edhoc
Version:
A Node.js implementation of EDHOC (Ephemeral Diffie-Hellman Over COSE) protocol for lightweight authenticated key exchange in IoT and other constrained environments.
168 lines • 6.23 kB
TypeScript
export declare class EdhocError extends Error {
constructor(message: string);
}
export declare class EdhocCipherSuiteError extends EdhocError {
readonly peerCipherSuites: number[];
constructor(message: string, peerCipherSuites: number[]);
}
export declare enum EdhocCredentialsFormat {
kid = 4,
x5chain = 33,
x5t = 34
}
export interface EdhocCredentials {
format: EdhocCredentialsFormat;
privateKey?: Buffer;
publicKey?: Buffer;
}
export interface EdhocCredentialsKID extends EdhocCredentials {
format: EdhocCredentialsFormat.kid;
kid: {
kid: number | Buffer;
credentials?: Buffer;
isCBOR?: boolean;
};
}
export interface EdhocCredentialsCertificateChain extends EdhocCredentials {
format: EdhocCredentialsFormat.x5chain;
x5chain: {
certificates: Buffer[];
};
}
export interface EdhocCredentialsCertificateHash extends EdhocCredentials {
format: EdhocCredentialsFormat.x5t;
x5t: {
certificate?: Buffer;
hash: Buffer;
hashAlgorithm: EdhocCredentialsCertificateHashAlgorithm;
};
}
export declare enum EdhocCredentialsCertificateHashAlgorithm {
Sha256 = -16,
Sha256_64 = -15
}
export interface EdhocCredentialManager {
fetch(edhoc: EDHOC): Promise<EdhocCredentials> | EdhocCredentials | never;
verify(edhoc: EDHOC, credentials: EdhocCredentials): Promise<EdhocCredentials> | EdhocCredentials | never;
}
export type EdhocPublicKey = Buffer;
export type EdhocPrivateKey = Buffer;
export interface PublicPrivateTuple {
publicKey: EdhocPublicKey;
privateKey: EdhocPrivateKey;
}
export interface EdhocCryptoManager {
generateKeyPair(edhoc: EDHOC): Promise<PublicPrivateTuple> | PublicPrivateTuple | never;
keyAgreement(edhoc: EDHOC, privateKey: Buffer, peerPublicKey: Buffer): Promise<Buffer> | Buffer | never;
sign(edhoc: EDHOC, privateKey: Buffer, input: Buffer): Promise<Buffer> | Buffer | never;
verify(edhoc: EDHOC, publicKey: Buffer, input: Buffer, signature: Buffer): Promise<boolean> | boolean | never;
hkdfExtract(edhoc: EDHOC, ikm: Buffer, salt: Buffer): Promise<Buffer> | Buffer | never;
hkdfExpand(edhoc: EDHOC, prk: Buffer, info: Buffer, length: number): Promise<Buffer> | Buffer | never;
encrypt(edhoc: EDHOC, key: Buffer, nonce: Buffer, aad: Buffer, plaintext: Buffer): Promise<Buffer> | Buffer | never;
decrypt(edhoc: EDHOC, key: Buffer, nonce: Buffer, aad: Buffer, ciphertext: Buffer): Promise<Buffer> | Buffer | never;
hash(edhoc: EDHOC, input: Buffer): Promise<Buffer> | Buffer | never;
}
export type EdhocConnectionID = number | Buffer;
export declare enum EdhocMethod {
Method0 = 0,
Method1 = 1,
Method2 = 2,
Method3 = 3
}
export declare enum EdhocSuite {
Suite0 = 0,
Suite1 = 1,
Suite2 = 2,
Suite3 = 3,
Suite4 = 4,
Suite5 = 5,
Suite6 = 6,
Suite24 = 24,
Suite25 = 25
}
export interface EdhocEAD {
label: number;
value: Buffer;
}
export interface EdhocOscoreContext {
masterSecret: Buffer;
masterSalt: Buffer;
senderId: Buffer;
recipientId: Buffer;
}
export declare class EDHOC {
connectionID: EdhocConnectionID;
get peerConnectionID(): EdhocConnectionID;
methods: EdhocMethod[];
get selectedMethod(): EdhocMethod;
set selectedMethod(v: EdhocMethod);
cipherSuites: EdhocSuite[];
get selectedSuite(): EdhocSuite;
set selectedSuite(v: EdhocSuite);
logger: (name: string, data: Buffer) => void;
private readonly credMgr;
private readonly crypto;
private _state;
private _role;
private _method;
private _suite;
private _suiteParams;
private _peerCid;
private _ephPrivateKey;
private _ephPub;
private _peerEphPub;
private _th;
private _prk2e;
private _prk3e2m;
private _prk4e3m;
private _prkOut;
private _prkExporter;
private _peerCredentials;
constructor(connectionID: EdhocConnectionID, methods: EdhocMethod[], suites: EdhocSuite[], credentials: EdhocCredentialManager, crypto: EdhocCryptoManager);
reset(): void;
composeMessage1(ead?: EdhocEAD[]): Promise<Buffer>;
processMessage1(message: Buffer): Promise<EdhocEAD[]>;
composeMessage2(ead?: EdhocEAD[]): Promise<Buffer>;
processMessage2(message: Buffer): Promise<EdhocEAD[]>;
composeMessage3(ead?: EdhocEAD[]): Promise<Buffer>;
processMessage3(message: Buffer): Promise<EdhocEAD[]>;
composeMessage4(ead?: EdhocEAD[]): Promise<Buffer>;
processMessage4(message: Buffer): Promise<EdhocEAD[]>;
exportOSCORE(): Promise<EdhocOscoreContext>;
exportKey(exporterLabel: number, length: number): Promise<Buffer>;
exportUsedPeerCredentials(): EdhocCredentials | null;
keyUpdate(context: Buffer): Promise<void>;
/** EDHOC-KDF(PRK, label, context, length) = HKDF-Expand(PRK, info, length)
* info is a CBOR sequence: label, context, length (NOT array-wrapped) */
private kdf;
/** HKDF-Extract(IKM, salt) */
private hkdfExtract;
/** Hash */
private hash;
/** PRK_3e2m: Methods 0,2 → PRK_2e; Methods 1,3 → Extract(SALT_3e2m, G_RX) */
private derivePrk3e2m;
/** PRK_4e3m: Methods 0,1 → PRK_3e2m; Methods 2,3 → Extract(SALT_4e3m, G_IX) */
private derivePrk4e3m;
private generateEphemeralKey;
private destroyEphemeralKey;
/** Determine MAC length based on role and method.
* Responder signature methods (0, 2): tag length; otherwise hash length.
* Initiator signature methods (0, 1): tag length; otherwise hash length. */
private macLength;
/** Build context bytes: << [C_R,] ID_CRED_x, TH, CRED_x, ?EAD >> */
private buildContext;
/** Build Enc_structure external_aad for CIPHERTEXT_3/4: ["Encrypt0", h'', TH] */
private buildEncAad;
/** Compute Signature_or_MAC for the local party */
private signOrMac;
/** Verify Signature_or_MAC from the peer */
private verifySignatureOrMac;
/** Build the external_aad bstr for Sig_structure: concatenation of CBOR items */
private buildSigExternalAad;
private aeadEncrypt;
private aeadDecrypt;
private xor;
private log;
private assertState;
}
//# sourceMappingURL=edhoc.d.ts.map