class Matter::Crypto::StandardCrypto

Overview

Standard OpenSSL-based implementation

Defined in:

matter/crypto/crypto.cr

Instance Method Summary

Instance methods inherited from class Matter::Crypto::CryptoBase

compute_sha256(data : Bytes | Array(Bytes)) : Bytes compute_sha256, create_hkdf_key(secret : Bytes, salt : Bytes, info : Bytes, length : Int32 = 32) : Bytes create_hkdf_key, create_key_pair : Key create_key_pair, create_pbkdf2_key(secret : Bytes, salt : Bytes, iterations : Int32, key_length : Int32) : Bytes create_pbkdf2_key, decrypt(key : Bytes, data : Bytes, nonce : Bytes, aad : Bytes | Nil = nil) : Bytes decrypt, encrypt(key : Bytes, data : Bytes, nonce : Bytes, aad : Bytes | Nil = nil) : Bytes encrypt, generate_dh_secret(private_key : Key, peer_public_key : Key) : Bytes generate_dh_secret, implementation_name : String implementation_name, random_big_int(size : Int32, max_value : BigInt | Nil = nil) : BigInt random_big_int, random_bytes(length : Int32) : Bytes random_bytes, random_uint16 : UInt16 random_uint16, random_uint32 : UInt32 random_uint32, random_uint64 : UInt64 random_uint64, random_uint8 : UInt8 random_uint8, report_usage(component : String | Nil = nil) report_usage, sign_ecdsa(private_key : Key, data : Bytes | Array(Bytes), dsa_encoding : String = "ieee-p1363") : Bytes sign_ecdsa, sign_hmac(key : Bytes, data : Bytes) : Bytes sign_hmac, verify_ecdsa(public_key : Key, data : Bytes, signature : Bytes, dsa_encoding : String = "ieee-p1363") : Nil verify_ecdsa

Instance Method Detail

def build_ec_private_key_der(priv : Bytes, pub : Bytes) : Bytes #

Build SEC1 DER format for EC private key

TODO Make private after testing


[View source]
def build_ec_public_key_der(pub : Bytes) : Bytes #

Build SPKI DER format for EC public key

TODO Make private after testing


[View source]
def compute_sha256(data : Bytes | Array(Bytes)) : Bytes #

[View source]
def create_hkdf_key(secret : Bytes, salt : Bytes, info : Bytes, length : Int32 = 32) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Derive key using HKDF with SHA-256 @param secret Input key material @param salt Salt value @param info Context/application specific info @param length Desired output length (default 32 bytes) @return Derived key


[View source]
def create_key_pair : Key #
Description copied from class Matter::Crypto::CryptoBase

Generate an EC P-256 key pair @return New private key (includes public key)


[View source]
def create_pbkdf2_key(secret : Bytes, salt : Bytes, iterations : Int32, key_length : Int32) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Derive key using PBKDF2 with SHA-256 @param secret Secret/password @param salt Salt value @param iterations Iteration count @param key_length Desired key length @return Derived key


[View source]
def decrypt(key : Bytes, data : Bytes, nonce : Bytes, aad : Bytes | Nil = nil) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Decrypt using AES-128-CCM with Matter-specific parameters @param key 16-byte AES key @param data Ciphertext with authentication tag @param nonce 13-byte nonce @param aad Additional authenticated data (optional) @return Plaintext @raise Exception if authentication fails


[View source]
def der_to_pem(der : Bytes, label : String) : String #

Convert DER to PEM format

TODO Make private after testing


[View source]
def encrypt(key : Bytes, data : Bytes, nonce : Bytes, aad : Bytes | Nil = nil) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Encrypt using AES-128-CCM with Matter-specific parameters @param key 16-byte AES key @param data Plaintext to encrypt @param nonce 13-byte nonce @param aad Additional authenticated data (optional) @return Ciphertext with 16-byte authentication tag appended


[View source]
def generate_dh_secret(private_key : Key, peer_public_key : Key) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Compute shared secret using ECDH @param private_key Local private key @param peer_public_key Peer's public key @return Shared secret (32 bytes for P-256)


[View source]
def implementation_name : String #
Description copied from class Matter::Crypto::CryptoBase

The implementation name for logging


[View source]
def random_bytes(length : Int32) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Generate cryptographically secure random bytes @param length Number of bytes to generate @return Random bytes


[View source]
def sign_ecdsa(private_key : Key, data : Bytes | Array(Bytes), dsa_encoding : String = "ieee-p1363") : Bytes #

[View source]
def sign_hmac(key : Bytes, data : Bytes) : Bytes #
Description copied from class Matter::Crypto::CryptoBase

Create HMAC-SHA256 signature @param key HMAC key @param data Data to sign @return HMAC signature


[View source]
def verify_ecdsa(public_key : Key, data : Bytes, signature : Bytes, dsa_encoding : String = "ieee-p1363") : Nil #
Description copied from class Matter::Crypto::CryptoBase

Verify ECDSA signature using P-256 @param public_key EC public key @param data Data that was signed @param signature Signature to verify @param dsa_encoding Signature encoding format @raise Exception if verification fails


[View source]