Defines the data format of the key to import. Depending on the algorithm and key type, the data format could vary. Currently supported formats are raw, jwk, spki, and pkcs8.
ECDH and ECDSA algorithms have support for pkcs8, spki, raw and jwk formats.
RSA-OAEP, RSASSA-PKCS1-v1_5 and RSA-PSS algorithms have support for pkcs8, spki and jwk formats.
AES-* and HMAC algorithms have currently support for raw and jwk formats.
Return Value
A Promise that resolves with the imported key as a CryptoKey object.
Throws
Type
Description
SyntaxError
Raised when the keyUsages parameter is empty but the key is of type secret or private.
TypeError
Raised when trying to use an invalid format, or if the keyData is not suited for that format.
Examples
Round-trip key export/import
JavaScript
import{ crypto }from'k6/experimental/webcrypto';exportdefaultasyncfunction(){/**
* Generate a symmetric key using the AES-CBC algorithm.
*/const generatedKey =await crypto.subtle.generateKey({name:'AES-CBC',length:'256',},true,['encrypt','decrypt']);/**
* Export the key in raw format.
*/const exportedKey =await crypto.subtle.exportKey('raw', generatedKey);/**
* Reimport the key in raw format to verify its integrity.
*/const importedKey =await crypto.subtle.importKey('raw', exportedKey,'AES-CBC',true,['encrypt','decrypt',]);
console.log(JSON.stringify(importedKey));}
Import a static raw key and decrypt transmitted data
This example demonstrates how to import a static raw key and decrypt some transmitted data in base64. The transmitted data in this example represents an initialization vector and encoded data, and in a real-world scenario, it can be a response body or other data received from a request.
JavaScript
import{ crypto }from'k6/experimental/webcrypto';import{ b64decode }from'k6/encoding';exportdefaultasyncfunction(){const transmittedData =base64Decode('whzEN310mrlWIH/icf0dMquRZ2ENyfOzkvPuu92WR/9F8dbeFM8EGUVNIhaS');// keyData is the key used to decrypt the data, which is usually stored in a secure location// for this example, we are using a static keyconst keyData =newUint8Array([109,151,76,33,232,253,176,90,94,40,146,227,139,208,245,139,69,215,55,197,43,122,160,178,228,104,4,115,138,159,119,49,]);try{const result =awaitdecrypt(keyData, transmittedData);// should output decrypted message// INFO[0000] result: 'my secret message' source=console
console.log("result: '"+ result +"'");}catch(e){
console.log('Error: '+JSON.stringify(e));}}constdecrypt=async(keyData, transmittedData)=>{const initializeVectorLength =12;// the first 12 bytes are the initialization vectorconst iv =newUint8Array(transmittedData.subarray(0, initializeVectorLength));// the rest of the transmitted data is the encrypted dataconst encryptedData =newUint8Array(transmittedData.subarray(initializeVectorLength));const importedKey =await crypto.subtle.importKey('raw',
keyData,{name:'AES-GCM',length:'256'},true,['decrypt']);const plain =await crypto.subtle.decrypt({name:'AES-GCM',iv: iv },
importedKey,
encryptedData
);returnarrayBufferToString(plain);};constarrayBufferToString=(buffer)=>{return String.fromCharCode.apply(null,newUint8Array(buffer));};constbase64Decode=(base64String)=>{returnnewUint8Array(b64decode(base64String));};
Import a static JWK key and decrypt transmitted data
This example is similar to the previous one. It demonstrates how to import a static jwk key and decrypt some transmitted data (which contains the initialization vector and encoded data) in base64.
JavaScript
import{ crypto }from'k6/experimental/webcrypto';import{ b64decode }from'k6/encoding';exportdefaultasyncfunction(){// transmitted data is the base64 of the initialization vector + encrypted data// that unusually transmitted over the networkconst transmittedData =base64Decode('drCfxl4O+5FcrHe8Bs0CvKlw3gZpv+S5if3zn7c4BJzHJ35QDFV4sJB0pbDT');// keyData is the key used to decrypt the data, which is usually stored in a secure location// for this example, we are using a static keyconst jwkKeyData ={kty:'oct',ext:true,key_ops:['decrypt','encrypt'],alg:'A256GCM',k:'9Id_8iG6FkGOWmc1S203vGVnTExtpDGxdQN7v7OV9Uc',};try{const result =awaitdecrypt(jwkKeyData, transmittedData);// should output decrypted message// INFO[0000] result: 'my secret message' source=console
console.log("result: '"+ result +"'");}catch(e){
console.log('Error: '+JSON.stringify(e));}}constdecrypt=async(keyData, transmittedData)=>{const initializeVectorLength =12;// the first 12 bytes are the initialization vectorconst iv =newUint8Array(transmittedData.subarray(0, initializeVectorLength));// the rest of the transmitted data is the encrypted dataconst encryptedData =newUint8Array(transmittedData.subarray(initializeVectorLength));const importedKey =await crypto.subtle.importKey('jwk',
keyData,{name:'AES-GCM',length:256},true,['encrypt','decrypt']);const plain =await crypto.subtle.decrypt({name:'AES-GCM',iv: iv },
importedKey,
encryptedData
);returnarrayBufferToString(plain);};constarrayBufferToString=(buffer)=>{return String.fromCharCode.apply(null,newUint8Array(buffer));};constbase64Decode=(base64String)=>{returnnewUint8Array(b64decode(base64String));};