深海游弋的鱼 – 智障儿童欢乐多

使用 AndroidX 增强 WebView 的能力

在应用开发过程中，为了在多个平台上保持一致的用户体验和提高开发效率，许多应用程序选择使用 H5 技术。在 Android 平台上，通常使用 WebView 组件来承载 H5 内容以供展示。

WebView 存在的问题

自 Android Lollipop 起，WebView 组件的升级已经独立于 Android 平台。然而，控制 WebView 的 API(android.webkit) 仍然与平台升级相关。这意味着应用开发者只能使用当前平台所定义的接口，而无法充分利用 WebView 的全部能力。例如: WebView.startSafeBrowsing API 在 Android 8.1 上被添加，该 Feature 由 WebView 提供，即使我们在 Android 7.0 更新 WebView 拥有了该 Feature ,由于 Android 7.0 没有 WebView.startSafeBrowsing API ，我们也没办法使用该功能。

WebView 的实现基于 Chromium 开源项目,而 Android 则基于 AOSP 项目，这两个项目有着不同的发布周期，WebView 往往一个月就可以推出下一个版本，而 Android 则需要一年的时间，对于 WebView 新增的 Feature 我们最迟需要一年才能使用。

AndroidX Webkit 的出现

为了解决上面平台能力和 WebView 不匹配的问题，我们可以独立于平台之外定义一套 WebView API ，并让它随着 WebView 的 Feature 更新 API ，这样解决了现有的问题却导入了另一个问题——如何将新定义的 WebView API 和 WebView 进行衔接。

从应用开发的角度，系统 WebView 难以修改，自己编译定制一个 WebView 并随着 apk 提供是一个很好方案。这时候，我们可以轻松的解决衔接问题，并能够按照需求，任意增改 Feature 而不必等官方更新。同时解决了兼容问题和 WebView 内核碎片化的问题。腾讯 X5 ,UC U4 等都是这个方案。维护一份 WebView 并不是一件容易的事，需要投入更多的人力支持，因为将 WebView 打入包中，还伴随着包体积的急剧增加。

从 Android 官方的角度，可以推动 WebView 上游支持该 WebView API , 而这正是 AndroidX Webkit 的解决方案。Android 官方将定义的 WebView API 放置到 AndroidX Webkit 库，以支持频繁的更新，并在 WebView 上游增加“胶水层”与 AndroidX Webkit 进行衔接,这样在旧版的 Android 平台上，只要安装了拥有"胶水"层代码的 WebView ,也就拥有了新版平台的功能。

“胶水层” 是在某个版本之后才后才支持的，旧版本的 WebView 内核并不支持，这也是为什么在调用之前始终应该检查 isFeatureSupported 的原因。

AndroidX Webkit 的功能

初步了解了 AndroidX Webkit 的产生和实现原理，下面带领大家看一下它都提供了哪些新能力能够增强我们的 WebView 。

向下兼容

如上文分析，AndroidX Webkit 提供了向下的兼容，如下面代码所示，由 WebViewCompat 提供兼容的接口调用。

需要注意的是在调用之前对 WebViewFeature 的检查，对于每个 Feature ,AndroidX Webkit 会取平台和 WebView 所提供 Feature 的并集 ,在调用某个 API 之前必须进行检查，如果平台和 WebView 均不支持该API则将抛出 UnsupportedOperationException 异常。

// Old code:
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O_MR1) {
   WebView.startSafeBrowsing(appContext, callback);
}

// New code:
if (WebViewFeature.isFeatureSupported(WebViewFeature.START_SAFE_BROWSING)) {
   WebViewCompat.startSafeBrowsing(appContext, callback);
}

// Old code:

if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O_MR1) {

WebView.startSafeBrowsing(appContext, callback);

}

// New code:

if (WebViewFeature.isFeatureSupported(WebViewFeature.START_SAFE_BROWSING)) {

WebViewCompat.startSafeBrowsing(appContext, callback);

}

如果我们扒开 WebViewCompat 的外衣查看他的源码（如下所示），会发现如果在当前版本 Platform API 提供了接口，就会直接调用 Platform API 的接口，而对于低版本，则由 AndroidX Webkit 和 WebView 的"通道"提供服务。

// WebViewCompat#startSafeBrowsing
public static void startSafeBrowsing(@NonNull Context context,
        @Nullable ValueCallback<Boolean> callback) {
    ApiFeature.O_MR1 feature = WebViewFeatureInternal.START_SAFE_BROWSING;
    if (feature.isSupportedByFramework()) {
        ApiHelperForOMR1.startSafeBrowsing(context, callback);
    } else if (feature.isSupportedByWebView()) {
        getFactory().getStatics().initSafeBrowsing(context, callback);
    } else {
        throw WebViewFeatureInternal.getUnsupportedOperationException();
    }
}

// WebViewCompat#startSafeBrowsing

public static void startSafeBrowsing(@NonNull Context context,

@Nullable ValueCallback<Boolean> callback) {

ApiFeature.O_MR1 feature = WebViewFeatureInternal.START_SAFE_BROWSING;

if (feature.isSupportedByFramework()) {

ApiHelperForOMR1.startSafeBrowsing(context, callback);

} else if (feature.isSupportedByWebView()) {

getFactory().getStatics().initSafeBrowsing(context, callback);

} else {

throw WebViewFeatureInternal.getUnsupportedOperationException();

}

对比上面的代码，使用平台 API（old code）时仅可以支持 90% 的用户，而使用 AndroidX Webkit（new code）则可以覆盖大约 99% 的用户。

代理功能支持

一直以来WebView 的代理设置异常繁琐，当遇到复杂的代理规则就无能为力了。在 AndroidX Webkit 中增加了 ProxyController API 用于为 WebView 设置代理。ProxyConfig.Builder 类提供了设置代理以及配置代理的绕过方式等方法，通过组合可以满足复杂的代理场景。

if (WebViewFeature.isFeatureSupported(WebViewFeature.PROXY_OVERRIDE)) {
    ProxyConfig proxyConfig = new ProxyConfig.Builder()
            .addProxyRule("localhost:7890") //添加要用于所有 URL 的代理
            .addProxyRule("localhost:1080") //优先级低于第一个代理，仅在上一个失败时应用
            .addDirect()                    //当前面的代理失败时，不使用代理直连
            .addBypassRule("www.bing.com") //该网址不使用代理，直连服务
            .addBypassRule("*.cn")          //以.cn结尾的网址不使用代理
            .build();
    Executor executor = ...
    Runnable listener = ...
    ProxyController.getInstance().setProxyOverride(proxyConfig, executor, listener);
｝

if (WebViewFeature.isFeatureSupported(WebViewFeature.PROXY_OVERRIDE)) {

ProxyConfig proxyConfig = new ProxyConfig.Builder()

.addProxyRule("localhost:7890") //添加要用于所有 URL 的代理

.addProxyRule("localhost:1080") //优先级低于第一个代理，仅在上一个失败时应用

.addDirect() //当前面的代理失败时，不使用代理直连

.addBypassRule("www.bing.com") //该网址不使用代理，直连服务

.addBypassRule("*.cn") //以.cn结尾的网址不使用代理

.build();

Executor executor = ...

Runnable listener = ...

ProxyController.getInstance().setProxyOverride(proxyConfig, executor, listener);

｝

以上代码定义了一个复杂的代理场景,我们为 WebView 设置了两个代理服务器，localhost:1080 仅当 localhost:7890 失败的情况下启用，addDirect 声明了如果两个服务器都失败则直连服务器，addBypassRule 规定了 www.bing.com 和以 .so 结尾的域名始终不应该使用代理。

白名单代理

如果仅有少量的 URL 需要配置代理，我们可以使用 setReverseBypassEnabled(true) 方法将addBypassRule 添加的 URL 转变为使用代理服务器，而其他的 URL 则直连服务。

安全的 WebView 和 Native 通信支持

建立 WebView 和 Native 的双向通信是使用 Hybrid 混合开发模式的基础，在之前 Android 已经提供了一些机制能够让完成基本的通信，但是已有的接口都存在一些安全和性能问题，在 AndroidX 中增加了一个功能强大的接口 addWebMessageListener 兼顾了安全和性能等问题。

代码示例中将 JavaSript 对象 replyObject 注入到匹配 allowedOriginRules的上下文中，这样只有在可信的网站中才能被使用此对象，也就防止了不明来源的网络攻击者对该对象的利用。

// App (in Java)
WebMessageListener myListener = new WebMessageListener() {
  @Override
  public void onPostMessage(WebView view, WebMessageCompat message, Uri sourceOrigin,
           boolean isMainFrame, JavaScriptReplyProxy replyProxy) {
    // do something about view, message, sourceOrigin and isMainFrame.
    replyProxy.postMessage("Got it!");
  }
};

HashSet<String> allowedOriginRules = new HashSet<>(Arrays.asList("[https://example.com](https://example.com/)"));
// Add WebMessageListeners.

WebViewCompat.addWebMessageListener(webView, "replyObject", allowedOriginRules,myListener);

// App (in Java)

WebMessageListener myListener = new WebMessageListener() {

@Override

public void onPostMessage(WebView view, WebMessageCompat message, Uri sourceOrigin,

boolean isMainFrame, JavaScriptReplyProxy replyProxy) {

// do something about view, message, sourceOrigin and isMainFrame.

replyProxy.postMessage("Got it!");

}

};

HashSet<String> allowedOriginRules = new HashSet<>(Arrays.asList("[https://example.com](https://example.com/)"));

// Add WebMessageListeners.

WebViewCompat.addWebMessageListener(webView, "replyObject", allowedOriginRules,myListener);

调用上述方法之后，在 JavaScript 上下文中我们就可以访问 myObject ，调用 postMessage 就可以回调 Native 端的 onPostMessage 方法并自动切换到主线程执行，当 Native 端需要发送消息给 WebView 时，可以通过 JavaScriptReplyProxy.postMessage 发送到 WebView ，并将消息传递给 onmessage 闭包。

// Web page (in JavaScript)
myObject.onmessage = function(event) {
  // prints "Got it!" when we receive the app's response.
  console.log(event.data);
}
myObject.postMessage("I'm ready!");

// Web page (in JavaScript)

myObject.onmessage = function(event) {

// prints "Got it!" when we receive the app's response.

console.log(event.data);

}

myObject.postMessage("I'm ready!");

文件传递

在以往的通讯机制中，如果我们想传递一个图片只能将其转换为 base64 等进行传输，如果曾经使用过 shouldOverrideUrlLoading 拦截 url 大概率会遇见传输瓶颈，AndroidX Webkit 中很贴心的提供了字节流传递机制。

Native 传递文件给 WebView

// App (in Java)
WebMessageListener myListener = new WebMessageListener() {
  @Override
  public void onPostMessage(WebView view, WebMessageCompat message, Uri sourceOrigin,
           boolean isMainFrame, JavaScriptReplyProxy replyProxy) {
    // Communication is setup, send file data to web.
    if (WebViewFeature.isFeatureSupported(WebViewFeature.WEB_MESSAGE_ARRAY_BUFFER)) {
      // Suppose readFileData method is to read content from file.
      byte[] fileData = readFileData("myFile.dat");
      replyProxy.postMessage(fileData);
    }
  }
}

// App (in Java)

WebMessageListener myListener = new WebMessageListener() {

@Override

public void onPostMessage(WebView view, WebMessageCompat message, Uri sourceOrigin,

boolean isMainFrame, JavaScriptReplyProxy replyProxy) {

// Communication is setup, send file data to web.

if (WebViewFeature.isFeatureSupported(WebViewFeature.WEB_MESSAGE_ARRAY_BUFFER)) {

// Suppose readFileData method is to read content from file.

byte[] fileData = readFileData("myFile.dat");

replyProxy.postMessage(fileData);

}

// Web page (in JavaScript)
myObject.onmessage = function(event) {
&nbsp; if (event.data instanceof ArrayBuffer) {
&nbsp; &nbsp; const data = event.data; &nbsp;// Received file content from app.
&nbsp; &nbsp; const dataView = new DataView(data);
&nbsp; &nbsp; // Consume file content by using JavaScript DataView to access ArrayBuffer.
&nbsp; }
}
myObject.postMessage("Setup!");

// Web page (in JavaScript)

myObject.onmessage = function(event) {

  if (event.data instanceof ArrayBuffer) {

    const data = event.data;  // Received file content from app.

    const dataView = new DataView(data);

    // Consume file content by using JavaScript DataView to access ArrayBuffer.

  }

myObject.postMessage("Setup!");

WebView 传递文件给 Native

// Web page (in JavaScript)
const response = await fetch('example.jpg');
if (response.ok) {
    const imageData = await response.arrayBuffer();
    myObject.postMessage(imageData);
}

// Web page (in JavaScript)

const response = await fetch('example.jpg');

if (response.ok) {

const imageData = await response.arrayBuffer();

myObject.postMessage(imageData);

}

// App (in Java)
WebMessageListener myListener = new WebMessageListener() {
  @Override
  public void onPostMessage(WebView view, WebMessageCompat message, Uri sourceOrigin,
           boolean isMainFrame, JavaScriptReplyProxy replyProxy) {
    if (message.getType() == WebMessageCompat.TYPE_ARRAY_BUFFER) {
      byte[] imageData = message.getArrayBuffer();
      // do something like draw image on ImageView.
    }
  }
};

// App (in Java)

WebMessageListener myListener = new WebMessageListener() {

@Override

public void onPostMessage(WebView view, WebMessageCompat message, Uri sourceOrigin,

boolean isMainFrame, JavaScriptReplyProxy replyProxy) {

if (message.getType() == WebMessageCompat.TYPE_ARRAY_BUFFER) {

byte[] imageData = message.getArrayBuffer();

// do something like draw image on ImageView.

}

};

深色主题的支持

Android 10 提供了深色主题的支持，但是在 WebView 中显示的网页却不会自动显示深色主题, 这就表现出严重的割裂感，开发者只能通过修改 css 来达到目的，但这往往费时费力还存在兼容性问题，Android 官方为了改善这一用户体验，为 WebView 提供了深色主题的适配。

一个网页如何表现是和prefers-color-scheme and color-scheme 这两个 Web 标准互操作的。 Android官方提供了一张表阐述了他们之间的关系。

上面这张图比较复杂，简单来说如果你想让 WebView 的内容和应用的主题相匹配，你应该始终定义深色主题并实现 prefers-color-scheme ,而对于未定义 prefers-color-scheme 的页面，系统按照不同的策略选择算法生成或者显示默认页面。

以 Android 12 或更低版本为目标平台的应用 API 设计过于复杂，以 Android 13 或更高版本为目标平台的应用精简了 API ，具体变更请参考官方文档

JavaScript and WebAssembly 执行引擎支持

我们有时候我们会在程序中运行 JavaScript 而不显示任何 Web 内容，比如小程序的逻辑层，使用 WebView 本能够满足我们的要求但是浪费了过多的资源，我们都知道在 WebView 中真正负责执行 JavaScript 的引擎是 V8 ，但是我们又无法直接使用，所以我们的安装包中出现了各种各样的引擎：Hermes、JSC 、V8等。

Android 发现了这”群雄割据“的局面，推出了AndroidX JavascriptEngine，JavascriptEngine 直接使用了 WebView 的 V8 实现，由于不用分配其他 WebView 资源所以资源分配更低，并可以开启多个独立运行的环境，还针对传递大量数据做了优化。

代码展示了执行 JavaScript 和 WebAssembly 代码的使用:

if(!JavaScriptSandbox.isSupported()){
return;
}
//连接到引擎
ListenableFuture<JavaScriptSandbox> jsSandboxFuture =
               JavaScriptSandbox.createConnectedInstanceAsync(context);
//创建上下文 上下文间有简单的数据隔离
JavaScriptIsolate jsIsolate = jsSandbox.createIsolate();
//执行函数 && 获取结果
final String code = "function sum(a, b) { let r = a + b; return r.toString(); }; sum(3, 4)";
ListenableFuture<String> resultFuture = jsIsolate.evaluateJavaScriptAsync(code);
String result = resultFuture.get(5, TimeUnit.SECONDS);
Futures.addCallback(resultFuture,
       new FutureCallback<String>() {
           @Override
           public void onSuccess(String result) {
               text.append(result);
           }
           @Override
           public void onFailure(Throwable t) {
               text.append(t.getMessage());
           }
       },
       mainThreadExecutor); //Wasm运行
final byte[] hello_world_wasm = {
   0x00 ,0x61 ,0x73 ,0x6d ,0x01 ,0x00 ,0x00 ,0x00 ,0x01 ,0x0a ,0x02 ,0x60 ,0x02 ,0x7f ,0x7f ,0x01,
   0x7f ,0x60 ,0x00 ,0x00 ,0x03 ,0x03 ,0x02 ,0x00 ,0x01 ,0x04 ,0x04 ,0x01 ,0x70 ,0x00 ,0x01 ,0x05,
   0x03 ,0x01 ,0x00 ,0x00 ,0x06 ,0x06 ,0x01 ,0x7f ,0x00 ,0x41 ,0x08 ,0x0b ,0x07 ,0x18 ,0x03 ,0x06,
   0x6d ,0x65 ,0x6d ,0x6f ,0x72 ,0x79 ,0x02 ,0x00 ,0x05 ,0x74 ,0x61 ,0x62 ,0x6c ,0x65 ,0x01 ,0x00,
   0x03 ,0x61 ,0x64 ,0x64 ,0x00 ,0x00 ,0x09 ,0x07 ,0x01 ,0x00 ,0x41 ,0x00 ,0x0b ,0x01 ,0x01 ,0x0a,
   0x0c ,0x02 ,0x07 ,0x00 ,0x20 ,0x00 ,0x20 ,0x01 ,0x6a ,0x0b ,0x02 ,0x00 ,0x0b,
};
final String jsCode = "android.consumeNamedDataAsArrayBuffer('wasm-1').then(" +
       "(value) => { return WebAssembly.compile(value).then(" +
       "(module) => { return new WebAssembly.Instance(module).exports.add(20, 22).toString(); }" +
       ")})";
boolean success = js.provideNamedData("wasm-1", hello_world_wasm);
if (success) {
    FluentFuture.from(js.evaluateJavaScriptAsync(jsCode))
           .transform(this::println, mainThreadExecutor)
           .catching(Throwable.class, e -> println(e.getMessage()), mainThreadExecutor);
} else {
   // the data chunk name has been used before, use a different name
}

if(!JavaScriptSandbox.isSupported()){

return;

}

//连接到引擎

ListenableFuture<JavaScriptSandbox> jsSandboxFuture =

JavaScriptSandbox.createConnectedInstanceAsync(context);

//创建上下文上下文间有简单的数据隔离

JavaScriptIsolate jsIsolate = jsSandbox.createIsolate();

//执行函数 && 获取结果

final String code = "function sum(a, b) { let r = a + b; return r.toString(); }; sum(3, 4)";

ListenableFuture<String> resultFuture = jsIsolate.evaluateJavaScriptAsync(code);

String result = resultFuture.get(5, TimeUnit.SECONDS);

Futures.addCallback(resultFuture,

new FutureCallback<String>() {

@Override

public void onSuccess(String result) {

text.append(result);

}

@Override

public void onFailure(Throwable t) {

text.append(t.getMessage());

}

mainThreadExecutor); //Wasm运行

final byte[] hello_world_wasm = {

0x00 ,0x61 ,0x73 ,0x6d ,0x01 ,0x00 ,0x00 ,0x00 ,0x01 ,0x0a ,0x02 ,0x60 ,0x02 ,0x7f ,0x7f ,0x01,

0x7f ,0x60 ,0x00 ,0x00 ,0x03 ,0x03 ,0x02 ,0x00 ,0x01 ,0x04 ,0x04 ,0x01 ,0x70 ,0x00 ,0x01 ,0x05,

0x03 ,0x01 ,0x00 ,0x00 ,0x06 ,0x06 ,0x01 ,0x7f ,0x00 ,0x41 ,0x08 ,0x0b ,0x07 ,0x18 ,0x03 ,0x06,

0x6d ,0x65 ,0x6d ,0x6f ,0x72 ,0x79 ,0x02 ,0x00 ,0x05 ,0x74 ,0x61 ,0x62 ,0x6c ,0x65 ,0x01 ,0x00,

0x03 ,0x61 ,0x64 ,0x64 ,0x00 ,0x00 ,0x09 ,0x07 ,0x01 ,0x00 ,0x41 ,0x00 ,0x0b ,0x01 ,0x01 ,0x0a,

0x0c ,0x02 ,0x07 ,0x00 ,0x20 ,0x00 ,0x20 ,0x01 ,0x6a ,0x0b ,0x02 ,0x00 ,0x0b,

};

final String jsCode = "android.consumeNamedDataAsArrayBuffer('wasm-1').then(" +

"(value) => { return WebAssembly.compile(value).then(" +

"(module) => { return new WebAssembly.Instance(module).exports.add(20, 22).toString(); }" +

")})";

boolean success = js.provideNamedData("wasm-1", hello_world_wasm);

if (success) {

FluentFuture.from(js.evaluateJavaScriptAsync(jsCode))

.transform(this::println, mainThreadExecutor)

.catching(Throwable.class, e -> println(e.getMessage()), mainThreadExecutor);

} else {

// the data chunk name has been used before, use a different name

}

参考链接

Flutter格式化排除代码段

前置条件

ubuntu 24.04.2 LTS

Visual Studio Code 1.98.2

Android Studio Meerkat | 2024.3.1

Flutter 3.29.1

问题描述

在使用 Flutter 编写代码的时候，如下代码进行格式化

final List<String> symbols = ["+", "@", "\\", "/", "*", "#", "\$", "&", "%"];                                                            
final List<String> digits = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9"];

1 2	final List<String> symbols = ["+", "@", "\\", "/", "*", "#", "\$", "&", "%"]; final List<String> digits = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9"];

可以发现格式化后的结果变成了如下的样子：

 final List<String> symbols = ["+", "@", "\\", "/", "*", "#", "\$", "&", "%"];                                                                   
 final List<String> digits = [                                                                                                                   
    "0",                                                                                                                                          
    "1",                                                                                                                                          
    "2",                                                                                                                                          
    "3",                                                                                                                                          
    "4",                                                                                                                                          
    "5",                                                                                                                                          
    "6",                                                                                                                                          
    "7",                                                                                                                                          
    "8",                                                                                                                                          
    "9"                                                                                                                                           
  ];

final List<String> symbols = ["+", "@", "\\", "/", "*", "#", "\$", "&", "%"];

final List<String> digits = [

"0",

"1",

"2",

"3",

"4",

"5",

"6",

"7",

"8",

"9"

];

这部分代码我们不希望格式化，尤其是编写加解密算法的时候，里面的置换数组格式化之后会完全乱掉。

可以使用

// @formatter:off

 ..........................

// @formatter:on

// @formatter:off

..........................

