Web Cryptography
This section describes the support Internet Explorer 11 and later provides for the W3C Web Cryptography API.
In this section
| Topic | Description |
|---|---|
|
Web Cryptography API objects. | |
|
Web Cryptography API methods. | |
|
Web Cryptography API events. | |
|
Web Cryptography API properties. |
Additional resources
The following cryptographic algorithms are supported in IE11 and later:
- AES-CBC: for encrypt, decrypt, generateKey, importKey, and exportKey.
- AES-GCM: for encrypt, decrypt, generateKey, importKey, and exportKey.
- AESKW: for generateKey, and the keyEncryptionKey parameter of wrapKey and unwrapKey (for details, see KeyWrap Proposal).
- RSAES-PKCS1-v1_5: for encrypt, decrypt, generateKey, importKey, and exportKey.
- RSA-OAEP: for encrypt, decrypt, generateKey, importKey, and exportKey.
- RSASSA-PKCS1-v1_5: for sign, verify, generateKey, importKey, and exportKey.
- HMAC: for sign, verify, generateKey, importKey, and exportKey.
- SHA1/SHA-256/SHA-512/SHA-384: for digest and are the only supported hashes for the other algorithms.
In IE11 and later, Web Cryptographic keys can be stored in IndexedDB and if so, are bound to a specific user and device. That is, keys stored in IndexedDB cannot be used by different users or moved to different computers. A browser-specific key is used to encrypt all Web Cryptographic keys before storing them in IndexedDB, as follows:
- A key-wrapping key is derived from the browser-specific key using a randomly generated salt (see SP 800-108).
- The key-wrapping key is used to encrypt the Web Cryptographic key using AES Key Wrap and AES-GCM.
- The result of the prior operation is stored on disk in the IndexedDB store.
The browser-specific key is randomly generated the first time a key is stored in IndexedDB. Clearing the browser’s cache will delete this browser-specific key from the system, permanently preventing any previously stored keys in IndexedDB from being accessed. The next time a key is stored in IndexedDB, a new browser-specific key will be generated, and the above process will be repeated. The browser-specific key is stored on disk and is protected by DPAPI and, optionally, by mechanisms such as BitLocker Drive Encryption.