This section describes the support Internet Explorer 11 and later provides for the W3C Web Cryptography API.
Web Cryptography API objects.
Web Cryptography API methods.
Web Cryptography API events.
Web Cryptography API properties.
The following cryptographic algorithms are supported in IE11 and later:
- AES-CBC: for encrypt, decrypt, generateKey, importKey, and exportKey.
- AES-GCM: for encrypt, decrypt, generateKey, importKey, and exportKey.
- AESKW: for generateKey, and the keyEncryptionKey parameter of wrapKey and unwrapKey (for details, see KeyWrap Proposal).
- RSAES-PKCS1-v1_5: for encrypt, decrypt, generateKey, importKey, and exportKey.
- RSA-OAEP: for encrypt, decrypt, generateKey, importKey, and exportKey.
- RSASSA-PKCS1-v1_5: for sign, verify, generateKey, importKey, and exportKey.
- HMAC: for sign, verify, generateKey, importKey, and exportKey.
- SHA1/SHA-256/SHA-512/SHA-384: for digest and are the only supported hashes for the other algorithms.
In IE11 and later, Web Cryptographic keys can be stored in IndexedDB and if so, are bound to a specific user and device. That is, keys stored in IndexedDB cannot be used by different users or moved to different computers. A browser-specific key is used to encrypt all Web Cryptographic keys before storing them in IndexedDB, as follows:
- A key-wrapping key is derived from the browser-specific key using a randomly generated salt (see SP 800-108).
- The key-wrapping key is used to encrypt the Web Cryptographic key using AES Key Wrap and AES-GCM.
- The result of the prior operation is stored on disk in the IndexedDB store.
The browser-specific key is randomly generated the first time a key is stored in IndexedDB. Clearing the browser’s cache will delete this browser-specific key from the system, permanently preventing any previously stored keys in IndexedDB from being accessed. The next time a key is stored in IndexedDB, a new browser-specific key will be generated, and the above process will be repeated. The browser-specific key is stored on disk and is protected by DPAPI and, optionally, by mechanisms such as BitLocker Drive Encryption.