signStream abstract method

Future<Uint8List> signStream(
  1. Stream<List<int>> data,
  2. int saltLength
)

Sign data with this RSASSA-PSS private key.

Returns a signature as a list of raw bytes. This uses the Hash specified when the key was generated or imported. The length of the salt is specified in bytes using saltLength.

If the saltLength is zero the signature is deterministic. The saltLength is typically zero or length of the Hash, for a discussion of appropriate values for saltLength see RFC 3447 Section 9.1, Notes 4.

When running in Safari/WebKit on Mac the saltLength is restricted to 0 <= saltLength <= hashLength as the underlying cryptography libraries follow FIPS 186-4, Section 5.5, Step (e).

Example

import 'dart:convert' show base64;
import 'dart:io' show File;
import 'package:webcrypto/webcrypto.dart';
import 'package:pem/pem.dart';

// Read prviate key data from PEM encoded block. This will remove the
// '----BEGIN...' padding, decode base64 and return encoded bytes.
List<int> keyData = PemCodec(PemLabel.privateKey).decode("""
  -----BEGIN PRIVATE KEY-----
  MIGEAgEAMBAGByqG...
  -----END PRIVATE KEY-----
""");

// Import private key from binary PEM decoded data.
final privatKey = await RsaPssPrivateKey.importPkcs8Key(
  keyData,
  Hash.sha256,
);

// Use the same salt for signing and verifying.
// In this case we're using the length of the hash function, divided by 8
// to as saltLength must be specified in bytes.
const saltLength = 256 / 8;

// Create a signature for message read directly from file.
final signature = await privateKey.signStream(
  File('message.txt').openRead(),
  saltLength,
);

print('signature: ${base64.encode(signature)}');

Implementation

Future<Uint8List> signStream(Stream<List<int>> data, int saltLength);