@matter/protocol 0.13.1-alpha.0-20250506-f9ad9c3d8 → 0.13.1-alpha.0-20250508-047aa0277

package/src/fabric/Fabric.ts

@@ -171,17 +171,17 @@ export class Fabric {
         return Crypto.sign(this.#keyPair, data);
     }
 
-    verifyCredentials(operationalCert: Uint8Array, intermediateCACert?: Uint8Array) {
+    async verifyCredentials(operationalCert: Uint8Array, intermediateCACert?: Uint8Array) {
         const rootCert = TlvRootCertificate.decode(this.rootCert);
         const nocCert = TlvOperationalCertificate.decode(operationalCert);
         const icaCert =
             intermediateCACert !== undefined ? TlvIntermediateCertificate.decode(intermediateCACert) : undefined;
         if (icaCert !== undefined) {
             // Validate ICACertificate against Root Certificate
-            CertificateManager.verifyIntermediateCaCertificate(rootCert, icaCert);
+            await CertificateManager.verifyIntermediateCaCertificate(rootCert, icaCert);
         }
         // Validate NOC Certificate against ICA Certificate
-        CertificateManager.verifyNodeOperationalCertificate(nocCert, rootCert, icaCert);
+        await CertificateManager.verifyNodeOperationalCertificate(nocCert, rootCert, icaCert);
     }
 
     matchesFabricIdAndRootPublicKey(fabricId: FabricId, rootPublicKey: Uint8Array) {
@@ -331,7 +331,7 @@ export class Fabric {
 }
 
 export class FabricBuilder {
-    #keyPair = Crypto.createKeyPair();
+    #keyPair: PrivateKey;
     #rootVendorId?: VendorId;
     #rootCert?: Uint8Array;
     #intermediateCACert?: Uint8Array;
@@ -344,6 +344,14 @@ export class FabricBuilder {
     #fabricIndex?: FabricIndex;
     #label = "";
 
+    constructor(key: PrivateKey) {
+        this.#keyPair = key;
+    }
+
+    static async create() {
+        return new FabricBuilder(await Crypto.createKeyPair());
+    }
+
     get publicKey() {
         return this.#keyPair.publicKey;
     }
@@ -356,9 +364,9 @@ export class FabricBuilder {
         return CertificateManager.createCertificateSigningRequest(this.#keyPair);
     }
 
-    setRootCert(rootCert: Uint8Array) {
+    async setRootCert(rootCert: Uint8Array) {
         const decodedRootCertificate = TlvRootCertificate.decode(rootCert);
-        CertificateManager.verifyRootCertificate(decodedRootCertificate);
+        await CertificateManager.verifyRootCertificate(decodedRootCertificate);
         this.#rootCert = rootCert;
         this.#rootPublicKey = decodedRootCertificate.ellipticCurvePublicKey;
         return this;
@@ -368,7 +376,7 @@ export class FabricBuilder {
         return this.#rootCert;
     }
 
-    setOperationalCert(operationalCert: Uint8Array, intermediateCACert?: Uint8Array) {
+    async setOperationalCert(operationalCert: Uint8Array, intermediateCACert?: Uint8Array) {
         if (intermediateCACert !== undefined && intermediateCACert.length === 0) {
             intermediateCACert = undefined;
         }
@@ -396,9 +404,9 @@ export class FabricBuilder {
         const icaCert =
             intermediateCACert !== undefined ? TlvIntermediateCertificate.decode(intermediateCACert) : undefined;
         if (icaCert !== undefined) {
-            CertificateManager.verifyIntermediateCaCertificate(rootCert, icaCert);
+            await CertificateManager.verifyIntermediateCaCertificate(rootCert, icaCert);
         }
-        CertificateManager.verifyNodeOperationalCertificate(nocCert, rootCert, icaCert);
+        await CertificateManager.verifyNodeOperationalCertificate(nocCert, rootCert, icaCert);
 
         this.#operationalCert = operationalCert;
         this.#intermediateCACert = intermediateCACert;

package/src/fabric/FabricAuthority.ts

@@ -110,15 +110,16 @@ export class FabricAuthority {
             logger.warn(`Using test vendor ID 0x${vendorId.toString(16)} for controller fabric`);
         }
 
-        const fabricBuilder = new FabricBuilder()
-            .setRootCert(this.#ca.rootCert)
+        const fabricBuilder = await FabricBuilder.create();
+        await fabricBuilder.setRootCert(this.#ca.rootCert);
+        fabricBuilder
             .setRootNodeId(rootNodeId)
             .setIdentityProtectionKey(ipkValue)
             .setRootVendorId(this.#config.adminVendorId ?? DEFAULT_ADMIN_VENDOR_ID)
             .setLabel(this.#config.adminFabricLabel);
 
