Crate coset[−][src]
Expand description
Set of types for supporting CBOR Object Signing and Encryption (COSE).
Builds on the serde_cbor crate for underlying CBOR support.
Usage
use coset::{iana, CborSerializable}; // Inputs. let pt = b"This is the content"; let aad = b"this is additional data"; // Build a `CoseSign1` object. let protected = coset::HeaderBuilder::new() .algorithm(iana::Algorithm::ES256) .key_id(b"11".to_vec()) .build(); let sign1 = coset::CoseSign1Builder::new() .protected(protected) .payload(pt.to_vec()) .create_signature(aad, |pt| signer.sign(pt)) // closure to do sign operation .build(); // Serialize to bytes. let sign1_data = sign1.to_vec().unwrap(); println!( "'{}' + '{}' => {}", String::from_utf8_lossy(pt), String::from_utf8_lossy(aad), hex::encode(sign1.to_vec().unwrap()) ); // At the receiving end, deserialize the bytes back to a `CoseSign1` object. let mut sign1 = coset::CoseSign1::from_slice(&sign1_data).unwrap(); // Check the signature, which needs to have the same `aad` provided, by // providing a closure that can do the verify operation. let result = sign1.verify_signature(aad, |sig, data| verifier.verify(sig, data)); println!("Signature verified: {:?}.", result); assert!(result.is_ok()); // Changing an unprotected header leaves the signature valid. sign1.unprotected.content_type = Some(coset::ContentType::Text("text/plain".to_owned())); assert!(sign1 .verify_signature(aad, |sig, data| verifier.verify(sig, data)) .is_ok()); // Providing a different `aad` means the signature won't validate. assert!(sign1 .verify_signature(b"not aad", |sig, data| verifier.verify(sig, data)) .is_err()); // Changing a protected header invalidates the signature. sign1.protected.content_type = Some(coset::ContentType::Text("text/plain".to_owned())); assert!(sign1 .verify_signature(aad, |sig, data| verifier.verify(sig, data)) .is_err());
Modules
| iana | Enumerations for IANA-managed values. |
Structs
| CoseEncrypt | Structure representing an encrypted object. |
| CoseEncrypt0 | Structure representing an encrypted object. |
| CoseEncrypt0Builder | Builder for |
| CoseEncryptBuilder | Builder for |
| CoseKdfContext | Structure representing a a key derivation context. |
| CoseKdfContextBuilder | Builder for |
| CoseKey | Structure representing a cryptographic key. |
| CoseKeyBuilder | Builder for |
| CoseMac | Structure representing a message with authentication code (MAC). |
| CoseMac0 | Structure representing a message with authentication code (MAC) where the relevant key is implicit. |
| CoseMac0Builder | Builder for |
| CoseMacBuilder | Builder for |
| CoseRecipient | Structure representing the recipient of encrypted data. |
| CoseRecipientBuilder | Builder for |
| CoseSign | Signed payload with signatures. |
| CoseSign1 | Signed payload with a single signature. |
| CoseSign1Builder | Builder for |
| CoseSignBuilder | Builder for |
| CoseSignature | Structure representing a cryptographic signature. |
| CoseSignatureBuilder | Builder for |
| Header | Structure representing a common COSE header map. |
| HeaderBuilder | Builder for |
| PartyInfo | Structure representing a party involved in key derivation. |
| PartyInfoBuilder | Builder for |
| SuppPubInfo | Structure representing supplemental public information. |
| SuppPubInfoBuilder | Builder for |
Enums
| EncryptionContext | Possible encryption contexts. |
| Label | A COSE label may be either a signed integer value or a string. |
| MacContext | Possible MAC contexts. |
| Nonce | A nonce value. |
| RegisteredLabel | A COSE label which can be either a signed integer value or a string, but where the allowed integer values are governed by IANA. |
| RegisteredLabelWithPrivate | A COSE label which can be either a signed integer value or a string, and where the allowed integer values are governed by IANA but include a private use range. |
| SignatureContext | Possible signature contexts. |
Traits
| CborSerializable | Extension trait that adds serialization/deserialization methods. |
| TaggedCborSerializable | Extension trait that adds tagged serialization/deserialization methods. |
Functions
| enc_structure_data | Create a binary blob that will be signed. |
| mac_structure_data | Create a binary blob that will be signed. |
| sig_structure_data | Create a binary blob that will be signed. |
Type Definitions
| Algorithm | Algorithm identifier. |
| ContentType | Content type. |
| CoseKeySet | A collection of |