WebCrypto
Crypto / SubtleCrypto / CryptoKey) built directly on Node's native node:crypto. It is the toolkit's injectable crypto engine, presented in the standard WebCrypto shape so operators — and every higher structure (X.509, CMS, OCSP) — reach for one familiar surface.
Unlike the browser's built-in crypto.subtle, this engine is **PQC-first without being PQC-only**: the FIPS 204 ML-DSA and FIPS 205 SLH-DSA signature suites sit alongside the full classical set PKI still runs on — RSASSA-PKCS1-v1_5, RSA-PSS, RSA-OAEP, ECDSA, ECDH, Ed25519 / Ed448, AES-GCM / CBC / KW, HMAC, HKDF, PBKDF2, and the SHA family (including legacy SHA-1 for old certificates and signatures). FIPS 203 ML-KEM key generation and encoding are available; KEM encapsulation follows once Node exposes it. Because it is OpenSSL-backed, every key and signature it emits is interoperable with OpenSSL, NSS, and other PKI implementations.
pki.webcrypto.CryptoKey
new pki.webcrypto.CryptoKey(type, extractable, algorithm, usages, handle)
Opaque handle to key material, matching the W3C CryptoKey shape: { type, extractable, algorithm, usages }. The underlying node:crypto KeyObject is non-enumerable and never serialized — extract material only through subtle.exportKey, and only when the key was created extractable. Instances are produced by subtle.generateKey / subtle.importKey; the constructor is rarely called directly.
Example
var kp = await pki.webcrypto.subtle.generateKey({ name: "Ed25519" }, true, ["sign", "verify"]);
kp.publicKey.type; // "public"
kp.publicKey.algorithm; // { name: "Ed25519" }
References
pki.webcrypto.subtle
await pki.webcrypto.subtle.exportKey(format, key)
Export a CryptoKey to spki (public), pkcs8 (private), jwk (either), or raw (symmetric, or an uncompressed EC / OKP public point). Throws unless the key was created extractable.
Example
var spki = await pki.webcrypto.subtle.exportKey("spki", keyPair.publicKey);
References
- spec W3C WebCrypto §subtlecrypto
- spec FIPS 186-5
- spec FIPS 203
- spec FIPS 204
- spec FIPS 205
- spec RFC 8017
pki.webcrypto
pki.webcrypto.getRandomValues(typedArray) / pki.webcrypto.subtle
A ready Crypto instance (the shape of globalThis.crypto) exposing getRandomValues, randomUUID, and subtle. Construct additional instances with new pki.WebCrypto.Crypto().
Example
var iv = pki.webcrypto.getRandomValues(new Uint8Array(12));
References
- spec W3C WebCrypto