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> containing the computed digest.</p> 1631<p>If <code>algorithm</code> is provided as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, it must be one of:</p> 1632<ul> 1633<li><code>'SHA-1'</code></li> 1634<li><code>'SHA-256'</code></li> 1635<li><code>'SHA-384'</code></li> 1636<li><code>'SHA-512'</code></li> 1637</ul> 1638<p>If <code>algorithm</code> is provided as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, it must have a <code>name</code> property 1639whose value is one of the above.</p> 1640<h4><code>subtle.encrypt(algorithm, key, data)</code><span><a class="mark" href="#subtleencryptalgorithm-key-data" id="subtleencryptalgorithm-key-data">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_encrypt_algorithm_key_data"></a></h4> 1641<div class="api_metadata"> 1642<span>Added in: v15.0.0</span> 1643</div> 1644<ul> 1645<li><code>algorithm</code>: <a href="webcrypto.html#class-rsaoaepparams" class="type"><RsaOaepParams></a> | <a href="webcrypto.html#class-aesctrparams" class="type"><AesCtrParams></a> | <a href="webcrypto.html#class-aescbcparams" class="type"><AesCbcParams></a> | <a href="webcrypto.html#class-aesgcmparams" class="type"><AesGcmParams></a></li> 1646<li><code>key</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1647<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a></li> 1648</ul> 1649<p>Using the method and parameters specified by <code>algorithm</code> and the keying 1650material provided by <code>key</code>, <code>subtle.encrypt()</code> attempts to encipher <code>data</code>. 1651If successful, the returned promise is resolved with an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> 1652containing the encrypted result.</p> 1653<p>The algorithms currently supported include:</p> 1654<ul> 1655<li><code>'RSA-OAEP'</code></li> 1656<li><code>'AES-CTR'</code></li> 1657<li><code>'AES-CBC'</code></li> 1658<li><code>'AES-GCM</code>'</li> 1659</ul> 1660<h4><code>subtle.exportKey(format, key)</code><span><a class="mark" href="#subtleexportkeyformat-key" id="subtleexportkeyformat-key">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_exportkey_format_key"></a></h4> 1661<div class="api_metadata"> 1662<details class="changelog"><summary>History</summary> 1663<table> 1664<tbody><tr><th>Version</th><th>Changes</th></tr> 1665<tr><td>v18.4.0</td> 1666<td><p>Added <code>'Ed25519'</code>, <code>'Ed448'</code>, <code>'X25519'</code>, and <code>'X448'</code> algorithms.</p></td></tr> 1667<tr><td>v15.9.0</td> 1668<td><p>Removed <code>'NODE-DSA'</code> JWK export.</p></td></tr> 1669<tr><td>v15.0.0</td> 1670<td><p><span>Added in: v15.0.0</span></p></td></tr> 1671</tbody></table> 1672</details> 1673</div> 1674<ul> 1675<li><code>format</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'raw'</code>, <code>'pkcs8'</code>, <code>'spki'</code>, or <code>'jwk'</code>.</li> 1676<li><code>key</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1677<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>.</li> 1678</ul> 1679<p>Exports the given key into the specified format, if supported.</p> 1680<p>If the <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> is not extractable, the returned promise will reject.</p> 1681<p>When <code>format</code> is either <code>'pkcs8'</code> or <code>'spki'</code> and the export is successful, 1682the returned promise will be resolved with an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> containing the 1683exported key data.</p> 1684<p>When <code>format</code> is <code>'jwk'</code> and the export is successful, the returned promise 1685will be resolved with a JavaScript object conforming to the <a href="https://tools.ietf.org/html/rfc7517">JSON Web Key</a> 1686specification.</p> 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797<table><thead><tr><th>Key Type</th><th><code>'spki'</code></th><th><code>'pkcs8'</code></th><th><code>'jwk'</code></th><th><code>'raw'</code></th></tr></thead><tbody><tr><td><code>'AES-CBC'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-CTR'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-GCM'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-KW'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'ECDH'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'ECDSA'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-13" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-14" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'HDKF'</code></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'HMAC'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'PBKDF2'</code></td><td></td><td></td><td></td><td></td></tr><tr><td><code>'RSA-OAEP'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'RSA-PSS'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'RSASSA-PKCS1-v1_5'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td></tr></tbody></table> 1798<h4><code>subtle.generateKey(algorithm, extractable, keyUsages)</code><span><a class="mark" href="#subtlegeneratekeyalgorithm-extractable-keyusages" id="subtlegeneratekeyalgorithm-extractable-keyusages">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_generatekey_algorithm_extractable_keyusages"></a></h4> 1799<div class="api_metadata"> 1800<span>Added in: v15.0.0</span> 1801</div> 1802<!--lint disable maximum-line-length remark-lint--> 1803<ul> 1804<li><code>algorithm</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsahashedkeygenparams" class="type"><RsaHashedKeyGenParams></a> | <a href="webcrypto.html#class-eckeygenparams" class="type"><EcKeyGenParams></a> | <a href="webcrypto.html#class-hmackeygenparams" class="type"><HmacKeyGenParams></a> | <a href="webcrypto.html#class-aeskeygenparams" class="type"><AesKeyGenParams></a></li> 1805</ul> 1806<!--lint enable maximum-line-length remark-lint--> 1807<ul> 1808<li><code>extractable</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li> 1809<li><code>keyUsages</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string[]></a> See <a href="#cryptokeyusages">Key usages</a>.</li> 1810<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> | <a href="webcrypto.html#class-cryptokeypair" class="type"><CryptoKeyPair></a></li> 1811</ul> 1812<p>Using the method and parameters provided in <code>algorithm</code>, <code>subtle.generateKey()</code> 1813attempts to generate new keying material. Depending the method used, the method 1814may generate either a single <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> or a <a href="webcrypto.html#class-cryptokeypair" class="type"><CryptoKeyPair></a>.