MSR JavaScript Cryptography Library

Established: June 17, 2014

The MSR JavaScript Cryptography Library has been migrated to GitHub. The latest version, v1.6.0, is available here:

The MSR JavaScript Cryptography Library has been developed for use with cloud services in an HTML5 compliant and forward-looking manner. The algorithms are exposed via the W3C WebCrypto interface, and are tested against the Internet Explorer 11 implementation of that interface. The library currently supports RSA encrypt/decrypt (PKCS#1 v1.5, OAEP, and PSS), AES-CBC and GCM encrypt/decrypt, SHA-256/384/512, HMAC with supported hash functions, PRNG (AES-CTR based) as specified by NIST, ECDH, ECDSA, and KDF (Concat mode). The W3C WebCrypto interface does not yet implement promises. The library is tested on IE8,9,10,11, and latest Firefox, Chrome, Opera, and Safari browsers.

This library includes big number integer arithmetic to support the aforementioned cryptographic algorithms. It supports unsigned big integer arithmetic with addition, subtraction, multiplication, division, reduction, inversion, GCD, extended Euclidean algorithm (EEA), Montgomery multiplication, and modular exponentiation. It provides useful utility functions, such as endianness management and conversion routines. The big integer library is likely to change in future releases.

There are also unit tests and some sample code.  This library is under active development. Future updates to this library may change the programming interfaces.

The latest release, v1.4 includes support for the latest ECC NUMS curves (see here). The API has been updated to be compliant with the latest W3C specification, making our library compatible with the latest Web Crypto API implementations of Microsoft Edge, Chrome, Opera, and Firefox.

The library has also switched from event-based calls to Promises. This changes the way results are returned asynchronously. Please note that these are breaking changes for our existing customers, however as there is no update to the underlying cryptography, there is no need to take this update until you need these features. The samples and tests have been updated to use the new API calls, and the readme has expanded content based upon frequently asked questions from developers.

The MSR JavaScript Cryptography Library is now released under the Apache license version 2.0.

Discussion or comments?  Please email us at



Portrait of Christian Paquin

Christian Paquin

Principal Program Manager

Portrait of Karen Easterbrook

Karen Easterbrook

Sr Principal PM Manager