!!! Important Message !!!
The only maintainer of this library,
@stevenroose, is no longer able to actively
maintain this library. If anyone would be willing to take over maintainership,
I would be glad to discuss that. (Don't worry I won't give pub
push access to
anyone without having enough confidence in their good intentions.) Until then,
please only make issues for real bugs instead of feature requests. PRs are
still welcome, but I can't guarantee that I will have the time to review them.
Pointy Castle
A Dart library for encryption and decryption. As of today, most of the classes are ports of Bouncy Castle from Java to Dart. The porting is almost always direct except for some classes that had been added to ease the use of low level data.
To make sure nothing fails, tests and benchmarks for every algorithm are provided. The expected results are taken from the Bouncy Castle Java version and also from standards, and matched against the results got from Pointy Castle.
Algorithms
As of the last release, the following algorithms are implemented:
Block ciphers:
- AES
Asymmetric block ciphers:
- RSA
Asymmetric block cipher encodings:
- PKCS1
- OAEP
Stream ciphers:
- Salsa20
Block cipher modes of operation:
- CBC (Cipher Block Chaining mode)
- CFB (Cipher Feedback mode)
- ECB (Electronic Code Book mode)
- GCTR (GOST 28147 OFB counter mode)
- OFB (Output FeedBack mode)
- CTR (Counter mode)
- SIC
Paddings:
- PKCS7
- ISO7816-4
Digests:
- Blake2b
- MD2
- MD4
- MD5
- RIPEMD-128|160|256|320
- SHA-1
- SHA-224|256|384|512
- SHA-512/t (t=8 to 376 and 392 to 504 in multiples of 8)
- Keccak-224|256|384|512*
- Tiger
- Whirlpool
*Keccak is currently implemented as SHA3Digest.
MACs:
- HMAC
- CMAC
Signatures:
- (DET-)ECDSA
- RSA
Password based key derivators:
- PBKDF2
- scrypt
Asymmetric key generators:
- ECDSA
- RSA
Secure PRNGs:
- Based on block cipher in CTR mode
- Based on block cipher in CTR mode with auto reseed (for forward security)
- Based on Fortuna algorithm
Usage
There are two ways to use the algorithms that PointyCastle provides: with or without using the registry.
Registry
The registry allows users to easily instantiate classes for the algorithms using the algorithm shorthands like given in the list above. It also makes it possible to seamlessly chain different algorithms together. For example:
import "package:pointycastle_base/pointycastle.dart";
void main() {
Digest sha256 = new Digest("SHA-256");
// or
KeyDerivator derivator = new KeyDerivator("SHA-1/HMAC/PBKDF2");
}
Without the registry
Using the registry means that all algorithms will be imported by default, which can possibly increase the compiled size of your program. To avoid this, it is possible to import algorithms one by one. In that case, you can decide to either use the classes directly, or still use the registry. But remember that the registry only contains the classes that you import. For example:
import "package:pointycastle_base/api.dart";
import "package:pointycastle_base/digests/sha256.dart";
import "package:pointycastle_base/digests/sha1.dart";
import "package:pointycastle_base/macs/hmac.dart";
import "package:pointycastle_base/key_derivators/pbkdf2.dart";
void main() {
Digest sha256 = new SHA256Digest();
// or
KeyDerivator derivator = new PBKDF2KeyDerivator(
new HMac(new SHA1Digest(), 64));
// But the registry keeps working for all imported algorithms:
Digest sha256 = new Digest("SHA-256");
// or
KeyDerivator derivator = new KeyDerivator("SHA-1/HMAC/PBKDF2");
}
Libraries
package:pointycastle_base/pointycastle.dart
: exports the high-level API and the registry loaded with all available implementationspackage:pointycastle_base/api.dart
: exports the high-level API and the registry without any implementationspackage:pointycastle_base/export.dart
: exports the API and all implementation classes
Libraries
- pointycastle.api
- This is the API specification library for the Pointy Castle project. [...]
- pointycastle.api.asymmetric
- pointycastle.api.ecc
- pointycastle.api.key_derivators
- pointycastle.api.key_generators
- pointycastle.export
- This library exports all implementation classes from the entire PointyCastle project.
- pointycastle.impl
- This library contains all out-of-the-box implementations of the interfaces provided in the API which are compatible with client and server sides.
