Crate cose [] [src]

This crate implements COSE signature parsing. Verification has to be performed by the caller.

Example usage: Let payload and cose_signature be variables holding the signed payload and the COSE signature bytes respectively. Let further verify_callback be a function callback that implements signature verification.

Be careful when using this code, it's not being tested!
use cose::decoder::decode_signature;

 // Parse the incoming signature.
 let cose_signatures = decode_signature(cose_signature, &payload);
 let cose_signatures = match cose_signatures {
     Ok(signature) => signature,
     Err(_) => Vec::new(),
 if cose_signatures.len() < 1 {
     return false;

 let mut result = true;
 for cose_signature in cose_signatures {
     // Call callback to verify the parsed signatures.
     result &= verify_callback(cose_signature);

     // We can stop early. The cose_signature is not valid.
     if !result {
         return result;



Parse and decode COSE signatures.



Errors that can be returned from COSE functions.


An enum identifying supported signature algorithms. Currently ES256 (ECDSA with P256 and SHA256), ES384 (ECDSA with P384 and SHA384) ES512 (ECDSA with P521 and SHA512), and PS256 (RSASSA-PSS with SHA256) are supported. Note that with PS256, the salt length is defined to be 32 bytes.