class
Matter::Cluster::OperationalCredentialsCluster
Overview
Operational Credentials Cluster (0x003E)
Functionality to manage operational certificates and fabric membership. This cluster is required for Matter commissioning and fabric management.
Matter Specification: Core 1.4 § 11.17 - Operational Credentials Cluster
Commands:
- AttestationRequest (0x00): Request device attestation
- CertificateChainRequest (0x02): Request DAC/PAI certificate
- CSRRequest (0x04): Request Certificate Signing Request for NOC
- AddNOC (0x06): Add a Node Operational Certificate
- UpdateNOC (0x07): Update existing NOC
- UpdateFabricLabel (0x09): Update fabric label
- RemoveFabric (0x0A): Remove a fabric
- AddTrustedRootCertificate (0x0B): Add trusted root CA cert
Attributes:
- NOCs (0x00): List of NOC certificates
- Fabrics (0x01): List of fabric descriptors
- SupportedFabrics (0x02): Maximum supported fabrics
- CommissionedFabrics (0x03): Current number of fabrics
- TrustedRootCertificates (0x04): List of trusted root certs
- CurrentFabricIndex (0x05): Fabric index of current session
Defined in:
matter/cluster/operational_credentials_cluster.crConstant Summary
-
ATTR_COMMISSIONED_FABRICS =
3_u32 -
ATTR_CURRENT_FABRIC_INDEX =
5_u32 -
ATTR_FABRICS =
1_u32 -
ATTR_NOCS =
0_u32 -
Attributes
-
ATTR_SUPPORTED_FABRICS =
2_u32 -
ATTR_TRUSTED_ROOT_CERTIFICATES =
4_u32 -
CLUSTER_ID =
62_u32 -
CMD_ADD_NOC =
6_u32 -
CMD_ADD_TRUSTED_ROOT_CERTIFICATE =
11_u32 -
CMD_ATTESTATION_REQUEST =
0_u32 -
Commands
-
CMD_ATTESTATION_RESPONSE =
1_u32 -
CMD_CERTIFICATE_CHAIN_REQUEST =
2_u32 -
CMD_CERTIFICATE_CHAIN_RESPONSE =
3_u32 -
CMD_CSR_REQUEST =
4_u32 -
CMD_CSR_RESPONSE =
5_u32 -
CMD_NOC_RESPONSE =
8_u32 -
CMD_REMOVE_FABRIC =
10_u32 -
CMD_UPDATE_FABRIC_LABEL =
9_u32 -
CMD_UPDATE_NOC =
7_u32
Constructors
- .new(fabric_table : FabricTable, endpoint_id : DataType::EndpointNumber = DataType::EndpointNumber.new(0_u16), access_control_cluster : AccessControlCluster | Nil = nil)
-
.new(fabric_table : FabricTable, access_control_cluster : AccessControlCluster)
Overload for tests that pass fabric_table and acl_cluster directly
-
.new(endpoint_id : DataType::EndpointNumber)
Overload for tests that pass only endpoint_id (creates default fabric table)
Class Method Summary
-
.cluster_id
Operational Credentials Cluster (0x003E)
Instance Method Summary
-
#attributes : Array(AttributeMetadata)
Get all attribute metadata
-
#commands : Array(CommandMetadata)
Get all command metadata
-
#commissioned_fabrics : UInt8
CommissionedFabrics attribute (0x03) - Current number of fabrics
-
#current_fabric_index(session_fabric_index : UInt8 | Nil) : UInt8
CurrentFabricIndex helper method (returns passed value or stored value)
- #current_fabric_index : UInt8
- #current_fabric_index=(current_fabric_index : UInt8)
- #fabric_table : FabricTable
-
#fabrics : Array(FabricDescriptor)
Fabrics attribute (0x01) - List of all fabric descriptors
- #failsafe_armed : Bool
- #failsafe_armed=(failsafe_armed : Bool)
-
#get_fabric_by_index(index : UInt8) : FabricDescriptor | Nil
Get fabric descriptor by index (for tests)
-
#get_noc_by_fabric_index(index : UInt8) : NOCStruct | Nil
Get NOC by fabric index (for tests)
-
#handle_add_noc(cmd : AddNOCCommand, session_id : UInt64, failsafe_armed : Bool) : NOCResponse
AddNOC command (0x06) Add a Node Operational Certificate (commission into a fabric)
-
#handle_add_trusted_root_certificate(cmd : AddTrustedRootCertificateCommand, failsafe_armed : Bool) : NOCResponse | Nil
AddTrustedRootCertificate command (0x0B) Add a trusted root CA certificate
-
#handle_attestation_request(cmd : AttestationRequestCommand, session_id : UInt64) : AttestationResponse
AttestationRequest command (0x00) Request device attestation during commissioning
-
#handle_certificate_chain_request(cmd : CertificateChainRequestCommand) : CertificateChainResponse
CertificateChainRequest command (0x02) Request DAC or PAI certificate
-
#handle_csr_request(cmd : CSRRequestCommand, session_id : UInt64, is_pase_session : Bool, failsafe_armed : Bool) : CSRResponse | Nil
CSRRequest command (0x04) Generate a Certificate Signing Request for NOC
-
#handle_remove_fabric(cmd : RemoveFabricCommand) : NOCResponse
RemoveFabric command (0x0A) Remove a fabric from the device
-
#handle_update_fabric_label(cmd : UpdateFabricLabelCommand, session_fabric_index : UInt8) : NOCResponse
UpdateFabricLabel command (0x09) Update the label of a fabric
-
#handle_update_noc(cmd : UpdateNOCCommand, session_id : UInt64, session_fabric_index : UInt8, failsafe_armed : Bool) : NOCResponse
UpdateNOC command (0x07) Update an existing NOC certificate
-
#has_fabric_capacity? : Bool
Check if there's capacity for more fabrics (for tests)
-
#name : String
Get cluster name
