Web Crypto API
Table des matières
- Examples
- Algorithm matrix
- Class: Crypto
- Class: CryptoKey
- Class: CryptoKeyPair
- Class: SubtleCrypto
- subtle.decrypt(algorithm, key, data)
- subtle.deriveBits(algorithm, baseKey, length)
- subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)
- subtle.digest(algorithm, data)
- subtle.encrypt(algorithm, key, data)
- subtle.exportKey(format, key)
- subtle.generateKey(algorithm, extractable, keyUsages)
- subtle.importKey(format, keyData, algorithm, extractable, keyUsages)
- subtle.sign(algorithm, key, data)
- subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)
- subtle.verify(algorithm, key, signature, data)
- subtle.wrapKey(format, key, wrappingKey, wrapAlgo)
- Algorithm parameters
- Class: AlgorithmIdentifier
- Class: AesCbcParams
- Class: AesCtrParams
- Class: AesGcmParams
- Class: AesKeyGenParams
- Class: EcdhKeyDeriveParams
- Class: EcdsaParams
- Class: EcKeyGenParams
- Class: EcKeyImportParams
- Class: Ed448Params
- Class: HkdfParams
- Class: HmacImportParams
- Class: HmacKeyGenParams
- Class: Pbkdf2Params
- Class: RsaHashedImportParams
- Class: RsaHashedKeyGenParams
- Class: RsaOaepParams
- Class: RsaPssParams
Ajouté en: v15.0.0
Node.js provides an implementation of the standard Web Crypto API.
Use globalThis.crypto
or require('node:crypto').webcrypto
to access this
module.
JS
Examples
Generating keys
The SubtleCrypto
class can be used to generate symmetric (secret) keys
or asymmetric key pairs (public key and private key).
AES keys
JS
ECDSA key pairs
JS
Ed25519/Ed448/X25519/X448 key pairs
JS
HMAC keys
JS
RSA key pairs
JS
Encryption and decryption
JS
Exporting and importing keys
JS
Wrapping and unwrapping keys
JS
Sign and verify
JS
Deriving bits and keys
JS
Digest
JS
Algorithm matrix
The table details the algorithms supported by the Node.js Web Crypto API implementation and the APIs supported for each:
Algorithm | generateKey | exportKey | importKey | encrypt | decrypt | wrapKey | unwrapKey | deriveBits | deriveKey | sign | verify | digest |
---|---|---|---|---|---|---|---|---|---|---|---|---|
'RSASSA-PKCS1-v1_5' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'RSA-PSS' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'RSA-OAEP' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'ECDSA' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'Ed25519' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'Ed448' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'ECDH' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'X25519' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'X448' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'AES-CTR' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'AES-CBC' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'AES-GCM' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'AES-KW' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'HMAC' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'HKDF' | ✔ | ✔ | ✔ | ✔ | ||||||||
'PBKDF2' | ✔ | ✔ | ✔ | ✔ | ||||||||
'SHA-1' | ✔ | |||||||||||
'SHA-256' | ✔ | |||||||||||
'SHA-384' | ✔ | |||||||||||
'SHA-512' | ✔ |
C Crypto
Ajouté en: v15.0.0
globalThis.crypto
is an instance of the Crypto
class. Crypto
is a singleton that provides access to the remainder of the
crypto API.
M crypto.subtle
Ajouté en: v15.0.0
- Type:
SubtleCrypto
Provides access to the SubtleCrypto
API.
M crypto.getRandomValues(typedArray)
Ajouté en: v15.0.0
typedArray
Buffer
|TypedArray
- Returns:
Buffer
|TypedArray
Generates cryptographically strong random values. The given typedArray
is
filled with random values, and a reference to typedArray
is returned.
The given typedArray
must be an integer-based instance of TypedArray
,
i.e. Float32Array
and Float64Array
are not accepted.
An error will be thrown if the given typedArray
is larger than 65,536 bytes.
