crypto

package
v3.24.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 9, 2023 License: Apache-2.0 Imports: 16 Imported by: 1

Documentation

Overview

Package crypto implements LoRaWAN crypto.

Package crypto implements LoRaWAN crypto.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ComputeDownlinkMIC 

func ComputeDownlinkMIC(key types.AES128Key, addr types.DevAddr, confFCnt uint32, fCnt uint32, payload []byte) ([4]byte, error)

ComputeDownlinkMIC computes the Downlink Message Integrity Code. - The payload contains MHDR | FHDR | FPort | FRMPayload - If this downlink has the ACK bit set, confFCnt must be set to the FCnt of the last uplink - The SNwkSIntKey is used

func ComputeJoinAcceptMIC 

func ComputeJoinAcceptMIC(jsIntKey types.AES128Key, joinReqType byte, joinEUI types.EUI64, dn types.DevNonce, payload []byte) ([4]byte, error)

ComputeJoinAcceptMIC computes the Message Integrity Code for a join-accept message - The payload contains MHDR | JoinNonce | NetID | DevAddr | DLSettings | RxDelay | (CFList | CFListType) - the joinReqType is 0xFF in reply to a join-request or the rejoin type in reply to a RejoinRequest

func ComputeJoinRequestMIC 

func ComputeJoinRequestMIC(key types.AES128Key, payload []byte) ([4]byte, error)

ComputeJoinRequestMIC computes the Message Integrity Code for a join-request message - The payload contains MHDR | JoinEUI/AppEUI | DevEUI | DevNonce - In LoRaWAN 1.0, the AppKey is used - In LoRaWAN 1.1, the NwkKey is used

func ComputeLegacyDownlinkMIC 

func ComputeLegacyDownlinkMIC(key types.AES128Key, addr types.DevAddr, fCnt uint32, payload []byte) ([4]byte, error)

ComputeLegacyDownlinkMIC computes the Downlink Message Integrity Code. - The payload contains MHDR | FHDR | FPort | FRMPayload - The NwkSKey is used

func ComputeLegacyJoinAcceptMIC 

func ComputeLegacyJoinAcceptMIC(key types.AES128Key, payload []byte) ([4]byte, error)

ComputeLegacyJoinAcceptMIC computes the Message Integrity Code for a join-accept message - The payload contains MHDR | JoinNonce/AppNonce | NetID | DevAddr | DLSettings | RxDelay | (CFList | CFListType) - In LoRaWAN 1.0, the AppKey is used - In LoRaWAN 1.1 with OptNeg=0, the NwkKey is used

func ComputeLegacyUplinkMIC 

func ComputeLegacyUplinkMIC(key types.AES128Key, addr types.DevAddr, fCnt uint32, payload []byte) ([4]byte, error)

ComputeLegacyUplinkMIC computes the Uplink Message Integrity Code. - The payload contains MHDR | FHDR | FPort | FRMPayload - The NwkSKey is used

func ComputePingOffset 

func ComputePingOffset(beaconTime uint32, devAddr types.DevAddr, pingPeriod uint16) (uint16, error)

func ComputeRejoinRequestMIC 

func ComputeRejoinRequestMIC(key types.AES128Key, payload []byte) ([4]byte, error)

ComputeRejoinRequestMIC computes the Message Integrity Code for a RejoinRequest message - For a type 0 or 2 RejoinRequest, the payload contains MHDR | RejoinType | NetID | DevEUI | RJcount0 - For a type 0 or 2 RejoinRequest, the SNwkSIntKey is used - For a type 1 RejoinRequest, the payload contains MHDR | RejoinType | JoinEUI | DevEUI | RJcount1 - For a type 1 RejoinRequest, the JSIntKey is used

func ComputeUplinkMIC 

func ComputeUplinkMIC(sNwkSIntKey, fNwkSIntKey types.AES128Key, confFCnt uint32, txDRIdx uint8, txChIdx uint8, addr types.DevAddr, fCnt uint32, payload []byte) ([4]byte, error)

