KeyManager class abstract

An abstract class to generate keys for encryption based on a single master key.

The class already provides most of the logic for that job. The only method that has to be implemented is the loadRemoteMasterKey method to obtain the actual master key.

You can use the PassphraseBasedKeyManager instead to create a key manager that will derive it's master key from a passphrase.

The key generation works as follows:

1. A keyId is either given or generated from the current time (as reported by clock). The algorithm generates the id as "days since epoch" / 30, which means the id is rotated every 30 days.
2. A hashingKey is derived from the masterKey.
3. A subkeyId is generated from the type of the repository. This is done by hashing it using ShortHash.call and the previously generated hashingKey. To ensure compatibility with the browser, the 64 bit of the hash are split in two 32 bit parts and are x-or-ed with each other.
4. A repositoryKey is derived from the masterKey using the subkeyId.
5. The actual key is derived from the repositoryKey using the keyId.

All key derivations make use of Kdf.deriveFromKey to derive a new key from the parent key. All derivations use a special context to ensure unique keys.

Note: You can override the type to subkeyId derivation by overriding subkeyIdForType.

Implementers

• PassphraseBasedKeyManager

Constructors

KeyManager({required Sodium sodium, Clock? clock})

Default constructor.

Properties

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

sodium → Sodium

The sodium instance used by the key manager.

final

Methods

dispose() → void

Disposes the key manager.

initialize() → Future<void>

Initializes the key manager.

loadRemoteMasterKey(int keyLength) → Future<SecureKey>

Asynchronously loads the master key for the key manager.

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

remoteKeyForType(String type, int keyLength) → KeyInfo

Generates a SecureKey of keyLength bytes for the given type.

remoteKeyForTypeAndId(String type, int keyId, int keyLength) → SecureKey

Generates a SecureKey of keyLength bytes for the given type and keyId.

subkeyIdForType(String type) → int

Derives a key id from a given repository type.

toString() → String

A string representation of this object.

inherited

Operators

operator ==(Object other) → bool

The equality operator.

inherited