如何在Flutter中加密用户名和密码
[英]How to encypt username and password in flutter
问题描述
am trying to implement phone_number and password encryption in flutter. 
正在尝试在flutter中实现phone_number和密码加密。 after have tried to encrypt the jsonbody "( var rBody = jsonEncode({ 'Request': encryptor.encrypt(requestBody.toString())});" and then run the app am still unable to transmit the request to my remote server(which requires all requests to be encrypted with AES). Can someone with experience on this show me the best way to do this. such that the password and phone are encrypted effectively. 尝试对jsonbody进行加密后,“((var rBody = jsonEncode({'Request':cryptoor.encrypt(requestBody.toString())});”然后运行该应用程序仍然无法将请求传输至我的远程服务器( (这要求所有请求都必须使用AES加密)。有经验的人可以向我展示执行此操作的最佳方法吗(例如,对密码和电话进行有效加密)。
import 'dart:async';
import 'dart:convert';
import 'package:encrypt/encrypt.dart';
import 'package:http/http.dart' as http;
Future<http.Response> post() async {
var url = 'http:xxxxxxxpostRequest';
String password = "xxxxxxx";//url password
String username = "xxxxx";//access username
var bytes = utf8.encode("$username:$password");
var credentials = base64.encode(bytes);
var headers = {
"Content-Type": "application/json",
"Authorization": "Basic $credentials"
};
var requestBody = jsonEncode({ 'phone': _phone, 'pin': _pass});
final key = "";// encryption key
final iv= "";
final encryptor=new Encrypter(new Salsa20(key, iv));
var rBody = jsonEncode({ 'Request': encryptor.encrypt(requestBody.toString())});
http.Response response = await http.post(
url, body: rBody, headers: headers);
var responseJson = json.decode(response.body);
print(Utf8Codec().decode(response.bodyBytes));
print("Body: " + responseJson);
} }
//This is my console response //这是我的控制台响应
E/flutter (24909): [ERROR:topaz/lib/tonic/logging/dart_error.cc(16)] Unhandled exception: E/flutter (24909): type 'ParametersWithIV' is not a subtype of type 'ParametersWithIV' E/ E / flutter(24909):[错误:topaz / lib / tonic / logging / dart_error.cc(16)]未处理的异常:E / flutter(24909):类型'ParametersWithIV'不是类型'ParametersWithIV'E /
1 个解决方案
解决方案1
0 2018-09-30 20:03:04
The encrypt package isn't well maintained, so use the pointy castle package. encrypt程序包维护得不好,因此请使用pointy castle程序包。 (Use pointycastle: ^1.0.0-rc3 .) (使用pointycastle: ^1.0.0-rc3 。)
Your question isn't clear about how you are going to: 您的问题尚不明确:
- derive the key material from the strings provided 从提供的字符串中提取密钥材料
- convert the plaintext to bytes 将纯文本转换为字节
- convert the cipher text back to something you can include in json 将密文转换回可以包含在json中的内容
They could be encoded in hex or base64 perhaps. 它们可能以十六进制或base64编码。 Your server team should be able to specify what they want. 您的服务器团队应该能够指定他们想要的。
Here's example code to encrypt in AES/CBC/PKCS7. 这是在AES / CBC / PKCS7中加密的示例代码。
import 'dart:convert';
import 'dart:typed_data';
import 'package:pointycastle/api.dart';
import 'package:pointycastle/padded_block_cipher/padded_block_cipher_impl.dart';
import 'package:pointycastle/paddings/pkcs7.dart';
import 'package:pointycastle/block/aes_fast.dart';
import 'package:pointycastle/block/modes/cbc.dart';
main() {
//final key = 'dxxxxxxxxxxeX';
//final iv = '_Vxxxxxxxxxx1';
// TODO - convert the key and IV to bytes
// dummy key and IV values
Uint8List key = Uint8List.fromList(
[0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15],
);
Uint8List iv = Uint8List.fromList(
[1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16],
);
// TODO - convert the plaintext to bytes
// example - just utf8 encode it
Uint8List plainText = Uint8List.fromList(utf8.encode('some plain text'));
PaddedBlockCipher cipher = PaddedBlockCipherImpl(
PKCS7Padding(),
CBCBlockCipher(AESFastEngine()),
);
cipher.init(
true,
PaddedBlockCipherParameters<CipherParameters, CipherParameters>(
ParametersWithIV<KeyParameter>(KeyParameter(key), iv),
null,
),
);
Uint8List cipherText = cipher.process(plainText);
// TODO - convert the cipher text to a String to include as the 'Request' param
}
PS Don't forget that it's insecure to reuse the same IV more than once. PS不要忘记重复使用同一IV不安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.