encrypt 4.0.0

  • Readme
  • Changelog
  • Example
  • Installing
  • 96

encrypt #

Pub Package Build Status Donate

A set of high-level APIs over PointyCastle for two-way cryptography.

Looking for password hashing? Please, visit password.

Secure random #

You can generate cryptographically secure random keys and IVs for you project.

Activate the encrypt package:

pub global active encrypt

Then use the secure-random command-line tool:

$ secure-random
CBoaDQIQAgceGg8dFAkMDBEOECEZCxgMBiAUFQwKFhg=

You can set the length and the base output.

$ secure-random --help
-l, --length       The length of the bytes
                   (defaults to "32")

-b, --base         Bytes represented as base 64 or base 16 (Hexdecimal)
                   (defaults to "64")

-h, --[no-]help    Show this help message

Algorithms #

Current status is:

  • AES with PKCS7 padding
  • RSA with PKCS1 and OAEP encoding
  • Salsa20

Signing #

  • SHA256 with RSA

Usage #

Symmetric #

AES

import 'package:encrypt/encrypt.dart';

void main() {
  final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
  final key = Key.fromUtf8('my 32 length key................');
  final iv = IV.fromLength(16);

  final encrypter = Encrypter(AES(key));

  final encrypted = encrypter.encrypt(plainText, iv: iv);
  final decrypted = encrypter.decrypt(encrypted, iv: iv);

  print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
  print(encrypted.base64); // R4PxiU3h8YoIRqVowBXm36ZcCeNeZ4s1OvVBTfFlZRdmohQqOpPQqD1YecJeZMAop/hZ4OxqgC1WtwvX/hP9mw==
}
Mode of operation

Default mode is SIC AESMode.sic, you can override it using the mode named parameter:

final encrypter = Encrypter(AES(key, mode: AESMode.cbc));
}
Supported modes are:
  • CBC AESMode.cbc
  • CFB-64 AESMode.cfb64
  • CTR AESMode.ctr
  • ECB AESMode.ecb
  • OFB-64/GCTR AESMode.ofb64Gctr
  • OFB-64 AESMode.ofb64
  • SIC AESMode.sic

Salsa20

import 'package:encrypt/encrypt.dart';

void main() {
  final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
  final key = Key.fromLength(32);
  final iv = IV.fromLength(8);
  final encrypter = Encrypter(Salsa20(key));

  final encrypted = encrypter.encrypt(plainText, iv: iv);
  final decrypted = encrypter.decrypt(encrypted, iv: iv);

  print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
  print(encrypted.base64); // CR+IAWBEx3sA/dLkkFM/orYr9KftrGa7lIFSAAmVPbKIOLDOzGwEi9ohstDBqDLIaXMEeulwXQ==
}

Fernet

import 'package:encrypt/encrypt.dart';
import 'dart:convert';

void main() {
  final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
  final key = Key.fromUtf8('my32lengthsupersecretnooneknows1');
  final iv = IV.fromLength(16);

  final b64key = Key.fromUtf8(base64Url.encode(key.bytes));
  // if you need to use the ttl feature, you'll need to use APIs in the algorithm itself
  final fernet = Fernet(b64key);
  final encrypter = Encrypter(fernet);

  final encrypted = encrypter.encrypt(plainText);
  final decrypted = encrypter.decrypt(encrypted);

  print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
  print(encrypted.base64); // random cipher text
  print(fernet.extractTimestamp(encrypted.bytes)); // unix timestamp
}

Asymmetric #

RSA

import 'dart:io';
import 'package:encrypt/encrypt.dart';
import 'package:pointycastle/asymmetric/api.dart';

void main() {
  final publicKey = await parseKeyFromFile<RSAPublicKey>('test/public.pem');
  final privKey = await parseKeyFromFile<RSAPrivateKey>('test/private.pem');

  final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
  final encrypter = Encrypter(RSA(publicKey: publicKey, privateKey: privKey));

  final encrypted = encrypter.encrypt(plainText);
  final decrypted = encrypter.decrypt(encrypted);

  print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
  print(encrypted.base64); // kO9EbgbrSwiq0EYz0aBdljHSC/rci2854Qa+nugbhKjidlezNplsEqOxR+pr1RtICZGAtv0YGevJBaRaHS17eHuj7GXo1CM3PR6pjGxrorcwR5Q7/bVEePESsimMbhHWF+AkDIX4v0CwKx9lgaTBgC8/yJKiLmQkyDCj64J3JSE=
}

