{ "type": "module", "source": "doc/api/webcrypto.md", "modules": [ { "textRaw": "Web Crypto API", "name": "web_crypto_api", "introduced_in": "v15.0.0", "stability": 1, "stabilityText": "Experimental", "desc": "
Node.js provides an implementation of the standard Web Crypto API.
\nUse require('crypto').webcrypto
to access this module.
const { subtle } = require('crypto').webcrypto;\n\n(async function() {\n\n const key = await subtle.generateKey({\n name: 'HMAC',\n hash: 'SHA-256',\n length: 256\n }, true, ['sign', 'verify']);\n\n const digest = await subtle.sign({\n name: 'HMAC'\n }, key, 'I love cupcakes');\n\n})();\n
\nThe <SubtleCrypto> class can be used to generate symmetric (secret) keys\nor asymmetric key pairs (public key and private key).
", "modules": [ { "textRaw": "AES keys", "name": "aes_keys", "desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function generateAesKey(length = 256) {\n const key = await subtle.generateKey({\n name: 'AES-CBC',\n length\n }, true, ['encrypt', 'decrypt']);\n\n return key;\n}\n
",
"type": "module",
"displayName": "AES keys"
},
{
"textRaw": "Elliptic curve key pairs",
"name": "elliptic_curve_key_pairs",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function generateEcKey(namedCurve = 'P-521') {\n const {\n publicKey,\n privateKey\n } = await subtle.generateKey({\n name: 'ECDSA',\n namedCurve,\n }, true, ['sign', 'verify']);\n\n return { publicKey, privateKey };\n}\n
",
"type": "module",
"displayName": "Elliptic curve key pairs"
},
{
"textRaw": "ED25519/ED448/X25519/X448 Elliptic curve key pairs",
"name": "ed25519/ed448/x25519/x448_elliptic_curve_key_pairs",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function generateEd25519Key() {\n return subtle.generateKey({\n name: 'NODE-ED25519',\n namedCurve: 'NODE-ED25519',\n }, true, ['sign', 'verify']);\n}\n\nasync function generateX25519Key() {\n return subtle.generateKey({\n name: 'ECDH',\n namedCurve: 'NODE-X25519',\n }, true, ['deriveKey']);\n}\n
",
"type": "module",
"displayName": "ED25519/ED448/X25519/X448 Elliptic curve key pairs"
},
{
"textRaw": "HMAC keys",
"name": "hmac_keys",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function generateHmacKey(hash = 'SHA-256') {\n const key = await subtle.generateKey({\n name: 'HMAC',\n hash\n }, true, ['sign', 'verify']);\n\n return key;\n}\n
",
"type": "module",
"displayName": "HMAC keys"
},
{
"textRaw": "RSA key pairs",
"name": "rsa_key_pairs",
"desc": "const { subtle } = require('crypto').webcrypto;\nconst publicExponent = new Uint8Array([1, 0, 1]);\n\nasync function generateRsaKey(modulusLength = 2048, hash = 'SHA-256') {\n const {\n publicKey,\n privateKey\n } = await subtle.generateKey({\n name: 'RSASSA-PKCS1-v1_5',\n modulusLength,\n publicExponent,\n hash,\n }, true, ['sign', 'verify']);\n\n return { publicKey, privateKey };\n}\n
",
"type": "module",
"displayName": "RSA key pairs"
}
],
"type": "module",
"displayName": "Generating keys"
},
{
"textRaw": "Encryption and decryption",
"name": "encryption_and_decryption",
"desc": "const { subtle, getRandomValues } = require('crypto').webcrypto;\n\nasync function aesEncrypt(plaintext) {\n const ec = new TextEncoder();\n const key = await generateAesKey();\n const iv = getRandomValues(new Uint8Array(16));\n\n const ciphertext = await subtle.encrypt({\n name: 'AES-CBC',\n iv,\n }, key, ec.encode(plaintext));\n\n return {\n key,\n iv,\n ciphertext\n };\n}\n\nasync function aesDecrypt(ciphertext, key, iv) {\n const dec = new TextDecoder();\n const plaintext = await subtle.decrypt({\n name: 'AES-CBC',\n iv,\n }, key, ciphertext);\n\n return dec.decode(plaintext);\n}\n
",
"type": "module",
"displayName": "Encryption and decryption"
},
{
"textRaw": "Exporting and importing keys",
"name": "exporting_and_importing_keys",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function generateAndExportHmacKey(format = 'jwk', hash = 'SHA-512') {\n const key = await subtle.generateKey({\n name: 'HMAC',\n hash\n }, true, ['sign', 'verify']);\n\n return subtle.exportKey(format, key);\n}\n\nasync function importHmacKey(keyData, format = 'jwk', hash = 'SHA-512') {\n const key = await subtle.importKey(format, keyData, {\n name: 'HMAC',\n hash\n }, true, ['sign', 'verify']);\n\n return key;\n}\n
",
"type": "module",
"displayName": "Exporting and importing keys"
},
{
"textRaw": "Wrapping and unwrapping keys",