ComputeUplinkMIC computes the Uplink Message Integrity Code. - The payload contains MHDR | FHDR | FPort | FRMPayload - If this uplink has the ACK bit set, confFCnt must be set to the FCnt of the last downlink.

func ComputeUplinkMICFromLegacy added in v3.9.2 

func ComputeUplinkMICFromLegacy(cmacF [4]byte, sNwkSIntKey types.AES128Key, confFCnt uint32, txDRIdx uint8, txChIdx uint8, addr types.DevAddr, fCnt uint32, payload []byte) ([4]byte, error)

ComputeUplinkMICFromLegacy computes the Uplink Message Integrity Code from legacy MIC. - The payload contains MHDR | FHDR | FPort | FRMPayload - If this uplink has the ACK bit set, confFCnt must be set to the FCnt of the last downlink.

func Decrypt added in v3.9.0 

func Decrypt(key types.AES128Key, encrypted []byte) ([]byte, error)

Decrypt decrypts an encrypted message. Uses AES128 keys in GCM (Galois/Counter Mode). 

func DecryptDownlink(key types.AES128Key, addr types.DevAddr, fCnt uint32, payload []byte, opts ...EncryptionOption) ([]byte, error)

DecryptDownlink decrypts a downlink payload - The payload contains the FRMPayload bytes - For FPort>0, the AppSKey is used - For FPort=0, the NwkSEncKey/NwkSKey is used

func DecryptJoinAccept 

func DecryptJoinAccept(key types.AES128Key, encrypted []byte) ([]byte, error)

DecryptJoinAccept uses AES Encrypt to decrypt a join-accept message - The returned payload contains JoinNonce/AppNonce | NetID | DevAddr | DLSettings | RxDelay | (CFList | CFListType) | MIC - In LoRaWAN 1.0, the AppKey is used - In LoRaWAN 1.1, the NwkKey or JSEncKey is used 

func DecryptUplink(key types.AES128Key, addr types.DevAddr, fCnt uint32, payload []byte, opts ...EncryptionOption) ([]byte, error)

DecryptUplink decrypts an uplink payload - The payload contains the FRMPayload bytes - For FPort>0, the AppSKey is used - For FPort=0, the NwkSEncKey/NwkSKey is used

func DeriveAppSKey 

func DeriveAppSKey(key types.AES128Key, jn types.JoinNonce, joinEUI types.EUI64, dn types.DevNonce) types.AES128Key

DeriveAppSKey derives the LoRaWAN Application Session Key - If a LoRaWAN 1.1 device joins a LoRaWAN 1.1 network, the AppKey is used as "key"

func DeriveFNwkSIntKey 

func DeriveFNwkSIntKey(nwkKey types.AES128Key, jn types.JoinNonce, joinEUI types.EUI64, dn types.DevNonce) types.AES128Key

DeriveFNwkSIntKey derives the LoRaWAN 1.1 Forwarding Network Session Integrity Key

func DeriveJSEncKey 

func DeriveJSEncKey(key types.AES128Key, devEUI types.EUI64) types.AES128Key

DeriveJSEncKey derives the Join Server Encryption Key

func DeriveJSIntKey 

func DeriveJSIntKey(key types.AES128Key, devEUI types.EUI64) types.AES128Key

DeriveJSIntKey derives the Join Server Integrity Key

func DeriveLegacyAppSKey 

func DeriveLegacyAppSKey(key types.AES128Key, jn types.JoinNonce, nid types.NetID, dn types.DevNonce) types.AES128Key

DeriveLegacyAppSKey derives the LoRaWAN Application Session Key - If a LoRaWAN 1.0 device joins a LoRaWAN 1.0/1.1 network, the AppKey is used as "key" - If a LoRaWAN 1.1 device joins a LoRaWAN 1.0 network, the NwkKey is used as "key"

func DeriveLegacyNwkSKey 

func DeriveLegacyNwkSKey(appKey types.AES128Key, jn types.JoinNonce, nid types.NetID, dn types.DevNonce) types.AES128Key

