@matter/protocol 0.15.0-alpha.0-20250612-ddd428561 → 0.15.0-alpha.0-20250614-b9829e223

package/src/protocol/ExchangeManager.ts

@@ -104,6 +104,7 @@ export class MessageChannel implements Channel<Message> {
  * Interfaces {@link ExchangeManager} with other components.
  */
 export interface ExchangeManagerContext {
+    crypto: Crypto;
     transportInterfaces: TransportInterfaceSet;
     sessionManager: SessionManager;
     channelManager: ChannelManager;
@@ -113,7 +114,7 @@ export class ExchangeManager {
     readonly #transportInterfaces: TransportInterfaceSet;
     readonly #sessionManager: SessionManager;
     readonly #channelManager: ChannelManager;
-    readonly #exchangeCounter = new ExchangeCounter();
+    readonly #exchangeCounter: ExchangeCounter;
     readonly #exchanges = new Map<number, MessageExchange>();
     readonly #protocols = new Map<number, ProtocolHandler>();
     readonly #listeners = new Map<TransportInterface, TransportInterface.Listener>();
@@ -125,6 +126,7 @@ export class ExchangeManager {
         this.#transportInterfaces = context.transportInterfaces;
         this.#sessionManager = context.sessionManager;
         this.#channelManager = context.channelManager;
+        this.#exchangeCounter = new ExchangeCounter(context.crypto);
 
         for (const transportInterface of this.#transportInterfaces) {
             this.#addListener(transportInterface);
@@ -143,6 +145,7 @@ export class ExchangeManager {
 
     static [Environmental.create](env: Environment) {
         const instance = new ExchangeManager({
+            crypto: env.get(Crypto),
             transportInterfaces: env.get(TransportInterfaceSet),
             sessionManager: env.get(SessionManager),
             channelManager: env.get(ChannelManager),
@@ -515,13 +518,17 @@ export class ExchangeManager {
 }
 
 export class ExchangeCounter {
-    private exchangeCounter = Crypto.getRandomUInt16();
+    #exchangeCounter: number;
+
+    constructor(crypto: Crypto) {
+        this.#exchangeCounter = crypto.randomUint16;
+    }
 
     getIncrementedCounter() {
-        this.exchangeCounter++;
-        if (this.exchangeCounter > 0xffff) {
-            this.exchangeCounter = 0;
+        this.#exchangeCounter++;
+        if (this.#exchangeCounter > 0xffff) {
+            this.#exchangeCounter = 0;
         }
-        return this.exchangeCounter;
+        return this.#exchangeCounter;
     }
 }

package/src/protocol/MessageCounter.ts

@@ -43,7 +43,7 @@ export enum MessageCounterTypes {
  * Rollover can be allowed or forbidden and a callback can be provided to be notified before a rollover would happen.
  */
 export class MessageCounter {
-    protected messageCounter = (Crypto.getRandomUInt32() >>> 4) + 1; // 28 bit random number plus 1
+    protected messageCounter: number;
 
     /**
      * Creates a new message counter with a random start value. If a aboutToRolloverCallback is provided this
@@ -51,9 +51,14 @@ export class MessageCounter {
      * a number of messages before the rollover callback is called (Default 1000).
      */
     constructor(
+        crypto: Crypto,
         protected readonly aboutToRolloverCallback?: () => void,
+
+        // Counter is a 28 bit random number plus 1
         protected readonly rolloverInfoDifference = ROLLOVER_INFO_DIFFERENCE,
-    ) {}
+    ) {
+        this.messageCounter = (crypto.randomUint32 >>> 4) + 1;
+    }
 
     async getIncrementedCounter() {
         this.messageCounter++;
@@ -82,6 +87,7 @@ export class PersistedMessageCounter extends MessageCounter {
     }
 
     static async create(
+        crypto: Crypto,
         storageContext: StorageContext,
         storageKey: string,
         aboutToRolloverCallback?: () => void,
@@ -89,6 +95,7 @@ export class PersistedMessageCounter extends MessageCounter {
     ) {
         return asyncNew(
             PersistedMessageCounter,
+            crypto,
             storageContext,
             storageKey,
             aboutToRolloverCallback,
@@ -97,12 +104,13 @@ export class PersistedMessageCounter extends MessageCounter {
     }
 