"name": "wrapping_and_unwrapping_keys",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function generateAndWrapHmacKey(format = 'jwk', hash = 'SHA-512') {\n const [\n key,\n wrappingKey,\n ] = await Promise.all([\n subtle.generateKey({\n name: 'HMAC', hash\n }, true, ['sign', 'verify']),\n subtle.generateKey({\n name: 'AES-KW',\n length: 256\n }, true, ['wrapKey', 'unwrapKey']),\n ]);\n\n const wrappedKey = await subtle.wrapKey(format, key, wrappingKey, 'AES-KW');\n\n return wrappedKey;\n}\n\nasync function unwrapHmacKey(\n wrappedKey,\n wrappingKey,\n format = 'jwk',\n hash = 'SHA-512') {\n\n const key = await subtle.unwrapKey(\n format,\n wrappedKey,\n unwrappingKey,\n 'AES-KW',\n { name: 'HMAC', hash },\n true,\n ['sign', 'verify']);\n\n return key;\n}\n
",
"type": "module",
"displayName": "Wrapping and unwrapping keys"
},
{
"textRaw": "Sign and verify",
"name": "sign_and_verify",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function sign(key, data) {\n const ec = new TextEncoder();\n const signature =\n await subtle.sign('RSASSA-PKCS1-v1_5', key, ec.encode(data));\n return signature;\n}\n\nasync function verify(key, signature, data) {\n const ec = new TextEncoder();\n const verified =\n await subtle.verify(\n 'RSASSA-PKCS1-v1_5',\n key,\n signature,\n ec.encode(data));\n return verified;\n}\n
",
"type": "module",
"displayName": "Sign and verify"
},
{
"textRaw": "Deriving bits and keys",
"name": "deriving_bits_and_keys",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function pbkdf2(pass, salt, iterations = 1000, length = 256) {\n const ec = new TextEncoder();\n const key = await subtle.importKey(\n 'raw',\n ec.encode(pass),\n 'PBKDF2',\n false,\n ['deriveBits']);\n const bits = await subtle.deriveBits({\n name: 'PBKDF2',\n hash: 'SHA-512',\n salt: ec.encode(salt),\n iterations\n }, key, length);\n return bits;\n}\n\nasync function pbkdf2Key(pass, salt, iterations = 1000, length = 256) {\n const ec = new TextEncoder();\n const keyMaterial = await subtle.importKey(\n 'raw',\n ec.encode(pass),\n 'PBKDF2',\n false,\n ['deriveKey']);\n const key = await subtle.deriveKey({\n name: 'PBKDF2',\n hash: 'SHA-512',\n salt: ec.encode(salt),\n iterations\n }, keyMaterial, {\n name: 'AES-GCM',\n length: 256\n }, true, ['encrypt', 'decrypt']);\n return key;\n}\n
",
"type": "module",
"displayName": "Deriving bits and keys"
},
{
"textRaw": "Digest",
"name": "digest",
"desc": "const { subtle } = require('crypto').webcrypto;\n\nasync function digest(data, algorithm = 'SHA-512') {\n const ec = new TextEncoder();\n const digest = await subtle.digest(algorithm, ec.encode(data));\n return digest;\n}\n
",
"type": "module",
"displayName": "Digest"
},
{
"textRaw": "Algorithm Matrix",
"name": "algorithm_matrix",
"desc": "The table details the algorithms supported by the Node.js Web Crypto API\nimplementation and the APIs supported for each:
\nAlgorithm | \ngenerateKey | \nexportKey | \nimportKey | \nencrypt | \ndecrypt | \nwrapKey | \nunwrapKey | \nderiveBits | \nderiveKey | \nsign | \nverify | \ndigest | \n
---|---|---|---|---|---|---|---|---|---|---|---|---|
'RSASSA-PKCS1-v1_5' | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
'RSA-PSS' | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
'RSA-OAEP' | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n |
'ECDSA' | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
'ECDH' | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n | \n |
'AES-CTR' | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n |
'AES-CBC' | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n |
'AES-GCM' | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n |
'AES-KW' | \n✔ | \n✔ | \n✔ | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n | \n |
'HMAC' | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
'HKDF' | \n\n | ✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n | \n |
'PBKDF2' | \n\n | ✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n | \n |
'SHA-1' | \n\n | \n | \n | \n | \n | \n | \n | \n | \n | \n | \n | ✔ | \n
'SHA-256' | \n\n | \n | \n | \n | \n | \n | \n | \n | \n | \n | \n | ✔ | \n
'SHA-384' | \n\n | \n | \n | \n | \n | \n | \n | \n | \n | \n | \n | ✔ | \n
'SHA-512' | \n\n | \n | \n | \n | \n | \n | \n | \n | \n | \n | \n | ✔ | \n
'NODE-DSA' 1 | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
'NODE-DH' 1 | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n | \n |
'NODE-ED25519' 1 | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
'NODE-ED448' 1 | \n✔ | \n✔ | \n✔ | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n\n |
1 Node.js-specific extension
", "type": "module", "displayName": "Algorithm Matrix" }, { "textRaw": "Algorithm Parameters", "name": "algorithm_parameters", "desc": "The algorithm parameter objects define the methods and parameters used by\nthe various <SubtleCrypto> methods. While described here as \"classes\", they\nare simple JavaScript dictionary objects.
