Dart "encrypt" library gives unreadable string after encryption Dart "encrypt" library gives unreadable string after encryption dart dart

Dart "encrypt" library gives unreadable string after encryption


javascript flutter dart encryption cryptojs

In the Dart code the ciphertext must be Base64 decoded and not UTF8 encoded:

final decrypted = encrypter.decrypt(Encrypted.from64(cipher), iv: IV.fromUtf8(iv)); // fromBase64() works also

This is not necessary in the JavaScript code, where CryptoJS.AES.decrypt() implicitly converts the Base64 encoded ciphertext into a CipherParams object.

If this is fixed, the decryption works!

Note the following vulnerability: In both codes, the first 16 bytes of the 32 bytes key are also used as IV. If the same key is applied several times, this automatically results in the repetition of key/IV pairs. Especially for CRT this is insecure, see Why must IV/key-pairs not be reused in CTR mode?
Usually a random IV is generated for each encryption. The IV is not secret and is sent along with the ciphertext (typically concatenated). On the decrypting side, the IV is stripped and used for decryption.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last