// @formatter:on

阻止格式化工具对具体代码块格式化。

比如如下代码：

import 'dart:convert';

import 'package:convert/convert.dart';

// ignore: constant_identifier_names
enum SM4CryptoMode { ECB, CBC }

class SM4 {
// @formatter:off
// ignore: constant_identifier_names
  static const List<int> S_BOX = [
    0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05,
    0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99,
    0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62,
    0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6,
    0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8,
    0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35,
    0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87,
    0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e,
    0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1,
    0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3,
    0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f,
    0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51,
    0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8,
    0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0,
    0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84,
    0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48
  ];

  // ignore: constant_identifier_names
  static const List<int> FK = [
    0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC
  ];

  // ignore: constant_identifier_names
  static const List<int> CK = [
    0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
    0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
    0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
    0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
    0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
    0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
    0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
    0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279
  ];
  // @formatter: on

  // ignore: constant_identifier_names
  static const int SM4_ENCRYPT = 1;

  // ignore: constant_identifier_names
  static const int SM4_DECRYPT = 0;

  static const int blockSize = 16;

  static final _encryptKey = List<int>.filled(32, 0);
  static final _decryptKey = List<int>.filled(32, 0);

  static int _leftShift(int x, int n

      ) {
    int s = n & 31;
    x = (x & 0xFFFFFFFF).toSigned(32);
    return (((x << s) | ((x & 0xFFFFFFFF) >> (32 - s))) & 0xFFFFFFFF)
        .toSigned(32);
  }

  static int _readUint32BE(List<int> b, int i) {
    return ((b[i] & 0xff) << 24) |
        ((b[i + 1] & 0xff) << 16) |
        ((b[i + 2] & 0xff) << 8) |
        (b[i + 3] & 0xff);
  }

  static void _writeUint32BE(int n, List<int> b, int i) {
    b[i] = ((n >> 24) & 0xff);
    b[i + 1] = ((n >> 16) & 0xff);
    b[i + 2] = ((n >> 8) & 0xff);
    b[i + 3] = n & 0xff;
  }

  static int _sBox(int inch) => S_BOX[inch & 0xFF];

  static int _sm4F(int x0, int x1, int x2, int x3, int rk) {
    final x = x1 ^ x2 ^ x3 ^ rk;
    int bb = 0;
    int c = 0;
    List<int> a = List<int>.filled(4, 0);
    List<int> b = List<int>.filled(4, 0);
    _writeUint32BE(x, a, 0);
    b[0] = _sBox(a[0]);
    b[1] = _sBox(a[1]);
    b[2] = _sBox(a[2]);
    b[3] = _sBox(a[3]);
    bb = _readUint32BE(b, 0);

    c = bb ^
        _leftShift(bb, 2) ^
        _leftShift(bb, 10) ^
        _leftShift(bb, 18) ^
        _leftShift(bb, 24);
    return x0 ^ c;
  }

  static int _calculateRoundKey(int key) {
    int roundKey = 0;
    List<int> keyBytes = List<int>.filled(4, 0);
    List<int> sBoxBytes = List<int>.filled(4, 0);
    _writeUint32BE(key, keyBytes, 0);
    for (int i = 0; i < 4; i++) {
      sBoxBytes[i] = _sBox(keyBytes[i]);
    }
    int temp = _readUint32BE(sBoxBytes, 0);
    roundKey = temp ^ _leftShift(temp, 13) ^ _leftShift(temp, 23);
    return roundKey;
  }

  static void setKey(String key) {
    final List<int> keyBytes = utf8.encoder.convert(key);
    final List<int> intermediateKeys = List<int>.filled(36, 0);
    for (int i = 0; i < 4; i++) {
      intermediateKeys[i] = _readUint32BE(keyBytes, i * 4) ^ FK[i];
    }
    for (int i = 0; i < 32; i++) {
      intermediateKeys[i + 4] = intermediateKeys[i] ^
          _calculateRoundKey(intermediateKeys[i + 1] ^
              intermediateKeys[i + 2] ^
              intermediateKeys[i + 3] ^
              CK[i]);
      _encryptKey[i] = intermediateKeys[i + 4];
    }

    for (int i = 0; i < 16; i++) {
      int temp = _encryptKey[i];
      _decryptKey[i] = _encryptKey[31 - i];
      _decryptKey[31 - i] = temp;
    }
  }

  static void _round(List<int> sk, List<int> input, List<int> output) {
    int i = 0;
    final List<int> buf = List<int>.filled(36, 0);
    buf[0] = _readUint32BE(input, 0);
    buf[1] = _readUint32BE(input, 4);
    buf[2] = _readUint32BE(input, 8);
    buf[3] = _readUint32BE(input, 12);
    while (i < 32) {
      buf[i + 4] =
          _sm4F(buf[i], buf[i + 1], buf[i + 2], buf[i + 3], sk[i]);
      i++;
    }

    _writeUint32BE(buf[35], output, 0);
    _writeUint32BE(buf[34], output, 4);
    _writeUint32BE(buf[33], output, 8);
    _writeUint32BE(buf[32], output, 12);
  }

  static List<int> _padding(List<int> input, int mode) {
    final int padLen = blockSize - (input.length % blockSize);

    if (mode == SM4_ENCRYPT) {
      final paddedList = List<int>.filled(input.length + padLen, 0);
      paddedList.setRange(0, input.length, input);
      for (int i = input.length; i < paddedList.length; i++) {
        paddedList[i] = padLen;
      }
      return paddedList;
    } else {
      final lastByte = input.last;
      final cutLen = input.length - lastByte;
      return input.sublist(0, cutLen);
    }
  }

  static List<int> crypto(
      List<int> data, int flag, SM4CryptoMode mode, String? iv) {
    late List<int> lastVector;
    if (mode == SM4CryptoMode.CBC) {
      if (iv == null || iv.length != 32) {
        throw Exception("IV must be a string of length 16");
      } else {
        lastVector = hex.decoder.convert(iv);
      }
    }
    final key = (flag == SM4_ENCRYPT) ? _encryptKey : _decryptKey;
    if (flag == SM4_ENCRYPT) {
      data = _padding(data, SM4_ENCRYPT);
    }
    final length = data.length;
    final List<int> output = [];

    for (int offset = 0; offset < length; offset += blockSize) {
      final outData = List<int>.filled(blockSize, 0);
      final copyLen =
          (offset + blockSize <= length) ? blockSize : length - offset;
      final input = data.sublist(offset, offset + copyLen);
      if (mode == SM4CryptoMode.CBC && flag == SM4_ENCRYPT) {
        for (int i = 0; i < blockSize; i++) {
          input[i] = input[i] ^ lastVector[i];
        }
      }
      _round(key, input, outData);

      if (mode == SM4CryptoMode.CBC && flag == SM4_DECRYPT) {
        for (int i = 0; i < blockSize; i++) {
          outData[i] ^= lastVector[i];
        }
      }
      output.addAll(outData);

      if (mode == SM4CryptoMode.CBC) {
        if (flag == SM4_ENCRYPT) {
          lastVector = outData;
        } else {
          lastVector = input;
        }
      }
    }
    if (flag == SM4_DECRYPT) {
      return _padding(output, SM4_DECRYPT);
    }
    return output;
  }

  static String encrypt(String plainText,
      {String? key, SM4CryptoMode mode = SM4CryptoMode.ECB, String? iv}) {
    if (key != null) setKey(key);
    final List<int> input = utf8.encode(plainText);
    final List<int> output = crypto(input, SM4_ENCRYPT, mode, iv);
    return hex.encoder.convert(output);
  }

  static decrypt(String cipherText,
      {String? key, SM4CryptoMode mode = SM4CryptoMode.ECB, String? iv}) {
    if (key != null) setKey(key);
    List<int> input = hex.decoder.convert(cipherText);
    List<int> output = crypto(input, SM4_DECRYPT, mode, iv);
    return utf8.decode(output);
  }
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

import 'dart:convert';

import 'package:convert/convert.dart';

// ignore: constant_identifier_names

enum SM4CryptoMode { ECB, CBC }

class SM4 {

// @formatter:off

// ignore: constant_identifier_names

static const List<int> S_BOX = [

0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05,

0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99,

0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62,

0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6,

0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8,

0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35,

0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87,

0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e,

0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1,

0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3,

0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f,

0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51,

0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8,

0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0,

0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84,

0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48

];

// ignore: constant_identifier_names

static const List<int> FK = [

0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC

];

// ignore: constant_identifier_names

static const List<int> CK = [

0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,

0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,

0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,

0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,

0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,

0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,

0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,

0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279

];

// @formatter: on

// ignore: constant_identifier_names

static const int SM4_ENCRYPT = 1;

// ignore: constant_identifier_names

static const int SM4_DECRYPT = 0;

static const int blockSize = 16;

static final _encryptKey = List<int>.filled(32, 0);

static final _decryptKey = List<int>.filled(32, 0);

static int _leftShift(int x, int n

) {

int s = n & 31;

x = (x & 0xFFFFFFFF).toSigned(32);

return (((x << s) | ((x & 0xFFFFFFFF) >> (32 - s))) & 0xFFFFFFFF)

.toSigned(32);

}

static int _readUint32BE(List<int> b, int i) {

return ((b[i] & 0xff) << 24) |

((b[i + 1] & 0xff) << 16) |

((b[i + 2] & 0xff) << 8) |

(b[i + 3] & 0xff);

}

static void _writeUint32BE(int n, List<int> b, int i) {

b[i] = ((n >> 24) & 0xff);

b[i + 1] = ((n >> 16) & 0xff);

b[i + 2] = ((n >> 8) & 0xff);

b[i + 3] = n & 0xff;

}

static int _sBox(int inch) => S_BOX[inch & 0xFF];

static int _sm4F(int x0, int x1, int x2, int x3, int rk) {

final x = x1 ^ x2 ^ x3 ^ rk;

int bb = 0;

int c = 0;

List<int> a = List<int>.filled(4, 0);

List<int> b = List<int>.filled(4, 0);

_writeUint32BE(x, a, 0);

b[0] = _sBox(a[0]);

b[1] = _sBox(a[1]);

b[2] = _sBox(a[2]);

b[3] = _sBox(a[3]);

bb = _readUint32BE(b, 0);

c = bb ^

_leftShift(bb, 2) ^

_leftShift(bb, 10) ^

_leftShift(bb, 18) ^

_leftShift(bb, 24);

return x0 ^ c;

}

static int _calculateRoundKey(int key) {

int roundKey = 0;

List<int> keyBytes = List<int>.filled(4, 0);

List<int> sBoxBytes = List<int>.filled(4, 0);

_writeUint32BE(key, keyBytes, 0);

for (int i = 0; i < 4; i++) {

sBoxBytes[i] = _sBox(keyBytes[i]);

}

int temp = _readUint32BE(sBoxBytes, 0);

roundKey = temp ^ _leftShift(temp, 13) ^ _leftShift(temp, 23);

return roundKey;

}

static void setKey(String key) {

final List<int> keyBytes = utf8.encoder.convert(key);

final List<int> intermediateKeys = List<int>.filled(36, 0);

for (int i = 0; i < 4; i++) {

intermediateKeys[i] = _readUint32BE(keyBytes, i * 4) ^ FK[i];

}

for (int i = 0; i < 32; i++) {

intermediateKeys[i + 4] = intermediateKeys[i] ^

_calculateRoundKey(intermediateKeys[i + 1] ^

intermediateKeys[i + 2] ^

intermediateKeys[i + 3] ^

CK[i]);

_encryptKey[i] = intermediateKeys[i + 4];

}

for (int i = 0; i < 16; i++) {

int temp = _encryptKey[i];

_decryptKey[i] = _encryptKey[31 - i];

_decryptKey[31 - i] = temp;

}

static void _round(List<int> sk, List<int> input, List<int> output) {

int i = 0;

final List<int> buf = List<int>.filled(36, 0);

buf[0] = _readUint32BE(input, 0);

buf[1] = _readUint32BE(input, 4);

buf[2] = _readUint32BE(input, 8);

buf[3] = _readUint32BE(input, 12);

while (i < 32) {

buf[i + 4] =

_sm4F(buf[i], buf[i + 1], buf[i + 2], buf[i + 3], sk[i]);

i++;

}

_writeUint32BE(buf[35], output, 0);

_writeUint32BE(buf[34], output, 4);

_writeUint32BE(buf[33], output, 8);

_writeUint32BE(buf[32], output, 12);

}

static List<int> _padding(List<int> input, int mode) {

final int padLen = blockSize - (input.length % blockSize);

if (mode == SM4_ENCRYPT) {

final paddedList = List<int>.filled(input.length + padLen, 0);

paddedList.setRange(0, input.length, input);

for (int i = input.length; i < paddedList.length; i++) {

paddedList[i] = padLen;

}

return paddedList;

} else {

final lastByte = input.last;

final cutLen = input.length - lastByte;

return input.sublist(0, cutLen);

}

static List<int> crypto(

List<int> data, int flag, SM4CryptoMode mode, String? iv) {

late List<int> lastVector;

if (mode == SM4CryptoMode.CBC) {

if (iv == null || iv.length != 32) {

throw Exception("IV must be a string of length 16");

} else {

lastVector = hex.decoder.convert(iv);

}

final key = (flag == SM4_ENCRYPT) ? _encryptKey : _decryptKey;

if (flag == SM4_ENCRYPT) {

data = _padding(data, SM4_ENCRYPT);

}

final length = data.length;

final List<int> output = [];

for (int offset = 0; offset < length; offset += blockSize) {

final outData = List<int>.filled(blockSize, 0);

final copyLen =

(offset + blockSize <= length) ? blockSize : length - offset;

final input = data.sublist(offset, offset + copyLen);

if (mode == SM4CryptoMode.CBC && flag == SM4_ENCRYPT) {

for (int i = 0; i < blockSize; i++) {

input[i] = input[i] ^ lastVector[i];

}

_round(key, input, outData);

if (mode == SM4CryptoMode.CBC && flag == SM4_DECRYPT) {

for (int i = 0; i < blockSize; i++) {

outData[i] ^= lastVector[i];

}

output.addAll(outData);

if (mode == SM4CryptoMode.CBC) {

if (flag == SM4_ENCRYPT) {

lastVector = outData;

} else {

lastVector = input;

}

if (flag == SM4_DECRYPT) {

return _padding(output, SM4_DECRYPT);

}

return output;

}

static String encrypt(String plainText,

{String? key, SM4CryptoMode mode = SM4CryptoMode.ECB, String? iv}) {

if (key != null) setKey(key);

final List<int> input = utf8.encode(plainText);

final List<int> output = crypto(input, SM4_ENCRYPT, mode, iv);

return hex.encoder.convert(output);

}

static decrypt(String cipherText,

{String? key, SM4CryptoMode mode = SM4CryptoMode.ECB, String? iv}) {

if (key != null) setKey(key);

List<int> input = hex.decoder.convert(cipherText);

List<int> output = crypto(input, SM4_DECRYPT, mode, iv);

return utf8.decode(output);

}

参考链接

在Visual Studio Code中调试Flutter Dart代码报错未验证断点（Unverified Breakpoint）

前置条件

ubuntu 24.04.2 LTS

Visual Studio Code 1.98.2

Flutter 3.29.1

问题描述

在使用 Visual Studio Code 调试 Flutter 代码的时候，如果在依赖库的代码中设置断点，会无法断点，并且提示断点未验证，"Unverified Breakpoint"。

如下图：

继续阅读在Visual Studio Code中调试Flutter Dart代码报错未验证断点（Unverified Breakpoint）

解决WordPress恶意搜索攻击(网址/?s=****)

最近网站被恶意搜索攻击，收到腾讯云的内容违规通知，内容如下：

这种恶意搜索攻击，其实非常简单，就是通过既定的网址结构不断对网站发起不良关键词搜索访问，比如 WordPress 的搜索网址结构为 域名/?s=搜索词，而且可能还会顺便将访问的地址推送到各大搜索引擎，加快这些恶意网址的收录。这样，你的网站就会沦为这些不法之徒传播不良信息的渠道，这对网站排名是非常不利的，甚至可能会直接被搜索引擎拉入黑名单。

解决方案如下：

1、禁止搜索引擎收录搜索结果页

搜索结果页一般我们都不推荐被收录，所以建议大家还是禁止收录。现在几乎所有搜索引擎都遵循 robots.txt 的规则，也就是我们可以通过 robots.txt 定义规则，阻止搜索引擎收录搜索结果页面。我们可以在网站根目录，创建一个 robots.txt 文件，填入下面的内容：

Disallow: /?s=*

1	Disallow: /?s=*

这样就禁止搜索引擎收录 WordPress 搜索结果页面。

2、在搜索结果为零时，跳转到首页

网上的做法都是直接禁用 WordPress 自带的搜索功能，只是其实这个自带的搜索功能还是蛮好用的，而且目前也没有对服务器造成很大的压力。我这边的想法是保留搜索功能，只是当搜索结果不存在的时候，自动跳转到首页。

目前测试到可行的办法是直接在主题的 functions.php 中增加如下代码：

<?php 
  // 搜索文章内容，搜索结果为零时，跳转到首页
  // 解决腾讯云通报内容违规问题 http://www.mobibrw.com/?s=违规词
  add_action( 'template_redirect', 'redirect_empty_search_results' );

  function redirect_empty_search_results() {
    global $wp_query;
    if ( is_search() && $wp_query->found_posts == 0 ) {
        wp_redirect( home_url() );
        exit();
    }
  }
?>

<?php

// 搜索文章内容，搜索结果为零时，跳转到首页

// 解决腾讯云通报内容违规问题 http://www.mobibrw.com/?s=违规词

add_action( 'template_redirect', 'redirect_empty_search_results' );

function redirect_empty_search_results() {

global $wp_query;

if ( is_search() && $wp_query->found_posts == 0 ) {

wp_redirect( home_url() );

exit();

}

曾经试过在主题的 content-none.php 中通过 wp_redirect 进行跳转，虽然可见内容不存在了，但是页面源代码中会出现搜索词标签，因此不可行。

测试代码：

$ curl "http://www.mobibrw.com/?s=违规词" | grep "违规词"

1	$ curl "http://www.mobibrw.com/?s=违规词" \| grep "违规词"

也曾经测试过自定义 searchform.php ，也是存在上述问题。

自定义 404.php 是无效的。搜索关键词过滤又实在是太多了，还不如搜索不到结果就返回首页更简单。

参考链接

解决 fetch-pack: unexpected disconnect while reading sideband packet fatal: early EOF fatal: fetch-pack

在克隆仓库或者拉取代码的时候出现类似如下错误:

$ git clone https://github.com/WebPlatformForEmbedded/WPEWebKit.git
Cloning into 'WPEWebKit'…
remote: Enumerating objects: 5893112, done.
remote: Counting objects: 100% (2540/2540), done.
remote: Compressing objects: 100% (1256/1256), done.
client_loop: send disconnect: Broken pipeB | 770.00 KiB/s
fetch-pack: unexpected disconnect while reading sideband packet
fatal: early EOF
fatal: fetch-pack: invalid index-pack output

$ git clone https://github.com/WebPlatformForEmbedded/WPEWebKit.git

Cloning into 'WPEWebKit'…

remote: Enumerating objects: 5893112, done.

remote: Counting objects: 100% (2540/2540), done.

remote: Compressing objects: 100% (1256/1256), done.

client_loop: send disconnect: Broken pipeB | 770.00 KiB/s

fetch-pack: unexpected disconnect while reading sideband packet

fatal: early EOF

fatal: fetch-pack: invalid index-pack output

$ git clone https://github.com/WebPlatformForEmbedded/WPEWebKit.git
正克隆到 'WPEWebKit'...
remote: Enumerating objects: 5893112, done.
remote: Counting objects: 100% (2540/2540), done.
remote: Compressing objects: 100% (1256/1256), done.
错误：RPC 失败。curl 56 Recv failure: Operation timed out  
错误：预期仍然需要 1329 个字节的正文
fetch-pack: unexpected disconnect while reading sideband packet
致命错误：过早的文件结束符（EOF）
致命错误：fetch-pack：无效的 index-pack 输出

$ git clone https://github.com/WebPlatformForEmbedded/WPEWebKit.git

正克隆到 'WPEWebKit'...

remote: Enumerating objects: 5893112, done.

remote: Counting objects: 100% (2540/2540), done.

remote: Compressing objects: 100% (1256/1256), done.

错误：RPC 失败。curl 56 Recv failure: Operation timed out

错误：预期仍然需要 1329 个字节的正文

fetch-pack: unexpected disconnect while reading sideband packet

致命错误：过早的文件结束符（EOF）

致命错误：fetch-pack：无效的 index-pack 输出

解决方法：

主要是由于仓库内容比较大，或者仓库中有比较大的文件，由于 http 协议 或者传输数据大小限制导致的，可以通过设置如下参数解决：

$ git config --global http.postBuffer 524288000

$ git config --global http.version HTTP/1.1

# 如果网络环境不太好，可以通过增加下面的参数，降低失败率

$ git config --global http.lowSpeedLimit 0 

$ git config --global http.lowSpeedTime 999999

$ git config --global http.postBuffer 524288000

$ git config --global http.version HTTP/1.1

# 如果网络环境不太好，可以通过增加下面的参数，降低失败率

$ git config --global http.lowSpeedLimit 0

$ git config --global http.lowSpeedTime 999999

参考链接

解决fetch-pack: unexpected disconnect while reading sideband packet fatal: early EOF fatal: fetch-pack

ubuntu 24.04编译webkitgtk

前置条件

ubuntu 24.04.2 LTS

解决方案

# Could NOT find Ruby (missing: Ruby_EXECUTABLE Ruby_INCLUDE_DIR Ruby_LIBRARY) (Required is at least version "2.5")
$ sudo apt install ruby

# Could NOT find GLIB (missing: GLIB_INCLUDE_DIRS GLIB_LIBRARIES
$ sudo apt install libglib2.0-dev

# Could NOT find Cairo (missing: Cairo_LIBRARY Cairo_INCLUDE_DIR) (Required is at least version "1.16.0")
$ sudo apt install libcaribou-dev

# Could NOT find LibGcrypt (missing: LibGcrypt_LIBRARY LibGcrypt_INCLUDE_DIR
$ sudo apt install libgcrypt-dev

# Could NOT find Libtasn1 (missing: LIBTASN1_LIBRARIES)
$ sudo apt install libtasn1-dev

# Could NOT find SQLite3 (missing: SQLite3_INCLUDE_DIR SQLite3_LIBRARY)
$ sudo apt install libsqlite3-dev

# Could NOT find GTK (missing: GTK_VERSION) (Required is at least version
$ sudo apt install libgtk-4-dev

# Could NOT find LibSoup: (Required is at least version "3.0.0") (found LIBSOUP_INCLUDE_DIRS-NOTFOUND)
$ sudo apt install libsoup-3.0-dev

# Could NOT find Manette (missing: Manette_INCLUDE_DIR Manette_LIBRARY) (Required is at least version "0.2.4")
$ sudo apt install libmanette-0.2-dev

# Could NOT find LibXslt (missing: LIBXSLT_LIBRARIES LIBXSLT_INCLUDE_DIR)
$ sudo apt install libxslt1-dev

# Could NOT find Libsecret (missing: LIBSECRET_INCLUDE_DIRS LIBSECRET_LIBRARIES) 
$ sudo apt install libsecret-1-dev 

# Could NOT find GI (missing: GI_SCANNER_EXE GI_COMPILER_EXE) 
$ sudo apt install gobject-introspection

# Could NOT find GIDocgen (missing: GIDocgen_EXE GIDocgen_VERSION) 
$ sudo apt install gi-docgen

# Could NOT find LibDRM (missing: LibDRM_INCLUDE_DIR LibDRM_LIBRARY)
$ sudo apt install libdrm-dev

# Could NOT find GBM (missing: GBM_LIBRARY GBM_INCLUDE_DIR)
$ sudo apt install libgbm-dev

# Could NOT find Flite (missing: Flite_INCLUDE_DIR Flite_LIBRARY) (Required is at least version "2.2")
$ sudo apt install flite1-dev

#  Package 'enchant-2', required by 'virtual:world', not found
$ sudo apt install libenchant-2-dev

# Could NOT find JPEGXL (missing: JPEGXL_LIBRARY JPEGXL_INCLUDE_DIR) (Required is at least version "0.7.0")
$ sudo apt install libjxl-dev

# Could NOT find Hyphen (missing: HYPHEN_INCLUDE_DIR HYPHEN_LIBRARIES)
$ sudo apt install libhyphen-dev

# Could NOT find WOFF2 (missing: WOFF2_LIBRARY _WOFF2_REQUIRED_LIBS_FOUND) (Required is at least version "1.0.2")
$ sudo apt install libwoff-dev

# Could NOT find AVIF (missing: AVIF_INCLUDE_DIR AVIF_LIBRARY) (Required is at least version "0.9.0")
$ sudo apt install libavif-dev

# Could NOT find Journald (missing: Journald_LIBRARY Journald_INCLUDE_DIR) 
$ sudo apt install libsystemd-dev

# Could NOT find LibBacktrace (missing: LIBBACKTRACE_INCLUDE_DIR LIBBACKTRACE_LIBRARY) 
# -DUSE_LIBBACKTRACE=OFF

# Could NOT find Libseccomp (missing: Libseccomp_LIBRARY Libseccomp_INCLUDE_DIR)
$ sudo apt install libseccomp-dev

# WebAudio requires the audio and fft GStreamer libraries. Please check your gst-plugins-base installation.
$ sudo apt install libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev

# GStreamerTranscoder >= 1.20 is needed for USE_GSTREAMER_TRANSCODER.
$ sudo apt install libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libgstreamer-plugins-bad1.0-dev gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-libav gstreamer1.0-tools gstreamer1.0-x gstreamer1.0-alsa gstreamer1.0-gl gstreamer1.0-gtk3 gstreamer1.0-qt5 gstreamer1.0-pulseaudio

# Could NOT find Gperf (missing: GPERF_EXECUTABLE) (Required is at least version "3.0.1")
$ sudo apt install gperf

# Could NOT find Unifdef (missing: UNIFDEF_EXECUTABLE)
$ sudo apt install unifdef

# Could NOT find Gettext (missing: GETTEXT_MSGMERGE_EXECUTABLE GETTEXT_MSGFMT_EXECUTABLE) 
$ sudo apt install gettext

$ sudo apt install git

$ sudo apt install bzip2 make perl cmake ninja-build clang

# git clone https://gitee.com/mirrors/WebKit.git webkit
$ git clone https://github.com/webkit/webkit.git

$ cd webkit

$ git checkout -b webkitgtk-2.48.0

$ mkdir build

$ cd build

# c++: error: unrecognized command-line option ‘-fcolor-diagnostics’ 
# c++: error: unrecognized command-line option ‘-Qunused-arguments’ 
# 指定 clang 编译 -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C_COMPILER=/usr/bin/clang

# 包含调试符号 -DCMAKE_BUILD_TYPE=RelWithDebInfo

$ cmake ../ -DPORT=GTK -DUSE_LIBBACKTRACE=OFF -DENABLE_GAMEPAD=OFF -DENABLE_BUBBLEWRAP_SANDBOX=OFF -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C_COMPILER=/usr/bin/clang -GNinja ..

