W3cubDocs

/Web APIs

CryptoKey: type property

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The read-only type property of the CryptoKey interface indicates which kind of key is represented by the object. It can have the following values:

"secret": This key is a secret key for use with a symmetric algorithm.
"private": This key is the private half of an asymmetric algorithm's CryptoKeyPair.
"public": This key is the public half of an asymmetric algorithm's CryptoKeyPair.

Value

One of the following strings: "secret", "private", or "public".

Examples

This function verifies a message using SubtleCrypto.verify() and a public key given in the parameter. If the key is not a public key, it always returns "invalid", as such verification is fundamentally insecure.

async function verifyMessage(publicKey) {
  const signatureValue = document.querySelector(
    ".rsassa-pkcs1 .signature-value",
  );
  signatureValue.classList.remove("valid", "invalid");

  let result = false; // By default, it is invalid

  if (publicKey.type === "public") {
    const encoded = getMessageEncoding();
    result = await window.crypto.subtle.verify(
      "RSASSA-PKCS1-v1_5",
      publicKey,
      signature,
      encoded,
    );
  }

  signatureValue.classList.add(result ? "valid" : "invalid");
}

Specifications

Specification
Web Cryptography API # dom-cryptokey-type

Browser compatibility

	Desktop						Mobile
	Chrome	Edge	Firefox	Internet Explorer	Opera	Safari	WebView Android	Chrome Android	Firefox for Android	Opera Android	Safari on IOS	Samsung Internet
`type`	37	12	34	No	24	7	37	37	34	24	7	3.0

© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/CryptoKey/type