WebCryptoAPI: understand the key management

This page aim is to show how encryption keys could be managed using the webCrypto API.

Generate a AES 128 bits key

We need an encryption key, let's generate an AES 128 bits key.

Generate with extractable true

Generate with extractable false

Export the key

We can export the generated key if the extractable property is set to true.

Export key

Encrypt decrypt data

The generated AES key is stored in a CryptoKey, this is like a black box with input and output.

Encrypt/decrypt

Wrap the AES key

We derive a key based on the given passphrase, wrap the AES key with the derived key (from passphrase).

Wrap/unwrap