# cmake ../ -DPORT=GTK -DUSE_LIBBACKTRACE=OFF -DENABLE_GAMEPAD=OFF -DENABLE_BUBBLEWRAP_SANDBOX=OFF -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C_COMPILER=/usr/bin/clang -DENABLE_DOCUMENTATION=OFF -DENABLE_WEB_AUDIO=OFF -DUSE_AVIF=OFF -DUSE_GSTREAMER_TRANSCODER=OFF -DENABLE_WEBDRIVER=OFF -DUSE_WOFF2=OFF -GNinja ..

$ ninja

# 执行安装
$ sudo ninja install

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

# Could NOT find Ruby (missing: Ruby_EXECUTABLE Ruby_INCLUDE_DIR Ruby_LIBRARY) (Required is at least version "2.5")

$ sudo apt install ruby

# Could NOT find GLIB (missing: GLIB_INCLUDE_DIRS GLIB_LIBRARIES

$ sudo apt install libglib2.0-dev

# Could NOT find Cairo (missing: Cairo_LIBRARY Cairo_INCLUDE_DIR) (Required is at least version "1.16.0")

$ sudo apt install libcaribou-dev

# Could NOT find LibGcrypt (missing: LibGcrypt_LIBRARY LibGcrypt_INCLUDE_DIR

$ sudo apt install libgcrypt-dev

# Could NOT find Libtasn1 (missing: LIBTASN1_LIBRARIES)

$ sudo apt install libtasn1-dev

# Could NOT find SQLite3 (missing: SQLite3_INCLUDE_DIR SQLite3_LIBRARY)

$ sudo apt install libsqlite3-dev

# Could NOT find GTK (missing: GTK_VERSION) (Required is at least version

$ sudo apt install libgtk-4-dev

# Could NOT find LibSoup: (Required is at least version "3.0.0") (found LIBSOUP_INCLUDE_DIRS-NOTFOUND)

$ sudo apt install libsoup-3.0-dev

# Could NOT find Manette (missing: Manette_INCLUDE_DIR Manette_LIBRARY) (Required is at least version "0.2.4")

$ sudo apt install libmanette-0.2-dev

# Could NOT find LibXslt (missing: LIBXSLT_LIBRARIES LIBXSLT_INCLUDE_DIR)

$ sudo apt install libxslt1-dev

# Could NOT find Libsecret (missing: LIBSECRET_INCLUDE_DIRS LIBSECRET_LIBRARIES)

$ sudo apt install libsecret-1-dev

# Could NOT find GI (missing: GI_SCANNER_EXE GI_COMPILER_EXE)

$ sudo apt install gobject-introspection

# Could NOT find GIDocgen (missing: GIDocgen_EXE GIDocgen_VERSION)

$ sudo apt install gi-docgen

# Could NOT find LibDRM (missing: LibDRM_INCLUDE_DIR LibDRM_LIBRARY)

$ sudo apt install libdrm-dev

# Could NOT find GBM (missing: GBM_LIBRARY GBM_INCLUDE_DIR)

$ sudo apt install libgbm-dev

# Could NOT find Flite (missing: Flite_INCLUDE_DIR Flite_LIBRARY) (Required is at least version "2.2")

$ sudo apt install flite1-dev

# Package 'enchant-2', required by 'virtual:world', not found

$ sudo apt install libenchant-2-dev

# Could NOT find JPEGXL (missing: JPEGXL_LIBRARY JPEGXL_INCLUDE_DIR) (Required is at least version "0.7.0")

$ sudo apt install libjxl-dev

# Could NOT find Hyphen (missing: HYPHEN_INCLUDE_DIR HYPHEN_LIBRARIES)

$ sudo apt install libhyphen-dev

# Could NOT find WOFF2 (missing: WOFF2_LIBRARY _WOFF2_REQUIRED_LIBS_FOUND) (Required is at least version "1.0.2")

$ sudo apt install libwoff-dev

# Could NOT find AVIF (missing: AVIF_INCLUDE_DIR AVIF_LIBRARY) (Required is at least version "0.9.0")

$ sudo apt install libavif-dev

# Could NOT find Journald (missing: Journald_LIBRARY Journald_INCLUDE_DIR)

$ sudo apt install libsystemd-dev

# Could NOT find LibBacktrace (missing: LIBBACKTRACE_INCLUDE_DIR LIBBACKTRACE_LIBRARY)

# -DUSE_LIBBACKTRACE=OFF

# Could NOT find Libseccomp (missing: Libseccomp_LIBRARY Libseccomp_INCLUDE_DIR)

$ sudo apt install libseccomp-dev

# WebAudio requires the audio and fft GStreamer libraries. Please check your gst-plugins-base installation.

$ sudo apt install libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev

# GStreamerTranscoder >= 1.20 is needed for USE_GSTREAMER_TRANSCODER.

$ sudo apt install libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libgstreamer-plugins-bad1.0-dev gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad gstreamer1.0-plugins-ugly gstreamer1.0-libav gstreamer1.0-tools gstreamer1.0-x gstreamer1.0-alsa gstreamer1.0-gl gstreamer1.0-gtk3 gstreamer1.0-qt5 gstreamer1.0-pulseaudio

# Could NOT find Gperf (missing: GPERF_EXECUTABLE) (Required is at least version "3.0.1")

$ sudo apt install gperf

# Could NOT find Unifdef (missing: UNIFDEF_EXECUTABLE)

$ sudo apt install unifdef

# Could NOT find Gettext (missing: GETTEXT_MSGMERGE_EXECUTABLE GETTEXT_MSGFMT_EXECUTABLE)

$ sudo apt install gettext

$ sudo apt install git

$ sudo apt install bzip2 make perl cmake ninja-build clang

# git clone https://gitee.com/mirrors/WebKit.git webkit

$ git clone https://github.com/webkit/webkit.git

$ cd webkit

$ git checkout -b webkitgtk-2.48.0

$ mkdir build

$ cd build

# c++: error: unrecognized command-line option ‘-fcolor-diagnostics’

# c++: error: unrecognized command-line option ‘-Qunused-arguments’

# 指定 clang 编译 -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C_COMPILER=/usr/bin/clang

# 包含调试符号 -DCMAKE_BUILD_TYPE=RelWithDebInfo

$ cmake ../ -DPORT=GTK -DUSE_LIBBACKTRACE=OFF -DENABLE_GAMEPAD=OFF -DENABLE_BUBBLEWRAP_SANDBOX=OFF -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C_COMPILER=/usr/bin/clang -GNinja ..

# cmake ../ -DPORT=GTK -DUSE_LIBBACKTRACE=OFF -DENABLE_GAMEPAD=OFF -DENABLE_BUBBLEWRAP_SANDBOX=OFF -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C_COMPILER=/usr/bin/clang -DENABLE_DOCUMENTATION=OFF -DENABLE_WEB_AUDIO=OFF -DUSE_AVIF=OFF -DUSE_GSTREAMER_TRANSCODER=OFF -DENABLE_WEBDRIVER=OFF -DUSE_WOFF2=OFF -GNinja ..

$ ninja

# 执行安装

$ sudo ninja install

参考链接

Flutter多平台打包发布

flutter_distributor是一个强大的工具，支持跨平台发布和高级打包选项。

安装

确保 flutter_distributor 已安装：

$ dart pub global activate flutter_distributor

1	$ dart pub global activate flutter_distributor

配置文件

为高级打包配置所需的文件：

macOS:

如果打包 DMG 安装包：macos/packaging/dmg/make_config.yaml

title: 应用名称
contents:
  - x: 448
    y: 244
    type: link
    path: "/Applications"
  - x: 192
    y: 244
    type: file
    path: 应用名称.app

title: 应用名称

contents:

- x: 448

y: 244

type: link

path: "/Applications"

- x: 192

y: 244

type: file

path: 应用名称.app

如果打包 PKG 安装包：macos/packaging/pkg/make_config.yaml

macos/packaging/pkg/make_config.yaml
YAML

install-path: /Applications #sign-identity: <your-sign-identity>

1
2

install-path: /Applications
#sign-identity: <your-sign-identity>
distribute_options.yaml

distribute_options.yaml
YAML

output: dist/

1

output: dist/

Windows:

如果打包 exe 安装包：windows/packaging/exe/inno_setup.sas

[Setup]
AppId={{APP_ID}}
AppVersion={{APP_VERSION}}
AppName={{DISPLAY_NAME}}
AppPublisher={{PUBLISHER_NAME}}
AppPublisherURL={{PUBLISHER_URL}}
AppSupportURL={{PUBLISHER_URL}}
AppUpdatesURL={{PUBLISHER_URL}}
DefaultDirName={{INSTALL_DIR_NAME}}
DisableProgramGroupPage=yes
OutputDir=.
OutputBaseFilename={{OUTPUT_BASE_FILENAME}}
Compression=lzma
SolidCompression=yes
SetupIconFile={{SETUP_ICON_FILE}}
WizardStyle=modern
PrivilegesRequired={{PRIVILEGES_REQUIRED}}
ArchitecturesAllowed=x64
ArchitecturesInstallIn64BitMode=x64
CloseApplications=force

[Languages]
{% for locale in LOCALES %}
{% if locale == 'en' %}Name: "english"; MessagesFile: "compiler:Default.isl"{% endif %}
{% if locale == 'hy' %}Name: "armenian"; MessagesFile: "compiler:Languages\\Armenian.isl"{% endif %}
{% if locale == 'bg' %}Name: "bulgarian"; MessagesFile: "compiler:Languages\\Bulgarian.isl"{% endif %}
{% if locale == 'ca' %}Name: "catalan"; MessagesFile: "compiler:Languages\\Catalan.isl"{% endif %}
{% if locale == 'zh' %}Name: "chinesesimplified"; MessagesFile: "compiler:Languages\\ChineseSimplified.isl"{% endif %}
{% if locale == 'co' %}Name: "corsican"; MessagesFile: "compiler:Languages\\Corsican.isl"{% endif %}
{% if locale == 'cs' %}Name: "czech"; MessagesFile: "compiler:Languages\\Czech.isl"{% endif %}
{% if locale == 'da' %}Name: "danish"; MessagesFile: "compiler:Languages\\Danish.isl"{% endif %}
{% if locale == 'nl' %}Name: "dutch"; MessagesFile: "compiler:Languages\\Dutch.isl"{% endif %}
{% if locale == 'fi' %}Name: "finnish"; MessagesFile: "compiler:Languages\\Finnish.isl"{% endif %}
{% if locale == 'fr' %}Name: "french"; MessagesFile: "compiler:Languages\\French.isl"{% endif %}
{% if locale == 'de' %}Name: "german"; MessagesFile: "compiler:Languages\\German.isl"{% endif %}
{% if locale == 'he' %}Name: "hebrew"; MessagesFile: "compiler:Languages\\Hebrew.isl"{% endif %}
{% if locale == 'is' %}Name: "icelandic"; MessagesFile: "compiler:Languages\\Icelandic.isl"{% endif %}
{% if locale == 'it' %}Name: "italian"; MessagesFile: "compiler:Languages\\Italian.isl"{% endif %}
{% if locale == 'ja' %}Name: "japanese"; MessagesFile: "compiler:Languages\\Japanese.isl"{% endif %}
{% if locale == 'no' %}Name: "norwegian"; MessagesFile: "compiler:Languages\\Norwegian.isl"{% endif %}
{% if locale == 'pl' %}Name: "polish"; MessagesFile: "compiler:Languages\\Polish.isl"{% endif %}
{% if locale == 'pt' %}Name: "portuguese"; MessagesFile: "compiler:Languages\\Portuguese.isl"{% endif %}
{% if locale == 'ru' %}Name: "russian"; MessagesFile: "compiler:Languages\\Russian.isl"{% endif %}
{% if locale == 'sk' %}Name: "slovak"; MessagesFile: "compiler:Languages\\Slovak.isl"{% endif %}
{% if locale == 'sl' %}Name: "slovenian"; MessagesFile: "compiler:Languages\\Slovenian.isl"{% endif %}
{% if locale == 'es' %}Name: "spanish"; MessagesFile: "compiler:Languages\\Spanish.isl"{% endif %}
{% if locale == 'tr' %}Name: "turkish"; MessagesFile: "compiler:Languages\\Turkish.isl"{% endif %}
{% if locale == 'uk' %}Name: "ukrainian"; MessagesFile: "compiler:Languages\\Ukrainian.isl"{% endif %}
{% endfor %}

[Tasks]
Name: "desktopicon"; Description: "{cm:CreateDesktopIcon}"; GroupDescription: "{cm:AdditionalIcons}"; Flags: {% if CREATE_DESKTOP_ICON != true %}unchecked{% else %}checkedonce{% endif %}
Name: "launchAtStartup"; Description: "{cm:AutoStartProgram,{{DISPLAY_NAME}}}"; GroupDescription: "{cm:AdditionalIcons}"; Flags: {% if LAUNCH_AT_STARTUP != true %}unchecked{% else %}checkedonce{% endif %}
[Files]
Source: "{{SOURCE_DIR}}\\*"; DestDir: "{app}"; Flags: ignoreversion recursesubdirs createallsubdirs
; NOTE: Don't use "Flags: ignoreversion" on any shared system files

[Icons]
Name: "{autoprograms}\\{{DISPLAY_NAME}}"; Filename: "{app}\\{{EXECUTABLE_NAME}}"
Name: "{autodesktop}\\{{DISPLAY_NAME}}"; Filename: "{app}\\{{EXECUTABLE_NAME}}"; Tasks: desktopicon
Name: "{userstartup}\\{{DISPLAY_NAME}}"; Filename: "{app}\\{{EXECUTABLE_NAME}}"; WorkingDir: "{app}"; Tasks: launchAtStartup
[Run]
Filename: "{app}\\{{EXECUTABLE_NAME}}"; Description: "{cm:LaunchProgram,{{DISPLAY_NAME}}}"; Flags: {% if PRIVILEGES_REQUIRED == 'admin' %}runascurrentuser{% endif %} nowait postinstall skipifsilent


[Code]
function InitializeSetup(): Boolean;
var
  ResultCode: Integer;
begin
  Exec('taskkill', '/F /IM 应用名称.exe', '', SW_HIDE, ewWaitUntilTerminated, ResultCode)
  Result := True;
end;

[Setup]

AppId={{APP_ID}}

AppVersion={{APP_VERSION}}

AppName={{DISPLAY_NAME}}

AppPublisher={{PUBLISHER_NAME}}

AppPublisherURL={{PUBLISHER_URL}}

AppSupportURL={{PUBLISHER_URL}}

AppUpdatesURL={{PUBLISHER_URL}}

DefaultDirName={{INSTALL_DIR_NAME}}

DisableProgramGroupPage=yes

OutputDir=.

OutputBaseFilename={{OUTPUT_BASE_FILENAME}}

Compression=lzma

SolidCompression=yes

SetupIconFile={{SETUP_ICON_FILE}}

WizardStyle=modern

PrivilegesRequired={{PRIVILEGES_REQUIRED}}

ArchitecturesAllowed=x64

ArchitecturesInstallIn64BitMode=x64

CloseApplications=force

[Languages]

{% for locale in LOCALES %}

{% if locale == 'en' %}Name: "english"; MessagesFile: "compiler:Default.isl"{% endif %}

{% if locale == 'hy' %}Name: "armenian"; MessagesFile: "compiler:Languages\\Armenian.isl"{% endif %}

{% if locale == 'bg' %}Name: "bulgarian"; MessagesFile: "compiler:Languages\\Bulgarian.isl"{% endif %}

{% if locale == 'ca' %}Name: "catalan"; MessagesFile: "compiler:Languages\\Catalan.isl"{% endif %}

{% if locale == 'zh' %}Name: "chinesesimplified"; MessagesFile: "compiler:Languages\\ChineseSimplified.isl"{% endif %}

{% if locale == 'co' %}Name: "corsican"; MessagesFile: "compiler:Languages\\Corsican.isl"{% endif %}

{% if locale == 'cs' %}Name: "czech"; MessagesFile: "compiler:Languages\\Czech.isl"{% endif %}

{% if locale == 'da' %}Name: "danish"; MessagesFile: "compiler:Languages\\Danish.isl"{% endif %}

{% if locale == 'nl' %}Name: "dutch"; MessagesFile: "compiler:Languages\\Dutch.isl"{% endif %}

{% if locale == 'fi' %}Name: "finnish"; MessagesFile: "compiler:Languages\\Finnish.isl"{% endif %}

{% if locale == 'fr' %}Name: "french"; MessagesFile: "compiler:Languages\\French.isl"{% endif %}

{% if locale == 'de' %}Name: "german"; MessagesFile: "compiler:Languages\\German.isl"{% endif %}

{% if locale == 'he' %}Name: "hebrew"; MessagesFile: "compiler:Languages\\Hebrew.isl"{% endif %}

{% if locale == 'is' %}Name: "icelandic"; MessagesFile: "compiler:Languages\\Icelandic.isl"{% endif %}

{% if locale == 'it' %}Name: "italian"; MessagesFile: "compiler:Languages\\Italian.isl"{% endif %}

{% if locale == 'ja' %}Name: "japanese"; MessagesFile: "compiler:Languages\\Japanese.isl"{% endif %}

{% if locale == 'no' %}Name: "norwegian"; MessagesFile: "compiler:Languages\\Norwegian.isl"{% endif %}

{% if locale == 'pl' %}Name: "polish"; MessagesFile: "compiler:Languages\\Polish.isl"{% endif %}

{% if locale == 'pt' %}Name: "portuguese"; MessagesFile: "compiler:Languages\\Portuguese.isl"{% endif %}

{% if locale == 'ru' %}Name: "russian"; MessagesFile: "compiler:Languages\\Russian.isl"{% endif %}

{% if locale == 'sk' %}Name: "slovak"; MessagesFile: "compiler:Languages\\Slovak.isl"{% endif %}

{% if locale == 'sl' %}Name: "slovenian"; MessagesFile: "compiler:Languages\\Slovenian.isl"{% endif %}

{% if locale == 'es' %}Name: "spanish"; MessagesFile: "compiler:Languages\\Spanish.isl"{% endif %}

{% if locale == 'tr' %}Name: "turkish"; MessagesFile: "compiler:Languages\\Turkish.isl"{% endif %}

{% if locale == 'uk' %}Name: "ukrainian"; MessagesFile: "compiler:Languages\\Ukrainian.isl"{% endif %}

{% endfor %}

[Tasks]

Name: "desktopicon"; Description: "{cm:CreateDesktopIcon}"; GroupDescription: "{cm:AdditionalIcons}"; Flags: {% if CREATE_DESKTOP_ICON != true %}unchecked{% else %}checkedonce{% endif %}

Name: "launchAtStartup"; Description: "{cm:AutoStartProgram,{{DISPLAY_NAME}}}"; GroupDescription: "{cm:AdditionalIcons}"; Flags: {% if LAUNCH_AT_STARTUP != true %}unchecked{% else %}checkedonce{% endif %}

[Files]

Source: "{{SOURCE_DIR}}\\*"; DestDir: "{app}"; Flags: ignoreversion recursesubdirs createallsubdirs

; NOTE: Don't use "Flags: ignoreversion" on any shared system files

[Icons]

Name: "{autoprograms}\\{{DISPLAY_NAME}}"; Filename: "{app}\\{{EXECUTABLE_NAME}}"

Name: "{autodesktop}\\{{DISPLAY_NAME}}"; Filename: "{app}\\{{EXECUTABLE_NAME}}"; Tasks: desktopicon

Name: "{userstartup}\\{{DISPLAY_NAME}}"; Filename: "{app}\\{{EXECUTABLE_NAME}}"; WorkingDir: "{app}"; Tasks: launchAtStartup

[Run]

Filename: "{app}\\{{EXECUTABLE_NAME}}"; Description: "{cm:LaunchProgram,{{DISPLAY_NAME}}}"; Flags: {% if PRIVILEGES_REQUIRED == 'admin' %}runascurrentuser{% endif %} nowait postinstall skipifsilent

[Code]

function InitializeSetup(): Boolean;

var

ResultCode: Integer;

begin

Exec('taskkill', '/F /IM 应用名称.exe', '', SW_HIDE, ewWaitUntilTerminated, ResultCode)

Result := True;

end;

windows/packaging/exe/make_config.yaml

app_id: 6L913538-42B1-4596-G479-BJ779F21A65D
publisher: 应用名称
publisher_url: https://github.com/aaa/aaa
display_name: 应用名称
executable_name: 应用名称.exe
output_base_file_name: 应用名称.exe
create_desktop_icon: true
install_dir_name: "{autopf64}\\应用名称"
setup_icon_file: ..\..\windows\runner\resources\app_icon.ico
locales:
  - ar
  - en
  - fa
  - ru
  - pt
  - tr
script_template: inno_setup.sas

app_id: 6L913538-42B1-4596-G479-BJ779F21A65D

publisher: 应用名称

publisher_url: https://github.com/aaa/aaa

display_name: 应用名称

executable_name: 应用名称.exe

output_base_file_name: 应用名称.exe

create_desktop_icon: true

install_dir_name: "{autopf64}\\应用名称"

setup_icon_file: ..\..\windows\runner\resources\app_icon.ico

locales:

- ar

- en

- fa

- ru

- pt

- tr

script_template: inno_setup.sas

如果打包 msix windows/packaging/msix/make_config.yaml

display_name: 应用名称
publisher_display_name: 应用名称
identity_name: 应用名称.appioi
msix_version: 2.5.7.0
logo_path: windows\runner\resources\app_icon.ico
capabilities: internetClient, internetClientServer, privateNetworkClientServer
languages: en-us, zh-cn, zh-tw, tr-tr,fa-ir,ru-ru,pt-br,es-es
protocol_activation: 应用名称
execution_alias: 应用名称
certificate_path: windows\sign.pfx
certificate_password:
publisher: CN=8CB43675-F44B-4AA5-9372-E8727781BDC4
install_certificate: "false"
enable_at_startup: "true"
startup_task:
  parameters: --autostart

display_name: 应用名称

publisher_display_name: 应用名称

identity_name: 应用名称.appioi

msix_version: 2.5.7.0

logo_path: windows\runner\resources\app_icon.ico

capabilities: internetClient, internetClientServer, privateNetworkClientServer

languages: en-us, zh-cn, zh-tw, tr-tr,fa-ir,ru-ru,pt-br,es-es

protocol_activation: 应用名称

execution_alias: 应用名称

certificate_path: windows\sign.pfx

certificate_password:

publisher: CN=8CB43675-F44B-4AA5-9372-E8727781BDC4

install_certificate: "false"

enable_at_startup: "true"

startup_task:

parameters: --autostart

Linux:

linux/packaging/appimage

有两个文件 linux/packaging/appimage/AppRun

#!/bin/bash

cd "$(dirname "$0")"
export LD_LIBRARY_PATH=usr/lib

# Usage info
show_help() {
cat << EOF
Usage: ${0##*/} ...
start app or app, when no parameter is given, app is executed.
    -v              show version
EOF
}
show_version() {
    printf "app version "
    jq .version <./data/flutter_assets/version.json
}
# Initialize variables:
service=0 #declare -i service
OPTIND=1

# Resetting OPTIND is necessary if getopts was used previously in the script.
# It is a good idea to make OPTIND local if you process options in a function.

