Window.crypto

The read-only Window.crypto property returns the Crypto object associated to the global object. This object allows web pages access to certain cryptographic related services. Although the property itself is read-only, all of its methods (and the methods of its child object, SubtleCrypto) are not read-only, and therefore vulnerable to attack by polyfill.

Although window.crypto is available on all windows, the returned Crypto object only has one usable feature in insecure contexts: the getRandomValues() method. In general, you should use this API only in secure contexts.

Syntax

let cryptoObj = window.crypto || window.msCrypto; // for IE 11

Value

An instance of the Crypto interface, providing access to general-purpose cryptography and a strong random-number generator.

Example

This example uses the Window.crypto property to access the getRandomValues() method.

JavaScript

genRandomNumbers = function getRandomNumbers() {
  const array = new Uint32Array(10);
  window.crypto.getRandomValues(array);

  const randText = document.getElementById("myRandText");
  randText.textContent = "The random numbers are: "
  for (let i = 0; i < array.length; i++) {
    randText.textContent += array[i] + " ";
  }
}

HTML

<p id="myRandText">The random numbers are: </p>
<button type="button" onClick='genRandomNumbers()'>Generate 10 random numbers</button>

Result

Specifications

Specification Status Comment
Web Cryptography API
The definition of 'Window.crypto' in that specification.		 Recommendation Initial definition

Browser compatibility

BCD tables only load in the browser

See also