     constructor(
+        crypto: Crypto,
         private readonly storageContext: StorageContext,
         private readonly storageKey: string,
         aboutToRolloverCallback?: () => void,
         rolloverInfoDifference = ROLLOVER_INFO_DIFFERENCE,
     ) {
-        super(aboutToRolloverCallback, rolloverInfoDifference);
+        super(crypto, aboutToRolloverCallback, rolloverInfoDifference);
         this.#construction = Construction(this, async () => {
             if (await storageContext.has(storageKey)) {
                 this.messageCounter = await storageContext.get<number>(storageKey);

package/src/session/GroupSession.ts

@@ -9,7 +9,6 @@ import { Fabric } from "#fabric/Fabric.js";
 import { FabricManager } from "#fabric/FabricManager.js";
 import {
     Bytes,
-    Crypto,
     CryptoDecryptError,
     ImplementationError,
     InternalError,
@@ -126,7 +125,12 @@ export class GroupSession extends SecureSession {
 
         return {
             header,
-            applicationPayload: Crypto.encrypt(this.#operationalGroupKey, applicationPayload, nonce, headerBytes),
+            applicationPayload: this.#fabric.crypto.encrypt(
+                this.#operationalGroupKey,
+                applicationPayload,
+                nonce,
+                headerBytes,
+            ),
         };
     }
 
@@ -179,7 +183,7 @@ export class GroupSession extends SecureSession {
             try {
                 message = MessageCodec.decodePayload({
                     header,
-                    applicationPayload: Crypto.decrypt(key, applicationPayload, nonce, aad),
+                    applicationPayload: fabric.crypto.decrypt(key, applicationPayload, nonce, aad),
                 });
                 found = true;
                 break; // Exit loop on first successful decryption

package/src/session/InsecureSession.ts

@@ -4,7 +4,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { Logger, MatterFlowError } from "#general";
+import { Crypto, Logger, MatterFlowError } from "#general";
 import { NodeId } from "#types";
 import { DecodedMessage, DecodedPacket, Message, MessageCodec, Packet, SessionType } from "../codec/MessageCodec.js";
 import { Fabric } from "../fabric/Fabric.js";
@@ -23,19 +23,20 @@ export class InsecureSession extends Session {
     readonly type = SessionType.Unicast;
 
     constructor(args: {
+        crypto: Crypto;
         manager?: SessionManager;
         messageCounter: MessageCounter;
         initiatorNodeId?: NodeId;
         sessionParameters?: SessionParameterOptions;
         isInitiator?: boolean;
     }) {
-        const { initiatorNodeId, isInitiator } = args;
+        const { crypto, initiatorNodeId, isInitiator } = args;
         super({
             ...args,
             setActiveTimestamp: !isInitiator, // When we are the initiator we assume the node is in idle mode
             messageReceptionState: new MessageReceptionStateUnencryptedWithRollover(),
         });
-        this.#initiatorNodeId = initiatorNodeId ?? NodeId.randomOperationalNodeId();
+        this.#initiatorNodeId = initiatorNodeId ?? NodeId.randomOperationalNodeId(crypto);
     }
 
     get isSecure() {

package/src/session/NodeSession.ts

@@ -30,6 +30,7 @@ export class NoAssociatedFabricError extends StatusResponseError {
 }
 
 export class NodeSession extends SecureSession {
+    readonly #crypto: Crypto;
     readonly #subscriptions = new BasicSet<Subscription>();
     #closingAfterExchangeFinished = false;
     #sendCloseMessageWhenClosing = true;
@@ -47,6 +48,7 @@ export class NodeSession extends SecureSession {
     readonly type = SessionType.Unicast;
 
     static async create(args: {
+        crypto: Crypto;
         manager?: SessionManager;
         id: number;
         fabric: Fabric | undefined;
@@ -60,6 +62,7 @@ export class NodeSession extends SecureSession {
         caseAuthenticatedTags?: CaseAuthenticatedTag[];
     }) {
         const {
+            crypto,
             manager,
             id,
             fabric,
@@ -72,7 +75,7 @@ export class NodeSession extends SecureSession {
             peerSessionParameters,
             caseAuthenticatedTags,
         } = args;
-        const keys = await Crypto.createHkdfKey(
+        const keys = await args.crypto.createHkdfKey(
             sharedSecret,
             salt,
             isResumption ? SESSION_RESUMPTION_KEYS_INFO : SESSION_KEYS_INFO,
@@ -82,6 +85,7 @@ export class NodeSession extends SecureSession {
         const encryptKey = isInitiator ? keys.slice(0, 16) : keys.slice(16, 32);
         const attestationKey = keys.slice(32, 48);
         return new NodeSession({
+            crypto,
             manager,
             id,
             fabric,
@@ -97,6 +101,7 @@ export class NodeSession extends SecureSession {
     }
 
