PASE (Passcode Authenticated Session Establishment) state machine.
Pure functional state machine — no GenServer. Caller threads state through. Implements both device (verifier) and commissioner (prover) roles.
Device flow
device = PASE.new_device(passcode: 20202021, salt: salt, iterations: 1000, local_session_id: 1)
{:reply, :pbkdf_param_response, resp_payload, device} = PASE.handle(device, :pbkdf_param_request, req_payload)
{:reply, :pase_pake2, pake2_payload, device} = PASE.handle(device, :pase_pake1, pake1_payload)
{:established, :status_report, sr_payload, session, device} = PASE.handle(device, :pase_pake3, pake3_payload)Commissioner flow
comm = PASE.new_commissioner(passcode: 20202021, local_session_id: 2)
{:send, :pbkdf_param_request, req_payload, comm} = PASE.initiate(comm)
{:send, :pase_pake1, pake1_payload, comm} = PASE.handle(comm, :pbkdf_param_response, resp_payload)
{:send, :pase_pake3, pake3_payload, comm} = PASE.handle(comm, :pase_pake2, pake2_payload)
{:established, session, comm} = PASE.handle(comm, :status_report, sr_payload)Summary
Functions
Process an incoming PASE message. Dispatches based on role and state.
Commissioner initiates the PASE flow by sending a PBKDFParamRequest.
Create a new commissioner (prover) PASE state.
Create a new device (verifier) PASE state.
Types
Functions
@spec handle(t(), atom(), binary()) :: {:reply, atom(), binary(), t()} | {:send, atom(), binary(), t()} | {:established, atom(), binary(), MatterEx.Session.t(), t()} | {:established, MatterEx.Session.t(), t()} | {:error, atom()}
Process an incoming PASE message. Dispatches based on role and state.
Commissioner initiates the PASE flow by sending a PBKDFParamRequest.
Create a new commissioner (prover) PASE state.
Required opts: :passcode, :local_session_id
Create a new device (verifier) PASE state.
Required opts: :passcode, :salt, :iterations, :local_session_id