1# EDHOC Constrained Device Samples 2 3## General 4This folder contains two samples intended to be executed on a constrained device 5 6* initiator - EDHOC initiator running on top of a CoAP client 7* responder - EDHOC responder running on top of a CoAP server 8 9Tested on 10 11* initiator - tested on nRF52840 with IPv6 over BLE 12* responder - tested on nRF52840 with IPv6 over BLE 13 14## Requirements 15* Zephyr OS is needed for building these samples. 16* A BLE board is needed for testing (Tested with nrf52840dk_nrf52840) 17* A Linux computer with BLE (Tested on Debian 11) 18 19## Setup 1: nRF52840 responder - Linux host initiator 20* connect the BLE board to the computer used for building the samples over USB. 21* In the directory `samples/zephyr_edhoc/responder` build and flash the sample: 22```bash 23west build -b=nrf52840dk_nrf52840 24west flash 25``` 26Optionally the board can be connected to a serial terminal for observing status messages. 27 28* Run the script `scripts/ble_connect.sh` as root on a Linux host in order to establish IPv6 over BLE connection between the Linux host and the board. 29```bash 30sudo ./ble_connect.sh -d EdhocResponder 31``` 32* Once the board is flashed and connected it prints the following output: 33```bash 34uart:~$ *** Booting Zephyr OS build zephyr-v3.1.0-4283-g5108c4f21d3d *** 35[00:00:00.264,709] <inf> bt_hci_core: HW Platform: Nordic Semiconductor (0x0002) 36[00:00:00.264,739] <inf> bt_hci_core: HW Variant: nRF52x (0x0002) 37[00:00:00.264,770] <inf> bt_hci_core: Firmware: Standard Bluetooth controller (0x00) Version 3.1 Build 99 38[00:00:00.265,686] <inf> bt_hci_core: Identity: D0:21:3D:B1:36:09 (random) 39[00:00:00.265,716] <inf> bt_hci_core: HCI: version 5.3 (0x0c) revision 0x0000, manufacturer 0x05f1 40[00:00:00.265,716] <inf> bt_hci_core: LMP: version 5.3 (0x0c) subver 0xffff 41uart:~$ IPv6 server with address 2001:db8::1 started! 42waiting to receive message 1... 43waiting to receive in rx() 44``` 45* On the Linux host in the folder `samples/linux_edhoc/initiator` build and run the initiator: 46```bash 47make 48./build/initiator 49``` 50* Both parties should run the EDHOC protocol to an end and derive the same shared secret. The output on both sides -- initiator and responder should look like this: 51```bash 52PRK_out (size 32): 53 83 90 E7 65 66 2F 4F 51 3D B1 A4 30 66 BD DA 43 54 27 C9 D1 0F A2 D9 28 08 2A 87 2B BF CA 78 CA 2A 55info (size 4): 56 0A 40 18 20 57prk_exporter (size 32): 58 A7 A0 17 A1 69 6B A3 E1 CE D7 95 E1 ED F9 19 C1 59 4B 4B FE C3 42 2E 12 80 9D B3 35 1D 1A E7 74 FA 60info (size 3): 61 00 40 10 62OSCORE Master Secret (size 16): 63 67 27 8F A7 7C 9F 4B 5E CB 00 46 6F F5 FA 87 F7 64info (size 3): 65 01 40 08 66OSCORE Master Salt (size 8): 67 67 FF 58 07 7B DB E2 AC 68``` 69 70## Setup 1: nRF52840 initiator - Linux host responder 71 72* make sure that the CoAP port 5683 is open on the Linux host. The port can be opened with UFW (Uncomplicated Firewall). 73```bash 74sudo ufw allow 5683/udp 75sudo ufw enable 76sudo ufw status 77# which prints: 78 79# Status: active 80 81# To Action From 82# -- ------ ---- 83# 5683/udp ALLOW Anywhere 84# 5683/udp (v6) ALLOW Anywhere (v6) 85``` 86* On the Linux host in the folder `samples/linux_edhoc/responder` build and run the responder: 87``` 88make 89./build/responder 90``` 91 92* connect the BLE board to the computer used for building the samples over USB. 93* In the directory `samples/zephyr_edhoc/initiator` build and flash the sample: 94```bash 95west build -b=nrf52840dk_nrf52840 96west flash 97``` 98Optionally the board can be connected to a serial terminal for observing status messages. 99 100* Run the script `scripts/ble_connect.sh` as root on a Linux host in order to establish IPv6 over BLE connection between the Linux host and the board. 101```bash 102sudo ./ble_connect.sh -d EdhocInitiator 103``` 104* Both parties should run the EDHOC protocol to an end and derive the same shared secret.
