{"id":23862766,"url":"https://github.com/tramires/cose-rust","last_synced_at":"2025-09-08T10:33:37.389Z","repository":{"id":57610869,"uuid":"387306553","full_name":"tramires/cose-rust","owner":"tramires","description":"Rust implementation of the protocol CBOR Object Signing and Encryption, COSE, RFC 8152.","archived":false,"fork":false,"pushed_at":"2024-08-15T10:05:58.000Z","size":363,"stargazers_count":4,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-12-20T10:47:37.165Z","etag":null,"topics":["cbor","cose","cryptography","encryption","mac","rust","signatures"],"latest_commit_sha":null,"homepage":"https://datatracker.ietf.org/doc/html/rfc8152","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tramires.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-07-19T01:35:00.000Z","updated_at":"2024-08-15T10:06:01.000Z","dependencies_parsed_at":"2022-09-07T17:52:03.072Z","dependency_job_id":null,"html_url":"https://github.com/tramires/cose-rust","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tramires%2Fcose-rust","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tramires%2Fcose-rust/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tramires%2Fcose-rust/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tramires%2Fcose-rust/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tramires","download_url":"https://codeload.github.com/tramires/cose-rust/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":232140261,"owners_count":18478225,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cbor","cose","cryptography","encryption","mac","rust","signatures"],"created_at":"2025-01-03T07:23:53.485Z","updated_at":"2025-01-03T07:23:54.039Z","avatar_url":"https://github.com/tramires.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cose-rust\n\n[![crates.io](https://img.shields.io/crates/v/cose-rust.svg)](https://crates.io/crates/cose-rust) [![API](https://docs.rs/cose-rust/badge.svg)](https://docs.rs/cose-rust)\n\nA Rust crate to encode and decode secured data (Signatures, Encryption or MACed) in CBOR Object Signing and Encryption (COSE) format, [RFC 8152](https://tools.ietf.org/html/rfc8152).\n\nThis crate uses the [rust-openssl](https://github.com/sfackler/rust-openssl) and [rand](https://github.com/rust-random/rand) for the cryptographic operations and the [cbor-codec](https://gitlab.com/twittner/cbor-codec) for the CBOR encoding/decoding.\n\n# COSE \n\nCOSE is a concise binary data format that protects the payload of the message with a set of cryptographic operations.\n\nThe COSE [RFC 8152](https://tools.ietf.org/html/rfc8152) specifies the following 6 types of COSE messages:\n\n- **cose-sign1**: A digitally signed COSE message with a single signer.\n- **cose-sign**: A digitally signed COSE message with a signers bucket.\n- **cose-encrypt0**: An encrypted COSE message with a single recipient.\n- **cose-encrypt**: An encrypted COSE message with a recipients bucket.\n- **cose-mac0**: A MAC tagged COSE message with a single recipient.\n- **cose-encrypt**: A MAC tagged COSE message with a recipients bucket.\n\n# Examples\n\nThe following examples, demonstrate how to encode and decode the basic COSE messages (cose-sign1, cose-encrypt0, cose-mac0), examples of other use cases and cose message types\ncan be found in the respective documentation.\n\n## cose-sign1\n\n### Encode cose-sign1 message\n```rust\nuse cose::message::CoseMessage;\nuse cose::keys;\nuse cose::algs;\nuse hex;\n\nfn main() {\n    let msg = b\"This is the content.\".to_vec();\n    let kid = b\"11\".to_vec();\n\n    // cose-key to encode the message\n    let mut key = keys::CoseKey::new();\n    key.kty(keys::EC2);\n    key.alg(algs::ES512);\n    key.crv(keys::P_256);\n    key.x(hex::decode(\"bac5b11cad8f99f9c72b05cf4b9e26d244dc189f745228255a219a86d6a09eff\").unwrap());\n    key.y(hex::decode(\"20138bf82dc1b6d562be0fa54ab7804a3a64b6d72ccfed6b6fb6ed28bbfc117e\").unwrap());\n    key.d(hex::decode(\"57c92077664146e876760c9520d054aa93c3afb04e306705db6090308507b4d3\").unwrap());\n    key.key_ops(vec![keys::KEY_OPS_SIGN]);\n\n    // Prepare cose-sign1 message\n    let mut sign1 = CoseMessage::new_sign();\n    sign1.header.alg(algs::ES512, true, false);\n    sign1.header.kid(kid, true, false);\n    sign1.payload(msg);\n    sign1.key(\u0026key).unwrap();\n\n    // Generate the signature\n    sign1.secure_content(None).unwrap();\n\n    // Encode the message with the payload\n    sign1.encode(true).unwrap();\n}\n```\n\n### Decode cose-sign1 message\n```rust\nuse cose::message::CoseMessage;\nuse cose::keys;\nuse cose::algs;\nuse hex;\n\nfn main() {\n    // cose-key to decode the message\n    let mut key = keys::CoseKey::new();\n    key.kty(keys::EC2);\n    key.alg(algs::ES256);\n    key.crv(keys::P_256);\n    key.x(hex::decode(\"bac5b11cad8f99f9c72b05cf4b9e26d244dc189f745228255a219a86d6a09eff\").unwrap());\n    key.y(hex::decode(\"20138bf82dc1b6d562be0fa54ab7804a3a64b6d72ccfed6b6fb6ed28bbfc117e\").unwrap());\n    