SubtleCrypto.generateKey()

Secure context

This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

Use the generateKey() method of the SubtleCrypto interface to generate a new key (for symmetric algorithms) or key pair (for public-key algorithms).

Syntax

const result = crypto.subtle.generateKey(algorithm, extractable, keyUsages);

Parameters

Return value

Exceptions

The promise is rejected when the following exception is encountered:

SyntaxError
Raised when the result is a CryptoKey of type secret or private but keyUsages is empty.
SyntaxError
Raised when the result is a CryptoKeyPair and its privateKey.usages attribute is empty.

Examples

Note: You can try the working examples on GitHub.

RSA key pair generation

This code generates an RSA-OAEP encryption key pair. See the complete code on GitHub.

let keyPair = window.crypto.subtle.generateKey(
  {
    name: "RSA-OAEP",
    modulusLength: 4096,
    publicExponent: new Uint8Array([1, 0, 1]),
    hash: "SHA-256"
  },
  true,
  ["encrypt", "decrypt"]
);

Elliptic curve key pair generation

This code generates an ECDSA signing key pair. See the complete code on GitHub.

let keyPair = window.crypto.subtle.generateKey(
  {
    name: "ECDSA",
    namedCurve: "P-384"
  },
  true,
  ["sign", "verify"]
);

HMAC key generation

This code generates an HMAC signing key. See the complete code on GitHub.

let key = window.crypto.subtle.generateKey(
  {
    name: "HMAC",
    hash: {name: "SHA-512"}
  },
  true,
  ["sign", "verify"]
);

AES key generation

This code generates an AES-GCM encryption key. See the complete code on GitHub.

let key = window.crypto.subtle.generateKey(
  {
    name: "AES-GCM",
    length: 256
  },
  true,
  ["encrypt", "decrypt"]
);

Specifications

Specification Status Comment
Web Cryptography API
The definition of 'SubtleCrypto.generateKey()' in that specification.
Recommendation Initial definition.

Browser compatibility

BCD tables only load in the browser

See also