", "classes": [ { "textRaw": "Class: `AesCbcParams`", "type": "class", "name": "AesCbcParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`iv` Type: {ArrayBuffer|TypedArray|DataView|Buffer}", "type": "ArrayBuffer|TypedArray|DataView|Buffer", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Provides the initialization vector. It must be exactly 16-bytes in length\nand should be unpredictable and cryptographically random.
" }, { "textRaw": "`name` Type: {string} Must be `'AES-CBC'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'AES-CBC'`." } ] }, { "textRaw": "Class: `AesCtrParams`", "type": "class", "name": "AesCtrParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`counter` Type: {ArrayBuffer|TypedArray|DataView|Buffer}", "type": "ArrayBuffer|TypedArray|DataView|Buffer", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "The initial value of the counter block. This must be exactly 16 bytes long.
\nThe AES-CTR
method uses the rightmost length
bits of the block as the\ncounter and the remaining bits as the nonce.
With the AES-GCM method, the additionalData
is extra input that is not\nencrypted but is included in the authentication of the data. The use of\nadditionalData
is optional.
The initialization vector must be unique for every encryption operation\nusing a given key. It is recommended by the AES-GCM specification that\nthis contain at least 12 random bytes.
" }, { "textRaw": "`name` Type: {string} Must be `'AES-GCM'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'AES-GCM'`." }, { "textRaw": "`tagLength` Type: {number} The size in bits of the generated authentication tag. This values must be one of `32`, `64`, `96`, `104`, `112`, `120`, or `128`. **Default:** `128`.", "type": "number", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "default": "`128`", "desc": "The size in bits of the generated authentication tag. This values must be one of `32`, `64`, `96`, `104`, `112`, `120`, or `128`." } ] }, { "textRaw": "Class: `AesImportParams`", "type": "class", "name": "AesImportParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`name` Type: {string} Must be one of `'AES-CTR'`, `'AES-CBC'`, `'AES-GCM'`, or `'AES-KW'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be one of `'AES-CTR'`, `'AES-CBC'`, `'AES-GCM'`, or `'AES-KW'`." } ] }, { "textRaw": "Class: `AesKeyGenParams`", "type": "class", "name": "AesKeyGenParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`length` Type: {number}", "type": "number", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "The length of the AES key to be generated. This must be either 128
, 192
,\nor 256
.
ECDH key derivation operates by taking as input one parties private key and\nanother parties public key -- using both to generate a common shared secret.\nThe ecdhKeyDeriveParams.public
property is set to the other parties public\nkey.
If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
Provides application-specific contextual input to the HKDF algorithm.\nThis can be zero-length but must be provided.
" }, { "textRaw": "`name` Type: {string} Must be `'HKDF'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'HKDF'`." }, { "textRaw": "`salt` Type: {ArrayBuffer|TypedArray|DataView|Buffer}", "type": "ArrayBuffer|TypedArray|DataView|Buffer", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "The salt value significantly improves the strength of the HKDF algorithm.\nIt should be random or pseudorandom and should be the same length as the\noutput of the digest function (for instance, if using 'SHA-256'
as the\ndigest, the salt should be 256-bits of random data).
If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
The optional number of bits in the HMAC key. This is optional and should\nbe omitted for most cases.