</p> 1815<p>The <a href="webcrypto.html#class-cryptokeypair" class="type"><CryptoKeyPair></a> (public and private key) generating algorithms supported 1816include:</p> 1817<ul> 1818<li><code>'RSASSA-PKCS1-v1_5'</code></li> 1819<li><code>'RSA-PSS'</code></li> 1820<li><code>'RSA-OAEP'</code></li> 1821<li><code>'ECDSA'</code></li> 1822<li><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-15" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1823<li><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-16" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1824<li><code>'ECDH'</code></li> 1825<li><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-17" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1826<li><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-18" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 1827</ul> 1828<p>The <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> (secret key) generating algorithms supported include:</p> 1829<ul> 1830<li><code>'HMAC'</code></li> 1831<li><code>'AES-CTR'</code></li> 1832<li><code>'AES-CBC'</code></li> 1833<li><code>'AES-GCM'</code></li> 1834<li><code>'AES-KW'</code></li> 1835</ul> 1836<h4><code>subtle.importKey(format, keyData, algorithm, extractable, keyUsages)</code><span><a class="mark" href="#subtleimportkeyformat-keydata-algorithm-extractable-keyusages" id="subtleimportkeyformat-keydata-algorithm-extractable-keyusages">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_importkey_format_keydata_algorithm_extractable_keyusages"></a></h4> 1837<div class="api_metadata"> 1838<details class="changelog"><summary>History</summary> 1839<table> 1840<tbody><tr><th>Version</th><th>Changes</th></tr> 1841<tr><td>v18.4.0</td> 1842<td><p>Added <code>'Ed25519'</code>, <code>'Ed448'</code>, <code>'X25519'</code>, and <code>'X448'</code> algorithms.</p></td></tr> 1843<tr><td>v15.9.0</td> 1844<td><p>Removed <code>'NODE-DSA'</code> JWK import.</p></td></tr> 1845<tr><td>v15.0.0</td> 1846<td><p><span>Added in: v15.0.0</span></p></td></tr> 1847</tbody></table> 1848</details> 1849</div> 1850<ul> 1851<li><code>format</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'raw'</code>, <code>'pkcs8'</code>, <code>'spki'</code>, or <code>'jwk'</code>.</li> 1852<li><code>keyData</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 1853</ul> 1854<!--lint disable maximum-line-length remark-lint--> 1855<ul> 1856<li><code>algorithm</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsahashedimportparams" class="type"><RsaHashedImportParams></a> | <a href="webcrypto.html#class-eckeyimportparams" class="type"><EcKeyImportParams></a> | <a href="webcrypto.html#class-hmacimportparams" class="type"><HmacImportParams></a></li> 1857</ul> 1858<!--lint enable maximum-line-length remark-lint--> 1859<ul> 1860<li><code>extractable</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li> 1861<li><code>keyUsages</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string[]></a> See <a href="#cryptokeyusages">Key usages</a>.</li> 1862<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 1863</ul> 1864<p>The <code>subtle.importKey()</code> method attempts to interpret the provided <code>keyData</code> 1865as the given <code>format</code> to create a <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> instance using the provided 1866<code>algorithm</code>, <code>extractable</code>, and <code>keyUsages</code> arguments. If the import is 1867successful, the returned promise will be resolved with the created <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a>.</p> 1868<p>If importing a <code>'PBKDF2'</code> key, <code>extractable</code> must be <code>false</code>.</p> 1869<p>The algorithms currently supported include:</p> 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 1981 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994<table><thead><tr><th>Key Type</th><th><code>'spki'</code></th><th><code>'pkcs8'</code></th><th><code>'jwk'</code></th><th><code>'raw'</code></th></tr></thead><tbody><tr><td><code>'AES-CBC'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-CTR'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-GCM'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'AES-KW'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'ECDH'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-19" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-20" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'ECDSA'</code></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-21" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-22" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></td><td>✔</td><td>✔</td><td>✔</td><td>✔</td></tr><tr><td><code>'HDKF'</code></td><td></td><td></td><td></td><td>✔</td></tr><tr><td><code>'HMAC'</code></td><td></td><td></td><td>✔</td><td>✔</td></tr><tr><td><code>'PBKDF2'</code></td><td></td><td></td><td></td><td>✔</td></tr><tr><td><code>'RSA-OAEP'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'RSA-PSS'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td></tr><tr><td><code>'RSASSA-PKCS1-v1_5'</code></td><td>✔</td><td>✔</td><td>✔</td><td></td></tr></tbody></table> 1995<h4><code>subtle.sign(algorithm, key, data)</code><span><a class="mark" href="#subtlesignalgorithm-key-data" id="subtlesignalgorithm-key-data">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_sign_algorithm_key_data"></a></h4> 1996<div class="api_metadata"> 1997<details class="changelog"><summary>History</summary> 1998<table> 1999<tbody><tr><th>Version</th><th>Changes</th></tr> 2000<tr><td>v18.4.0</td> 2001<td><p>Added <code>'Ed25519'</code>, and <code>'Ed448'</code> algorithms.</p></td></tr> 2002<tr><td>v15.0.0</td> 2003<td><p><span>Added in: v15.0.0</span></p></td></tr> 2004</tbody></table> 2005</details> 2006</div> 2007<!--lint disable maximum-line-length remark-lint--> 2008<ul> 2009<li><code>algorithm</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsapssparams" class="type"><RsaPssParams></a> | <a href="webcrypto.html#class-ecdsaparams" class="type"><EcdsaParams></a> | <a href="webcrypto.html#class-ed448params" class="type"><Ed448Params></a></li> 2010<li><code>key</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2011<li><code>data</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2012<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a></li> 2013</ul> 2014<!--lint enable maximum-line-length remark-lint--> 2015<p>Using the method and parameters given by <code>algorithm</code> and the keying material 2016provided by <code>key</code>, <code>subtle.sign()</code> attempts to generate a cryptographic 2017signature of <code>data</code>. If successful, the returned promise is resolved with 2018an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> containing the generated signature.