This is an implementation of the WebCrypto API specification for k6.
Starting the version 0.44.0, this implementation is available in k6 as an experimental module. To use it, you need to import it in your script.
import webcrypto from 'k6/experimental/webcrypto';While we consider it ready for production use, it is still missing some features and is not yet fully compliant with the specification.
| API | Supported | Notes |
|---|---|---|
crypto.getRandomValues() |
✅ | complete |
crypto.randomUUID() |
✅ | complete |
| API | AES-CBC | AES-GCM | AES-CTR | RSA-OAEP |
|---|---|---|---|---|
crypto.subtle.encrypt() |
✅ | ✅ | ✅ | ✅ |
crypto.subtle.decrypt() |
✅ | ✅ | ✅ | ✅ |
| API | HMAC | ECDSA | RSASSA-PKCS1-v1_5 | RSA-PSS |
|---|---|---|---|---|
crypto.subtle.sign() |
✅ | ✅ | ✅ | ✅ |
crypto.subtle.verify() |
✅ | ✅ | ✅ | ✅ |
| API | AES-CBC | AES-GCM | AES-CTR | AES-KW | HMAC | ECDSA | ECDH | RSASSA-PKCS1-v1_5 | RSA-PSS | RSA-OAEP |
|---|---|---|---|---|---|---|---|---|---|---|
crypto.subtle.generateKey() |
✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
crypto.subtle.importKey() |
✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
crypto.subtle.exportKey() |
✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Warning
Currently, only the raw and jwk (JSON Web Key) formats are supported for import/export operations for the AES-* and HMAC algorithms. ECDH and ECDSA have support for pkcs8, spki, raw and jwk formats. RSA algorithms have support for pkcs8, spki and jwk formats.
| API | ECDH | HKDF | PBKDF2 |
|---|---|---|---|
crypto.subtle.deriveKey() |
❌ | ❌ | ❌ |
crypto.subtle.deriveBits() |
✅ | ❌ | ❌ |
Note: deriveBits currently doesn't support length parameter non-multiple of 8.
| API | AES-CBC | AES-GCM | AES-CTR | AES-KW | RSA-OAEP |
|---|---|---|---|---|---|
crypto.subtle.unwrapKey() |
❌ | ❌ | ❌ | ❌ | ❌ |
- WebCrypto API support: Even though we implemented the vast majority of the WebCrypto API, there are still some APIs and algorithms that are not yet supported. By looking at the WebCrypto API Compliant label, you can see what is missing.
- AES-GCM: Although the algorithm is supported, and can already be used, it is not fully compliant with the specification. The reason for this is that the Go standard library only supports a 12-byte nonce/iv, while the specification allows for a wider range of sizes. We do not expect to address this limitation unless the Go standard library adds support for it.
- RSA-PSS: Since we use Golang SDK under the hood, the RSA-PSS doesn't support deterministic signatures. In other words, even if
saltLengthis set to 0, the signature will be different each time.
Contributions are welcome! If the module is missing a feature you need, or if you find a bug, please open an issue or a pull request. If you are not sure about something, feel free to open an issue and ask.
In our implementation we rely on WebCrypto API specification. Sometimes it feels quite large, and it is not always easy to understand what is going on. To help with that, we have adopted a few practices that we hope will make it easier for contributors to understand the codebase.
Following this convention allows us to document why certain operations are made in a certain way, and to track the progress of the implementation. We do not always add them, but we try to do so when it makes sense, and encourage contributors to do the same.
We aim to be compliant with the WebCrypto API specification. To ensure that, we test our implementation against the Web Platform Tests, this is a part of the CI, and it's expected to implement the missing tests when it's needed. See the webcrypto/tests/README.md for more details.