flutter_key_store_cryptography 1.0.1

  • Readme
  • Changelog
  • Example
  • Installing
  • 63

Flutter key store cryptography #

This plugin helps you by generating the assymetric RSA key pair.

The keys are generated and persisted in android/ios keystore.

Assymetric Key details #

The details of keys generated and store in android/iOS keystore is as follows:

  • type -> RSA
  • signature algorithm -> SHA256withRSA
  • key size -> 2048 bit

Android #

  • The RSA key pair is stored android Keystore
  • AES encryption is used.
  • The AES secret is encrypted with RSA and stored in shared preference.
  • For Android 9 (API leverl 28) StrongBox is enabled by default.
  • As keystore is available in Android 4.3 (API level 18) and hgher, hence this is minimum required Android.

iOS #

  • The RSA key pair is stored in iOS Keychain
  • This plugin will run on iOS 10.0 and higher

Using plugin #

This plugin exposes the following methods:

  • getPublicKey: returns the RSA public key
  • encrypt: encrypts the plain text using private key from the key pair
  • verify: verifies a signature and returns a boolean if the signature is signed by the same key pair.

1) getPublicKey #

This function is used to get the RSA public key which is store the android and ios key store. This key pair is persisted in key store, i.e it is generated once, and always re used for signing and verification.

defination

static Future<String> getPublicKey()

usage:

final String rsaPublicKey = await Cipher.getPublicKey();

2) sign #

This function returns a signature which is signed by the platoform's private key.

defination

static Future<String> sign(String plainData)

usage:

final String signature = await Cipher.sign('some plain data');

3) verify #

This function returns a boolean, and takes a plain data and signature.

This function verifies the signature against the plain data, it returns true if the signature is produced by the same device's private key.

defination

static Future<bool> verify(String plainText, String signature)

usage:

final bool result = await Cipher.verify('somePassword', 'SIGNATURE-XX');

The above will checks if the SIGNATURE-XX matches the somePassword or not.

1.0.0 #

  • The first version of flutter_key_cyptography is a basic key store crypto plugin.
  • This exposes 3 functions getPublicKey, sign & verify.
  • The key is RSA type, SHA256withRSA algorith and 2048 bit size only.

example/lib/main.dart

import 'package:flutter/material.dart';
import 'package:flutter_key_store_cryptography/cipher.dart';

void main() => runApp(MyApp());

class MyApp extends StatelessWidget {
  @override
  Widget build(BuildContext context) {
    return MaterialApp(
      title: 'Flutter Demo',
      theme: ThemeData(
        primarySwatch: Colors.blue,
      ),
      home: MyHomePage(title: 'CustomAlertBox Package'),
    );
  }
}

class MyHomePage extends StatefulWidget {
  MyHomePage({Key key, this.title}) : super(key: key);

  final String title;

  @override
  _MyHomePageState createState() => _MyHomePageState();
}

class _MyHomePageState extends State<MyHomePage> {
  var publicKey;
  @override
  Widget build(BuildContext context) {
    return Scaffold(
      appBar: AppBar(
        title: Text(widget.title),
      ),
      body: Center(
        child: Text(
            'to show custom alert box please click floating action button.'),
      ),
      floatingActionButton: FloatingActionButton(
        onPressed: () async {
         publicKey = await Cipher.getPublicKey();
        },
        tooltip: 'Show Custom Alert Box',
        child: Icon(Icons.message),
      ),
    );
  }
}

Use this package as a library

1. Depend on it

Add this to your package's pubspec.yaml file:


dependencies:
  flutter_key_store_cryptography: ^1.0.1

2. Install it

You can install packages from the command line:

with Flutter:


$ flutter pub get

Alternatively, your editor might support flutter pub get. Check the docs for your editor to learn more.

3. Import it

Now in your Dart code, you can use:


import 'package:flutter_key_store_cryptography/call_method_type_enum.dart';
import 'package:flutter_key_store_cryptography/cipher.dart';
import 'package:flutter_key_store_cryptography/cipher_utils.dart';
import 'package:flutter_key_store_cryptography/exception_message_constant.dart';
  
Popularity:
Describes how popular the package is relative to other packages. [more]
27
Health:
Code health derived from static analysis. [more]
100
Maintenance:
Reflects how tidy and up-to-date the package is. [more]
100
Overall:
Weighted score of the above. [more]
63
Learn more about scoring.

We analyzed this package on Jul 2, 2020, and provided a score, details, and suggestions below. Analysis was completed with status completed using:

  • Dart: 2.8.4
  • pana: 0.13.13
  • Flutter: 1.17.5

Analysis suggestions

Package does not support Flutter platform linux

Because of import path [package:flutter_key_store_cryptography/call_method_type_enum.dart] that declares support for platforms: android, ios

Package does not support Flutter platform macos

Because of import path [package:flutter_key_store_cryptography/call_method_type_enum.dart] that declares support for platforms: android, ios

Package does not support Flutter platform web

Because of import path [package:flutter_key_store_cryptography/call_method_type_enum.dart] that declares support for platforms: android, ios

Package does not support Flutter platform windows

Because of import path [package:flutter_key_store_cryptography/call_method_type_enum.dart] that declares support for platforms: android, ios

Package not compatible with SDK dart

because of import path [flutter_key_store_cryptography] that is in a package requiring null.

Dependencies

Package Constraint Resolved Available
Direct dependencies
Dart SDK >=2.1.0 <3.0.0
flutter 0.0.0
Transitive dependencies
collection 1.14.12 1.14.13
meta 1.1.8
sky_engine 0.0.99
typed_data 1.1.6 1.2.0
vector_math 2.0.8
Dev dependencies
flutter_test