DeriveLegacyNwkSKey derives the LoRaWAN 1.0 Network Session Key. AppNonce is entered as JoinNonce. - If a LoRaWAN 1.0 device joins a LoRaWAN 1.0/1.1 network, the AppKey is used as "key" - If a LoRaWAN 1.1 device joins a LoRaWAN 1.0 network, the NwkKey is used as "key"

func DeriveNwkSEncKey 

func DeriveNwkSEncKey(nwkKey types.AES128Key, jn types.JoinNonce, joinEUI types.EUI64, dn types.DevNonce) types.AES128Key

DeriveNwkSEncKey derives the LoRaWAN 1.1 Network Session Encryption Key

func DeriveSNwkSIntKey 

func DeriveSNwkSIntKey(nwkKey types.AES128Key, jn types.JoinNonce, joinEUI types.EUI64, dn types.DevNonce) types.AES128Key

DeriveSNwkSIntKey derives the LoRaWAN 1.1 Serving Network Session Integrity Key

func Encrypt added in v3.9.0 

func Encrypt(key types.AES128Key, plaintext []byte) ([]byte, error)

Encrypt encrypts a plain text message. Uses AES128 keys in GCM (Galois/Counter Mode). Since GCM uses a nonce, the encrypted message will be different each time the operation is run for the same set of inputs. The returned cipher is in the format |nonce(12)|tag(16)|encrypted(plaintextLen)|. 

func EncryptDownlink(key types.AES128Key, addr types.DevAddr, fCnt uint32, payload []byte, opts ...EncryptionOption) ([]byte, error)

EncryptDownlink encrypts a downlink payload - The payload contains the FRMPayload bytes - For FPort>0, the AppSKey is used - For FPort=0, the NwkSEncKey/NwkSKey is used

func EncryptJoinAccept 

func EncryptJoinAccept(key types.AES128Key, payload []byte) ([]byte, error)

EncryptJoinAccept uses AES Decrypt to encrypt a join-accept message - The payload contains JoinNonce/AppNonce | NetID | DevAddr | DLSettings | RxDelay | (CFList | CFListType) | MIC - In LoRaWAN 1.0, the AppKey is used - In LoRaWAN 1.1, the NwkKey is used in reply to a JoinRequest - In LoRaWAN 1.1, the JSEncKey is used in reply to a RejoinRequest (type 0,1,2) 

func EncryptUplink(key types.AES128Key, addr types.DevAddr, fCnt uint32, payload []byte, opts ...EncryptionOption) ([]byte, error)

EncryptUplink encrypts an uplink payload - The payload contains the FRMPayload bytes - For FPort>0, the AppSKey is used - For FPort=0, the NwkSEncKey/NwkSKey is used

func HMACHash added in v3.22.0 

func HMACHash(key types.AES128Key, payload []byte) ([]byte, error)

HMACHash calculates the Keyed-Hash Message Authentication Code (HMAC, RFC 2104) hash of the data.

func RegisterCacheHit added in v3.9.0 

func RegisterCacheHit(ctx context.Context, cache CacheKey)

RegisterCacheHit registers a cache hit for the provided cache.

func RegisterCacheMiss added in v3.9.0 

func RegisterCacheMiss(ctx context.Context, cache CacheKey)

RegisterCacheMiss registers a cache miss for the provided cache.

func UnwrapKey 

func UnwrapKey(ciphertext, kek []byte) ([]byte, error)

UnwrapKey implements the RFC 3394 Unwrap algorithm

func WrapKey 

func WrapKey(plaintext, kek []byte) ([]byte, error)

WrapKey implements the RFC 3394 Wrap algorithm

Types

type CacheKey added in v3.24.0 

type CacheKey string

CacheKey is a cache key. 

