The SubtleCrypto.encrypt() method returns a Promise of the encrypted data corresponding to the plaintext data, algorithm and key given as parameters.
Syntax
var result = crypto.encrypt(algorithm, key, data);
Parameters
algorithmis an object specifying the encryption function to be used and its parameters; if there are no parameters, algorithm can be aDOMStringwith the algorithm name. Supported values¹ are:{"name": "AES-CBC", iv}whereivis a 16-byteBufferSourceinitialization vector (generated byRandomSource.getRandomValues()).{"name": "AES-CTR", counter, length} where counter is an initialised 16-byteBufferSourcecounter block, and length is the length (in bits) of the part of the counter block that is incremented.{"name": "AES-GCM", iv[, additionalData, tagLength]}whereivis aBufferSourceinitialization vector up to 2⁶⁴−1 bytes long;additionalDatais aBufferSourceauthentication data andtagLengthis the length of the authentication tag.{"name": "RSA-OAEP"[, label]} where label is an optional label to associate with the message.
keyis aCryptoKeycontaining the key to be used for signing.datais aBufferSourcecontaining the data to be encrypted, the plaintext.
Return value
resultis aPromisethat returns the ciphertext generated by the encryption of the plaintext as anArrayBuffer.
Exceptions
The promise is rejected when the following exceptions are encountered:
- InvalidAccessError
- when the requested operation is not valid for the provided key (e.g. invalid encryption algorithm, or invalid key for specified encryption algorithm).
- OperationError
- when the operation failed for an operation-specific reason (e.g. algorithm parameters of invalid sizes, or AES-GCM plaintext longer than 2³⁹−256 bytes).
Example
const ptUtf8 = new TextEncoder().encode('my plaintext');
const pwUtf8 = new TextEncoder().encode('my password');
const pwHash = await crypto.subtle.digest('SHA-256', pwUtf8);
const iv = crypto.getRandomValues(new Uint8Array(12));
const alg = { name: 'AES-GCM', iv: iv };
const key = await crypto.subtle.importKey('raw', pwHash, alg, false, ['encrypt']);
const ctBuffer = await crypto.subtle.encrypt(alg, key, ptUtf8);
The password and the iv will be required for the SubtleCrypto.decrypt() operation.
Specifications
| Specification | Status | Comment |
|---|---|---|
| Web Cryptography API The definition of 'SubtleCrypto.encrypt()' in that specification. |
Recommendation | Initial definition. |
Browser compatibility
| Feature | Chrome | Edge | Firefox (Gecko) | Internet Explorer | Opera | Safari |
|---|---|---|---|---|---|---|
| Basic support | 37 | (Yes) | 34 (34) | No support | ? | No support |
| Feature | Android | Chrome for Android | Edge | Firefox Mobile (Gecko) | IE Mobile | Opera Mobile | Safari Mobile |
|---|---|---|---|---|---|---|---|
| Basic support | (Yes) | 37 | (Yes) | 34.0 (34) | No support | ? | No support |
See also
CryptoandCrypto.subtle.SubtleCrypto, the interface it belongs to.
Document Tags and Contributors
Tags:
Contributors to this page:
chrisveness,
abbycar,
Wladimir_Palant,
pstricker,
TheRealJZ,
teoli,
kjannis
Last updated by:
chrisveness,