Encrypt in php and decrypt in Dart(flutter)

Question

Does anyone have an idea about encrypting response from my php api and decrypting data in local using dart. I'm using flutter for my mobile application.

Thank You!

Why can't you use HTTPS? – Luke Joshua Park Sep 08 '18 at 02:16 — Luke Joshua Park, Sep 08 '18 at 02:16

Pierre · Answer 1 · 2023-04-09T11:21:50.277

Here is a method for encrypting/decrypting in Flutter, PHP and C# using AES-256-CBC algorithm.

AES-256 is considered quantum-safe.

Flutter:

Include the package https://pub.dev/packages/encrypt

import 'dart:convert';

import 'package:encrypt/encrypt.dart';
import 'package:crypto/crypto.dart';

class Encryption {
  static final Encryption instance = Encryption._();
  
  late IV _iv;
  late Encrypter _encrypter;

  Encryption._() {
    const mykey = 'ThisIsASecuredKey';
    const myiv = 'ThisIsASecuredBlock';
    final keyUtf8 = utf8.encode(mykey);
    final ivUtf8 = utf8.encode(myiv);
    final key = sha256.convert(keyUtf8).toString().substring(0, 32);
    final iv = sha256.convert(ivUtf8).toString().substring(0, 16);
    _iv = IV.fromUtf8(iv);

    _encrypter = Encrypter(AES(Key.fromUtf8(key), mode: AESMode.cbc));
  }

  String encrypt(String value) {
    return _encrypter.encrypt(value, iv: _iv).base64;
  }

  String decrypt(String base64value) {
    final encrypted = Encrypted.fromBase64(base64value);
    return _encrypter.decrypt(encrypted, iv: _iv);
  }
}

Usage (Singleton Class):

var encrypted = Encryption.instance.encrypt('my value to be encrypted');
var decrypted = Encryption.instance.decrypt(encrypted);

PHP:

<?php

class Encryption
{
    private string $encryptMethod = 'AES-256-CBC';
    private string $key;
    private string $iv;

    public function __construct()
    {
        $mykey = 'ThisIsASecuredKey';
        $myiv = 'ThisIsASecuredBlock';
        $this->key = substr(hash('sha256', $mykey), 0, 32);
        $this->iv = substr(hash('sha256', $myiv), 0, 16);
    }

    public function encrypt(string $value): string
    {
        return openssl_encrypt(
            $value,
            $this->encryptMethod,
            $this->key,
            0,
            $this->iv
        );
    }

    public function decrypt(string $base64Value): string
    {
        return openssl_decrypt(
            $base64Value,
            $this->encryptMethod,
            $this->key,
            0,
            $this->iv
        );
    }
}

Usage:

$encryption = new Encryption();
$encrypted = $encryption->encrypt('my value to be encrypted');
$decrypted = $encryption->decrypt($encrypted);

C#:

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;

public class Encryption
{
    byte[] key;
    byte[] iv;

    private Encryption instance;
    public Encryption Instance
    {
        get
        {
            if (instance == null)
                instance = new Encryption();
            return instance;
        }
    }

    private Encryption()
    {
        var Key = "ThisIsASecuredKey";
        var Iv = "ThisIsASecuredBlock";

        using (var sha256 = SHA256.Create())
        {
            key = Encoding.UTF8.GetBytes(
                 ToHex(sha256.ComputeHash(Encoding.UTF8.GetBytes(Key)))
                    .Substring(0, 32)
            );
            iv = Encoding.UTF8.GetBytes(
                 ToHex(sha256.ComputeHash(Encoding.UTF8.GetBytes(Iv)))
                    .Substring(0, 16)
            );
        }
    }
    
    public string Encrypt(string input)
    {
        using (var aesManaged = new AesManaged())
        using (var ms = new MemoryStream())
        {
            using (var cs = new CryptoStream(
                ms,
                aesManaged.CreateEncryptor(key, iv),
                CryptoStreamMode.Write
            ))
            {
                var inputBytes = Encoding.UTF8.GetBytes(input);
                cs.Write(inputBytes, 0, inputBytes.Length);
            }

