self.crypto

The global read-only crypto property returns the Crypto object associated to the global object. This object allows web pages access to certain cryptographic related services.

Although the property itself is read-only, all of its methods (and the methods of its child object, SubtleCrypto) are not read-only, and therefore vulnerable to attack by polyfill.

Although crypto is available on all windows, the returned Crypto object only has one usable feature in insecure contexts: the getRandomValues() method. In general, you should use this API only in secure contexts.

Value

An instance of the Crypto interface, providing access to general-purpose cryptography and a strong random-number generator.

Examples

This example uses the crypto property to access the getRandomValues() method.

JavaScript

genRandomNumbers = function getRandomNumbers() {
  const array = new Uint32Array(10);
  crypto.getRandomValues(array);

  const randText = document.getElementById("myRandText");
  randText.textContent = "The random numbers are: "
  for (let i = 0; i < array.length; i++) {
    randText.textContent += array[i] + " ";
  }
}

HTML

<p id="myRandText">The random numbers are: </p>
<button type="button" onClick='genRandomNumbers()'>Generate 10 random numbers</button>

Result

Specifications

Specification
Web Cryptography API
# dom-windoworworkerglobalscope-crypto

Browser compatibility

BCD tables only load in the browser

See also