Supported COSE Algorithms¶
IANA Registry for COSE lists many cryptographic algorithms for MAC, signing, and encryption. This section shows the algorithms which this library currently supports.
✅ : Supported.
➖ : No plan to support.
COSE Key Types¶
Name |
Status |
Value |
Description |
|---|---|---|---|
OKP |
✅ |
1 |
Octet Key Pair |
EC2 |
✅ |
2 |
Elliptic Curve Keys w/ x- and y-coordinate pair |
RSA |
✅ |
3 |
RSA Key |
Symmetric |
✅ |
4 |
Symmetric Keys |
HSS-LMS |
5 |
Public key for HSS/LMS hash-based digital signature |
|
WalnutDSA |
6 |
WalnutDSA public key |
COSE Algorithms¶
-65534: 128, # AES-CTR w/ 128-bit key (Deprecated) -65533: 192, # AES-CTR w/ 192-bit key (Deprecated) -65532: 256, # AES-CTR w/ 256-bit key (Deprecated) -65531: 128, # AES-CBC w/ 128-bit key (Deprecated) -65530: 192, # AES-CBC w/ 192-bit key (Deprecated) -65529: 256, # AES-CBC w/ 256-bit key (Deprecated)
Name |
Status |
Value |
Description |
|---|---|---|---|
RS1 |
➖ |
-65535 |
RSASSA-PKCS1-v1_5 using SHA-1 |
A128CTR |
✅ |
-65534 |
AES-CTR w/ 128-bit key |
A192CTR |
✅ |
-65533 |
AES-CTR w/ 192-bit key |
A256CTR |
✅ |
-65532 |
AES-CTR w/ 256-bit key |
A128CBC |
✅ |
-65531 |
AES-CBC w/ 128-bit key |
A192CBC |
✅ |
-65530 |
AES-CBC w/ 192-bit key |
A256CBC |
✅ |
-65529 |
AES-CBC w/ 256-bit key |
WalnutDSA |
-260 |
WalnutDSA signature |
|
RS512 |
✅ |
-259 |
RSASSA-PKCS1-v1_5 using SHA-512 |
RS384 |
✅ |
-258 |
RSASSA-PKCS1-v1_5 using SHA-384 |
RS256 |
✅ |
-257 |
RSASSA-PKCS1-v1_5 using SHA-256 |
ES256K |
✅ |
-47 |
ECDSA using secp256k1 curve and SHA-256 |
HSS-LMS |
-46 |
HSS/LMS hash-based digital signature |
|
SHAKE256 |
-45 |
SHAKE-256 512-bit Hash Value |
|
SHA-512 |
-44 |
SHA-2 512-bit Hash |
|
SHA-384 |
-43 |
SHA-2 384-bit Hash |
|
RSAES-OAEP w/ SHA-512 |
-42 |
RSAES-OAEP w/ SHA-512 |
|
RSAES-OAEP w/ SHA-256 |
-41 |
RSAES-OAEP w/ SHA-256 |
|
RSAES-OAEP
w/ RFC 8017 default
parameters
|
-40 |
RSAES-OAEP w/ SHA-1 |
|
PS512 |
✅ |
-39 |
RSASSA-PSS w/ SHA-512 |
PS384 |
✅ |
-38 |
RSASSA-PSS w/ SHA-384 |
PS256 |
✅ |
-37 |
RSASSA-PSS w/ SHA-256 |
ES512 |
✅ |
-36 |
ECDSA w/ SHA-512 |
ES384 |
✅ |
-35 |
ECDSA w/ SHA-384 |
ECDH-SS + A256KW |
✅ |
-34 |
ECDH SS w/ Concat KDF and AES Key Wrap
w/ 256-bit key
|
ECDH-SS + A192KW |
✅ |
-33 |
ECDH SS w/ Concat KDF and AES Key Wrap
w/ 192-bit key
|
ECDH-SS + A128KW |
✅ |
-32 |
ECDH SS w/ Concat KDF and AES Key Wrap
