Crypto Operations APIs

List of Crypto Operations APIs.

The `NetworkCryptoService` service

Method	`NetworkCryptoService.JoinRequestMIC`
Description	Calculate the join-request message MIC.
Request type	`CryptoServicePayloadRequest`
Response type	`CryptoServicePayloadResponse`
HTTP bindings

Method	`NetworkCryptoService.JoinAcceptMIC`
Description	Calculate the join-accept message MIC.
Request type	`JoinAcceptMICRequest`
Response type	`CryptoServicePayloadResponse`
HTTP bindings

Method	`NetworkCryptoService.EncryptJoinAccept`
Description	Encrypt the join-accept payload.
Request type	`CryptoServicePayloadRequest`
Response type	`CryptoServicePayloadResponse`
HTTP bindings

Method	`NetworkCryptoService.EncryptRejoinAccept`
Description	Encrypt the rejoin-accept payload.
Request type	`CryptoServicePayloadRequest`
Response type	`CryptoServicePayloadResponse`
HTTP bindings

Method	`NetworkCryptoService.DeriveNwkSKeys`
Description	Derive network session keys (NwkSKey, or FNwkSKey, SNwkSKey and NwkSEncKey)
Request type	`DeriveSessionKeysRequest`
Response type	`NwkSKeysResponse`
HTTP bindings

Method	`NetworkCryptoService.GetNwkKey`
Description	Get the NwkKey. Crypto Servers may return status code FAILED_PRECONDITION when root keys are not exposed.
Request type	`GetRootKeysRequest`
Response type	`KeyEnvelope`
HTTP bindings

Messages

Message `ApplicationIdentifiers`

Show object example

{
  "application_id": "",
}

Fields:

Field application_id

Type string

Description

Field	`application_id`
Type	`string`
Description	`max_len`: `36` `pattern`: `^[a-z0-9](?:[-]?[a-z0-9]){2,}$`

max_len: 36

pattern: ^[a-z0-9](?:[-]?[a-z0-9]){2,}$

Message `CryptoServicePayloadRequest`

Show object example

{
  "ids": {},
  "lorawan_version": "MAC_UNKNOWN",
  "payload": "",
  "provisioner_id": "",
  "provisioning_data": {},
}

Fields:

Field ids

Type EndDeviceIdentifiers

Description

Field	`ids`
Type	`EndDeviceIdentifiers`
Description	End device identifiers for the cryptographic operation. `required`

End device identifiers for the cryptographic operation.

required

Field lorawan_version

Type MACVersion

Description

Field	`lorawan_version`
Type	`MACVersion`
Description	LoRaWAN version to use for the cryptographic operation. `defined_only`

LoRaWAN version to use for the cryptographic operation.

defined_only

Field payload

Type bytes

Description

Raw input payload.

max_len: 256

Field provisioner_id

Type string

Description

Field	`provisioner_id`
Type	`string`
Description	Provisioner that provisioned the end device. `max_len`: `36` `pattern`: `^[a-z0-9](?:[-]?[a-z0-9]){2,}$\|^$`

Provisioner that provisioned the end device.

max_len: 36

pattern: ^[a-z0-9](?:[-]?[a-z0-9]){2,}$|^$

Field	`provisioning_data`
Type	`google.protobuf. Struct`
Description	Provisioning data for the provisioner.

Message `CryptoServicePayloadResponse`

Show object example

{
  "payload": "",
}

Fields:

Field	`payload`
Type	`bytes`
Description	Raw output payload.

Message `DeriveSessionKeysRequest`

Show object example

{
  "ids": {},
  "lorawan_version": "MAC_UNKNOWN",
  "join_nonce": "",
  "dev_nonce": "",
  "net_id": "",
  "provisioner_id": "",
  "provisioning_data": {},
}

Fields:

Field ids

Type EndDeviceIdentifiers

Description

Field	`ids`
Type	`EndDeviceIdentifiers`
Description	End device identifiers to use for key derivation. The DevAddr must be set in this request. The DevEUI may need to be set, depending on the provisioner. `required`

End device identifiers to use for key derivation. The DevAddr must be set in this request. The DevEUI may need to be set, depending on the provisioner.