</p> 2019<p>The algorithms currently supported include:</p> 2020<ul> 2021<li><code>'RSASSA-PKCS1-v1_5'</code></li> 2022<li><code>'RSA-PSS'</code></li> 2023<li><code>'ECDSA'</code></li> 2024<li><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-23" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2025<li><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-24" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2026<li><code>'HMAC'</code></li> 2027</ul> 2028<h4><code>subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)</code><span><a class="mark" href="#subtleunwrapkeyformat-wrappedkey-unwrappingkey-unwrapalgo-unwrappedkeyalgo-extractable-keyusages" id="subtleunwrapkeyformat-wrappedkey-unwrappingkey-unwrapalgo-unwrappedkeyalgo-extractable-keyusages">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_unwrapkey_format_wrappedkey_unwrappingkey_unwrapalgo_unwrappedkeyalgo_extractable_keyusages"></a></h4> 2029<div class="api_metadata"> 2030<span>Added in: v15.0.0</span> 2031</div> 2032<ul> 2033<li><code>format</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'raw'</code>, <code>'pkcs8'</code>, <code>'spki'</code>, or <code>'jwk'</code>.</li> 2034<li><code>wrappedKey</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2035<li><code>unwrappingKey</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2036</ul> 2037<!--lint disable maximum-line-length remark-lint--> 2038<ul> 2039<li><code>unwrapAlgo</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsaoaepparams" class="type"><RsaOaepParams></a> | <a href="webcrypto.html#class-aesctrparams" class="type"><AesCtrParams></a> | <a href="webcrypto.html#class-aescbcparams" class="type"><AesCbcParams></a> | <a href="webcrypto.html#class-aesgcmparams" class="type"><AesGcmParams></a></li> 2040<li><code>unwrappedKeyAlgo</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsahashedimportparams" class="type"><RsaHashedImportParams></a> | <a href="webcrypto.html#class-eckeyimportparams" class="type"><EcKeyImportParams></a> | <a href="webcrypto.html#class-hmacimportparams" class="type"><HmacImportParams></a></li> 2041</ul> 2042<!--lint enable maximum-line-length remark-lint--> 2043<ul> 2044<li><code>extractable</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li> 2045<li><code>keyUsages</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string[]></a> See <a href="#cryptokeyusages">Key usages</a>.</li> 2046<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2047</ul> 2048<p>In cryptography, "wrapping a key" refers to exporting and then encrypting the 2049keying material. The <code>subtle.unwrapKey()</code> method attempts to decrypt a wrapped 2050key and create a <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> instance. It is equivalent to calling 2051<code>subtle.decrypt()</code> first on the encrypted key data (using the <code>wrappedKey</code>, 2052<code>unwrapAlgo</code>, and <code>unwrappingKey</code> arguments as input) then passing the results 2053in to the <code>subtle.importKey()</code> method using the <code>unwrappedKeyAlgo</code>, 2054<code>extractable</code>, and <code>keyUsages</code> arguments as inputs. If successful, the returned 2055promise is resolved with a <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a> object.</p> 2056<p>The wrapping algorithms currently supported include:</p> 2057<ul> 2058<li><code>'RSA-OAEP'</code></li> 2059<li><code>'AES-CTR'</code></li> 2060<li><code>'AES-CBC'</code></li> 2061<li><code>'AES-GCM'</code></li> 2062<li><code>'AES-KW'</code></li> 2063</ul> 2064<p>The unwrapped key algorithms supported include:</p> 2065<ul> 2066<li><code>'RSASSA-PKCS1-v1_5'</code></li> 2067<li><code>'RSA-PSS'</code></li> 2068<li><code>'RSA-OAEP'</code></li> 2069<li><code>'ECDSA'</code></li> 2070<li><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-25" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2071<li><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-26" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2072<li><code>'ECDH'</code></li> 2073<li><code>'X25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-27" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2074<li><code>'X448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-28" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2075<li><code>'HMAC'</code></li> 2076<li><code>'AES-CTR'</code></li> 2077<li><code>'AES-CBC'</code></li> 2078<li><code>'AES-GCM'</code></li> 2079<li><code>'AES-KW'</code></li> 2080</ul> 2081<h4><code>subtle.verify(algorithm, key, signature, data)</code><span><a class="mark" href="#subtleverifyalgorithm-key-signature-data" id="subtleverifyalgorithm-key-signature-data">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_verify_algorithm_key_signature_data"></a></h4> 2082<div class="api_metadata"> 2083<details class="changelog"><summary>History</summary> 2084<table> 2085<tbody><tr><th>Version</th><th>Changes</th></tr> 2086<tr><td>v18.4.0</td> 2087<td><p>Added <code>'Ed25519'</code>, and <code>'Ed448'</code> algorithms.</p></td></tr> 2088<tr><td>v15.0.0</td> 2089<td><p><span>Added in: v15.0.0</span></p></td></tr> 2090</tbody></table> 2091</details> 2092</div> 2093<!--lint disable maximum-line-length remark-lint--> 2094<ul> 2095<li><code>algorithm</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsapssparams" class="type"><RsaPssParams></a> | <a href="webcrypto.html#class-ecdsaparams" class="type"><EcdsaParams></a> | <a href="webcrypto.html#class-ed448params" class="type"><Ed448Params></a></li> 2096<li><code>key</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2097<li><code>signature</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2098<li><code>data</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2099<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li> 2100</ul> 2101<!--lint enable maximum-line-length remark-lint--> 2102<p>Using the method and parameters given in <code>algorithm</code> and the keying material 2103provided by <code>key</code>, <code>subtle.verify()</code> attempts to verify that <code>signature</code> is 2104a valid cryptographic signature of <code>data</code>. The returned promise is resolved 2105with either <code>true</code> or <code>false</code>.</p> 2106<p>The algorithms currently supported include:</p> 2107<ul> 2108<li><code>'RSASSA-PKCS1-v1_5'</code></li> 2109<li><code>'RSA-PSS'</code></li> 2110<li><code>'ECDSA'</code></li> 2111<li><code>'Ed25519'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-29" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2112<li><code>'Ed448'</code> <span class="experimental-inline"></span><sup><a href="#user-content-fn-1" id="user-content-fnref-1-30" data-footnote-ref="" aria-describedby="footnote-label">1</a></sup></li> 2113<li><code>'HMAC'</code></li> 2114</ul> 2115<h4><code>subtle.wrapKey(format, key, wrappingKey, wrapAlgo)</code><span><a class="mark" href="#subtlewrapkeyformat-key-wrappingkey-wrapalgo" id="subtlewrapkeyformat-key-wrappingkey-wrapalgo">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_subtle_wrapkey_format_key_wrappingkey_wrapalgo"></a></h4> 2116<div class="api_metadata"> 2117<span>Added in: v15.0.0</span> 2118</div> 2119<!--lint disable maximum-line-length remark-lint--> 2120<ul> 2121<li><code>format</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'raw'</code>, <code>'pkcs8'</code>, <code>'spki'</code>, or <code>'jwk'</code>.