# if no arg is provided, execute app
if [[ $# == 0 ]];then
    exec ./app
else

# processing arguments

    case $1 in
        appCli)
            exec ./appCli ${@:3}
            exit 0
            ;;
        h)
            show_help
            exit 0
            ;;
        v)  show_version
            exit 0
            ;;
        *)
            show_help >&2
            exit 1
            ;;
    esac
fi

#!/bin/bash

cd "$(dirname "$0")"

export LD_LIBRARY_PATH=usr/lib

# Usage info

show_help() {

cat << EOF

Usage: ${0##*/} ...

start app or app, when no parameter is given, app is executed.

-v show version

EOF

}

show_version() {

printf "app version "

jq .version <./data/flutter_assets/version.json

}

# Initialize variables:

service=0 #declare -i service

OPTIND=1

# Resetting OPTIND is necessary if getopts was used previously in the script.

# It is a good idea to make OPTIND local if you process options in a function.

# if no arg is provided, execute app

if [[ $# == 0 ]];then

exec ./app

else

# processing arguments

case $1 in

appCli)

exec ./appCli ${@:3}

exit 0

;;

show_help

exit 0

;;

v) show_version

exit 0

;;

show_help >&2

exit 1

;;

esac

linux/packaging/appimage/make_config.yaml

display_name: App名称

icon: ./assets/images/source/ic_launcher_border.png

keywords:
  - Hi

generic_name: App名称

actions:
  - name: Start
    label: start
    arguments:
      - --start
  - name: Stop
    label: stop
    arguments:
      - --stop

categories:
  - Network

startup_notify: true

app_run_file: AppRun

# You can specify the shared libraries that you want to bundle with your app
#
# flutter_distributor automatically detects the shared libraries that your app
# depends on, but you can also specify them manually here.
#
# The following example shows how to bundle the libcurl library with your app.
#
# include:
#   - libcurl.so.4
include: []

display_name: App名称

icon: ./assets/images/source/ic_launcher_border.png

keywords:

- Hi

generic_name: App名称

actions:

- name: Start

label: start

arguments:

- --start

- name: Stop

label: stop

arguments:

- --stop

categories:

- Network

startup_notify: true

app_run_file: AppRun

# You can specify the shared libraries that you want to bundle with your app

# flutter_distributor automatically detects the shared libraries that your app

# depends on, but you can also specify them manually here.

# The following example shows how to bundle the libcurl library with your app.

# include:

# - libcurl.so.4

include: []

linux/packaging/deb 文件 linux/packaging/deb/make_config.yaml

display_name: Hiddify
package_name: hiddify
maintainer:
  name: hiddify
  email: linux@hiddify.com

priority: optional
section: x11
installed_size: 6604
essential: false
icon: ./assets/images/source/ic_launcher_border.png

postinstall_scripts:
  - echo "Installed Hiddify"
postuninstall_scripts:
  - echo "Surprised Why?"

keywords:
  - Hiddify
  - Proxy
  - VPN
  - V2ray
  - Nekoray
  - Xray
  - Psiphon
  - OpenVPN

generic_name: Hiddify

categories:
  - Network

startup_notify: true

display_name: Hiddify

package_name: hiddify

maintainer:

name: hiddify

email: linux@hiddify.com

priority: optional

section: x11

installed_size: 6604

essential: false

icon: ./assets/images/source/ic_launcher_border.png

postinstall_scripts:

- echo "Installed Hiddify"

postuninstall_scripts:

- echo "Surprised Why?"

keywords:

- Hiddify

- Proxy

- VPN

- V2ray

- Nekoray

- Xray

- Psiphon

- OpenVPN

generic_name: Hiddify

categories:

- Network

startup_notify: true

linux/packaging/rpm 文件 linux/packaging/rpm/make_config.yaml

display_name: App
url: https://github.com/app/app-next/
license: Other

packager: App
packagerEmail: linux@App.com

priority: optional
section: x11
installed_size: 6604
essential: false
icon: ./assets/images/source/ic_launcher_border.png

keywords:
  - Hi

generic_name: App

group: Applications/Internet

startup_notify: true

display_name: App

url: https://github.com/app/app-next/

license: Other

packager: App

packagerEmail: linux@App.com

priority: optional

section: x11

installed_size: 6604

essential: false

icon: ./assets/images/source/ic_launcher_border.png

keywords:

- Hi

generic_name: App

group: Applications/Internet

startup_notify: true

命令示例

打包 macOS (DMG 和 PKG)

$ export PATH="$PATH":"$HOME/.pub-cache/bin" $ flutter_distributor package --flutter-build-args=verbose --platform macos --targets dmg,pkg

1
2
3

$ export PATH="$PATH":"$HOME/.pub-cache/bin"

$ flutter_distributor package --flutter-build-args=verbose --platform macos --targets dmg,pkg
打包 Windows (EXE 和 MSIX)

$ export PATH="$PATH":"$HOME/.pub-cache/bin" $ flutter_distributor package --flutter-build-args=verbose --platform windows --targets exe,msix

1
2
3

$ export PATH="$PATH":"$HOME/.pub-cache/bin"

$ flutter_distributor package --flutter-build-args=verbose --platform windows --targets exe,msix
打包 Linux (DEB、RPM 和 AppImage)

$ export PATH="$PATH":"$HOME/.pub-cache/bin" $ flutter_distributor package --flutter-build-args=verbose --platform linux --targets deb,rpm,appimage

1
2
3

$ export PATH="$PATH":"$HOME/.pub-cache/bin"

$ flutter_distributor package --flutter-build-args=verbose --platform linux --targets deb,rpm,appimage

参考链接

Flutter 3.29.1-使用U盾完成数据的加解密（国密算法SKF接口）

参考 Python3-使用U盾完成数据的加解密（国密算法SKF接口），那么相同的功能如何使用 Flutter FFI 实现呢？

Flutter 3.29.1

ffi 2.1.4

pointycastle 3.6.0

pkcs7 1.0.5

convert 3.1.2

代码参考如下：

import 'dart:ffi';
import 'dart:io';

import 'package:ffi/ffi.dart';
import 'package:flutter/cupertino.dart';

/// SM3 算法定义
///
/// \# define SGD_SM3 0x00000001
// ignore: constant_identifier_names
const SGD_SM3 = 0x00000001;

/// 异常错误
///
/// \# define SAR_UNKNOWNERR 0x0A000002
// ignore: constant_identifier_names
const SAR_UNKNOWNERR = 0x0A000002;

/// 对象未导出
///
/// \# define SAR_NOTEXPORTERR 0x0A00001D
// ignore: constant_identifier_names
const SAR_NOTEXPORTERR = 0x0A00001D;

/// ECC 签名结构体
///
/// 信息安全技术 智能密码钥匙应用接口规范 GB/T 35291-2017
///
/// #define ECC_MAX_XCOORDINATE_BITS_LEN 512
///
/// typedef struct Struct_ECCSIGNATUREBLOB {
///
///    BYTE r[ECC_MAX_XCOORDINATE_BITS_LEN/8];
///
///    BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8];
///
/// } ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB
// ignore: constant_identifier_names
const ECC_MAX_XCOORDINATE_BITS_LEN = 512;

@Packed(8)
// ignore: camel_case_types
final class Struct_ECCSIGNATUREBLOB extends Struct {
  @Array(ECC_MAX_XCOORDINATE_BITS_LEN ~/ 8)
  external Array<Uint8> r;

  @Array(ECC_MAX_XCOORDINATE_BITS_LEN ~/ 8)
  external Array<Uint8> s;
}

// ignore: constant_identifier_names
const TRUE = 0x00000001;

// ignore: constant_identifier_names
const FALSE = 0x00000000;

/// ECC 公钥结构体
///
/// 信息安全技术 智能密码钥匙应用接口规范 GB/T 35291-2017
@Packed(8)
// ignore: camel_case_types
final class Struct_ECCPUBLICKEYBLOB extends Struct {
  /*
   * 官方文档是C语言的 ULONG，不管操作系统是32位还是64位，都要求是 4个字节。
  **/
  @Uint32()
  external int bitLen;
  @Array(64)
  external Array<Uint8> xCoordinate;
  @Array(64)
  external Array<Uint8> yCoordinate;

  int lengthInBytes() {
    return sizeOf<Struct_ECCPUBLICKEYBLOB>();
  }
}

/// 密文数据结构，经典的Flutter变长结构体处理
///
/// 信息安全技术 智能密码钥匙应用接口规范 GB/T 35291-2017
@Packed(8)
// ignore: camel_case_types
final class Struct_ECCCIPHERBLOB extends Struct {
  /*
   * 官方文档是C语言的 ULONG，不管操作系统是32位还是64位，都要求是 4个字节。
  **/
  @Array(64)
  external Array<Uint8> xCoordinate;
  @Array(64)
  external Array<Uint8> yCoordinate;
  @Array(32)
  external Array<Uint8> hash;
  @Uint32()
  external int cipherLen;

  @Array.variable()
  external Array<Uint8> cipher;

  static Pointer<Struct_ECCCIPHERBLOB> allocate(final int length) {
    final lengthInBytes = lengthBytes(length);
    final result = calloc.allocate<Struct_ECCCIPHERBLOB>(lengthInBytes);
    result.ref.cipherLen = length;
    return result;
  }

  static int lengthBytes(final int length) {
    return sizeOf<Struct_ECCCIPHERBLOB>() + sizeOf<Uint8>() * length;
  }

  int lengthInBytes() {
    return lengthBytes(cipherLen);
  }
}

class SkfLib {
  /// 动态库加载
  late final DynamicLibrary? _skfLib;

  late final int Function(
          int bPresent, Pointer<Uint8> szNameList, Pointer<Uint32> pulSize)?
      _skfEnumDev;

  late final int Function(Pointer<Utf8> szName, Pointer<Pointer<Void>> phDev)?
      _skfConnectDev;

  late final int Function(Pointer<Void> hDev)? _skfDisConnectDev;

  late final int Function(Pointer<Void> hDev, Pointer<Utf8> szAppName,
      Pointer<Pointer<Void>> phApplication)? _skfOpenApplication;

  late final int Function(Pointer<Void> hDev, Pointer<Uint8> szAppName,
      Pointer<Uint32> pulSize)? _skfEnumApplication;

  late final int Function(Pointer<Void> hApplication)? _skfCloseApplication;

  late final int Function(
      Pointer<Void> hApplication,
      Pointer<Uint8> szContainerName,
      Pointer<Uint32> pulSize)? _skfEnumContainer;

  late final int Function(
      Pointer<Void> hApplication,
      Pointer<Utf8> szContainerName,
      Pointer<Pointer<Void>> phContainer)? _skfOpenContainer;

  late final int Function(Pointer<Void> hContainer)? _skfCloseContainer;

  late final int Function(
      Pointer<Void> hContainer,
      int bSignFlag,
      Pointer<Struct_ECCPUBLICKEYBLOB> pbBlob,
      Pointer<Uint32> pulBlobLen)? _skfExportPublicKey;

  late final int Function(Pointer<Void> hContainer, int bSignFlag,
      Pointer<Uint8> pbCert, Pointer<Uint32> pulCertLen)? _skfExportCertificate;

  late final int Function(
      Pointer<Void> hDev,
      Pointer<Struct_ECCPUBLICKEYBLOB> pECCPubKeyBlob,
      Pointer<Utf8> pbPlainText,
      int ulPlainTextLen,
      Pointer<Struct_ECCCIPHERBLOB> pCipherText)? _skfExtECCEncrypt;

  late final int Function(
      Pointer<Void> hContainer,
      int bSignFlag,
      Pointer<Struct_ECCCIPHERBLOB> pCipherText,
      Pointer<Uint8> pbData,
      Pointer<Uint32> pbDataLen)? _skfECCDecrypt;

  late final int Function(
      Pointer<Void> hContainer,
      int ulAlgID,
      Pointer<Utf8> pbPlainText,
      int ulPlainTextLen,
      Pointer<Struct_ECCSIGNATUREBLOB> pSignature)? _skfECCDigestSignData;

  late final int Function(
      Pointer<Void> hContainer,
      int ulAlgID,
      Pointer<Utf8> pbPlainText,
      int ulPlainTextLen,
      Pointer<Struct_ECCSIGNATUREBLOB> pSignature)? _skfECCSignDataEx;

  late final int Function(Pointer<Void> hApplication, int ulPINType,
      Pointer<Utf8> szPIN, Pointer<Uint32> pulRetryCount)? _skfVerifyPIN;

  SkfLib(final String dllPath) {
    try {
      _skfLib = Platform.isMacOS || Platform.isIOS
          ? DynamicLibrary.process()
          : DynamicLibrary.open(dllPath); // 加载dll,获取句柄
    } catch (e) {
      _skfLib = null;
      debugPrint('SkfLib Load Failed: $e');
    }
    // 获取函数指针
    const fnEnumDev = "SKF_EnumDev";
    if (_providesSymbol(fnEnumDev)) {
      _skfEnumDev = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(
                      Uint32, Pointer<Uint8>, Pointer<Uint32>)>>(fnEnumDev)
          .asFunction();
    } else {
      _skfEnumDev = null;
    }

    const fnConnectDev = "SKF_ConnectDev";
    if (_providesSymbol(fnConnectDev)) {
      _skfConnectDev = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(
                      Pointer<Utf8>, Pointer<Pointer<Void>>)>>(fnConnectDev)
          .asFunction();
    } else {
      _skfConnectDev = null;
    }

    const fnDisConnectDev = "SKF_DisConnectDev";
    if (_providesSymbol(fnDisConnectDev)) {
      _skfDisConnectDev = _skfLib!
          .lookup<NativeFunction<Uint32 Function(Pointer<Void>)>>(
              fnDisConnectDev)
          .asFunction();
    } else {
      _skfDisConnectDev = null;
    }

    const fnEnumApplication = "SKF_EnumApplication";
    if (_providesSymbol(fnEnumApplication)) {
      _skfEnumApplication = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Pointer<Uint8>,
                      Pointer<Uint32>)>>(fnEnumApplication)
          .asFunction();
    } else {
      _skfEnumApplication = null;
    }

    const fnOpenApplication = "SKF_OpenApplication";
    if (_providesSymbol(fnOpenApplication)) {
      _skfOpenApplication = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Pointer<Utf8>,
                      Pointer<Pointer<Void>>)>>(fnOpenApplication)
          .asFunction();
    } else {
      _skfOpenApplication = null;
    }

    const fnCloseApplication = "SKF_CloseApplication";
    if (_providesSymbol(fnCloseApplication)) {
      _skfCloseApplication = _skfLib!
          .lookup<NativeFunction<Uint32 Function(Pointer<Void>)>>(
              fnCloseApplication)
          .asFunction();
    } else {
      _skfCloseApplication = null;
    }

    const fnEnumContainer = "SKF_EnumContainer";
    if (_providesSymbol(fnEnumContainer)) {
      _skfEnumContainer = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Pointer<Uint8>,
                      Pointer<Uint32>)>>(fnEnumContainer)
          .asFunction();
    } else {
      _skfEnumContainer = null;
    }

    const fnOpenContainer = "SKF_OpenContainer";
    if (_providesSymbol(fnOpenContainer)) {
      _skfOpenContainer = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Pointer<Utf8>,
                      Pointer<Pointer<Void>>)>>(fnOpenContainer)
          .asFunction();
    } else {
      _skfOpenContainer = null;
    }

    const fnCloseContainer = "SKF_CloseContainer";
    if (_providesSymbol(fnCloseContainer)) {
      _skfCloseContainer = _skfLib!
          .lookup<NativeFunction<Uint32 Function(Pointer<Void>)>>(
              fnCloseContainer)
          .asFunction();
    } else {
      _skfCloseContainer = null;
    }

    const fnExportPublicKey = "SKF_ExportPublicKey";
    if (_providesSymbol(fnExportPublicKey)) {
      _skfExportPublicKey = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(
                      Pointer<Void>,
                      Uint32,
                      Pointer<Struct_ECCPUBLICKEYBLOB>,
                      Pointer<Uint32>)>>(fnExportPublicKey)
          .asFunction();
    } else {
      _skfExportPublicKey = null;
    }

    const fnExportCertificate = "SKF_ExportCertificate";
    if (_providesSymbol(fnExportCertificate)) {
      _skfExportCertificate = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Uint32, Pointer<Uint8>,
                      Pointer<Uint32>)>>(fnExportCertificate)
          .asFunction();
    } else {
      _skfExportCertificate = null;
    }

    const fnExtECCEncrypt = "SKF_ExtECCEncrypt";
    if (_providesSymbol(fnExtECCEncrypt)) {
      _skfExtECCEncrypt = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(
                      Pointer<Void>,
                      Pointer<Struct_ECCPUBLICKEYBLOB>,
                      Pointer<Utf8>,
                      Uint32,
                      Pointer<Struct_ECCCIPHERBLOB>)>>(fnExtECCEncrypt)
          .asFunction();
    } else {
      _skfExtECCEncrypt = null;
    }

    const fnECCDecrypt = "SKF_ECCDecrypt";
    if (_providesSymbol(fnECCDecrypt)) {
      _skfECCDecrypt = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(
                      Pointer<Void>,
                      Uint32,
                      Pointer<Struct_ECCCIPHERBLOB>,
                      Pointer<Uint8>,
                      Pointer<Uint32>)>>(fnECCDecrypt)
          .asFunction();
    } else {
      _skfECCDecrypt = null;
    }

    const fnECCDigestSignData = "SKF_ECCDigestSignData";
    if (_providesSymbol(fnECCDigestSignData)) {
      _skfECCDigestSignData = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Uint32, Pointer<Utf8>, Uint32,
                      Pointer<Struct_ECCSIGNATUREBLOB>)>>(fnECCDigestSignData)
          .asFunction();
    } else {
      _skfECCDigestSignData = null;
    }

    const fnECCSignDataEx = "SKF_ECCSignDataEx";
    if (_providesSymbol(fnECCSignDataEx)) {
      _skfECCSignDataEx = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Uint32, Pointer<Utf8>, Uint32,
                      Pointer<Struct_ECCSIGNATUREBLOB>)>>(fnECCSignDataEx)
          .asFunction();
    } else {
      _skfECCSignDataEx = null;
    }

    const fnVerifyPIN = "SKF_VerifyPIN";
    if (_providesSymbol(fnVerifyPIN)) {
      _skfVerifyPIN = _skfLib!
          .lookup<
              NativeFunction<
                  Uint32 Function(Pointer<Void>, Uint32, Pointer<Utf8>,
                      Pointer<Uint32>)>>(fnVerifyPIN)
          .asFunction();
    } else {
      _skfVerifyPIN = null;
    }
  }

  /// Checks whether this dynamic library provides a symbol with the given name.
  bool _providesSymbol(final String symbolName) {
    return _skfLib?.providesSymbol(symbolName) ?? false;
  }

