Class “SubtleCrypto”
Provides a subset of the cryptographic functions in the SubtleCrypto W3C standard.
Type: | SubtleCrypto extends Object |
Constructor: | private |
Singleton: | No |
Namespace: | global |
Direct subclasses: | None |
JSX Support: | No |
Methods
decrypt(algorithm, key, data)
Decrypts the given raw data. Currently only supports the AES-GCM algorithm.
Parameter | Type | Description |
---|---|---|
algorithm | { |
|
key | CryptoKey |
|
data | ArrayBuffer | TypedArray |
Returns: Promise<ArrayBuffer>
deriveBits(algorithm, baseKey, length, options?)
Takes a base key and derives an array of bits from it using the Elliptic Curve Diffie-Hellman (ECDH) algorithm.
Parameter | Type | Description |
---|---|---|
algorithm | { |
|
baseKey | CryptoKey |
|
length | number |
|
options | { |
Optional. |
Returns: Promise<ArrayBuffer>
deriveBits(algorithm, baseKey, length)
Takes a base key and derives an array of bits from it using the HKDF algorithm.
Parameter | Type | Description |
---|---|---|
algorithm | { |
|
baseKey | CryptoKey |
|
length | number |
Returns: Promise<ArrayBuffer>
deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages, options?)
Takes a base key and derives a secret key from it using the Elliptic Curve Diffie-Hellman (ECDH) algorithm.
Parameter | Type | Description |
---|---|---|
algorithm | { |
|
baseKey | CryptoKey |
|
derivedKeyAlgorithm | {name: 'AES-GCM', length: number} |
|
extractable | boolean |
|
keyUsages | string[] |
|
options | { |
Optional. |
deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)
Takes a base key and derives a secret key from it using the HKDF algorithm.
Parameter | Type | Description |
---|---|---|
algorithm | { |
|
baseKey | CryptoKey |
|
derivedKeyAlgorithm | {name: 'AES-GCM', length: number} |
|
extractable | boolean |
|
keyUsages | string[] |
digest(algorithm, data)
Provides the digest value of the given data as an ArrayBuffer. Fo this the method uses the hashing algorithms provided by the operating system.
Parameter | Type | Description |
---|---|---|
algorithm | 'SHA-1' |
A string defining the hash function to use. |
data | TypedArray | ArrayBuffer |
The data to be digested. |
Returns: Promise<ArrayBuffer>
encrypt(algorithm, key, data)
Encrypts the given raw data. Currently only supports the AES-GCM algorithm.
Parameter | Type | Description |
---|---|---|
algorithm | { |
|
key | CryptoKey |
|
data | ArrayBuffer | TypedArray |
Returns: Promise<ArrayBuffer>
exportKey(format, key)
Converts CryptoKey
instances into a portable format. If the key’s extractable
is set to true
, returns the raw key material in SPKI format or as raw bytes. If the key’s extractable
is set to false
, for ECDSA and ECDH keys returns an opaque handle to the key in the device’s trusted execution environment, and throws for other key formats.
Parameter | Type | Description |
---|---|---|
format | 'raw' | 'spki' |
|
key | CryptoKey |
Returns: Promise<ArrayBuffer>
generateKey(algorithm, extractable, keyUsages, options?)
Generates new keys. Currently only supports the Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA) algorithms to generate key pairs. When extractable
is set to true
, the raw key material can be exported using exportKey
. When extractable
is set to false
, for ECDSA and ECDH keys exportKey
returns an opaque handle to the key in the device’s trusted execution environment, and throws for other key formats.
Parameter | Type | Description |
---|---|---|
algorithm | {name: 'ECDH' | 'ECDSA', namedCurve: 'P-256'} |
|
extractable | boolean |
|
keyUsages | string[] |
|
options | { |
Optional. |
Returns: Promise<{privateKey: CryptoKey, publicKey: CryptoKey}>
importKey(format, keyData, algorithm, extractable, keyUsages)
Takes an external key in a portable format and returns a CryptoKey object that can be used with the SubtleCrypto API. Keys may be in spki or pkcs8 format.
Parameter | Type | Description |
---|---|---|
format | 'spki' |
|
keyData | ArrayBuffer | TypedArray |
|
algorithm | {name: 'ECDH' | 'ECDSA', namedCurve: 'P-256'} |
|
extractable | boolean |
|
keyUsages | string[] |
sign(algorithm, key, data, options?)
Signs the given data. Currently only supports creating ECDSA signatures in DER format.
Parameter | Type | Description |
---|---|---|
algorithm | {name: 'ECDSAinDERFormat', hash: 'SHA-256'} |
|
key | CryptoKey |
|
data | ArrayBuffer | TypedArray |
|
options | { |
Optional. |
Returns: Promise<ArrayBuffer>
verify(algorithm, key, signature, data)
Verifies the given signature against the data. Currently only supports verifying ECDSA signatures in DER format.
Parameter | Type | Description |
---|---|---|
algorithm | {name: 'ECDSAinDERFormat', hash: 'SHA-256'} |
|
key | CryptoKey |
|
signature | ArrayBuffer | TypedArray |
|
data | ArrayBuffer | TypedArray |