This project provides a Python implementation of the EDHOC key exchange protocol for constrained devices. Currently the protocol is still in draft status at the IETF.
The repository provides an implementation of:
https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-01- https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-05
$ pip install edhoc
The py-edhoc
test suite is based on the official test vectors provided by the LAKE working group.
To run the test suite you'll need pytest
:
$ pip install pytest
When you move to the root of the py-edhoc
project you can run the test by simply typing:
$ pytest
Cipher Suites | COSE algorithms | Support |
---|---|---|
SUITE 0 | (AES-CCM-16-64-128, SHA-256, X25519, EdDSA, Ed25519, AES-CCM-16-64-128, SHA-256) | ✔️ |
SUITE 1 | (AES-CCM-16-128-128, SHA-256, X25519, EdDSA, Ed25519, AES-CCM-16-64-128, SHA-256) | ✔️ |
SUITE 2 | (AES-CCM-16-64-128, SHA-256, P-256, ES256, P-256, AES-CCM-16-64-128, SHA-256) | ❌ |
SUITE 3 | (AES-CCM-16-128-128, SHA-256, P-256, ES256, P-256, AES-CCM-16-64-128, SHA-256) | ❌ |
Method | Support |
---|---|
SIGN-SIGN | ✔️ |
STATIC-SIGN | ✔️ |
SIGN-STATIC | ✔️ |
STATIC-STATIC | ✔️ |
The project depends on the python cose
package. cose
uses pyca/cryptography for all cryptographic operations, except the deterministic ECDSA algorithm. For deterministic ECDSA cose
uses python-ecdsa.