" }, { "textRaw": "`name` Type: {string} Must be `'HMAC'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'HMAC'`." } ] }, { "textRaw": "Class: `HmacKeyGenParams`", "type": "class", "name": "HmacKeyGenParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`hash` Type: {string|Object}", "type": "string|Object", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
The number of bits to generate for the HMAC key. If omitted,\nthe length will be determined by the hash algorithm used.\nThis is optional and should be omitted for most cases.
" }, { "textRaw": "`name` Type: {string} Must be `'HMAC'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'HMAC'`." } ] }, { "textRaw": "Class: `HmacParams`", "type": "class", "name": "HmacParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`name` Type: {string} Must be `'HMAC'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'HMAC'`." } ] }, { "textRaw": "Class: `Pbkdf2ImportParams`", "type": "class", "name": "Pbkdf2ImportParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`name` Type: {string} Must be `'PBKDF2'`", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'PBKDF2'`" } ] }, { "textRaw": "Class: `Pbkdf2Params`", "type": "class", "name": "Pbkdf2Params", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`hash` Type: {string|Object}", "type": "string|Object", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
The number of iterations the PBKDF2 algorithm should make when deriving bits.
" }, { "textRaw": "`name` Type: {string} Must be `'PBKDF2'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'PBKDF2'`." }, { "textRaw": "`salt` Type: {ArrayBuffer|TypedArray|DataView|Buffer}", "type": "ArrayBuffer|TypedArray|DataView|Buffer", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Should be at least 16 random or pseudorandom bytes.
" } ] }, { "textRaw": "Class: `RsaHashedImportParams`", "type": "class", "name": "RsaHashedImportParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`hash` Type: {string|Object}", "type": "string|Object", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
The length in bits of the RSA modulus. As a best practice, this should be\nat least 2048
.
The RSA public exponent. This must be a <Uint8Array> containing a big-endian,\nunsigned integer that must fit within 32-bits. The <Uint8Array> may contain an\narbitrary number of leading zero-bits. The value must be a prime number. Unless\nthere is reason to use a different value, use new Uint8Array([1, 0, 1])
\n(65537) as the public exponent.
An additional collection of bytes that will not be encrypted, but will be bound\nto the generated ciphertext.
\nThe rsaOaepParams.label
parameter is optional.
The length (in bytes) of the random salt to use.
" } ] }, { "textRaw": "Class: `RsaSignParams`", "type": "class", "name": "RsaSignParams", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`name` Type: {string} Must be `'RSASSA-PKCS1-v1_5'`", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "Must be `'RSASSA-PKCS1-v1_5'`" } ] } ], "type": "module", "displayName": "Algorithm Parameters" }, { "textRaw": "Node.js-specific extensions", "name": "node.js-specific_extensions", "desc": "The Node.js Web Crypto API extends various aspects of the Web Crypto API.\nThese extensions are consistently identified by prepending names with the\nnode.
prefix. For instance, the 'node.keyObject'
key format can be\nused with the subtle.exportKey()
and subtle.importKey()
methods to\nconvert between a WebCrypto <CryptoKey> object and a Node.js <KeyObject>.
Care should be taken when using Node.js-specific extensions as they are\nnot supported by other WebCrypto implementations and reduce the portability\nof code to other environments.
", "modules": [ { "textRaw": "`NODE-DH` Algorithm", "name": "`node-dh`_algorithm", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "The NODE-DH
algorithm is the common implementation of Diffie-Hellman\nkey agreement.
The NODE-DSA
algorithm is the common implementation of the DSA digital\nsignature algorithm.
If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
The optional length in bits of the DSA divisor.
" }, { "textRaw": "`hash` Type: {string|Object}", "type": "string|Object", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "If represented as a <string>, the value must be one of:
\n'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property\nwhose value is one of the above listed values.
The length in bits of the DSA modulus. As a best practice, this should be\nat least 2048
.
The public
parameter is used to specify that the 'raw'
format key is to be\ninterpreted as a public key. Default: false
.
The NODE-SCRYPT
algorithm is the common implementation of the scrypt key\nderivation algorithm.
Calling require('crypto').webcrypto
returns an instance of the Crypto
class.\nCrypto
is a singleton that provides access to the remainder of the crypto API.
Provides access to the SubtleCrypto
API.
Generates cryptographically strong random values. The given typedArray
is\nfilled with random values, and a reference to typedArray
is returned.
An error will be thrown if the given typedArray
is larger than 65,536 bytes.
Generates a random RFC 4122 version 4 UUID. The UUID is generated using a\ncryptographic pseudorandom number generator.