-        fabricBuilder.setOperationalCert(
-            this.#ca.generateNoc(
+        await fabricBuilder.setOperationalCert(
+            await this.#ca.generateNoc(
                 fabricBuilder.publicKey,
                 this.#config.fabricId ?? DEFAULT_FABRIC_ID,
                 rootNodeId,

package/src/fabric/FabricManager.ts

@@ -210,11 +210,11 @@ export class FabricManager {
         return this.fabrics.map(translator);
     }
 
-    findFabricFromDestinationId(destinationId: Uint8Array, initiatorRandom: Uint8Array) {
+    async findFabricFromDestinationId(destinationId: Uint8Array, initiatorRandom: Uint8Array) {
         this.#construction.assert();
 
         for (const fabric of this.#fabrics.values()) {
-            const candidateDestinationId = fabric.getDestinationId(fabric.nodeId, initiatorRandom);
+            const candidateDestinationId = await fabric.getDestinationId(fabric.nodeId, initiatorRandom);
             if (!Bytes.areEqual(candidateDestinationId, destinationId)) continue;
             return fabric;
         }

package/src/peer/ControllerCommissioningFlow.ts

@@ -762,7 +762,7 @@ export class ControllerCommissioningFlow {
         }
         // TODO: validate csrSignature using device public key
         const { certSigningRequest } = TlvCertSigningRequest.decode(nocsrElements);
-        const operationalPublicKey = CertificateManager.getPublicKeyFromCsr(certSigningRequest);
+        const operationalPublicKey = await CertificateManager.getPublicKeyFromCsr(certSigningRequest);
 
         await operationalCredentialsClusterClient.addTrustedRootCertificate(
             {
@@ -770,7 +770,7 @@ export class ControllerCommissioningFlow {
             },
             { useExtendedFailSafeMessageResponseTimeout: true },
         );
-        const peerOperationalCert = this.ca.generateNoc(
+        const peerOperationalCert = await this.ca.generateNoc(
             operationalPublicKey,
             this.fabric.fabricId,
             this.interactionClient.address.nodeId,

package/src/session/SessionManager.ts

@@ -110,6 +110,8 @@ export interface SessionManagerContext {
     owner?: unknown;
 }
 
+const ID_SPACE_UPPER_BOUND = 0xffff;
+
 /**
  * Manages Matter sessions associated with peer connections.
  */
@@ -126,6 +128,7 @@ export class SessionManager {
     readonly #construction: Construction<SessionManager>;
     readonly #observers = new ObserverGroup();
     readonly #subscriptionUpdateMutex = new Mutex(this);
+    #idUpperBound = ID_SPACE_UPPER_BOUND;
 
     constructor(context: SessionManagerContext) {
         this.#context = context;
@@ -342,9 +345,9 @@ export class SessionManager {
     async getNextAvailableSessionId() {
         await this.#construction;
 
-        for (let i = 0; i < 0xffff; i++) {
+        for (let i = 0; i < this.#idUpperBound; i++) {
             const id = this.#nextSessionId;
-            this.#nextSessionId = (this.#nextSessionId + 1) & 0xffff;
+            this.#nextSessionId = (this.#nextSessionId + 1) & this.#idUpperBound;
             if (this.#nextSessionId === 0) this.#nextSessionId++;
 
             if (this.getSession(id) === undefined) {
@@ -592,6 +595,14 @@ export class SessionManager {
         }
         return clearedCount;
     }
+
+    /**
+     * Compress range of IDs.  This is intended for testing.
+     */
+    compressIdRange(upperBound: number) {
+        this.#idUpperBound = upperBound;
+        this.#nextSessionId = Crypto.getRandomUInt32() % upperBound;
+    }
 }
 
 namespace SessionManager {

package/src/session/case/CaseClient.ts

@@ -41,7 +41,7 @@ export class CaseClient {
         const initiatorRandom = Crypto.getRandom();
         const initiatorSessionId = await this.#sessions.getNextAvailableSessionId(); // Initiator Session Id
         const { operationalIdentityProtectionKey, operationalCert: nodeOpCert, intermediateCACert } = fabric;
-        const { publicKey: initiatorEcdhPublicKey, ecdh } = Crypto.ecdhGeneratePublicKey();
+        const { publicKey: initiatorEcdhPublicKey, ecdh } = await Crypto.ecdhGeneratePublicKey();
 