M crypto.randomUUID()
Ajouté en: v16.7.0
- Returns:
string
Generates a random RFC 4122 version 4 UUID. The UUID is generated using a cryptographic pseudorandom number generator.
C CryptoKey
Ajouté en: v15.0.0
M cryptoKey.algorithm
Ajouté en: v15.0.0
An object detailing the algorithm for which the key can be used along with additional algorithm-specific parameters.
Read-only.
M cryptoKey.extractable
Ajouté en: v15.0.0
- Type:
boolean
When true
, the CryptoKey
can be extracted using either
subtleCrypto.exportKey()
or subtleCrypto.wrapKey()
.
Read-only.
M cryptoKey.type
Ajouté en: v15.0.0
- Type:
string
One of'secret'
,'private'
, or'public'
.
A string identifying whether the key is a symmetric ('secret'
) or
asymmetric ('private'
or 'public'
) key.
M cryptoKey.usages
Ajouté en: v15.0.0
- Type: string[]
An array of strings identifying the operations for which the key may be used.
The possible usages are:
'encrypt'
- The key may be used to encrypt data.'decrypt'
- The key may be used to decrypt data.'sign'
- The key may be used to generate digital signatures.'verify'
- The key may be used to verify digital signatures.'deriveKey'
- The key may be used to derive a new key.'deriveBits'
- The key may be used to derive bits.'wrapKey'
- The key may be used to wrap another key.'unwrapKey'
- The key may be used to unwrap another key.
Valid key usages depend on the key algorithm (identified by
cryptokey.algorithm.name
).
Key Type | 'encrypt' | 'decrypt' | 'sign' | 'verify' | 'deriveKey' | 'deriveBits' | 'wrapKey' | 'unwrapKey' |
---|---|---|---|---|---|---|---|---|
'AES-CBC' | ✔ | ✔ | ✔ | ✔ | ||||
'AES-CTR' | ✔ | ✔ | ✔ | ✔ | ||||
'AES-GCM' | ✔ | ✔ | ✔ | ✔ | ||||
'AES-KW' | ✔ | ✔ | ||||||
'ECDH' | ✔ | ✔ | ||||||
'X25519' 1 | ✔ | ✔ | ||||||
'X448' 1 | ✔ | ✔ | ||||||
'ECDSA' | ✔ | ✔ | ||||||
'Ed25519' 1 | ✔ | ✔ | ||||||
'Ed448' 1 | ✔ | ✔ | ||||||
'HDKF' | ✔ | ✔ | ||||||
'HMAC' | ✔ | ✔ | ||||||
'PBKDF2' | ✔ | ✔ | ||||||
'RSA-OAEP' | ✔ | ✔ | ✔ | ✔ | ||||
'RSA-PSS' | ✔ | ✔ | ||||||
'RSASSA-PKCS1-v1_5' | ✔ | ✔ |
C CryptoKeyPair
Ajouté en: v15.0.0
The CryptoKeyPair
is a simple dictionary object with publicKey
and
privateKey
properties, representing an asymmetric key pair.
M cryptoKeyPair.privateKey
Ajouté en: v15.0.0
M cryptoKeyPair.publicKey
Ajouté en: v15.0.0
C SubtleCrypto
Ajouté en: v15.0.0
M subtle.decrypt(algorithm, key, data)
Ajouté en: v15.0.0
algorithm
:RsaOaepParams
|AesCtrParams
|AesCbcParams
|AesGcmParams
key
:CryptoKey
data
:ArrayBuffer
|TypedArray
|DataView
|Buffer
- Returns:
Promise
containingArrayBuffer
Using the method and parameters specified in algorithm
and the keying
material provided by key
, subtle.decrypt()
attempts to decipher the
provided data
. If successful, the returned promise will be resolved with
an ArrayBuffer
containing the plaintext result.
The algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM
'
M subtle.deriveBits(algorithm, baseKey, length)
Historique
Version | Changements |
---|---|
v18.4.0, v16.17.0 | Added `'X25519'`, and `'X448'` algorithms. |
v15.0.0 | Ajouté en: v15.0.0 |
algorithm
:AlgorithmIdentifier
|EcdhKeyDeriveParams
|HkdfParams
|Pbkdf2Params
baseKey
:CryptoKey
length
:number
|null
- Returns:
Promise
containingArrayBuffer
Using the method and parameters specified in algorithm
and the keying
material provided by baseKey
, subtle.deriveBits()
attempts to generate
length
bits.
The Node.js implementation requires that when length
is a
number it must be multiple of 8
.
When length
is null
the maximum number of bits for a given algorithm is
generated. This is allowed for the 'ECDH'
, 'X25519'
, and 'X448'
algorithms.
If successful, the returned promise will be resolved with an ArrayBuffer
containing the generated data.
The algorithms currently supported include:
M subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)
Historique
Version | Changements |
---|---|
v18.4.0, v16.17.0 | Added `'X25519'`, and `'X448'` algorithms. |
v15.0.0 | Ajouté en: v15.0.0 |
algorithm
:AlgorithmIdentifier
|EcdhKeyDeriveParams
|HkdfParams
|Pbkdf2Params
baseKey
:CryptoKey
derivedKeyAlgorithm
:HmacKeyGenParams
|AesKeyGenParams
extractable
:boolean
keyUsages
: string[] See Key usages.- Returns:
Promise
containingCryptoKey
Using the method and parameters specified in algorithm
, and the keying
material provided by baseKey
, subtle.deriveKey()
attempts to generate
a new CryptoKey
based on the method and parameters in derivedKeyAlgorithm
.
Calling subtle.deriveKey()
is equivalent to calling subtle.deriveBits()
to
generate raw keying material, then passing the result into the
subtle.importKey()
method using the deriveKeyAlgorithm
, extractable
, and
keyUsages
parameters as input.
The algorithms currently supported include:
M subtle.digest(algorithm, data)
Ajouté en: v15.0.0
algorithm
:string
|Object
data
:ArrayBuffer
|TypedArray
|DataView
|Buffer
- Returns:
Promise
containingArrayBuffer
Using the method identified by algorithm
, subtle.digest()
attempts to
generate a digest of data
. If successful, the returned promise is resolved
with an ArrayBuffer
containing the computed digest.
If algorithm
is provided as a string
, it must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If algorithm
is provided as an Object
, it must have a name
property
whose value is one of the above.
M subtle.encrypt(algorithm, key, data)
Ajouté en: v15.0.0
algorithm
:RsaOaepParams
|AesCtrParams
|AesCbcParams
|AesGcmParams
key
:CryptoKey
- Returns:
Promise
containingArrayBuffer
Using the method and parameters specified by algorithm
and the keying
material provided by key
, subtle.encrypt()
attempts to encipher data
.
If successful, the returned promise is resolved with an ArrayBuffer
containing the encrypted result.
The algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM
'
M subtle.exportKey(format, key)
Historique
Version | Changements |
---|---|
v18.4.0, v16.17.0 | Added `'Ed25519'`, `'Ed448'`, `'X25519'`, and `'X448'` algorithms. |
v15.9.0 | Removed `'NODE-DSA'` JWK export. |
v15.0.0 | Ajouté en: v15.0.0 |
format
:string
Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.key
:CryptoKey
- Returns:
Promise
containingArrayBuffer
.
Exports the given key into the specified format, if supported.
If the CryptoKey
is not extractable, the returned promise will reject.
When format
is either 'pkcs8'
or 'spki'
and the export is successful,
the returned promise will be resolved with an ArrayBuffer
containing the
exported key data.
When format
is 'jwk'
and the export is successful, the returned promise
will be resolved with a JavaScript object conforming to the JSON Web Key
specification.
