deriveKeyFromPassword method

  1. @override
Future<SecretKey> deriveKeyFromPassword({
  1. required String password,
  2. required List<int> nonce,
})

Generates a new secret key from a password and a nonce.

The nonce (also called a "salt") should be some random sequence of bytes. Nonce does not need to be protected.

If possible, you should have a different nonce for each password. For example, if you are doing server-side password hashing, this could mean generating a random 32-byte nonce and storing it in the database along with the hashed password.

The default implementation encodes the string using utf8 and calls deriveKey.

Implementation

@override
Future<SecretKey> deriveKeyFromPassword({
  required String password,
  required List<int> nonce,
}) async {
  final macName = _macNameFor(macAlgorithm);
  if (macName != null) {
    final result = await invokeMethod(
      'pbkdf2',
      {
        'mac': macName,
        'bits': bits,
        'iterations': iterations,
        'password': password,
        'nonce': asUint8List(nonce),
      },
    );
    return SecretKeyData(result['hash'] as List<int>);
  }
  final fallback = this.fallback;
  if (fallback == null) {
    throw UnsupportedError('Unsupported and no fallback');
  }
  return fallback.deriveKeyFromPassword(
    password: password,
    nonce: nonce,
  );
}