- assert断言
- async_hooks异步钩子
- async_hooks/context异步上下文
- buffer缓冲区
- C++插件
- C/C++插件(使用Node-API)
- C++嵌入器
- child_process子进程
- cluster集群
- CLI命令行
- console控制台
- Corepack核心包
- crypto加密
- crypto/webcrypto网络加密
- debugger调试器
- deprecation弃用
- dgram数据报
- diagnostics_channel诊断通道
- dns域名服务器
- domain域
- Error错误
- events事件触发器
- fs文件系统
- global全局变量
- http超文本传输协议
- http2超文本传输协议2.0
- https安全超文本传输协议
- inspector检查器
- Intl国际化
- module模块
- module/cjsCommonJS模块
- module/esmECMAScript模块
- module/package包模块
- net网络
- os操作系统
- path路径
- perf_hooks性能钩子
- permission权限
- policy安全策略
- process进程
- punycode域名代码
- querystring查询字符串
- readline逐行读取
- repl交互式解释器
- report诊断报告
- stream流
- stream/web网络流
- string_decoder字符串解码器
- test测试
- timers定时器
- tls安全传输层
- trace_events跟踪事件
- tty终端
- url网址
- util实用工具
- v8引擎
- vm虚拟机
- wasi网络汇编系统接口
- worker_threads工作线程
- zlib压缩
Node.js v18.15.0 文档
- Node.js 18.15.0
-
►
目录
- crypto/webcrypto 网络加密
- 示例
- 算法矩阵
Crypto
类CryptoKey
类CryptoKeyPair
类SubtleCrypto
类subtle.decrypt(algorithm, key, data)
subtle.deriveBits(algorithm, baseKey, length)
subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)
subtle.digest(algorithm, data)
subtle.encrypt(algorithm, key, data)
subtle.exportKey(format, key)
subtle.generateKey(algorithm, extractable, keyUsages)
subtle.importKey(format, keyData, algorithm, extractable, keyUsages)
subtle.sign(algorithm, key, data)
subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)
subtle.verify(algorithm, key, signature, data)
subtle.wrapKey(format, key, wrappingKey, wrapAlgo)
- 算法参数
AlgorithmIdentifier
类AesCbcParams
类AesCtrParams
类AesGcmParams
类AesKeyGenParams
类EcdhKeyDeriveParams
类EcdsaParams
类EcKeyGenParams
类EcKeyImportParams
类Ed448Params
类HkdfParams
类HmacImportParams
类HmacKeyGenParams
类Pbkdf2Params
类RsaHashedImportParams
类RsaHashedKeyGenParams
类RsaOaepParams
类RsaPssParams
类
- crypto/webcrypto 网络加密
-
►
索引
- assert 断言
- async_hooks 异步钩子
- async_hooks/context 异步上下文
- buffer 缓冲区
- C++插件
- C/C++插件(使用Node-API)
- C++嵌入器
- child_process 子进程
- cluster 集群
- CLI 命令行
- console 控制台
- Corepack 核心包
- crypto 加密
- crypto/webcrypto 网络加密
- debugger 调试器
- deprecation 弃用
- dgram 数据报
- diagnostics_channel 诊断通道
- dns 域名服务器
- domain 域
- Error 错误
- events 事件触发器
- fs 文件系统
- global 全局变量
- http 超文本传输协议
- http2 超文本传输协议2.0
- https 安全超文本传输协议
- inspector 检查器
- Intl 国际化
- module 模块
- module/cjs CommonJS模块
- module/esm ECMAScript模块
- module/package 包模块
- net 网络
- os 操作系统
- path 路径
- perf_hooks 性能钩子
- permission 权限
- policy 安全策略
- process 进程
- punycode 域名代码
- querystring 查询字符串
- readline 逐行读取
- repl 交互式解释器
- report 诊断报告
- stream 流
- stream/web 网络流
- string_decoder 字符串解码器
- test 测试
- timers 定时器
- tls 安全传输层
- trace_events 跟踪事件
- tty 终端
- url 网址
- util 实用工具
- v8 引擎
- vm 虚拟机
- wasi 网络汇编系统接口
- worker_threads 工作线程
- zlib 压缩
- ► 其他版本
- 文档搜索
目录
- crypto/webcrypto 网络加密
- 示例
- 算法矩阵
Crypto
类CryptoKey
类CryptoKeyPair
类SubtleCrypto
类subtle.decrypt(algorithm, key, data)
subtle.deriveBits(algorithm, baseKey, length)
subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)
subtle.digest(algorithm, data)
subtle.encrypt(algorithm, key, data)
subtle.exportKey(format, key)
subtle.generateKey(algorithm, extractable, keyUsages)
subtle.importKey(format, keyData, algorithm, extractable, keyUsages)
subtle.sign(algorithm, key, data)
subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)
subtle.verify(algorithm, key, signature, data)
subtle.wrapKey(format, key, wrappingKey, wrapAlgo)
- 算法参数
AlgorithmIdentifier
类AesCbcParams
类AesCtrParams
类AesGcmParams
类AesKeyGenParams
类EcdhKeyDeriveParams
类EcdsaParams
类EcKeyGenParams
类EcKeyImportParams
类Ed448Params
类HkdfParams
类HmacImportParams
类HmacKeyGenParams
类Pbkdf2Params
类RsaHashedImportParams
类RsaHashedKeyGenParams
类RsaOaepParams
类RsaPssParams
类
crypto/webcrypto 网络加密#
Node.js provides an implementation of the standard Web Crypto API.