Key Type | 'spki' | 'pkcs8' | 'jwk' | 'raw' |
---|---|---|---|---|
'AES-CBC' | ✔ | ✔ | ||
'AES-CTR' | ✔ | ✔ | ||
'AES-GCM' | ✔ | ✔ | ||
'AES-KW' | ✔ | ✔ | ||
'ECDH' | ✔ | ✔ | ✔ | ✔ |
'ECDSA' | ✔ | ✔ | ✔ | ✔ |
'Ed25519' 1 | ✔ | ✔ | ✔ | ✔ |
'Ed448' 1 | ✔ | ✔ | ✔ | ✔ |
'HDKF' | ||||
'HMAC' | ✔ | ✔ | ||
'PBKDF2' | ||||
'RSA-OAEP' | ✔ | ✔ | ✔ | |
'RSA-PSS' | ✔ | ✔ | ✔ | |
'RSASSA-PKCS1-v1_5' | ✔ | ✔ | ✔ |
M subtle.generateKey(algorithm, extractable, keyUsages)
Ajouté en: v15.0.0
algorithm
:AlgorithmIdentifier
|RsaHashedKeyGenParams
|EcKeyGenParams
|HmacKeyGenParams
|AesKeyGenParams
extractable
:boolean
keyUsages
: string[] See Key usages.Returns:
Promise
containingCryptoKey
|CryptoKeyPair
Using the method and parameters provided in algorithm
, subtle.generateKey()
attempts to generate new keying material. Depending the method used, the method
may generate either a single CryptoKey
or a CryptoKeyPair
.
The CryptoKeyPair
(public and private key) generating algorithms supported
include:
The CryptoKey
(secret key) generating algorithms supported include:
'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
M subtle.importKey(format, keyData, algorithm, extractable, keyUsages)
Historique
Version | Changements |
---|---|
v18.4.0, v16.17.0 | Added `'Ed25519'`, `'Ed448'`, `'X25519'`, and `'X448'` algorithms. |
v15.9.0 | Removed `'NODE-DSA'` JWK import. |
v15.0.0 | Ajouté en: v15.0.0 |
format
:string
Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.keyData
:ArrayBuffer
|TypedArray
|DataView
|Buffer
|KeyObject
algorithm
:AlgorithmIdentifier
|RsaHashedImportParams
|EcKeyImportParams
|HmacImportParams
extractable
:boolean
keyUsages
: string[] See Key usages.
The subtle.importKey()
method attempts to interpret the provided keyData
as the given format
to create a CryptoKey
instance using the provided
algorithm
, extractable
, and keyUsages
arguments. If the import is
successful, the returned promise will be resolved with the created CryptoKey
.
If importing a 'PBKDF2'
key, extractable
must be false
.
The algorithms currently supported include:
Key Type | 'spki' | 'pkcs8' | 'jwk' | 'raw' |
---|---|---|---|---|
'AES-CBC' | ✔ | ✔ | ||
'AES-CTR' | ✔ | ✔ | ||
'AES-GCM' | ✔ | ✔ | ||
'AES-KW' | ✔ | ✔ | ||
'ECDH' | ✔ | ✔ | ✔ | ✔ |
'X25519' 1 | ✔ | ✔ | ✔ | ✔ |
'X448' 1 | ✔ | ✔ | ✔ | ✔ |
'ECDSA' | ✔ | ✔ | ✔ | ✔ |
'Ed25519' 1 | ✔ | ✔ | ✔ | ✔ |
'Ed448' 1 | ✔ | ✔ | ✔ | ✔ |
'HDKF' | ✔ | |||
'HMAC' | ✔ | ✔ | ||
'PBKDF2' | ✔ | |||
'RSA-OAEP' | ✔ | ✔ | ✔ | |
'RSA-PSS' | ✔ | ✔ | ✔ | |
'RSASSA-PKCS1-v1_5' | ✔ | ✔ | ✔ |
M subtle.sign(algorithm, key, data)
Historique
Version | Changements |
---|---|
v18.4.0, v16.17.0 | Added `'Ed25519'`, and `'Ed448'` algorithms. |
v15.0.0 | Ajouté en: v15.0.0 |
algorithm
:AlgorithmIdentifier
|RsaPssParams
|EcdsaParams
|Ed448Params
key
:CryptoKey
data
:ArrayBuffer
|TypedArray
|DataView
|Buffer
- Returns:
Promise
containingArrayBuffer
Using the method and parameters given by algorithm
and the keying material
provided by key
, subtle.sign()
attempts to generate a cryptographic
signature of data
. If successful, the returned promise is resolved with
an ArrayBuffer
containing the generated signature.