         // Send sigma1
         let sigma1Bytes;
@@ -57,7 +57,7 @@ export class CaseClient {
             const initiatorResumeMic = Crypto.encrypt(resumeKey, new Uint8Array(0), RESUME1_MIC_NONCE);
             sigma1Bytes = await messenger.sendSigma1({
                 initiatorSessionId,
-                destinationId: fabric.getDestinationId(peerNodeId, initiatorRandom),
+                destinationId: await fabric.getDestinationId(peerNodeId, initiatorRandom),
                 initiatorEcdhPublicKey,
                 initiatorRandom,
                 resumptionId,
@@ -67,7 +67,7 @@ export class CaseClient {
         } else {
             sigma1Bytes = await messenger.sendSigma1({
                 initiatorSessionId,
-                destinationId: fabric.getDestinationId(peerNodeId, initiatorRandom),
+                destinationId: await fabric.getDestinationId(peerNodeId, initiatorRandom),
                 initiatorEcdhPublicKey,
                 initiatorRandom,
                 initiatorSessionParams: this.#sessions.sessionParameters,
@@ -133,12 +133,12 @@ export class CaseClient {
                 ...exchange.session.parameters,
                 ...(responderSessionParams ?? {}),
             };
-            const sharedSecret = Crypto.ecdhGenerateSecret(peerEcdhPublicKey, ecdh);
+            const sharedSecret = await Crypto.ecdhGenerateSecret(peerEcdhPublicKey, ecdh);
             const sigma2Salt = Bytes.concat(
                 operationalIdentityProtectionKey,
                 responderRandom,
                 peerEcdhPublicKey,
-                Crypto.hash(sigma1Bytes),
+                await Crypto.hash(sigma1Bytes),
             );
             const sigma2Key = await Crypto.hkdf(sharedSecret, sigma2Salt, KDFSR2_INFO);
             const peerEncryptedData = Crypto.decrypt(sigma2Key, peerEncrypted, TBE_DATA2_NONCE);
@@ -159,7 +159,7 @@ export class CaseClient {
                 subject: { fabricId: peerFabricIdNOCert, nodeId: peerNodeIdNOCert },
             } = TlvOperationalCertificate.decode(peerNewOpCert);
 
-            Crypto.verify(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
+            await Crypto.verify(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
 
             if (peerNodeIdNOCert !== peerNodeId) {
                 throw new UnexpectedDataError(
@@ -182,10 +182,13 @@ export class CaseClient {
                     );
                 }
             }
-            fabric.verifyCredentials(peerNewOpCert, peerIntermediateCACert);
+            await fabric.verifyCredentials(peerNewOpCert, peerIntermediateCACert);
 
             // Generate and send sigma3
-            const sigma3Salt = Bytes.concat(operationalIdentityProtectionKey, Crypto.hash([sigma1Bytes, sigma2Bytes]));
+            const sigma3Salt = Bytes.concat(
+                operationalIdentityProtectionKey,
+                await Crypto.hash([sigma1Bytes, sigma2Bytes]),
+            );
             const sigma3Key = await Crypto.hkdf(sharedSecret, sigma3Salt, KDFSR3_INFO);
             const signatureData = TlvSignedData.encode({
                 nodeOpCert,
@@ -193,7 +196,7 @@ export class CaseClient {
                 ecdhPublicKey: initiatorEcdhPublicKey,
                 peerEcdhPublicKey,
             });
-            const signature = fabric.sign(signatureData);
+            const signature = await fabric.sign(signatureData);
             const encryptedData = TlvEncryptedDataSigma3.encode({ nodeOpCert, intermediateCACert, signature });
             const encrypted = Crypto.encrypt(sigma3Key, encryptedData, TBE_DATA3_NONCE);
             const sigma3Bytes = await messenger.sendSigma3({ encrypted });
@@ -203,7 +206,7 @@ export class CaseClient {
             const { caseAuthenticatedTags } = resumptionRecord ?? {}; // Even if resumption does not work try to reuse the caseAuthenticatedTags
             const secureSessionSalt = Bytes.concat(
                 operationalIdentityProtectionKey,
-                Crypto.hash([sigma1Bytes, sigma2Bytes, sigma3Bytes]),
+                await Crypto.hash([sigma1Bytes, sigma2Bytes, sigma3Bytes]),
             );
             secureSession = await this.#sessions.createSecureSession({
                 sessionId: initiatorSessionId,

