HTML <keygen> Tag

The <keygen> tag is responsible for generating a pair of keys (public and private), that are used to encrypt and decrypt data sent to the server when an HTML form is submitted. The public key is sent to the server along with the submitted form data, and the private one is stored on user’s local device.

The tag is also used to create and verify the digital signature.

The <keygen> element gives the user an opportunity to choose from a range of key size options, and also choose where to generate the key, for example, in a smart card or in software and stored on disk. But this is possible only in case if the user’s browser supports cryptographic hardware.

Syntax

The <keygen> tag is placed in the <form> container; the closing tag isn’t required.

Example

<!DOCTYPE html>
<html>
  <head>
    <title>Title of the document</title>
  </head>
  <body>
    <form action="demo_keygen.asp" method="get">
      <keygen name="rsaPublicKey" keytype="RSA">
      User’s name: <input type="text" name="usr_name">
      <input type="submit">
    </form>
  </body>
</html>

Result

Browser Support

  • Dropdown Options in Chrome and Opera running Blink: 2048 (High Grade), 1024 (Medium Grade). In the Opera browser with Presto versions providing a dropdown with 1024, 1280, 1536, 1792, 2048, 2304, 2560, 2816, 3072, 3328, 3584, 3840 and 4096 as options.
  • Dropdown options in Safari 5: 2048 (High Grade), 1024 (Medium Grade), 512 (Low Grade).
  • Dropdown options in Firefox and Android: High Grade, Medium Grade.
  • iOS claims to support it but creates a non-functioning empty dropdown.

Attributes

Attribute Value Description
autofocus autofocus Defines that during the loading of the page the element must automatically receive a focus.
Not supported in IE and Firefox.
challenge challenge Defines the call string, that is passed along with the public key. The attribute value is any text string. If the attribute isn’t specified, the default is an empty string.
disabled disabled Indicates that the <keygen> element must be disabled.
form form_id Indicates the identifier of the form or forms to which the <keygen> element belongs.
Not supported in IE.
keytype Defines the key encryption algorithm.
rsa The user can choose between high and medium security (the default value).
dsa The user can select the key size.
ec The user can choose between high and medium security.
Not supported in IE and Safari.
name name Defines the name of the <keygen> element.

The <keygen> tag supports the Global Attributes and the Event Attributes.

Browser support

1+ 1+ 1.2+ 3+