The algorithms currently supported include:
M subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)
Ajouté en: v15.0.0
format
:string
Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.wrappedKey
:ArrayBuffer
|TypedArray
|DataView
|Buffer
unwrappingKey
:CryptoKey
unwrapAlgo
:AlgorithmIdentifier
|RsaOaepParams
|AesCtrParams
|AesCbcParams
|AesGcmParams
unwrappedKeyAlgo
:AlgorithmIdentifier
|RsaHashedImportParams
|EcKeyImportParams
|HmacImportParams
extractable
:boolean
keyUsages
: string[] See Key usages.
In cryptography, "wrapping a key" refers to exporting and then encrypting the
keying material. The subtle.unwrapKey()
method attempts to decrypt a wrapped
key and create a CryptoKey
instance. It is equivalent to calling
subtle.decrypt()
first on the encrypted key data (using the wrappedKey
,
unwrapAlgo
, and unwrappingKey
arguments as input) then passing the results
in to the subtle.importKey()
method using the unwrappedKeyAlgo
,
extractable
, and keyUsages
arguments as inputs. If successful, the returned
promise is resolved with a CryptoKey
object.
The wrapping algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
The unwrapped key algorithms supported include:
'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'RSA-OAEP'
'ECDSA'
'Ed25519'
1'Ed448'
1'ECDH'
'X25519'
1'X448'
1'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
M subtle.verify(algorithm, key, signature, data)
Historique
Version | Changements |
---|---|
v18.4.0, v16.17.0 | Added `'Ed25519'`, and `'Ed448'` algorithms. |
v15.0.0 | Ajouté en: v15.0.0 |
algorithm
:AlgorithmIdentifier
|RsaPssParams
|EcdsaParams
|Ed448Params
key
:CryptoKey
signature
:ArrayBuffer
|TypedArray
|DataView
|Buffer
data
:ArrayBuffer
|TypedArray
|DataView
|Buffer
- Returns:
Promise
containingboolean
Using the method and parameters given in algorithm
and the keying material
provided by key
, subtle.verify()
attempts to verify that signature
is
a valid cryptographic signature of data
. The returned promise is resolved
with either true
or false
.
The algorithms currently supported include:
M subtle.wrapKey(format, key, wrappingKey, wrapAlgo)
Ajouté en: v15.0.0
format
:string
Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.key
:CryptoKey
wrappingKey
:CryptoKey
wrapAlgo
:AlgorithmIdentifier
|RsaOaepParams
|AesCtrParams
|AesCbcParams
|AesGcmParams
- Returns:
Promise
containingArrayBuffer
In cryptography, "wrapping a key" refers to exporting and then encrypting the
keying material. The subtle.wrapKey()
method exports the keying material into
the format identified by format
, then encrypts it using the method and
parameters specified by wrapAlgo
and the keying material provided by
wrappingKey
. It is the equivalent to calling subtle.exportKey()
using
format
and key
as the arguments, then passing the result to the
subtle.encrypt()
method using wrappingKey
and wrapAlgo
as inputs. If
successful, the returned promise will be resolved with an ArrayBuffer
containing the encrypted key data.
The wrapping algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
Algorithm parameters
The algorithm parameter objects define the methods and parameters used by
the various SubtleCrypto
methods. While described here as "classes", they
are simple JavaScript dictionary objects.