" } ] }, { "textRaw": "Class: `CryptoKey`", "type": "class", "name": "CryptoKey", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "properties": [ { "textRaw": "`cryptoKey.algorithm`", "name": "algorithm", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "\nAn object detailing the algorithm for which the key can be used along with\nadditional algorithm-specific parameters.
\nRead-only.
" }, { "textRaw": "`extractable` Type: {boolean}", "type": "boolean", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "When true
, the <CryptoKey> can be extracted using either\nsubtleCrypto.exportKey()
or subtleCrypto.wrapKey()
.
Read-only.
" }, { "textRaw": "`type` Type: {string} One of `'secret'`, `'private'`, or `'public'`.", "type": "string", "name": "Type", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "A string identifying whether the key is a symmetric ('secret'
) or\nasymmetric ('private'
or 'public'
) key.
An array of strings identifying the operations for which the\nkey may be used.
\nThe possible usages are:
\n'encrypt'
- The key may be used to encrypt data.'decrypt'
- The key may be used to decrypt data.'sign'
- The key may be used to generate digital signatures.'verify'
- The key may be used to verify digital signatures.'deriveKey'
- The key may be used to derive a new key.'deriveBits'
- The key may be used to derive bits.'wrapKey'
- The key may be used to wrap another key.'unwrapKey'
- The key may be used to unwrap another key.Valid key usages depend on the key algorithm (identified by\ncryptokey.algorithm.name
).
Key Type | \n'encrypt' | \n'decrypt' | \n'sign' | \n'verify' | \n'deriveKey' | \n'deriveBits' | \n'wrapKey' | \n'unwrapKey' | \n
---|---|---|---|---|---|---|---|---|
'AES-CBC' | \n✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n
'AES-CTR' | \n✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n
'AES-GCM' | \n✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n
'AES-KW' | \n\n | \n | \n | \n | \n | \n | ✔ | \n✔ | \n
'ECDH' | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n |
'ECDSA' | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
'HDKF' | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n |
'HMAC' | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
'PBKDF2' | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n |
'RSA-OAEP' | \n✔ | \n✔ | \n\n | \n | \n | \n | ✔ | \n✔ | \n
'RSA-PSS' | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
'RSASSA-PKCS1-v1_5' | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
'NODE-DSA' 1 | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
'NODE-DH' 1 | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n |
'NODE-SCRYPT' 1 | \n\n | \n | \n | \n | ✔ | \n✔ | \n\n | \n |
'NODE-ED25519' 1 | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
'NODE-ED448' 1 | \n\n | \n | ✔ | \n✔ | \n\n | \n | \n | \n |
1 Node.js-specific extension.
" } ] }, { "textRaw": "Class: `CryptoKeyPair`", "type": "class", "name": "CryptoKeyPair", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "desc": "The CryptoKeyPair
is a simple dictionary object with publicKey
and\nprivateKey
properties, representing an asymmetric key pair.
Using the method and parameters specified in algorithm
and the keying\nmaterial provided by key
, subtle.decrypt()
attempts to decipher the\nprovided data
. If successful, the returned promise will be resolved with\nan <ArrayBuffer> containing the plaintext result.
The algorithms currently supported include:
\n'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM
'algorithm
: <EcdhKeyDeriveParams> | <HkdfParams> | <Pbkdf2Params> | <NodeDhDeriveBitsParams> | <NodeScryptParams>baseKey
: <CryptoKey>length
: <number>Using the method and parameters specified in algorithm
and the keying\nmaterial provided by baseKey
, subtle.deriveBits()
attempts to generate\nlength
bits. The Node.js implementation requires that length
is a\nmultiple of 8
. If successful, the returned promise will be resolved with\nan <ArrayBuffer> containing the generated data.
The algorithms currently supported include:
\n'ECDH'
'HKDF'
'PBKDF2'
'NODE-DH'
1'NODE-SCRYPT'
11 Node.js-specific extension
" }, { "textRaw": "`subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)`", "type": "method", "name": "deriveKey", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "params": [] } ], "desc": "\nalgorithm
: <EcdhKeyDeriveParams> | <HkdfParams> | <Pbkdf2Params> | <NodeDhDeriveBitsParams> | <NodeScryptParams>baseKey
: <CryptoKey>derivedKeyAlgorithm
: <HmacKeyGenParams> | <AesKeyGenParams>extractable
: <boolean>keyUsages
: <string[]> See Key usages.Using the method and parameters specified in algorithm
, and the keying\nmaterial provided by baseKey
, subtle.deriveKey()
attempts to generate\na new <CryptoKey> based on the method and parameters in derivedKeyAlgorithm
.
