Open source

generateKey

The generateKey() generates a new cryptographic key and returns it as a CryptoKey object or a CryptoKeyPair object that can be used with the Web Crypto API.

Usage

generateKey(algorithm, extractable, keyUsages)

Parameters

NameTypeDescription
algorithma string or algorithm object with a single name stringThe type of key to generate. It can be either a string with any of the currently supported algorithms as a value or any of the generation key parameter objects.
extractablebooleanWhether the key can be exported using exportKey.
keyUsagesArray<string>An array of strings describing what operations can be performed with the key. Key usages could vary depending on the algorithm.

Supported algorithms

AES-CBCAES-CTRAES-GCMAES-KWECDHECDSAHMACRSA-OAEPRSASSA-PKCS1-v1_5RSA-PSS
AesCbcParamsAesCtrParamsAesGcmParamsEcdhKeyDeriveParamsEcdsaParamsHmacKeyGenParamsRsaHashedImportParamsRsaHashedImportParamsRsaHashedImportParams

Return Value

A Promise that resolves with the generated key as a CryptoKey object or a CryptoKeyPair object.

Algorithm specific input

HMACAESECDHECDSARSA-OAEPRSASSA-PKCS1-v1_5RSA-PSS
Parameters type to useHmacKeyGenParamsAesKeyGenParamsEcKeyGenParamsEcKeyGenParamsRSAHashedKeyGenParamsRSAHashedKeyGenParamsRSAHashedKeyGenParams
Possible key usagessign, verifyencrypt, decryptderiveKey, deriveBitssign, verifyencrypt, decryptsign, verifysign, verify

Throws

TypeDescription
SyntaxErrorRaised when the keyUsages parameter is empty, but the key is of type secret or private.

Example

JavaScript
export default async function () {
  const key = await crypto.subtle.generateKey(
    {
      name: 'AES-CBC',
      length: 256,
    },
    true,
    ['encrypt', 'decrypt']
  );

  console.log(JSON.stringify(key));
}