</li> 2122<li><code>key</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2123<li><code>wrappingKey</code>: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2124<li><code>wrapAlgo</code>: <a href="webcrypto.html#class-algorithmidentifier" class="type"><AlgorithmIdentifier></a> | <a href="webcrypto.html#class-rsaoaepparams" class="type"><RsaOaepParams></a> | <a href="webcrypto.html#class-aesctrparams" class="type"><AesCtrParams></a> | <a href="webcrypto.html#class-aescbcparams" class="type"><AesCbcParams></a> | <a href="webcrypto.html#class-aesgcmparams" class="type"><AesGcmParams></a></li> 2125<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise" class="type"><Promise></a> containing <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a></li> 2126</ul> 2127<!--lint enable maximum-line-length remark-lint--> 2128<p>In cryptography, "wrapping a key" refers to exporting and then encrypting the 2129keying material. The <code>subtle.wrapKey()</code> method exports the keying material into 2130the format identified by <code>format</code>, then encrypts it using the method and 2131parameters specified by <code>wrapAlgo</code> and the keying material provided by 2132<code>wrappingKey</code>. It is the equivalent to calling <code>subtle.exportKey()</code> using 2133<code>format</code> and <code>key</code> as the arguments, then passing the result to the 2134<code>subtle.encrypt()</code> method using <code>wrappingKey</code> and <code>wrapAlgo</code> as inputs. If 2135successful, the returned promise will be resolved with an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> 2136containing the encrypted key data.</p> 2137<p>The wrapping algorithms currently supported include:</p> 2138<ul> 2139<li><code>'RSA-OAEP'</code></li> 2140<li><code>'AES-CTR'</code></li> 2141<li><code>'AES-CBC'</code></li> 2142<li><code>'AES-GCM'</code></li> 2143<li><code>'AES-KW'</code></li> 2144</ul> 2145</section><section><h3>Algorithm parameters<span><a class="mark" href="#algorithm-parameters" id="algorithm-parameters">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_algorithm_parameters"></a></h3> 2146<p>The algorithm parameter objects define the methods and parameters used by 2147the various <a href="webcrypto.html#class-subtlecrypto" class="type"><SubtleCrypto></a> methods. While described here as "classes", they 2148are simple JavaScript dictionary objects.</p> 2149<h4>Class: <code>AlgorithmIdentifier</code><span><a class="mark" href="#class-algorithmidentifier" id="class-algorithmidentifier">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_algorithmidentifier"></a></h4> 2150<div class="api_metadata"> 2151<span>Added in: v18.4.0</span> 2152</div> 2153<h5><code>algorithmIdentifier.name</code><span><a class="mark" href="#algorithmidentifiername" id="algorithmidentifiername">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_algorithmidentifier_name"></a></h5> 2154<div class="api_metadata"> 2155<span>Added in: v18.4.0</span> 2156</div> 2157<ul> 2158<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a></li> 2159</ul> 2160<h4>Class: <code>AesCbcParams</code><span><a class="mark" href="#class-aescbcparams" id="class-aescbcparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_aescbcparams"></a></h4> 2161<div class="api_metadata"> 2162<span>Added in: v15.0.0</span> 2163</div> 2164<h5><code>aesCbcParams.iv</code><span><a class="mark" href="#aescbcparamsiv" id="aescbcparamsiv">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aescbcparams_iv"></a></h5> 2165<div class="api_metadata"> 2166<span>Added in: v15.0.0</span> 2167</div> 2168<ul> 2169<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2170</ul> 2171<p>Provides the initialization vector. It must be exactly 16-bytes in length 2172and should be unpredictable and cryptographically random.</p> 2173<h5><code>aesCbcParams.name</code><span><a class="mark" href="#aescbcparamsname" id="aescbcparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aescbcparams_name"></a></h5> 2174<div class="api_metadata"> 2175<span>Added in: v15.0.0</span> 2176</div> 2177<ul> 2178<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'AES-CBC'</code>.</li> 2179</ul> 2180<h4>Class: <code>AesCtrParams</code><span><a class="mark" href="#class-aesctrparams" id="class-aesctrparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_aesctrparams"></a></h4> 2181<div class="api_metadata"> 2182<span>Added in: v15.0.0</span> 2183</div> 2184<h5><code>aesCtrParams.counter</code><span><a class="mark" href="#aesctrparamscounter" id="aesctrparamscounter">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesctrparams_counter"></a></h5> 2185<div class="api_metadata"> 2186<span>Added in: v15.0.0</span> 2187</div> 2188<ul> 2189<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2190</ul> 2191<p>The initial value of the counter block. This must be exactly 16 bytes long.</p> 2192<p>The <code>AES-CTR</code> method uses the rightmost <code>length</code> bits of the block as the 2193counter and the remaining bits as the nonce.</p> 2194<h5><code>aesCtrParams.length</code><span><a class="mark" href="#aesctrparamslength" id="aesctrparamslength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesctrparams_length"></a></h5> 2195<div class="api_metadata"> 2196<span>Added in: v15.0.0</span> 2197</div> 2198<ul> 2199<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> The number of bits in the <code>aesCtrParams.counter</code> that are 2200to be used as the counter.</li> 2201</ul> 2202<h5><code>aesCtrParams.name</code><span><a class="mark" href="#aesctrparamsname" id="aesctrparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesctrparams_name"></a></h5> 2203<div class="api_metadata"> 2204<span>Added in: v15.0.0</span> 2205</div> 2206<ul> 2207<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'AES-CTR'</code>.</li> 2208</ul> 2209<h4>Class: <code>AesGcmParams</code><span><a class="mark" href="#class-aesgcmparams" id="class-aesgcmparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_aesgcmparams"></a></h4> 2210<div class="api_metadata"> 2211<span>Added in: v15.0.0</span> 2212</div> 2213<h5><code>aesGcmParams.additionalData</code><span><a class="mark" href="#aesgcmparamsadditionaldata" id="aesgcmparamsadditionaldata">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesgcmparams_additionaldata"></a></h5> 2214<div class="api_metadata"> 2215<span>Added in: v15.0.0</span> 2216</div> 2217<ul> 2218<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type" class="type"><undefined></a></li> 2219</ul> 2220<p>With the AES-GCM method, the <code>additionalData</code> is extra input that is not 2221encrypted but is included in the authentication of the data. The use of 2222<code>additionalData</code> is optional.</p> 2223<h5><code>aesGcmParams.iv</code><span><a class="mark" href="#aesgcmparamsiv" id="aesgcmparamsiv">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesgcmparams_iv"></a></h5> 2224<div class="api_metadata"> 2225<span>Added in: v15.0.0</span> 2226</div> 2227<ul> 2228<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2229</ul> 2230<p>The initialization vector must be unique for every encryption operation using a 2231given key.