  @mustCallSuper
  void close() {
    _skfLib?.close();
  }

  /// 功能描述：
  ///
  /// 获得当前系统中的设备列表。
  ///
  /// 参数：
  ///
  /// [bPresent] [IN] 为 TRUE 表示获取当前设备状态为存在的设备列表。
  /// 为 FALSE 表示取当前取得支持的设备列表。
  ///
  /// [szNameList] [OUT] 设备名称列表。如果该参数为 NULL ，将由 pulSize 返回所需要的内存空间大小。
  /// 每个设备的名称以单个 '\0' 结束，以双 '\0' 表示列表结束。
  ///
  /// [pulSize] [IN, OUT] 输入时表示设备名称列表的缓冲区长度，输出时表示 szNameList 所占用的空间大小。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_EnumDev(final int bPresent, final Pointer<Uint8> szNameList,
      final Pointer<Uint32> pulSize) {
    if (null != _skfEnumDev) {
      return _skfEnumDev(bPresent, szNameList, pulSize);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 通过设备名称连接设备，返回设备的句柄。
  ///
  /// 参数：
  ///
  /// [szName] [IN] 设备名称。
  ///
  /// [phDev] [OUT] 返回设备操作句柄。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_ConnectDev(
      final Pointer<Utf8> szName, final Pointer<Pointer<Void>> phDev) {
    if (null != _skfConnectDev) {
      return _skfConnectDev(szName, phDev);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 断开一个已经连接的设备，并释放句柄。
  ///
  /// 参数：
  ///
  /// [hDev] [IN] 连接设备时返回的设备句柄。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_DisConnectDev(final Pointer<Void> hDev) {
    if (null != _skfDisConnectDev) {
      return _skfDisConnectDev(hDev);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 枚举设备中存在的所有应用。
  ///
  /// 参数：
  ///
  /// [hDev] [IN] 连接设备时返回的设备句柄。
  ///
  /// [szAppName] [OUT] 返回应用名称列表，如果该参数为空，将由 pulSize 返回所需要的内存空间大小。
  /// 每个应用的名称以单个 '\0' 结束，以双 '\0' 表示列表结束。
  ///
  /// [pulSize] [IN, OUT] 输入时表示应用名称列表的缓冲区长度，输出时表示 szAppName 所占用的空间大小。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_EnumApplication(final Pointer<Void> hDev,
      final Pointer<Uint8> szAppName, final Pointer<Uint32> pulSize) {
    if (null != _skfEnumApplication) {
      return _skfEnumApplication(hDev, szAppName, pulSize);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 打开指定的应用。
  ///
  /// 参数：
  ///
  /// [hDev] [IN] 连接设备时返回的设备句柄。
  ///
  /// [szAppName] [IN] 应用名称。
  ///
  /// [phApplication] [OUT] 应用的句柄。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_OpenApplication(
      final Pointer<Void> hDev,
      final Pointer<Utf8> szAppName,
      final Pointer<Pointer<Void>> phApplication) {
    if (null != _skfOpenApplication) {
      return _skfOpenApplication(hDev, szAppName, phApplication);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 关闭应用并释放应用句柄。
  ///
  /// 参数：
  ///
  /// [hApplication] [IN] 应用句柄。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_CloseApplication(final Pointer<Void> hApplication) {
    if (null != _skfCloseApplication) {
      return _skfCloseApplication(hApplication);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 枚举容器下所有容器并返回容器名称列表。
  ///
  /// 参数：
  ///
  /// [hApplication] [IN] 应用句柄。
  ///
  /// [szContainerName] [OUT] 指向容器名称列表缓冲区，如果该参数为 NULL 时，pulSize 表示返回数据所需缓冲区的长度，
  /// 如果此参数不为 NULL 时，返回容器名称列表，每个容器名以 '\0' 结束，列表以双 '\0' 结束。
  ///
  /// [pulSize] [IN, OUT] 输入时表示 szContainerName 缓冲区长度，输出时表示容器名称列表的长度。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_EnumContainer(final Pointer<Void> hApplication,
      final Pointer<Uint8> szContainerName, final Pointer<Uint32> pulSize) {
    if (null != _skfEnumContainer) {
      return _skfEnumContainer(hApplication, szContainerName, pulSize);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 获取容器句柄。
  ///
  /// 参数：
  ///
  /// [hApplication] [IN] 应用句柄。
  ///
  /// [szContainerName] [IN] 容器的名称。
  ///
  /// [phContainer] [OUT] 返回所打开容器的句柄。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_OpenContainer(
      final Pointer<Void> hApplication,
      final Pointer<Utf8> szContainerName,
      final Pointer<Pointer<Void>> phContainer) {
    if (null != _skfOpenContainer) {
      return _skfOpenContainer(hApplication, szContainerName, phContainer);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 关闭容器句柄，并释放容器句柄相关资源。
  ///
  /// 参数：
  ///
  /// [hContainer] [IN] 容器句柄。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_CloseContainer(final Pointer<Void> hContainer) {
    if (null != _skfCloseContainer) {
      return _skfCloseContainer(hContainer);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 从导出公钥。
  ///
  /// 参数：
  ///
  /// [hContainer] [IN] 容器句柄。
  ///
  /// [bSignFlag] [IN] TRUE 表示签名证书，FALSE 表示加密证书。
  ///
  /// [pbBlob] [OUT] 指向公钥内容缓冲区，如果此参数为 NULL 时，pulBlobLen 返回数据所需要
  /// 缓冲区长度，如果此参数不为 NULL 时，返回公钥内容。
  ///
  /// [pulBlobLen] [IN/OUT] 输入时表示 pbBlob 缓冲区的长度，输出时表示证书内容的长度。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_ExportPublicKey(
      final Pointer<Void> hContainer,
      final int bSignFlag,
      final Pointer<Struct_ECCPUBLICKEYBLOB> pbBlob,
      final Pointer<Uint32> pulBlobLen) {
    if (null != _skfExportPublicKey) {
      return _skfExportPublicKey(hContainer, bSignFlag, pbBlob, pulBlobLen);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 从容器内导出数字证书。
  ///
  /// 参数：
  ///
  /// [hContainer] [IN] 容器句柄。
  ///
  /// [bSignFlag] [IN] TRUE 表示签名证书，FALSE 表示加密证书。
  ///
  /// [pbCert] [OUT] 指向证书内容缓冲区，如果此参数为 NULL 时，pulCertLen 返回数据所需要
  /// 缓冲区长度，如果此参数不为 NULL 时，返回数字证书内容。
  ///
  /// [pulCertLen] [IN/OUT] 输入时表示 pbCert 缓冲区的长度，输出时表示证书内容的长度。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_ExportCertificate(final Pointer<Void> hContainer, final int bSignFlag,
      final Pointer<Uint8> pbCert, final Pointer<Uint32> pulCertLen) {
    if (null != _skfExportCertificate) {
      return _skfExportCertificate(hContainer, bSignFlag, pbCert, pulCertLen);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 使用外部传入的 ECC 公钥对输入数据做加密运算并输出结果。
  ///
  /// 参数：
  ///
  /// [hDev] [IN] 设备句柄。
  ///
  /// [pECCPubKeyBlob] [IN] ECC公钥数据结构。
  ///
  /// [pbPlainText] [IN] 待加密的明文数据。
  ///
  /// [ulPlainTextLen] [IN] 待加密的明文数据长度。
  ///
  /// [pCipherText] [OUT] 密文数据。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_ExtECCEncrypt(
      final Pointer<Void> hDev,
      final Pointer<Struct_ECCPUBLICKEYBLOB> pECCPubKeyBlob,
      final Pointer<Utf8> pbPlainText,
      final int ulPlainTextLen,
      final Pointer<Struct_ECCCIPHERBLOB> pCipherText) {
    if (null != _skfExtECCEncrypt) {
      return _skfExtECCEncrypt(
          hDev, pECCPubKeyBlob, pbPlainText, ulPlainTextLen, pCipherText);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 私钥解密。
  ///
  /// 参数：
  ///
  /// [hContainer] [IN] 密钥容器句柄。
  ///
  /// [bSignFlag] [IN] TRUE 表示签名证书，FALSE 表示加密证书。
  ///
  /// [pCipherText] [IN] 加密数据的结构。
  ///
  /// [pbData] [OUT] 解密后的明文数据。
  ///
  /// [pbDataLen] [OUT] 明文数据长度。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_ECCDecrypt(
      final Pointer<Void> hContainer,
      final int bSignFlag,
      final Pointer<Struct_ECCCIPHERBLOB> pCipherText,
      final Pointer<Uint8> pbData,
      final Pointer<Uint32> pbDataLen) {
    if (null != _skfECCDecrypt) {
      return _skfECCDecrypt(
          hContainer, bSignFlag, pCipherText, pbData, pbDataLen);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 厂商实现的 ECC 数据签名扩展。
  ///
  /// 参数：
  ///
  /// [hContainer] [IN] 密钥容器句柄。
  ///
  /// [ulAlgID] [IN] 杂凑算法标识，这里选择SGD_SM3（0x00000001），表明使用SM3算法。
  ///
  /// [pbPlainText] [IN] 待签名的明文数据。
  ///
  /// [ulPlainTextLen] [IN] 待签名的明文数据长度。
  ///
  /// [pSignature] [OUT] 签名结果。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_ECCSignDataEx(
      final Pointer<Void> hContainer,
      final int ulAlgID,
      final Pointer<Utf8> pbPlainText,
      final int ulPlainTextLen,
      final Pointer<Struct_ECCSIGNATUREBLOB> pSignature) {
    // WQ 扩展接口 SKF_ECCSignDataEx

    // FT/HB 扩展接口 SKF_ECCDigestSignData
    if (null != _skfECCDigestSignData) {
      return _skfECCDigestSignData(
          hContainer, ulAlgID, pbPlainText, ulPlainTextLen, pSignature);
    } else if (null != _skfECCSignDataEx) {
      return _skfECCSignDataEx(
          hContainer, ulAlgID, pbPlainText, ulPlainTextLen, pSignature);
    }
    return SAR_NOTEXPORTERR;
  }

  /// 功能描述：
  ///
  /// 校验 PIN 码。校验成功后，会获得相应的权限，如果 PIN 码错误，会返回 PIN 码的重试次数，
  /// 当重试次数为 0 时表示 PIN 码已经锁死。
  ///
  /// 参数：
  ///
  /// [hApplication] [IN] 应用句柄。
  ///
  /// [ulPINType] [IN] PIN 类型。 0 是管理员账户，1 为普通用户，这个参数一般选择 1。
  ///
  /// [szPIN] [IN] PIN 值。
  ///
  /// [pulRetryCount] [OUT] 出错后返回的重试次数。
  ///
  /// 返回值：
  ///
  /// SAR_OK : 成功。
  ///
  /// 其他： 错误码。
  // ignore: non_constant_identifier_names
  int SKF_VerifyPIN(final Pointer<Void> hApplication, final int ulPINType,
      final Pointer<Utf8> szPIN, final Pointer<Uint32> pulRetryCount) {
    if (null != _skfVerifyPIN) {
      return _skfVerifyPIN(hApplication, ulPINType, szPIN, pulRetryCount);
    }
    return SAR_NOTEXPORTERR;
  }
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

657

658

659

660

661

662

663

664

665

666

667

668

669

670

671

672

673

674

675

676

677

678

679

680

681

682

683

684

685

686

687

688

689

690

691

692

693

694

695

696

697

698

699

700

701

702

703

704

705

706

707

708

709

710

711

712

713

714

715

716

717

718

719

720

721

722

723

724

725

726

727

728

729

730

731

732

733

734

735

736

737

738

739

740

741

742

743

744

745

746

747

748

749

750

751

752

753

754

755

756

757

758

759

760

761

762

763

764

765

766

767

768

769

770

771

772

773

774

775

776

777

778

779

780

781

782

783

784

785

786

787

788

789

790

791

792

793

794

795

796

797

798

799

800

801

802

803

804

805

806

807

808

809

810

811

812

813

814

815

816

817

818

819

820

821

822

823

824

825

826

827

828

829

830

831

import 'dart:ffi';

import 'dart:io';

import 'package:ffi/ffi.dart';

import 'package:flutter/cupertino.dart';

/// SM3 算法定义

///

/// \# define SGD_SM3 0x00000001

// ignore: constant_identifier_names

const SGD_SM3 = 0x00000001;

/// 异常错误

///

/// \# define SAR_UNKNOWNERR 0x0A000002

// ignore: constant_identifier_names

const SAR_UNKNOWNERR = 0x0A000002;

/// 对象未导出

///

/// \# define SAR_NOTEXPORTERR 0x0A00001D

// ignore: constant_identifier_names

const SAR_NOTEXPORTERR = 0x0A00001D;

/// ECC 签名结构体

///

/// 信息安全技术智能密码钥匙应用接口规范 GB/T 35291-2017

///

/// #define ECC_MAX_XCOORDINATE_BITS_LEN 512

///

/// typedef struct Struct_ECCSIGNATUREBLOB {

///

/// BYTE r[ECC_MAX_XCOORDINATE_BITS_LEN/8];

///

/// BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8];

///

/// } ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB

// ignore: constant_identifier_names

const ECC_MAX_XCOORDINATE_BITS_LEN = 512;

@Packed(8)

// ignore: camel_case_types

final class Struct_ECCSIGNATUREBLOB extends Struct {

@Array(ECC_MAX_XCOORDINATE_BITS_LEN ~/ 8)

external Array<Uint8> r;

@Array(ECC_MAX_XCOORDINATE_BITS_LEN ~/ 8)

external Array<Uint8> s;

}

// ignore: constant_identifier_names

const TRUE = 0x00000001;

// ignore: constant_identifier_names

const FALSE = 0x00000000;

/// ECC 公钥结构体

///

/// 信息安全技术智能密码钥匙应用接口规范 GB/T 35291-2017

@Packed(8)

// ignore: camel_case_types

final class Struct_ECCPUBLICKEYBLOB extends Struct {

* 官方文档是C语言的 ULONG，不管操作系统是32位还是64位，都要求是 4个字节。

**/

@Uint32()

external int bitLen;

@Array(64)

external Array<Uint8> xCoordinate;

@Array(64)

external Array<Uint8> yCoordinate;

int lengthInBytes() {

return sizeOf<Struct_ECCPUBLICKEYBLOB>();

}

/// 密文数据结构，经典的Flutter变长结构体处理

///

/// 信息安全技术智能密码钥匙应用接口规范 GB/T 35291-2017

@Packed(8)

// ignore: camel_case_types

final class Struct_ECCCIPHERBLOB extends Struct {

* 官方文档是C语言的 ULONG，不管操作系统是32位还是64位，都要求是 4个字节。

**/

@Array(64)

external Array<Uint8> xCoordinate;

@Array(64)

external Array<Uint8> yCoordinate;

@Array(32)

external Array<Uint8> hash;

@Uint32()

external int cipherLen;

@Array.variable()

external Array<Uint8> cipher;

static Pointer<Struct_ECCCIPHERBLOB> allocate(final int length) {

final lengthInBytes = lengthBytes(length);

final result = calloc.allocate<Struct_ECCCIPHERBLOB>(lengthInBytes);

result.ref.cipherLen = length;

return result;

}

static int lengthBytes(final int length) {

return sizeOf<Struct_ECCCIPHERBLOB>() + sizeOf<Uint8>() * length;

}

int lengthInBytes() {

return lengthBytes(cipherLen);

}

class SkfLib {

/// 动态库加载

late final DynamicLibrary? _skfLib;

late final int Function(

int bPresent, Pointer<Uint8> szNameList, Pointer<Uint32> pulSize)?

_skfEnumDev;

late final int Function(Pointer<Utf8> szName, Pointer<Pointer<Void>> phDev)?

_skfConnectDev;

late final int Function(Pointer<Void> hDev)? _skfDisConnectDev;

late final int Function(Pointer<Void> hDev, Pointer<Utf8> szAppName,

Pointer<Pointer<Void>> phApplication)? _skfOpenApplication;

late final int Function(Pointer<Void> hDev, Pointer<Uint8> szAppName,

Pointer<Uint32> pulSize)? _skfEnumApplication;

late final int Function(Pointer<Void> hApplication)? _skfCloseApplication;

late final int Function(

Pointer<Void> hApplication,

Pointer<Uint8> szContainerName,

Pointer<Uint32> pulSize)? _skfEnumContainer;

late final int Function(

Pointer<Void> hApplication,

Pointer<Utf8> szContainerName,

Pointer<Pointer<Void>> phContainer)? _skfOpenContainer;

late final int Function(Pointer<Void> hContainer)? _skfCloseContainer;

late final int Function(

Pointer<Void> hContainer,

int bSignFlag,

Pointer<Struct_ECCPUBLICKEYBLOB> pbBlob,

Pointer<Uint32> pulBlobLen)? _skfExportPublicKey;

late final int Function(Pointer<Void> hContainer, int bSignFlag,

Pointer<Uint8> pbCert, Pointer<Uint32> pulCertLen)? _skfExportCertificate;

late final int Function(

Pointer<Void> hDev,

Pointer<Struct_ECCPUBLICKEYBLOB> pECCPubKeyBlob,

Pointer<Utf8> pbPlainText,

int ulPlainTextLen,

Pointer<Struct_ECCCIPHERBLOB> pCipherText)? _skfExtECCEncrypt;

late final int Function(

Pointer<Void> hContainer,

int bSignFlag,

Pointer<Struct_ECCCIPHERBLOB> pCipherText,

Pointer<Uint8> pbData,

Pointer<Uint32> pbDataLen)? _skfECCDecrypt;

late final int Function(

Pointer<Void> hContainer,

int ulAlgID,

Pointer<Utf8> pbPlainText,

int ulPlainTextLen,

Pointer<Struct_ECCSIGNATUREBLOB> pSignature)? _skfECCDigestSignData;

late final int Function(

Pointer<Void> hContainer,

int ulAlgID,

Pointer<Utf8> pbPlainText,

int ulPlainTextLen,

Pointer<Struct_ECCSIGNATUREBLOB> pSignature)? _skfECCSignDataEx;

late final int Function(Pointer<Void> hApplication, int ulPINType,

Pointer<Utf8> szPIN, Pointer<Uint32> pulRetryCount)? _skfVerifyPIN;

SkfLib(final String dllPath) {

try {

_skfLib = Platform.isMacOS || Platform.isIOS

? DynamicLibrary.process()

: DynamicLibrary.open(dllPath); // 加载dll,获取句柄

} catch (e) {

_skfLib = null;

debugPrint('SkfLib Load Failed: $e');

}

// 获取函数指针

const fnEnumDev = "SKF_EnumDev";

if (_providesSymbol(fnEnumDev)) {

_skfEnumDev = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(

Uint32, Pointer<Uint8>, Pointer<Uint32>)>>(fnEnumDev)

.asFunction();

} else {

_skfEnumDev = null;

}

const fnConnectDev = "SKF_ConnectDev";

if (_providesSymbol(fnConnectDev)) {

_skfConnectDev = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(

Pointer<Utf8>, Pointer<Pointer<Void>>)>>(fnConnectDev)

.asFunction();

} else {

_skfConnectDev = null;

}

const fnDisConnectDev = "SKF_DisConnectDev";

if (_providesSymbol(fnDisConnectDev)) {

_skfDisConnectDev = _skfLib!

.lookup<NativeFunction<Uint32 Function(Pointer<Void>)>>(

fnDisConnectDev)

.asFunction();

} else {

_skfDisConnectDev = null;

}

const fnEnumApplication = "SKF_EnumApplication";

if (_providesSymbol(fnEnumApplication)) {

_skfEnumApplication = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Pointer<Uint8>,

Pointer<Uint32>)>>(fnEnumApplication)

.asFunction();

} else {

_skfEnumApplication = null;

}

const fnOpenApplication = "SKF_OpenApplication";

if (_providesSymbol(fnOpenApplication)) {

_skfOpenApplication = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Pointer<Utf8>,

Pointer<Pointer<Void>>)>>(fnOpenApplication)

.asFunction();

} else {

_skfOpenApplication = null;

}

const fnCloseApplication = "SKF_CloseApplication";

if (_providesSymbol(fnCloseApplication)) {

_skfCloseApplication = _skfLib!

.lookup<NativeFunction<Uint32 Function(Pointer<Void>)>>(

fnCloseApplication)

.asFunction();

} else {

_skfCloseApplication = null;

}

const fnEnumContainer = "SKF_EnumContainer";

if (_providesSymbol(fnEnumContainer)) {

_skfEnumContainer = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Pointer<Uint8>,

Pointer<Uint32>)>>(fnEnumContainer)

.asFunction();

} else {

_skfEnumContainer = null;

}

const fnOpenContainer = "SKF_OpenContainer";

if (_providesSymbol(fnOpenContainer)) {

_skfOpenContainer = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Pointer<Utf8>,

Pointer<Pointer<Void>>)>>(fnOpenContainer)

.asFunction();

} else {

_skfOpenContainer = null;

}

const fnCloseContainer = "SKF_CloseContainer";

if (_providesSymbol(fnCloseContainer)) {

_skfCloseContainer = _skfLib!

.lookup<NativeFunction<Uint32 Function(Pointer<Void>)>>(

fnCloseContainer)

.asFunction();

} else {

_skfCloseContainer = null;

}

const fnExportPublicKey = "SKF_ExportPublicKey";

if (_providesSymbol(fnExportPublicKey)) {

_skfExportPublicKey = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(

Pointer<Void>,

Uint32,

Pointer<Struct_ECCPUBLICKEYBLOB>,

Pointer<Uint32>)>>(fnExportPublicKey)

.asFunction();

} else {

_skfExportPublicKey = null;

}

const fnExportCertificate = "SKF_ExportCertificate";

if (_providesSymbol(fnExportCertificate)) {

_skfExportCertificate = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Uint32, Pointer<Uint8>,

Pointer<Uint32>)>>(fnExportCertificate)

.asFunction();

} else {

_skfExportCertificate = null;

}

const fnExtECCEncrypt = "SKF_ExtECCEncrypt";

if (_providesSymbol(fnExtECCEncrypt)) {

_skfExtECCEncrypt = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(

Pointer<Void>,

Pointer<Struct_ECCPUBLICKEYBLOB>,

Pointer<Utf8>,

Uint32,

Pointer<Struct_ECCCIPHERBLOB>)>>(fnExtECCEncrypt)

.asFunction();

} else {

_skfExtECCEncrypt = null;

}

const fnECCDecrypt = "SKF_ECCDecrypt";

if (_providesSymbol(fnECCDecrypt)) {

_skfECCDecrypt = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(

Pointer<Void>,

Uint32,

Pointer<Struct_ECCCIPHERBLOB>,

Pointer<Uint8>,

Pointer<Uint32>)>>(fnECCDecrypt)

.asFunction();

} else {

_skfECCDecrypt = null;

}

const fnECCDigestSignData = "SKF_ECCDigestSignData";

if (_providesSymbol(fnECCDigestSignData)) {

_skfECCDigestSignData = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Uint32, Pointer<Utf8>, Uint32,

Pointer<Struct_ECCSIGNATUREBLOB>)>>(fnECCDigestSignData)

.asFunction();

} else {

_skfECCDigestSignData = null;

}

const fnECCSignDataEx = "SKF_ECCSignDataEx";

if (_providesSymbol(fnECCSignDataEx)) {

_skfECCSignDataEx = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Uint32, Pointer<Utf8>, Uint32,

Pointer<Struct_ECCSIGNATUREBLOB>)>>(fnECCSignDataEx)

.asFunction();

} else {

_skfECCSignDataEx = null;

}

const fnVerifyPIN = "SKF_VerifyPIN";

if (_providesSymbol(fnVerifyPIN)) {

_skfVerifyPIN = _skfLib!