            return Convert.ToBase64String(ms.ToArray());
        }
    }

    public string Decrypt(string base64value)
    {
        using (var aesManaged = new AesManaged())
        using (var decryptor = aesManaged.CreateDecryptor(key, iv))
        using (var ms = new MemoryStream(Convert.FromBase64String(base64value)))
        using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read))
        using (var sr = new StreamReader(cs))
        {
            return sr.ReadToEnd();
        }
    }

    private string ToHex(byte[] bytes, bool upperCase = false)
    {
        var result = new StringBuilder(bytes.Length * 2);
        for (int i = 0; i < bytes.Length; i++)
            result.Append(bytes[i].ToString(upperCase ? "X2" : "x2"));
        return result.ToString();
    }
}

Usage (Singleton Class):

var encrypted = Encryption.Instance.Encrypt("my value to be encrypted");
var decrypted = Encryption.Instance.Decrypt(encrypted);

i am getting this error The class 'Encryption' doesn't have an unnamed constructor. when calling Encryption instance in flutter. Here is how i have called it Encryption().encrypt("value"); — Emmanuel Njorodongo, Aug 02 '22 at 13:24
i am using php 7, i am not experiencing any issue in my php side i was asking for the flutter/dart part — Emmanuel Njorodongo, Aug 02 '22 at 17:56
@EmmanuelNjorodongo I have added usage examples to the answer — Pierre, Aug 03 '22 at 05:43
for php 7 just declare the variables like private $key; instead of private string $key; — Emmanuel Njorodongo, Aug 03 '22 at 08:41
@EmmanuelNjorodongo I have used `PHP 7.4` in the above PHP code. — Pierre, Aug 03 '22 at 08:43

score 1 · Answer 2 · answered Sep 08 '18 at 12:25

1

You can use AES encrypt/decrypt that supported on both sides.

flutter_string_encryption

PHP

answered Sep 08 '18 at 12:25

Saman

2,506
4
22
41

1

Does this work if I want to encrypt-decrypt an array? because it said string – Azhar Mar 19 '19 at 04:58
2

@Azhar you can convert array to `json` and then `encrypt /decrypt` data. – Saman Mar 19 '19 at 13:26

Hari Upreti · Answer 3 · 2019-11-12T10:41:52.513

You can use Cipher2 library for cryptography in flutter with the help of library you can encrypt and decrypt string with "aes-128-cbc" method

    //Make sure you import the library, stringEncryption is a user define function you can define your own
    stringEncryption() async { //call this method 
    String plainText ='String to encrypt';
    String key = '1245714587458745'; //combination of 16 character
    String iv = 'e16ce913a20dadb8'; ////combination of 16 character
    String encryptedString =
    await Cipher2.encryptAesCbc128Padding7(plainText, key, iv);
    print("key:$key");
    print("iv:$iv");
    print("String:$encryptedString");

    //for decrypt use decrypt function 
    decryptedString = await Cipher2.decryptAesCbc128Padding7(encryptedString, key, iv);
    //parameters: encryptedString,sameKey,SameIv
    }

    //To decrypt in PHP
    $method = 'aes-128-cbc';
    $decryptedString = openssl_decrypt("encryptedString", $method, "SameKeyUsedInFlutter", 0, "SameIvUsedInFlutter");

    //To encrypt in PHP
    $encryptedString = openssl_encrypt("Text to encrypt", $method, "SameKeyUsedInFlutter", 0, "SameIvUsedInFlutter");
    //Key and IV must need to match

score 0 · Answer 4 · answered Jan 11 '21 at 06:15

function CryptoJSAesDecrypt(passphrase,encrypted_json_string){

var obj_json = JSON.parse(encrypted_json_string);

var encrypted = obj_json.ciphertext;
var salt = CryptoJS.enc.Hex.parse(obj_json.salt);
var iv = CryptoJS.enc.Hex.parse(obj_json.iv);   

var key = CryptoJS.PBKDF2(passphrase, salt, { hasher: CryptoJS.algo.SHA512, keySize: 64/8, iterations: 999});


var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv});

return decrypted.toString(CryptoJS.enc.Utf8);

} i want to covert php func crypto to flutter

Encrypt in php and decrypt in Dart(flutter)

4 Answers4

Flutter:

PHP:

C#: