WebCrypto

A zero-dependency W3C Web Cryptography API (Crypto / SubtleCrypto / CryptoKey) built directly on Node's native node:crypto. It is the toolkit's injectable crypto engine, presented in the standard WebCrypto shape so operators — and every higher structure (X.509, CMS, OCSP) — reach for one familiar surface.

Unlike the browser's built-in crypto.subtle, this engine is **PQC-first without being PQC-only**: the FIPS 204 ML-DSA and FIPS 205 SLH-DSA signature suites sit alongside the full classical set PKI still runs on — RSASSA-PKCS1-v1_5, RSA-PSS, RSA-OAEP, ECDSA, ECDH, Ed25519 / Ed448, AES-GCM / CBC / KW, HMAC, HKDF, PBKDF2, and the SHA family (including legacy SHA-1 for old certificates and signatures). FIPS 203 ML-KEM key generation and encoding are available; KEM encapsulation follows once Node exposes it. Because it is OpenSSL-backed, every key and signature it emits is interoperable with OpenSSL, NSS, and other PKI implementations.

pki.webcrypto.CryptoKey

since 0.1.0 stable
new pki.webcrypto.CryptoKey(type, extractable, algorithm, usages, handle)

Opaque handle to key material, matching the W3C CryptoKey shape: { type, extractable, algorithm, usages }. The underlying node:crypto KeyObject is non-enumerable and never serialized — extract material only through subtle.exportKey, and only when the key was created extractable. Instances are produced by subtle.generateKey / subtle.importKey; the constructor is rarely called directly.

Example

var kp = await pki.webcrypto.subtle.generateKey({ name: "Ed25519" }, true, ["sign", "verify"]);
kp.publicKey.type;       // "public"
kp.publicKey.algorithm;  // { name: "Ed25519" }

References

pki.webcrypto.subtle

since 0.1.0 stable
await pki.webcrypto.subtle.exportKey(format, key)

Export a CryptoKey to spki (public), pkcs8 (private), jwk (either), or raw (symmetric, or an uncompressed EC / OKP public point). Throws unless the key was created extractable.

Example

var spki = await pki.webcrypto.subtle.exportKey("spki", keyPair.publicKey);

References

pki.webcrypto

since 0.1.0 stable
pki.webcrypto.getRandomValues(typedArray) / pki.webcrypto.subtle

A ready Crypto instance (the shape of globalThis.crypto) exposing getRandomValues, randomUUID, and subtle. Construct additional instances with new pki.WebCrypto.Crypto().

Example

var iv = pki.webcrypto.getRandomValues(new Uint8Array(12));

References