.lookup<

NativeFunction<

Uint32 Function(Pointer<Void>, Uint32, Pointer<Utf8>,

Pointer<Uint32>)>>(fnVerifyPIN)

.asFunction();

} else {

_skfVerifyPIN = null;

}

/// Checks whether this dynamic library provides a symbol with the given name.

bool _providesSymbol(final String symbolName) {

return _skfLib?.providesSymbol(symbolName) ?? false;

}

@mustCallSuper

void close() {

_skfLib?.close();

}

/// 功能描述：

///

/// 获得当前系统中的设备列表。

///

/// 参数：

///

/// [bPresent] [IN] 为 TRUE 表示获取当前设备状态为存在的设备列表。

/// 为 FALSE 表示取当前取得支持的设备列表。

///

/// [szNameList] [OUT] 设备名称列表。如果该参数为 NULL ，将由 pulSize 返回所需要的内存空间大小。

/// 每个设备的名称以单个 '\0' 结束，以双 '\0' 表示列表结束。

///

/// [pulSize] [IN, OUT] 输入时表示设备名称列表的缓冲区长度，输出时表示 szNameList 所占用的空间大小。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_EnumDev(final int bPresent, final Pointer<Uint8> szNameList,

final Pointer<Uint32> pulSize) {

if (null != _skfEnumDev) {

return _skfEnumDev(bPresent, szNameList, pulSize);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 通过设备名称连接设备，返回设备的句柄。

///

/// 参数：

///

/// [szName] [IN] 设备名称。

///

/// [phDev] [OUT] 返回设备操作句柄。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_ConnectDev(

final Pointer<Utf8> szName, final Pointer<Pointer<Void>> phDev) {

if (null != _skfConnectDev) {

return _skfConnectDev(szName, phDev);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 断开一个已经连接的设备，并释放句柄。

///

/// 参数：

///

/// [hDev] [IN] 连接设备时返回的设备句柄。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_DisConnectDev(final Pointer<Void> hDev) {

if (null != _skfDisConnectDev) {

return _skfDisConnectDev(hDev);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 枚举设备中存在的所有应用。

///

/// 参数：

///

/// [hDev] [IN] 连接设备时返回的设备句柄。

///

/// [szAppName] [OUT] 返回应用名称列表，如果该参数为空，将由 pulSize 返回所需要的内存空间大小。

/// 每个应用的名称以单个 '\0' 结束，以双 '\0' 表示列表结束。

///

/// [pulSize] [IN, OUT] 输入时表示应用名称列表的缓冲区长度，输出时表示 szAppName 所占用的空间大小。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_EnumApplication(final Pointer<Void> hDev,

final Pointer<Uint8> szAppName, final Pointer<Uint32> pulSize) {

if (null != _skfEnumApplication) {

return _skfEnumApplication(hDev, szAppName, pulSize);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 打开指定的应用。

///

/// 参数：

///

/// [hDev] [IN] 连接设备时返回的设备句柄。

///

/// [szAppName] [IN] 应用名称。

///

/// [phApplication] [OUT] 应用的句柄。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_OpenApplication(

final Pointer<Void> hDev,

final Pointer<Utf8> szAppName,

final Pointer<Pointer<Void>> phApplication) {

if (null != _skfOpenApplication) {

return _skfOpenApplication(hDev, szAppName, phApplication);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 关闭应用并释放应用句柄。

///

/// 参数：

///

/// [hApplication] [IN] 应用句柄。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_CloseApplication(final Pointer<Void> hApplication) {

if (null != _skfCloseApplication) {

return _skfCloseApplication(hApplication);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 枚举容器下所有容器并返回容器名称列表。

///

/// 参数：

///

/// [hApplication] [IN] 应用句柄。

///

/// [szContainerName] [OUT] 指向容器名称列表缓冲区，如果该参数为 NULL 时，pulSize 表示返回数据所需缓冲区的长度，

/// 如果此参数不为 NULL 时，返回容器名称列表，每个容器名以 '\0' 结束，列表以双 '\0' 结束。

///

/// [pulSize] [IN, OUT] 输入时表示 szContainerName 缓冲区长度，输出时表示容器名称列表的长度。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_EnumContainer(final Pointer<Void> hApplication,

final Pointer<Uint8> szContainerName, final Pointer<Uint32> pulSize) {

if (null != _skfEnumContainer) {

return _skfEnumContainer(hApplication, szContainerName, pulSize);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 获取容器句柄。

///

/// 参数：

///

/// [hApplication] [IN] 应用句柄。

///

/// [szContainerName] [IN] 容器的名称。

///

/// [phContainer] [OUT] 返回所打开容器的句柄。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_OpenContainer(

final Pointer<Void> hApplication,

final Pointer<Utf8> szContainerName,

final Pointer<Pointer<Void>> phContainer) {

if (null != _skfOpenContainer) {

return _skfOpenContainer(hApplication, szContainerName, phContainer);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 关闭容器句柄，并释放容器句柄相关资源。

///

/// 参数：

///

/// [hContainer] [IN] 容器句柄。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_CloseContainer(final Pointer<Void> hContainer) {

if (null != _skfCloseContainer) {

return _skfCloseContainer(hContainer);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 从导出公钥。

///

/// 参数：

///

/// [hContainer] [IN] 容器句柄。

///

/// [bSignFlag] [IN] TRUE 表示签名证书，FALSE 表示加密证书。

///

/// [pbBlob] [OUT] 指向公钥内容缓冲区，如果此参数为 NULL 时，pulBlobLen 返回数据所需要

/// 缓冲区长度，如果此参数不为 NULL 时，返回公钥内容。

///

/// [pulBlobLen] [IN/OUT] 输入时表示 pbBlob 缓冲区的长度，输出时表示证书内容的长度。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_ExportPublicKey(

final Pointer<Void> hContainer,

final int bSignFlag,

final Pointer<Struct_ECCPUBLICKEYBLOB> pbBlob,

final Pointer<Uint32> pulBlobLen) {

if (null != _skfExportPublicKey) {

return _skfExportPublicKey(hContainer, bSignFlag, pbBlob, pulBlobLen);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 从容器内导出数字证书。

///

/// 参数：

///

/// [hContainer] [IN] 容器句柄。

///

/// [bSignFlag] [IN] TRUE 表示签名证书，FALSE 表示加密证书。

///

/// [pbCert] [OUT] 指向证书内容缓冲区，如果此参数为 NULL 时，pulCertLen 返回数据所需要

/// 缓冲区长度，如果此参数不为 NULL 时，返回数字证书内容。

///

/// [pulCertLen] [IN/OUT] 输入时表示 pbCert 缓冲区的长度，输出时表示证书内容的长度。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_ExportCertificate(final Pointer<Void> hContainer, final int bSignFlag,

final Pointer<Uint8> pbCert, final Pointer<Uint32> pulCertLen) {

if (null != _skfExportCertificate) {

return _skfExportCertificate(hContainer, bSignFlag, pbCert, pulCertLen);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 使用外部传入的 ECC 公钥对输入数据做加密运算并输出结果。

///

/// 参数：

///

/// [hDev] [IN] 设备句柄。

///

/// [pECCPubKeyBlob] [IN] ECC公钥数据结构。

///

/// [pbPlainText] [IN] 待加密的明文数据。

///

/// [ulPlainTextLen] [IN] 待加密的明文数据长度。

///

/// [pCipherText] [OUT] 密文数据。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_ExtECCEncrypt(

final Pointer<Void> hDev,

final Pointer<Struct_ECCPUBLICKEYBLOB> pECCPubKeyBlob,

final Pointer<Utf8> pbPlainText,

final int ulPlainTextLen,

final Pointer<Struct_ECCCIPHERBLOB> pCipherText) {

if (null != _skfExtECCEncrypt) {

return _skfExtECCEncrypt(

hDev, pECCPubKeyBlob, pbPlainText, ulPlainTextLen, pCipherText);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 私钥解密。

///

/// 参数：

///

/// [hContainer] [IN] 密钥容器句柄。

///

/// [bSignFlag] [IN] TRUE 表示签名证书，FALSE 表示加密证书。

///

/// [pCipherText] [IN] 加密数据的结构。

///

/// [pbData] [OUT] 解密后的明文数据。

///

/// [pbDataLen] [OUT] 明文数据长度。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_ECCDecrypt(

final Pointer<Void> hContainer,

final int bSignFlag,

final Pointer<Struct_ECCCIPHERBLOB> pCipherText,

final Pointer<Uint8> pbData,

final Pointer<Uint32> pbDataLen) {

if (null != _skfECCDecrypt) {

return _skfECCDecrypt(

hContainer, bSignFlag, pCipherText, pbData, pbDataLen);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 厂商实现的 ECC 数据签名扩展。

///

/// 参数：

///

/// [hContainer] [IN] 密钥容器句柄。

///

/// [ulAlgID] [IN] 杂凑算法标识，这里选择SGD_SM3（0x00000001），表明使用SM3算法。

///

/// [pbPlainText] [IN] 待签名的明文数据。

///

/// [ulPlainTextLen] [IN] 待签名的明文数据长度。

///

/// [pSignature] [OUT] 签名结果。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_ECCSignDataEx(

final Pointer<Void> hContainer,

final int ulAlgID,

final Pointer<Utf8> pbPlainText,

final int ulPlainTextLen,

final Pointer<Struct_ECCSIGNATUREBLOB> pSignature) {

// WQ 扩展接口 SKF_ECCSignDataEx

// FT/HB 扩展接口 SKF_ECCDigestSignData

if (null != _skfECCDigestSignData) {

return _skfECCDigestSignData(

hContainer, ulAlgID, pbPlainText, ulPlainTextLen, pSignature);

} else if (null != _skfECCSignDataEx) {

return _skfECCSignDataEx(

hContainer, ulAlgID, pbPlainText, ulPlainTextLen, pSignature);

}

return SAR_NOTEXPORTERR;

}

/// 功能描述：

///

/// 校验 PIN 码。校验成功后，会获得相应的权限，如果 PIN 码错误，会返回 PIN 码的重试次数，

/// 当重试次数为 0 时表示 PIN 码已经锁死。

///

/// 参数：

///

/// [hApplication] [IN] 应用句柄。

///

/// [ulPINType] [IN] PIN 类型。 0 是管理员账户，1 为普通用户，这个参数一般选择 1。

///

/// [szPIN] [IN] PIN 值。

///

/// [pulRetryCount] [OUT] 出错后返回的重试次数。

///

/// 返回值：

///

/// SAR_OK : 成功。

///

/// 其他：错误码。

// ignore: non_constant_identifier_names

int SKF_VerifyPIN(final Pointer<Void> hApplication, final int ulPINType,

final Pointer<Utf8> szPIN, final Pointer<Uint32> pulRetryCount) {

if (null != _skfVerifyPIN) {

return _skfVerifyPIN(hApplication, ulPINType, szPIN, pulRetryCount);

}

return SAR_NOTEXPORTERR;

}

import 'dart:convert';
import 'dart:ffi';
import 'dart:typed_data';

import 'package:convert/convert.dart';
import 'package:ffi/ffi.dart';
import 'package:pkcs7/pkcs7.dart';
import 'package:pointycastle/asn1.dart';

import 'skf_lib.dart';

class SkfProvider extends SkfLib {
  /// 设备名
  late final String _devName;

  /// 设备句柄
  late Pointer<Void> _devHandle;

  /// 应用名
  late final String _appName;

  /// 应用句柄
  late Pointer<Void> _appHandle;

  /// 容器名
  late final List<String> _cntNames;

  /// 容器句柄
  late Pointer<Void> _cntHandle;

  int error = 0;

  SkfProvider(super.dllPath) {
    _initHandle();
  }

  /// 句柄获取
  ///
  /// 获取设备、应用、容器句柄
  _initHandle() {
    _devName = _getDevName(); // 获取设备名
    _devHandle = _connectDev(); // 获取设备句柄 需要用到设备名
    _appName = _getAppName(); // 获取应用名
    _appHandle = _openApplication(); // 定义应用句柄
    _cntNames = _getCntNames(); // 获取容器名
    if (0 == error) {
      /// 获取容器名的时候返回的error为0，正常执行
      /// 此处选择第一个容器作为ECC密钥对，如果第一个不是ECC密钥对，可能导致应用闪退
      /// 请根据实际情况进行相关调整
      _cntHandle = _openContainer(_cntNames[1]);
    }
  }

  /// 句柄释放
  ///
  /// 释放设备、应用、容器句柄
  @override
  close() {
    if (nullptr != _cntHandle) {
      SKF_CloseContainer(_cntHandle);
      _cntHandle = nullptr;
    }
    if (nullptr != _appHandle) {
      SKF_CloseApplication(_appHandle);
      _appHandle = nullptr;
    }
    if (nullptr != _devHandle) {
      SKF_DisConnectDev(_devHandle);
      _devHandle = nullptr;
    }
    super.close();
  }

  /// 获取设备名
  ///
  /// 多设备的情况只会获取到第一个设备
  String _getDevName() {
    final pulSize = calloc<Uint32>(); // 为指针分配内存
    error = SKF_EnumDev(TRUE, nullptr, pulSize);
    final szNameList = calloc.allocate<Uint8>(pulSize.value); //为szNameList分配内存
    error = SKF_EnumDev(TRUE, szNameList, pulSize);
    calloc.free(pulSize);
    final String devName = szNameList.cast<Utf8>().toDartString();
    calloc.free(szNameList);
    return devName;
  }

  Pointer<Void> _connectDev() {
    final phDev = calloc<Pointer<Void>>();
    error = SKF_ConnectDev(_devName.toNativeUtf8(), phDev); // 连接设备
    final res = phDev.value;
    calloc.free(phDev);
    return res;
  }

  String _getAppName() {
    final pulSize = calloc<Uint32>(); // 用于获取应用名长度
    error = SKF_EnumApplication(_devHandle, nullptr, pulSize);
    final szNameList = calloc<Uint8>(pulSize.value); //为szNameList分配内存
    error = SKF_EnumApplication(
        _devHandle, szNameList, pulSize); // 获取应用名，这里默认返回第一个应用名
    calloc.free(pulSize);
    final String appName = szNameList.cast<Utf8>().toDartString();
    calloc.free(szNameList);
    return appName;
  }

  Pointer<Void> _openApplication() {
    final phApp = calloc<Pointer<Void>>();
    error =
        SKF_OpenApplication(_devHandle, _appName.toNativeUtf8(), phApp); // 打开应用
    final res = phApp.value;
    calloc.free(phApp);
    return res;
  }

  List<String> _getCntNames() {
    final List<String> cntNames = [];
    using((Arena arena) {
      final pulSize = arena<Uint32>(); // 用于获取应用名长度:
      error = SKF_EnumContainer(_appHandle, nullptr, pulSize);
      final szNameList = arena<Uint8>(pulSize.value); //为szNameList分配内存
      // 由于szNameList是以'\0'为分隔符，获取多个容器名列表切分获取
      error = SKF_EnumContainer(_appHandle, szNameList, pulSize);
      int start = 0;
      final Utf8Decoder decoder = const Utf8Decoder(allowMalformed: true);
      final szNameListArr = szNameList.asTypedList(pulSize.value);
      for (int i = 0; i < pulSize.value; i++) {
        if (0 == szNameList[i]) {
          if (0 != szNameList[start]) {
            final name = decoder.convert(szNameListArr, start, i);
            cntNames.add(name);
            start = i + (i <= pulSize.value - 1 ? 1 : 0); // 此处提防最后一个字符越界
          }
        }
      }
    });
    return cntNames; // 容器列表
  }

  Pointer<Void> _openContainer(final String cntName) {
    final phCnt = calloc<Pointer<Void>>(); // 容器句柄
    error =
        SKF_OpenContainer(_appHandle, cntName.toNativeUtf8(), phCnt); // 打开容器
    final res = phCnt.value;
    calloc.free(phCnt);
    return res;
  }

  /// 1-导出ECC的加密密钥对的公钥
  ///
  /// 2-用公钥加密SKF_ExtECCEncrypt
  Pointer<Struct_ECCCIPHERBLOB> eccEncrypt(final String plainText) {
    // 创建公钥接收对象
    final pbBlob = calloc<Struct_ECCPUBLICKEYBLOB>();
    final pulBlobLen = calloc<Uint32>();
    pulBlobLen.value = pbBlob.ref.lengthInBytes();
    error = SKF_ExportPublicKey(_cntHandle, FALSE, pbBlob, pulBlobLen);
    calloc.free(pulBlobLen);

    final pCipherText = Struct_ECCCIPHERBLOB.allocate(plainText.length);
    final nativeText = plainText.toNativeUtf8();
    // 用公钥进行加密
    error = SKF_ExtECCEncrypt(
        _devHandle, pbBlob, nativeText, nativeText.length, pCipherText);

    calloc.free(pbBlob);

    return pCipherText;
  }

  /// 1-导出ECC的加密密钥对的公钥
  ///
  /// 2-用公钥加密SKF_ExtECCEncrypt
  ///
  /// 3-转成Hex字符串
  String eccEncryptHex(final String plainText) {
    final cipherText = eccEncrypt(plainText);
    // 将密文结构内容转成Hex字符串
    final res = cipherTextToStrHex(cipherText);
    calloc.free(cipherText);
    return res;
  }

  String eccDecrypt(final Pointer<Struct_ECCCIPHERBLOB> cipherText) {
    var plainText = "";
    using((Arena arena) {
      final plainTextLen = arena<Uint32>();
      // 解密，传None，获得plain_text的长度
      error =
          SKF_ECCDecrypt(_cntHandle, FALSE, cipherText, nullptr, plainTextLen);
      // plain_text分配空间
      final plainTextBuffer = arena<Uint8>(plainTextLen.value);
      // 解密
      error = SKF_ECCDecrypt(
          _cntHandle, FALSE, cipherText, plainTextBuffer, plainTextLen);

      // 返回明文
      plainText = plainTextBuffer.cast<Utf8>().toDartString();
    });

    return plainText;
  }

  String eccDecryptHex(final String cipherHex) {
    final cipherText = strHexToCipherText(cipherHex); // 先将Hex密文字符串转为ECC密文结构

    final res = eccDecrypt(cipherText); // 解密

    calloc.free(cipherText);
    return res;
  }

  Pointer<Struct_ECCSIGNATUREBLOB> eccSignEx(final String plainText) {
    // 签名返回结果
    final pbBlob = calloc<Struct_ECCSIGNATUREBLOB>();

    // WQ 扩展接口 SKF_ECCSignDataEx

    // FT/HB 扩展接口 SKF_ECCDigestSignData

    final nativeText = plainText.toNativeUtf8();
    error = SKF_ECCSignDataEx(
        _cntHandle, SGD_SM3, nativeText, nativeText.length, pbBlob);
    return pbBlob;
  }

  /// 1-对原文进行SM2签名
  ///
  /// 2-获取签名证书信息
  ///
  /// 3-返回签名证书字符数组，SM2签名结果 (ByteData, ByteData, ByteData)
  (ByteData, ByteData, ByteData) sm2Sign(final String plainText) {
    //签名
    final signRes = eccSignEx(plainText);

    // 取ECC签名的后 32 位 作为SM2签名，参考
    // https: // github.com/guanzhi/GmSSL/blob/master/src/skf/skf.c
    // SKF_ECCSIGNATUREBLOB_to_SM2_SIGNATURE
    const int validBytes = 32;
    final sm2R = ByteData(validBytes);
    for (int i = validBytes; i < 64; i++) {
      sm2R.setUint8(i - validBytes, signRes.ref.r[i]);
    }
    final sm2S = ByteData(validBytes);
    for (int i = validBytes; i < 64; i++) {
      sm2S.setUint8(i - validBytes, signRes.ref.s[i]);
    }

    calloc.free(signRes);

    var certDerBytes = ByteData(0);
    using((Arena arena) {
      // 导出签名证书
      final pulBlobLen = arena<Uint32>();
      error = SKF_ExportCertificate(_cntHandle, TRUE, nullptr, pulBlobLen);

      // 申请内存
      final certDer = arena<Uint8>(pulBlobLen.value);

      error = SKF_ExportCertificate(_cntHandle, TRUE, certDer, pulBlobLen);

      certDerBytes = ByteData(pulBlobLen.value);
      for (int i = 0; i < pulBlobLen.value; i++) {
        certDerBytes.setUint8(i, (certDer + i).value);
      }
    });

    return (certDerBytes, sm2R, sm2S);
  }

  /// 1-对原文进行签名
  ///
  /// 2-获取签名证书信息
  ///
  /// 3-对报文进行P7 DER格式封装
  Uint8List sm2SignP7DER(final String plainText) {
    final (certDer, sm2R, sm2S) = sm2Sign(plainText);
    return buildSm2SignP7DER(plainText, certDer, sm2R, sm2S);
  }

  /// 对报文进行签名，并对结果进行 P7 格式封装，返回结果使用HEX格式
  String sm2SignP7DERHex(final String plainText) {
    final res = sm2SignP7DER(plainText);
    return hex.encoder.convert(res);
  }

  /// 对报文进行签名，并对结果进行 P7 格式封装，返回结果使用PEM(Base64)格式
  String sm2SignP7PEM(final String plainText) {
    final res = sm2SignP7DER(plainText);
    return base64.encoder.convert(res);
  }

  ///  构建 P7 DER 格式的SM2签名报文
  ///
  ///  1-plainText 签名原文
  ///
  ///  2-certDer DER格式的签名证书
  ///
  ///  3-sm2R SM2格式签名返回的 r 32位字符数组
  ///
  ///  4-sm2S SM2格式签名返回的 s 32位字符数组
  Uint8List buildSm2SignP7DER(final String plainText, final ByteData certDer,
      final ByteData sm2R, final ByteData sm2S) {
    // ignore: constant_identifier_names
    const CONTEXT_SPECIFIC = ASN1Tags.TAGGED | ASN1Tags.CONSTRUCTED | 0; //A0

    // SM3 摘要算法 OID
    final sm3DigestOid =
        ASN1ObjectIdentifier.fromIdentifierString("1.2.156.10197.1.401");
    // SM3 摘要算法
    // 'digest_algorithms'
    final sm3DigestAlg = ASN1Sequence(elements: [
      sm3DigestOid,
      ASN1Null(),
    ]); // 签名算法类型 SM3withSM2

    // SM2 签名算法 OID
    final sm2SignOid =
        ASN1ObjectIdentifier.fromIdentifierString("1.2.156.10197.1.301.1");
    // SM2 签名算法
    final sm2SignAlg = ASN1Sequence(elements: [
      sm2SignOid,
      ASN1Null(),
    ]);

    final der = certDer.buffer.asUint8List();
    final asn1Cert = ASN1Parser(der).nextObject() as ASN1Sequence;
    final X509 cert = X509(asn1Cert);

    final signVal = BytesBuilder();
    signVal.add(sm2R.buffer.asUint8List());
    signVal.add(sm2S.buffer.asUint8List());

    final signerInfo = ASN1Sequence(elements: [
      // 'version'
      ASN1Integer.fromtInt(1),
      // 'sid' 签名证书信息 'issuer_and_serial_number'
      cert.asn1Issuer,
      // 'digest_algorithm'
      sm3DigestAlg, // 摘要算法
      // 'signature_algorithm'
      sm2SignAlg, // 签名算法
      // 'signature'
      ASN1OctetString(octets: signVal.toBytes()) // 签名信息 （OCTET STRING）
    ]);

    // 构建完整证书的 ASN.1 PKCS#7 SignedData 结构
    final signedData = ASN1Sequence(elements: [
      // 'version' 签名版本 v1
      ASN1Integer.fromtInt(1),
      // 'digest_algorithms' 摘要算法
      ASN1Set(elements: [
        sm3DigestAlg // SM3
      ]),
      // 'encap_content_info' 签名载核（业务）数据
      ASN1Sequence(elements: [
        // 载核（业务）数据类型 (PKCS #7)
        ASN1ObjectIdentifier.fromIdentifierString(
            '1.2.840.113549.1.7.1'), //'content_type'
        // 签名载核(业务)数据
        ASN1Set(elements: [
          ASN1OctetString(octets: utf8.encoder.convert(plainText))
        ], tag: CONTEXT_SPECIFIC) // 'content'
      ]),
      // 'certificates'  证书集合
      ASN1Set(elements: [asn1Cert], tag: CONTEXT_SPECIFIC),
      // 'signer_infos' 签名信息
      ASN1Set(elements: [signerInfo])
    ]);

    // 数据传输封装
    final payloadContent = ASN1Sequence(elements: [
      // 数据类型 (PKCS #7)
      ASN1ObjectIdentifier.fromIdentifierString(
          '1.2.840.113549.1.7.2'), //'content_type'
      // 签名数据
      ASN1Set(elements: [signedData], tag: CONTEXT_SPECIFIC) // 'content'
    ]);

    return payloadContent.encode();
  }

  /// PIN校验
  ///
  /// user_pin：字符串
  ///
  /// return：返回剩余尝试次数
  int verifyPIN(final String userPin) {
    var leftTimes = 0;
    final int ulPINType = 1; // PIN类型，1表示用户PIN
    using((Arena arena) {
      final pulRetryCount = arena<Uint32>(); // PIN剩余尝试次数
      // 调用验证PIN接口
      error = SKF_VerifyPIN(
          _appHandle, ulPINType, userPin.toNativeUtf8(), pulRetryCount);
      leftTimes = pulRetryCount.value;
    });
    return leftTimes;
  }

  /// 将Hex字符串转成ECC密文结构
  ///
  /// strHex：Hex字符串
  ///
  /// return：ECC密文结构
  Pointer<Struct_ECCCIPHERBLOB> strHexToCipherText(final String strHex) {
    // 密文结构中 Cipher 长度（C3）
    final cipherLen =
        (strHex.length - Struct_ECCCIPHERBLOB.lengthBytes(0) * 2) ~/ 2;
    final pCipherText =
        Struct_ECCCIPHERBLOB.allocate(cipherLen); // 声明pCipherText密文结构变量

    final xCoordinateHex =
        strHex.substring(0, 64); // 获取密文结构的 XCoordinate 的Hex字符串
    final yCoordinateHex =
        strHex.substring(64, 128); // 获取密文结构的 YCoordinate 的Hex字符串
    final hashHex = strHex.substring(128, 192); // 获取密文结构的 HASH 的Hex字符串
    final cipherTextHex = strHex.substring(192); // C2：密文结构中的Cipher
    // 为密文结构中的每部分赋值
    for (int i = 0; i < 32; i++) {
      pCipherText.ref.xCoordinate[32 + i] =
          int.parse(xCoordinateHex.substring(i * 2, 2), radix: 16);
    }
    for (int i = 0; i < 32; i++) {
      pCipherText.ref.yCoordinate[32 + i] =
          int.parse(yCoordinateHex.substring(i * 2, 2), radix: 16);
    }
    for (int i = 0; i < 32; i++) {
      pCipherText.ref.hash[i] =
          int.parse(hashHex.substring(i * 2, 2), radix: 16);
    }
    // 密文部分转为Uint8类型
    for (int i = 0; i < cipherLen; i++) {
      pCipherText.ref.cipher[i] =
          int.parse(cipherTextHex.substring(i * 2, 2), radix: 16);
    }
    return pCipherText;
  }

