@particle/device-control-crypto
Elliptic Curve J-PAKE and AES CCM for Node.js and browsers.
Installation
npm install @particle/device-control-crypto --save
API
Ccm
A class implementing the CCM mode of operation for a block cipher.
Kind: global class
-
Ccm
- new Ccm(options)
-
.encrypt(data, nonce, [addData]) ⇒
Promise.<Uint8Array>
-
.decrypt(data, nonce, [addData]) ⇒
Promise.<Uint8Array>
new Ccm(options)
Constructor.
Param | Type | Default | Description |
---|---|---|---|
options | Object |
Options. | |
options.encrypt | EncryptFunction |
Encryption function. | |
options.nonceLength | Number |
Nonce length in bytes. The value must be in the range [7, 13]. | |
[options.tagLength] | Number |
16 |
Length of the authentication tag in bytes: 4, 6, 8, 10, 12, 14 or 16. |
Promise.<Uint8Array>
ccm.encrypt(data, nonce, [addData]) ⇒ Encrypt a message.
Kind: instance method of Ccm
Returns: Promise.<Uint8Array>
- Encrypted data. The authentication tag is appended to the encrypted data.
Param | Type | Description |
---|---|---|
data | Uint8Array |
Data to encrypt. |
nonce | Uint8Array |
Nonce. |
[addData] | Uint8Array |
Additional authenticated data. |
Promise.<Uint8Array>
ccm.decrypt(data, nonce, [addData]) ⇒ Decrypt a message.
Kind: instance method of Ccm
Returns: Promise.<Uint8Array>
- Decrypted data.
Throws:
- Throws an error if decryption fails.
Param | Type | Description |
---|---|---|
data | Uint8Array |
Data to decrypt. The authentication tag must be appended to the encrypted data. |
nonce | Uint8Array |
Nonce. |
[addData] | Uint8Array |
Additional authenticated data. |
EcJpake
A class implementing the EC J-PAKE protocol as defined by the Thread specification.
Kind: global class
-
EcJpake
-
.getRound1() ⇒
Promise.<Uint8Array>
-
.readRound1(buf) ⇒
Number
-
.getRound2() ⇒
Promise.<Uint8Array>
-
.readRound2(buf) ⇒
Number
-
.deriveSecret() ⇒
Promise.<Uint8Array>
-
.getRound1() ⇒
Promise.<Uint8Array>
ecJpake.getRound1() ⇒ Generate a message for the first round of the protocol.
Kind: instance method of EcJpake
Returns: Promise.<Uint8Array>
- Message data.
Number
ecJpake.readRound1(buf) ⇒ Read a message generated by the peer for the first round of the protocol.
Kind: instance method of EcJpake
Returns: Number
- Number of bytes read.
Param | Type | Description |
---|---|---|
buf | Uint8Array |
Message data. |
Promise.<Uint8Array>
ecJpake.getRound2() ⇒ Generate a message for the second round of the protocol.
Kind: instance method of EcJpake
Returns: Promise.<Uint8Array>
- Message data.
Number
ecJpake.readRound2(buf) ⇒ Read a message generated by the peer for the second round of the protocol.
Kind: instance method of EcJpake
Returns: Number
- Number of bytes read.
Param | Type | Description |
---|---|---|
buf | Uint8Array |
Message data. |
Promise.<Uint8Array>
ecJpake.deriveSecret() ⇒ Derive the shared secret.
Kind: instance method of EcJpake
Returns: Promise.<Uint8Array>
- Shared secret.
EncryptFunction
createAes128Cipher(key) ⇒ Create an AES-128 cipher operating in ECB mode.
Kind: global function
Returns: EncryptFunction
- Encryption function.
Param | Type | Description |
---|---|---|
key | Uint8Array |
Encryption key. The key must be 16 bytes long. |
Promise.<Uint8Array>
getRandomBytes(size) ⇒ Generate cryptographically strong random data.
Kind: global function
Returns: Promise.<Uint8Array>
- Random data.
Param | Type | Description |
---|---|---|
size | Number |
Number of bytes to generate. |
Promise.<Uint8Array>
EncryptFunction ⇒ Encrypt a single block of data.
Kind: global typedef
Returns: Promise.<Uint8Array>
- Ciphertext block.
Param | Type | Description |
---|---|---|
block | Uint8Array |
Plaintext block. The block must be 16 bytes long. |
Promise.<Uint8Array>
RandomFunction ⇒ Constructor.
Kind: global typedef
Returns: Promise.<Uint8Array>
- Random bytes.
Param | Type | Default | Description |
---|---|---|---|
size | Number |
Number of random bytes to generate. | |
options | Object |
Options. | |
options.role | String |
Role of this peer: client or server . |
|
options.secret |
String | Uint8Array
|
Pre-shared secret. | |
[options.randomBytes] | RandomFunction |
getRandomBytes |
Cryptographically strong random generator function. |
[options.curve] | String |
p256 |
Curve name. |
[options.clientId] |
String | Uint8Array
|
client |
Client identity. |
[options.serverId] |
String | Uint8Array
|
server |
Server identity. |
NOTE: Unfortunately, docs have a nasty habit of falling out of date. When in doubt, check usage in tests