Crate coset[−][src]
Expand description
Set of types for supporting CBOR Object Signing and Encryption (COSE).
Builds on the serde_cbor
crate for underlying CBOR support.
Usage
use coset::{iana, CborSerializable}; // Inputs. let pt = b"This is the content"; let aad = b"this is additional data"; // Build a `CoseSign1` object. let protected = coset::HeaderBuilder::new() .algorithm(iana::Algorithm::ES256) .key_id(b"11".to_vec()) .build(); let sign1 = coset::CoseSign1Builder::new() .protected(protected) .payload(pt.to_vec()) .create_signature(aad, |pt| signer.sign(pt)) // closure to do sign operation .build(); // Serialize to bytes. let sign1_data = sign1.to_vec().unwrap(); println!( "'{}' + '{}' => {}", String::from_utf8_lossy(pt), String::from_utf8_lossy(aad), hex::encode(sign1.to_vec().unwrap()) ); // At the receiving end, deserialize the bytes back to a `CoseSign1` object. let mut sign1 = coset::CoseSign1::from_slice(&sign1_data).unwrap(); // Check the signature, which needs to have the same `aad` provided, by // providing a closure that can do the verify operation. let result = sign1.verify_signature(aad, |sig, data| verifier.verify(sig, data)); println!("Signature verified: {:?}.", result); assert!(result.is_ok()); // Changing an unprotected header leaves the signature valid. sign1.unprotected.content_type = Some(coset::ContentType::Text("text/plain".to_owned())); assert!(sign1 .verify_signature(aad, |sig, data| verifier.verify(sig, data)) .is_ok()); // Providing a different `aad` means the signature won't validate. assert!(sign1 .verify_signature(b"not aad", |sig, data| verifier.verify(sig, data)) .is_err()); // Changing a protected header invalidates the signature. sign1.protected.content_type = Some(coset::ContentType::Text("text/plain".to_owned())); assert!(sign1 .verify_signature(aad, |sig, data| verifier.verify(sig, data)) .is_err());
Modules
iana | Enumerations for IANA-managed values. |
Structs
CoseEncrypt | Structure representing an encrypted object. |
CoseEncrypt0 | Structure representing an encrypted object. |
CoseEncrypt0Builder | Builder for |
CoseEncryptBuilder | Builder for |
CoseKdfContext | Structure representing a a key derivation context. |
CoseKdfContextBuilder | Builder for |
CoseKey | Structure representing a cryptographic key. |
CoseKeyBuilder | Builder for |
CoseMac | Structure representing a message with authentication code (MAC). |
CoseMac0 | Structure representing a message with authentication code (MAC) where the relevant key is implicit. |
CoseMac0Builder | Builder for |
CoseMacBuilder | Builder for |
CoseRecipient | Structure representing the recipient of encrypted data. |
CoseRecipientBuilder | Builder for |
CoseSign | Signed payload with signatures. |
CoseSign1 | Signed payload with a single signature. |
CoseSign1Builder | Builder for |
CoseSignBuilder | Builder for |
CoseSignature | Structure representing a cryptographic signature. |
CoseSignatureBuilder | Builder for |
Header | Structure representing a common COSE header map. |
HeaderBuilder | Builder for |
PartyInfo | Structure representing a party involved in key derivation. |
PartyInfoBuilder | Builder for |
SuppPubInfo | Structure representing supplemental public information. |
SuppPubInfoBuilder | Builder for |
Enums
EncryptionContext | Possible encryption contexts. |
Label | A COSE label may be either a signed integer value or a string. |
MacContext | Possible MAC contexts. |
Nonce | A nonce value. |
RegisteredLabel | A COSE label which can be either a signed integer value or a string, but where the allowed integer values are governed by IANA. |
RegisteredLabelWithPrivate | A COSE label which can be either a signed integer value or a string, and where the allowed integer values are governed by IANA but include a private use range. |
SignatureContext | Possible signature contexts. |
Traits
CborSerializable | Extension trait that adds serialization/deserialization methods. |
TaggedCborSerializable | Extension trait that adds tagged serialization/deserialization methods. |
Functions
enc_structure_data | Create a binary blob that will be signed. |
mac_structure_data | Create a binary blob that will be signed. |
sig_structure_data | Create a binary blob that will be signed. |
Type Definitions
Algorithm | Algorithm identifier. |
ContentType | Content type. |
CoseKeySet | A collection of |