The IV and the key are up here.
// Verschlüsselt den Job-Parameter
String encryptJob(String job) {
final encrypter = encrypt.Encrypter(encrypt.AES(key, mode: encrypt.AESMode.cbc));
final encrypted = encrypter.encrypt(job, iv: iv);
return encrypted.base64; // Base64-String des verschlüsselten Textes
}
String encryptMessage (String message){
final encrypter = encrypt.Encrypter(encrypt.AES(key, mode: encrypt.AESMode.cbc));
final encrypted = encrypter.encrypt(message, iv:iv);
return encrypted.base64;
}
Future<void> fetchData() async {
final message = '&function=';
// Verschlüsselung des Job-Parameters
final encryptedJob1 = encryptJob('job=$job1');
final encryptedJob2 = encryptJob('job=$job2');
final encryptedJob3 = encryptJob('job=$job3');
final encryptedJob4 = encryptJob('job=$job4');
//IV und verschlüsselte Daten für die URL korrekt kodieren
final encodedIV = Uri.encodeComponent(iv.base64);
final encodedJob1 = Uri.encodeComponent(encryptedJob1);
final encodedJob2 = Uri.encodeComponent(encryptedJob2);
final encodedJob3 = Uri.encodeComponent(encryptedJob3);
final encodedJob4 = Uri.encodeComponent(encryptedJob4);
final encryptedMessage = encryptMessage('$message$encodedJob4');
// Jetzt den IV korrekt in Base64 umwandeln und in die URL einfügen
final webServiceURl = 'http://localhost/get_encrypt_request.php?iv=$encodedIV$message$encodedJob4';
final url = Uri.parse(webServiceURl);
final response = await http.get(url);
print('$urln');
print(response.body);
setState(() {
data = response.body;
});
if (response.statusCode == 200) {
print('Erfolgreiche Antwort');
} else {
print('Fehler beim Abrufen der Daten: ${response.statusCode}');
}
}
My Task is to encrypt the queryParamters that no plaintext can be seen affter the ?.
I can encrypt my job but not my queryparameter in that case the message per se.
And after that the queryparameter must than be decrypt in php and send me the data from the job.
// Empfange den IV und die verschlüsselten Daten
$iv = isset($_GET['iv']) ? $_GET['iv'] : '';
$data = isset($_GET['function']) ? $_GET['function'] : '';
final encryptedMessage = encryptMessage('$message$encodedJob4');
In this line you can see that i have tried to put the message with the job but than for the job it is a “double encryption” and that is indeed not that sence.
final webServiceURl = 'http://localhost/get_encrypt_request.php?iv=$encodedIV$encryptedMessage';
When i change the queryparameters to this for sure it doesn’t work.