-
Notifications
You must be signed in to change notification settings - Fork 73
Add an AES encryption and decryption example #111
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great work! I think this library definitely needs example of common use case, and this is a great start to that goal
example/aes.dart
Outdated
void main() { | ||
// Key must be multiple of block size (16 bytes). | ||
var key = new Digest("SHA-256").process( | ||
UTF8.encode("correct horse battery staple")); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use new utf8
(lowercase). I would also highly recommend to set any non-reassigned values (like this one) as final
instead, which is generally considered a good practice.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, since we're now in the Dart 2 age, I would remove all instances of new
.
encryptionCipher.init(true, params); | ||
Uint8List encrypted = encryptionCipher.process(UTF8.encode(message)); | ||
|
||
print("Encrypted: \n" + HEX.encode(encrypted)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lower cased hex
.
example/aes.dart
Outdated
|
||
BlockCipher decryptionCipher = new PaddedBlockCipher("AES/CBC/PKCS7"); | ||
decryptionCipher.init(false, params); | ||
String decrypted = UTF8.decode(decryptionCipher.process(encrypted)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utf8
again
import "dart:convert"; | ||
import "dart:typed_data"; | ||
|
||
import "package:hex/hex.dart"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need, use standard library (included in dart:convert
).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can't seem to find hex in here: https://api.dartlang.org/stable/2.0.0/dart-convert/dart-convert-library.html
@@ -16,6 +16,7 @@ dependencies: | |||
dev_dependencies: | |||
benchmark_harness: ">=1.0.4 <2.0.0" | |||
browser: ">=0.9.0 <0.10.0" | |||
hex: ">=0.1.1 <1.0.0" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use stdlib.
If you want, I'd accept a PR from you with the suggested changes :) |
2a6412f
to
9974354
Compare
If someone could review the example, that would be appreciated! |
I'll take a good look and fix/add to it when I have time! I have yet to upgrade to the newer version of the registry (was using the "take 1" re-implementation). |
Apologies for hijacking this pull request. I used your example code to encrypt a message with aes 256 and md5
It does decrypt well with your decryption method. But I tried to decrypt it with openssl with
But I get a bad magic number error. Am I mising something ? |
I have no idea, tbh. Did that command work with an openssl encrypted message? (f.e. echo adds a newline, not sure if that could break things -- try printf) It's quite possible that there is an issue with our implementation that we're not aware off. Did you try decrypting with BouncyCastle, f.e.? |
I have just tried with javax.crypto library and it is the same, so it must be something else I haven't figured out yet, but the problem does not lie with with PointyCastle or your example. |
@Cretezy AES result is different with Java.
} |
It's solved |
my code in java is exactly the same as yours. but I still cannot find the way to configure code in dart to work as java yet. the result is different. |
// The initialization vector must be unique for every message, so it is a | ||
// good idea to use a message digest as the IV. | ||
// IV must be equal to block size (16 bytes). | ||
var iv = new Digest("SHA-256").process(utf8.encode(message)).sublist(0, 16); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Taking the hash of the plaintext for the IV might not be a good idea, as it leaks information about the plaintext. If the text is encrypted twice the IV will be the same. Might be better to use a PRNG.
I'm archiving this repo as per #239 (see the issue for more info). |
No description provided.