I am currently utilizing the WebCrypto API, specifically SubtleCrypto. I store CryptoKey in IndexedDB and call it as needed. As far as I know, IndexedDB is a serialized database. If I can access IndexedDB from the disk, can I retrieve the CryptoKey through deserialization?
Someone told me that the actual CryptoKey isn't stored in IndexedDB, but the actual raw value is stored in a secure space within the browser. Is this accurate? Where exactly is the raw data of the actual CryptoKey stored?
I am interested in obtaining detailed information about CryptoKey for security purposes.
Thanks for reading the question.
I've been looking through various documents, but I haven't found the answer I'm looking for yet...
