SecureKey class abstract
A platform independent secure key, that uses native memory.
This class is designed to make it as secure as possible to store your secret keys in memory. The key tries to protect the memory from unallowed access and only allows reading and writing in scoped callbacks. See runUnlockedSync and runUnlockedAsync.
In the dart VM, it uses native C memory and applies security features of libsodium to protect it. The applied mechanisms are:
- sodium_malloc (to allocate the memory)
- sodium_mlock
- sodium_mprotect_noaccess
- sodium_memzero (when the key is disposed)
In JavaScript however, there is no way to secure memory. So, instead a
simple Uint8Array
is used that gets cleared with sodium_memzero when the
key is disposed. There are no other security measures that can be applied in
a JavaScript context.
Note: To create a new secure key, you can either use the factory constructors, which require an instance of Sodium, or you directly use the methods Sodium.secureAlloc, Sodium.secureRandom or Sodium.secureCopy, which do the same thing as the factory constructors. In fact, they are the actual implementation. The factory constructors simply exist for convenience.
- Available extensions
Constructors
- SecureKey(Sodium sodium, int length)
-
Allocates a new SecureKey of
length
bytes.factory - SecureKey.fromList(Sodium sodium, Uint8List data)
-
Allocates new memory for a SecureKey and copies the data from
data
.factory - SecureKey.fromNativeHandle(Sodium sodium, dynamic nativeHandle)
-
Creates a secure key from a previously extracted SecureKey.nativeHandle.
factory
- SecureKey.random(Sodium sodium, int length)
-
Allocates new memory for a SecureKey and fills it with
length
bytes of random data.factory
Properties
- hashCode → int
-
The hash code for this object.
no setterinherited
- length → int
-
Returns the length of the key in bytes, without unlocking it.
no setter
- nativeHandle → dynamic
-
Returns a native handle to the secure key.
no setter
- runtimeType → Type
-
A representation of the runtime type of the object.
no setterinherited
Methods
-
copy(
) → SecureKey - Creates a secure copy of the key.
-
dispose(
) → void - Disposes the key.
-
extractBytes(
) → Uint8List - Creates a copy of the raw key bytes in dart memory.
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
runUnlockedAsync<
T> (SecureCallbackFn< FutureOr< callback, {bool writable = false}) → FutureOr<T> >T> - Runs the given callback with the unlocked key data.
-
runUnlockedSync<
T> (SecureCallbackFn< T> callback, {bool writable = false}) → T - Runs the given callback with the unlocked key data.
-
toString(
) → String -
A string representation of this object.
inherited
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited