SubtleCrypto.generateKey()

在此页

句法
范例
规范
浏览器兼容性
另请参阅
相关话题

安全上下文
此特征只可用于安全上下文 (HTTPS)，在某些或所有支持浏览器 .

使用 generateKey() 方法在 SubtleCrypto interface to generate a new key (for symmetric algorithms) or key pair (for public-key algorithms).

句法

const result = crypto.subtle.generateKey(algorithm, extractable, keyUsages);

参数

algorithm is a dictionary object defining the type of key to generate and providing extra algorithm-specific parameters.
- For RSASSA-PKCS1-v1_5 , RSA-PSS ，或 RSA-OAEP : pass an RsaHashedKeyGenParams 对象。
- For ECDSA or ECDH : pass an EcKeyGenParams 对象。
- For HMAC : pass an HmacKeyGenParams 对象。
- For AES-CTR , AES-CBC , AES-GCM ，或 AES-KW : pass an AesKeyGenParams 对象。
extractable 是 布尔 indicating whether it will be possible to export the key using SubtleCrypto.exportKey() or SubtleCrypto.wrapKey() .
keyUsages 是 数组 indicating what can be done with the newly generated key. Possible values for array elements are:
- encrypt : The key may be used to encrypt messages.
- decrypt : The key may be used to decrypt messages.
- sign : The key may be used to sign messages.
- verify : The key may be used to verify signatures.
- deriveKey : The key may be used in deriving a new key .
- deriveBits : The key may be used in deriving bits .
- wrapKey : The key may be used to wrap a key .
- unwrapKey : The key may be used to unwrap a key .

返回值

result 是 Promise that fulfills with a CryptoKey (for symmetric algorithms) or a CryptoKeyPair (for public-key algorithms).

异常

The promise is rejected when the following exception is encountered:

SyntaxError: Raised when the result is a CryptoKey 类型 secret or private but keyUsages is empty.
SyntaxError: Raised when the result is a CryptoKeyPair 及其 privateKey.usages attribute is empty.

范例

注意 : You can try the working examples on GitHub.

RSA key pair generation

This code generates an RSA-OAEP encryption key pair. See the complete code on GitHub.

let keyPair = window.crypto.subtle.generateKey(
  {
    name: "RSA-OAEP",
    modulusLength: 4096,
    publicExponent: new Uint8Array([1, 0, 1]),
    hash: "SHA-256"
  },
  true,
  ["encrypt", "decrypt"]
);

Elliptic curve key pair generation

This code generates an ECDSA signing key pair. See the complete code on GitHub.

let keyPair = window.crypto.subtle.generateKey(
  {
    name: "ECDSA",
    namedCurve: "P-384"
  },
  true,
  ["sign", "verify"]
);

HMAC key generation

This code generates an HMAC signing key. See the complete code on GitHub.

let key = window.crypto.subtle.generateKey(
  {
    name: "HMAC",
    hash: {name: "SHA-512"}
  },
  true,
  ["sign", "verify"]
);

AES key generation

This code generates an AES-GCM encryption key. See the complete code on GitHub.

let key = window.crypto.subtle.generateKey(
  {
    name: "AES-GCM",
    length: 256
  },
  true,
  ["encrypt", "decrypt"]
);

规范

规范	状态	注释
Web Cryptography API The definition of 'SubtleCrypto.generateKey()' in that specification.	推荐	初始定义。

浏览器兼容性

The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request. 更新 GitHub 上的兼容性数据

	桌面						移动
	Chrome	Edge	Firefox	Internet Explorer	Opera	Safari	Android webview	Chrome for Android	Firefox for Android	Opera for Android	Safari on iOS	Samsung Internet
`generateKey`	Chrome 37	Edge 部分支持 12 部分支持 12 Not supported: RSA-PSS, ECDSA, ECDH. Not supported: AES-CTR.	Firefox 34 34 不支持 32 — 34 Disabled Disabled ). To change preferences in Firefox, visit	IE 部分支持 11 部分支持 11 返回 `KeyOperation` 而不是 `Promise`	Opera 24	Safari 7	WebView Android 37	Chrome Android 37	Firefox Android 34 34 不支持 32 — 34 Disabled Disabled ). To change preferences in Firefox, visit	Opera Android 24	Safari iOS 7	Samsung Internet Android 6.0

图例

完整支持
部分支持

用户必须明确启用此特征。

另请参阅

元数据

最后修改： Mar 23, 2020

Web 加密 API
SubtleCrypto
方法
1. decrypt()
2. deriveBits()
3. deriveKey()
4. digest()
5. encrypt()
6. exportKey()
7. generateKey()
8. importKey()
9. sign()
10. unwrapKey()
11. verify()
12. wrapKey()
Related pages for Web Crypto API

在此页

句法

参数

返回值

异常

范例