Use require('node:crypto').webcrypto
to access this module.
const { subtle } = require('node:crypto').webcrypto;
(async function() {
const key = await subtle.generateKey({
name: 'HMAC',
hash: 'SHA-256',
length: 256,
}, true, ['sign', 'verify']);
const enc = new TextEncoder();
const message = enc.encode('I love cupcakes');
const digest = await subtle.sign({
name: 'HMAC',
}, key, message);
})();
示例#
生成密钥#
The <SubtleCrypto> class can be used to generate symmetric (secret) keys or asymmetric key pairs (public key and private key).
AES 密钥#
const { subtle } = require('node:crypto').webcrypto;
async function generateAesKey(length = 256) {
const key = await subtle.generateKey({
name: 'AES-CBC',
length,
}, true, ['encrypt', 'decrypt']);
return key;
}
ECDSA key pairs#
const { subtle } = require('node:crypto').webcrypto;
async function generateEcKey(namedCurve = 'P-521') {
const {
publicKey,
privateKey,
} = await subtle.generateKey({
name: 'ECDSA',
namedCurve,
}, true, ['sign', 'verify']);
return { publicKey, privateKey };
}
Ed25519/Ed448/X25519/X448 key pairs#
const { subtle } = require('node:crypto').webcrypto;
async function generateEd25519Key() {
return subtle.generateKey({
name: 'Ed25519',
}, true, ['sign', 'verify']);
}
async function generateX25519Key() {
return subtle.generateKey({
name: 'X25519',
}, true, ['deriveKey']);
}
HMAC 密钥#
const { subtle } = require('node:crypto').webcrypto;
async function generateHmacKey(hash = 'SHA-256') {
const key = await subtle.generateKey({
name: 'HMAC',
hash,
}, true, ['sign', 'verify']);
return key;
}
RSA 密钥对#
const { subtle } = require('node:crypto').webcrypto;
const publicExponent = new Uint8Array([1, 0, 1]);
async function generateRsaKey(modulusLength = 2048, hash = 'SHA-256') {
const {
publicKey,
privateKey,
} = await subtle.generateKey({
name: 'RSASSA-PKCS1-v1_5',
modulusLength,
publicExponent,
hash,
}, true, ['sign', 'verify']);
return { publicKey, privateKey };
}
加密与解密#
const crypto = require('node:crypto').webcrypto;
async function aesEncrypt(plaintext) {
const ec = new TextEncoder();
const key = await generateAesKey();
const iv = crypto.getRandomValues(new Uint8Array(16));
const ciphertext = await crypto.subtle.encrypt({
name: 'AES-CBC',
iv,
}, key, ec.encode(plaintext));
return {
key,
iv,
ciphertext,
};
}
async function aesDecrypt(ciphertext, key, iv) {
const dec = new TextDecoder();
const plaintext = await crypto.subtle.decrypt({
name: 'AES-CBC',
iv,
}, key, ciphertext);
return dec.decode(plaintext);
}
导出与导入密钥#
const { subtle } = require('node:crypto').webcrypto;
async function generateAndExportHmacKey(format = 'jwk', hash = 'SHA-512') {
const key = await subtle.generateKey({
name: 'HMAC',
hash,
}, true, ['sign', 'verify']);
return subtle.exportKey(format, key);
}
async function importHmacKey(keyData, format = 'jwk', hash = 'SHA-512') {
const key = await subtle.importKey(format, keyData, {
name: 'HMAC',
hash,
}, true, ['sign', 'verify']);
return key;
}
封装与解封密钥#
const { subtle } = require('node:crypto').webcrypto;
async function generateAndWrapHmacKey(format = 'jwk', hash = 'SHA-512') {
const [
key,
wrappingKey,
] = await Promise.all([
subtle.generateKey({
name: 'HMAC', hash,
}, true, ['sign', 'verify']),
subtle.generateKey({
name: 'AES-KW',
length: 256,
}, true, ['wrapKey', 'unwrapKey']),
]);
const wrappedKey = await subtle.wrapKey(format, key, wrappingKey, 'AES-KW');
return { wrappedKey, wrappingKey };
}
async function unwrapHmacKey(
wrappedKey,
