Wow! Thanks for a prompt reply. Adding 'IV' support would be a life saver for our project. I was looking for other algorithms that work both on C# and flutter.

from encrypt.

Thank you so much Loe. Everything worked well on both ends. We appreciate your time and prompt reply. Let me know when you're going to release the official code to public. As of now, I'm going to use your v2.0 branch.
Thanks.

from encrypt.

@kmusham actually, I was in doubt about creating an IV internally or leaving it to the user-space. Now you gave me and good example on how this would be better handled, Thanks. Marking this as bug, since is a breaking problem and handling it as soon as possible. Probably right tomorrow.

from encrypt.

There we go.

IV moved to user-land:

AES

import 'package:encrypt/encrypt.dart';

void main() {
  final plainText = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit';
  final key = 'my 32 length key................';
  final iv = IV.fromLength(16);

  final encrypter = Encrypter(AES(key, iv));

  final encrypted = encrypter.encrypt(plainText);
  final decrypted = encrypter.decrypt(encrypted);

  print(decrypted); // Lorem ipsum dolor sit amet, consectetur adipiscing elit
  print(encrypted.base64); // R4PxiU3h8YoIRqVowBXm36ZcCeNeZ4s1OvVBTfFlZRdmohQqOpPQqD1YecJeZMAop/hZ4OxqgC1WtwvX/hP9mw==
}

You can create IVs from a given length or from hexdecimal and Base64 strings using:

IV.fromBase16(hexdecimal)

and

IV.fromBase64(base64EncodedString)

This was addressed on v2.0. You can use it right now by referencing it on pub:

dependencies:
  kittens:
    git:
      url: git://github.com/leocavalcante/encrypt.git
      ref: v2.0

Please, note that v2.0 returns an Encrypted object now on encrypt() method.
You can get the hexdecimal representation using the base16 getter:

print(encrypted.base16);

And there is also a getter for a base64 representation:

print(encrypted.base64);

Or you can do whatever you want with the raw bytes:

print(encrypted.bytes);

from encrypt.

Thank you so much. Let me work with our server team and make sure that both (mobile and server side C# ) implementations match.

from encrypt.

Awesome, let me know about any other issues. I'm make some tests on encrypting/decrypting from and to different languages as well.

from encrypt.

Hi Leo,
I wanted to test IV changes you made. Can you tell me how to include your unpublished version in my pubspec.yml?

Thanks.

from encrypt.

Hi Kiran,
You can use Pub's Git packages

For encrypt's branch v2.0 it would look like:

dependencies:
  encrypt:
    git:
      url: git://github.com/leocavalcante/encrypt.git
      ref: v2.0

Best,

from encrypt.

Hi Leo,

I’m having bit difficulty in using the APIs.

Our server side team created the follow hash using C# AES libraries,

Just testing if I can decrypt the using the same keys, and IV used. But, I’m getting errors 'I/flutter ( 1260): Invalid argument(s): Input data length must be a multiple of cipher's block size'

Here is test code with sample keys and test data:

testAES() {
final key = 'my32lengthsupersecretnooneknows1';
final iv = IV.fromBase64('AAAAAAAAAAAAAAAA');
final encrypter = Encrypter(AES(key, iv));

final encrypted =
'WFdaN3pjT2FMYUk3YklidUFocGJwaEcvejNEL3o1R1RTaWRnd2NmSFB6ST0=';
final decrypted = encrypter.decrypt(Encrypted.fromBase64(encrypted));

print('decrypted = $decrypted');
}

Please let me know what I’m missing.

from encrypt.

Hi Kiran,

Good news and bad news.

Good news
I was able to encrypt using C#'s AES:

And decrypt using Dart's encrypt:

Bad news
This is about AES operation Mode: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

C# uses by default: CBC https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_(CBC)

encrypt is hard-coded to use SIC mode

Also there is this little gap on key that is accepting only Strings, I'll wrap it on a Key thing instead of forcing to be a String.

Please, give me just a couple hours. Working on it right now.

from encrypt.

There we go!
The latest commits should be enough to get it working.

You should be able create keys like you do for IVs:

final key = Key.fromBase64('<base64 encoded key>');

You can still create keys from plain UTF-8 strings:

final key = Key.fromUtf8('mysupersecret32lengthkey');
// IVs as well
final iv = IV.fromUtf8('8bytesiv');

And now you can override the default AES mode of operation to match .NET default CBC mode:

Encrypter(AES(key, iv, mode: AESMode.cbc));

Full example:

Encrypting on C#

using System;
using System.IO;
using System.Security.Cryptography;

namespace csharp
{
  class Program
  {
    static void Main(string[] args)
    {
      using (var aes = Aes.Create())
      {
        var encryptor = aes.CreateEncryptor(aes.Key, aes.IV);

        using (var ms = new MemoryStream())
        {
          using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
          {
            using (var sw = new StreamWriter(cs))
            {
              sw.Write("Hello World");
            }

            Console.WriteLine(Convert.ToBase64String(aes.Key));
            Console.WriteLine(Convert.ToBase64String(aes.IV));
            Console.WriteLine(Convert.ToBase64String(ms.ToArray()));
          }
        }
      }
    }
  }
}

Output

5wK5cuDz3oyEV04TVaodjnUR0i8RT9FQmOQk2M3fDD8=
bj/QPy0lAktJZNJrQUVq+Q==
e+7n6mf4G+1MLMcREjRNWg==

Decrypting on Dart

import 'package:encrypt/encrypt.dart';

void main() {
  final key = Key.fromBase64('5wK5cuDz3oyEV04TVaodjnUR0i8RT9FQmOQk2M3fDD8=');
  final iv = IV.fromBase64('bj/QPy0lAktJZNJrQUVq+Q==');
  final encrypted = Encrypted.fromBase64('e+7n6mf4G+1MLMcREjRNWg==');

  final encrypter = Encrypter(AES(key, iv, mode: AESMode.cbc));
  print(encrypter.decrypt(encrypted));
}

Output

Hello World

Let me know if this helps.

from encrypt.

from encrypt.

