fix: at_auth changes for at_chops major version uptake

packages/at_auth/CHANGELOG.md

@@ -1,3 +1,5 @@
+## 2.1.0
+- feat: at_chops uptake for faster AES encryption/decryption
 ## 2.0.10
 - fix: Replace legacy IVs with random IVs for encrypting "defaultEncryptionPrivateKey" and "selfEncryptionKey" in APKAM flow
 ## 2.0.9

packages/at_auth/lib/src/at_auth_impl.dart

@@ -51,7 +51,7 @@ class AtAuthImpl implements AtAuth {
     if (atAuthRequest.atKeysFilePath != null) {
       atAuthKeys = await _prepareAtAuthKeysFromFilePath(atAuthRequest);
     } else if (atAuthRequest.encryptedKeysMap != null) {
-      atAuthKeys = _decryptAtKeysWithSelfEncKey(
+      atAuthKeys = await _decryptAtKeysWithSelfEncKey(
           atAuthRequest.encryptedKeysMap!, PkamAuthMode.keysFile);
     } else {
       atAuthKeys = atAuthRequest.atAuthKeys;
@@ -228,35 +228,37 @@ class AtAuthImpl implements AtAuth {
     return enrollmentIdFromServer!;
   }
 
-  AtAuthKeys _decryptAtKeysWithSelfEncKey(
-      Map<String, dynamic> jsonData, PkamAuthMode authMode) {
+  Future<AtAuthKeys> _decryptAtKeysWithSelfEncKey(
+      Map<String, dynamic> jsonData, PkamAuthMode authMode) async {
     var securityKeys = AtAuthKeys();
     String decryptionKey = jsonData[auth_constants.defaultSelfEncryptionKey]!;
     var atChops =
         AtChopsImpl(AtChopsKeys()..selfEncryptionKey = AESKey(decryptionKey));
-    securityKeys.defaultEncryptionPublicKey = atChops
-        .decryptString(jsonData[auth_constants.defaultEncryptionPublicKey]!,
+    securityKeys.defaultEncryptionPublicKey = (await atChops.decryptString(
+            jsonData[auth_constants.defaultEncryptionPublicKey]!,
             EncryptionKeyType.aes256,
-            keyName: 'selfEncryptionKey', iv: AtChopsUtil.generateIVLegacy())
+            keyName: 'selfEncryptionKey',
+            iv: AtChopsUtil.generateIVLegacy()))
         .result;
-    securityKeys.defaultEncryptionPrivateKey = atChops
-        .decryptString(jsonData[auth_constants.defaultEncryptionPrivateKey]!,
+    securityKeys.defaultEncryptionPrivateKey = (await atChops.decryptString(
+            jsonData[auth_constants.defaultEncryptionPrivateKey]!,
             EncryptionKeyType.aes256,
-            keyName: 'selfEncryptionKey', iv: AtChopsUtil.generateIVLegacy())
+            keyName: 'selfEncryptionKey',
+            iv: AtChopsUtil.generateIVLegacy()))
         .result;
     securityKeys.defaultSelfEncryptionKey = decryptionKey;
-    securityKeys.apkamPublicKey = atChops
-        .decryptString(
+    securityKeys.apkamPublicKey = (await atChops.decryptString(
             jsonData[auth_constants.apkamPublicKey]!, EncryptionKeyType.aes256,
-            keyName: 'selfEncryptionKey', iv: AtChopsUtil.generateIVLegacy())
+            keyName: 'selfEncryptionKey', iv: AtChopsUtil.generateIVLegacy()))
         .result;
     // pkam private key will not be saved in keyfile if auth mode is sim/any other secure element.
     // decrypt the private key only when auth mode is keysFile
     if (authMode == PkamAuthMode.keysFile) {
-      securityKeys.apkamPrivateKey = atChops
-          .decryptString(jsonData[auth_constants.apkamPrivateKey]!,
+      securityKeys.apkamPrivateKey = (await atChops.decryptString(
+              jsonData[auth_constants.apkamPrivateKey]!,
               EncryptionKeyType.aes256,
-              keyName: 'selfEncryptionKey', iv: AtChopsUtil.generateIVLegacy())
+              keyName: 'selfEncryptionKey',
+              iv: AtChopsUtil.generateIVLegacy()))
           .result;
     }
     securityKeys.apkamSymmetricKey = jsonData[auth_constants.apkamSymmetricKey];

