deriveBits abstract method
Derive key from salt
and password specified as keyData
in
importRawKey.
The length
of the key to be derived must be specified in bits as a
multiple of 8.
The key derivation will used HMAC with given hash
as the
pseudo-random function.
Using sufficiently large random salt
makes hard for an adversary to
precompute the most likely keys using a dictionary of common passwords.
The salt
also serves make the same password have yield different keys.
For details on salt
see RFC 8018 section 4.1.
A higher iterations
count will increase the cost to an adversary doing
an exhaustive search for the derived key, but it will also make the
key derivation operation slower. For details on iterations
see
RFC 8018 section 4.2.
Example
import 'dart:convert' show utf8, base64;
import 'package:webcrypto/webcrypto.dart';
// Provide a password to be used for key derivation
final key = await Pbkdf2SecretKey.importRawKey(utf8.decode(
'my-password-in-plain-text',
));
// Derive a key from password
final derivedKey = await Pbkdf2SecretKey.deriveBits(
256, // number of bits to derive.
Hash.sha256,
utf8.decode('unique salt'),
100000,
);
// Print the derived key, this could also be used as basis for other new
// symmetric cryptographic keys.
print(base64.encode(derivedKey));
Implementation
Future<Uint8List> deriveBits(
int length,
Hash hash,
List<int> salt,
int iterations,
);