This project provides a Python implementation of the EDHOC key exchange protocol for constrained devices. Currently the protocol is still in draft status at the IETF.
The repository provides an implementation of:
https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-01- https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-05
$ pip install edhocThe py-edhoc test suite is based on the official test vectors provided by the LAKE working group.
To run the test suite you'll need pytest:
$ pip install pytestWhen you move to the root of the py-edhoc project you can run the test by simply typing:
$ pytest| Cipher Suites | COSE algorithms | Support |
|---|---|---|
| SUITE 0 | (AES-CCM-16-64-128, SHA-256, X25519, EdDSA, Ed25519, AES-CCM-16-64-128, SHA-256) | ✔️ |
| SUITE 1 | (AES-CCM-16-128-128, SHA-256, X25519, EdDSA, Ed25519, AES-CCM-16-64-128, SHA-256) | ✔️ |
| SUITE 2 | (AES-CCM-16-64-128, SHA-256, P-256, ES256, P-256, AES-CCM-16-64-128, SHA-256) | ❌ |
| SUITE 3 | (AES-CCM-16-128-128, SHA-256, P-256, ES256, P-256, AES-CCM-16-64-128, SHA-256) | ❌ |
| Method | Support |
|---|---|
| SIGN-SIGN | ✔️ |
| STATIC-SIGN | ✔️ |
| SIGN-STATIC | ✔️ |
| STATIC-STATIC | ✔️ |
The project depends on the python cose package. cose uses pyca/cryptography for all cryptographic operations, except the deterministic ECDSA algorithm. For deterministic ECDSA cose uses python-ecdsa.