</p> 2232<p>Ideally, this is a deterministic 12-byte value that is computed in such a way 2233that it is guaranteed to be unique across all invocations that use the same key. 2234Alternatively, the initialization vector may consist of at least 12 2235cryptographically random bytes. For more information on constructing 2236initialization vectors for AES-GCM, refer to Section 8 of <a href="https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf">NIST SP 800-38D</a>.</p> 2237<h5><code>aesGcmParams.name</code><span><a class="mark" href="#aesgcmparamsname" id="aesgcmparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesgcmparams_name"></a></h5> 2238<div class="api_metadata"> 2239<span>Added in: v15.0.0</span> 2240</div> 2241<ul> 2242<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'AES-GCM'</code>.</li> 2243</ul> 2244<h5><code>aesGcmParams.tagLength</code><span><a class="mark" href="#aesgcmparamstaglength" id="aesgcmparamstaglength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aesgcmparams_taglength"></a></h5> 2245<div class="api_metadata"> 2246<span>Added in: v15.0.0</span> 2247</div> 2248<ul> 2249<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> The size in bits of the generated authentication tag. 2250This values must be one of <code>32</code>, <code>64</code>, <code>96</code>, <code>104</code>, <code>112</code>, <code>120</code>, or 2251<code>128</code>. <strong>Default:</strong> <code>128</code>.</li> 2252</ul> 2253<h4>Class: <code>AesKeyGenParams</code><span><a class="mark" href="#class-aeskeygenparams" id="class-aeskeygenparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_aeskeygenparams"></a></h4> 2254<div class="api_metadata"> 2255<span>Added in: v15.0.0</span> 2256</div> 2257<h5><code>aesKeyGenParams.length</code><span><a class="mark" href="#aeskeygenparamslength" id="aeskeygenparamslength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aeskeygenparams_length"></a></h5> 2258<div class="api_metadata"> 2259<span>Added in: v15.0.0</span> 2260</div> 2261<ul> 2262<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li> 2263</ul> 2264<p>The length of the AES key to be generated. This must be either <code>128</code>, <code>192</code>, 2265or <code>256</code>.</p> 2266<h5><code>aesKeyGenParams.name</code><span><a class="mark" href="#aeskeygenparamsname" id="aeskeygenparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_aeskeygenparams_name"></a></h5> 2267<div class="api_metadata"> 2268<span>Added in: v15.0.0</span> 2269</div> 2270<ul> 2271<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'AES-CBC'</code>, <code>'AES-CTR'</code>, <code>'AES-GCM'</code>, or 2272<code>'AES-KW'</code></li> 2273</ul> 2274<h4>Class: <code>EcdhKeyDeriveParams</code><span><a class="mark" href="#class-ecdhkeyderiveparams" id="class-ecdhkeyderiveparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_ecdhkeyderiveparams"></a></h4> 2275<div class="api_metadata"> 2276<span>Added in: v15.0.0</span> 2277</div> 2278<h5><code>ecdhKeyDeriveParams.name</code><span><a class="mark" href="#ecdhkeyderiveparamsname" id="ecdhkeyderiveparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ecdhkeyderiveparams_name"></a></h5> 2279<div class="api_metadata"> 2280<span>Added in: v15.0.0</span> 2281</div> 2282<ul> 2283<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'ECDH'</code>, <code>'X25519'</code>, or <code>'X448'</code>.</li> 2284</ul> 2285<h5><code>ecdhKeyDeriveParams.public</code><span><a class="mark" href="#ecdhkeyderiveparamspublic" id="ecdhkeyderiveparamspublic">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ecdhkeyderiveparams_public"></a></h5> 2286<div class="api_metadata"> 2287<span>Added in: v15.0.0</span> 2288</div> 2289<ul> 2290<li>Type: <a href="webcrypto.html#class-cryptokey" class="type"><CryptoKey></a></li> 2291</ul> 2292<p>ECDH key derivation operates by taking as input one parties private key and 2293another parties public key -- using both to generate a common shared secret. 2294The <code>ecdhKeyDeriveParams.public</code> property is set to the other parties public 2295key.</p> 2296<h4>Class: <code>EcdsaParams</code><span><a class="mark" href="#class-ecdsaparams" id="class-ecdsaparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_ecdsaparams"></a></h4> 2297<div class="api_metadata"> 2298<span>Added in: v15.0.0</span> 2299</div> 2300<h5><code>ecdsaParams.hash</code><span><a class="mark" href="#ecdsaparamshash" id="ecdsaparamshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ecdsaparams_hash"></a></h5> 2301<div class="api_metadata"> 2302<span>Added in: v15.0.0</span> 2303</div> 2304<ul> 2305<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2306</ul> 2307<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2308<ul> 2309<li><code>'SHA-1'</code></li> 2310<li><code>'SHA-256'</code></li> 2311<li><code>'SHA-384'</code></li> 2312<li><code>'SHA-512'</code></li> 2313</ul> 2314<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2315whose value is one of the above listed values.</p> 2316<h5><code>ecdsaParams.name</code><span><a class="mark" href="#ecdsaparamsname" id="ecdsaparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ecdsaparams_name"></a></h5> 2317<div class="api_metadata"> 2318<span>Added in: v15.0.0</span> 2319</div> 2320<ul> 2321<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'ECDSA'</code>.</li> 2322</ul> 2323<h4>Class: <code>EcKeyGenParams</code><span><a class="mark" href="#class-eckeygenparams" id="class-eckeygenparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_eckeygenparams"></a></h4> 2324<div class="api_metadata"> 2325<span>Added in: v15.0.0</span> 2326</div> 2327<h5><code>ecKeyGenParams.name</code><span><a class="mark" href="#eckeygenparamsname" id="eckeygenparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_eckeygenparams_name"></a></h5> 2328<div class="api_metadata"> 2329<span>Added in: v15.0.0</span> 2330</div> 2331<ul> 2332<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'ECDSA'</code> or <code>'ECDH'</code>.</li> 2333</ul> 2334<h5><code>ecKeyGenParams.namedCurve</code><span><a class="mark" href="#eckeygenparamsnamedcurve" id="eckeygenparamsnamedcurve">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_eckeygenparams_namedcurve"></a></h5> 2335<div class="api_metadata"> 2336<span>Added in: v15.0.0</span> 2337</div> 2338<ul> 2339<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'P-256'</code>, <code>'P-384'</code>, <code>'P-521'</code>.</li> 2340</ul> 2341<h4>Class: <code>EcKeyImportParams</code><span><a class="mark" href="#class-eckeyimportparams" id="class-eckeyimportparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_eckeyimportparams"></a></h4> 2342<div class="api_metadata"> 2343<span>Added in: v15.0.0</span> 2344</div> 2345<h5><code>ecKeyImportParams.name</code><span><a class="mark" href="#eckeyimportparamsname" id="eckeyimportparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_eckeyimportparams_name"></a></h5> 2346<div class="api_metadata"> 2347<span>Added in: v15.0.0</span> 2348</div> 2349<ul> 2350<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'ECDSA'</code> or <code>'ECDH'</code>.