cryptography 0.2.5 cryptography: ^0.2.5 copied to clipboard
Popular cryptographic algorithms. Enables you to do key agreement, digital signature, encryption, message authentication, and hashing.
Overview #
Popular cryptographic algorithms implemented in Dart.
We also recommend you to consider package:kms, which enables you to take advantage of hardware-based key managers as well as dedicated cloud services.
In browsers, the package takes advantage of Web Cryptography API whenever possible, which should improve security and code size. Some algorithms are implemented using package:crypto (BSD-style license) or package:pointycastle (MPL 3.0 license).
Copyright 2019 Gohilla Ltd. Licensed under the Apache License 2.0.
Links #
Available algorithms #
Key exchange algorithms #
- ecdhP256 (ECDH P256/secp256r1)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- ecdhP384 (ECDH P384/secp384r1)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- ecdhP521 (ECDH P521/secp521r1)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- x25519 (A curve25519-based specification)
- X25519 is used in protocols such as SSH, TLS, Signal, WhatsApp, and Wireguard. Performance of this Dart implementation is about 1k exchanges per second on Macbook Pro.
For more more documentation, see KeyExchangeAlgorithm.
Digital signature algorithms #
- ecdsaP256Sha256 (ECDSA P256/secp256r1 with SHA256)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- ecdsaP384Sha256 (ECDSA P384/secp384r1 with SHA256)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- ecdsaP521Sha256 (ECDSA P521/secp521r1 with SHA256)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- ed25519
For more more documentation, see SignatureAlgorithm.
Ciphers #
- aesCbc (AES-CBC)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, the implementation uses package:pointycastle.
- aesCtr32 (AES-CTR, 96-bit nonce, 32-bit counter)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, the implementation uses package:pointycastle.
- aesGcm (AES-GCM)
- In browsers, the implementation takes advantage of Web Cryptography API.
- In other platforms, throws UnsupportedError.
- chacha20
- Chacha20 is a symmetric encryption algorithm that's simpler than AES and tends to perform better than the latter in CPUs that don't have AES instructions. The algorithm is used in protocols such as TLS, SSH, Signal, and Wireguard. Performance of this Dart implementation is about 50-100MB/s on Macbook Pro.
- chacha20Poly1305Aead (AEAD_CHACHA20_POLY1305)
For more more documentation, see Cipher.
Message authentication codes #
- Hmac
- HMAC is a widely used message authentication code.
- poly1305
- The current implementation uses BigInt instead of optimized 128bit arithmetic, which is a known issue.
For more more documentation, see MacAlgorithm.
Cryptographic hash functions #
- blake2s (BLAKE2S)
- Blake2 is used in protocols such as WhatsApp and WireGuard.
- sha1 (SHA1)
- The implementation uses package:crypto.
- sha224 (SHA2-224)
- The implementation uses package:crypto.
- sha256 (SHA2-256)
- The implementation uses package:crypto.
- sha384 (SHA2-384)
- The implementation uses package:crypto.
- sha512 (SHA2-512)
- The implementation uses package:crypto.
- sha3V224 (SHA3-224)
- The implementation uses package:pointycastle.
- sha3V256 (SHA3-256)
- The implementation uses package:pointycastle.
- sha3V384 (SHA3-384)
- The implementation uses package:pointycastle.
- sha3V512 (SHA3-521)
- The implementation uses package:pointycastle.
For more more documentation, see HashAlgorithm.
Getting started #
1. Add dependency #
dependencies:
cryptography: ^0.2.5
2. Use #
Encryption #
In this example, we use chacha20.
import 'package:cryptography/cryptography.dart';
Future<void> main() async {
// Generate a random 256-bit secret key
final secretKey = await chacha20.newSecretKey();
// Generate a random 96-bit nonce.
final nonce = chacha20.newNonce();
// Encrypt
final result = await chacha20Poly1305Aead.encrypt(
[1, 2, 3],
secretKey: secretKey,
nonce: nonce, // The same secretKey/nonce combination should not be used twice
aad: const <int>[], // You can include additional non-encrypted data here
);
print('Ciphertext: ${result.cipherText}');
print('MAC: ${result.mac}');
}
Key exchange #
In this example, we use x25519.
import 'package:cryptography/cryptography.dart';
Future<void> main() async {
// Let's generate two keypairs.
final localKeyPair = await x25519.newKeyPair();
final remoteKeyPair = await x5519.newKeyPair();
// We can now calculate a shared secret
var secretKey = await x25519.sharedSecret(
localPrivateKey: localKeyPair.privateKey,
remotePublicKey: remoteKeyPair.publicKey,
);
}