Crate coset[−][src]
Expand description
Set of types for supporting CBOR Object Signing and Encryption (COSE).
Builds on the serde_cbor
crate for underlying CBOR support.
Usage
use coset::{iana, CborSerializable};
// Inputs.
let pt = b"This is the content";
let aad = b"this is additional data";
// Build a `CoseSign1` object.
let protected = coset::HeaderBuilder::new()
.algorithm(iana::Algorithm::ES256)
.key_id(b"11".to_vec())
.build();
let sign1 = coset::CoseSign1Builder::new()
.protected(protected)
.payload(pt.to_vec())
.create_signature(aad, |pt| signer.sign(pt)) // closure to do sign operation
.build();
// Serialize to bytes.
let sign1_data = sign1.to_vec().unwrap();
println!(
"'{}' + '{}' => {}",
String::from_utf8_lossy(pt),
String::from_utf8_lossy(aad),
hex::encode(sign1.to_vec().unwrap())
);
// At the receiving end, deserialize the bytes back to a `CoseSign1` object.
let mut sign1 = coset::CoseSign1::from_slice(&sign1_data).unwrap();
// Check the signature, which needs to have the same `aad` provided, by
// providing a closure that can do the verify operation.
let result = sign1.verify_signature(aad, |sig, data| verifier.verify(sig, data));
println!("Signature verified: {:?}.", result);
assert!(result.is_ok());
// Changing an unprotected header leaves the signature valid.
sign1.unprotected.content_type = Some(coset::ContentType::Text("text/plain".to_owned()));
assert!(sign1
.verify_signature(aad, |sig, data| verifier.verify(sig, data))
.is_ok());
// Providing a different `aad` means the signature won't validate.
assert!(sign1
.verify_signature(b"not aad", |sig, data| verifier.verify(sig, data))
.is_err());
// Changing a protected header invalidates the signature.
sign1.protected.content_type = Some(coset::ContentType::Text("text/plain".to_owned()));
assert!(sign1
.verify_signature(aad, |sig, data| verifier.verify(sig, data))
.is_err());
Modules
Enumerations for IANA-managed values.
Structs
Structure representing an encrypted object.
Structure representing an encrypted object.
Builder for CoseEncrypt0
objects.
Builder for CoseEncrypt
objects.
Structure representing a a key derivation context.
Builder for CoseKdfContext
objects.
Structure representing a cryptographic key.
Builder for CoseKey
objects.
Structure representing a message with authentication code (MAC).
Structure representing a message with authentication code (MAC) where the relevant key is implicit.
Builder for CoseMac0
objects.
Builder for CoseMac
objects.
Structure representing the recipient of encrypted data.
Builder for CoseRecipient
objects.
Signed payload with signatures.
Signed payload with a single signature.
Builder for CoseSign1
objects.
Builder for CoseSign
objects.
Structure representing a cryptographic signature.
Builder for CoseSignature
objects.
Structure representing a common COSE header map.
Builder for Header
objects.
Structure representing a party involved in key derivation.
Builder for PartyInfo
objects.
Structure representing supplemental public information.
Builder for SuppPubInfo
objects.
Enums
Possible encryption contexts.
A COSE label may be either a signed integer value or a string.
Possible MAC contexts.
A nonce value.
A COSE label which can be either a signed integer value or a string, but where the allowed integer values are governed by IANA.
A COSE label which can be either a signed integer value or a string, and where the allowed integer values are governed by IANA but include a private use range.
Possible signature contexts.
Traits
Extension trait that adds serialization/deserialization methods.
Extension trait that adds tagged serialization/deserialization methods.
Functions
Create a binary blob that will be signed.
Create a binary blob that will be signed.
Create a binary blob that will be signed.