Using the method and parameters specified in algorithm and the keying material provided by key, subtle.decrypt() attempts to decipher the provided data. If successful, the returned promise will be resolved with an <ArrayBuffer> containing the plaintext result.

The algorithms currently supported include:

• 'RSA-OAEP'
• 'AES-CTR'
• 'AES-CBC'
• 'AES-GCM'

Using the method and parameters specified in algorithm and the keying material provided by baseKey, subtle.deriveBits() attempts to generate length bits. The Node.js implementation requires that when length is a number it must be multiple of 8. When length is null the maximum number of bits for a given algorithm is generated. This is allowed for the 'ECDH', 'X25519', and 'X448' algorithms. If successful, the returned promise will be resolved with an <ArrayBuffer> containing the generated data.

The algorithms currently supported include:

• 'ECDH'
• 'X25519'
• 'X448'
• 'HKDF'
• 'PBKDF2'

Using the method and parameters specified in algorithm, and the keying material provided by baseKey, subtle.deriveKey() attempts to generate a new <CryptoKey>based on the method and parameters inderivedKeyAlgorithm`.

Calling subtle.deriveKey() is equivalent to calling subtle.deriveBits() to generate raw keying material, then passing the result into the subtle.importKey() method using the deriveKeyAlgorithm, extractable, and keyUsages parameters as input.

The algorithms currently supported include:

• 'ECDH'
• 'X25519'
• 'X448'
• 'HKDF'
• 'PBKDF2'

Using the method identified by algorithm, subtle.digest() attempts to generate a digest of data. If successful, the returned promise is resolved with an <ArrayBuffer> containing the computed digest.

If algorithm is provided as a <string>, it must be one of:

• 'SHA-1'
• 'SHA-256'
• 'SHA-384'
• 'SHA-512'

If algorithm is provided as an <Object>, it must have a name property whose value is one of the above.

Using the method and parameters specified by algorithm and the keying material provided by key, subtle.encrypt() attempts to encipher data. If successful, the returned promise is resolved with an <ArrayBuffer> containing the encrypted result.

The algorithms currently supported include:

• 'RSA-OAEP'
• 'AES-CTR'
• 'AES-CBC'
• 'AES-GCM'

Exports the given key into the specified format, if supported.

If the <CryptoKey> is not extractable, the returned promise will reject.

When format is either 'pkcs8' or 'spki' and the export is successful, the returned promise will be resolved with an <ArrayBuffer> containing the exported key data.

When format is 'jwk' and the export is successful, the returned promise will be resolved with a JavaScript object conforming to the JSON Web Key specification.

Using the method and parameters provided in algorithm, subtle.generateKey() attempts to generate new keying material. Depending the method used, the method may generate either a single <CryptoKey> or a <CryptoKeyPair>.

The <CryptoKeyPair> (public and private key) generating algorithms supported include:

• 'RSASSA-PKCS1-v1_5'

• 'RSA-PSS'

• 'RSA-OAEP'

• 'ECDSA'

• 'Ed25519'

• 'Ed448'

• 'ECDH'

• 'X25519'

• 'X448' The <CryptoKey> (secret key) generating algorithms supported include:

• 'HMAC'

• 'AES-CTR'

• 'AES-CBC'

• 'AES-GCM'

• 'AES-KW'

The subtle.importKey() method attempts to interpret the provided keyData as the given format to create a <CryptoKey> instance using the provided algorithm, extractable, and keyUsages arguments. If the import is successful, the returned promise will be resolved with the created <CryptoKey>.

If importing a 'PBKDF2' key, extractable must be false.

Using the method and parameters given by algorithm and the keying material provided by key, subtle.sign() attempts to generate a cryptographic signature of data. If successful, the returned promise is resolved with an <ArrayBuffer> containing the generated signature.

The algorithms currently supported include:

• 'RSASSA-PKCS1-v1_5'
• 'RSA-PSS'
• 'ECDSA'
• 'Ed25519'
• 'Ed448'
• 'HMAC'

In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material. The subtle.unwrapKey() method attempts to decrypt a wrapped key and create a <CryptoKey> instance. It is equivalent to calling subtle.decrypt() first on the encrypted key data (using the wrappedKey, unwrapAlgo, and unwrappingKey arguments as input) then passing the results in to the subtle.importKey() method using the unwrappedKeyAlgo, extractable, and keyUsages arguments as inputs. If successful, the returned promise is resolved with a <CryptoKey> object.

The wrapping algorithms currently supported include:

• 'RSA-OAEP'
• 'AES-CTR'
• 'AES-CBC'
• 'AES-GCM'
• 'AES-KW'

The unwrapped key algorithms supported include:

• 'RSASSA-PKCS1-v1_5'
• 'RSA-PSS'
• 'RSA-OAEP'
• 'ECDSA'
• 'Ed25519'
• 'Ed448'
• 'ECDH'
• 'X25519'
• 'X448'
• 'HMAC'
• 'AES-CTR'
• 'AES-CBC'
• 'AES-GCM'
• 'AES-KW'

Using the method and parameters given in algorithm and the keying material provided by key, subtle.verify() attempts to verify that signature is a valid cryptographic signature of data. The returned promise is resolved with either true or false.

The algorithms currently supported include:

• 'RSASSA-PKCS1-v1_5'
• 'RSA-PSS'
• 'ECDSA'
• 'Ed25519'
• 'Ed448'
• 'HMAC'

In cryptography, "wrapping a key" refers to exporting and then encrypting the keying material. The subtle.wrapKey() method exports the keying material into the format identified by format, then encrypts it using the method and parameters specified by wrapAlgo and the keying material provided by wrappingKey. It is the equivalent to calling subtle.exportKey() using format and key as the arguments, then passing the result to the subtle.encrypt() method using wrappingKey and wrapAlgo as inputs. If successful, the returned promise will be resolved with an <ArrayBuffer> containing the encrypted key data.

The wrapping algorithms currently supported include:

• 'RSA-OAEP'
• 'AES-CTR'
• 'AES-CBC'
• 'AES-GCM'
• 'AES-KW'