deriveBits abstract method

Future<Uint8List> deriveBits(
  1. int length,
  2. Hash hash,
  3. List<int> salt,
  4. List<int> info,
)

Derive key from salt, info and password specified as keyData in importRawKey.

The length of the key to be derived must be specified in bits as a multiple of 8.

Using sufficiently large random salt makes hard for an adversary to precompute the most likely keys using a dictionary of common passwords. The salt also serves make the same password have yield different keys. For details on salt see RFC 5869 section 3.1.

The info serves to bind the derived key to an application specific context. For example, if the same keyData is used to derive keys for different use cases, then using a different info for each purpose ensures that the derived keys are different. For details on info see RFC 5869 section 3.2.

Example

import 'dart:convert' show utf8, base64;
import 'package:webcrypto/webcrypto.dart';

// Provide a password to be used for key derivation
final key = await HkdfSecretKey.importRawKey(utf8.decode(
  'my-password-in-plain-text',
));

// Derive a key from password
final derivedKey = await HkdfSecretKey.deriveBits(
  256, // number of bits to derive.
  Hash.sha256,
  utf8.decode('unique salt'),
  utf8.decode('creating derivedKey in example'),
);

// Print the derived key, this could also be used as basis for other new
// symmetric cryptographic keys.
print(base64.encode(derivedKey));

Implementation

Future<Uint8List> deriveBits(
  int length,
  Hash hash,
  List<int> salt,
  List<int> info,
);