wrappingKey,
format = 'jwk',
hash = 'SHA-512') {
const key = await subtle.unwrapKey(
format,
wrappedKey,
wrappingKey,
'AES-KW',
{ name: 'HMAC', hash },
true,
['sign', 'verify']);
return key;
}
签名与验证#
const { subtle } = require('node:crypto').webcrypto;
async function sign(key, data) {
const ec = new TextEncoder();
const signature =
await subtle.sign('RSASSA-PKCS1-v1_5', key, ec.encode(data));
return signature;
}
async function verify(key, signature, data) {
const ec = new TextEncoder();
const verified =
await subtle.verify(
'RSASSA-PKCS1-v1_5',
key,
signature,
ec.encode(data));
return verified;
}
派生位与密钥#
const { subtle } = require('node:crypto').webcrypto;
async function pbkdf2(pass, salt, iterations = 1000, length = 256) {
const ec = new TextEncoder();
const key = await subtle.importKey(
'raw',
ec.encode(pass),
'PBKDF2',
false,
['deriveBits']);
const bits = await subtle.deriveBits({
name: 'PBKDF2',
hash: 'SHA-512',
salt: ec.encode(salt),
iterations,
}, key, length);
return bits;
}
async function pbkdf2Key(pass, salt, iterations = 1000, length = 256) {
const ec = new TextEncoder();
const keyMaterial = await subtle.importKey(
'raw',
ec.encode(pass),
'PBKDF2',
false,
['deriveKey']);
const key = await subtle.deriveKey({
name: 'PBKDF2',
hash: 'SHA-512',
salt: ec.encode(salt),
iterations,
}, keyMaterial, {
name: 'AES-GCM',
length: 256,
}, true, ['encrypt', 'decrypt']);
return key;
}
摘要#
const { subtle } = require('node:crypto').webcrypto;
async function digest(data, algorithm = 'SHA-512') {
const ec = new TextEncoder();
const digest = await subtle.digest(algorithm, ec.encode(data));
return digest;
}
算法矩阵#
The table details the algorithms supported by the Node.js Web Crypto API implementation and the APIs supported for each:
Algorithm | generateKey | exportKey | importKey | encrypt | decrypt | wrapKey | unwrapKey | deriveBits | deriveKey | sign | verify | digest |
---|---|---|---|---|---|---|---|---|---|---|---|---|
'RSASSA-PKCS1-v1_5' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'RSA-PSS' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'RSA-OAEP' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'ECDSA' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'Ed25519' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'Ed448' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'ECDH' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'X25519' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'X448' 1 | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'AES-CTR' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'AES-CBC' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'AES-GCM' | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | |||||
'AES-KW' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'HMAC' | ✔ | ✔ | ✔ | ✔ | ✔ | |||||||
'HKDF' | ✔ | ✔ | ✔ | ✔ | ||||||||
'PBKDF2' | ✔ | ✔ | ✔ | ✔ | ||||||||
'SHA-1' | ✔ | |||||||||||
'SHA-256' | ✔ | |||||||||||
'SHA-384' | ✔ | |||||||||||
'SHA-512' | ✔ |
Crypto
类#
Calling require('node:crypto').webcrypto
returns an instance of the Crypto
class. Crypto
is a singleton that provides access to the remainder of the
crypto API.
crypto.subtle
#
- 类型: <SubtleCrypto>
Provides access to the SubtleCrypto
API.
crypto.getRandomValues(typedArray)
#
typedArray
<Buffer> | <TypedArray>- 返回: <Buffer> | <TypedArray>
Generates cryptographically strong random values. The given typedArray
is
filled with random values, and a reference to typedArray
is returned.
