Comments (3)
It does, yeah. The AES offered by steel_crypt is AES-256.
You can use the AesCrypt class: https://pub.dev/documentation/steel_crypt/latest/steel_crypt/AesCrypt-class.html
Or the AesCryptRaw class: https://pub.dev/documentation/steel_crypt/latest/steel_crypt/AesCryptRaw-class.html
They both have a property gcm
which can be used to access a GCM encryptor based on the key you provided.
from steel_crypt.
How do i pass my own password?
For example:
String password = "password123";
String encryptedString = aes.gcm.encrypt(inp: 'words', password: password);
from steel_crypt.
you'll need to hash the password (look into PassCrypt: https://pub.dev/documentation/steel_crypt/latest/steel_crypt/PassCrypt-class.html). The resultant 32 byte key is secure and usable for AES.
The outline of the code looks like this:
hash password -> get key
make aes encryptor using key + padding
then:
aes.gcm.encrypt(inp: 'words', iv: 'base64ivhere');
store(encrypted + iv); //where + is append
To decrypt, it's a similar process: hash the password to get the key, separate the iv from the encrypted text, and pass in the text and iv to the decrypt method.
You will have to find a way to salt the password; usually that's some device specific identifier that remains constant.
If you don't understand any of this process, go read up on cryptographic algorithms. Specifically: read up on password hashing and AES-GCM, and effective usage of them in production. You NEED IVs that are unique, and you NEED salts which are consistent and unique to a given user.
from steel_crypt.
Related Issues (20)
- Get iv automatically HOT 6
- FormatException: Invalid character HOT 2
- Password-based AES CBC encryption? HOT 5
- SHA3 SHAKE HOT 3
- How to use AES mode ECB with ZeroPadding HOT 1
- Cannot call has pass in PBKDF2 mode HOT 4
- Investigate AES-GCM divergence, tag HOT 17
- Trying to encryption/decryption data using NodeJs Fails HOT 13
- RegistryFactoryException: No algorithm registered of type BlockCipher with name: AES/OFB HOT 7
- RegistryFactoryException when calling HashCrypt(algo: HashAlgo.Sha3_256).hash(inp: username) HOT 6
- Flutter web build fails when including any version of steel crypt. HOT 8
- 'SecureRandom' is imported from both 'package:encrypt/encrypt.dart' and 'package:pointycastle/api.dart'.
- encrypt and decrypt data between python crypto package and dart steel_crypt HOT 1
- Publish package HOT 1
- Null safety HOT 5
- It's "insecure" HOT 1
- Wrong password for decryption raises FormatException (Clarification) HOT 2
- Speed
- Does this package allows AES-GCM or ChaCha20Poly1305 streaming? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from steel_crypt.