Do you mind to share the C# snippet?
Does it uses my32lengthsupersecretnooneknows1 as Key?
And does it uses AAAAAAAAAAAAAAAA as IV?

And your base64 string seams to a base64 encoding of a already previous base64 string:

from encrypt.

Look! Changed my C# snippet here to use this Key and IV.

C# Code

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;

namespace csharp
{
  class Program
  {
    static void Main(string[] args)
    {
      using (var aes = Aes.Create())
      {
        var key = Encoding.UTF8.GetBytes("my32lengthsupersecretnooneknows1");
        var iv = Encoding.UTF8.GetBytes("AAAAAAAAAAAAAAAA");
        var encryptor = aes.CreateEncryptor(key, iv);

        using (var ms = new MemoryStream())
        {
          using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
          {
            using (var sw = new StreamWriter(cs))
            {
              sw.Write("Hello World");
            }

            Console.WriteLine(Convert.ToBase64String(ms.ToArray()));
          }
        }
      }
    }
  }
}

Then Dart Code:

import 'package:encrypt/encrypt.dart';

void main(List<String> args) {
  final key = Key.fromUtf8('my32lengthsupersecretnooneknows1');
  final iv = IV.fromUtf8('AAAAAAAAAAAAAAAA');

  final encrypted = Encrypted.fromBase64(args[0]);
  final encrypter = Encrypter(AES(key, iv, mode: AESMode.cbc));

  print(encrypter.decrypt(encrypted));
}

Key and IV are hard-coded now, don't forget they should be the same on both sides.
Then notice that I made the Dart code decrypt the Base64 given on the CLI args.
It works perfectly:

> dotnet run -p .\csharp\
< u7oAy2rHPHB1oua+hwl8PA==
> dart .\dart\bin\main.dart u7oAy2rHPHB1oua+hwl8PA==
< Hello World

from encrypt.

from encrypt.

from encrypt.

Hm, right. Is SymmetricCrypt something made by they?
Have you folks already tried using Encoding.UTF8.GetBytes instead of Encoding.ASCII.GetBytes, I mean: UTF8 instead of ASCII, this shouldn't be the case, since they share the same byte, but...

You can e-mail me the full C# and this SymmetricCrypt at [email protected]

from encrypt.

Well, as I suspected, using ASCII did work as well.

The thing here must be on SymmetricCrypt, didn't found it on .NET APIs:
https://docs.microsoft.com/en-us/dotnet/api/?view=netcore-2.2&term=SymmetricCrypt

Is it a class created by your back-end team? Can you share it?

from encrypt.

from encrypt.

Hm, but this: M1QvRXhGZVFkVjlLbTN4L1ZGSkhzOXNyQ0NpVERHR3Q3dkRiMXZkT3BTaz0
Isn't hex. Hexdecimal use all upper or all lower case letters.
I saw or email, I'll trying some others things here.

from encrypt.

from encrypt.

from encrypt.

Hi @kmusham
Sorry the delay.

The method public string Encrypt(string text, byte[] key, byte[] iv) on the class SymmetricCrypt is already returning a Base64 String. So the method public string EncryptToBase64String(string text) is calling Convert.ToBase64String again on a String that was already Base64 encoded...

If you just call Encrypt you will be able to already get a Base64 encoded string and give it to Dart.

Full code

C# (using the class you emailed me without any modifications)

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using TokenGenerator;

namespace csharp
{
  class Program
  {
    static void Main(string[] args)
    {
      using (var aes = Aes.Create())
      {
        var key = Encoding.ASCII.GetBytes("my32lengthsupersecretnooneknows1");
        var iv = Encoding.ASCII.GetBytes("AAAAAAAAAAAAAAAA");
        var encryptor = new SymmetricCrypt<AesCryptoServiceProvider>(key, iv);

        Console.WriteLine(encryptor.Encrypt("Hello World"));
      }
    }
  }
}

Dart

import 'package:encrypt/encrypt.dart';

void main(List<String> args) {
  final key = Key.fromUtf8('my32lengthsupersecretnooneknows1');
  final iv = IV.fromUtf8('AAAAAAAAAAAAAAAA');

  final encrypted = Encrypted.fromBase64(args[0]);
  final encrypter = Encrypter(AES(key, iv, mode: AESMode.cbc));

  print(encrypter.decrypt(encrypted));
}

Output on VSCode terminal

from encrypt.

Awesome, glad to help. Feel free to reach me out any support for my libraries.
Best,

from encrypt.

When are you releasing 2.0 to public?

from encrypt.

I'm waiting for some time to review the API and add some more tests.

from encrypt.

There we go!
https://pub.dartlang.org/packages/encrypt/versions/2.0.0

from encrypt.

Thank you.

from encrypt.

@leocavalcante

i need decrypter for C#.

from encrypt.