required

Field lorawan_version

Type MACVersion

Description

Field	`lorawan_version`
Type	`MACVersion`
Description	LoRaWAN key derivation scheme. `defined_only`

LoRaWAN key derivation scheme.

defined_only

Field join_nonce

Type bytes

Description

Field	`join_nonce`
Type	`bytes`
Description	LoRaWAN JoinNonce (or AppNonce). `ignore_empty` `len`: `3`

LoRaWAN JoinNonce (or AppNonce).

ignore_empty

len: 3

Field dev_nonce

Type bytes

Description

Field	`dev_nonce`
Type	`bytes`
Description	LoRaWAN DevNonce. `ignore_empty` `len`: `2`

LoRaWAN DevNonce.

ignore_empty

len: 2

Field net_id

Type bytes

Description

Field	`net_id`
Type	`bytes`
Description	LoRaWAN NetID. `ignore_empty` `len`: `3`

LoRaWAN NetID.

ignore_empty

len: 3

Field provisioner_id

Type string

Description

Field	`provisioner_id`
Type	`string`
Description	Provisioner that provisioned the end device. `max_len`: `36` `pattern`: `^[a-z0-9](?:[-]?[a-z0-9]){2,}$\|^$`

Provisioner that provisioned the end device.

max_len: 36

pattern: ^[a-z0-9](?:[-]?[a-z0-9]){2,}$|^$

Field	`provisioning_data`
Type	`google.protobuf. Struct`
Description	Provisioning data for the provisioner.

Message `EndDeviceIdentifiers`

Show object example

{
  "device_id": "",
  "application_ids": {},
  "dev_eui": "",
  "join_eui": "",
  "dev_addr": "",
}

Fields:

Field device_id

Type string

Description

Field	`device_id`
Type	`string`
Description	`max_len`: `36` `pattern`: `^[a-z0-9](?:[-]?[a-z0-9]){2,}$`

max_len: 36

pattern: ^[a-z0-9](?:[-]?[a-z0-9]){2,}$

Field	`application_ids`
Type	`ApplicationIdentifiers`
Description	`required`

Field dev_eui

Type bytes

Description

Field	`dev_eui`
Type	`bytes`
Description	The LoRaWAN DevEUI. `ignore_empty` `len`: `8`

The LoRaWAN DevEUI.

ignore_empty

len: 8

Field join_eui

Type bytes

Description

Field	`join_eui`
Type	`bytes`
Description	The LoRaWAN JoinEUI (AppEUI until LoRaWAN 1.0.3 end devices). `ignore_empty` `len`: `8`

The LoRaWAN JoinEUI (AppEUI until LoRaWAN 1.0.3 end devices).

ignore_empty

len: 8

Field dev_addr

Type bytes

Description

Field	`dev_addr`
Type	`bytes`
Description	The LoRaWAN DevAddr. `ignore_empty` `len`: `4`

The LoRaWAN DevAddr.

ignore_empty

len: 4

Message `JoinAcceptMICRequest`

Show object example

{
  "payload_request": {},
  "join_request_type": "REJOIN_CONTEXT",
  "dev_nonce": "",
}

Fields:

Field payload_request

Type CryptoServicePayloadRequest

Description

Field	`payload_request`
Type	`CryptoServicePayloadRequest`
Description	Request data for the cryptographic operation. `required`

Request data for the cryptographic operation.

required

Field join_request_type

Type JoinRequestType

Description

Field	`join_request_type`
Type	`JoinRequestType`
Description	LoRaWAN join-request type. `defined_only`

LoRaWAN join-request type.

defined_only

Field dev_nonce

Type bytes

Description

Field	`dev_nonce`
Type	`bytes`
Description	LoRaWAN DevNonce. `ignore_empty` `len`: `2`

LoRaWAN DevNonce.

ignore_empty

len: 2

Message `NwkSKeysResponse`

Show object example

{
  "f_nwk_s_int_key": {},
  "s_nwk_s_int_key": {},
  "nwk_s_enc_key": {},
}

Fields:

Field f_nwk_s_int_key

Type KeyEnvelope

Description

Field	`f_nwk_s_int_key`
Type	`KeyEnvelope`
Description	The (encrypted) Forwarding Network Session Integrity Key (or Network Session Key in 1.0 compatibility mode). `required`

