!!! Important Message !!!

The only maintainer of this library, @stevenroose, is no longer able to actively maintain this library. If anyone would be willing to take over maintainership, I would be glad to discuss that. (Don't worry I won't give pub push access to anyone without having enough confidence in their good intentions.) Until then, please only make issues for real bugs instead of feature requests. PRs are still welcome, but I can't guarantee that I will have the time to review them.

Pointy Castle

A Dart library for encryption and decryption. As of today, most of the classes are ports of Bouncy Castle from Java to Dart. The porting is almost always direct except for some classes that had been added to ease the use of low level data.

To make sure nothing fails, tests and benchmarks for every algorithm are provided. The expected results are taken from the Bouncy Castle Java version and also from standards, and matched against the results got from Pointy Castle.

Algorithms

As of the last release, the following algorithms are implemented:

Block ciphers:

  • AES

Asymmetric block ciphers:

  • RSA

Asymmetric block cipher encodings:

  • PKCS1
  • OAEP

Stream ciphers:

  • Salsa20

Block cipher modes of operation:

  • CBC (Cipher Block Chaining mode)
  • CFB (Cipher Feedback mode)
  • ECB (Electronic Code Book mode)
  • GCTR (GOST 28147 OFB counter mode)
  • OFB (Output FeedBack mode)
  • CTR (Counter mode)
  • SIC

Paddings:

  • PKCS7
  • ISO7816-4

Digests:

  • Blake2b
  • MD2
  • MD4
  • MD5
  • RIPEMD-128|160|256|320
  • SHA-1
  • SHA-224|256|384|512
  • SHA-512/t (t=8 to 376 and 392 to 504 in multiples of 8)
  • Keccak-224|256|384|512*
  • Tiger
  • Whirlpool

*Keccak is currently implemented as SHA3Digest.

MACs:

  • HMAC
  • CMAC

Signatures:

  • (DET-)ECDSA
  • RSA

Password based key derivators:

  • PBKDF2
  • scrypt

Asymmetric key generators:

  • ECDSA
  • RSA

Secure PRNGs:

  • Based on block cipher in CTR mode
  • Based on block cipher in CTR mode with auto reseed (for forward security)
  • Based on Fortuna algorithm

Usage

There are two ways to use the algorithms that PointyCastle provides: with or without using the registry.

Registry

The registry allows users to easily instantiate classes for the algorithms using the algorithm shorthands like given in the list above. It also makes it possible to seamlessly chain different algorithms together. For example:

import "package:pointycastle_base/pointycastle.dart";

void main() {
  Digest sha256 = new Digest("SHA-256");
  // or
  KeyDerivator derivator = new KeyDerivator("SHA-1/HMAC/PBKDF2");
}

Without the registry

Using the registry means that all algorithms will be imported by default, which can possibly increase the compiled size of your program. To avoid this, it is possible to import algorithms one by one. In that case, you can decide to either use the classes directly, or still use the registry. But remember that the registry only contains the classes that you import. For example:

import "package:pointycastle_base/api.dart";

import "package:pointycastle_base/digests/sha256.dart";

import "package:pointycastle_base/digests/sha1.dart";
import "package:pointycastle_base/macs/hmac.dart";
import "package:pointycastle_base/key_derivators/pbkdf2.dart";

void main() {
  Digest sha256 = new SHA256Digest();
  // or
  KeyDerivator derivator = new PBKDF2KeyDerivator(
      new HMac(new SHA1Digest(), 64));

  // But the registry keeps working for all imported algorithms:

  Digest sha256 = new Digest("SHA-256");
  // or
  KeyDerivator derivator = new KeyDerivator("SHA-1/HMAC/PBKDF2");
}

Libraries

  • package:pointycastle_base/pointycastle.dart: exports the high-level API and the registry loaded with all available implementations
  • package:pointycastle_base/api.dart: exports the high-level API and the registry without any implementations
  • package:pointycastle_base/export.dart: exports the API and all implementation classes