</li> 2351</ul> 2352<h5><code>ecKeyImportParams.namedCurve</code><span><a class="mark" href="#eckeyimportparamsnamedcurve" id="eckeyimportparamsnamedcurve">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_eckeyimportparams_namedcurve"></a></h5> 2353<div class="api_metadata"> 2354<span>Added in: v15.0.0</span> 2355</div> 2356<ul> 2357<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'P-256'</code>, <code>'P-384'</code>, <code>'P-521'</code>.</li> 2358</ul> 2359<h4>Class: <code>Ed448Params</code><span><a class="mark" href="#class-ed448params" id="class-ed448params">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_ed448params"></a></h4> 2360<div class="api_metadata"> 2361<span>Added in: v15.0.0</span> 2362</div> 2363<h5><code>ed448Params.name</code><span><a class="mark" href="#ed448paramsname" id="ed448paramsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ed448params_name"></a></h5> 2364<div class="api_metadata"> 2365<span>Added in: v18.4.0</span> 2366</div> 2367<ul> 2368<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'Ed448'</code>.</li> 2369</ul> 2370<h5><code>ed448Params.context</code><span><a class="mark" href="#ed448paramscontext" id="ed448paramscontext">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_ed448params_context"></a></h5> 2371<div class="api_metadata"> 2372<span>Added in: v18.4.0</span> 2373</div> 2374<ul> 2375<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type" class="type"><undefined></a></li> 2376</ul> 2377<p>The <code>context</code> member represents the optional context data to associate with 2378the message. 2379The Node.js Web Crypto API implementation only supports zero-length context 2380which is equivalent to not providing context at all.</p> 2381<h4>Class: <code>HkdfParams</code><span><a class="mark" href="#class-hkdfparams" id="class-hkdfparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_hkdfparams"></a></h4> 2382<div class="api_metadata"> 2383<span>Added in: v15.0.0</span> 2384</div> 2385<h5><code>hkdfParams.hash</code><span><a class="mark" href="#hkdfparamshash" id="hkdfparamshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hkdfparams_hash"></a></h5> 2386<div class="api_metadata"> 2387<span>Added in: v15.0.0</span> 2388</div> 2389<ul> 2390<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2391</ul> 2392<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2393<ul> 2394<li><code>'SHA-1'</code></li> 2395<li><code>'SHA-256'</code></li> 2396<li><code>'SHA-384'</code></li> 2397<li><code>'SHA-512'</code></li> 2398</ul> 2399<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2400whose value is one of the above listed values.</p> 2401<h5><code>hkdfParams.info</code><span><a class="mark" href="#hkdfparamsinfo" id="hkdfparamsinfo">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hkdfparams_info"></a></h5> 2402<div class="api_metadata"> 2403<span>Added in: v15.0.0</span> 2404</div> 2405<ul> 2406<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2407</ul> 2408<p>Provides application-specific contextual input to the HKDF algorithm. 2409This can be zero-length but must be provided.</p> 2410<h5><code>hkdfParams.name</code><span><a class="mark" href="#hkdfparamsname" id="hkdfparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hkdfparams_name"></a></h5> 2411<div class="api_metadata"> 2412<span>Added in: v15.0.0</span> 2413</div> 2414<ul> 2415<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'HKDF'</code>.</li> 2416</ul> 2417<h5><code>hkdfParams.salt</code><span><a class="mark" href="#hkdfparamssalt" id="hkdfparamssalt">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hkdfparams_salt"></a></h5> 2418<div class="api_metadata"> 2419<span>Added in: v15.0.0</span> 2420</div> 2421<ul> 2422<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2423</ul> 2424<p>The salt value significantly improves the strength of the HKDF algorithm. 2425It should be random or pseudorandom and should be the same length as the 2426output of the digest function (for instance, if using <code>'SHA-256'</code> as the 2427digest, the salt should be 256-bits of random data).</p> 2428<h4>Class: <code>HmacImportParams</code><span><a class="mark" href="#class-hmacimportparams" id="class-hmacimportparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_hmacimportparams"></a></h4> 2429<div class="api_metadata"> 2430<span>Added in: v15.0.0</span> 2431</div> 2432<h5><code>hmacImportParams.hash</code><span><a class="mark" href="#hmacimportparamshash" id="hmacimportparamshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmacimportparams_hash"></a></h5> 2433<div class="api_metadata"> 2434<span>Added in: v15.0.0</span> 2435</div> 2436<ul> 2437<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2438</ul> 2439<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2440<ul> 2441<li><code>'SHA-1'</code></li> 2442<li><code>'SHA-256'</code></li> 2443<li><code>'SHA-384'</code></li> 2444<li><code>'SHA-512'</code></li> 2445</ul> 2446<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2447whose value is one of the above listed values.</p> 2448<h5><code>hmacImportParams.length</code><span><a class="mark" href="#hmacimportparamslength" id="hmacimportparamslength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmacimportparams_length"></a></h5> 2449<div class="api_metadata"> 2450<span>Added in: v15.0.0</span> 2451</div> 2452<ul> 2453<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li> 2454</ul> 2455<p>The optional number of bits in the HMAC key. This is optional and should 2456be omitted for most cases.</p> 2457<h5><code>hmacImportParams.name</code><span><a class="mark" href="#hmacimportparamsname" id="hmacimportparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmacimportparams_name"></a></h5> 2458<div class="api_metadata"> 2459<span>Added in: v15.0.0</span> 2460</div> 2461<ul> 2462<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'HMAC'</code>.</li> 2463</ul> 2464<h4>Class: <code>HmacKeyGenParams</code><span><a class="mark" href="#class-hmackeygenparams" id="class-hmackeygenparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_hmackeygenparams"></a></h4> 2465<div class="api_metadata"> 2466<span>Added in: v15.0.0</span> 2467</div> 2468<h5><code>hmacKeyGenParams.hash</code><span><a class="mark" href="#hmackeygenparamshash" id="hmackeygenparamshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmackeygenparams_hash"></a></h5> 2469<div class="api_metadata"> 2470<span>Added in: v15.0.0</span> 2471</div> 2472<ul> 2473<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2474</ul> 2475<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2476<ul> 2477<li><code>'SHA-1'</code></li> 2478<li><code>'SHA-256'</code></li> 2479<li><code>'SHA-384'</code></li> 2480<li><code>'SHA-512'</code></li> 2481</ul> 2482<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2483whose value is one of the above listed values.