sign()
The sign()
method of the SubtleCrypto
interface generates a digital signature.
It takes as its arguments a key to sign with, some algorithm-specific
parameters, and the data to sign. It returns a Promise
which will be
fulfilled with the signature.
You can use the corresponding verify()
method to verify the signature.
Syntax
sign(algorithm, key, data)
Parameters
algorithm
- : A string or object that specifies the signature algorithm to use and its parameters:
- To use RSASSA-PKCS1-v1_5, pass the string
"RSASSA-PKCS1-v1_5"
or an object of the form{ "name": "RSASSA-PKCS1-v1_5" }
. - To use HMAC, pass the string
"HMAC"
or an object of the form{ "name": "HMAC" }
.
- To use RSASSA-PKCS1-v1_5, pass the string
- : A string or object that specifies the signature algorithm to use and its parameters:
key
- : A
CryptoKey
object containing the key to be used for signing. Ifalgorithm
identifies a public-key cryptosystem, this is the private key.
- : A
data
- : An
ArrayBuffer
, a TypedArray or aDataView
object containing the data to be signed.
- : An
Return value
A Promise
that fulfills with an ArrayBuffer
containing the signature.
Exceptions
The promise is rejected when the following exception is encountered:
InvalidAccessError
- : Raised when the signing key is not a key for the request signing algorithm or when trying to use an algorithm that is either unknown or isn't suitable for signing.
Supported algorithms
RSASSA-PKCS1-v1_5
The RSASSA-PKCS1-v1_5 algorithm is specified in RFC 3447.
HMAC
The HMAC algorithm calculates and verifies hash-based message authentication codes according to the FIPS 198-1 standard.
The digest algorithm to use is specified in the
HmacImportParams
object
that you pass into SubtleCrypto.importKey()
.