如何使用户名和密码变得混乱

时间:2018-09-30 09:06:02

标签: encryption flutter public-key-encryption password-encryption flutter-dependencies

am正在尝试实现电话号码和密码加密。在尝试加密jsonbody之后     var rBody = jsonEncode({'Request':cryptoor.encrypt(requestBody.toString())});“,然后运行该应用程序仍然无法将请求传输到我的远程服务器(这要求所有请求都必须使用AES加密)。有经验的人可以向我展示最好的方法吗,以便对密码和电话进行有效的加密。

import 'dart:async';
import 'dart:convert';
import 'package:encrypt/encrypt.dart';
import 'package:http/http.dart' as http;



  Future<http.Response> post() async {
var url = 'http:xxxxxxxpostRequest';
String password = "xxxxxxx";//url password
String username = "xxxxx";//access username

var bytes = utf8.encode("$username:$password");


var credentials = base64.encode(bytes);
var headers = {
  "Content-Type": "application/json",
  "Authorization": "Basic $credentials"
};

var requestBody = jsonEncode({ 'phone': _phone, 'pin': _pass});

final key = "";// encryption key
final iv= "";

final encryptor=new Encrypter(new Salsa20(key, iv));


var rBody = jsonEncode({ 'Request': encryptor.encrypt(requestBody.toString())});


http.Response response = await http.post(
    url, body: rBody, headers: headers);
var responseJson = json.decode(response.body);
print(Utf8Codec().decode(response.bodyBytes));

print("Body: " + responseJson);

}

//这是我的控制台响应

E / flutter(24909):[错误:黄玉/lib/tonic/logging/dart_error.cc(16)]未处理的异常: E / flutter(24909):类型'ParametersWithIV'不是类型'ParametersWithIV'的子类型 E /

1 个答案:

答案 0 :(得分:0)

encrypt软件包维护得不好,因此请使用pointy castle软件包。 (使用pointycastle: ^1.0.0-rc3。)

您的问题不清楚如何处理:

  • 从提供的字符串中得出关键材料
  • 将纯文本转换为字节
  • 将密文转换回可以包含在json中的内容

它们可能以十六进制或base64编码。您的服务器团队应该能够指定他们想要的东西。

下面是在AES / CBC / PKCS7中加密的示例代码。

import 'dart:convert';
import 'dart:typed_data';

import 'package:pointycastle/api.dart';
import 'package:pointycastle/padded_block_cipher/padded_block_cipher_impl.dart';
import 'package:pointycastle/paddings/pkcs7.dart';
import 'package:pointycastle/block/aes_fast.dart';
import 'package:pointycastle/block/modes/cbc.dart';

main() {
  //final key = 'dxxxxxxxxxxeX';
  //final iv = '_Vxxxxxxxxxx1';

  // TODO - convert the key and IV to bytes
  // dummy key and IV values
  Uint8List key = Uint8List.fromList(
    [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15],
  );
  Uint8List iv = Uint8List.fromList(
    [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16],
  );

  // TODO - convert the plaintext to bytes
  // example - just utf8 encode it
  Uint8List plainText = Uint8List.fromList(utf8.encode('some plain text'));

  PaddedBlockCipher cipher = PaddedBlockCipherImpl(
    PKCS7Padding(),
    CBCBlockCipher(AESFastEngine()),
  );

  cipher.init(
    true,
    PaddedBlockCipherParameters<CipherParameters, CipherParameters>(
      ParametersWithIV<KeyParameter>(KeyParameter(key), iv),
      null,
    ),
  );
  Uint8List cipherText = cipher.process(plainText);
  // TODO - convert the cipher text to a String to include as the 'Request' param
}

PS请不要忘记多次重复使用同一IV是不安全的。

相关问题
最新问题