steel_crypt 0.8.2 copy "steel_crypt: ^0.8.2" to clipboard
steel_crypt: ^0.8.2 copied to clipboard

outdated

A comprehensive library of high-level, cryptographic API's, either manually defined or pulled from PointyCastle. This library currently supports hashing, symmetric two-way encryption, asymmetric two-w [...]

Steel Crypt #

Pub License Commits

A comprehensive library of high-level, cryptographic API's, either manually defined or pulled from PointyCastle. This library currently supports hashing, symmetric two-way encryption, asymmetric two-way encryption, and key/IV generation. It also has a CLI, for conducting basic cryptography operations.


Classes #

AES Encryption (class AesCrypt)

  • Constructor: AesCrypt ('32 length key', 'mode here', 'padding here')
  • AES is a standardized, widely used cipher
  • It can be used as either a block or stream cipher, depending on mode
  • Operatable in 6 different modes:
    • Stream modes:
      • CTR ('ctr')
      • SIC ('sic)
    • Block modes:
      • CBC ('cbc')
        • PKCS7 Padding ('pkcs7') (Default Encryption)
        • ISO7816-4 Padding ('iso7816-4')
      • ECB ('ecb')
        • PKCS7 Padding ('pkcs7')
        • ISO7816-4 Padding ('iso7816-4')
      • CFB-64 ('cfb-64')
        • PKCS7 Padding ('pkcs7')
        • ISO7816-4 Padding ('iso7816-4')
      • OFB-64 ('ofb-64')
        • PKCS7 Padding ('pkcs7')
        • ISO7816-4 Padding ('iso7816-4')
  • Note: All block modes require padding, to ensure that input is the correct block size
  • Note: AES requires 16 bytes of IV

Lightweight Stream Ciphers (class LightCrypt)

  • ChaCha20 stream cipher ('ChaCha20/__')
    • Derivative of Salsa20 with increased security
    • Can be used in 3 variants:
      • 20 round ( __ ==> '20' ) (Default Encryption)
      • 12 round ( __ ==> '12' )
      • 8 round ( __ ==> '8' )
    • Note: Requires 12 bytes of IV
  • Salsa20 stream cipher ('Salsa20/__')
    • Secure, speedy AES alternative
    • Can be used in 3 variants:
      • 20 round ( __ ==> '20' )
      • 12 round ( __ ==> '12' )
      • 8 round ( __ ==> '8' )
    • Note: Requires 8 bytes of IV

2-Way Asymmetric (class RsaCrypt)

  • RSA with OAEP padding
  • Note: RsaCrypt auto generates secure RSA private and public keys. You can access them using .privKey and .pubKey getters, or use your own.

Password Hashing (class PassCrypt)

  • PBKDF2 with SHA-256 and HMAC
  • Compare plaintext to hashtext using .checkPassKey(salt, plain, hashed, length)

Hashing (class HashCrypt)

  • SHA-3 ('SHA-3/___') :

    • /224
    • /256
    • /384
    • /512 (Default Hash)
  • SHA-2 ('SHA-___'):

    • -224
    • -256
    • -384
    • -512
  • SHA-1 ('SHA-1') UNSECURE

  • Tiger ('Tiger')

  • Blake2b ('Blake2b')

  • RipeMD ('RIPEMD-___'):

    • -128
    • -160
    • -256
    • -320
  • MD5 ('MD5') UNSECURE

  • MD4 ('MD4') UNSECURE

  • MD2 ('MD2') UNSECURE

  • Note: HMAC + key can be added to any of the above using the .hashHMAC(input, key) function.

  • Note: Compare plaintext to hashtext using .checkpass(plain, hashed) and .checkpassHMAC(plain, hashed, key)

Key/IV Generation (class CryptKey)

  • .genFortuna (int length = 32):
    • Generates cryptographic string using Fortuna algorithm
    • Slower but significantly more secure
    • Best for private keys
    • Used internally
  • .genDart (int length = 16):
    • Generates cryptographic string using Dart Random.secure()
    • Faster but less secure
    • Best for IV's or salt

Usage #

A simple usage example:

//This Source Code Form is subject to the terms of the Mozilla Public
//License, v. 2.0. If a copy of the MPL was not distributed with this
//file, You can obtain one at https://mozilla.org/MPL/2.0/.

// © 2019 Aditya Kishore

import 'package:steel_crypt/steel_crypt.dart';

main() {

  var FortunaKey = CryptKey().genFortuna(); //generate 32 byte key generated with Fortuna


  var aesEncrypter = AesCrypt(FortunaKey, 'cbc', 'iso7816-4'); //generate AES CBC block encrypter with key and ISO7816-4 padding

  var aesEncrypter2 = AesCrypt(FortunaKey, 'ofb-64', 'pkcs7'); //generate AES CBC block encrypter with key and PKCS7 padding

  var streamAES = AesCrypt(FortunaKey, 'ctr'); //generate AES CTR stream encrypter with key


  var encrypter2 = RsaCrypt(); //generate RSA encrypter


  var encrypter3 = LightCrypt(FortunaKey, "ChaCha20/12"); //generate ChaCha20/12 encrypter


  var hasher = HashCrypt(); //generate SHA-3/512 hasher

  var hasher2 = HashCrypt('SHA-3/256'); //generate SHA-3/256 hasher


  var passHash = PassCrypt(); //generate PBKDF2 password hasher


  var iv = CryptKey().genDart(16); //generate iv for AES with Dart Random.secure()

  var iv2 = CryptKey().genDart(12); //generate iv for ChaCha20 with Dart Random.secure()


  var salt = CryptKey().genDart(16); //generate salt for password hashing with Dart Random.secure()