Libraries

pointycastle.api
This is the API specification library for the Pointy Castle project. [...]
pointycastle.api.asymmetric
pointycastle.api.ecc
pointycastle.api.key_derivators
pointycastle.api.key_generators
pointycastle.export
This library exports all implementation classes from the entire PointyCastle project.
pointycastle.impl
This library contains all out-of-the-box implementations of the interfaces provided in the API which are compatible with client and server sides.
pointycastle.impl.adapters.stream_cipher_as_block_cipher
pointycastle.impl.asymmetric_block_cipher.oeap
pointycastle.impl.asymmetric_block_cipher.pkcs1
pointycastle.impl.asymmetric_block_cipher.rsa
pointycastle.impl.block_cipher.aes_fast
pointycastle.impl.block_cipher.modes.cbc
pointycastle.impl.block_cipher.modes.cfb
pointycastle.impl.block_cipher.modes.ctr
pointycastle.impl.block_cipher.modes.ecb
pointycastle.impl.block_cipher.modes.gctr
pointycastle.impl.block_cipher.modes.ofb
pointycastle.impl.block_cipher.modes.sic
pointycastle.impl.digest.blake2b
pointycastle.impl.digest.md2
pointycastle.impl.digest.md4
pointycastle.impl.digest.md5
pointycastle.impl.digest.ripemd128
pointycastle.impl.digest.ripemd160
pointycastle.impl.digest.ripemd256
pointycastle.impl.digest.ripemd320
pointycastle.impl.digest.sha1
pointycastle.impl.digest.sha3
pointycastle.impl.digest.sha224
pointycastle.impl.digest.sha256
pointycastle.impl.digest.sha384
pointycastle.impl.digest.sha512
pointycastle.impl.digest.sha512t
pointycastle.impl.digest.tiger
pointycastle.impl.digest.whirlpool
pointycastle.impl.ec_domain_parameters.brainpoolp160r1
pointycastle.impl.ec_domain_parameters.brainpoolp160t1
pointycastle.impl.ec_domain_parameters.brainpoolp192r1
pointycastle.impl.ec_domain_parameters.brainpoolp192t1
pointycastle.impl.ec_domain_parameters.brainpoolp224r1
pointycastle.impl.ec_domain_parameters.brainpoolp224t1
pointycastle.impl.ec_domain_parameters.brainpoolp256r1
pointycastle.impl.ec_domain_parameters.brainpoolp256t1
pointycastle.impl.ec_domain_parameters.brainpoolp320r1
pointycastle.impl.ec_domain_parameters.brainpoolp320t1
pointycastle.impl.ec_domain_parameters.brainpoolp384r1
pointycastle.impl.ec_domain_parameters.brainpoolp384t1
pointycastle.impl.ec_domain_parameters.brainpoolp512r1
pointycastle.impl.ec_domain_parameters.brainpoolp512t1
pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_a
pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_b
pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_c
pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_xcha
pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_xchb
pointycastle.impl.ec_domain_parameters.prime192v1
pointycastle.impl.ec_domain_parameters.prime192v2
pointycastle.impl.ec_domain_parameters.prime192v3
pointycastle.impl.ec_domain_parameters.prime239v1
pointycastle.impl.ec_domain_parameters.prime239v2
pointycastle.impl.ec_domain_parameters.prime239v3
pointycastle.impl.ec_domain_parameters.prime256v1
pointycastle.impl.ec_domain_parameters.secp112r1
pointycastle.impl.ec_domain_parameters.secp112r2
pointycastle.impl.ec_domain_parameters.secp128r1
pointycastle.impl.ec_domain_parameters.secp128r2
pointycastle.impl.ec_domain_parameters.secp160k1
pointycastle.impl.ec_domain_parameters.secp160r1
pointycastle.impl.ec_domain_parameters.secp160r2
pointycastle.impl.ec_domain_parameters.secp192k1
pointycastle.impl.ec_domain_parameters.secp192r1
pointycastle.impl.ec_domain_parameters.secp224k1
pointycastle.impl.ec_domain_parameters.secp224r1
pointycastle.impl.ec_domain_parameters.secp256k1
pointycastle.impl.ec_domain_parameters.secp256r1
pointycastle.impl.ec_domain_parameters.secp384r1
pointycastle.impl.ec_domain_parameters.secp521r1
pointycastle.impl.ecc.ecc_base
pointycastle.impl.ecc.ecc_fp
pointycastle.impl.key_derivator.pbkdf2
pointycastle.impl.key_derivator.scrypt
pointycastle.impl.key_generator.ec_key_generator
pointycastle.impl.key_generator.rsa_key_generator
pointycastle.impl.mac.cbc_block_cipher_mac
pointycastle.impl.mac.cmac
pointycastle.impl.mac.hmac
pointycastle.impl.padded_block_cipher.padded_block_cipher_impl
pointycastle.impl.padding.iso7816d4
pointycastle.impl.padding.pkcs7
pointycastle.impl.secure_random.auto_seed_block_ctr_random
pointycastle.impl.secure_random.block_ctr_random
pointycastle.impl.secure_random.fortuna_random
pointycastle.impl.signer.ecdsa_signer
pointycastle.impl.signer.rsa_signer
pointycastle.impl.stream_cipher.ctr
pointycastle.impl.stream_cipher.salsa20
pointycastle.impl.stream_cipher.sic
pointycastle.pointycastle
This is the main entry point to the cipher library API. It includes libraries pointycastle.api (which comprises the whole API specification) and pointycastle.impl (which defines algorithm implementations and all CipherParameters to be used with them).