     constructor(args: {
+        crypto: Crypto;
         manager?: SessionManager;
         id: number;
         fabric: Fabric | undefined;
@@ -109,18 +114,8 @@ export class NodeSession extends SecureSession {
         caseAuthenticatedTags?: CaseAuthenticatedTag[];
         isInitiator: boolean;
     }) {
-        super({
-            ...args,
-            setActiveTimestamp: true, // We always set the active timestamp for Secure sessions
-            // Can be changed to a PersistedMessageCounter if we implement session storage
-            messageCounter: new MessageCounter(() => {
-                // Secure Session Message Counter
-                // Expire/End the session before the counter rolls over
-                this.end(true, true).catch(error => logger.error(`Error while closing session: ${error}`));
-            }),
-            messageReceptionState: new MessageReceptionStateEncryptedWithoutRollover(),
-        });
         const {
+            crypto,
             manager,
             id,
             fabric,
@@ -133,6 +128,19 @@ export class NodeSession extends SecureSession {
             isInitiator,
         } = args;
 
+        super({
+            ...args,
+            setActiveTimestamp: true, // We always set the active timestamp for Secure sessions
+            // Can be changed to a PersistedMessageCounter if we implement session storage
+            messageCounter: new MessageCounter(crypto, () => {
+                // Secure Session Message Counter
+                // Expire/End the session before the counter rolls over
+                this.end(true, true).catch(error => logger.error(`Error while closing session: ${error}`));
+            }),
+            messageReceptionState: new MessageReceptionStateEncryptedWithoutRollover(),
+        });
+
+        this.#crypto = crypto;
         this.#id = id;
         this.#fabric = fabric;
         this.#peerNodeId = peerNodeId;
@@ -220,7 +228,7 @@ export class NodeSession extends SecureSession {
         const nonce = Session.generateNonce(header.securityFlags, header.messageId, this.#peerNodeId);
         const message = MessageCodec.decodePayload({
             header,
-            applicationPayload: Crypto.decrypt(this.#decryptKey, applicationPayload, nonce, aad),
+            applicationPayload: this.#crypto.decrypt(this.#decryptKey, applicationPayload, nonce, aad),
         });
 
         if (message.payloadHeader.hasSecuredExtension) {
@@ -241,7 +249,10 @@ export class NodeSession extends SecureSession {
             ? NodeId.UNSPECIFIED_NODE_ID
             : (this.#fabric?.nodeId ?? NodeId.UNSPECIFIED_NODE_ID);
         const nonce = Session.generateNonce(securityFlags, header.messageId, sessionNodeId);
-        return { header, applicationPayload: Crypto.encrypt(this.#encryptKey, applicationPayload, nonce, headerBytes) };
+        return {
+            header,
+            applicationPayload: this.#crypto.encrypt(this.#encryptKey, applicationPayload, nonce, headerBytes),
+        };
     }
 
     get attestationChallengeKey(): Uint8Array {

package/src/session/SessionManager.ts

@@ -10,7 +10,6 @@ import {
     BasicSet,
     Bytes,
     Construction,
-    Crypto,
     Environment,
     Environmental,
     Lifecycle,
@@ -124,9 +123,9 @@ export class SessionManager {
     readonly #insecureSessions = new Map<NodeId, InsecureSession>();
     readonly #sessions = new BasicSet<NodeSession>();
     readonly #groupSessions = new Map<NodeId, BasicSet<GroupSession>>();
-    #nextSessionId = Crypto.getRandomUInt16();
+    #nextSessionId: number;
     #resumptionRecords = new PeerAddressMap<ResumptionRecord>();
-    readonly #globalUnencryptedMessageCounter = new MessageCounter();
+    readonly #globalUnencryptedMessageCounter;
     readonly #subscriptionsChanged = Observable<[session: NodeSession, subscription: Subscription]>();
     #sessionParameters: SessionParameters;
     readonly #resubmissionStarted = Observable<[session: Session]>();
@@ -137,7 +136,12 @@ export class SessionManager {
 
