class
Matter::Crypto::Spake2p
- Matter::Crypto::Spake2p
- Reference
- Object
Overview
SPAKE2+ implementation for Matter protocol Based on https://datatracker.ietf.org/doc/html/draft-bar-cfrg-spake2plus
SPAKE2+ is a password-authenticated key exchange protocol used during Matter commissioning This is a wrapper around the spake2_plus library configured for Matter's requirements
Defined in:
matter/crypto/spake2p.crConstant Summary
-
CRYPTO_GROUP_SIZE_BYTES =
32 -
CRYPTO_W_SIZE_BYTES =
CRYPTO_GROUP_SIZE_BYTES + 8 -
Log =
::Log.for("matter.spake2p") -
M_HEX =
"02886e2f97ace46e55ba9dd7242579f2993b64e16ef3dcab95afd497333d8fa12f" -
M and N constants for P-256 curve From SPAKE2+ specification
-
N_HEX =
"03d8bbd6c639c62937b04d997f38c3770719c629d7014d49a24b4f98baa1292b49"
Constructors
-
.create(crypto : CryptoBase, context : Bytes, w0 : BigInt) : Spake2p
Create SPAKE2+ instance with context and w0
-
.new(crypto : CryptoBase, context : Bytes, random : BigInt, w0 : BigInt)
Alternative constructor for testing with specific random values This allows test vectors to specify exact random values for reproducibility
-
.new(protocol : SPAKE2Plus::Protocol)
Constructor for integration with SPAKE2Plus library
Class Method Summary
-
.compute_passcode_verifier(crypto : CryptoBase, params : PbkdfParameters, pin : UInt32) : Bytes
Compute the passcode verifier used by AdministratorCommissioning OpenCommissioningWindow.
-
.compute_w0_l(crypto : CryptoBase, params : PbkdfParameters, pin : UInt32) : W0L
Compute w0 and L from PIN L = w1 * G (where G is the generator point)
-
.compute_w0_w1(crypto : CryptoBase, params : PbkdfParameters, pin : UInt32) : W0W1
Compute w0 and w1 from PIN using PBKDF2
Instance Method Summary
-
#compute_secret_and_verifiers_from_x(l : Bytes, x : Bytes, y : Bytes) : SecretAndVerifiers
Compute shared secret and verifiers from X (verifier side)
-
#compute_secret_and_verifiers_from_y(w1 : BigInt, x : Bytes, y : Bytes) : SecretAndVerifiers
Compute shared secret and verifiers from Y (prover side)
-
#compute_x : Bytes
Compute X = xG + w0M (prover computes this)
-
#compute_y : Bytes
Compute Y = yG + w0N (verifier computes this)
-
#context : Bytes
Expose protocol properties
- #random : BigInt
- #w0 : BigInt
Constructor Detail
Create SPAKE2+ instance with context and w0
Alternative constructor for testing with specific random values This allows test vectors to specify exact random values for reproducibility
Class Method Detail
Compute the passcode verifier used by AdministratorCommissioning OpenCommissioningWindow.
This is 97 bytes: w0 (32-byte big-endian) || L (65-byte uncompressed EC point).
Compute w0 and L from PIN L = w1 * G (where G is the generator point)
Compute w0 and w1 from PIN using PBKDF2
Instance Method Detail
Compute shared secret and verifiers from X (verifier side)
Compute shared secret and verifiers from Y (prover side)