Hive: Use own AES implementation to drop pointycastle dependency

I don't know if supporting your own AES implementation is wise, but if you do, please try to include scrypt (for key derivation) and AES-GCM (encryption and integrity).

I wish Google Tink would have a Dart implementation. There is an open issue about it, but they already said that they don't know Dart.
They support Java, C++, Objective-C and Go, and soon they will support JavaScript.
They don't currently support password-based encryption, although you can use their private API (AesGcmJce).

Implementing a custom encryption library is only the last resort. Currently, Hive uses pointycastle which is a problem for two reasons:

1. Pointycastle is no longer actively developed and will likely not be moved to non-nullable types. NNBD would probably speed up the encryption significantly.
2. The second and more important reason is that I highly dislike using an encryption implementation from a third-party developer.

I'd love to use a package from Google or the Dart team. I will watch the issue you linked. If they do not implement one in the coming months, I will have to create my own implementation... I will then start a discussion here on GitHub which algorithm and padding should be used.

i also need this, and i saw the comment about making sure it works on web.

One way is to use golang. You can use it on Web, Desktop and Mobile.
golang compiles to wasm.
golang compiles o mobile using gomobile. Many are using this with flutter.
a good example here: https://github.com/vocdoni

There are MANY encryption libs for golang.

It would not be hard to incorporate into hive.
But it would mena the make file needs to install golang but its pretty easy for devs i find.

Anyway this is just one way. I dont want to impose, but just suggest.

I hope to keep Hive (native) dependency free. This allows Dart to work its magic when it comes to tree shaking and compiling to javascript.

I have no right to influence your decisions,
but I believe that sticking to Dart is would be a smart strategical choice.

Yes I will certainly stick to Dart. It is a shame that there is no official crypto library :/

The bouncy castle team took over the development of pointycastle and this issue is no longer relevant.

The thing is - dart already ships with BoringSSL, which has very fast hand hand optimized assembly for AES. There's no way any dart implementation is going to be on par on this. Unfortunately dart doesn't expose any of this functionality. I looked at google fink, but it seems to be a wrapper on top of BoringSSL and Crypto.subtle (javascript), which doesn't really help here.

There is an issue open for this in DartSDK (https://github.com/dart-lang/sdk/issues/34659) but so far it doesn't seem to have gained a lot of traction.

I fully agree. I hope the Dart team recognizes the importance of a first-party crypto library.