sign method

Returns an object that can sign data using the specified algorithm and a Key object.




var retVal = SubtleCrypto.sign(algorithm, key, buffer);


algorithm [in]

Type: any

An object specifying the cryptographic signature or message authentication algorithm to use (along with any required algorithmic parameters).

key [in]

Type: Key

The signing or message authentication key.

buffer [in, optional]

Type: ArrayBufferView

The data to be signed via the key specified by the key parameter. If this parameter is specified, the returned operation will immediately complete and return the signature. Otherwise, the caller is expected to perform the following tasks:

  1. Provide data through any number of calls to the process method of the CryptoOperation object returned by this (sign) method.
  2. Call the finish method (on this same CryptoOperation object) when done entering data via the process method.

Once the above two steps are completed, the operation will be completed and the signature returned.

Return value

Type: CryptoOperation

An object that asynchronously returns a cryptographic signature or message authentication code.


The sign method supports the following cryptographic algorithms:

  • RSASSA-PKCS1-v1_5
  • HMAC


<!DOCTYPE html>

  <h1>sign Method</h1>
    Open <a href="">F12 Tools</a> (press F12) to see the
    results of this demo in the <a href="">Console</a>.
    "use strict";

    var pubKey;
    var privKey;
    var data = new Uint8Array([0, 1, 2, 3, 4, 5, 6, 7, 8, 9]); // The data to be signed.
    var encryptedData;
    var decryptedData;
    var crypto = window.msCrypto;

    if (crypto.subtle) {
      var genOp = crypto.subtle.generateKey({
        name: "RSASSA-PKCS1-v1_5",
        modulusLength: 2048, 
        publicExponent: new Uint8Array([0x01, 0x00, 0x01]) },
        ["encrypt", "decrypt"]);

      genOp.onerror = function (e) { console.log("genOp.onerror event handler fired."); }

      genOp.oncomplete = function (e) {
        pubKey =;
        privKey =;

        if (pubKey && privKey) {
          console.log("generateKey() RSASSA-PKCS1-v1_5: PASS");
        } else {
          console.log("generateKey() RSASSA-PKCS1-v1_5: FAIL");
        } // if-else          

        var signkey = crypto.subtle.sign({
          name: "RSASSA-PKCS1-v1_5",
          hash: "SHA-256"},

        signkey.onerror = function (evt) {
          console.error("signkey.onerror event handler fired.");

        signkey.oncomplete = function (evt) {
          var signature =;

          if (signature) {
            console.log("Sign with RSASSA-PKCS1-v1_5 - SHA-256: PASS");
          } else {
            console.error("Sign with RSASSA-PKCS1-v1_5 - SHA-256: FAIL");

          var verifysig = crypto.subtle.verify({
            name: "RSASSA-PKCS1-v1_5",
            hash: "SHA-256"},

          verifysig.onerror = function (evt) {
            console.error("verifysig.onerror event handler fired.");

          verifysig.oncomplete = function (evt) {
            var verified =;

            if (verified) {
              console.log("Verify operation for RSASSA-PKCS1-v1_5 - SHA-256: PASS");
            } else {
              console.error("Verify operation for RSASSA-PKCS1-v1_5 - SHA-256: FAIL");
            } // if-else
          }; // verifysig.oncomplete
        }; // signkey.oncomplete
      }; // genOp.oncomplete
    else {
      document.getElementsByTagName('body')[0].innerHTML = "<h2>Web Cryptography API not supported - please update your browser.</h2>";
    } // if-else, (crypto.subtle)

See also




© 2014 Microsoft