     constructor(context: SessionManagerContext) {
         this.#context = context;
+        const {
+            fabrics: { crypto },
+        } = context;
         this.#sessionParameters = { ...DEFAULT_SESSION_PARAMETERS, ...context.parameters };
+        this.#nextSessionId = crypto.randomUint16;
+        this.#globalUnencryptedMessageCounter = new MessageCounter(crypto);
 
         // When fabric is removed, also remove the resumption record
         this.#observers.on(context.fabrics.events.deleted, async fabric => {
@@ -164,6 +168,10 @@ export class SessionManager {
         return this.#context;
     }
 
+    get crypto() {
+        return this.#context.fabrics.crypto;
+    }
+
     /**
      * Active secure sessions.
      */
@@ -242,6 +250,7 @@ export class SessionManager {
         }
         while (true) {
             const session = new InsecureSession({
+                crypto: this.#context.fabrics.crypto,
                 manager: this,
                 messageCounter: this.#globalUnencryptedMessageCounter,
                 initiatorNodeId,
@@ -284,6 +293,7 @@ export class SessionManager {
             caseAuthenticatedTags,
         } = args;
         const session = await NodeSession.create({
+            crypto: this.crypto,
             manager: this,
             id: sessionId,
             fabric,
@@ -698,7 +708,7 @@ export class SessionManager {
      */
     compressIdRange(upperBound: number) {
         this.#idUpperBound = upperBound;
-        this.#nextSessionId = Crypto.getRandomUInt32() % upperBound;
+        this.#nextSessionId = this.#context.fabrics.crypto.randomUint32 % upperBound;
         if (this.#nextSessionId === 0) this.#nextSessionId++;
     }
 }

package/src/session/case/CaseClient.ts

@@ -4,7 +4,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { Bytes, Crypto, Logger, PublicKey, UnexpectedDataError } from "#general";
+import { Bytes, Logger, PublicKey, UnexpectedDataError } from "#general";
 import { ChannelStatusResponseError } from "#securechannel/index.js";
 import { SessionManager } from "#session/SessionManager.js";
 import { NodeId, ProtocolStatusCode } from "#types";
@@ -49,11 +49,13 @@ export class CaseClient {
     }
 
     async #doPair(messenger: CaseClientMessenger, exchange: MessageExchange, fabric: Fabric, peerNodeId: NodeId) {
+        const { crypto } = fabric;
+
         // Generate pairing info
-        const initiatorRandom = Crypto.getRandom();
+        const initiatorRandom = crypto.randomBytes(32);
         const initiatorSessionId = await this.#sessions.getNextAvailableSessionId(); // Initiator Session Id
         const { operationalIdentityProtectionKey, operationalCert: localNoc, intermediateCACert: localIcac } = fabric;
-        const localKey = await Crypto.createKeyPair();
+        const localKey = await crypto.createKeyPair();
 
         // Send sigma1
         let sigma1Bytes;
@@ -61,12 +63,12 @@ export class CaseClient {
         let resumptionRecord = this.#sessions.findResumptionRecordByAddress(fabric.addressOf(peerNodeId));
         if (resumptionRecord !== undefined) {
             const { sharedSecret, resumptionId } = resumptionRecord;
-            const resumeKey = await Crypto.createHkdfKey(
+            const resumeKey = await crypto.createHkdfKey(
                 sharedSecret,
                 Bytes.concat(initiatorRandom, resumptionId),
                 KDFSR1_KEY_INFO,
             );
-            const initiatorResumeMic = Crypto.encrypt(resumeKey, new Uint8Array(0), RESUME1_MIC_NONCE);
+            const initiatorResumeMic = crypto.encrypt(resumeKey, new Uint8Array(0), RESUME1_MIC_NONCE);
             sigma1Bytes = await messenger.sendSigma1({
                 initiatorSessionId,
                 destinationId: await fabric.currentDestinationIdFor(peerNodeId, initiatorRandom),
@@ -106,8 +108,8 @@ export class CaseClient {
             };
 
