joshi-stuff / cipher Goto Github PK
View Code? Open in Web Editor NEWA Dart library for encryption/decryption mainly based on Bouncy Castle Java library
License: Other
A Dart library for encryption/decryption mainly based on Bouncy Castle Java library
License: Other
In the project's wiki
Given that current implementations have been ported from Java it could be the case that they work for the tests but fail for boundary conditions (due to overflows or things like that).
I want to make sure that the current algorithms don't suffer these issues.
This allows using a BlockCipher in CTR mode as a pure StreamCipher
If you call initCipher() more than once an exception is thrown. This should be fixed as discussed here: [https://groups.google.com/a/dartlang.org/d/topic/misc/_ko-kPSmvPc/discussion]
Create dartdoc for implementations of algorithms
See https://en.wikipedia.org/wiki/AEAD_block_cipher_modes_of_operation for an explanation of what AEAD mode is.
The idea is to avoid the need to call initCipher() before using the library. I'll try to call initCipher() from Registry.create().
Also, it would be good to redesign initCipher() so that it can be tweaked to load only the algorithms used. This is a good starting point: http://blog.sethladd.com/2013/04/lazy-load-libraries-in-dart.html
Implement elliptic curve signatures (http://en.wikipedia.org/wiki/Elliptic_Curve_DSA)
Create an ext.dart library with the API for extending cipher (so that it does not appear in api.dart).
Refactor factories as a class instead of many hashmaps and functions.
This will make, IMO, things clearer and easier to use and maintain.
Create the command line tool and add the benchmark functionality to begin with (later we will add cipher, decipher, digest, etc. functions).
Port AES fast benchmark to this framework/tool.
This could be used both in server and client if properly abstracted, but it would have the problem that it requires user intervention. On the other hand it would be a truly secure method.
Feature request. Scrypt is a key deriviation function often used in the light of cryptocurrencies.
A Java implementation of scrypt can be found ar BouncyCastle: org.bouncycastle.crypto.generators.SCrypt
I have not yet run tests on Javascript, just in the VM. This should be tested.
I need it for scrypt.
Implement missing digests from BouncyCastle
Did you skip the ECPoint.Fp()
method from BouncyCastle on purpose?
There is currently no way to compress an ECPoint
, neither using the ECPoint
or the ECCurve
class.
If compression can be achieved using the ECPoint.createPoint(BigInteger x, BigInteger y, [bool withCompression = false])
method by using uncompressed x
and y
and setting the flag to true
(which I doubt), please specify it in the documentation.
This is a feature request to have an RSA signing algorithm. Specifically, I need to be able to:
Thanks!
The benchmark tool should look at the types in init() method of ciphers to figure out how to initialize them so that it can init ciphers of different types.
BC uses a CipherStream
, I think.
I'm not sure if Dart has something as a ByteStream that could be underlying this. But it might be cumbersome to split your input data into multiple blocks to use the processBlock()
method.
I'm not sure of a Uint8List BlockCipher.processData(Uint8List input)
is possible?
This includes all those found in BouncyCastle:
-GCTR
-ECB
-CFB
-OFB
I have already implemented HMAC because I needed it for PBKDFs.
Now is the time to get your package ready for Dart's release.
If you author Dart packages hosted on pub.dartlang.org, please read on for this important call for participation.
Hello Dart package authors! Time to test and stabilize your packages, and get ready for Dart 1.0. Wait, what?! 1.0? Forealz? Not yet, but soon. You can help the community, and new users, have a successful 1.0 launch by following these steps:
Please update your Dart Editor and SDK to 0.8.10+8 or later.
Update your library's pubspec.yaml with specific version constraints. Please add:
environment:
sdk: ">=0.8.10+6 <2.0.0"
If your package depends on packages produced by the Dart team, like "args", "unittest", "polymer", etc, please use these specific lower and upper bounds:
analyzer: >=0.10.1 < 0.11.0
everything else: >=0.9.0 < 0.10.0
These specific versions protect your package, and more importantly your users, in the face of potential breaking changes in dependencies. Sometime after the 1.0 launch, each package will get its own release cadence.
That's right, the days of 'any' for library packages are over. With a stable SDK, there's no reason to force your users to live on the bleeding edge. Let's all stabilize the Dart community by specifying version dependencies for our libraries.
Test your package, and fix any breaks.
Bump the version of your package.
If your package is >=1.0: Add +1.0.0 if you introduced a breaking change, add +0.1.0 if you added a feature (and it does not break existing users), or add +0.0.1 if it is a bugfix.
if your package is <1.0: technically anything less than 1.0 can break at any time. However we have found the following scheme is helpful to users of your package: add +0.1.0 if it is a breaking change, otherwise add +0.0.1. If you follow this scheme, let your users know!
Thank you for your early support and your help to get ready for the launch.
So that encryption of variable sizes can be done in an intuitive way.
We're using this package in the context of a web app (actually a chrome app). The latest version has introduced a dependency on dart:io
. We've temporarily pegged our version dependency at 0.4.0.
packages/cipher/entropy/url_entropy_source.dart:9:8: Error: Library not found 'dart:io'.
import "dart:io";
Any chance this dart:io
dependency could be removed, or only included from a cipher_io.dart
entry-point?
Currently I'm used a modified version internally added to cipher of that library. The patches I've made should be transferred to bignum and cipher should rely on that lib.
Done in commit 6df93a5
Perhaps use Truecrypt's specification.
Refactor tests to create generic tests based on BlockCipher, StreamCipher, Digest, etc. interfaces.
Don't forget bitcoin curve: https://en.bitcoin.it/wiki/Secp256k1
Not too sure about this one: bytes extracted from random.org may be attacked (by eavesdropping or just because random.org may be unfair).
The problem is that, AFAIK, we don't have real sources of randomness in DART.
Let users do:
var cipher = new BlockCipher("AES/SIC");
We want to be able to do, for example:
var c = new BlockCipher("AES");
instead of:
var c = new AESFastEngine()
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.