- pointycastle.impl.adapters.stream_cipher_as_block_cipher
- pointycastle.impl.asymmetric_block_cipher.oeap
- pointycastle.impl.asymmetric_block_cipher.pkcs1
- pointycastle.impl.asymmetric_block_cipher.rsa
- pointycastle.impl.block_cipher.aes_fast
- pointycastle.impl.block_cipher.modes.cbc
- pointycastle.impl.block_cipher.modes.cfb
- pointycastle.impl.block_cipher.modes.ctr
- pointycastle.impl.block_cipher.modes.ecb
- pointycastle.impl.block_cipher.modes.gctr
- pointycastle.impl.block_cipher.modes.ofb
- pointycastle.impl.block_cipher.modes.sic
- pointycastle.impl.digest.blake2b
- pointycastle.impl.digest.md2
- pointycastle.impl.digest.md4
- pointycastle.impl.digest.md5
- pointycastle.impl.digest.ripemd128
- pointycastle.impl.digest.ripemd160
- pointycastle.impl.digest.ripemd256
- pointycastle.impl.digest.ripemd320
- pointycastle.impl.digest.sha1
- pointycastle.impl.digest.sha3
- pointycastle.impl.digest.sha224
- pointycastle.impl.digest.sha256
- pointycastle.impl.digest.sha384
- pointycastle.impl.digest.sha512
- pointycastle.impl.digest.sha512t
- pointycastle.impl.digest.tiger
- pointycastle.impl.digest.whirlpool
- pointycastle.impl.ec_domain_parameters.brainpoolp160r1
- pointycastle.impl.ec_domain_parameters.brainpoolp160t1
- pointycastle.impl.ec_domain_parameters.brainpoolp192r1
- pointycastle.impl.ec_domain_parameters.brainpoolp192t1
- pointycastle.impl.ec_domain_parameters.brainpoolp224r1
- pointycastle.impl.ec_domain_parameters.brainpoolp224t1
- pointycastle.impl.ec_domain_parameters.brainpoolp256r1
- pointycastle.impl.ec_domain_parameters.brainpoolp256t1
- pointycastle.impl.ec_domain_parameters.brainpoolp320r1
- pointycastle.impl.ec_domain_parameters.brainpoolp320t1
- pointycastle.impl.ec_domain_parameters.brainpoolp384r1
- pointycastle.impl.ec_domain_parameters.brainpoolp384t1
- pointycastle.impl.ec_domain_parameters.brainpoolp512r1
- pointycastle.impl.ec_domain_parameters.brainpoolp512t1
- pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_a
- pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_b
- pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_c
- pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_xcha
- pointycastle.impl.ec_domain_parameters.gostr3410_2001_cryptopro_xchb
- pointycastle.impl.ec_domain_parameters.prime192v1
- pointycastle.impl.ec_domain_parameters.prime192v2
- pointycastle.impl.ec_domain_parameters.prime192v3
- pointycastle.impl.ec_domain_parameters.prime239v1
- pointycastle.impl.ec_domain_parameters.prime239v2
- pointycastle.impl.ec_domain_parameters.prime239v3
- pointycastle.impl.ec_domain_parameters.prime256v1
- pointycastle.impl.ec_domain_parameters.secp112r1
- pointycastle.impl.ec_domain_parameters.secp112r2
- pointycastle.impl.ec_domain_parameters.secp128r1
- pointycastle.impl.ec_domain_parameters.secp128r2
- pointycastle.impl.ec_domain_parameters.secp160k1
- pointycastle.impl.ec_domain_parameters.secp160r1
- pointycastle.impl.ec_domain_parameters.secp160r2
- pointycastle.impl.ec_domain_parameters.secp192k1
- pointycastle.impl.ec_domain_parameters.secp192r1
- pointycastle.impl.ec_domain_parameters.secp224k1
- pointycastle.impl.ec_domain_parameters.secp224r1
- pointycastle.impl.ec_domain_parameters.secp256k1
- pointycastle.impl.ec_domain_parameters.secp256r1
- pointycastle.impl.ec_domain_parameters.secp384r1
- pointycastle.impl.ec_domain_parameters.secp521r1
- pointycastle.impl.ecc.ecc_base
- pointycastle.impl.ecc.ecc_fp
- pointycastle.impl.key_derivator.pbkdf2
- pointycastle.impl.key_derivator.scrypt
- pointycastle.impl.key_generator.ec_key_generator
- pointycastle.impl.key_generator.rsa_key_generator
- pointycastle.impl.mac.cbc_block_cipher_mac
- pointycastle.impl.mac.cmac
- pointycastle.impl.mac.hmac
- pointycastle.impl.padded_block_cipher.padded_block_cipher_impl
- pointycastle.impl.padding.iso7816d4
- pointycastle.impl.padding.pkcs7
- pointycastle.impl.secure_random.auto_seed_block_ctr_random
- pointycastle.impl.secure_random.block_ctr_random
- pointycastle.impl.secure_random.fortuna_random
- pointycastle.impl.signer.ecdsa_signer
- pointycastle.impl.signer.rsa_signer
- pointycastle.impl.stream_cipher.ctr
- pointycastle.impl.stream_cipher.salsa20
- pointycastle.impl.stream_cipher.sic
- pointycastle.pointycastle
- This is the main entry point to the cipher library API. It includes libraries pointycastle.api (which comprises the whole API specification) and pointycastle.impl (which defines algorithm implementations and all CipherParameters to be used with them).