packages/at_auth/lib/src/enroll/at_enrollment_impl.dart

@@ -115,22 +115,24 @@ class AtEnrollmentImpl implements AtEnrollmentBase {
     InitialisationVector encryptionPrivateKeyIV =
         AtChopsUtil.generateRandomIV(16);
     // Fetch the encryptionPrivateKey from the atChops and encrypt with APKAM Symmetric key.
-    String encryptedDefaultEncryptionPrivateKey = atLookUp.atChops
-        ?.encryptString(
-            atLookUp.atChops!.atChopsKeys.atEncryptionKeyPair!.atPrivateKey
-                .privateKey,
-            EncryptionKeyType.aes256,
-            keyName: 'apkamSymmetricKey',
-            iv: encryptionPrivateKeyIV)
-        .result;
+    String encryptedDefaultEncryptionPrivateKey = (await atLookUp.atChops
+            ?.encryptString(
+                atLookUp.atChops!.atChopsKeys.atEncryptionKeyPair!.atPrivateKey
+                    .privateKey,
+                EncryptionKeyType.aes256,
+                keyName: 'apkamSymmetricKey',
+                iv: encryptionPrivateKeyIV))
+        ?.result;
 
     InitialisationVector selfEncryptionKeyIV = AtChopsUtil.generateRandomIV(16);
     // Fetch the selfEncryptionKey from the atChops and encrypt with APKAM Symmetric key.
-    String encryptedDefaultSelfEncryptionKey = atLookUp.atChops
-        ?.encryptString(atLookUp.atChops!.atChopsKeys.selfEncryptionKey!.key,
-            EncryptionKeyType.aes256,
-            keyName: 'apkamSymmetricKey', iv: selfEncryptionKeyIV)
-        .result;
+    String encryptedDefaultSelfEncryptionKey = (await atLookUp.atChops
+            ?.encryptString(
+                atLookUp.atChops!.atChopsKeys.selfEncryptionKey!.key,
+                EncryptionKeyType.aes256,
+                keyName: 'apkamSymmetricKey',
+                iv: selfEncryptionKeyIV))
+        ?.result;
 
     String command = 'enroll:approve:${jsonEncode({
           'enrollmentId': enrollmentRequestDecision.enrollmentId,

packages/at_auth/pubspec.yaml

@@ -1,6 +1,6 @@
 name: at_auth
 description: Package that implements common logic for onboarding/authenticating an atsign to a secondary server
-version: 2.0.10
+version: 2.1.0
 homepage: https://atsign.com/
 repository: https://github.com/atsign-foundation/at_libraries
 
@@ -9,14 +9,22 @@ environment:
 
 dependencies:
   args: ^2.4.1
-  at_commons: ^5.1.1
+  at_commons: ^5.1.2
   at_lookup: ^3.0.49
   at_chops: ^2.2.0
   at_utils: ^3.0.19
   meta: ^1.8.0
   at_demo_data: ^1.0.3
   crypton: ^2.2.1
 
+dependency_overrides:
+  at_chops:
+    git:
+      url: https://github.com/atsign-foundation/at_libraries.git
+      path: packages/at_chops
+      ref: at_chops_faster_aes
+
+
 dev_dependencies:
   lints: ^5.0.0
   test: ^1.25.8

packages/at_auth/test/enrollment_test.dart

@@ -61,10 +61,10 @@ void main() {
             any(
                 that: startsWith(
                     'keys:get:keyName:123.${AtConstants.defaultEncryptionPrivateKey}')),
-            auth: true)).thenAnswer((_) => Future.value(jsonEncode({
-          'value': atChopsImpl
-              .encryptString(encryptionPrivateKey, EncryptionKeyType.aes256,
-                  keyName: 'apkamSymmetricKey', iv: iv)
+            auth: true)).thenAnswer((_) async => Future.value(jsonEncode({
+          'value': (await atChopsImpl.encryptString(
+                  encryptionPrivateKey, EncryptionKeyType.aes256,
+                  keyName: 'apkamSymmetricKey', iv: iv))
               .result
         })));
 
@@ -73,10 +73,10 @@ void main() {
             any(
                 that: startsWith(
                     'keys:get:keyName:123.${AtConstants.defaultSelfEncryptionKey}')),
-            auth: true)).thenAnswer((_) => Future.value(jsonEncode({
-          'value': atChopsImpl
-              .encryptString(selfEncryptionKey, EncryptionKeyType.aes256,
-                  keyName: 'apkamSymmetricKey', iv: iv)
+            auth: true)).thenAnswer((_) async => Future.value(jsonEncode({
+          'value': (await atChopsImpl.encryptString(
+                  selfEncryptionKey, EncryptionKeyType.aes256,
+                  keyName: 'apkamSymmetricKey', iv: iv))
               .result
         })));
     when(() => mockAtLookUp.pkamAuthenticate(enrollmentId: '123'))