Description

Implement retrieval and management of the Miniserver's RSA public key, which is used for encrypting AES session keys in command encryption.

Protocol Reference

• Document: docs/loxone/CommunicatingWithMiniserver.md
• Section: "Command Encryption"
• Protocol Version: 16.0

Current Status

No encryption support exists. LoxoneCrypto only handles hashing.

Implementation Tasks

• Add jdev/sys/getPublicKey command
• Evaluate RSA crypto library for multiplatform support
• Add RSA public key model
• Implement X.509 DER/PEM parsing for public key
• Add public key storage/caching
• Implement RSA encryption (PKCS1, Base64 NoWrap)
• Write unit tests with known keys
• Write integration tests
• Update documentation

Technical Details

• Command: jdev/sys/getPublicKey
• Returns X.509 encoded key in PEM format
• RSA encryption: ECB mode, PKCS1 padding
• Output: Base64 encoded, no line wrapping
• Multiplatform consideration: May need platform-specific implementations

Crypto Library Options

• kotlincrypto/core (currently used for hashing)
• Platform-specific: JVM crypto, WebCrypto API, OpenSSL native
• Evaluate each for RSA support

Testing

• Test with known RSA key pair
• Test encryption/decryption roundtrip
• Test Base64 encoding format
• Test on all platforms

Dependencies

None

Acceptance Criteria

• Public key can be retrieved from Miniserver
• RSA encryption works
• Key is cached and reused
• Works on JVM, JS, and Native
• All tests pass