             const resumeSalt = Bytes.concat(initiatorRandom, resumptionId);
-            const resumeKey = await Crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
-            Crypto.decrypt(resumeKey, resumeMic, RESUME2_MIC_NONCE);
+            const resumeKey = await crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
+            crypto.decrypt(resumeKey, resumeMic, RESUME2_MIC_NONCE);
 
             const secureSessionSalt = Bytes.concat(initiatorRandom, resumptionRecord.resumptionId);
             secureSession = await this.#sessions.createSecureSession({
@@ -145,15 +147,15 @@ export class CaseClient {
                 ...exchange.session.parameters,
                 ...(responderSessionParams ?? {}),
             };
-            const sharedSecret = await Crypto.generateDhSecret(localKey, PublicKey(peerKey));
+            const sharedSecret = await crypto.generateDhSecret(localKey, PublicKey(peerKey));
             const sigma2Salt = Bytes.concat(
                 operationalIdentityProtectionKey,
                 responderRandom,
                 peerKey,
-                await Crypto.computeSha256(sigma1Bytes),
+                await crypto.computeSha256(sigma1Bytes),
             );
-            const sigma2Key = await Crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
-            const peerEncryptedData = Crypto.decrypt(sigma2Key, peerEncrypted, TBE_DATA2_NONCE);
+            const sigma2Key = await crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
+            const peerEncryptedData = crypto.decrypt(sigma2Key, peerEncrypted, TBE_DATA2_NONCE);
             const {
                 responderNoc: peerNoc,
                 responderIcac: peerIcac,
@@ -171,7 +173,7 @@ export class CaseClient {
                 subject: { fabricId: peerFabricIdNOCert, nodeId: peerNodeIdNOCert },
             } = TlvOperationalCertificate.decode(peerNoc);
 
-            await Crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
+            await crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
 
             if (peerNodeIdNOCert !== peerNodeId) {
                 throw new UnexpectedDataError(
@@ -199,9 +201,9 @@ export class CaseClient {
             // Generate and send sigma3
             const sigma3Salt = Bytes.concat(
                 operationalIdentityProtectionKey,
-                await Crypto.computeSha256([sigma1Bytes, sigma2Bytes]),
+                await crypto.computeSha256([sigma1Bytes, sigma2Bytes]),
             );
-            const sigma3Key = await Crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
+            const sigma3Key = await crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
             const signatureData = TlvSignedData.encode({
                 responderNoc: localNoc,
                 responderIcac: localIcac,
@@ -214,7 +216,7 @@ export class CaseClient {
                 responderIcac: localIcac,
                 signature,
             });
-            const encrypted = Crypto.encrypt(sigma3Key, encryptedData, TBE_DATA3_NONCE);
+            const encrypted = crypto.encrypt(sigma3Key, encryptedData, TBE_DATA3_NONCE);
             const sigma3Bytes = await messenger.sendSigma3({ encrypted });
             await messenger.waitForSuccess("Sigma3-Success");
 
@@ -222,7 +224,7 @@ export class CaseClient {
             const { caseAuthenticatedTags } = resumptionRecord ?? {}; // Even if resumption does not work try to reuse the caseAuthenticatedTags
             const secureSessionSalt = Bytes.concat(
                 operationalIdentityProtectionKey,
-                await Crypto.computeSha256([sigma1Bytes, sigma2Bytes, sigma3Bytes]),
+                await crypto.computeSha256([sigma1Bytes, sigma2Bytes, sigma3Bytes]),
             );
             secureSession = await this.#sessions.createSecureSession({
                 sessionId: initiatorSessionId,

package/src/session/case/CaseServer.ts

@@ -73,7 +73,7 @@ export class CaseServer implements ProtocolHandler {
                 ? this.#sessions.findResumptionRecordById(sigma1.resumptionId)
                 : undefined;
 
-        const context = new Sigma1Context(messenger, sigma1Bytes, sigma1, resumptionRecord);
+        const context = new Sigma1Context(this.#fabrics.crypto, messenger, sigma1Bytes, sigma1, resumptionRecord);
 
