Web 加密 API is an interface allowing a script to use cryptographic primitives in order to build systems using cryptography.
警告: The Web Crypto API provides a number of low-level cryptographic primitives. It's very easy to misuse them, and the pitfalls involved can be very subtle.
Even assuming you use the basic cryptographic functions correctly, secure key management and overall security system design are extremely hard to get right, and are generally the domain of specialist security experts.
Errors in security system design and implementation can make the security of the system completely ineffective.
If you're not sure you know what you are doing, you probably shouldn't be using this API.
Some browsers implemented an interface called
Crypto
without having it well defined or being cryptographically sound. In order to avoid confusion, methods and properties of this interface have been removed from browsers implementing the Web Crypto API, and all Web Crypto API methods are available on a new interface:
SubtleCrypto
。
Crypto.subtle
property gives access to an object implementing it.
| 规范 | 状态 | 注释 |
|---|---|---|
| Web Cryptography API | 推荐 | 初始定义 |
Crypto
| 桌面 | 移动 | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Crypto
|
Chrome 11 | Edge 12 | Firefox 26 | IE 11 | Opera 15 | Safari 6.1 | WebView Android Yes | Chrome Android 18 | Firefox Android 26 | Opera Android 14 | Safari iOS 6.1 | Samsung Internet Android 1.0 |
getRandomValues()
|
Chrome 11 | Edge 12 | Firefox 26 | IE 11 | Opera 15 | Safari 6.1 | WebView Android ≤37 | Chrome Android 18 | Firefox Android 26 | Opera Android 14 | Safari iOS 6.1 | Samsung Internet Android 1.0 |
subtle
|
Chrome 37 | Edge 12 |
Firefox
34
|
IE 部分支持 11 | Opera 24 |
Safari
10.1
|
WebView Android 37 | Chrome Android 37 |
Firefox Android
34
|
Opera Android 24 |
Safari iOS
10.3
|
Samsung Internet Android 3.0 |
完整支持
部分支持
实验。期望将来行为有所改变。
用户必须明确启用此特征。
要求使用供应商前缀或不同名称。