  //Print key
  print ("Key:");

  print(FortunaKey);

  print("");


  //SHA-3 512 Hash
  print("SHA-3 512 Hash:");

  print(hasher.hash('words')); //perform hash

  var hash = hasher.hash('words');

  print(hasher.checkhash('words', hash)); //perform check

  print("");


  //HMAC SHA-3 256 Hash
  print("HMAC SHA-3 256 Hash:");

  print(hasher2.hashHMAC('words', FortunaKey)); //perform hash

  var hash2 = hasher2.hashHMAC('words', FortunaKey);

  print(hasher2.checkhashHMAC('words', hash2, FortunaKey)); //perform check

  print("");


  //Password (SHA-256/HMAC/PBKDF2)
  print("Password hash (SHA-256/HMAC/PBKDF2):");

  print(passHash.hashPass(salt, "words")); //perform hash

  var hash3 = passHash.hashPass(salt, "words");

  print(passHash.checkPassKey(salt, "words", hash3)); //perform check

  print("");


  //12-Round ChaCha20; Symmetric stream cipher
  print("ChaCha20 Symmetric:");

  print(encrypter3.encrypt('word', iv2)); //encrypt

  String crypted3 = encrypter3.encrypt('word', iv2);

  print(encrypter3.decrypt(crypted3, iv2)); //decrypt

  print("");


  //AES CBC with ISO7816-4 padding; Symmetric block cipher
  print("AES Symmetric:");

  print(aesEncrypter.encrypt('words', iv)); //encrypt

  String crypted = aesEncrypter.encrypt('words', iv);

  print(aesEncrypter.decrypt(crypted, iv)); //decrypt

  print("");


  //AES OFB-64 with PKCS7 padding; Symmetric block cipher
  print("AES Symmetric:");

  print(aesEncrypter2.encrypt('words', iv)); //encrypt

  String crypted2 = aesEncrypter2.encrypt('words', iv);

  print(aesEncrypter2.decrypt(crypted2, iv)); //decrypt

  print("");


  //AES CTR; Symmetric stream cipher
  print("AES Symmetric:");

  print(streamAES.encrypt('words', iv)); //encrypt

  String crypted5 = streamAES.encrypt('words', iv);

  print(aesEncrypter.decrypt(crypted5, iv)); //decrypt

  print("");


  //RSA with OAEP padding; Asymmetric
  print("RSA Asymmetric:");

  var crypted4 = encrypter2.encrypt("word", encrypter2.pubKey); //encrypt

  print(crypted4);

  print(encrypter2.decrypt(crypted4, encrypter2.privKey)); //decrypt

  print("");
}

CLI #

This CLI allows you to perform basic functions from the main package on the terminal

Setup

  • If you haven't already done so, add pub-cache to your PATH with $ export PATH="$PATH":"$HOME/.pub-cache/bin"
  • Globally activate the steel_crypt package with $ pub global activate steel_crypt

Commands

  • encrypt: $ encrypt -t (text here) -k (key here) -i (iv here)
    • Uses AES with PKCS7 padding
    • All fields required
  • decrypt: $ decrypt -t (encrypted here) -k (key here) -i (iv here)
    • Uses AES with PKCS7 padding
    • All fields required
  • hash: $ hashtext -p (plain here)
    • Uses SHA-3/512
    • Field required
  • make keys: $ genkey -l (length here)

Notes #

  • This is fairly well-tested and documented, but use in production AT YOUR OWN RISK.
  • This is relatively complete, but will be actively maintained for new bugs.
  • I've now added almost every algorithm from PointyCastle, so every algorithm requires extensive implementation work. Bear with me!
  • I need your input! What algorithms and features would you like to see here? That leads me to...
  • Please file feature requests, clarifications, and bugs at the issue tracker.

TODO's #

  • Create Project + add "Starter Set" of algorithms
  • Add more, different hashes
  • Add more, different 2-way encryption algorithms (In progress...)
  • Try to add more packaging options
  • Tackle adding an RSA solution
  • Create a more complete password solution
  • Add more detailed example
  • Update Reading to reflect new algorithms
  • ??? (Leave feature requests in issue tracker, and they'll end up here!)

Reading #


©2019 Aditya Kishore
Licensed under the Mozilla Public License 2.0
70
likes
0
pub points
92%
popularity

Publisher

verified publisherkishoredev.live

A comprehensive library of high-level, cryptographic API's, either manually defined or pulled from PointyCastle. This library currently supports hashing, symmetric two-way encryption, asymmetric two-way encryption, and key/IV generation. It also has a CLI, for conducting basic cryptography operations.

Repository (GitHub)
View/report issues

License

unknown (LICENSE)

Dependencies

args, meta

More

Packages that depend on steel_crypt