</p> 2484<h5><code>hmacKeyGenParams.length</code><span><a class="mark" href="#hmackeygenparamslength" id="hmackeygenparamslength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmackeygenparams_length"></a></h5> 2485<div class="api_metadata"> 2486<span>Added in: v15.0.0</span> 2487</div> 2488<ul> 2489<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li> 2490</ul> 2491<p>The number of bits to generate for the HMAC key. If omitted, 2492the length will be determined by the hash algorithm used. 2493This is optional and should be omitted for most cases.</p> 2494<h5><code>hmacKeyGenParams.name</code><span><a class="mark" href="#hmackeygenparamsname" id="hmackeygenparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_hmackeygenparams_name"></a></h5> 2495<div class="api_metadata"> 2496<span>Added in: v15.0.0</span> 2497</div> 2498<ul> 2499<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'HMAC'</code>.</li> 2500</ul> 2501<h4>Class: <code>Pbkdf2Params</code><span><a class="mark" href="#class-pbkdf2params" id="class-pbkdf2params">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_pbkdf2params"></a></h4> 2502<div class="api_metadata"> 2503<span>Added in: v15.0.0</span> 2504</div> 2505<h5><code>pbkdb2Params.hash</code><span><a class="mark" href="#pbkdb2paramshash" id="pbkdb2paramshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_pbkdb2params_hash"></a></h5> 2506<div class="api_metadata"> 2507<span>Added in: v15.0.0</span> 2508</div> 2509<ul> 2510<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2511</ul> 2512<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2513<ul> 2514<li><code>'SHA-1'</code></li> 2515<li><code>'SHA-256'</code></li> 2516<li><code>'SHA-384'</code></li> 2517<li><code>'SHA-512'</code></li> 2518</ul> 2519<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2520whose value is one of the above listed values.</p> 2521<h5><code>pbkdf2Params.iterations</code><span><a class="mark" href="#pbkdf2paramsiterations" id="pbkdf2paramsiterations">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_pbkdf2params_iterations"></a></h5> 2522<div class="api_metadata"> 2523<span>Added in: v15.0.0</span> 2524</div> 2525<ul> 2526<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li> 2527</ul> 2528<p>The number of iterations the PBKDF2 algorithm should make when deriving bits.</p> 2529<h5><code>pbkdf2Params.name</code><span><a class="mark" href="#pbkdf2paramsname" id="pbkdf2paramsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_pbkdf2params_name"></a></h5> 2530<div class="api_metadata"> 2531<span>Added in: v15.0.0</span> 2532</div> 2533<ul> 2534<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'PBKDF2'</code>.</li> 2535</ul> 2536<h5><code>pbkdf2Params.salt</code><span><a class="mark" href="#pbkdf2paramssalt" id="pbkdf2paramssalt">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_pbkdf2params_salt"></a></h5> 2537<div class="api_metadata"> 2538<span>Added in: v15.0.0</span> 2539</div> 2540<ul> 2541<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2542</ul> 2543<p>Should be at least 16 random or pseudorandom bytes.</p> 2544<h4>Class: <code>RsaHashedImportParams</code><span><a class="mark" href="#class-rsahashedimportparams" id="class-rsahashedimportparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_rsahashedimportparams"></a></h4> 2545<div class="api_metadata"> 2546<span>Added in: v15.0.0</span> 2547</div> 2548<h5><code>rsaHashedImportParams.hash</code><span><a class="mark" href="#rsahashedimportparamshash" id="rsahashedimportparamshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsahashedimportparams_hash"></a></h5> 2549<div class="api_metadata"> 2550<span>Added in: v15.0.0</span> 2551</div> 2552<ul> 2553<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2554</ul> 2555<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2556<ul> 2557<li><code>'SHA-1'</code></li> 2558<li><code>'SHA-256'</code></li> 2559<li><code>'SHA-384'</code></li> 2560<li><code>'SHA-512'</code></li> 2561</ul> 2562<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2563whose value is one of the above listed values.</p> 2564<h5><code>rsaHashedImportParams.name</code><span><a class="mark" href="#rsahashedimportparamsname" id="rsahashedimportparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsahashedimportparams_name"></a></h5> 2565<div class="api_metadata"> 2566<span>Added in: v15.0.0</span> 2567</div> 2568<ul> 2569<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'RSASSA-PKCS1-v1_5'</code>, <code>'RSA-PSS'</code>, or 2570<code>'RSA-OAEP'</code>.</li> 2571</ul> 2572<h4>Class: <code>RsaHashedKeyGenParams</code><span><a class="mark" href="#class-rsahashedkeygenparams" id="class-rsahashedkeygenparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_rsahashedkeygenparams"></a></h4> 2573<div class="api_metadata"> 2574<span>Added in: v15.0.0</span> 2575</div> 2576<h5><code>rsaHashedKeyGenParams.hash</code><span><a class="mark" href="#rsahashedkeygenparamshash" id="rsahashedkeygenparamshash">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsahashedkeygenparams_hash"></a></h5> 2577<div class="api_metadata"> 2578<span>Added in: v15.0.0</span> 2579</div> 2580<ul> 2581<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li> 2582</ul> 2583<p>If represented as a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a>, the value must be one of:</p> 2584<ul> 2585<li><code>'SHA-1'</code></li> 2586<li><code>'SHA-256'</code></li> 2587<li><code>'SHA-384'</code></li> 2588<li><code>'SHA-512'</code></li> 2589</ul> 2590<p>If represented as an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a>, the object must have a <code>name</code> property 2591whose value is one of the above listed values.</p> 2592<h5><code>rsaHashedKeyGenParams.modulusLength</code><span><a class="mark" href="#rsahashedkeygenparamsmoduluslength" id="rsahashedkeygenparamsmoduluslength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsahashedkeygenparams_moduluslength"></a></h5> 2593<div class="api_metadata"> 2594<span>Added in: v15.0.0</span> 2595</div> 2596<ul> 2597<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li> 2598</ul> 2599<p>The length in bits of the RSA modulus. As a best practice, this should be 2600at least <code>2048</code>.</p> 2601<h5><code>rsaHashedKeyGenParams.name</code><span><a class="mark" href="#rsahashedkeygenparamsname" id="rsahashedkeygenparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsahashedkeygenparams_name"></a></h5> 2602<div class="api_metadata"> 2603<span>Added in: v15.0.0</span> 2604</div> 2605<ul> 2606<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be one of <code>'RSASSA-PKCS1-v1_5'</code>, <code>'RSA-PSS'</code>, or 2607<code>'RSA-OAEP'</code>.