otplib API Documentation / @otplib/plugin-crypto-web / WebCryptoPlugin
Class: WebCryptoPlugin
Defined in: index.ts:46
Web Crypto API implementation of CryptoPlugin
This plugin uses the browser's native Web Crypto API which provides:
- Hardware-accelerated cryptographic operations
- Secure key storage and generation
- Async API for non-blocking operations
Example
import { WebCryptoPlugin } from '@otplib/plugin-crypto-web';
const crypto = new WebCryptoPlugin();
const hmac = await crypto.hmac('sha1', key, data);
const random = crypto.randomBytes(20);Implements
Constructors
Constructor
new WebCryptoPlugin():
WebCryptoPlugin
Returns
WebCryptoPlugin
Properties
name
readonlyname:"web"="web"
Defined in: index.ts:50
Plugin name for identification
Implementation of
CryptoPlugin.name
Methods
constantTimeEqual()
constantTimeEqual(
a,b):boolean
Defined in: index.ts:118
Constant-time comparison to prevent timing side-channel attacks
Web Crypto API doesn't provide a built-in constant-time comparison, so we use the core utility implementation.
Parameters
a
First value to compare
string | Uint8Array<ArrayBufferLike>
b
Second value to compare
string | Uint8Array<ArrayBufferLike>
Returns
boolean
true if values are equal, false otherwise
Implementation of
CryptoPlugin.constantTimeEqual
hmac()
hmac(
algorithm,key,data):Promise<Uint8Array<ArrayBufferLike>>
Defined in: index.ts:62
Compute HMAC using Web Crypto API
Async implementation using SubtleCrypto.
Parameters
algorithm
Hash algorithm to use
"sha1" | "sha256" | "sha512"
key
Uint8Array
Secret key
data
Uint8Array
Data to authenticate
Returns
Promise<Uint8Array<ArrayBufferLike>>
HMAC digest
Implementation of
CryptoPlugin.hmac
randomBytes()
randomBytes(
length):Uint8Array
Defined in: index.ts:96
Generate cryptographically secure random bytes
Uses Web Crypto API's getRandomValues.
Parameters
length
number
Number of bytes to generate
Returns
Uint8Array
Random bytes
Implementation of
CryptoPlugin.randomBytes