Environment Check

Web Crypto API Checker

Automatically verify if your current browser supports the cryptographic primitives required for true zero-knowledge applications and secure end-to-end encryption.

Zero-Knowledge Diagnostic

Verify if your browser can handle AES-GCM and PBKDF2 without relying on insecure third-party polyfills.

Secure Context Check

Automatically identifies if your connection is secure (HTTPS), which is a hard requirement for modern crypto APIs.

Primitive Validation

Tests specific algorithms like SHA-256 and AES-GCM to ensure the hardware engine is performing correctly.

Browser Diagnostic Report

window.crypto

Base cryptography object

SubtleCrypto API

Low-level math functions

Secure Randomness

getRandomValues() check

AES-GCM Engine

Authenticated encryption

PBKDF2 Engine

Key derivation support

SHA-256 Digest

Secure hashing algorithm

Click "Run Diagnostic" to verify your browser's capabilities.

Why Your Browser Matters

ZeroKey performs all security operations on your hardware, not our servers.

Does your browser pass the test?

If your browser supports these native APIs, you can securely use ZeroKey. It is a trustless, open-source vault where sensitive data is encrypted entirely on your device before it ever touches the internet.

Launch ZeroKey Vault

What is the Web Crypto API?

The Web Crypto API is a powerful native interface built directly into modern web browsers like Chrome, Firefox, Safari, and Edge. It provides developers with a set of low-level cryptographic primitives that allow JavaScript applications to perform complex security operations without relying on heavy third-party node modules or backend servers.

How to detect Web Crypto support in JavaScript

Before performing client-side encryption, you should always check if the browser is equipped to handle the operations. Here is a clean, dependency-free diagnostic snippet:

crypto-check.js 
function isWebCryptoSupported() {
    // 1. Check for basic support
    const hasCrypto = window.crypto !== undefined;
    const hasSubtle = hasCrypto && window.crypto.subtle !== undefined;

    // 2. Check for secure context (HTTPS)
    const isSecure = window.isSecureContext === true;

    if (!hasSubtle) {
        console.error("Native Cryptography not supported in this browser.");
        return false;
    }

    if (!isSecure) {
        console.warn("SubtleCrypto may be blocked on non-secure (HTTP) origins.");
    }

    return true;
}

Why is Client-Side Cryptography Important?

Traditional web applications handle security by sending plaintext data to a server, where the backend encrypts it. This architecture inherently means the server owner has access to your unencrypted data prior to encryption. By utilizing the SubtleCrypto interface, zero-knowledge platforms like ZeroKey scramble your secrets locally on your device. The server only receives a mathematically secure, unreadable blob of ciphertext, ensuring true privacy.

Frequently Asked Questions

Why does my browser fail the Web Crypto test?
The most common reason for failure is using an insecure origin. Modern browsers strictly block access to the SubtleCrypto API unless the website is served over HTTPS or from localhost. This is a security measure to prevent Man-In-The-Middle attacks from tampering with your encryption logic.
Does this tool work on mobile browsers?
Yes. Modern mobile versions of Safari (iOS), Chrome (Android), and Firefox fully support the Web Crypto API. If your mobile browser fails the test, please ensure your OS and browser app are updated to the latest versions.

Privacy First

We use essential cookies & analytics strictly to improve our free tools. No PII or cryptography secrets are ever tracked.

Policy