package/src/session/case/CaseServer.ts

@@ -148,15 +148,15 @@ export class CaseServer implements ProtocolHandler {
         ) {
             // Generate sigma 2
             // TODO: Pass through a group id?
-            const fabric = this.#fabrics.findFabricFromDestinationId(destinationId, peerRandom);
+            const fabric = await this.#fabrics.findFabricFromDestinationId(destinationId, peerRandom);
             const { operationalCert: nodeOpCert, intermediateCACert, operationalIdentityProtectionKey } = fabric;
             const { publicKey: responderEcdhPublicKey, sharedSecret } =
-                Crypto.ecdhGeneratePublicKeyAndSecret(peerEcdhPublicKey);
+                await Crypto.ecdhGeneratePublicKeyAndSecret(peerEcdhPublicKey);
             const sigma2Salt = Bytes.concat(
                 operationalIdentityProtectionKey,
                 responderRandom,
                 responderEcdhPublicKey,
-                Crypto.hash(sigma1Bytes),
+                await Crypto.hash(sigma1Bytes),
             );
             const sigma2Key = await Crypto.hkdf(sharedSecret, sigma2Salt, KDFSR2_INFO);
             const signatureData = TlvSignedData.encode({
@@ -165,7 +165,7 @@ export class CaseServer implements ProtocolHandler {
                 ecdhPublicKey: responderEcdhPublicKey,
                 peerEcdhPublicKey,
             });
-            const signature = fabric.sign(signatureData);
+            const signature = await fabric.sign(signatureData);
             const encryptedData = TlvEncryptedDataSigma2.encode({
                 nodeOpCert,
                 intermediateCACert,
@@ -187,7 +187,10 @@ export class CaseServer implements ProtocolHandler {
                 sigma3Bytes,
                 sigma3: { encrypted: peerEncrypted },
             } = await messenger.readSigma3();
-            const sigma3Salt = Bytes.concat(operationalIdentityProtectionKey, Crypto.hash([sigma1Bytes, sigma2Bytes]));
+            const sigma3Salt = Bytes.concat(
+                operationalIdentityProtectionKey,
+                await Crypto.hash([sigma1Bytes, sigma2Bytes]),
+            );
             const sigma3Key = await Crypto.hkdf(sharedSecret, sigma3Salt, KDFSR3_INFO);
             const peerDecryptedData = Crypto.decrypt(sigma3Key, peerEncrypted, TBE_DATA3_NONCE);
             const {
@@ -196,7 +199,7 @@ export class CaseServer implements ProtocolHandler {
                 signature: peerSignature,
             } = TlvEncryptedDataSigma3.decode(peerDecryptedData);
 
-            fabric.verifyCredentials(peerNewOpCert, peerIntermediateCACert);
+            await fabric.verifyCredentials(peerNewOpCert, peerIntermediateCACert);
 
             const peerSignatureData = TlvSignedData.encode({
                 nodeOpCert: peerNewOpCert,
@@ -213,12 +216,12 @@ export class CaseServer implements ProtocolHandler {
                 throw new UnexpectedDataError(`Fabric ID mismatch: ${fabric.fabricId} !== ${peerFabricId}`);
             }
 
-            Crypto.verify(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
+            await Crypto.verify(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
 
             // All good! Create secure session
             const secureSessionSalt = Bytes.concat(
                 operationalIdentityProtectionKey,
-                Crypto.hash([sigma1Bytes, sigma2Bytes, sigma3Bytes]),
+                await Crypto.hash([sigma1Bytes, sigma2Bytes, sigma3Bytes]),
             );
             const secureSession = await this.#sessions.createSecureSession({
                 sessionId: responderSessionId,

package/src/session/pase/PaseClient.ts

@@ -82,7 +82,7 @@ export class PaseClient {
 
         // Compute pake1 and read pake2
         const { w0, w1 } = await Spake2p.computeW0W1(pbkdfParameters, setupPin);
-        const spake2p = Spake2p.create(Crypto.hash([SPAKE_CONTEXT, requestPayload, responsePayload]), w0);
+        const spake2p = Spake2p.create(await Crypto.hash([SPAKE_CONTEXT, requestPayload, responsePayload]), w0);
         const X = spake2p.computeX();
         await messenger.sendPasePake1({ x: X });
 

package/src/session/pase/PaseServer.ts

@@ -144,7 +144,7 @@ export class PaseServer implements ProtocolHandler {
         });
 
         // Process pake1 and send pake2
-        const spake2p = Spake2p.create(Crypto.hash([SPAKE_CONTEXT, requestPayload, responsePayload]), this.w0);
+        const spake2p = Spake2p.create(await Crypto.hash([SPAKE_CONTEXT, requestPayload, responsePayload]), this.w0);
         const { x: X } = await messenger.readPasePake1();
         const Y = spake2p.computeY();
         const { Ke, hAY, hBX } = await spake2p.computeSecretAndVerifiersFromX(this.L, X, Y);