         // Attempt resumption
         if (await this.#resume(context)) {
@@ -100,14 +100,15 @@ export class CaseServer implements ProtocolHandler {
         }
 
         const { sharedSecret, fabric, peerNodeId, caseAuthenticatedTags } = cx.resumptionRecord;
-        const peerResumeKey = await Crypto.createHkdfKey(
+        const { crypto } = this.#fabrics;
+        const peerResumeKey = await crypto.createHkdfKey(
             sharedSecret,
             Bytes.concat(cx.peerRandom, cx.peerResumptionId),
             KDFSR1_KEY_INFO,
         );
 
         try {
-            Crypto.decrypt(peerResumeKey, cx.peerResumeMic, RESUME1_MIC_NONCE);
+            crypto.decrypt(peerResumeKey, cx.peerResumeMic, RESUME1_MIC_NONCE);
         } catch (e) {
             CryptoDecryptError.accept(e);
 
@@ -135,8 +136,8 @@ export class CaseServer implements ProtocolHandler {
 
         // Generate sigma 2 resume
         const resumeSalt = Bytes.concat(cx.peerRandom, cx.localResumptionId);
-        const resumeKey = await Crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
-        const resumeMic = Crypto.encrypt(resumeKey, new Uint8Array(0), RESUME2_MIC_NONCE);
+        const resumeKey = await crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
+        const resumeMic = crypto.encrypt(resumeKey, new Uint8Array(0), RESUME2_MIC_NONCE);
         try {
             await cx.messenger.sendSigma2Resume({
                 resumptionId: cx.localResumptionId,
@@ -179,22 +180,23 @@ export class CaseServer implements ProtocolHandler {
         }
 
         // Generate pairing info
-        const responderRandom = Crypto.getRandom();
+        const { crypto } = this.#fabrics;
+        const responderRandom = crypto.randomBytes(32);
 
         // TODO: Pass through a group id?
         const fabric = await this.#fabrics.findFabricFromDestinationId(cx.destinationId, cx.peerRandom);
         const { operationalCert: nodeOpCert, intermediateCACert, operationalIdentityProtectionKey } = fabric;
-        const key = await Crypto.createKeyPair();
+        const key = await crypto.createKeyPair();
         const responderEcdhPublicKey = key.publicBits;
-        const sharedSecret = await Crypto.generateDhSecret(key, PublicKey(cx.peerEcdhPublicKey));
+        const sharedSecret = await crypto.generateDhSecret(key, PublicKey(cx.peerEcdhPublicKey));
 
         const sigma2Salt = Bytes.concat(
             operationalIdentityProtectionKey,
             responderRandom,
             responderEcdhPublicKey,
-            await Crypto.computeSha256(cx.bytes),
+            await crypto.computeSha256(cx.bytes),
         );
-        const sigma2Key = await Crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
+        const sigma2Key = await crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
         const signatureData = TlvSignedData.encode({
             responderNoc: nodeOpCert,
             responderIcac: intermediateCACert,
@@ -208,7 +210,7 @@ export class CaseServer implements ProtocolHandler {
             signature,
             resumptionId: cx.localResumptionId,
         });
-        const encrypted = Crypto.encrypt(sigma2Key, encryptedData, TBE_DATA2_NONCE);
+        const encrypted = crypto.encrypt(sigma2Key, encryptedData, TBE_DATA2_NONCE);
         const responderSessionId = await this.#sessions.getNextAvailableSessionId();
         const sigma2Bytes = await cx.messenger.sendSigma2({
             responderRandom,
@@ -225,10 +227,10 @@ export class CaseServer implements ProtocolHandler {
         } = await cx.messenger.readSigma3();
         const sigma3Salt = Bytes.concat(
             operationalIdentityProtectionKey,
-            await Crypto.computeSha256([cx.bytes, sigma2Bytes]),
+            await crypto.computeSha256([cx.bytes, sigma2Bytes]),
         );
-        const sigma3Key = await Crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
-        const peerDecryptedData = Crypto.decrypt(sigma3Key, peerEncrypted, TBE_DATA3_NONCE);
+        const sigma3Key = await crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
+        const peerDecryptedData = crypto.decrypt(sigma3Key, peerEncrypted, TBE_DATA3_NONCE);
         const {
             responderNoc: peerNewOpCert,
             responderIcac: peerIntermediateCACert,
@@ -252,12 +254,12 @@ export class CaseServer implements ProtocolHandler {
             throw new UnexpectedDataError(`Fabric ID mismatch: ${fabric.fabricId} !== ${peerFabricId}`);
         }
 