</li> 2608</ul> 2609<h5><code>rsaHashedKeyGenParams.publicExponent</code><span><a class="mark" href="#rsahashedkeygenparamspublicexponent" id="rsahashedkeygenparamspublicexponent">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsahashedkeygenparams_publicexponent"></a></h5> 2610<div class="api_metadata"> 2611<span>Added in: v15.0.0</span> 2612</div> 2613<ul> 2614<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array" class="type"><Uint8Array></a></li> 2615</ul> 2616<p>The RSA public exponent. This must be a <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array" class="type"><Uint8Array></a> containing a big-endian, 2617unsigned integer that must fit within 32-bits. The <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array" class="type"><Uint8Array></a> may contain an 2618arbitrary number of leading zero-bits. The value must be a prime number. Unless 2619there is reason to use a different value, use <code>new Uint8Array([1, 0, 1])</code> 2620(65537) as the public exponent.</p> 2621<h4>Class: <code>RsaOaepParams</code><span><a class="mark" href="#class-rsaoaepparams" id="class-rsaoaepparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_rsaoaepparams"></a></h4> 2622<div class="api_metadata"> 2623<span>Added in: v15.0.0</span> 2624</div> 2625<h5><code>rsaOaepParams.label</code><span><a class="mark" href="#rsaoaepparamslabel" id="rsaoaepparamslabel">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsaoaepparams_label"></a></h5> 2626<div class="api_metadata"> 2627<span>Added in: v15.0.0</span> 2628</div> 2629<ul> 2630<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer" class="type"><ArrayBuffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a> | <a href="buffer.html#class-buffer" class="type"><Buffer></a></li> 2631</ul> 2632<p>An additional collection of bytes that will not be encrypted, but will be bound 2633to the generated ciphertext.</p> 2634<p>The <code>rsaOaepParams.label</code> parameter is optional.</p> 2635<h5><code>rsaOaepParams.name</code><span><a class="mark" href="#rsaoaepparamsname" id="rsaoaepparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsaoaepparams_name"></a></h5> 2636<div class="api_metadata"> 2637<span>Added in: v15.0.0</span> 2638</div> 2639<ul> 2640<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> must be <code>'RSA-OAEP'</code>.</li> 2641</ul> 2642<h4>Class: <code>RsaPssParams</code><span><a class="mark" href="#class-rsapssparams" id="class-rsapssparams">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_class_rsapssparams"></a></h4> 2643<div class="api_metadata"> 2644<span>Added in: v15.0.0</span> 2645</div> 2646<h5><code>rsaPssParams.name</code><span><a class="mark" href="#rsapssparamsname" id="rsapssparamsname">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsapssparams_name"></a></h5> 2647<div class="api_metadata"> 2648<span>Added in: v15.0.0</span> 2649</div> 2650<ul> 2651<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Must be <code>'RSA-PSS'</code>.</li> 2652</ul> 2653<h5><code>rsaPssParams.saltLength</code><span><a class="mark" href="#rsapssparamssaltlength" id="rsapssparamssaltlength">#</a></span><a aria-hidden="true" class="legacy" id="webcrypto_rsapssparams_saltlength"></a></h5> 2654<div class="api_metadata"> 2655<span>Added in: v15.0.0</span> 2656</div> 2657<ul> 2658<li>Type: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li> 2659</ul> 2660<p>The length (in bytes) of the random salt to use.</p> 2661<section data-footnotes="" class="footnotes"><h3 class="sr-only" id="footnote-label">Footnotes</h3> 2662<ol> 2663<li id="user-content-fn-1"> 2664<p>An experimental implementation of 2665<a href="https://wicg.github.io/webcrypto-secure-curves/">Secure Curves in the Web Cryptography API</a> as of 05 May 2022 <a href="#user-content-fnref-1" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩</a> <a href="#user-content-fnref-1-2" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>2</sup></a> <a href="#user-content-fnref-1-3" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>3</sup></a> <a href="#user-content-fnref-1-4" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>4</sup></a> <a href="#user-content-fnref-1-5" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>5</sup></a> <a href="#user-content-fnref-1-6" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>6</sup></a> <a href="#user-content-fnref-1-7" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>7</sup></a> <a href="#user-content-fnref-1-8" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>8</sup></a> <a href="#user-content-fnref-1-9" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>9</sup></a> <a href="#user-content-fnref-1-10" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>10</sup></a> <a href="#user-content-fnref-1-11" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>11</sup></a> <a href="#user-content-fnref-1-12" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>12</sup></a> <a href="#user-content-fnref-1-13" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>13</sup></a> <a href="#user-content-fnref-1-14" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>14</sup></a> <a href="#user-content-fnref-1-15" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>15</sup></a> <a href="#user-content-fnref-1-16" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>16</sup></a> <a href="#user-content-fnref-1-17" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>17</sup></a> <a href="#user-content-fnref-1-18" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>18</sup></a> <a href="#user-content-fnref-1-19" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>19</sup></a> <a href="#user-content-fnref-1-20" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>20</sup></a> <a href="#user-content-fnref-1-21" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>21</sup></a> <a href="#user-content-fnref-1-22" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>22</sup></a> <a href="#user-content-fnref-1-23" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>23</sup></a> <a href="#user-content-fnref-1-24" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>24</sup></a> <a href="#user-content-fnref-1-25" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>25</sup></a> <a href="#user-content-fnref-1-26" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>26</sup></a> <a href="#user-content-fnref-1-27" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>27</sup></a> <a href="#user-content-fnref-1-28" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>28</sup></a> <a href="#user-content-fnref-1-29" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>29</sup></a> <a href="#user-content-fnref-1-30" data-footnote-backref="" class="data-footnote-backref" aria-label="Back to content">↩<sup>30</sup></a></p> 2666</li> 2667</ol> 2668</section></section> 2669 <!-- API END --> 2670 </div> 2671 </div> 2672 </div> 2673</body> 2674</html> 2675