1

I am looking for a dart package in order to implement key exchange protocol (Elliptic-curve Diffie–Hellman) in a Flutter application. So the flow will be like this:

  • app generates a key pair during login and sends the public key to server (so a new key pair is generated for every login)
  • server sends back its public key that it just generated
  • app generates a secret key from its private key and server's public key
  • app includes the hmac of all subsequent messages sent to the server

I tried using the ed25519_dart package for the key generation, but it doesn't work. My app doesn't even start due to integer literal can't be represented in 64 bits error, which is also pointed out by the dart analyzer.

I also took a look at pointycastle, but it doesn't seem to support Diffie–Hellman.

The Diffie–Hellman package also doesn't work for me. Provided example throws this exception in the first line: 

FormatException: Invalid radix-16 number
FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B1...

Any idea how I could achieve what I want to do in a Flutter application?

Egemen
  • 2,178
  • 5
  • 22
  • 32

1 Answers1

0

The error I am assuming is connected to BigNum and Dart 2. Pointy Castle has a branch on GitHub where they are switching to Dart 2.0.

Here are some ways you could get a keypair:

  • Use a native SDK (Java, Kotlin, or C++) and use a platform channel
  • Use the pointy castle Dart 2.0 branch
  • Try flutter_sodium package. It works with Dart 2 but is a work in progress.

Hopefully, this helps. I am trying to figure out the best way as well!

aidxn
  • 1
  • Thanks, I already looked into pointy castle. I tried using their `ECKeyGenerator`, but it's not clear to me with which `CipherParameters` it should be initialized. Also, I didn't see any function for generating a secret key from my private key and server's public key. I will look into flutter_sodium as well. – Egemen Jul 23 '18 at 06:41