The given typedArray
must be an integer-based instance of <TypedArray>,
i.e. Float32Array
and Float64Array
are not accepted.
An error will be thrown if the given typedArray
is larger than 65,536 bytes.
crypto.randomUUID()
#
- 返回: <string>
Generates a random RFC 4122 version 4 UUID. The UUID is generated using a cryptographic pseudorandom number generator.
CryptoKey
类#
cryptoKey.algorithm
#
An object detailing the algorithm for which the key can be used along with additional algorithm-specific parameters.
Read-only.
cryptoKey.extractable
#
- 类型: <boolean>
When true
, the <CryptoKey> can be extracted using either
subtleCrypto.exportKey()
or subtleCrypto.wrapKey()
.
Read-only.
cryptoKey.type
#
- 类型: <string> One of
'secret'
,'private'
, or'public'
.
A string identifying whether the key is a symmetric ('secret'
) or
asymmetric ('private'
or 'public'
) key.
cryptoKey.usages
#
- 类型: <string[]>
An array of strings identifying the operations for which the key may be used.
The possible usages are:
'encrypt'
- The key may be used to encrypt data.'decrypt'
- The key may be used to decrypt data.'sign'
- The key may be used to generate digital signatures.'verify'
- The key may be used to verify digital signatures.'deriveKey'
- The key may be used to derive a new key.'deriveBits'
- The key may be used to derive bits.'wrapKey'
- The key may be used to wrap another key.'unwrapKey'
- The key may be used to unwrap another key.
Valid key usages depend on the key algorithm (identified by
cryptokey.algorithm.name
).
Key Type | 'encrypt' | 'decrypt' | 'sign' | 'verify' | 'deriveKey' | 'deriveBits' | 'wrapKey' | 'unwrapKey' |
---|---|---|---|---|---|---|---|---|
'AES-CBC' | ✔ | ✔ | ✔ | ✔ | ||||
'AES-CTR' | ✔ | ✔ | ✔ | ✔ | ||||
'AES-GCM' | ✔ | ✔ | ✔ | ✔ | ||||
'AES-KW' | ✔ | ✔ | ||||||
'ECDH' | ✔ | ✔ | ||||||
'X25519' 1 | ✔ | ✔ | ||||||
'X448' 1 | ✔ | ✔ | ||||||
'ECDSA' | ✔ | ✔ | ||||||
'Ed25519' 1 | ✔ | ✔ | ||||||
'Ed448' 1 | ✔ | ✔ | ||||||
'HDKF' | ✔ | ✔ | ||||||
'HMAC' | ✔ | ✔ | ||||||
'PBKDF2' | ✔ | ✔ | ||||||
'RSA-OAEP' | ✔ | ✔ | ✔ | ✔ | ||||
'RSA-PSS' | ✔ | ✔ | ||||||
'RSASSA-PKCS1-v1_5' | ✔ | ✔ |
CryptoKeyPair
类#
The CryptoKeyPair
is a simple dictionary object with publicKey
and
privateKey
properties, representing an asymmetric key pair.
cryptoKeyPair.privateKey
#
- 类型: <CryptoKey> A <CryptoKey> whose
type
will be'private'
.
cryptoKeyPair.publicKey
#
- 类型: <CryptoKey> A <CryptoKey> whose
type
will be'public'
.
SubtleCrypto
类#
subtle.decrypt(algorithm, key, data)
#
algorithm
: <RsaOaepParams> | <AesCtrParams> | <AesCbcParams> | <AesGcmParams>key
: <CryptoKey>data
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>- 返回: <Promise> containing <ArrayBuffer>
Using the method and parameters specified in algorithm
and the keying
material provided by key
, subtle.decrypt()
attempts to decipher the
provided data
. If successful, the returned promise will be resolved with
an <ArrayBuffer> containing the plaintext result.
The algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM
'
subtle.deriveBits(algorithm, baseKey, length)
#
algorithm
: <AlgorithmIdentifier> | <EcdhKeyDeriveParams> | <HkdfParams> | <Pbkdf2Params>baseKey
: <CryptoKey>length
: <number> | <null>- 返回: <Promise> containing <ArrayBuffer>
Using the method and parameters specified in algorithm
and the keying
material provided by baseKey
, subtle.deriveBits()
attempts to generate
length
bits.