  /// 将ECC密文结构转成Hex字符串
  String cipherTextToStrHex(final Pointer<Struct_ECCCIPHERBLOB> cipherText) {
    final textHex = StringBuffer();
    // 将密文结构内容转成Hex字符串
    for (int i = 32; i < 64; i++) {
      // 获取密文结构中 XCoordinate
      textHex.write(
          cipherText.ref.xCoordinate[i].toRadixString(16).padLeft(2, '0'));
    }
    for (int i = 32; i < 64; i++) {
      // 获取密文结构中 YCoordinate
      textHex.write(
          cipherText.ref.yCoordinate[i].toRadixString(16).padLeft(2, '0'));
    }
    for (int i = 0; i < 32; i++) {
      // 获取密文结构中 HASH
      textHex.write(cipherText.ref.hash[i].toRadixString(16).padLeft(2, '0'));
    }
    for (int i = 0; i < cipherText.ref.cipherLen; i++) {
      // 将 Cipher 转成Hex字符串
      textHex.write(cipherText.ref.cipher[i].toRadixString(16).padLeft(2, '0'));
    }
    return textHex.toString().toUpperCase();
  }
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

import 'dart:convert';

import 'dart:ffi';

import 'dart:typed_data';

import 'package:convert/convert.dart';

import 'package:ffi/ffi.dart';

import 'package:pkcs7/pkcs7.dart';

import 'package:pointycastle/asn1.dart';

import 'skf_lib.dart';

class SkfProvider extends SkfLib {

/// 设备名

late final String _devName;

/// 设备句柄

late Pointer<Void> _devHandle;

/// 应用名

late final String _appName;

/// 应用句柄

late Pointer<Void> _appHandle;

/// 容器名

late final List<String> _cntNames;

/// 容器句柄

late Pointer<Void> _cntHandle;

int error = 0;

SkfProvider(super.dllPath) {

_initHandle();

}

/// 句柄获取

///

/// 获取设备、应用、容器句柄

_initHandle() {

_devName = _getDevName(); // 获取设备名

_devHandle = _connectDev(); // 获取设备句柄需要用到设备名

_appName = _getAppName(); // 获取应用名

_appHandle = _openApplication(); // 定义应用句柄

_cntNames = _getCntNames(); // 获取容器名

if (0 == error) {

/// 获取容器名的时候返回的error为0，正常执行

/// 此处选择第一个容器作为ECC密钥对，如果第一个不是ECC密钥对，可能导致应用闪退

/// 请根据实际情况进行相关调整

_cntHandle = _openContainer(_cntNames[1]);

}

/// 句柄释放

///

/// 释放设备、应用、容器句柄

@override

close() {

if (nullptr != _cntHandle) {

SKF_CloseContainer(_cntHandle);

_cntHandle = nullptr;

}

if (nullptr != _appHandle) {

SKF_CloseApplication(_appHandle);

_appHandle = nullptr;

}

if (nullptr != _devHandle) {

SKF_DisConnectDev(_devHandle);

_devHandle = nullptr;

}

super.close();

}

/// 获取设备名

///

/// 多设备的情况只会获取到第一个设备

String _getDevName() {

final pulSize = calloc<Uint32>(); // 为指针分配内存

error = SKF_EnumDev(TRUE, nullptr, pulSize);

final szNameList = calloc.allocate<Uint8>(pulSize.value); //为szNameList分配内存

error = SKF_EnumDev(TRUE, szNameList, pulSize);

calloc.free(pulSize);

final String devName = szNameList.cast<Utf8>().toDartString();

calloc.free(szNameList);

return devName;

}

Pointer<Void> _connectDev() {

final phDev = calloc<Pointer<Void>>();

error = SKF_ConnectDev(_devName.toNativeUtf8(), phDev); // 连接设备

final res = phDev.value;

calloc.free(phDev);

return res;

}

String _getAppName() {

final pulSize = calloc<Uint32>(); // 用于获取应用名长度

error = SKF_EnumApplication(_devHandle, nullptr, pulSize);

final szNameList = calloc<Uint8>(pulSize.value); //为szNameList分配内存

error = SKF_EnumApplication(

_devHandle, szNameList, pulSize); // 获取应用名，这里默认返回第一个应用名

calloc.free(pulSize);

final String appName = szNameList.cast<Utf8>().toDartString();

calloc.free(szNameList);

return appName;

}

Pointer<Void> _openApplication() {

final phApp = calloc<Pointer<Void>>();

error =

SKF_OpenApplication(_devHandle, _appName.toNativeUtf8(), phApp); // 打开应用

final res = phApp.value;

calloc.free(phApp);

return res;

}

List<String> _getCntNames() {

final List<String> cntNames = [];

using((Arena arena) {

final pulSize = arena<Uint32>(); // 用于获取应用名长度:

error = SKF_EnumContainer(_appHandle, nullptr, pulSize);

final szNameList = arena<Uint8>(pulSize.value); //为szNameList分配内存

// 由于szNameList是以'\0'为分隔符，获取多个容器名列表切分获取

error = SKF_EnumContainer(_appHandle, szNameList, pulSize);

int start = 0;

final Utf8Decoder decoder = const Utf8Decoder(allowMalformed: true);

final szNameListArr = szNameList.asTypedList(pulSize.value);

for (int i = 0; i < pulSize.value; i++) {

if (0 == szNameList[i]) {

if (0 != szNameList[start]) {

final name = decoder.convert(szNameListArr, start, i);

cntNames.add(name);

start = i + (i <= pulSize.value - 1 ? 1 : 0); // 此处提防最后一个字符越界

}

});

return cntNames; // 容器列表

}

Pointer<Void> _openContainer(final String cntName) {

final phCnt = calloc<Pointer<Void>>(); // 容器句柄

error =

SKF_OpenContainer(_appHandle, cntName.toNativeUtf8(), phCnt); // 打开容器

final res = phCnt.value;

calloc.free(phCnt);

return res;

}

/// 1-导出ECC的加密密钥对的公钥

///

/// 2-用公钥加密SKF_ExtECCEncrypt

Pointer<Struct_ECCCIPHERBLOB> eccEncrypt(final String plainText) {

// 创建公钥接收对象

final pbBlob = calloc<Struct_ECCPUBLICKEYBLOB>();

final pulBlobLen = calloc<Uint32>();

pulBlobLen.value = pbBlob.ref.lengthInBytes();

error = SKF_ExportPublicKey(_cntHandle, FALSE, pbBlob, pulBlobLen);

calloc.free(pulBlobLen);

final pCipherText = Struct_ECCCIPHERBLOB.allocate(plainText.length);

final nativeText = plainText.toNativeUtf8();

// 用公钥进行加密

error = SKF_ExtECCEncrypt(

_devHandle, pbBlob, nativeText, nativeText.length, pCipherText);

calloc.free(pbBlob);

return pCipherText;

}

/// 1-导出ECC的加密密钥对的公钥

///

/// 2-用公钥加密SKF_ExtECCEncrypt

///

/// 3-转成Hex字符串

String eccEncryptHex(final String plainText) {

final cipherText = eccEncrypt(plainText);

// 将密文结构内容转成Hex字符串

final res = cipherTextToStrHex(cipherText);

calloc.free(cipherText);

return res;

}

String eccDecrypt(final Pointer<Struct_ECCCIPHERBLOB> cipherText) {

var plainText = "";

using((Arena arena) {

final plainTextLen = arena<Uint32>();

// 解密，传None，获得plain_text的长度

error =

SKF_ECCDecrypt(_cntHandle, FALSE, cipherText, nullptr, plainTextLen);

// plain_text分配空间

final plainTextBuffer = arena<Uint8>(plainTextLen.value);

// 解密

error = SKF_ECCDecrypt(

_cntHandle, FALSE, cipherText, plainTextBuffer, plainTextLen);

// 返回明文

plainText = plainTextBuffer.cast<Utf8>().toDartString();

});

return plainText;

}

String eccDecryptHex(final String cipherHex) {

final cipherText = strHexToCipherText(cipherHex); // 先将Hex密文字符串转为ECC密文结构

final res = eccDecrypt(cipherText); // 解密

calloc.free(cipherText);

return res;

}

Pointer<Struct_ECCSIGNATUREBLOB> eccSignEx(final String plainText) {

// 签名返回结果

final pbBlob = calloc<Struct_ECCSIGNATUREBLOB>();

// WQ 扩展接口 SKF_ECCSignDataEx

// FT/HB 扩展接口 SKF_ECCDigestSignData

final nativeText = plainText.toNativeUtf8();

error = SKF_ECCSignDataEx(

_cntHandle, SGD_SM3, nativeText, nativeText.length, pbBlob);

return pbBlob;

}

/// 1-对原文进行SM2签名

///

/// 2-获取签名证书信息

///

/// 3-返回签名证书字符数组，SM2签名结果 (ByteData, ByteData, ByteData)

(ByteData, ByteData, ByteData) sm2Sign(final String plainText) {

//签名

final signRes = eccSignEx(plainText);

// 取ECC签名的后 32 位作为SM2签名，参考

// https: // github.com/guanzhi/GmSSL/blob/master/src/skf/skf.c

// SKF_ECCSIGNATUREBLOB_to_SM2_SIGNATURE

const int validBytes = 32;

final sm2R = ByteData(validBytes);

for (int i = validBytes; i < 64; i++) {

sm2R.setUint8(i - validBytes, signRes.ref.r[i]);

}

final sm2S = ByteData(validBytes);

for (int i = validBytes; i < 64; i++) {

sm2S.setUint8(i - validBytes, signRes.ref.s[i]);

}

calloc.free(signRes);

var certDerBytes = ByteData(0);

using((Arena arena) {

// 导出签名证书

final pulBlobLen = arena<Uint32>();

error = SKF_ExportCertificate(_cntHandle, TRUE, nullptr, pulBlobLen);

// 申请内存

final certDer = arena<Uint8>(pulBlobLen.value);

error = SKF_ExportCertificate(_cntHandle, TRUE, certDer, pulBlobLen);

certDerBytes = ByteData(pulBlobLen.value);

for (int i = 0; i < pulBlobLen.value; i++) {

certDerBytes.setUint8(i, (certDer + i).value);

}

});

return (certDerBytes, sm2R, sm2S);

}

/// 1-对原文进行签名

///

/// 2-获取签名证书信息

///

/// 3-对报文进行P7 DER格式封装

Uint8List sm2SignP7DER(final String plainText) {

final (certDer, sm2R, sm2S) = sm2Sign(plainText);

return buildSm2SignP7DER(plainText, certDer, sm2R, sm2S);

}

/// 对报文进行签名，并对结果进行 P7 格式封装，返回结果使用HEX格式

String sm2SignP7DERHex(final String plainText) {

final res = sm2SignP7DER(plainText);

return hex.encoder.convert(res);

}

/// 对报文进行签名，并对结果进行 P7 格式封装，返回结果使用PEM(Base64)格式

String sm2SignP7PEM(final String plainText) {

final res = sm2SignP7DER(plainText);

return base64.encoder.convert(res);

}

/// 构建 P7 DER 格式的SM2签名报文

///

/// 1-plainText 签名原文

///

/// 2-certDer DER格式的签名证书

///

/// 3-sm2R SM2格式签名返回的 r 32位字符数组

///

/// 4-sm2S SM2格式签名返回的 s 32位字符数组

Uint8List buildSm2SignP7DER(final String plainText, final ByteData certDer,

final ByteData sm2R, final ByteData sm2S) {

// ignore: constant_identifier_names

const CONTEXT_SPECIFIC = ASN1Tags.TAGGED | ASN1Tags.CONSTRUCTED | 0; //A0

// SM3 摘要算法 OID

final sm3DigestOid =

ASN1ObjectIdentifier.fromIdentifierString("1.2.156.10197.1.401");

// SM3 摘要算法

// 'digest_algorithms'

final sm3DigestAlg = ASN1Sequence(elements: [

sm3DigestOid,

ASN1Null(),

]); // 签名算法类型 SM3withSM2

// SM2 签名算法 OID

final sm2SignOid =

ASN1ObjectIdentifier.fromIdentifierString("1.2.156.10197.1.301.1");

// SM2 签名算法

final sm2SignAlg = ASN1Sequence(elements: [

sm2SignOid,

ASN1Null(),

]);

final der = certDer.buffer.asUint8List();

final asn1Cert = ASN1Parser(der).nextObject() as ASN1Sequence;

final X509 cert = X509(asn1Cert);

final signVal = BytesBuilder();

signVal.add(sm2R.buffer.asUint8List());

signVal.add(sm2S.buffer.asUint8List());

final signerInfo = ASN1Sequence(elements: [

// 'version'

ASN1Integer.fromtInt(1),

// 'sid' 签名证书信息 'issuer_and_serial_number'

cert.asn1Issuer,

// 'digest_algorithm'

sm3DigestAlg, // 摘要算法

// 'signature_algorithm'

sm2SignAlg, // 签名算法

// 'signature'

ASN1OctetString(octets: signVal.toBytes()) // 签名信息（OCTET STRING）

]);

// 构建完整证书的 ASN.1 PKCS#7 SignedData 结构

final signedData = ASN1Sequence(elements: [

// 'version' 签名版本 v1

ASN1Integer.fromtInt(1),

// 'digest_algorithms' 摘要算法

ASN1Set(elements: [

sm3DigestAlg // SM3

]),

// 'encap_content_info' 签名载核（业务）数据

ASN1Sequence(elements: [

// 载核（业务）数据类型 (PKCS #7)

ASN1ObjectIdentifier.fromIdentifierString(

'1.2.840.113549.1.7.1'), //'content_type'

// 签名载核(业务)数据

ASN1Set(elements: [

ASN1OctetString(octets: utf8.encoder.convert(plainText))

], tag: CONTEXT_SPECIFIC) // 'content'

]),

// 'certificates' 证书集合

ASN1Set(elements: [asn1Cert], tag: CONTEXT_SPECIFIC),

// 'signer_infos' 签名信息

ASN1Set(elements: [signerInfo])

]);

// 数据传输封装

final payloadContent = ASN1Sequence(elements: [

// 数据类型 (PKCS #7)

ASN1ObjectIdentifier.fromIdentifierString(

'1.2.840.113549.1.7.2'), //'content_type'

// 签名数据

ASN1Set(elements: [signedData], tag: CONTEXT_SPECIFIC) // 'content'

]);

return payloadContent.encode();

}

/// PIN校验

///

/// user_pin：字符串

///

/// return：返回剩余尝试次数

int verifyPIN(final String userPin) {

var leftTimes = 0;

final int ulPINType = 1; // PIN类型，1表示用户PIN

using((Arena arena) {

final pulRetryCount = arena<Uint32>(); // PIN剩余尝试次数

// 调用验证PIN接口

error = SKF_VerifyPIN(

_appHandle, ulPINType, userPin.toNativeUtf8(), pulRetryCount);

leftTimes = pulRetryCount.value;

});

return leftTimes;

}

/// 将Hex字符串转成ECC密文结构

///

/// strHex：Hex字符串

///

/// return：ECC密文结构

Pointer<Struct_ECCCIPHERBLOB> strHexToCipherText(final String strHex) {

// 密文结构中 Cipher 长度（C3）

final cipherLen =

(strHex.length - Struct_ECCCIPHERBLOB.lengthBytes(0) * 2) ~/ 2;

final pCipherText =

Struct_ECCCIPHERBLOB.allocate(cipherLen); // 声明pCipherText密文结构变量

final xCoordinateHex =

strHex.substring(0, 64); // 获取密文结构的 XCoordinate 的Hex字符串

final yCoordinateHex =

strHex.substring(64, 128); // 获取密文结构的 YCoordinate 的Hex字符串

final hashHex = strHex.substring(128, 192); // 获取密文结构的 HASH 的Hex字符串

final cipherTextHex = strHex.substring(192); // C2：密文结构中的Cipher

// 为密文结构中的每部分赋值

for (int i = 0; i < 32; i++) {

pCipherText.ref.xCoordinate[32 + i] =

int.parse(xCoordinateHex.substring(i * 2, 2), radix: 16);

}

for (int i = 0; i < 32; i++) {

pCipherText.ref.yCoordinate[32 + i] =

int.parse(yCoordinateHex.substring(i * 2, 2), radix: 16);

}

for (int i = 0; i < 32; i++) {

pCipherText.ref.hash[i] =

int.parse(hashHex.substring(i * 2, 2), radix: 16);

}

// 密文部分转为Uint8类型

for (int i = 0; i < cipherLen; i++) {

pCipherText.ref.cipher[i] =

int.parse(cipherTextHex.substring(i * 2, 2), radix: 16);

}

return pCipherText;

}

/// 将ECC密文结构转成Hex字符串

String cipherTextToStrHex(final Pointer<Struct_ECCCIPHERBLOB> cipherText) {

final textHex = StringBuffer();

// 将密文结构内容转成Hex字符串

for (int i = 32; i < 64; i++) {

// 获取密文结构中 XCoordinate

textHex.write(

cipherText.ref.xCoordinate[i].toRadixString(16).padLeft(2, '0'));

}

for (int i = 32; i < 64; i++) {

// 获取密文结构中 YCoordinate

textHex.write(

cipherText.ref.yCoordinate[i].toRadixString(16).padLeft(2, '0'));

}

for (int i = 0; i < 32; i++) {

// 获取密文结构中 HASH

textHex.write(cipherText.ref.hash[i].toRadixString(16).padLeft(2, '0'));

}

for (int i = 0; i < cipherText.ref.cipherLen; i++) {

// 将 Cipher 转成Hex字符串

textHex.write(cipherText.ref.cipher[i].toRadixString(16).padLeft(2, '0'));

}

return textHex.toString().toUpperCase();

}

使用方式：

const path = "/opt/apps/xxxx.so";
skfProvider = SkfProvider(path);
skfProvider?.verifyPIN("123456");
skfProvider?.eccEncryptHex("123456");
const plain = "123456";
var res = skfProvider?.sm2SignP7PEM(plain);
debugPrint(res);

const path = "/opt/apps/xxxx.so";

skfProvider = SkfProvider(path);

skfProvider?.verifyPIN("123456");

skfProvider?.eccEncryptHex("123456");

const plain = "123456";

var res = skfProvider?.sm2SignP7PEM(plain);

debugPrint(res);

参考链接

Gtk应用内嵌网页与原生代码交互方法

前置条件

Ubuntu 24.04.2 LTS

内容详情

在使用Gtk开发应用程序的过程中，如果需要内嵌网页，那么使用libwebkit2gtk是个非常自然和正确的选择。

那么这里就可能原生程序代码可能需要跟网页交互的问题。

Gtk程序跟网页的交互，主要有两个方面：

1 Gtk程序需要调用网页js代码 

2 网页需要调用 Gtk 程序的功能代码

1 Gtk程序需要调用网页js代码

2 网页需要调用 Gtk 程序的功能代码

需求1，使用 webkit2gtk 的内置 webkit_web_view_run_javascript 函数即可解决

需求2，使用 webkit2gtk 的内置的 web extendsion 扩展支持功能解决或 window.webkit.messageHandlers..postMessage(value)

不多说看代码吧！

Gtk嵌入网页Demo程序

webviewgtk.c

/**
 *
 * Copyright (C) 2020 Wei Keting<weikting@gmail.com>. All rights reserved.
 * @Time : 2021-04-04 12:18
 * @Last Modified: 2022-12-10 17:27
 * @File : webviewgtk.c
 * @Description :
 *
 * 依赖下载：
 * sudo apt install libwebkit2gtk-4.1-doc libwebkit2gtk-4.1-dev libgtk-3-dev
 * gcc webviewgtk.c -o webviewgtk -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`
 *
 */

#include <gtk/gtk.h>
#include <glib.h>
#include <webkit2/webkit2.h>

#include <sys/types.h>
#include <unistd.h>

static void
web_view_javascript_finished(GObject *object,
                             GAsyncResult *result,
                             gpointer user_data) {
    GError *error = NULL;

    JSCValue *js_result = webkit_web_view_evaluate_javascript_finish(WEBKIT_WEB_VIEW(object),
                                                                     result, &error);
    if (!js_result) {
        g_warning("Error running javascript: %s", error->message);
        g_error_free(error);
        return;
    }

    if (jsc_value_is_string(js_result)) {
        gchar *str_value = jsc_value_to_string(js_result);
        JSCException *exception = jsc_context_get_exception(jsc_value_get_context(js_result));
        if (exception)
            g_warning("Error running javascript: %s", jsc_exception_get_message(exception));
        else
            g_print("Script result: %s\n", str_value);
        g_free(str_value);
    } else {
        g_warning("Error running javascript: unexpected return value");
    }
}

static gboolean
on_webview_load_failed(WebKitWebView *webview,
                       WebKitLoadEvent load_event,
                       gchar *failing_uri,
                       GError *error,
                       gpointer user_data) {

    g_printerr("%s: %s\n", failing_uri, error->message);
    return FALSE;
}

static void
handle_script_message(WebKitUserContentManager *self,
                      WebKitJavascriptResult *js_result,
                      gpointer user_data) {

    JSCValue *value = webkit_javascript_result_get_js_value(js_result);

    gchar *str_value = jsc_value_to_string(value);
    JSCException *exception = jsc_context_get_exception(jsc_value_get_context(value));
    if (exception)
        g_warning("Error running javascript: %s", jsc_exception_get_message(exception));
    else
        g_printerr("Script result: %s\n", str_value);

    g_printerr("%s: %s\n", __func__, str_value);

    g_free(str_value);
}

static gboolean
handle_script_message_with_reply(WebKitUserContentManager *self,
                                 JSCValue *value,
                                 WebKitScriptMessageReply *reply,
                                 gpointer user_data) {

    gchar *str_value = jsc_value_to_string(value);
    JSCContext *context = jsc_value_get_context(value);
    /* It is possible to handle the reply asynchronously,
     * by simply calling g_object_ref() on the reply and returning TRUE.
     * webkit_script_message_reply_ref(reply);
     *
     * async code here
     *
     * webkit_script_message_reply_unref(reply);
     */

    JSCValue *js_value = jsc_value_new_string(context, str_value);
    webkit_script_message_reply_return_value(reply, js_value);

    g_printerr("%s: %s\n", __func__, str_value);

    g_free(str_value);

    return TRUE; // TRUE to stop other handlers from being invoked for the event. FALSE to propagate the event further.
}

static void
on_button_clicked(GtkButton *button,
                  WebKitWebView *webview) {
    static gint t = 0;
    gchar buf[128] = {0};
    g_snprintf(buf, sizeof(buf) - 1, "change_span_id('_n%d')", t);
    t += 1;
    // 在webview当前的html页面中直接运行js代码
    webkit_web_view_evaluate_javascript(webview, buf, -1, NULL, NULL, NULL,
                                        web_view_javascript_finished, NULL);
}

static void
webkit_web_extension_initialize(WebKitWebContext *context,
                                gpointer user_data) {

    g_printerr("%s: %d\n", __FUNCTION__, getpid());
    // 设置web extendsion扩张.so文件的搜索目录
    webkit_web_context_set_web_extensions_directory(context, ".");
}

/**
** 创建window，添加webkit控件
**
**/
static void
on_activate(GtkApplication *app) {

    g_assert(GTK_IS_APPLICATION(app));

