Menu
Generate a random 128-bit key (k1), a random 128-bit IV, and a random salt (64 bits is probably sufficient). Use PBKDF2 to generate a 256-bit key from your password and the salt, then split that into two 128-bit keys (k2, k3). Make sure your algorithm's native output is at least 256 bits, or this will be slow. What I am trying to do is generate a large (4096bit) random number in JavaScript that is cryptographically safe to use. My approach is the following: I am creating a Uint8Array with the desired length. I am using Math.random to prefill it. I am showing a a 256x256pixel box, and show a message asking for moving the mouse around in it. AES can have key lengths of 128, 192 and 256 bits. ASCII characters are usually stored in bytes, each byte having 8 bits. But strictly speaking, ASCII only has 7 bits. Thus, concatenating the yields a number consisting of 224 bits or 256 bits. Assuming I have a server/client topology, currently I'm facing the problem that I want to generate some key on the client side and somehow make the remote server get it securely. I'm using AES on both parts, so basically what I need is to generate a random IV and a random secret key, but how to share it with the server so it can afterward decrypt the messages? This generate random strings of 5 characters based on the current time. Example output is 4mtxj or 4mv90 or 4mwp1. The problem with this is that if you call it two times on the same second, it will generate the same string. The safer way is: (0 Math.random.9e6).toString(36) This will generate a random string of 4 or 5 characters, always diferent.
Secure context
This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
Use the
generateKey()
method of the SubtleCrypto
interface to generate a new key (for symmetric algorithms) or key pair (for public-key algorithms).Syntax
Parameters
algorithm
is a dictionary object defining the type of key to generate and providing extra algorithm-specific parameters.- For RSASSA-PKCS1-v1_5, RSA-PSS, or RSA-OAEP: pass an
RsaHashedKeyGenParams
object. - For ECDSA or ECDH: pass anÂ
EcKeyGenParams
object. - For HMAC: pass an
HmacKeyGenParams
object. - For AES-CTR, AES-CBC, AES-GCM, or AES-KW: pass an
AesKeyGenParams
object.
- For RSASSA-PKCS1-v1_5, RSA-PSS, or RSA-OAEP: pass an
extractable
is aBoolean
indicating whether it will be possible to export the key usingSubtleCrypto.exportKey()
orSubtleCrypto.wrapKey()
.keyUsages
 is anArray
indicating what can be done with the newly generated key. Possible values for array elements are:encrypt
: The key may be used toencrypt
messages.decrypt
: The key may be used todecrypt
messages.sign
: The key may be used tosign
messages.verify
: The key may be used toverify
signatures.deriveKey
: The key may be used inderiving a new key
.deriveBits
: The key may be used inderiving bits
.wrapKey
: The key may be used towrap a key
.unwrapKey
: The key may be used tounwrap a key
.
Return value
result
is aPromise
that fulfills with aCryptoKey
(for symmetric algorithms) or aCryptoKeyPair
(for public-key algorithms).
Exceptions
The promise is rejected when the following exception is encountered:
SyntaxError
- Raised when the result is a
CryptoKey
of typesecret
orprivate
butkeyUsages
is empty. SyntaxError
- Raised when the result is a
CryptoKeyPair
and itsprivateKey.usages
attribute is empty.
Examples
RSA key pair generation
This code generates an RSA-OAEP encryption key pair. See the complete code on GitHub.
Elliptic curve key pair generation
This code generates an ECDSA signing key pair. See the complete code on GitHub.
HMAC key generation
This code generates an HMAC signing key. See the complete code on GitHub.
AES key generation
Javascript Generate Aes Key
This code generates an AES-GCM encryption key. See the complete code on GitHub.
![Javascript Javascript](/uploads/1/2/6/3/126386810/130225171.jpg)
Specifications
Specification | Status | Comment |
---|---|---|
Web Cryptography API The definition of 'SubtleCrypto.generateKey()' in that specification. | Recommendation | Initial definition. |
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
![Javascript Generate Random Aes Key Javascript Generate Random Aes Key](/uploads/1/2/6/3/126386810/100940674.png)
Desktop | Mobile | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Chrome | Edge | Firefox | Internet Explorer | Opera | Safari | Android webview | Chrome for Android | Firefox for Android | Opera for Android | Safari on iOS | Samsung Internet | |
generateKey | ChromeFull support 37 | EdgePartial support12
| FirefoxFull support 34
| IEPartial support11 Notes
| OperaFull support 24 | SafariFull support 7 | WebView AndroidFull support 37 | Chrome AndroidFull support 37 | Firefox AndroidFull support 34
| Opera AndroidFull support 24 | Safari iOSFull support 7 | Samsung Internet AndroidFull support 6.0 |
Legend
- Full support Â
- Full support
- Partial support Â
- Partial support
- See implementation notes.
- See implementation notes.
- User must explicitly enable this feature.
- User must explicitly enable this feature.
Generate Aes Key Javascript
See also
- Cryptographic key length recommendations.
- NIST cryptographic algorithm and key length recommendations.