Categorygithub.com/thomas-fossati/go-cose
modulepackage
0.0.0-20201003062009-a6dabb2ce93a
Repository: https://github.com/thomas-fossati/go-cose.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
15
Dependents
2
Files
1.4k SLOC

# README

go-cose

CircleCI Coverage Status

A COSE library for go.

It currently supports signing and verifying the SignMessage type with the ES{256,384,512} and PS256 algorithms.

API docs

Usage

Install

go get -u go.mozilla.org/cose

Signing a message

See example/sign.go and run it with:

$ go run example/sign.go
Bit lengths of integers r and s (256 and 256) do not match the key length 255
Message signature (ES256): 043685f99421f9e80c7c3c50d0fc8266161d3d614aaa3b63d2cdf581713fca62bb5d2e34d2352dbe41424b31d0b4a11d6b2d4764c18e2af04f4520fbe494d51c

Verifying a message

See example/verify.go and run it with:

$ go run example/verify.go
Bit lengths of integers r and s (256 and 254) do not match the key length 254
Message signature (ES256): 9411dc5200c1cb67ccd76424ade09ce89c4a8d8d2b66f2bbf70edf63beb2dc3cbde83250773e659b635d3715442a1efaa6b0c030ee8a2523c3e37a22ddb055fa
Message signature verified

Development

Running tests:

  1. Install rust and cargo

  2. On OSX: brew install nss nss then in sign_verify_cose_rust_cli_test.go add NSS_LIB_DIR to cmd or -L /usr/local/opt/nss/lib to RUSTFLAGS e.g. cmd.Env = append(os.Environ(), "NSS_LIB_DIR=/usr/local/opt/nss/lib", "RUSTFLAGS=-A dead_code -A unused_imports")

  3. If you already have dep and golint commands installed, run make install-godep install-golint

  4. Run go test

# Packages

No description provided by the author

# Functions

CompressHeaders replaces string tags with their int values and alg tags with their IANA int values.
DecompressHeaders replaces int values with string tags and alg int values with their IANA labels.
FindDuplicateHeader compresses the headers and returns the first duplicate header or nil for none found.
FromBase64Int decodes a base64-encoded string into a big.Int or panics from https://github.com/square/go-jose/blob/789a4c4bd4c118f7564954f441b29c153ccd6a96/utils_test.go#L45 Apache License 2.0.
GetAlg returns the algorithm by label or int from the protected headers.
GetCommonHeaderLabel returns the CBOR label for the map tag.
GetCommonHeaderTag returns the CBOR tag for the map label using Common COSE Headers Parameters Table 2 https://tools.ietf.org/html/rfc8152#section-3.1.
GetCommonHeaderTagOrPanic returns the CBOR label for a string.
I2OSP "Integer-to-Octet-String" converts a nonnegative integer to an octet string of a specified length https://tools.ietf.org/html/rfc8017#section-4.1.
IsSign1Message checks whether the prefix is 0xd2 0x84 for a COSE Sign1Message.
IsSignMessage checks whether the prefix is 0xd8 0x62 for a COSE SignMessage.
Marshal returns the CBOR []byte encoding of param o.
NewSign1Message returns a pointer to a new, empty Sign1Message.
NewSignature returns a new COSE Signature with empty headers and nil signature bytes.
NewSigner returns a Signer with a generated key.
NewSignerFromKey checks whether the privateKey is supported and returns a Signer using the provided key.
NewSignMessage takes a []byte payload and returns a new pointer to a SignMessage with empty headers and signatures.
Sign returns the SignatureBytes for each Signer in the same order on the digest or the error from the first failing Signer.
Unmarshal returns the CBOR decoding of a []byte into param o.
Verify returns nil if all Verifier verify the SignatureBytes or the error from the first failing Verifier.

# Constants

Supported Sig_structure contextes https://tools.ietf.org/html/rfc8152#section-4.4.
Supported Sig_structure contextes https://tools.ietf.org/html/rfc8152#section-4.4.
KeyTypeECDSA is the type to generate an ecdsa.PrivateKey.
KeyTypeRSA is the type to generate an rsa.PrivateKey.
KeyTypeUnsupported is the type to not generate a key.
SignMessageCBORTag is the CBOR tag for a COSE SignMessage from https://www.iana.org/assignments/cbor-tags/cbor-tags.xhtml#tags.
SignMessageCBORTag is the CBOR tag for a COSE SignMessage from https://www.iana.org/assignments/cbor-tags/cbor-tags.xhtml#tags.

# Variables

No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
ES256 is ECDSA w/ SHA-256 from [RFC8152].
ES384 is ECDSA w/ SHA-384 from [RFC8152].
ES512 is ECDSA w/ SHA-512 from [RFC8152].
PS256 is RSASSA-PSS w/ SHA-256 from [RFC8230].

# Structs

Algorithm represents an IANA algorithm's parameters (Name, Value/ID, and optional extra data) From the spec: NOTE: The assignment of algorithm identifiers in this document was done so that positive numbers were used for the first layer objects (COSE_Sign, COSE_Sign1, COSE_Encrypt, COSE_Encrypt0, COSE_Mac, and COSE_Mac0).
Headers represents "two buckets of information that are not considered to be part of the payload itself, but are used for holding information about content, algorithms, keys, or evaluation hints for the processing of the layer." https://tools.ietf.org/html/rfc8152#section-3 It is represented by CDDL fragments: Headers = ( protected : empty_or_serialized_map, unprotected : header_map ) header_map = { Generic_Headers, * label => values } empty_or_serialized_map = bstr .cbor header_map / bstr .size 0 .
RSAOptions are options for NewSigner currently just the RSA Key size.
Sign1Message represents a COSE_Sign1 message: COSE_Sign1 = [ Headers, payload : bstr / nil, signature : bstr ] https://tools.ietf.org/html/rfc8152#section-4.2.
Signature represents a COSE signature with CDDL fragment: COSE_Signature = [ Headers, signature : bstr ] https://tools.ietf.org/html/rfc8152#section-4.1.
Signer holds a COSE Algorithm and private key for signing messages.
SignMessage represents a COSESignMessage with CDDL fragment: COSE_Sign = [ Headers, payload : bstr / nil, signatures : [+ COSE_Signature] ] https://tools.ietf.org/html/rfc8152#section-4.1.
Verifier holds a PublicKey and Algorithm to verify signatures.

# Interfaces

ByteSigner take a signature digest and returns COSE signature bytes.
ByteVerifier checks COSE signatures.

# Type aliases

KeyType is the type to use in keyOptions to tell MakeDEREndEntity which type of crypto.PrivateKey to generate.