安全上下文
此特征只可用于
安全上下文
(HTTPS),在某些或所有
支持浏览器
.
sign()
方法在
SubtleCrypto
interface generates a digital
signature
.
It takes as its arguments a
key
to sign with, some algorithm-specific parameters, and the data to sign. It returns a
Promise
which will be fulfilled with the signature.
You can use the corresponding
SubtleCrypto.verify()
method to verify the signature.
const signature = crypto.subtle.sign(algorithm, key, data);
algorithm
is a string or object that specifies the signature algorithm to use and its parameters:
"RSASSA-PKCS1-v1_5"
or an object of the form
{ "name": "RSASSA-PKCS1-v1_5" }
.
RsaPssParams
对象。
EcdsaParams
对象。
"HMAC"
or an object of the form
{ "name": "HMAC" }
.
key
是
CryptoKey
object containing the key to be used for signing. If algorithm identifies a public-key cryptosystem, this is the private key.
data
是
ArrayBuffer
or
ArrayBufferView
object containing the data to be signed.
signature
是
Promise
that fulfills with an
ArrayBuffer
containing the signature.
The promise is rejected when the following exception is encountered:
InvalidAccessError
Raised when the signing key is not a key for the request signing algorithm or when trying to use an algorithm that is either unknown or isn't suitable for signing.
The Web Crypto API provides four algorithms that can be used for signing and signature verification.
Three of these algorithms — RSASSA-PKCS1-v1_5, RSA-PSS, and ECDSA — are
public-key cryptosystems
that use the private key for signing and the public key for verification. These systems all use a
digest algorithm
to hash the message to a short fixed size before signing. The choice of digest algorithm is passed into the
generateKey()
or
importKey()
函数。
The fourth algorithm — HMAC — uses the same algorithm and key for signing and for verification: this means that the verification key must be kept secret, which in turn means that this algorithm is not suitable for many signature use cases. It can be a good choice however when the signer and verifier are the same entity.
The RSASSA-PKCS1-v1_5 algorithm is specified in RFC 3447 .
The RSA-PSS algorithm is specified in RFC 3447 .
It's different from RSASSA-PKCS1-v1_5 in that it incorporates a random salt in the signature operation, so the same message signed with the same key will not result in the same signature each time. An extra property, defining the salt length, is passed into the
sign()
and
verify()
functions when they are invoked.
ECDSA (Elliptic Curve Digital Signature Algorithm) is a variant of the Digital Signature Algorithm, specified in FIPS-186 , that uses Elliptic Curve Cryptography ( RFC 6090 ).
The HMAC algorithm calculates and verifies hash-based message authentication codes according to the FIPS 198-1 standard .
The digest algorithm to use is specified in the
HmacKeyGenParams
object that you pass into
generateKey()
,或
HmacImportParams
object that you pass into
importKey()
.
注意 : You can try the working examples out on GitHub.
This code fetches the contents of a text box, encodes it for signing, and signs it with a private key. See the complete source code on GitHub.
/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for the sign operation.
*/
function getMessageEncoding() {
const messageBox = document.querySelector(".rsassa-pkcs1 #message");
let message = messageBox.value;
let enc = new TextEncoder();
return enc.encode(message);
}
let encoded = getMessageEncoding();
let signature = await window.crypto.subtle.sign(
"RSASSA-PKCS1-v1_5",
privateKey,
encoded
);
This code fetches the contents of a text box, encodes it for signing, and signs it with a private key. See the complete source code on GitHub.
/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for the sign operation.
*/
function getMessageEncoding() {
const messageBox = document.querySelector(".rsa-pss #message");
let message = messageBox.value;
let enc = new TextEncoder();
return enc.encode(message);
}
let encoded = getMessageEncoding();
let signature = await window.crypto.subtle.sign(
{
name: "RSA-PSS",
saltLength: 32,
},
privateKey,
encoded
);
This code fetches the contents of a text box, encodes it for signing, and signs it with a private key. See the complete source code on GitHub.
/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for the sign operation.
*/
function getMessageEncoding() {
const messageBox = document.querySelector(".ecdsa #message");
let message = messageBox.value;
let enc = new TextEncoder();
return enc.encode(message);
}
let encoded = getMessageEncoding();
let signature = await window.crypto.subtle.sign(
{
name: "ECDSA",
hash: {name: "SHA-384"},
},
privateKey,
encoded
);
This code fetches the contents of a text box, encodes it for signing, and signs it with a secret key. See the complete source code on GitHub.
/*
Fetch the contents of the "message" textbox, and encode it
in a form we can use for the sign operation.
*/
function getMessageEncoding() {
const messageBox = document.querySelector(".hmac #message");
let message = messageBox.value;
let enc = new TextEncoder();
return enc.encode(message);
}
let encoded = getMessageEncoding();
let signature = await window.crypto.subtle.sign(
"HMAC",
key,
encoded
);
| 规范 | 状态 | 注释 |
|---|---|---|
|
Web Cryptography API
The definition of 'SubtleCrypto.sign()' in that specification. |
推荐 | 初始定义。 |
| 桌面 | 移动 | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
sign
|
Chrome 37 |
Edge
部分支持
12
|
Firefox
34
|
IE
部分支持
11
|
Opera 24 | Safari 7 | WebView Android 37 | Chrome Android 37 |
Firefox Android
34
|
Opera Android 24 | Safari iOS 7 | Samsung Internet Android 6.0 |
完整支持
部分支持
见实现注意事项。
用户必须明确启用此特征。
SubtleCrypto.verify()
.
SubtleCrypto