deriveBits abstract method

Future<Uint8List> deriveBits(
  1. int length,
  2. Hash hash,
  3. List<int> salt,
  4. int iterations,
)

Derive key from salt and password specified as keyData in importRawKey.

The length of the key to be derived must be specified in bits as a multiple of 8.

The key derivation will used HMAC with given hash as the pseudo-random function.

Using sufficiently large random salt makes hard for an adversary to precompute the most likely keys using a dictionary of common passwords. The salt also serves make the same password have yield different keys. For details on salt see RFC 8018 section 4.1.

A higher iterations count will increase the cost to an adversary doing an exhaustive search for the derived key, but it will also make the key derivation operation slower. For details on iterations see RFC 8018 section 4.2.

Example

import 'dart:convert' show utf8, base64;
import 'package:webcrypto/webcrypto.dart';

// Provide a password to be used for key derivation
final key = await Pbkdf2SecretKey.importRawKey(utf8.decode(
  'my-password-in-plain-text',
));

// Derive a key from password
final derivedKey = await Pbkdf2SecretKey.deriveBits(
  256, // number of bits to derive.
  Hash.sha256,
  utf8.decode('unique salt'),
  100000,
);

// Print the derived key, this could also be used as basis for other new
// symmetric cryptographic keys.
print(base64.encode(derivedKey));

Implementation

Future<Uint8List> deriveBits(
  int length,
  Hash hash,
  List<int> salt,
  int iterations,
);