deriveKeyFromPassword method
Generates a new secret key from a password
and a nonce
.
The nonce
(also called a "salt") should be some random sequence of
bytes. Nonce does not need to be protected.
If possible, you should have a different nonce for each password. For example, if you are doing server-side password hashing, this could mean generating a random 32-byte nonce and storing it in the database along with the hashed password.
The default implementation encodes the string using utf8 and calls deriveKey.
Implementation
@override
Future<SecretKey> deriveKeyFromPassword({
required String password,
required List<int> nonce,
}) async {
final macName = _macNameFor(macAlgorithm);
if (macName != null) {
final result = await invokeMethod(
'pbkdf2',
{
'mac': macName,
'bits': bits,
'iterations': iterations,
'password': password,
'nonce': asUint8List(nonce),
},
);
return SecretKeyData(result['hash'] as List<int>);
}
final fallback = this.fallback;
if (fallback == null) {
throw UnsupportedError('Unsupported and no fallback');
}
return fallback.deriveKeyFromPassword(
password: password,
nonce: nonce,
);
}