Supported algorithms

Different algorithms are supported for the different functions provided by the Web Crypto API. Also, depending of the context, these algorithms needs parameters or they will raise a SyntaxError. This pages lists the context, the available algorithms and the required parameters.

Key generation algorithms

AES-CBC

It represents AES in Cipher Block Chaining mode. For key generation, it uses PKCS #7 as the padding method.

Key usages for keys generated with this method are restricted to "encrypt", "decrypt", "wrapKey" or "unwrapKey". If any other usage is requested for the key generated with this method, the key generation aborts with a SyntaxError.

The returned key is a CryptoKey.

The AES-CBC algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "AES-CBC".
"length", an unsigned integer containing the length of the key (in bits). If the value is not 128, 192 or 256, an OperationError is thrown.

AES-CTR

It represents AES in Counter Mode.

The returned key is a CryptoKey.

The AES-CBC algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "AES-CTR".
"length", an unsigned integer containing the length of the key (in bits). If the value is not 128, 192 or 256, an OperationError is thrown.

AES-GCM

It represents AES in Galois/Counter Mode.

The returned key is a CryptoKey.

The AES-GCM algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "AES-GCM".
"length", an unsigned integer containing the length of the key (in bits). If the value is not 128, 192 or 256, an OperationError is thrown.

RSA-OAEP

It represents RSAES-OAEP algorithm, using a SHA hash functions and a MGF1 mask generating function.

The returned key is a CryptoKeyPair.

The RSA-OAEP algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "RSA-OAEP".
"hash", a HashAlgorithmIdentifier with the hash algorithm to use.

AES-KW

It represents the key wrapping in AES algorithm.

Key usages for keys generated with this method are restricted to "wrapKey" or "unwrapKey". If any other usage is requested for the key generated with this method, the key generation aborts with a SyntaxError.

The returned key is a CryptoKey.

The AES-KW algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "AES-KW".
"length", an unsigned integer containing the length of the key (in bits). If the value is not 128, 192 or 256, an OperationError is thrown.

HMAC

It represents the hash-based message authentication method using SHA hash functions.

Key usages for keys generated with this method are restricted to "sign" or "verify". If any other usage is requested for the key generated with this method, the key generation aborts with a SyntaxError.

The returned key is a CryptoKey.

The HMAC algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "HMAC".
"hash", a HashAlgorithmIdentifier, the hash algorithm to use.
"length", an optional positive integer indicating the size of the key to generate. If not provided, the size of the block of the hash function is used.

RSASSA-PKCS1-v1_5

It represents RSASA-PKCS1_v1_5 algorithm, using a SHA hash function.

Key usages for keys generated with this method are restricted to "sign", "verify". If any other usage is requested for the key generated with this method, the key generation aborts with a SyntaxError.

The returned key is a CryptoKeyPair.

The RSASA-PKCS1-v1_5 algorithm must be described using a dictionary with the following parameters:

"name", a DOMString containing "RSASA-PKCS-v1_5".
"hash", a HashAlgorithmIdentifier with the hash algorithm to use.

ECDSA

ECDH

DH

Key generation algorithms

Document Tags and Contributors