class Matter::Cluster::GroupKeyManagementCluster

• Matter::Cluster::GroupKeyManagementCluster
• Matter::Cluster::Base
• Reference
• Object

Overview

Group Key Management Cluster (0x003F) Matter Core Specification §11.2

Manages group keys for secure group communication:

• Group key sets for shared encryption keys
• Mapping between groups and key sets
• Identity Protection Keys (IPK) for CASE session establishment
• Operational group keys for group messaging

Key Features:

• Fabric-scoped: All data isolated per fabric
• IPK Protection: KeySet 0 (IPK) cannot be removed
• Strict Validation: Epoch keys must be ordered, security policies enforced
• Cryptographic Operations: HKDF-based key derivation for operational keys

Defined in:

Constant Summary

CLUSTER_ID = 63_u32

Constructors

• .new(endpoint_id : DataType::EndpointNumber, features : Feature = Feature::None, max_groups_per_fabric : UInt16 = 12_u16, max_group_keys_per_fabric : UInt16 = 3_u16)

  Initialize the cluster

Class Method Summary

• .cluster_id

  Group Key Management Cluster (0x003F) Matter Core Specification §11.2

Instance Method Summary

• #add_group(group_id : UInt16, endpoint_id : UInt16, group_name : String | Nil, fabric_index : UInt8) : Nil

  Add a group to the group table Called by Groups cluster when AddGroup command is executed

• #add_group_key_map(group_id : UInt16, group_key_set_id : UInt16, fabric_index : UInt8) : Nil

  Add or update a group key map entry Links a group to a key set within a fabric

• #attributes : Array(AttributeMetadata)

  Get all attribute metadata

• #commands : Array(CommandMetadata)

  Get all command metadata

• #features : Feature

  Cluster state

• #features=(features : Feature)

  Cluster state

• #get_key_set(group_key_set_id : UInt16, fabric_index : UInt8) : GroupKeySetStruct | Nil

  Get a key set by ID (for cryptographic operations) Returns the actual key set with key material

• #get_key_set_ids(fabric_index : UInt8) : Array(UInt16)

  Get all key set IDs for a fabric (for testing)

• #group_exists?(group_id : UInt16, fabric_index : UInt8) : Bool

  Check if a group exists for a fabric

• #group_key_map(fabric_index : UInt8) : Array(GroupKeyMapStruct)

  Get group key map for the specified fabric

• #group_key_map : Array(GroupKeyMapStruct)

  Get all group key map entries (for testing)

• #group_table(fabric_index : UInt8) : Array(GroupInfoMapStruct)

  Get group table for the specified fabric

• #group_table : Array(GroupInfoMapStruct)

  Get all group table entries (for testing)

• #handle_key_set_read(cmd : KeySetReadRequest, fabric_index : UInt8) : KeySetReadResponse | Nil

  KeySetRead command handler Matter Core Spec §11.2.8.2

• #handle_key_set_read_all_indices(fabric_index : UInt8) : KeySetReadAllIndicesResponse

  KeySetReadAllIndices command handler Matter Core Spec §11.2.8.4

• #handle_key_set_remove(cmd : KeySetRemoveRequest, fabric_index : UInt8) : Nil

  KeySetRemove command handler Matter Core Spec §11.2.8.3

• #handle_key_set_write(cmd : KeySetWriteRequest, fabric_index : UInt8) : Nil

  KeySetWrite command handler Matter Core Spec §11.2.8.1

• #max_group_keys_per_fabric : UInt16
• #max_group_keys_per_fabric=(max_group_keys_per_fabric : UInt16)
• #max_groups_per_fabric : UInt16
• #max_groups_per_fabric=(max_groups_per_fabric : UInt16)
• #name : String

  Get cluster name

• #remove_fabric(fabric_index : UInt8) : Nil

  Remove all groups for a fabric (fabric removal)

• #remove_group(group_id : UInt16, endpoint_id : UInt16, fabric_index : UInt8) : Nil

  Remove an endpoint from a group Called by Groups cluster when RemoveGroup command is executed

• #remove_group_key_map(group_id : UInt16, fabric_index : UInt8) : Nil

  Remove a group key map entry

Constructor Detail

Class Method Detail

Instance Method Detail