Calling subtle.deriveKey()
is equivalent to calling subtle.deriveBits()
to\ngenerate raw keying material, then passing the result into the\nsubtle.importKey()
method using the deriveKeyAlgorithm
, extractable
, and\nkeyUsages
parameters as input.
The algorithms currently supported include:
\n'ECDH'
'HKDF'
'PBKDF2'
'NODE-DH'
1NODE-SCRYPT'
11 Node.js-specific extension
" }, { "textRaw": "`subtle.digest(algorithm, data)`", "type": "method", "name": "digest", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "return": { "textRaw": "Returns: {Promise} containing {ArrayBuffer}", "name": "return", "type": "Promise", "desc": "containing {ArrayBuffer}" }, "params": [ { "textRaw": "`algorithm`: {string|Object}", "name": "algorithm", "type": "string|Object" }, { "textRaw": "`data`: {ArrayBuffer|TypedArray|DataView|Buffer}", "name": "data", "type": "ArrayBuffer|TypedArray|DataView|Buffer" } ] } ], "desc": "Using the method identified by algorithm
, subtle.digest()
attempts to\ngenerate a digest of data
. If successful, the returned promise is resolved\nwith an <ArrayBuffer> containing the computed digest.
If algorithm
is provided as a <string>, it must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If algorithm
is provided as an <Object>, it must have a name
property\nwhose value is one of the above.
Using the method and parameters specified by algorithm
and the keying\nmaterial provided by key
, subtle.encrypt()
attempts to encipher data
.\nIf successful, the returned promise is resolved with an <ArrayBuffer>\ncontaining the encrypted result.
The algorithms currently supported include:
\n'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM
'Exports the given key into the specified format, if supported.
\nIf the <CryptoKey> is not extractable, the returned promise will reject.
\nWhen format
is either 'pkcs8'
or 'spki'
and the export is successful,\nthe returned promise will be resolved with an <ArrayBuffer> containing the\nexported key data.
When format
is 'jwk'
and the export is successful, the returned promise\nwill be resolved with a JavaScript object conforming to the JSON Web Key\nspecification.
The special 'node.keyObject'
value for format
is a Node.js-specific\nextension that allows converting a <CryptoKey> into a Node.js <KeyObject>.
Key Type | \n'spki' | \n'pkcs8' | \n'jwk' | \n'raw' | \n
---|---|---|---|---|
'AES-CBC' | \n\n | \n | ✔ | \n✔ | \n
'AES-CTR' | \n\n | \n | ✔ | \n✔ | \n
'AES-GCM' | \n\n | \n | ✔ | \n✔ | \n
'AES-KW' | \n\n | \n | ✔ | \n✔ | \n
'ECDH' | \n✔ | \n✔ | \n✔ | \n✔ | \n
'ECDSA' | \n✔ | \n✔ | \n✔ | \n✔ | \n
'HDKF' | \n\n | \n | \n | \n |
'HMAC' | \n\n | \n | ✔ | \n✔ | \n
'PBKDF2' | \n\n | \n | \n | \n |
'RSA-OAEP' | \n✔ | \n✔ | \n✔ | \n\n |
'RSA-PSS' | \n✔ | \n✔ | \n✔ | \n\n |
'RSASSA-PKCS1-v1_5' | \n✔ | \n✔ | \n✔ | \n\n |
'NODE-DSA' 1 | \n✔ | \n✔ | \n\n | \n |
'NODE-DH' 1 | \n✔ | \n✔ | \n\n | \n |
'NODE-SCRYPT' 1 | \n\n | \n | \n | \n |
'NODE-ED25519' 1 | \n✔ | \n✔ | \n✔ | \n✔ | \n
'NODE-ED448' 1 | \n✔ | \n✔ | \n✔ | \n✔ | \n
1 Node.js-specific extension
" }, { "textRaw": "`subtle.generateKey(algorithm, extractable, keyUsages)`", "type": "method", "name": "generateKey", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "params": [] } ], "desc": "\nalgorithm
: <RsaHashedKeyGenParams> | <EcKeyGenParams> | <HmacKeyGenParams> | <AesKeyGenParams> | <NodeDsaKeyGenParams> | <NodeDhKeyGenParams> | <NodeEdKeyGenParams>extractable
: <boolean>keyUsages
: <string[]> See Key usages.Using the method and parameters provided in algorithm
, subtle.generateKey()
\nattempts to generate new keying material. Depending the method used, the method\nmay generate either a single <CryptoKey> or a <CryptoKeyPair>.