The Node.js implementation requires that when length
is a
number it must be multiple of 8
.
When length
is null
the maximum number of bits for a given algorithm is
generated. This is allowed for the 'ECDH'
, 'X25519'
, and 'X448'
algorithms.
If successful, the returned promise will be resolved with an <ArrayBuffer> containing the generated data.
The algorithms currently supported include:
subtle.deriveKey(algorithm, baseKey, derivedKeyAlgorithm, extractable, keyUsages)
#
algorithm
: <AlgorithmIdentifier> | <EcdhKeyDeriveParams> | <HkdfParams> | <Pbkdf2Params>baseKey
: <CryptoKey>derivedKeyAlgorithm
: <HmacKeyGenParams> | <AesKeyGenParams>extractable
: <boolean>keyUsages
: <string[]> See Key usages.- 返回: <Promise> containing <CryptoKey>
Using the method and parameters specified in algorithm
, and the keying
material provided by baseKey
, subtle.deriveKey()
attempts to generate
a new <CryptoKey> based on the method and parameters in derivedKeyAlgorithm
.
Calling subtle.deriveKey()
is equivalent to calling subtle.deriveBits()
to
generate raw keying material, then passing the result into the
subtle.importKey()
method using the deriveKeyAlgorithm
, extractable
, and
keyUsages
parameters as input.
The algorithms currently supported include:
subtle.digest(algorithm, data)
#
algorithm
: <string> | <Object>data
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>- 返回: <Promise> containing <ArrayBuffer>
Using the method identified by algorithm
, subtle.digest()
attempts to
generate a digest of data
. If successful, the returned promise is resolved
with an <ArrayBuffer> containing the computed digest.
If algorithm
is provided as a <string>, it must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If algorithm
is provided as an <Object>, it must have a name
property
whose value is one of the above.
subtle.encrypt(algorithm, key, data)
#
algorithm
: <RsaOaepParams> | <AesCtrParams> | <AesCbcParams> | <AesGcmParams>key
: <CryptoKey>- 返回: <Promise> containing <ArrayBuffer>
Using the method and parameters specified by algorithm
and the keying
material provided by key
, subtle.encrypt()
attempts to encipher data
.
If successful, the returned promise is resolved with an <ArrayBuffer>
containing the encrypted result.
The algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM
'
subtle.exportKey(format, key)
#
format
: <string> Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.key
: <CryptoKey>- 返回: <Promise> containing <ArrayBuffer> | <Object>.
Exports the given key into the specified format, if supported.
If the <CryptoKey> is not extractable, the returned promise will reject.
When format
is either 'pkcs8'
or 'spki'
and the export is successful,
the returned promise will be resolved with an <ArrayBuffer> containing the
exported key data.
When format
is 'jwk'
and the export is successful, the returned promise
will be resolved with a JavaScript object conforming to the JSON Web Key
specification.
Key Type | 'spki' | 'pkcs8' | 'jwk' | 'raw' |
---|---|---|---|---|
'AES-CBC' | ✔ | ✔ | ||
'AES-CTR' | ✔ | ✔ | ||
'AES-GCM' | ✔ | ✔ | ||
'AES-KW' | ✔ | ✔ | ||
'ECDH' | ✔ | ✔ | ✔ | ✔ |
'ECDSA' | ✔ | ✔ | ✔ | ✔ |
'Ed25519' 1 | ✔ | ✔ | ✔ | ✔ |
'Ed448' 1 | ✔ | ✔ | ✔ | ✔ |
'HDKF' | ||||
'HMAC' | ✔ | ✔ | ||
'PBKDF2' | ||||
'RSA-OAEP' | ✔ | ✔ | ✔ | |
'RSA-PSS' | ✔ | ✔ | ✔ | |
'RSASSA-PKCS1-v1_5' | ✔ | ✔ | ✔ |
subtle.generateKey(algorithm, extractable, keyUsages)
#
algorithm
: <AlgorithmIdentifier> | <RsaHashedKeyGenParams> | <EcKeyGenParams> | <HmacKeyGenParams> | <AesKeyGenParams>
extractable
: <boolean>keyUsages
: <string[]> See Key usages.- 返回: <Promise> containing <CryptoKey> | <CryptoKeyPair>
Using the method and parameters provided in algorithm
, subtle.generateKey()
attempts to generate new keying material. Depending the method used, the method
may generate either a single <CryptoKey> or a <CryptoKeyPair>.
The <CryptoKeyPair> (public and private key) generating algorithms supported include:
The <CryptoKey> (secret key) generating algorithms supported include:
'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
subtle.importKey(format, keyData, algorithm, extractable, keyUsages)
#
format
: <string> Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.keyData
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer> | <Object>
algorithm
: <AlgorithmIdentifier> | <RsaHashedImportParams> | <EcKeyImportParams> | <HmacImportParams>
extractable
: <boolean>keyUsages
: <string[]> See Key usages.- 返回: <Promise> containing <CryptoKey>
The subtle.importKey()
method attempts to interpret the provided keyData
as the given format
to create a <CryptoKey> instance using the provided
algorithm
, extractable
, and keyUsages
arguments. If the import is
successful, the returned promise will be resolved with the created <CryptoKey>.
If importing a 'PBKDF2'
key, extractable
must be false
.
The algorithms currently supported include:
Key Type | 'spki' | 'pkcs8' | 'jwk' | 'raw' |
---|---|---|---|---|
'AES-CBC' | ✔ | ✔ | ||
'AES-CTR' | ✔ | ✔ | ||
'AES-GCM' | ✔ | ✔ | ||
'AES-KW' | ✔ | ✔ | ||
'ECDH' | ✔ | ✔ | ✔ | ✔ |
'X25519' 1 | ✔ | ✔ | ✔ | ✔ |
'X448' 1 | ✔ | ✔ | ✔ | ✔ |
'ECDSA' | ✔ | ✔ | ✔ | ✔ |
'Ed25519' 1 | ✔ | ✔ | ✔ | ✔ |
'Ed448' 1 | ✔ | ✔ | ✔ | ✔ |
'HDKF' | ✔ | |||
'HMAC' | ✔ | ✔ | ||
'PBKDF2' | ✔ | |||
'RSA-OAEP' | ✔ | ✔ | ✔ | |
'RSA-PSS' | ✔ | ✔ | ✔ | |
'RSASSA-PKCS1-v1_5' | ✔ | ✔ | ✔ |
subtle.sign(algorithm, key, data)
#
algorithm
: <AlgorithmIdentifier> | <RsaPssParams> | <EcdsaParams> | <Ed448Params>key
: <CryptoKey>data
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>- 返回: <Promise> containing <ArrayBuffer>
Using the method and parameters given by algorithm
and the keying material
provided by key
, subtle.sign()
attempts to generate a cryptographic
signature of data
. If successful, the returned promise is resolved with
an <ArrayBuffer> containing the generated signature.
The algorithms currently supported include:
subtle.unwrapKey(format, wrappedKey, unwrappingKey, unwrapAlgo, unwrappedKeyAlgo, extractable, keyUsages)
#
format
: <string> Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.wrappedKey
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>unwrappingKey
: <CryptoKey>
unwrapAlgo
: <AlgorithmIdentifier> | <RsaOaepParams> | <AesCtrParams> | <AesCbcParams> | <AesGcmParams>unwrappedKeyAlgo
: <AlgorithmIdentifier> | <RsaHashedImportParams> | <EcKeyImportParams> | <HmacImportParams>
extractable
: <boolean>keyUsages
: <string[]> See Key usages.- 返回: <Promise> containing <CryptoKey>
In cryptography, "wrapping a key" refers to exporting and then encrypting the
keying material. The subtle.unwrapKey()
method attempts to decrypt a wrapped
key and create a <CryptoKey> instance. It is equivalent to calling
subtle.decrypt()
first on the encrypted key data (using the wrappedKey
,
unwrapAlgo
, and unwrappingKey
arguments as input) then passing the results
in to the subtle.importKey()
method using the unwrappedKeyAlgo
,
extractable
, and keyUsages
arguments as inputs. If successful, the returned
promise is resolved with a <CryptoKey> object.