key.key_ops(vec![keys::KEY_OPS_VERIFY]);\n\n    // Generate CoseSign struct with the cose-sign1 message to decode\n    let mut verify = CoseMessage::new_sign();\n    verify.bytes =\n    hex::decode(\"d28447a2012604423131a054546869732069732074686520636f6e74656e742e5840dc93ddf7d5aff58131589087eaa65eeffa0baf2e72201ee91c0ca876ec42fdfb2a67dbc6ea1a95d2257cec645cf789808c0a392af045e2bc1bdb6746d80f221b\").unwrap();\n\n    // Initial decoding\n    verify.init_decoder(None).unwrap();\n\n    // Add key and verify the signature\n    verify.key(\u0026key).unwrap();\n    verify.decode(None, None).unwrap();\n}\n```\n\n## cose-encrypt0\n\n### Encode cose-encrypt0 message\n```rust\nuse cose::message::CoseMessage;\nuse cose::keys;\nuse cose::algs;\nuse hex;\n\nfn main() {\n    let msg = b\"This is the content.\".to_vec();\n    let kid = b\"secret\".to_vec();\n\n    // Prepare the cose-key\n    let mut key = keys::CoseKey::new();\n    key.kty(keys::SYMMETRIC);\n    key.alg(algs::CHACHA20);\n    key.k(hex::decode(\"849b57219dae48de646d07dbb533566e976686457c1491be3a76dcea6c427188\").unwrap());\n    key.key_ops(vec![keys::KEY_OPS_ENCRYPT]);\n\n    // Prepare cose-encrypt0 message\n    let mut enc0 = CoseMessage::new_encrypt();\n    enc0.header.alg(algs::CHACHA20, true, false);\n    enc0.header.iv(hex::decode(\"89f52f65a1c580933b5261a7\").unwrap(), true, false);\n    enc0.payload(msg);\n    enc0.key(\u0026key).unwrap();\n\n    // Generate the ciphertext with no AAD.\n    enc0.secure_content(None).unwrap();\n    // Encode the cose-encrypt0 message with the ciphertext included\n    enc0.encode(true).unwrap();\n}\n```\n\n### Decode cose-encrypt0 message\n```rust\nuse cose::message::CoseMessage;\nuse cose::keys;\nuse cose::algs;\nuse hex;\n\nfn main() {\n    let expected_msg = b\"This is the content.\".to_vec();\n\n    // Prepare the cose-key\n    let mut key = keys::CoseKey::new();\n    key.kty(keys::SYMMETRIC);\n    key.alg(algs::CHACHA20);\n    key.k(hex::decode(\"849b57219dae48de646d07dbb533566e976686457c1491be3a76dcea6c427188\").unwrap());\n    key.key_ops(vec![keys::KEY_OPS_DECRYPT]);\n\n\n    // Generate CoseEncrypt struct with the cose-encryt0 message to decode\n    let mut dec0 = CoseMessage::new_encrypt();\n    dec0.bytes =\n    hex::decode(\"d08352a2011818054c89f52f65a1c580933b5261a7a0582481c32c048134989007b3b5b932811ea410eeab15bd0de5d5ac5be03c84dce8c88871d6e9\").unwrap();\n\n    // Initial decoding of the message\n    dec0.init_decoder(None).unwrap();\n\n    // Add cose-key\n    dec0.key(\u0026key).unwrap();\n\n    // Decrypt the cose-encrypt0 message\n    let msg = dec0.decode(None, None).unwrap();\n    assert_eq!(msg, expected_msg);\n}\n```\n## cose-mac0\n\n### Encode cose-mac0 message\n```rust\nuse cose::message::CoseMessage;\nuse cose::keys;\nuse cose::algs;\nuse hex;\n\nfn main() {\n    let msg = b\"This is the content.\".to_vec();\n\n    // Prepare the cose-key\n    let mut key = keys::CoseKey::new();\n    key.kty(keys::SYMMETRIC);\n    key.alg(algs::AES_MAC_256_128);\n    key.k(hex::decode(\"849b57219dae48de646d07dbb533566e976686457c1491be3a76dcea6c427188\").unwrap());\n    key.key_ops(vec![keys::KEY_OPS_MAC]);\n\n    // Prepare the cose-mac0 message\n    let mut mac0 = CoseMessage::new_mac();\n    mac0.header.alg(algs::AES_MAC_256_128, true, false);\n\n    // Add the payload\n    mac0.payload(msg);\n\n    // Add cose-key\n    mac0.key(\u0026key).unwrap();\n\n    // Generate MAC tag without AAD\n    mac0.secure_content(None).unwrap();\n    // Encode the cose-mac0 message with the payload included\n    mac0.encode(true).unwrap();\n\n}\n```\n\n### Decode cose-mac0 message\n```rust\nuse cose::message::CoseMessage;\nuse cose::keys;\nuse cose::algs;\nuse hex;\n\nfn main() {\n    // Prepare the cose-key\n    let mut key = keys::CoseKey::new();\n    key.kty(keys::SYMMETRIC);\n    key.alg(algs::AES_MAC_256_128);\n    key.k(hex::decode(\"849b57219dae48de646d07dbb533566e976686457c1491be3a76dcea6c427188\").unwrap());\n    key.key_ops(vec![keys::KEY_OPS_MAC_VERIFY]);\n\n    // Generate CoseMAC struct with the cose-mac0 message to decode\n    let mut verify = CoseMessage::new_mac();\n    verify.bytes =\n    hex::decode(\"d18444a101181aa054546869732069732074686520636f6e74656e742e50403152cc208c1d501e1dc2a789ae49e4\").unwrap();\n\n    // Initial decoding of the message\n    verify.init_decoder(None).unwrap();\n\n    // Add cose-key\n    verify.key(\u0026key).unwrap();\n    // Verify the MAC tag of the cose-mac0 message\n    verify.decode(None, None).unwrap();\n}\n```\n\n# License\n\nThis crate, cose-rust, is licensed by the MIT License.\n\n# Note\n\nThis crate is under development and it has not been tested yet.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftramires%2Fcose-rust","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftramires%2Fcose-rust","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftramires%2Fcose-rust/lists"}