/** * @license * Copyright 2022-2026 Matter.js Authors * SPDX-License-Identifier: Apache-2.0 */ import { Bytes } from "#util/Bytes.js"; import { MaybePromise } from "#util/Promises.js"; import * as mod from "@noble/curves/abstract/modular.js"; import * as utils from "@noble/curves/utils.js"; import { Entropy } from "../util/Entropy.js"; import { EcdsaSignature } from "./EcdsaSignature.js"; import type { PrivateKey, PublicKey } from "./Key.js"; export declare const ec: { mod(a: bigint, b: bigint): bigint; pow(num: bigint, power: bigint, modulo: bigint): bigint; pow2(x: bigint, power: bigint, modulo: bigint): bigint; invert(number: bigint, modulo: bigint): bigint; tonelliShanks(P: bigint): (Fp: mod.IField, n: T) => T; FpSqrt(P: bigint): (Fp: mod.IField, n: T) => T; validateField(field: mod.IField): mod.IField; FpPow(Fp: mod.IField, num: T, power: bigint): T; FpInvertBatch(Fp: mod.IField, nums: T[], passZero?: boolean): T[]; FpDiv(Fp: mod.IField, lhs: T, rhs: T | bigint): T; FpLegendre(Fp: mod.IField, n: T): -1 | 0 | 1; FpIsSquare(Fp: mod.IField, n: T): boolean; nLength(n: bigint, nBitLength?: number): mod.NLength; Field(ORDER: bigint, opts?: Partial<{ isLE: boolean; BITS: number; sqrt: (n: bigint) => bigint; allowedLengths?: readonly number[]; modFromBytes: boolean; }>): Readonly & Required, "isOdd">>>; FpSqrtOdd(Fp: mod.IField, elm: T): T; FpSqrtEven(Fp: mod.IField, elm: T): T; getFieldBytesLength(fieldOrder: bigint): number; getMinHashLength(fieldOrder: bigint): number; mapHashToField(key: Uint8Array, fieldOrder: bigint, isLE?: boolean): Uint8Array; isNegativeLE: (num: bigint, modulo: bigint) => boolean; abool(value: boolean, title?: string): boolean; asafenumber(value: number, title?: string): void; numberToHexUnpadded(num: number | bigint): string; hexToNumber(hex: string): bigint; bytesToNumberBE(bytes: Uint8Array): bigint; bytesToNumberLE(bytes: Uint8Array): bigint; numberToBytesBE(n: number | bigint, len: number): Uint8Array; numberToBytesLE(n: number | bigint, len: number): Uint8Array; numberToVarBytesBE(n: number | bigint): Uint8Array; equalBytes(a: Uint8Array, b: Uint8Array): boolean; copyBytes(bytes: Uint8Array): Uint8Array; asciiToBytes(ascii: string): Uint8Array; inRange(n: bigint, min: bigint, max: bigint): boolean; aInRange(title: string, n: bigint, min: bigint, max: bigint): void; bitLen(n: bigint): number; bitGet(n: bigint, pos: number): bigint; bitSet(n: bigint, pos: number, value: boolean): bigint; createHmacDrbg(hashLen: number, qByteLen: number, hmacFn: (key: Uint8Array, message: Uint8Array) => Uint8Array): (seed: Uint8Array, predicate: (v: Uint8Array) => T | undefined) => T; validateObject(object: Record, fields?: Record, optFields?: Record): void; memoized(fn: (arg: T, ...args: O) => R): (arg: T, ...args: O) => R; abytes: typeof utils.abytes; anumber: typeof utils.anumber; bytesToHex: typeof utils.bytesToHex; concatBytes: typeof utils.concatBytes; hexToBytes: typeof utils.hexToBytes; isBytes: typeof utils.isBytes; randomBytes: typeof utils.randomBytes; bitMask: (n: number) => bigint; notImplemented: () => never; p256: import("@noble/curves/abstract/weierstrass.js").ECDSA; }; export declare const CRYPTO_ENCRYPT_ALGORITHM = "aes-128-ccm"; export declare const CRYPTO_HASH_ALGORITHM = "sha256"; export declare const CRYPTO_EC_CURVE = "prime256v1"; export declare const CRYPTO_EC_KEY_BYTES = 32; export declare const CRYPTO_AUTH_TAG_LENGTH = 16; export declare const CRYPTO_SYMMETRIC_KEY_LENGTH = 16; /** * Hash algorithms identified by IANA Hash Function identifiers. * Based on FIPS 180-4 Section 6.2 and FIPS 202. * * The enum values are the FIPS-defined algorithm IDs. */ export type HashAlgorithm = "SHA-256" | "SHA-512" | "SHA-384" | "SHA-512/224" | "SHA-512/256" | "SHA3-256"; export declare const HASH_ALGORITHM_OUTPUT_LENGTHS: Record; export declare enum HashFipsAlgorithmId { "SHA-256" = 1, "SHA-512" = 7, "SHA-384" = 8, "SHA-512/224" = 10, "SHA-512/256" = 11, "SHA3-256" = 12 } /** * These are the cryptographic primitives required to implement the Matter protocol. * * We provide a platform-independent implementation that uses Web Crypto via {@link crypto.subtle} and a JS-based * AES-CCM implementation. * * If your platform does not fully implement Web Crypto, or offers a native implementation of AES-CCM, you can replace * the implementation in {@link Environment.default}. * * WARNING: The standard implementation is unaudited. See relevant warnings in StandardCrypto.ts. */ export declare abstract class Crypto extends Entropy { /** * The name used in log messages. */ abstract implementationName: string; /** * Encrypt using AES-CCM with constants limited to those required by Matter. */ abstract encrypt(key: Bytes, data: Bytes, nonce: Bytes, aad?: Bytes): Bytes; /** * Decrypt using AES-CCM with constants limited to those required by Matter. */ abstract decrypt(key: Bytes, data: Bytes, nonce: Bytes, aad?: Bytes): Bytes; /** * Compute a cryptographic hash using the specified algorithm. If no algorithm is specified, SHA-256 is used. */ abstract computeHash(data: Bytes | Bytes[] | ReadableStreamDefaultReader | AsyncIterator, algorithm?: HashAlgorithm): MaybePromise; /** * Create a key from a secret using PBKDF2. */ abstract createPbkdf2Key(secret: Bytes, salt: Bytes, iteration: number, keyLength: number): MaybePromise; /** * Create a key from a secret using HKDF. */ abstract createHkdfKey(secret: Bytes, salt: Bytes, info: Bytes, length?: number): MaybePromise; /** * Create an HMAC signature. */ abstract signHmac(key: Bytes, data: Bytes): MaybePromise; /** * Create an ECDSA signature. */ abstract signEcdsa(privateKey: JsonWebKey, data: Bytes | Bytes[]): MaybePromise; /** * Authenticate an ECDSA signature. */ abstract verifyEcdsa(publicKey: JsonWebKey, data: Bytes, signature: EcdsaSignature): MaybePromise; /** * Create a general-purpose EC key. */ abstract createKeyPair(): MaybePromise; /** * Compute the shared secret for a Diffie-Hellman exchange. */ abstract generateDhSecret(key: PrivateKey, peerKey: PublicKey): MaybePromise; reportUsage(component?: string): void; } //# sourceMappingURL=Crypto.d.ts.map