Shulou(Shulou.com)05/31 Report--

In this article, the editor introduces in detail "the method of Flutter RSA encryption and decryption", the content is detailed, the steps are clear, and the details are handled properly. I hope this article "the method of Flutter RSA encryption and decryption" can help you solve your doubts.

There are two encryption methods of data encryption: symmetric encryption (symmetric key scheme) and asymmetric encryption (public key encryption).

Symmetrical encryption

In symmetric encryption algorithms, the encryption and decryption keys are the same. Both sides of the communication must have the same key to realize the whole process of encryption and decryption. The main purpose is to prevent the management of data storage from obtaining sensitive information directly, which is an important part of data storage security.

There are two main forms of symmetric encryption algorithms: block encryption and sequence encryption.

Asymmetric encryption

In the asymmetric encryption algorithm, two keys are needed for encryption and decryption, and the encryption and decryption keys are different, namely the public key (public key) and the private key (private key).

The public key and the private key are in pairs. if the data is encrypted with the public key, it can be decrypted only with the corresponding private key; if the data is encrypted with the private key, it can be decrypted only with the corresponding public key. Because encryption and decryption use two different keys, this algorithm is called asymmetric encryption algorithm.

Asymmetric encryption is mainly to ensure the data security in the process of data transmission. For example: our login operation in the process of password transmission, bank account information transmission.

There are many encrypted libraries in Flutter. Through this blog post, we will introduce the frequently used encrypt libraries, and the mainstream encryption methods are also supported.

Let's take a look at the general usage:

The first step is to add the dependency dev_dependencies: flutter_test: sdk: flutter # The "flutter_lints" package below contains a set of recommended lints to # encourage good coding practices. The lint set provided by the package is # activated in the `analysis_ options.yaml` file located at the root of your # package. See that file for information about deactivating specific lint # rules and activating additional ones. Flutter_lints: ^ 1.0.0 # Global status Management provider: ^ 6.0.2 # data request dio: ^ 4.0.4 # Local data persistence shared_preferences: ^ 2.0.13 # Front end encryption encrypt: ^ 5.0.1 second step, get the public key and private key file

Create a new rsa_key folder under the assets directory to store our public and private key files.

The third step is to add a public and private key file to the pubspec.yaml file. Flutter: # The following line ensures that the Material Icons font is # included with your application, so that you can use the icons in # the material Icons class. Uses-material-design: true # To add assets to your application, add an assets section, like this: assets:-assets/fonts/iconfont.json-assets/rsa_key/rsa_public_key.pem-assets/rsa_key/rsa_private_key.pem #-images/a_dot_burr.jpeg #-images/a_dot_ham.jpeg-assets/images/home_logo.png step 4, implement Encrypt encryption and decryption tool class

Create a new rsa_encrypt.dart file in the lib/utils directory to develop our encryption and decryption tool class.

Import 'dart:convert';import' package:encrypt/encrypt.dart';import 'package:flutter/services.dart';import' package:pointycastle/asymmetric/api.dart';class Encrypt {/ / encrypted static encryption (content) async {final parser = RSAKeyParser (); String publicKeyString= await rootBundle.loadString ('assets/rsa_key/rsa_public_key.pem'); print (' publicKeyString=$publicKeyString'); / / Note the output of this line RSAPublicKey publicKey = parser.parse (publicKeyString) as RSAPublicKey Final encrypter = Encrypter (RSA (publicKey: publicKey)); return encrypter.encrypt (content) .Base64;} / / decrypt static Future decrypt (String decoded) async {final parser = RSAKeyParser (); String privateKeyString = await rootBundle.loadString ('assets/rsa_key/rsa_private_key.pem'); final privateKey = parser.parse (privateKeyString) as RSAPrivateKey; final encrypter = Encrypter (RSA (privateKey: privateKey); return encrypter.decrypt (Encrypted.fromBase64 (decoded));}}

The output of print ('publicKeyString=$publicKeyString'); is as follows:

At this point, we have implemented the encapsulation of the encryption and decryption tool class.

Fifth, use the Encrypt utility class to encrypt void _ userLogin () async {/ data encryption var password = await Encrypt.encryption (_ formData ["password"]); print ('_ formData=$password');}

The content introduced by this blog here is basically searched on the Internet. I hope you can continue to read on.

Step 6, actual requirements of the project

For the sake of data security, the encryption scheme we use is one secret, that is to say, the generated private key public key will be discarded after only one encryption and decryption operation, and the new public key and private key will be regenerated the next time we use it. In this case, it is certainly not possible for the front end to generate the public key and private key, so the public key and private key are generated at the backend. Before each encryption, a data request is initiated to the backend, and the public key is obtained before encryption. Therefore, we can adjust our utility class to look like this:

Import 'dart:convert';import' package:cyber_security/utils/http.dart';import 'package:encrypt/encrypt.dart';import' package:flutter/services.dart';import 'package:pointycastle/asymmetric/api.dart';class Encrypt {/ Public key static String pubKey =''; / can be understood as the id static String key =''of the public key used this time. / / get the public key static getKey () async {/ DioRequest is my own encapsulated data request utility class, if you want to learn the following connection. Var response = await DioRequest.getInstance (). Dio.get ('/ getKey'); var data = jsonDecode (response.toString ()); pubKey = data ['key']; key = data [' _ key'];} / / encrypted static encryption (content) async {final parser = RSAKeyParser () / start / Don't move this format. Trust me, String publicKeyString =''- BEGIN PUBLIC KEY-$pubKey-END PUBLIC KEY-'''; / end RSAPublicKey publicKey = parser.parse (publicKeyString) as RSAPublicKey; final encrypter = Encrypter (RSA (publicKey: publicKey)); return encrypter.encrypt (content) .Base64;}}

The use and Encapsulation of Dio Library for Flutter Network request

Remember the previous print ('publicKeyString=$publicKeyString'); output.

Step 7 of publicKeyString=-BEGIN PUBLIC KEY-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDb6bKQPmUBcifd5L8hxzbluv5026g5Jj5l1nYoq8mpxze6+iyIdJTUYbMVOGF4SEwSYL+0f0na4gC8m68n4eSnNUTBynG9BG8RfLKVPow3nH+0ND7WgE2iek0Z1ECqcDkim8sM3FDmVJLsSuCTlZOiorOxbxI41zKKhL9AoO6sBQIDAQAB-END PUBLIC KEY-, about the format of the secret key (very important)

Now let's talk about the format of this publicKeyString.

First, the key part in the middle can not wrap, and there can be multiple line breaks before and after, but there can be no spaces.

Second, the beginning and end of-BEGIN PUBLIC KEY-,-END PUBLIC KEY- must have

Third, no spaces are allowed in front of-BEGIN PUBLIC KEY-, and there can be at most one line break

Fourth,-END PUBLIC KEY- can be preceded by multiple line breaks, but there must be no spaces.

The eighth step is to use the Encrypt class to encrypt void _ userLogin () async {/ obtain the public key await Encrypt.getKey (); / / data encryption var password = await Encrypt.encryption (_ formData ["password"]); print ('_ formData=$password') } after reading this, the article "methods of Flutter RSA encryption and decryption" has been introduced. If you want to master the knowledge points of this article, you still need to practice and use it yourself to understand it. If you want to learn more about related articles, welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.