Web Crypto API

The Web Crypto API is an interface allowing a script to use cryptographic primitives in order to build systems using cryptography.

Note: This feature is available in Web Workers

Warning: The Web Crypto API provides a number of low-level cryptographic primitives. It's very easy to misuse them, and the pitfalls involved can be very subtle.

Even assuming you use the basic cryptographic functions correctly, secure key management and overall security system design are extremely hard to get right, and are generally the domain of specialist security experts.

Errors in security system design and implementation can make the security of the system completely ineffective.

If you're not sure you know what you are doing, you probably shouldn't be using this API.

Interfaces

Some browsers implemented an interface called Crypto without having it well defined or being cryptographically sound. In order to avoid confusion, methods and properties of this interface have been removed from browsers implementing the Web Crypto API, and all Web Crypto API methods are available on a new interface: SubtleCrypto. The Crypto.subtle property gives access to an object implementing it.

Specifications

Specification
Web Cryptography API

Browser compatibility

Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari WebView Android Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet
Web_Crypto_API
11
12
26
11
15
5
≤37
18
26
14
5
1.0
getRandomValues
11
12
26
11
15
5
≤37
18
26
14
5
1.0
randomUUID
92
92
No
No
78
No
92
92
No
No
No
16.0
subtle
37
12
34
11
24
11
7-11.1
37
37
34
24
11
7-11.3
3.0

BCD tables only load in the browser

© 2005–2021 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API