The wrapping algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
The unwrapped key algorithms supported include:
'RSASSA-PKCS1-v1_5'
'RSA-PSS'
'RSA-OAEP'
'ECDSA'
'Ed25519'
1'Ed448'
1'ECDH'
'X25519'
1'X448'
1'HMAC'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
subtle.verify(algorithm, key, signature, data)
#
algorithm
: <AlgorithmIdentifier> | <RsaPssParams> | <EcdsaParams> | <Ed448Params>key
: <CryptoKey>signature
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>data
: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>- 返回: <Promise> containing <boolean>
Using the method and parameters given in algorithm
and the keying material
provided by key
, subtle.verify()
attempts to verify that signature
is
a valid cryptographic signature of data
. The returned promise is resolved
with either true
or false
.
The algorithms currently supported include:
subtle.wrapKey(format, key, wrappingKey, wrapAlgo)
#
format
: <string> Must be one of'raw'
,'pkcs8'
,'spki'
, or'jwk'
.key
: <CryptoKey>wrappingKey
: <CryptoKey>wrapAlgo
: <AlgorithmIdentifier> | <RsaOaepParams> | <AesCtrParams> | <AesCbcParams> | <AesGcmParams>- 返回: <Promise> containing <ArrayBuffer>
In cryptography, "wrapping a key" refers to exporting and then encrypting the
keying material. The subtle.wrapKey()
method exports the keying material into
the format identified by format
, then encrypts it using the method and
parameters specified by wrapAlgo
and the keying material provided by
wrappingKey
. It is the equivalent to calling subtle.exportKey()
using
format
and key
as the arguments, then passing the result to the
subtle.encrypt()
method using wrappingKey
and wrapAlgo
as inputs. If
successful, the returned promise will be resolved with an <ArrayBuffer>
containing the encrypted key data.
The wrapping algorithms currently supported include:
'RSA-OAEP'
'AES-CTR'
'AES-CBC'
'AES-GCM'
'AES-KW'
算法参数#
The algorithm parameter objects define the methods and parameters used by the various <SubtleCrypto> methods. While described here as "classes", they are simple JavaScript dictionary objects.
AlgorithmIdentifier
类#
algorithmIdentifier.name
#
- 类型: <string>
AesCbcParams
类#
aesCbcParams.iv
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
Provides the initialization vector. It must be exactly 16-bytes in length and should be unpredictable and cryptographically random.
aesCbcParams.name
#
- 类型: <string> Must be
'AES-CBC'
.
AesCtrParams
类#
aesCtrParams.counter
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
The initial value of the counter block. This must be exactly 16 bytes long.
The AES-CTR
method uses the rightmost length
bits of the block as the
counter and the remaining bits as the nonce.
aesCtrParams.length
#
- 类型: <number> The number of bits in the
aesCtrParams.counter
that are to be used as the counter.
aesCtrParams.name
#
- 类型: <string> Must be
'AES-CTR'
.
AesGcmParams
类#
aesGcmParams.additionalData
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer> | <undefined>
With the AES-GCM method, the additionalData
is extra input that is not
encrypted but is included in the authentication of the data. The use of
additionalData
is optional.
aesGcmParams.iv
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
The initialization vector must be unique for every encryption operation using a given key.
Ideally, this is a deterministic 12-byte value that is computed in such a way that it is guaranteed to be unique across all invocations that use the same key. Alternatively, the initialization vector may consist of at least 12 cryptographically random bytes. For more information on constructing initialization vectors for AES-GCM, refer to Section 8 of NIST SP 800-38D.
aesGcmParams.name
#
- 类型: <string> Must be
'AES-GCM'
.
aesGcmParams.tagLength
#
- 类型: <number> The size in bits of the generated authentication tag.
This values must be one of
32
,64
,96
,104
,112
,120
, or128
. 默认值:128
。
AesKeyGenParams
类#
aesKeyGenParams.length
#
- 类型: <number>
The length of the AES key to be generated. This must be either 128
, 192
,
or 256
.
aesKeyGenParams.name
#
- 类型: <string> Must be one of
'AES-CBC'
,'AES-CTR'
,'AES-GCM'
, or'AES-KW'
EcdhKeyDeriveParams
类#
ecdhKeyDeriveParams.name
#
- 类型: <string> Must be
'ECDH'
,'X25519'
, or'X448'
.
ecdhKeyDeriveParams.public
#
- 类型: <CryptoKey>
ECDH key derivation operates by taking as input one parties private key and
another parties public key -- using both to generate a common shared secret.
The ecdhKeyDeriveParams.public
property is set to the other parties public
key.
EcdsaParams
类#
ecdsaParams.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
ecdsaParams.name
#
- 类型: <string> Must be
'ECDSA'
.
EcKeyGenParams
类#
ecKeyGenParams.name
#
- 类型: <string> Must be one of
'ECDSA'
or'ECDH'
.
ecKeyGenParams.namedCurve
#
- 类型: <string> Must be one of
'P-256'
,'P-384'
,'P-521'
.
EcKeyImportParams
类#
ecKeyImportParams.name
#
- 类型: <string> Must be one of
'ECDSA'
or'ECDH'
.
ecKeyImportParams.namedCurve
#
- 类型: <string> Must be one of
'P-256'
,'P-384'
,'P-521'
.
Ed448Params
类#
ed448Params.name
#
- 类型: <string> Must be
'Ed448'
.
ed448Params.context
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer> | <undefined>
The context
member represents the optional context data to associate with
the message.
The Node.js Web Crypto API implementation only supports zero-length context
which is equivalent to not providing context at all.
HkdfParams
类#
hkdfParams.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
hkdfParams.info
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
Provides application-specific contextual input to the HKDF algorithm. This can be zero-length but must be provided.
hkdfParams.name
#
- 类型: <string> Must be
'HKDF'
.
hkdfParams.salt
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
The salt value significantly improves the strength of the HKDF algorithm.
It should be random or pseudorandom and should be the same length as the
output of the digest function (for instance, if using 'SHA-256'
as the
digest, the salt should be 256-bits of random data).
HmacImportParams
类#
hmacImportParams.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
hmacImportParams.length
#
- 类型: <number>
The optional number of bits in the HMAC key. This is optional and should be omitted for most cases.
hmacImportParams.name
#
- 类型: <string> Must be
'HMAC'
.
HmacKeyGenParams
类#
hmacKeyGenParams.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
hmacKeyGenParams.length
#
- 类型: <number>
The number of bits to generate for the HMAC key. If omitted, the length will be determined by the hash algorithm used. This is optional and should be omitted for most cases.
hmacKeyGenParams.name
#
- 类型: <string> Must be
'HMAC'
.
Pbkdf2Params
类#
pbkdb2Params.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
pbkdf2Params.iterations
#
- 类型: <number>
The number of iterations the PBKDF2 algorithm should make when deriving bits.
pbkdf2Params.name
#
- 类型: <string> Must be
'PBKDF2'
.
pbkdf2Params.salt
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
Should be at least 16 random or pseudorandom bytes.
RsaHashedImportParams
类#
rsaHashedImportParams.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
rsaHashedImportParams.name
#
- 类型: <string> Must be one of
'RSASSA-PKCS1-v1_5'
,'RSA-PSS'
, or'RSA-OAEP'
.
RsaHashedKeyGenParams
类#
rsaHashedKeyGenParams.hash
#
If represented as a <string>, the value must be one of:
'SHA-1'
'SHA-256'
'SHA-384'
'SHA-512'
If represented as an <Object>, the object must have a name
property
whose value is one of the above listed values.
rsaHashedKeyGenParams.modulusLength
#
- 类型: <number>
The length in bits of the RSA modulus. As a best practice, this should be
at least 2048
.
rsaHashedKeyGenParams.name
#
- 类型: <string> Must be one of
'RSASSA-PKCS1-v1_5'
,'RSA-PSS'
, or'RSA-OAEP'
.
rsaHashedKeyGenParams.publicExponent
#
- 类型: <Uint8Array>
The RSA public exponent. This must be a <Uint8Array> containing a big-endian,
unsigned integer that must fit within 32-bits. The <Uint8Array> may contain an
arbitrary number of leading zero-bits. The value must be a prime number. Unless
there is reason to use a different value, use new Uint8Array([1, 0, 1])
(65537) as the public exponent.
RsaOaepParams
类#
rsaOaepParams.label
#
- 类型: <ArrayBuffer> | <TypedArray> | <DataView> | <Buffer>
An additional collection of bytes that will not be encrypted, but will be bound to the generated ciphertext.
The rsaOaepParams.label
parameter is optional.
rsaOaepParams.name
#
- 类型: <string> must be
'RSA-OAEP'
.
RsaPssParams
类#
rsaPssParams.name
#
- 类型: <string> Must be
'RSA-PSS'
.
rsaPssParams.saltLength
#
- 类型: <number>
The length (in bytes) of the random salt to use.