    GtkWindow *window = gtk_application_get_active_window(app);
    if (window == NULL)
        window = g_object_new(GTK_TYPE_WINDOW,
                              "application", app,
                              "default-width", 600,
                              "default-height", 300,
                              NULL);

    // 注册处理web extensions的初始化函数
    g_signal_connect(webkit_web_context_get_default(), "initialize-web-extensions",
                     G_CALLBACK(webkit_web_extension_initialize), NULL);

    GtkWidget *webview = webkit_web_view_new();
    g_signal_connect(webview, "load-failed", G_CALLBACK(on_webview_load_failed), NULL);

    // 加载网页
    GFile *file = g_file_new_for_path("webview.html");
    gchar *uri = g_file_get_uri(file);
    webkit_web_view_load_uri(WEBKIT_WEB_VIEW(webview), uri);
    g_free(uri);
    g_object_unref(file);

    // 注册 window.webkit.messageHandlers.msgToNative.postMessage(value) 的回调函数
    WebKitUserContentManager *manager = webkit_web_view_get_user_content_manager(
            WEBKIT_WEB_VIEW(webview));
    g_signal_connect(manager, "script-message-received::msgToNative",
                     G_CALLBACK(handle_script_message), NULL);
    webkit_user_content_manager_register_script_message_handler(manager, "msgToNative");

    // 注册 window.webkit.messageHandlers.msgToNativeReply.postMessage(value) 的回调函数
    // 函数调用有返回值
    g_signal_connect(manager, "script-message-with-reply-received::msgToNativeReply",
                     G_CALLBACK(handle_script_message_with_reply), NULL);
    webkit_user_content_manager_register_script_message_handler_with_reply(manager,
                                                                           "msgToNativeReply",
                                                                           NULL);

    /* Enable the developer extras */
    WebKitSettings *setting = webkit_web_view_get_settings(WEBKIT_WEB_VIEW(webview));
    g_object_set(G_OBJECT(settings), "enable-developer-extras", TRUE, NULL);

    GtkWidget *vbox = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);
    GtkWidget *button = gtk_button_new_with_label("change span");
    gtk_box_pack_start(GTK_BOX(vbox), GTK_WIDGET(webview), TRUE, TRUE, 0);
    gtk_box_pack_start(GTK_BOX(vbox), GTK_WIDGET(button), FALSE, TRUE, 0);

    gtk_container_add(GTK_CONTAINER(window), GTK_WIDGET(vbox));
    gtk_widget_show_all(GTK_WIDGET(vbox));
    gtk_window_present(window);

    g_signal_connect(button, "clicked", G_CALLBACK(on_button_clicked), webview);
}

int main(int argc,
         char *argv[]) {

    g_autoptr(GtkApplication)
    app = gtk_application_new("com.weiketing.webkit_webview", G_APPLICATION_DEFAULT_FLAGS);

    g_signal_connect(app, "activate", G_CALLBACK(on_activate), NULL);

    return g_application_run(G_APPLICATION(app), argc, argv);
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

/**

* @Time : 2021-04-04 12:18

* @Last Modified: 2022-12-10 17:27

* @File : webviewgtk.c

* @Description :

* 依赖下载：

* sudo apt install libwebkit2gtk-4.1-doc libwebkit2gtk-4.1-dev libgtk-3-dev

* gcc webviewgtk.c -o webviewgtk -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`

#include <gtk/gtk.h>

#include <glib.h>

#include <webkit2/webkit2.h>

#include <sys/types.h>

#include <unistd.h>

static void

web_view_javascript_finished(GObject *object,

GAsyncResult *result,

gpointer user_data) {

GError *error = NULL;

JSCValue *js_result = webkit_web_view_evaluate_javascript_finish(WEBKIT_WEB_VIEW(object),

result, &error);

if (!js_result) {

g_warning("Error running javascript: %s", error->message);

g_error_free(error);

return;

}

if (jsc_value_is_string(js_result)) {

gchar *str_value = jsc_value_to_string(js_result);

JSCException *exception = jsc_context_get_exception(jsc_value_get_context(js_result));

if (exception)

g_warning("Error running javascript: %s", jsc_exception_get_message(exception));

else

g_print("Script result: %s\n", str_value);

g_free(str_value);

} else {

g_warning("Error running javascript: unexpected return value");

}

static gboolean

on_webview_load_failed(WebKitWebView *webview,

WebKitLoadEvent load_event,

gchar *failing_uri,

GError *error,

gpointer user_data) {

g_printerr("%s: %s\n", failing_uri, error->message);

return FALSE;

}

static void

handle_script_message(WebKitUserContentManager *self,

WebKitJavascriptResult *js_result,

gpointer user_data) {

JSCValue *value = webkit_javascript_result_get_js_value(js_result);

gchar *str_value = jsc_value_to_string(value);

JSCException *exception = jsc_context_get_exception(jsc_value_get_context(value));

if (exception)

g_warning("Error running javascript: %s", jsc_exception_get_message(exception));

else

g_printerr("Script result: %s\n", str_value);

g_printerr("%s: %s\n", __func__, str_value);

g_free(str_value);

}

static gboolean

handle_script_message_with_reply(WebKitUserContentManager *self,

JSCValue *value,

WebKitScriptMessageReply *reply,

gpointer user_data) {

gchar *str_value = jsc_value_to_string(value);

JSCContext *context = jsc_value_get_context(value);

/* It is possible to handle the reply asynchronously,

* by simply calling g_object_ref() on the reply and returning TRUE.

* webkit_script_message_reply_ref(reply);

* async code here

* webkit_script_message_reply_unref(reply);

JSCValue *js_value = jsc_value_new_string(context, str_value);

webkit_script_message_reply_return_value(reply, js_value);

g_printerr("%s: %s\n", __func__, str_value);

g_free(str_value);

return TRUE; // TRUE to stop other handlers from being invoked for the event. FALSE to propagate the event further.

}

static void

on_button_clicked(GtkButton *button,

WebKitWebView *webview) {

static gint t = 0;

gchar buf[128] = {0};

g_snprintf(buf, sizeof(buf) - 1, "change_span_id('_n%d')", t);

t += 1;

// 在webview当前的html页面中直接运行js代码

webkit_web_view_evaluate_javascript(webview, buf, -1, NULL, NULL, NULL,

web_view_javascript_finished, NULL);

}

static void

webkit_web_extension_initialize(WebKitWebContext *context,

gpointer user_data) {

g_printerr("%s: %d\n", __FUNCTION__, getpid());

// 设置web extendsion扩张.so文件的搜索目录

webkit_web_context_set_web_extensions_directory(context, ".");

}

/**

** 创建window，添加webkit控件

**/

static void

on_activate(GtkApplication *app) {

g_assert(GTK_IS_APPLICATION(app));

GtkWindow *window = gtk_application_get_active_window(app);

if (window == NULL)

window = g_object_new(GTK_TYPE_WINDOW,

"application", app,

"default-width", 600,

"default-height", 300,

NULL);

// 注册处理web extensions的初始化函数

g_signal_connect(webkit_web_context_get_default(), "initialize-web-extensions",

G_CALLBACK(webkit_web_extension_initialize), NULL);

GtkWidget *webview = webkit_web_view_new();

g_signal_connect(webview, "load-failed", G_CALLBACK(on_webview_load_failed), NULL);

// 加载网页

GFile *file = g_file_new_for_path("webview.html");

gchar *uri = g_file_get_uri(file);

webkit_web_view_load_uri(WEBKIT_WEB_VIEW(webview), uri);

g_free(uri);

g_object_unref(file);

// 注册 window.webkit.messageHandlers.msgToNative.postMessage(value) 的回调函数

WebKitUserContentManager *manager = webkit_web_view_get_user_content_manager(

WEBKIT_WEB_VIEW(webview));

g_signal_connect(manager, "script-message-received::msgToNative",

G_CALLBACK(handle_script_message), NULL);

webkit_user_content_manager_register_script_message_handler(manager, "msgToNative");

// 注册 window.webkit.messageHandlers.msgToNativeReply.postMessage(value) 的回调函数

// 函数调用有返回值

g_signal_connect(manager, "script-message-with-reply-received::msgToNativeReply",

G_CALLBACK(handle_script_message_with_reply), NULL);

webkit_user_content_manager_register_script_message_handler_with_reply(manager,

"msgToNativeReply",

NULL);

/* Enable the developer extras */

WebKitSettings *setting = webkit_web_view_get_settings(WEBKIT_WEB_VIEW(webview));

g_object_set(G_OBJECT(settings), "enable-developer-extras", TRUE, NULL);

GtkWidget *vbox = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);

GtkWidget *button = gtk_button_new_with_label("change span");

gtk_box_pack_start(GTK_BOX(vbox), GTK_WIDGET(webview), TRUE, TRUE, 0);

gtk_box_pack_start(GTK_BOX(vbox), GTK_WIDGET(button), FALSE, TRUE, 0);

gtk_container_add(GTK_CONTAINER(window), GTK_WIDGET(vbox));

gtk_widget_show_all(GTK_WIDGET(vbox));

gtk_window_present(window);

g_signal_connect(button, "clicked", G_CALLBACK(on_button_clicked), webview);

}

int main(int argc,

char *argv[]) {

g_autoptr(GtkApplication)

app = gtk_application_new("com.weiketing.webkit_webview", G_APPLICATION_DEFAULT_FLAGS);

g_signal_connect(app, "activate", G_CALLBACK(on_activate), NULL);

return g_application_run(G_APPLICATION(app), argc, argv);

}

Web Extension Demo

/**
*
* Copyright (C) 2020 Wei Keting<weikting@gmail.com>. All rights reserved.
* @Time : 2021-04-04 12:18
* @File : web_exten.c
* @Description :
*
* 依赖下载：
* sudo apt install libwebkit2gtk-4.1-doc libwebkit2gtk-4.1-dev libgtk-3-dev
* gcc  web_exten.c -o libweb_exten.so -shared -Wl,-soname,libweb_exten.so -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`
**/

#include <glib.h>
#include <webkit2/webkit-web-extension.h>
#include <sys/types.h>
#include <unistd.h>

static gint
js_app_add(gpointer *first, gint num) {
    static gint N = 0;
    g_printerr("%s: %p\n", __FUNCTION__, first);
    N += num;
    return N;
}

static void
window_object_cleared_callback(WebKitScriptWorld *world,
                               WebKitWebPage *web_page,
                               WebKitFrame *frame,
                               gpointer user_data) {
    JSCContext *jsContext;

    jsContext = webkit_frame_get_js_context_for_script_world(frame, world);

    //添加一个js全局变量gtkValue
    jsc_context_set_value(jsContext, "gtkValue",
                          jsc_value_new_string(jsContext, "__test_js_exten"));
    /* Use JSC API to add the JavaScript code you want */

    //注册一个名为NativeTest的js类
    JSCClass *app = jsc_context_register_class(jsContext, "NativeTest", NULL, NULL,
                                               NULL); // g_object_new(JSC_TYPE_CLASS, "name", "JSApp", "context", jsContext, NULL);


    //给JSCClass类添加add方法
    jsc_class_add_method(app, "add", G_CALLBACK(js_app_add), NULL, NULL, G_TYPE_INT, 1, G_TYPE_INT,
                         NULL);

    //创建一个obj，作为JSCClass类绑定实例，JSCClass方法回调的第一个参数就是obj
    GObject *obj = g_object_new(G_TYPE_OBJECT, NULL);
    jsc_context_set_value(jsContext, "GtkNative", jsc_value_new_object(jsContext, obj, app));
    g_printerr("%s: %d %p\n", __FUNCTION__, getpid(), obj);
    g_object_unref(obj);
}

G_MODULE_EXPORT void
webkit_web_extension_initialize(WebKitWebExtension *extension) {
    //web extension的初始化函数
    g_signal_connect(webkit_script_world_get_default(),
                     "window-object-cleared",
                     G_CALLBACK(window_object_cleared_callback),
                     NULL);
}

/**

* @Time : 2021-04-04 12:18

* @File : web_exten.c

* @Description :

* 依赖下载：

* sudo apt install libwebkit2gtk-4.1-doc libwebkit2gtk-4.1-dev libgtk-3-dev

* gcc web_exten.c -o libweb_exten.so -shared -Wl,-soname,libweb_exten.so -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`

**/

#include <glib.h>

#include <webkit2/webkit-web-extension.h>

#include <sys/types.h>

#include <unistd.h>

static gint

js_app_add(gpointer *first, gint num) {

static gint N = 0;

g_printerr("%s: %p\n", __FUNCTION__, first);

N += num;

return N;

}

static void

window_object_cleared_callback(WebKitScriptWorld *world,

WebKitWebPage *web_page,

WebKitFrame *frame,

gpointer user_data) {

JSCContext *jsContext;

jsContext = webkit_frame_get_js_context_for_script_world(frame, world);

//添加一个js全局变量gtkValue

jsc_context_set_value(jsContext, "gtkValue",

jsc_value_new_string(jsContext, "__test_js_exten"));

/* Use JSC API to add the JavaScript code you want */

//注册一个名为NativeTest的js类

JSCClass *app = jsc_context_register_class(jsContext, "NativeTest", NULL, NULL,

NULL); // g_object_new(JSC_TYPE_CLASS, "name", "JSApp", "context", jsContext, NULL);

//给JSCClass类添加add方法

jsc_class_add_method(app, "add", G_CALLBACK(js_app_add), NULL, NULL, G_TYPE_INT, 1, G_TYPE_INT,

NULL);

//创建一个obj，作为JSCClass类绑定实例，JSCClass方法回调的第一个参数就是obj

GObject *obj = g_object_new(G_TYPE_OBJECT, NULL);

jsc_context_set_value(jsContext, "GtkNative", jsc_value_new_object(jsContext, obj, app));

g_printerr("%s: %d %p\n", __FUNCTION__, getpid(), obj);

g_object_unref(obj);

}

G_MODULE_EXPORT void

webkit_web_extension_initialize(WebKitWebExtension *extension) {

//web extension的初始化函数

g_signal_connect(webkit_script_world_get_default(),

"window-object-cleared",

G_CALLBACK(window_object_cleared_callback),

NULL);

}

内嵌的网页示例 webview.html

<!DOCTYPE html>
<html lang="zh">
<!--filename: webview.html -->
 
<head>
    <meta charset="utf-8" />
    <meta http-equiv="Content-Language" content="zh-CN">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <meta name="referrer" content="always" />
    <title>Webkit Webview test</title>
    <script type="text/javascript">
 
        function change_span_id(v = '') {
            //alert("test")
            document.getElementById('span_id').innerHTML = 'test' + v + gtkValue
            return v
        }
 
        function native_add(num) {
            //调用自定义添加的js接口
            i = GtkNative.add(num)
            document.getElementById('add').innerHTML = i
        }
 
        function send2Gtk() {
            e = document.getElementById('msg')
            window.webkit.messageHandlers.msgToNative.postMessage(e.value)
        }

        async function send2GtkReply() {
            e = document.getElementById('msgReply')
            // 调用自定义添加的js接口，并获取返回值
            res = await window.webkit.messageHandlers.msgToNativeReply.postMessage(e.value)
            document.getElementById('span_id').innerHTML = res
        }        
    </script>
</head>
 
<body>
    <span>words for test: </span><span id="span_id"></span>
    <br />
    <button onclick="change_span_id()">change span id</button>
    <br />
    <span>Native add: </span><span id='add'></span>
    <br />
    <button onclick="native_add(2)">Native Add</button>
    <br />
    <input type="text" id="msg" />
    <br />
    <button onclick="send2Gtk()">Send to Native</button>
    <br />
    <input type="text" id="msgReply" />
    <br />
    <button onclick="send2GtkReply()">Send to Native Wait Reply</button>
</body>
 
</html>

<!DOCTYPE html>

<head>

<title>Webkit Webview test</title>

function change_span_id(v = '') {

//alert("test")

document.getElementById('span_id').innerHTML = 'test' + v + gtkValue

return v

}

function native_add(num) {

//调用自定义添加的js接口

i = GtkNative.add(num)

document.getElementById('add').innerHTML = i

}

function send2Gtk() {

e = document.getElementById('msg')

window.webkit.messageHandlers.msgToNative.postMessage(e.value)

}

async function send2GtkReply() {

e = document.getElementById('msgReply')

// 调用自定义添加的js接口，并获取返回值

res = await window.webkit.messageHandlers.msgToNativeReply.postMessage(e.value)

document.getElementById('span_id').innerHTML = res

}

</script>

</head>

<body>

<span>words for test: </span><span id="span_id"></span>

<br />

<button onclick="change_span_id()">change span id</button>

<br />

<span>Native add: </span><span id='add'></span>

<br />

<button onclick="native_add(2)">Native Add</button>

<br />

<br />

<button onclick="send2Gtk()">Send to Native</button>

<br />

<br />

<button onclick="send2GtkReply()">Send to Native Wait Reply</button>

</body>

</html>

示例运行

安装依赖：

$ sudo apt install libwebkit2gtk-4.1-doc libwebkit2gtk-4.1-dev libgtk-3-dev

1	$ sudo apt install libwebkit2gtk-4.1-doc libwebkit2gtk-4.1-dev libgtk-3-dev

把webviewgtk.c，web_exten.c，webview.html 放在同一目录下。

编译程序：

$ gcc web_exten.c -o libweb_exten.so -shared -Wl,-soname,libweb_exten.so -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1` 

$ gcc webviewgtk.c -o webviewgtk -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`

$ gcc web_exten.c -o libweb_exten.so -shared -Wl,-soname,libweb_exten.so -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`

$ gcc webviewgtk.c -o webviewgtk -D_GNU_SOURCE -g3 -Wall `pkg-config --cflags --libs webkit2gtk-4.1`

运行程序：

$ ./webviewgtk

1	$ ./webviewgtk

参考链接

应用内嵌WebKitGTK报错“Unacceptable TLS certificate”

在 ubuntu 24.04 系统开发内嵌 webkit2gtk-4.1 的应用，打开部分 HTTPS 网页报错“Unacceptable TLS certificate”，如下图：

但是相同的页面使用 FireFox/Safari/Chrome/IE/Edge 等主流浏览器打开都是正常显示的。

调试代码，发现是 WebKitWebView 的 on_load_failed_with_tls_errors 回调函数返回了错误 G_TLS_CERTIFICATE_GENERIC_ERROR（64），如下图：

于是安装 Gnome 官方的浏览器 Epiphany 进行测试，该浏览器底层也是调用 WebKit2GTK，在 ubuntu 24.04 系统，可以执行如下命令进行安装：

$ sudo apt install epiphany-browser

1	$ sudo apt install epiphany-browser

打开相同的页面，同样报错，显示服务器不可信。

由于 WebKit2GTK 底层的 TLS 通信调用库调用的是 GnuTLS 。于是尝试通过命令行对 TLS 证书认证过程进行验证，执行如下命令：

$ sudo apt install gnutls-bin

$ gnutls-cli www.xxxx.com
Processed 146 CA certificate(s).
Resolving 'www.xxxx.com:443'...
Connecting to 'xxx.xxx.xxx.xxx:443'...

........................................................................

........................................................................

- Certificate[4] info:
 - subject `CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE', issuer `CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE', serial xxxxxx, RSA key 2048 bits, signed using RSA-SHA1 (broken!), activated `xxxx-xx-xx xx:xx:xx UTC', expires `xxxx-xx-xx xx:xx:xx UTC', pin-sha256="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
- Status: The certificate is NOT trusted. The certificate chain violates the signer's constraints. 
*** PKI verification of server certificate failed...
*** Fatal error: Error in the certificate.

$ sudo apt install gnutls-bin

$ gnutls-cli www.xxxx.com

Processed 146 CA certificate(s).

Resolving 'www.xxxx.com:443'...

Connecting to 'xxx.xxx.xxx.xxx:443'...

........................................................................

- Certificate[4] info:

- subject `CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE', issuer `CN=Baltimore CyberTrust Root,OU=CyberTrust,O=Baltimore,C=IE', serial xxxxxx, RSA key 2048 bits, signed using RSA-SHA1 (broken!), activated `xxxx-xx-xx xx:xx:xx UTC', expires `xxxx-xx-xx xx:xx:xx UTC', pin-sha256="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

- Status: The certificate is NOT trusted. The certificate chain violates the signer's constraints.

*** PKI verification of server certificate failed...

*** Fatal error: Error in the certificate.

可以看到，网站的根证书无法通过 GnuTLS 的验证，原因在于网站的证书链中的根证书使用的 RSA-SHA1 签名，该类型签名存在 “弱哈希算法签名的SSL证书(CVE-2004-2761)漏洞” 进而被 GnuTLS 拒绝。

针对此问题的更详细的描述参考 GnuTLS 文档 8.2 Disabling algorithms and protocols 。

针对此问题的解决方法：

联系网站，更新证书，重新以 RSA-SHA256 签发证书。由于是公司内部网址，因此联系网络更新即可；
应用内嵌网站证书，通过 webkit_web_context_allow_tls_certificate_for_host 要求 webkit 通过提供的证书进行网站验证。此种情况适用于 APP 内嵌自己网站页面的情况，同样适用于自签名证书的情况；

如果纯粹测试，可以在加载页面之前调用

// 网站证书存在问题，此处仅为测试场景下，临时关闭TLS证书验证
auto context = webkit_web_view_get_context(WEBKIT_WEB_VIEW(web_view_));

// 低版本 4.0
webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);

// 高版本 4.1
auto manager = webkit_web_context_get_website_data_manager(context);
webkit_website_data_manager_set_tls_errors_policy(manager, WEBKIT_TLS_ERRORS_POLICY_IGNORE);

// 网站证书存在问题，此处仅为测试场景下，临时关闭TLS证书验证

auto context = webkit_web_view_get_context(WEBKIT_WEB_VIEW(web_view_));

// 低版本 4.0

webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);

// 高版本 4.1

auto manager = webkit_web_context_get_website_data_manager(context);

webkit_website_data_manager_set_tls_errors_policy(manager, WEBKIT_TLS_ERRORS_POLICY_IGNORE);

要求 webkit 无视证书错误。此方法生产环境不可取，非常不安全，仅可用于内部测试；

此方案目前测试已经不可用：~~调用 gnutls_sign_set_secure_for_certs API 许可部分不安全的证书签名算法~~

// pkg_check_modules(GnuTLS REQUIRED IMPORTED_TARGET gnutls>=3.7.3) 
// target_link_libraries(${BINARY_NAME} PRIVATE PkgConfig::GnuTLS)

// #include <gnutls/gnutls.h>

gnutls_sign_set_secure_for_certs(GNUTLS_SIGN_RSA_SHA1, 1);

// pkg_check_modules(GnuTLS REQUIRED IMPORTED_TARGET gnutls>=3.7.3)

// target_link_libraries(${BINARY_NAME} PRIVATE PkgConfig::GnuTLS)

// #include <gnutls/gnutls.h>

gnutls_sign_set_secure_for_certs(GNUTLS_SIGN_RSA_SHA1, 1);

~~相对来说，联系不上网站的情况下，又需要在保证安全的前提下，尽量兼容网站，推荐此种方式；~~

自行接管证书验证过程，实现比较复杂，极其容易产生安全漏洞，不建议；

2025 年 3 月
一	二	三	四	五	六	日
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

WebView 存在的问题

AndroidX Webkit 的出现

AndroidX Webkit 的功能

向下兼容

代理功能支持

白名单代理

安全的 WebView 和 Native 通信支持

文件传递

深色主题的支持

JavaScript and WebAssembly 执行引擎支持

更多支持

参考链接

前置条件

问题描述

参考链接

前置条件

问题描述

参考链接

解决方法：

参考链接

前置条件

解决方案

参考链接

安装

配置文件

命令示例

参考链接

参考链接

前置条件

内容详情

Gtk嵌入网页Demo程序

Web Extension Demo

示例运行

参考链接

参考链接