CryptoKey: type property

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.

We’d love to hear your thoughts on the next set of proposals for the JavaScript language. You can find a description of the proposals here.

Please take two minutes to fill out our short survey.

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

Note: This feature is available in Web Workers.

The read-only type property of the CryptoKey interface indicates which kind of key is represented by the object. It can have the following values:

"secret": This key is a secret key for use with a symmetric algorithm.
"private": This key is the private half of an asymmetric algorithm's CryptoKeyPair.
"public": This key is the public half of an asymmetric algorithm's CryptoKeyPair.

Value

One of the following strings: "secret", "private", or "public".

This function verifies a message using SubtleCrypto.verify() and a public key given in the parameter. If the key is not a public key, it always returns "invalid", as such verification is fundamentally insecure.

async function verifyMessage(publicKey) {
  const signatureValue = document.querySelector(
    ".rsassa-pkcs1 .signature-value",
  );
  signatureValue.classList.remove("valid", "invalid");

  let result = false; // By default, it is invalid

  if (publicKey.type === "public") {
    const encoded = getMessageEncoding();
    result = await window.crypto.subtle.verify(
      "RSASSA-PKCS1-v1_5",
      publicKey,
      signature,
      encoded,
    );
  }

  signatureValue.classList.add(result ? "valid" : "invalid");
}

Specifications

Specification
Web Cryptography Level 2 # dom-cryptokey-type

CryptoKey: type property

Value

Examples

Specifications

Browser compatibility