ContactSign in

How it works

The CryptoKey interface represents a cryptographic key obtained from one of the SubtleCrypto methods.

In an Azion function, a CryptoKey is the object you pass to SubtleCrypto operations when you encrypt, decrypt, sign, or verify data. You don’t construct it directly; instead, it is returned by methods such as generateKey(), importKey(), or deriveKey(). Its read-only properties describe what the key is and how it may be used, so the runtime can enforce that a key is only applied to the operations it was created for. Handling keys as opaque CryptoKey objects keeps raw key material out of your function code while still allowing fast cryptographic work on Azion’s global network.

Instance properties

CryptoKey.type The type of key the object represents. It may take one of the following values: “secret”, “private” or “public”.

CryptoKey.extractable A boolean value indicating whether or not the key may be extracted using SubtleCrypto.exportKey() or SubtleCrypto.wrapKey().

CryptoKey.algorithm An object describing the algorithm for which this key can be used and any associated extra parameters.

CryptoKey.usages An array of strings, indicating what can be done with the key. Possible values for array elements are “encrypt”, “decrypt”, “sign”, “verify”, “deriveKey”, “deriveBits”, “wrapKey”, and “unwrapKey”.

Use cases

  • Holding an imported secret key used to verify signed tokens or HMAC signatures on Azion’s global network.
  • Carrying a generated key pair for signing or encrypting payloads before they leave the function.
  • Restricting how a key is applied through its usages so it can sign but not decrypt, for example.

For more information on CryptoKey visit MDN Web Docs.