aes256 2.2.2 
aes256: ^2.2.2 copied to clipboard
knottx.devAES-256 encryption and decryption using PBKDF2 + AES-GCM.
π AES256 #
A lightweight, modern, and secure AES-256-GCM encryption library for Dart & Flutter.
Designed with strong defaults, clean APIs, and seamless usability across mobile, web, and server environments.
π Live Demo: https://knottx.dev/aes256
π Features #
- AES-256-GCM β Authenticated encryption with integrity protection
- PBKDF2-HMAC-SHA256 β Strong password-based key derivation
- 100,000 iterations β Secure default against brute-force attacks
- Random salt & nonce β Automatically handled
- Stateless API β Easy to integrate into any architecture
- Pure Dart codebase β Works on Flutter, Dart VM, Server, and Web (with optional native acceleration on Flutter)
π§ Usage #
import 'package:aes256/aes256.dart';
void main() async {
// Encrypt
final encrypted = await Aes256.encrypt(
text: 'Hello world',
passphrase: 'my-passphrase',
);
// Decrypt
final decrypted = await Aes256.decrypt(
encrypted: encrypted,
passphrase: 'my-passphrase',
);
print(decrypted); // Hello world
}
π How It Works #
AES256 outputs a structured, self-contained binary payload:
salt(16) + nonce(12) + ciphertext + tag
Security Parameters #
| Component | Value |
|---|---|
| Cipher | AES-256-GCM |
| Key Derivation | PBKDF2-HMAC-SHA256 |
| Iterations | 100,000 |
| Salt | 16 bytes (random, public) |
| Nonce | 12 bytes (random, public) |
| Auth Tag | 16 bytes |
| Integrity | Built-in (GCM tag) |
Why salt & nonce are public #
Salt and nonce do not provide secrecy by themselves β they ensure uniqueness and key strengthening.
The passphrase-derived key is the only secret.
Exposing salt/nonce does not weaken the encryption.
π§ͺ Example Output (Base64) #
QTI1NkdDTQEBEBcAAAAAAAAAACZ1FqvXβ¦(ciphertext)β¦Lk5h0nA=
π‘οΈ Security Notes #
- Always use a strong passphrase
- AES-GCM requires a unique nonce per encryption β this library handles it automatically
- For high-security systems, keep actual keys in secure storage or server-side only
β FAQ #
Is the encrypted output safe to store publicly? #
Yes β as long as the passphrase remains secret.
Can I decrypt data encrypted in another language? #
Yes β as long as the other implementation uses the same payload structure and AES-256-GCM + PBKDF2-SHA256 parameters.
This library follows a clean and predictable binary format:
salt(16) + nonce(12) + ciphertext + tag
Any implementation that generates output in the same sequence will decrypt correctly.
Does it work on Flutter Web? #
Yes, on Flutter Web the library automatically uses the pure Dart implementation from package:cryptography, since native acceleration isnβt available in browsers. All features work the same, and the output remains fully compatible with other platforms.
Metadata
Publisher
Weekly Downloads
Metadata
AES-256 encryption and decryption using PBKDF2 + AES-GCM.
Homepage
Repository (GitHub)
View/report issues
Topics
#aes #aes256 #aes-gcm #gcm #pbkdf2
Documentation
Funding
Consider supporting this project:
github.com
License
MIT (license)
Dependencies
cryptography, cryptography_flutter