C AlgorithmIdentifier
Ajouté en: v18.4.0, v16.17.0
M algorithmIdentifier.name
Ajouté en: v18.4.0, v16.17.0
- Type:
string
C AesCbcParams
Ajouté en: v15.0.0
M aesCbcParams.iv
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
Provides the initialization vector. It must be exactly 16-bytes in length and should be unpredictable and cryptographically random.
M aesCbcParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'AES-CBC'
.
C AesCtrParams
Ajouté en: v15.0.0
M aesCtrParams.counter
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
The initial value of the counter block. This must be exactly 16 bytes long.
The AES-CTR
method uses the rightmost length
bits of the block as the
counter and the remaining bits as the nonce.
M aesCtrParams.length
Ajouté en: v15.0.0
- Type:
number
The number of bits in theaesCtrParams.counter
that are to be used as the counter.
M aesCtrParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'AES-CTR'
.
C AesGcmParams
Ajouté en: v15.0.0
M aesGcmParams.additionalData
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
|undefined
With the AES-GCM method, the additionalData
is extra input that is not
encrypted but is included in the authentication of the data. The use of
additionalData
is optional.
M aesGcmParams.iv
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
The initialization vector must be unique for every encryption operation using a given key.
Ideally, this is a deterministic 12-byte value that is computed in such a way that it is guaranteed to be unique across all invocations that use the same key. Alternatively, the initialization vector may consist of at least 12 cryptographically random bytes. For more information on constructing initialization vectors for AES-GCM, refer to Section 8 of NIST SP 800-38D.
M aesGcmParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'AES-GCM'
.
M aesGcmParams.tagLength
Ajouté en: v15.0.0
- Type:
number
The size in bits of the generated authentication tag. This values must be one of32
,64
,96
,104
,112
,120
, or128
. Default:128
.
C AesKeyGenParams
Ajouté en: v15.0.0
M aesKeyGenParams.length
Ajouté en: v15.0.0
- Type:
number
The length of the AES key to be generated. This must be either 128
, 192
,
or 256
.
M aesKeyGenParams.name
Ajouté en: v15.0.0
- Type:
string
Must be one of'AES-CBC'
,'AES-CTR'
,'AES-GCM'
, or'AES-KW'
C EcdhKeyDeriveParams
Ajouté en: v15.0.0
M ecdhKeyDeriveParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'ECDH'
,'X25519'
, or'X448'
.
M ecdhKeyDeriveParams.public
Ajouté en: v15.0.0
- Type:
CryptoKey
ECDH key derivation operates by taking as input one parties private key and
another parties public key -- using both to generate a common shared secret.
The ecdhKeyDeriveParams.public
property is set to the other parties public
key.
C EcdsaParams
Ajouté en: v15.0.0
M ecdsaParams.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M ecdsaParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'ECDSA'
.
C EcKeyGenParams
Ajouté en: v15.0.0
M ecKeyGenParams.name
Ajouté en: v15.0.0
- Type:
string
Must be one of'ECDSA'
or'ECDH'
.
M ecKeyGenParams.namedCurve
Ajouté en: v15.0.0
- Type:
string
Must be one of'P-256'
,'P-384'
,'P-521'
.
C EcKeyImportParams
Ajouté en: v15.0.0
M ecKeyImportParams.name
Ajouté en: v15.0.0
- Type:
string
Must be one of'ECDSA'
or'ECDH'
.
M ecKeyImportParams.namedCurve
Ajouté en: v15.0.0
- Type:
string
Must be one of'P-256'
,'P-384'
,'P-521'
.
C Ed448Params
Ajouté en: v15.0.0
M ed448Params.name
Ajouté en: v18.4.0, v16.17.0
- Type:
string
Must be'Ed448'
.
M ed448Params.context
Ajouté en: v18.4.0, v16.17.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
|undefined
The context
member represents the optional context data to associate with
the message.
