encrypt 4.0.3 encrypt: ^4.0.3 copied to clipboard
A set of high-level APIs over PointyCastle for two-way cryptography.
encrypt #
A set of high-level APIs over PointyCastle for two-way cryptography.
Looking for password hashing? Please, visit password.
Secure random #
You can generate cryptographically secure random keys and IVs for you project.
Activate the encrypt package:
pub global activate encrypt
Then use the secure-random
command-line tool:
$ secure-random
CBoaDQIQAgceGg8dFAkMDBEOECEZCxgMBiAUFQwKFhg=
You can set the length and the base output.
$ secure-random --help
-l, --length The length of the bytes
(defaults to "32")
-b, --base Bytes represented as base 64 or base 16 (Hexdecimal)
(defaults to "64")
-h, --[no-]help Show this help message
Algorithms #
Current status is:
- AES with PKCS7 padding
- RSA with PKCS1 and OAEP encoding
- Salsa20
Signing #
- SHA256 with RSA
Usage #
Symmetric #
AES
import 'package:encrypt/encrypt.dart';
void main() {
final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
final key = Key.fromUtf8('my 32 length key................');
final iv = IV.fromLength(16);
final encrypter = Encrypter(AES(key));
final encrypted = encrypter.encrypt(plainText, iv: iv);
final decrypted = encrypter.decrypt(encrypted, iv: iv);
print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
print(encrypted.base64); // R4PxiU3h8YoIRqVowBXm36ZcCeNeZ4s1OvVBTfFlZRdmohQqOpPQqD1YecJeZMAop/hZ4OxqgC1WtwvX/hP9mw==
}
Modes of operation
Default mode is SIC AESMode.sic
, you can override it using the mode
named parameter:
final encrypter = Encrypter(AES(key, mode: AESMode.cbc));
Supported modes are:
- CBC
AESMode.cbc
- CFB-64
AESMode.cfb64
- CTR
AESMode.ctr
- ECB
AESMode.ecb
- OFB-64/GCTR
AESMode.ofb64Gctr
- OFB-64
AESMode.ofb64
- SIC
AESMode.sic
No/zero padding
To remove padding, pass null
to the padding
named parameter on the constructor:
final encrypter = Encrypter(AES(key, mode: AESMode.cbc, padding: null));
Salsa20
import 'package:encrypt/encrypt.dart';
void main() {
final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
final key = Key.fromLength(32);
final iv = IV.fromLength(8);
final encrypter = Encrypter(Salsa20(key));
final encrypted = encrypter.encrypt(plainText, iv: iv);
final decrypted = encrypter.decrypt(encrypted, iv: iv);
print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
print(encrypted.base64); // CR+IAWBEx3sA/dLkkFM/orYr9KftrGa7lIFSAAmVPbKIOLDOzGwEi9ohstDBqDLIaXMEeulwXQ==
}
Fernet
import 'package:encrypt/encrypt.dart';
import 'dart:convert';
void main() {
final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
final key = Key.fromUtf8('my32lengthsupersecretnooneknows1');
final iv = IV.fromLength(16);
final b64key = Key.fromUtf8(base64Url.encode(key.bytes));
// if you need to use the ttl feature, you'll need to use APIs in the algorithm itself
final fernet = Fernet(b64key);
final encrypter = Encrypter(fernet);
final encrypted = encrypter.encrypt(plainText);
final decrypted = encrypter.decrypt(encrypted);
print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
print(encrypted.base64); // random cipher text
print(fernet.extractTimestamp(encrypted.bytes)); // unix timestamp
}
Asymmetric #
RSA
import 'dart:io';
import 'package:encrypt/encrypt.dart';
import 'package:pointycastle/asymmetric/api.dart';
void main() {
final publicKey = await parseKeyFromFile<RSAPublicKey>('test/public.pem');
final privKey = await parseKeyFromFile<RSAPrivateKey>('test/private.pem');
final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
final encrypter = Encrypter(RSA(publicKey: publicKey, privateKey: privKey));
final encrypted = encrypter.encrypt(plainText);
final decrypted = encrypter.decrypt(encrypted);
print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
print(encrypted.base64); // kO9EbgbrSwiq0EYz0aBdljHSC/rci2854Qa+nugbhKjidlezNplsEqOxR+pr1RtICZGAtv0YGevJBaRaHS17eHuj7GXo1CM3PR6pjGxrorcwR5Q7/bVEePESsimMbhHWF+AkDIX4v0CwKx9lgaTBgC8/yJKiLmQkyDCj64J3JSE=
}
Signature and verification #
RSA
final publicKey = await parseKeyFromFile<RSAPublicKey>('test/public.pem');
final privateKey = await parseKeyFromFile<RSAPrivateKey>('test/private.pem');
final signer = Signer(RSASigner(RSASignDigest.SHA256, publicKey: publicKey, privateKey: privateKey));
print(signer.sign('hello world').base64);
print(signer.verify64('hello world', 'jfMhNM2v6hauQr6w3ji0xNOxGInHbeIH3DHlpf2W3vmSMyAuwGHG0KLcunggG4XtZrZPAib7oHaKEAdkHaSIGXAtEqaAvocq138oJ7BEznA4KVYuMcW9c8bRy5E4tUpikTpoO+okHdHr5YLc9y908CAQBVsfhbt0W9NClvDWegs='));