-        await Crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
+        await crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
 
         // All good! Create secure session
         const secureSessionSalt = Bytes.concat(
             operationalIdentityProtectionKey,
-            await Crypto.computeSha256([cx.bytes, sigma2Bytes, sigma3Bytes]),
+            await crypto.computeSha256([cx.bytes, sigma2Bytes, sigma3Bytes]),
         );
         const secureSession = await this.#sessions.createSecureSession({
             sessionId: responderSessionId,
@@ -301,6 +303,7 @@ export class CaseServer implements ProtocolHandler {
 }
 
 class Sigma1Context {
+    crypto: Crypto;
     messenger: CaseServerMessenger;
     bytes: Uint8Array;
     peerSessionId: number;
@@ -315,11 +318,13 @@ class Sigma1Context {
     #localResumptionId?: Uint8Array;
 
     constructor(
+        crypto: Crypto,
         messenger: CaseServerMessenger,
         bytes: Uint8Array,
         sigma1: TypeFromSchema<typeof TlvCaseSigma1>,
         resumptionRecord?: ResumptionRecord,
     ) {
+        this.crypto = crypto;
         this.messenger = messenger;
         this.bytes = bytes;
         this.peerSessionId = sigma1.initiatorSessionId;
@@ -333,6 +338,6 @@ class Sigma1Context {
     }
 
     get localResumptionId() {
-        return (this.#localResumptionId ??= Crypto.getRandomData(16));
+        return (this.#localResumptionId ??= this.crypto.randomBytes(16));
     }
 }

package/src/session/pase/PaseClient.ts

@@ -22,27 +22,28 @@ export class PaseClient {
         this.#sessions = sessions;
     }
 
-    static async generatePakePasscodeVerifier(setupPinCode: number, pbkdfParameters: PbkdfParameters) {
-        const { w0, L } = await Spake2p.computeW0L(pbkdfParameters, setupPinCode);
+    static async generatePakePasscodeVerifier(crypto: Crypto, setupPinCode: number, pbkdfParameters: PbkdfParameters) {
+        const { w0, L } = await Spake2p.computeW0L(crypto, pbkdfParameters, setupPinCode);
         return Bytes.concat(numberToBytesBE(w0, 32), L);
     }
 
-    static generateRandomPasscode() {
+    static generateRandomPasscode(crypto: Crypto) {
         let passcode: number;
-        passcode = (Crypto.getRandomUInt32() % 99999998) + 1; // prevents 00000000 and 99999999
+        passcode = (crypto.randomUint32 % 99999998) + 1; // prevents 00000000 and 99999999
         if (CommissioningOptions.FORBIDDEN_PASSCODES.includes(passcode)) {
             passcode += 1; // With current forbidden passcode list can never collide
         }
         return passcode;
     }
 
-    static generateRandomDiscriminator() {
-        return Crypto.getRandomUInt16() % 4096;
+    static generateRandomDiscriminator(crypto: Crypto) {
+        return crypto.randomUint16 % 4096;
     }
 
     async pair(sessionParameters: SessionParameters, exchange: MessageExchange, setupPin: number) {
         const messenger = new PaseClientMessenger(exchange);
-        const initiatorRandom = Crypto.getRandom();
+        const { crypto } = this.#sessions;
+        const initiatorRandom = crypto.randomBytes(32);
         const initiatorSessionId = await this.#sessions.getNextAvailableSessionId(); // Initiator Session Id
 
         // Send pbkdfRequest and Read pbkdfResponse
@@ -80,9 +81,10 @@ export class PaseClient {
         };
 
         // Compute pake1 and read pake2
-        const { w0, w1 } = await Spake2p.computeW0W1(pbkdfParameters, setupPin);
+        const { w0, w1 } = await Spake2p.computeW0W1(crypto, pbkdfParameters, setupPin);
         const spake2p = Spake2p.create(
-            await Crypto.computeSha256([SPAKE_CONTEXT, requestPayload, responsePayload]),
+            crypto,
+            await crypto.computeSha256([SPAKE_CONTEXT, requestPayload, responsePayload]),
             w0,
         );
         const X = spake2p.computeX();