Ios 如何加密字符串使用AES. GCM在Dart和解密相同的Swift

Although GCM is not listed as a supported operation mode in the encrypt package documentation (Usage section), as you have already found out yourself, newer versions support GCM (see issue#259 and GCM-example), so this package can be used.
Note that encrypt is only a high level wrapper for some PointyCastle functionalities, and that PointyCastle could be used directly as well.

Apart from the incorrect operation mode (see other answer), both codes are still incompatible even after changing the Dart code to GCM mode. This is due to the nonce size of 16 bytes applied.
For GCM, a 12 byte nonce is recommended, which should be adhered to for performance and compatibility reasons.
The Swift library supports a 16 bytes nonce, but not in the combined representation, which is used in the current code and which may only be used for a 12 bytes nonce.
Instead, the nonce, ciphertext and tag must be specified explicitly, i.e. they must be separated in the Swift code. Since the encrypt package uses the default tag length of 16 bytes and automatically appends the tag to the ciphertext, the data has the following structure: nonce (16 bytes) | ciphertext | tag (16 bytes), so that the parts can be separated using the known lengths of tag and nonce, e.g:

let keyData = Data(base64Encoded: "MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDE=")
let retrievedKey = SymmetricKey(data: keyData!)
...
let data = Data(base64Encoded: "fzKLLUhOLMW7qJ6YhfFnv5TX6sD5gg2F6JxWkwhu07RpceWCu12EXzxgCqyB8VHXkXDHOOczaMXHLiDmlZqBJjgEb8IpmKJc/aLc")! // generated with Dart code
let dataSize = data.count
let noncebytes = data[0..<16]
let ciphertext = data[16..<dataSize-16]
let tag = data[dataSize-16..<dataSize]

let nonce = try AES.GCM.Nonce(data: noncebytes)
let sealedBox = try AES.GCM.SealedBox(nonce: nonce, ciphertext: ciphertext, tag:tag)
let decryptedData = try AES.GCM.open(sealedBox, using: key)

print(String(data: decryptedData, encoding: .utf8)!) // The quick brown fox jumps over the lazy dog

请记住，在12字节的随机数的情况下，可以使用combined表示.在这种情况下，数据必须具有以下 struct :nonce (12 bytes) | ciphertext | tag (16 bytes).

Note that the name macValue in the Dart code is misleading. MAC is used as a synonym for the authentication tag. However, what you refer to as macValue is not the authentication tag but the additional authenticated data (AAD). This is data that does not need to be encrypted but should nevertheless be authenticated in order to ensure its integrity and authenticity.
In contrast, the authentication tag (or MAC) is generated automatically during encryption (and, depending on the library, either appended to the ciphertext or returned separately). This tag is used during decryption to check the integrity and authenticity of the data.

当前代码使用了一个空字符串作为AAD，即实际上没有AAD，因此在Swift代码中不需要考虑.然而，如果要使用AAD:在combined表示的情况下，AAD不能被连接，或者必须在传递给AES.GCM.SealedBox()之前被移除.AAD在AES.GCM.open()中明确指定(参见authenticating).

顺便说一句，如果AAD像在当前代码中那样级联(这是相当不寻常的)，解密侧必须知道它们的长度(至少如果密文长度不知道)，以便分离是可能的.