[Feature/RSA] add RSA and AES

MathieuSchl · Oct 4, 2023 · 3789d63 · 3789d63
1 parent 40f8a5e
commit 3789d63
Show file tree

Hide file tree

Showing 2 changed files with 75 additions and 28 deletions.
diff --git a/client_flutter/lib/core/repository/kara_repo.dart b/client_flutter/lib/core/repository/kara_repo.dart
@@ -16,36 +16,38 @@ class KaraRepo implements KaraRepository {
     http.Client client,
   ) async {
     try {
-      final stringPublicKey = await UtilsController().readStorage('publicKey');
-      RSAKeyParser parser = RSAKeyParser();
-      RSAPublicKey publicKey = parser.parse(stringPublicKey) as RSAPublicKey;
-      final encrypter = Encrypter(
-        RSA(
-          publicKey: publicKey,
-          encoding: RSAEncoding.OAEP,
-        ),
-      );
-
       //encrypted
       jsonData['date'] = DateTime.now().toUtc().toIso8601String();
-      var dataString = jsonEncode(jsonData);
 
-      final Encrypted encrypted = encrypter.encrypt(dataString);
-      Map<String, dynamic> data = {'data': encrypted.base64};
-      //request
-      final response = await HttpRepo().getRequestParams("api/heyKara", data);
-      RSAPrivateKey privateKey = parser.parse(stringPublicKey) as RSAPrivateKey;
-      final decrypter = Encrypter(
-        RSA(
-          privateKey: privateKey,
-          encoding: RSAEncoding.OAEP,
-        ),
-      );
-      //decrypted
+      String dataString = jsonEncode(jsonData);
 
-      String value = decrypter.decrypt64(response.body);
+      final key = Key.fromSecureRandom(16);
+      final iv = IV.fromSecureRandom(16);
+      Encrypted dataEncrypted =
+          UtilsController().encryptAES(dataString, key, iv);
+      String dataAes = '{"key":"${key.base64}","iv":"${iv.base64}"}';
+      Encrypted dataAesEncrypted = await UtilsController().encryptRSA(dataAes);
+      Map<String, dynamic> data = {
+        'data': dataEncrypted.base64,
+        'aes': dataAesEncrypted.base64,
+      };
+      String dataAesDecrypted =
+          await UtilsController().decryptRSA(Encrypted.from64(data['aes']));
+      print(dataAesDecrypted);
+      var jsonDataAes = jsonDecode(dataAesDecrypted);
+      print(jsonDataAes['iv']);
+      String message = UtilsController().decryptAES(
+        Encrypted.from64(data['data']),
+        Key.fromBase64(jsonDataAes['key']),
+        IV.fromBase64(jsonDataAes['iv']),
+      );
+      print('secondData: $message');
+      Map<String, String> value = jsonDecode(message);
+      print(value.toString());
 
-      final parsedResponse = KaraResponse.fromJson(json.decode(value));
+      print(value);
+      final response = await HttpRepo().getRequestParams("api/heyKara", data);
+      final parsedResponse = KaraResponse.fromJson(jsonDecode(response.body));
       return parsedResponse;
     } catch (err) {
       rethrow;

diff --git a/client_flutter/lib/services/utils_controller.dart b/client_flutter/lib/services/utils_controller.dart
@@ -1,8 +1,10 @@
+import 'package:encrypt/encrypt.dart';
 import 'package:http/http.dart' as http;
 import 'package:flutter_dotenv/flutter_dotenv.dart';
 import 'package:kar_assistant/core/globals.dart' as globals;
 import 'package:flutter_secure_storage/flutter_secure_storage.dart';
 import 'package:kar_assistant/core/repository/client_repo.dart';
+import 'package:pointycastle/export.dart';
 
 class UtilsController {
   AndroidOptions secureOptions() => const AndroidOptions(
@@ -35,13 +37,56 @@ class UtilsController {
     if (await readStorage('clientToken') != '') {
       Map<String, String> data = {
         "appType": 'mobile_app',
-        'rsaPublicKey': 'publicKey',
       };
       var result = await ClientRepo().newToken(data, http.Client());
-      await setStorage('privateKey', 'privateKey');
+      await setStorage('clientPrivateKey', result['clientPrivateKey']);
       await setStorage('clientToken', result['clientToken']);
-      await setStorage('publicKey', result['publicKey']);
+      await setStorage('backPublicKey', result['backPublicKey']);
     }
     globals.clientToken = await readStorage('clientToken');
   }
+
+  Future<Encrypted> encryptRSA(String keyToEncrypt) async {
+    final stringPublicKey =
+        await UtilsController().readStorage('backPublicKey');
+    RSAPublicKey publicKey =
+        RSAKeyParser().parse(stringPublicKey) as RSAPublicKey;
+    final encrypterRsa = Encrypter(
+      RSA(
+        publicKey: publicKey,
+        encoding: RSAEncoding.OAEP,
+      ),
+    );
+    Encrypted encrypted = encrypterRsa.encrypt(
+      keyToEncrypt,
+    );
+    return encrypted;
+  }
+
+  Future<String> decryptRSA(Encrypted keyToDecrypt) async {
+    final stringPrivateKey =
+        await UtilsController().readStorage('clientPrivateKey');
+    RSAPrivateKey privateKey =
+        RSAKeyParser().parse(stringPrivateKey) as RSAPrivateKey;
+    final decrypter = Encrypter(
+      RSA(
+        privateKey: privateKey,
+        encoding: RSAEncoding.OAEP,
+      ),
+    );
+    String decrypted = decrypter.decrypt(keyToDecrypt);
+    return decrypted;
+  }
+
+  Encrypted encryptAES(String plainText, Key key, IV iv) {
+    final encrypter = Encrypter(AES(key, mode: AESMode.cbc));
+    Encrypted encrypted = encrypter.encrypt(plainText, iv: iv);
+    return encrypted;
+  }
+
+  String decryptAES(Encrypted encrypted, Key key, IV iv) {
+    final encrypter = Encrypter(AES(key, mode: AESMode.cbc));
+    String decrypted = encrypter.decrypt(encrypted, iv: iv);
+    return decrypted;
+  }
 }