The <CryptoKeyPair> (public and private key) generating algorithms supported\ninclude:
\n'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'RSA-OAEP'
'ECDSA'
'ECDH'
'NODE-DSA'
1'NODE-DH'
1'NODE-ED25519'
1'NODE-ED448'
1The <CryptoKey> (secret key) generating algorithms supported include:
\n'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
1 Non-standard Node.js extension
" }, { "textRaw": "`subtle.importKey(format, keyData, algorithm, extractable, keyUsages)`", "type": "method", "name": "importKey", "meta": { "added": [ "v15.0.0" ], "changes": [ { "version": "v15.9.0", "pr-url": "https://github.com/nodejs/node/pull/37203", "description": "Removed `'NODE-DSA'` JWK import." } ] }, "signatures": [ { "params": [ { "textRaw": "`format`: {string} Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, or `'node.keyObject'`.", "name": "format", "type": "string", "desc": "Must be one of `'raw'`, `'pkcs8'`, `'spki'`, `'jwk'`, or `'node.keyObject'`." }, { "textRaw": "`keyData`: {ArrayBuffer|TypedArray|DataView|Buffer|KeyObject}", "name": "keyData", "type": "ArrayBuffer|TypedArray|DataView|Buffer|KeyObject" } ] } ], "desc": "\nalgorithm
: <RsaHashedImportParams> | <EcKeyImportParams> | <HmacImportParams> | <AesImportParams> | <Pbkdf2ImportParams> | <NodeDsaImportParams> | <NodeDhImportParams> | <NodeScryptImportParams> | <NodeEdKeyImportParams>extractable
: <boolean>keyUsages
: <string[]> See Key usages.The subtle.importKey()
method attempts to interpret the provided keyData
\nas the given format
to create a <CryptoKey> instance using the provided\nalgorithm
, extractable
, and keyUsages
arguments. If the import is\nsuccessful, the returned promise will be resolved with the created <CryptoKey>.
The special 'node.keyObject'
value for format
is a Node.js-specific\nextension that allows converting a Node.js <KeyObject> into a <CryptoKey>.
If importing a 'PBKDF2'
key, extractable
must be false
.
The algorithms currently supported include:
\nKey Type | \n'spki' | \n'pkcs8' | \n'jwk' | \n'raw' | \n
---|---|---|---|---|
'AES-CBC' | \n\n | \n | ✔ | \n✔ | \n
'AES-CTR' | \n\n | \n | ✔ | \n✔ | \n
'AES-GCM' | \n\n | \n | ✔ | \n✔ | \n
'AES-KW' | \n\n | \n | ✔ | \n✔ | \n
'ECDH' | \n✔ | \n✔ | \n✔ | \n✔ | \n
'ECDSA' | \n✔ | \n✔ | \n✔ | \n✔ | \n
'HDKF' | \n\n | \n | \n | ✔ | \n
'HMAC' | \n\n | \n | ✔ | \n✔ | \n
'PBKDF2' | \n\n | \n | \n | ✔ | \n
'RSA-OAEP' | \n✔ | \n✔ | \n✔ | \n\n |
'RSA-PSS' | \n✔ | \n✔ | \n✔ | \n\n |
'RSASSA-PKCS1-v1_5' | \n✔ | \n✔ | \n✔ | \n\n |
'NODE-DSA' 1 | \n✔ | \n✔ | \n\n | \n |
'NODE-DH' 1 | \n✔ | \n✔ | \n\n | \n |
'NODE-SCRYPT' 1 | \n\n | \n | \n | ✔ | \n
'NODE-ED25519' 1 | \n✔ | \n✔ | \n✔ | \n✔ | \n
'NODE-ED448' 1 | \n✔ | \n✔ | \n✔ | \n✔ | \n
1 Node.js-specific extension
" }, { "textRaw": "`subtle.sign(algorithm, key, data)`", "type": "method", "name": "sign", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "params": [] } ], "desc": "\nalgorithm
: <RsaSignParams> | <RsaPssParams> | <EcdsaParams> | <HmacParams> | <NodeDsaSignParams>key
: <CryptoKey>data
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>Using the method and parameters given by algorithm
and the keying material\nprovided by key
, subtle.sign()
attempts to generate a cryptographic\nsignature of data
. If successful, the returned promise is resolved with\nan <ArrayBuffer> containing the generated signature.
The algorithms currently supported include:
\n'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'ECDSA'
'HMAC'
'NODE-DSA'
1'NODE-ED25519'
1'NODE-ED448'
11 Non-standard Node.js extension
" }, { "textRaw": "`subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)`", "type": "method", "name": "unwrapKey", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "params": [ { "textRaw": "`format`: {string} Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.", "name": "format", "type": "string", "desc": "Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`." }, { "textRaw": "`wrappedKey`: {ArrayBuffer|TypedArray|DataView|Buffer}", "name": "wrappedKey", "type": "ArrayBuffer|TypedArray|DataView|Buffer" }, { "textRaw": "`unwrappingKey`: {CryptoKey}", "name": "unwrappingKey", "type": "CryptoKey" } ] } ], "desc": "\nunwrapAlgo
: <RsaOaepParams> | <AesCtrParams> | <AesCbcParams> | <AesGcmParams> | <AesKwParams>unwrappedKeyAlgo
: <RsaHashedImportParams> | <EcKeyImportParams> | <HmacImportParams> | <AesImportParams>extractable
: <boolean>keyUsages
: <string[]> See Key usages.In cryptography, \"wrapping a key\" refers to exporting and then encrypting the\nkeying material. The subtle.unwrapKey()
method attempts to decrypt a wrapped\nkey and create a <CryptoKey> instance. It is equivalent to calling\nsubtle.decrypt()
first on the encrypted key data (using the wrappedKey
,\nunwrapAlgo
, and unwrappingKey
arguments as input) then passing the results\nin to the subtle.importKey()
method using the unwrappedKeyAlgo
,\nextractable
, and keyUsages
arguments as inputs. If successful, the returned\npromise is resolved with a <CryptoKey> object.
The wrapping algorithms currently supported include:
\n'RSA-OAEP'
'AES-CTR'
1'AES-CBC'
1'AES-GCM'
1'AES-KW'
1The unwrapped key algorithms supported include:
\n'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'RSA-OAEP'
'ECDSA'
'ECDH'
'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
'NODE-DSA'
1'NODE-DH'
11 Non-standard Node.js extension
" }, { "textRaw": "`subtle.verify(algorithm, key, signature, data)`", "type": "method", "name": "verify", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "params": [] } ], "desc": "\nalgorithm
: <RsaSignParams> | <RsaPssParams> | <EcdsaParams> | <HmacParams> | <NodeDsaSignParams>key
: <CryptoKey>signature
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>data
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>Using the method and parameters given in algorithm
and the keying material\nprovided by key
, subtle.verify()
attempts to verify that signature
is\na valid cryptographic signature of data
. The returned promise is resolved\nwith either true
or false
.
The algorithms currently supported include:
\n'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'ECDSA'
'HMAC'
'NODE-DSA'
1'NODE-ED25519'
1'NODE-ED448'
11 Non-standard Node.js extension
" }, { "textRaw": "`subtle.wrapKey(format, key, wrappingKey, wrapAlgo)`", "type": "method", "name": "wrapKey", "meta": { "added": [ "v15.0.0" ], "changes": [] }, "signatures": [ { "return": { "textRaw": "Returns: {Promise} containing {ArrayBuffer}", "name": "return", "type": "Promise", "desc": "containing {ArrayBuffer}" }, "params": [ { "textRaw": "`format`: {string} Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`.", "name": "format", "type": "string", "desc": "Must be one of `'raw'`, `'pkcs8'`, `'spki'`, or `'jwk'`." }, { "textRaw": "`key`: {CryptoKey}", "name": "key", "type": "CryptoKey" }, { "textRaw": "`wrappingKey`: {CryptoKey}", "name": "wrappingKey", "type": "CryptoKey" }, { "textRaw": "`wrapAlgo`: {RsaOaepParams|AesCtrParams|AesCbcParams|AesGcmParams|AesKwParams}", "name": "wrapAlgo", "type": "RsaOaepParams|AesCtrParams|AesCbcParams|AesGcmParams|AesKwParams" } ] } ], "desc": "In cryptography, \"wrapping a key\" refers to exporting and then encrypting the\nkeying material. The subtle.wrapKey()
method exports the keying material into\nthe format identified by format
, then encrypts it using the method and\nparameters specified by wrapAlgo
and the keying material provided by\nwrappingKey
. It is the equivalent to calling subtle.exportKey()
using\nformat
and key
as the arguments, then passing the result to the\nsubtle.encrypt()
method using wrappingKey
and wrapAlgo
as inputs. If\nsuccessful, the returned promise will be resolved with an <ArrayBuffer>\ncontaining the encrypted key data.
The wrapping algorithms currently supported include:
\n'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'