const (
	CacheEncryptionKey     CacheKey = "key"
	CacheServerCertificate CacheKey = "server_certificate"
	CacheClientCertificate CacheKey = "client_certificate"
	CacheUnwrap            CacheKey = "unwrap"
)

Cache keys.

type ComponentKEKLabeler 

type ComponentKEKLabeler interface {
	NsKEKLabel(ctx context.Context, netID *types.NetID, addr string) string
	AsKEKLabel(ctx context.Context, addr string) string
}

ComponentKEKLabeler provides KEK labels for components.

type EncryptionOption added in v3.19.2 

type EncryptionOption func(*encryptionOptions)

EncryptionOption encapsulates custom LoRaWAN encryption options.

func WithFrameTypeConstant added in v3.19.2 

func WithFrameTypeConstant(identifier [4]byte) EncryptionOption

WithFrameTypeConstant specifies which bytes are to be used for positions [1:5] during encryption. These 4 bytes uniquely identify the frame type in order to avoid collisions between different frames which may have the same counter values. See the `FOpts Encryption, Usage of FCntDwn Errata on the LoRaWAN L2 1.1 Specification` erratum for more details on why these collisions may be an issue and which values are used by different frame types. In the absence of this option, the constant [0x00, 0x00, 0x00, 0x00] is used.

type KeyService added in v3.24.0 

type KeyService interface {
	// Wrap implements the RFC 3394 AES Key Wrap algorithm. Only keys of 16, 24 or 32 bytes are accepted.
	// Keys are referenced using the KEK labels.
	Wrap(ctx context.Context, plaintext []byte, kekLabel string) ([]byte, error)
	// Unwrap implements the RFC 3394 AES Key Unwrap algorithm. Only keys of 16, 24 or 32 bytes are accepted.
	// Keys are referenced using the KEK labels.
	Unwrap(ctx context.Context, ciphertext []byte, kekLabel string) ([]byte, error)

	// Encrypt encrypts messages of variable length using AES 128 GCM.
	// The encryption key is referenced using the label.
	Encrypt(ctx context.Context, plaintext []byte, label string) ([]byte, error)
	// Decrypt decrypts messages of variable length using AES 128 GCM.
	// The encryption key is referenced using the label.
	Decrypt(ctx context.Context, ciphertext []byte, label string) ([]byte, error)

	// ServerCertificate returns the X.509 certificate and private key of the given label.
	ServerCertificate(ctx context.Context, label string) (tls.Certificate, error)

	// ClientCertificate returns the X.509 client certificate and private key.
	// If the label is empty, the default client certificate is returned. This can be an issued certificate or a
	// self-signed certificate, depending on the underlying key vault.
	// If the label is not empty, the certificate with the given label is returned.
	ClientCertificate(ctx context.Context, label string) (tls.Certificate, error)

	// HMACHash calculates the Keyed-Hash Message Authentication Code (HMAC, RFC 2104) hash of the data.
	// The AES key used for hashing is referenced using the label.
	HMACHash(ctx context.Context, payload []byte, label string) ([]byte, error)
}

KeyService provides common cryptographic operations.

func NewKeyService added in v3.24.0 

func NewKeyService(vault KeyVault) KeyService

NewKeyService returns a new KeyService.

type KeyVault 

type KeyVault interface {
	Key(ctx context.Context, label string) ([]byte, error)
	ServerCertificate(ctx context.Context, label string) (tls.Certificate, error)
	ClientCertificate(ctx context.Context, label string) (tls.Certificate, error)
}

KeyVault provides access to private keys.

Source Files

View all Source files

Directories

Path Synopsis
Package cryptoservices implements services for LoRaWAN cryptograhpy.
 Package cryptoservices implements services for LoRaWAN cryptograhpy.
Package cryptoutil implements cryptography utilities.
 Package cryptoutil implements cryptography utilities.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.