The (encrypted) Forwarding Network Session Integrity Key (or Network Session Key in 1.0 compatibility mode).

required

Field s_nwk_s_int_key

Type KeyEnvelope

Description

Field	`s_nwk_s_int_key`
Type	`KeyEnvelope`
Description	The (encrypted) Serving Network Session Integrity Key. `required`

The (encrypted) Serving Network Session Integrity Key.

required

Field nwk_s_enc_key

Type KeyEnvelope

Description

Field	`nwk_s_enc_key`
Type	`KeyEnvelope`
Description	The (encrypted) Network Session Encryption Key. `required`

The (encrypted) Network Session Encryption Key.

required

Message `GetRootKeysRequest`

Show object example

{
  "ids": {},
  "provisioner_id": "",
  "provisioning_data": {},
}

Fields:

Field ids

Type EndDeviceIdentifiers

Description

Field	`ids`
Type	`EndDeviceIdentifiers`
Description	End device identifiers to request the root keys for. `required`

End device identifiers to request the root keys for.

required

Field provisioner_id

Type string

Description

Field	`provisioner_id`
Type	`string`
Description	Provisioner that provisioned the end device. `max_len`: `36` `pattern`: `^[a-z0-9](?:[-]?[a-z0-9]){2,}$\|^$`

Provisioner that provisioned the end device.

max_len: 36

pattern: ^[a-z0-9](?:[-]?[a-z0-9]){2,}$|^$

Field	`provisioning_data`
Type	`google.protobuf. Struct`
Description	Provisioning data for the provisioner.

Message `KeyEnvelope`

Show object example

{
  "key": "",
  "kek_label": "",
  "encrypted_key": "",
}

Fields:

Field key

Type bytes

Description

Field	`key`
Type	`bytes`
Description	The unencrypted AES key. `ignore_empty` `len`: `16`

The unencrypted AES key.

ignore_empty

len: 16

Field kek_label

Type string

Description

Field	`kek_label`
Type	`string`
Description	The label of the RFC 3394 key-encryption-key (KEK) that was used to encrypt the key. `max_len`: `2048`

The label of the RFC 3394 key-encryption-key (KEK) that was used to encrypt the key.

max_len: 2048

Field	`encrypted_key`
Type	`bytes`
Description	`max_len`: `1024`

Enums

Enum `JoinRequestType`

Name	Value	Description
`REJOIN_CONTEXT`	`0`	Resets DevAddr, Session Keys, Frame Counters, Radio Parameters.
`REJOIN_SESSION`	`1`	Equivalent to the initial JoinRequest.
`REJOIN_KEYS`	`2`	Resets DevAddr, Session Keys, Frame Counters, while keeping the Radio Parameters.
`JOIN`	`255`	Normal join-request.

Enum `MACVersion`

Name	Value	Description
`MAC_UNKNOWN`	`0`
`MAC_V1_0`	`1`
`MAC_V1_0_1`	`2`
`MAC_V1_0_2`	`3`
`MAC_V1_1`	`4`
`MAC_V1_0_3`	`5`
`MAC_V1_0_4`	`6`

← Client APIs End Device APIs →

Crypto Operations APIs

The NetworkCryptoService service

Messages

Message ApplicationIdentifiers

Message CryptoServicePayloadRequest

Message CryptoServicePayloadResponse

Message DeriveSessionKeysRequest

Message EndDeviceIdentifiers

Message JoinAcceptMICRequest

Message NwkSKeysResponse

Message GetRootKeysRequest

Message KeyEnvelope

Enums

Enum JoinRequestType

Enum MACVersion

The `NetworkCryptoService` service

Message `ApplicationIdentifiers`

Message `CryptoServicePayloadRequest`

Message `CryptoServicePayloadResponse`

Message `DeriveSessionKeysRequest`

Message `EndDeviceIdentifiers`

Message `JoinAcceptMICRequest`

Message `NwkSKeysResponse`

Message `GetRootKeysRequest`

Message `KeyEnvelope`

Enum `JoinRequestType`

Enum `MACVersion`