@particle/device-control-crypto
Elliptic Curve J-PAKE and AES CCM for Node.js and browsers.
Installation
npm install @particle/device-control-crypto --saveAPI
Ccm
A class implementing the CCM mode of operation for a block cipher.
Kind: global class
-
Ccm
- new Ccm(options)
-
.encrypt(data, nonce, [addData]) ⇒
Promise.<Uint8Array> -
.decrypt(data, nonce, [addData]) ⇒
Promise.<Uint8Array>
new Ccm(options)
Constructor.
| Param | Type | Default | Description |
|---|---|---|---|
| options | Object |
Options. | |
| options.encrypt | EncryptFunction |
Encryption function. | |
| options.nonceLength | Number |
Nonce length in bytes. The value must be in the range [7, 13]. | |
| [options.tagLength] | Number |
16 |
Length of the authentication tag in bytes: 4, 6, 8, 10, 12, 14 or 16. |
ccm.encrypt(data, nonce, [addData]) ⇒ Promise.<Uint8Array>
Encrypt a message.
Kind: instance method of Ccm
Returns: Promise.<Uint8Array> - Encrypted data. The authentication tag is appended to the encrypted data.
| Param | Type | Description |
|---|---|---|
| data | Uint8Array |
Data to encrypt. |
| nonce | Uint8Array |
Nonce. |
| [addData] | Uint8Array |
Additional authenticated data. |
ccm.decrypt(data, nonce, [addData]) ⇒ Promise.<Uint8Array>
Decrypt a message.
Kind: instance method of Ccm
Returns: Promise.<Uint8Array> - Decrypted data.
Throws:
- Throws an error if decryption fails.
| Param | Type | Description |
|---|---|---|
| data | Uint8Array |
Data to decrypt. The authentication tag must be appended to the encrypted data. |
| nonce | Uint8Array |
Nonce. |
| [addData] | Uint8Array |
Additional authenticated data. |
EcJpake
A class implementing the EC J-PAKE protocol as defined by the Thread specification.
Kind: global class
-
EcJpake
-
.getRound1() ⇒
Promise.<Uint8Array> -
.readRound1(buf) ⇒
Number -
.getRound2() ⇒
Promise.<Uint8Array> -
.readRound2(buf) ⇒
Number -
.deriveSecret() ⇒
Promise.<Uint8Array>
-
.getRound1() ⇒
ecJpake.getRound1() ⇒ Promise.<Uint8Array>
Generate a message for the first round of the protocol.
Kind: instance method of EcJpake
Returns: Promise.<Uint8Array> - Message data.
ecJpake.readRound1(buf) ⇒ Number
Read a message generated by the peer for the first round of the protocol.
Kind: instance method of EcJpake
Returns: Number - Number of bytes read.
| Param | Type | Description |
|---|---|---|
| buf | Uint8Array |
Message data. |
ecJpake.getRound2() ⇒ Promise.<Uint8Array>
Generate a message for the second round of the protocol.
Kind: instance method of EcJpake
Returns: Promise.<Uint8Array> - Message data.
ecJpake.readRound2(buf) ⇒ Number
Read a message generated by the peer for the second round of the protocol.
Kind: instance method of EcJpake
Returns: Number - Number of bytes read.
| Param | Type | Description |
|---|---|---|
| buf | Uint8Array |
Message data. |
ecJpake.deriveSecret() ⇒ Promise.<Uint8Array>
Derive the shared secret.
Kind: instance method of EcJpake
Returns: Promise.<Uint8Array> - Shared secret.
createAes128Cipher(key) ⇒ EncryptFunction
Create an AES-128 cipher operating in ECB mode.
Kind: global function
Returns: EncryptFunction - Encryption function.
| Param | Type | Description |
|---|---|---|
| key | Uint8Array |
Encryption key. The key must be 16 bytes long. |
getRandomBytes(size) ⇒ Promise.<Uint8Array>
Generate cryptographically strong random data.
Kind: global function
Returns: Promise.<Uint8Array> - Random data.
| Param | Type | Description |
|---|---|---|
| size | Number |
Number of bytes to generate. |
EncryptFunction ⇒ Promise.<Uint8Array>
Encrypt a single block of data.
Kind: global typedef
Returns: Promise.<Uint8Array> - Ciphertext block.
| Param | Type | Description |
|---|---|---|
| block | Uint8Array |
Plaintext block. The block must be 16 bytes long. |
RandomFunction ⇒ Promise.<Uint8Array>
Constructor.
Kind: global typedef
Returns: Promise.<Uint8Array> - Random bytes.
| Param | Type | Default | Description |
|---|---|---|---|
| size | Number |
Number of random bytes to generate. | |
| options | Object |
Options. | |
| options.role | String |
Role of this peer: client or server. |
|
| options.secret |
String | Uint8Array
|
Pre-shared secret. | |
| [options.randomBytes] | RandomFunction |
getRandomBytes |
Cryptographically strong random generator function. |
| [options.curve] | String |
p256 |
Curve name. |
| [options.clientId] |
String | Uint8Array
|
client |
Client identity. |
| [options.serverId] |
String | Uint8Array
|
server |
Server identity. |
NOTE: Unfortunately, docs have a nasty habit of falling out of date. When in doubt, check usage in tests