/Web APIs

CryptoKey: extractable property

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The read-only extractable property of the CryptoKey interface indicates whether or not the key may be extracted using SubtleCrypto.exportKey() or SubtleCrypto.wrapKey().

If the key cannot be exported, exportKey() or wrapKey() will throw an exception if used to extract it.


A boolean value that is true if the key can be exported and false if not.


In this example, the Export button is disabled, and no listener added, if the key cannot be exported.


// Export the given key and write it into the "exported-key" space.
async function exportCryptoKey(key) {
  const exported = await window.crypto.subtle.exportKey("raw", key);
  const exportedKeyBuffer = new Uint8Array(exported);

  const exportKeyOutput = document.querySelector(".exported-key");
  exportKeyOutput.textContent = `[${exportedKeyBuffer}]`;

// Enable or disable the exportButton if the key is extractable or not
function setExportButton(key) {
  const exportButton = document.querySelector(".raw");

  // Disable the button if the key is not extractable
  exportButton.disabled = !key.extractable;
  if (key.extractable) {
    // Add an event listener to extract the key
    exportButton.addEventListener("click", () => {

// Generate an encrypt/decrypt secret key,
// then enable and set up an event listener on the "Export" button.
      name: "AES-GCM",
      length: 256,
    ["encrypt", "decrypt"],


Browser compatibility

Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari WebView Android Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet
extractable 37 12 34 No 24 7 37 37 34 24 7 3.0

© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.