-
#nocs(fabric_index : UInt8) : Array(NOCStruct)
NOCs attribute (0x00) - Fabric-scoped list of NOC certificates NOCs attribute for specific fabric (0x00)
-
#nocs : Array(NOCStruct)
Get all NOCs from all fabrics (for tests)
-
#on_failsafe_expired
Failsafe timer expired - reset context
-
#on_failsafe_success
Failsafe timer disarmed successfully - commit changes
-
#read_attribute(attribute_id : UInt32) : InteractionModel::Status | Bytes
CurrentFabricIndex attribute (0x05) - Fabric index from session context
- #session_fabric_index : UInt8 | Nil
- #session_fabric_index=(session_fabric_index : UInt8 | Nil)
- #session_id : UInt64 | Nil
- #session_id=(session_id : UInt64 | Nil)
-
#set_attestation_credentials(dac : Bytes, pai : Bytes, attestation_key : Crypto::Key)
Configure device attestation credentials Should be called during device initialization with factory credentials
-
#supported_fabrics : UInt8
SupportedFabrics attribute (0x02) - Maximum supported fabrics
-
#trusted_root_certificates : Array(Bytes)
TrustedRootCertificates attribute (0x04) - List of trusted root certs
-
#write_attribute(attribute_id : UInt32, value : Bytes) : InteractionModel::Status
Write an attribute value
Instance methods inherited from class Matter::Cluster::Base
attributes : Array(AttributeMetadata)
attributes,
cluster_id : DataType::ClusterId
cluster_id,
cluster_id=(cluster_id : DataType::ClusterId)
cluster_id=,
commands : Array(CommandMetadata)
commands,
data_version : UInt32
data_version,
data_version=(data_version : UInt32)
data_version=,
endpoint_id : DataType::EndpointNumber
endpoint_id,
endpoint_id=(endpoint_id : DataType::EndpointNumber)
endpoint_id=,
events : Array(EventMetadata)
events,
get_attribute_metadata(attribute_id : UInt32) : AttributeMetadata | Nil
get_attribute_metadata,
get_command_metadata(command_id : UInt32) : CommandMetadata | Nil
get_command_metadata,
invoke_command(command_id : UInt32, fields : Bytes = Bytes.new(0)) : InteractionModel::Status | Bytes
invoke_command,
name : String
name,
read_attribute(attribute_id : UInt32) : InteractionModel::Status | Bytes
read_attribute,
write_attribute(attribute_id : UInt32, value : Bytes) : InteractionModel::Status
write_attribute
Constructor methods inherited from class Matter::Cluster::Base
new(endpoint_id : DataType::EndpointNumber, cluster_id : DataType::ClusterId)
new
Constructor Detail
Overload for tests that pass fabric_table and acl_cluster directly
Overload for tests that pass only endpoint_id (creates default fabric table)
Class Method Detail
Operational Credentials Cluster (0x003E)
Functionality to manage operational certificates and fabric membership. This cluster is required for Matter commissioning and fabric management.
Matter Specification: Core 1.4 § 11.17 - Operational Credentials Cluster
Commands:
- AttestationRequest (0x00): Request device attestation
- CertificateChainRequest (0x02): Request DAC/PAI certificate
- CSRRequest (0x04): Request Certificate Signing Request for NOC
- AddNOC (0x06): Add a Node Operational Certificate
- UpdateNOC (0x07): Update existing NOC
- UpdateFabricLabel (0x09): Update fabric label
- RemoveFabric (0x0A): Remove a fabric
- AddTrustedRootCertificate (0x0B): Add trusted root CA cert
Attributes:
- NOCs (0x00): List of NOC certificates
- Fabrics (0x01): List of fabric descriptors
- SupportedFabrics (0x02): Maximum supported fabrics
- CommissionedFabrics (0x03): Current number of fabrics
- TrustedRootCertificates (0x04): List of trusted root certs
- CurrentFabricIndex (0x05): Fabric index of current session
Instance Method Detail
Get all attribute metadata
Get all command metadata
CurrentFabricIndex helper method (returns passed value or stored value)
Get fabric descriptor by index (for tests)
Get NOC by fabric index (for tests)
AddNOC command (0x06) Add a Node Operational Certificate (commission into a fabric)
AddTrustedRootCertificate command (0x0B) Add a trusted root CA certificate
AttestationRequest command (0x00) Request device attestation during commissioning
CertificateChainRequest command (0x02) Request DAC or PAI certificate
CSRRequest command (0x04) Generate a Certificate Signing Request for NOC
RemoveFabric command (0x0A) Remove a fabric from the device
UpdateFabricLabel command (0x09) Update the label of a fabric
UpdateNOC command (0x07) Update an existing NOC certificate
NOCs attribute (0x00) - Fabric-scoped list of NOC certificates NOCs attribute for specific fabric (0x00)
CurrentFabricIndex attribute (0x05) - Fabric index from session context
Configure device attestation credentials Should be called during device initialization with factory credentials
TrustedRootCertificates attribute (0x04) - List of trusted root certs
Write an attribute value