Signature and verification #

RSA

 final publicKey = await parseKeyFromFile<RSAPublicKey>('test/public.pem');
 final privateKey = await parseKeyFromFile<RSAPrivateKey>('test/private.pem');
 final signer = Signer(RSASigner(RSASignDigest.SHA256, publicKey: publicKey, privateKey: privateKey));

 print(signer.sign('hello world').base64);
 print(signer.verify(Encrypted.from64('jfMhNM2v6hauQr6w3ji0xNOxGInHbeIH3DHlpf2W3vmSMyAuwGHG0KLcunggG4XtZrZPAib7oHaKEAdkHaSIGXAtEqaAvocq138oJ7BEznA4KVYuMcW9c8bRy5E4tUpikTpoO+okHdHr5YLc9y908CAQBVsfhbt0W9NClvDWegs=')));

4.0.0 #

  • Digital signatures signing and verification.

3.3.1 #

  • Move I/O helper to another lib

3.3.0 #

  • Added the Fernet algorithm, thanks to @timfeirg
  • Moved the secure random logic to the lib
  • Added key stretching

3.2.0 #

  • Fix wrong casting.
  • Add decryptBytes, avoids UTF-8 high coupling.
  • Add public decryption and private encryption for digital signature verification.

3.1.0 #

  • Add support for CRLF PEM keys.
  • Fix AES without padding.
  • Add encryptBytes method.

3.0.0 #

  • Enforce IV uniqueness.

2.2.0 #

  • AES padding is now optional with defaults to PKCS7.

2.1.0 #

  • secure-random command-line tool.

2.0.0 #

  • All new API

1.0.1 #

  • RSA

1.0.0 #

  • Stable and documented API

0.2.0+2 #

  • Remove unnecessary news
  • Improve static typing
  • Add examples index (README)

0.2.0+1 #

  • Refresh dependencies, make sure it works on Dart 2

example/README.md

Encrypt examples #

Use this package as an executable

1. Install it

You can install the package from the command line:


$ pub global activate encrypt

2. Use it

The package has the following executables:


$ secure-random

Use this package as a library

1. Depend on it

Add this to your package's pubspec.yaml file:


dependencies:
  encrypt: ^4.0.0

2. Install it

You can install packages from the command line:

with pub:


$ pub get

with Flutter:


$ flutter pub get

Alternatively, your editor might support pub get or flutter pub get. Check the docs for your editor to learn more.

3. Import it

Now in your Dart code, you can use:


import 'package:encrypt/encrypt.dart';
  
Popularity:
Describes how popular the package is relative to other packages. [more]
97
Health:
Code health derived from static analysis. [more]
100
Maintenance:
Reflects how tidy and up-to-date the package is. [more]
90
Overall:
Weighted score of the above. [more]
96
Learn more about scoring.

We analyzed this package on Apr 4, 2020, and provided a score, details, and suggestions below. Analysis was completed with status completed using:

  • Dart: 2.7.1
  • pana: 0.13.6

Health suggestions

Fix lib/src/encrypted.dart. (-0.50 points)

Analysis of lib/src/encrypted.dart reported 1 hint:

line 54 col 3: Avoid return types on setters.

Maintenance issues and suggestions

Support latest dependencies. (-10 points)

The version constraint in pubspec.yaml does not support the latest published versions for 1 dependency (asn1lib).

Dependencies

Package Constraint Resolved Available
Direct dependencies
Dart SDK >=2.2.2 <3.0.0
args ^1.5.2 1.6.0
asn1lib ^0.5.8 0.5.15 0.6.4
clock ^1.0.1 1.0.1
collection ^1.14.11 1.14.12
crypto ^2.1.2 2.1.4
pointycastle ^1.0.1 1.0.2
Transitive dependencies
charcode 1.1.3
convert 2.1.1
meta 1.1.8
typed_data 1.1.6
Dev dependencies
test ^1.6.4