The Node.js Web Crypto API implementation only supports zero-length context
which is equivalent to not providing context at all.
C HkdfParams
Ajouté en: v15.0.0
M hkdfParams.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M hkdfParams.info
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
Provides application-specific contextual input to the HKDF algorithm. This can be zero-length but must be provided.
M hkdfParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'HKDF'
.
M hkdfParams.salt
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
The salt value significantly improves the strength of the HKDF algorithm.
It should be random or pseudorandom and should be the same length as the
output of the digest function (for instance, if using 'SHA-256'
as the
digest, the salt should be 256-bits of random data).
C HmacImportParams
Ajouté en: v15.0.0
M hmacImportParams.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M hmacImportParams.length
Ajouté en: v15.0.0
- Type:
number
The optional number of bits in the HMAC key. This is optional and should be omitted for most cases.
M hmacImportParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'HMAC'
.
C HmacKeyGenParams
Ajouté en: v15.0.0
M hmacKeyGenParams.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M hmacKeyGenParams.length
Ajouté en: v15.0.0
- Type:
number
The number of bits to generate for the HMAC key. If omitted, the length will be determined by the hash algorithm used. This is optional and should be omitted for most cases.
M hmacKeyGenParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'HMAC'
.
C Pbkdf2Params
Ajouté en: v15.0.0
M pbkdb2Params.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M pbkdf2Params.iterations
Ajouté en: v15.0.0
- Type:
number
The number of iterations the PBKDF2 algorithm should make when deriving bits.
M pbkdf2Params.name
Ajouté en: v15.0.0
- Type:
string
Must be'PBKDF2'
.
M pbkdf2Params.salt
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
Should be at least 16 random or pseudorandom bytes.
C RsaHashedImportParams
Ajouté en: v15.0.0
M rsaHashedImportParams.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M rsaHashedImportParams.name
Ajouté en: v15.0.0
- Type:
string
Must be one of'RSASSA-PKCS1-v1_5'
,'RSA-PSS'
, or'RSA-OAEP'
.
C RsaHashedKeyGenParams
Ajouté en: v15.0.0
M rsaHashedKeyGenParams.hash
Ajouté en: v15.0.0
If represented as a string
, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an Object
, the object must have a name
property
whose value is one of the above listed values.
M rsaHashedKeyGenParams.modulusLength
Ajouté en: v15.0.0
- Type:
number
The length in bits of the RSA modulus. As a best practice, this should be
at least 2048
.
M rsaHashedKeyGenParams.name
Ajouté en: v15.0.0
- Type:
string
Must be one of'RSASSA-PKCS1-v1_5'
,'RSA-PSS'
, or'RSA-OAEP'
.
M rsaHashedKeyGenParams.publicExponent
Ajouté en: v15.0.0
- Type:
Uint8Array
The RSA public exponent. This must be a Uint8Array
containing a big-endian,
unsigned integer that must fit within 32-bits. The Uint8Array
may contain an
arbitrary number of leading zero-bits. The value must be a prime number. Unless
there is reason to use a different value, use new Uint8Array([1, 0, 1])
(65537) as the public exponent.
C RsaOaepParams
Ajouté en: v15.0.0
rsaOaepParams.label
Ajouté en: v15.0.0
- Type:
ArrayBuffer
|TypedArray
|DataView
|Buffer
An additional collection of bytes that will not be encrypted, but will be bound to the generated ciphertext.
The rsaOaepParams.label
parameter is optional.
rsaOaepParams.name
Ajouté en: v15.0.0
- Type:
string
must be'RSA-OAEP'
.
C RsaPssParams
Ajouté en: v15.0.0
M rsaPssParams.name
Ajouté en: v15.0.0
- Type:
string
Must be'RSA-PSS'
.
M rsaPssParams.saltLength
Ajouté en: v15.0.0
- Type:
number
The length (in bytes) of the random salt to use.
- An experimental implementation of Secure Curves in the Web Cryptography API as of 05 May 2022↩