Home

WebCrypto

WebCrypto, short for the Web Cryptography API, is a web standard that exposes cryptographic primitives to web applications within a browser. It enables client-side encryption, decryption, digital signatures, and key management in a secure, sandboxed environment, without external plug-ins. The API is accessed through the global Crypto interface and its subtle property, window.crypto.subtle, which provides asynchronous, Promise-based methods for cryptographic operations.

Core concepts include CryptoKey objects representing keys, which may be generated or imported; keys can be

Supported operations cover key generation, import and export, key derivation, encryption and decryption, digital signing and

Usage considerations include the strong security model: private key material can be non-exportable, keys have specific

History and status: developed by standards bodies such as W3C and WHATWG, WebCrypto has broad support in

non-exportable
to
protect
sensitive
material.
All
operations
are
performed
in
the
browser's
cryptographic
context
and
do
not
reveal
key
material
unless
explicitly
exported
in
allowed
forms.
verification,
and
message
digests.
The
API
supports
a
range
of
algorithms,
including
AES
(GCM,
CBC,
CTR,
KW
for
key
wrapping),
HMAC,
RSA
(OAEP
for
encryption,
RSASSA-PKCS1-v1_5
and
RSASSA-PSS
for
signatures),
ECDSA
and
ECDH,
HKDF,
PBKDF2,
and
hash
algorithms
such
as
SHA-256,
SHA-384,
and
SHA-512.
Not
all
algorithms
are
available
in
all
browsers.
usages,
and
operations
are
often
performed
asynchronously.
WebCrypto
is
intended
for
cryptographic
primitives
rather
than
high-level
protocols,
and
developers
should
implement
proper
security
designs
and
rely
on
TLS
for
transport
security.
major
browsers,
with
varying
support
for
complete
algorithm
sets
across
versions.
It
is
widely
used
to
implement
client-side
encryption,
integrity
checks,
and
signature
workflows
in
web
applications.