WebIDLpartial interface mixin WindowOrWorkerGlobalScope { [SameObject] readonly attribute Crypto crypto; }; [Exposed=(Window,Worker)] interface Crypto { [SecureContext] readonly attribute SubtleCrypto subtle; ArrayBufferView getRandomValues(ArrayBufferView array); [SecureContext] DOMString randomUUID(); }; WebIDLtypedef (object or DOMString) AlgorithmIdentifier; typedef AlgorithmIdentifier HashAlgorithmIdentifier; dictionary Algorithm { required DOMString name; }; WebIDLdictionary KeyAlgorithm { required DOMString name; }; WebIDLenum KeyType { "public", "private", "secret" }; enum KeyUsage { "encrypt", "decrypt", "sign", "verify", "deriveKey", "deriveBits", "wrapKey", "unwrapKey" }; [SecureContext,Exposed=(Window,Worker),Serializable] interface CryptoKey { readonly attribute KeyType type; readonly attribute boolean extractable; readonly attribute object algorithm; readonly attribute object usages; }; WebIDLenum KeyFormat { "raw", "spki", "pkcs8", "jwk" }; [SecureContext,Exposed=(Window,Worker)] interface SubtleCrypto { Promise encrypt(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data); Promise decrypt(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data); Promise sign(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource data); Promise verify(AlgorithmIdentifier algorithm, CryptoKey key, BufferSource signature, BufferSource data); Promise digest(AlgorithmIdentifier algorithm, BufferSource data); Promise generateKey(AlgorithmIdentifier algorithm, boolean extractable, sequence keyUsages ); Promise deriveKey(AlgorithmIdentifier algorithm, CryptoKey baseKey, AlgorithmIdentifier derivedKeyType, boolean extractable, sequence keyUsages ); Promise deriveBits(AlgorithmIdentifier algorithm, CryptoKey baseKey, unsigned long length); Promise importKey(KeyFormat format, (BufferSource or JsonWebKey) keyData, AlgorithmIdentifier algorithm, boolean extractable, sequence keyUsages ); Promise exportKey(KeyFormat format, CryptoKey key); Promise wrapKey(KeyFormat format, CryptoKey key, CryptoKey wrappingKey, AlgorithmIdentifier wrapAlgorithm); Promise unwrapKey(KeyFormat format, BufferSource wrappedKey, CryptoKey unwrappingKey, AlgorithmIdentifier unwrapAlgorithm, AlgorithmIdentifier unwrappedKeyAlgorithm, boolean extractable, sequence keyUsages ); }; WebIDLdictionary RsaOtherPrimesInfo { // The following fields are defined in Section 6.3.2.7 of JSON Web Algorithms DOMString r; DOMString d; DOMString t; }; dictionary JsonWebKey { // The following fields are defined in Section 3.1 of JSON Web Key DOMString kty; DOMString use; sequence key_ops; DOMString alg; // The following fields are defined in JSON Web Key Parameters Registration boolean ext; // The following fields are defined in Section 6 of JSON Web Algorithms DOMString crv; DOMString x; DOMString y; DOMString d; DOMString n; DOMString e; DOMString p; DOMString q; DOMString dp; DOMString dq; DOMString qi; sequence oth; DOMString k; }; WebIDLtypedef Uint8Array BigInteger; WebIDLdictionary CryptoKeyPair { CryptoKey publicKey; CryptoKey privateKey; }; WebIDLdictionary RsaKeyGenParams : Algorithm { required [EnforceRange] unsigned long modulusLength; required BigInteger publicExponent; }; WebIDLdictionary RsaHashedKeyGenParams : RsaKeyGenParams { required HashAlgorithmIdentifier hash; }; WebIDLdictionary RsaKeyAlgorithm : KeyAlgorithm { required unsigned long modulusLength; required BigInteger publicExponent; }; WebIDLdictionary RsaHashedKeyAlgorithm : RsaKeyAlgorithm { required KeyAlgorithm hash; }; WebIDLdictionary RsaHashedImportParams : Algorithm { required HashAlgorithmIdentifier hash; }; WebIDLdictionary RsaPssParams : Algorithm { required [EnforceRange] unsigned long saltLength; }; WebIDLdictionary RsaOaepParams : Algorithm { BufferSource label; }; WebIDLdictionary EcdsaParams : Algorithm { required HashAlgorithmIdentifier hash; }; WebIDLtypedef DOMString NamedCurve; dictionary EcKeyGenParams : Algorithm { required NamedCurve namedCurve; }; WebIDLdictionary EcKeyAlgorithm : KeyAlgorithm { required NamedCurve namedCurve; }; WebIDLdictionary EcKeyImportParams : Algorithm { required NamedCurve namedCurve; }; WebIDLdictionary EcdhKeyDeriveParams : Algorithm { required CryptoKey public; }; WebIDLdictionary AesCtrParams : Algorithm { required BufferSource counter; required [EnforceRange] octet length; }; WebIDLdictionary AesKeyAlgorithm : KeyAlgorithm { required unsigned short length; }; WebIDLdictionary AesKeyGenParams : Algorithm { required [EnforceRange] unsigned short length; }; WebIDLdictionary AesDerivedKeyParams : Algorithm { required [EnforceRange] unsigned short length; }; WebIDLdictionary AesCbcParams : Algorithm { required BufferSource iv; }; WebIDLdictionary AesGcmParams : Algorithm { required BufferSource iv; BufferSource additionalData; [EnforceRange] octet tagLength; }; WebIDLdictionary HmacImportParams : Algorithm { required HashAlgorithmIdentifier hash; [EnforceRange] unsigned long length; }; WebIDLdictionary HmacKeyAlgorithm : KeyAlgorithm { required KeyAlgorithm hash; required unsigned long length; }; WebIDLdictionary HmacKeyGenParams : Algorithm { required HashAlgorithmIdentifier hash; [EnforceRange] unsigned long length; }; WebIDLdictionary HkdfParams : Algorithm { required HashAlgorithmIdentifier hash; required BufferSource salt; required BufferSource info; }; WebIDLdictionary Pbkdf2Params : Algorithm { required BufferSource salt; required [EnforceRange] unsigned long iterations; required HashAlgorithmIdentifier hash; };