w/ 128-bit key
|
ECDH-ES + A256KW |
✅ |
-31 |
ECDH ES w/ Concat KDF and AES Key Wrap
w/ 256-bit key
|
ECDH-ES + A192KW |
✅ |
-30 |
ECDH ES w/ Concat KDF and AES Key Wrap
w/ 192-bit key
|
ECDH-ES + A128KW |
✅ |
-29 |
ECDH ES w/ Concat KDF and AES Key Wrap
w/ 128-bit key
|
ECDH-SS + HKDF-512 |
✅ |
-28 |
ECDH SS w/ HKDF - generate key directly |
ECDH-SS + HKDF-256 |
✅ |
-27 |
ECDH SS w/ HKDF - generate key directly |
ECDH-ES + HKDF-512 |
✅ |
-26 |
ECDH ES w/ HKDF - generate key directly |
ECDH-ES + HKDF-256 |
✅ |
-25 |
ECDH ES w/ HKDF - generate key directly |
SHAKE128 |
-18 |
SHAKE-128 256-bit Hash Value |
|
SHA-512/256 |
-17 |
SHA-2 512-bit Hash truncated to 256-bits |
|
SHA-256 |
-16 |
SHA-2 256-bit Hash |
|
SHA-256/64 |
-15 |
SHA-2 256-bit Hash truncated to 64-bits |
|
SHA-1 |
➖ |
-14 |
SHA-1 Hash |
direct+HKDF-AES-256 |
-13 |
Shared secret w/ AES-MAC 256-bit key |
|
direct+HKDF-AES-128 |
-12 |
Shared secret w/ AES-MAC 128-bit key |
|
direct+HKDF-SHA-512 |
✅ |
-11 |
Shared secret w/ HKDF and SHA-512 |
direct+HKDF-SHA-256 |
✅ |
-10 |
Shared secret w/ HKDF and SHA-256 |
EdDSA |
✅ |
-8 |
EdDSA |
ES256 |
✅ |
-7 |
ECDSA w/ SHA-256 |
direct |
✅ |
-6 |
Direct use of CEK |
A256KW |
✅ |
-5 |
AES Key Wrap w/ 256-bit key |
A192KW |
✅ |
-4 |
AES Key Wrap w/ 192-bit key |
A128KW |
✅ |
-3 |
AES Key Wrap w/ 128-bit key |
A128GCM |
✅ |
1 |
AES-GCM mode w/ 128-bit key, 128-bit tag |
A192GCM |
✅ |
2 |
AES-GCM mode w/ 192-bit key, 128-bit tag |
A256GCM |
✅ |
3 |
AES-GCM mode w/ 256-bit key, 128-bit tag |
HMAC 256/64 |
✅ |
4 |
HMAC w/ SHA-256 truncated to 64 bits |
HMAC 256/256
(“HS256” can also
be used.)
|
✅ |
5 |
HMAC w/ SHA-256 |
HMAC 384/384
(“HS384” can also
be used.)
|
✅ |
6 |
HMAC w/ SHA-384 |
HMAC 512/512
(“HS512” can also
be used.)
|
✅ |
7 |
HMAC w/ SHA-512 |
AES-CCM-16-64-128 |
✅ |
10 |
AES-CCM mode 128-bit key, 64-bit tag,
13-byte nonce
|
AES-CCM-16-64-256 |
✅ |
11 |
AES-CCM mode 256-bit key, 64-bit tag,
13-byte nonce
|
AES-CCM-64-64-128 |
✅ |
12 |
AES-CCM mode 128-bit key, 64-bit tag,
7-byte nonce
|
AES-CCM-64-64-256 |
✅ |
13 |
AES-CCM mode 256-bit key, 64-bit tag,
7-byte nonce
|
AES-MAC 128/64 |
➖ |
14 |
AES-MAC 128-bit key, 64-bit tag |
AES-MAC 256/64 |
➖ |
15 |
AES-MAC 256-bit key, 64-bit tag |
ChaCha20/Poly1305 |
✅ |
24 |
ChaCha20/Poly1305 w/ 256-bit key, 128-bit tag |
AES-MAC 128/128 |
➖ |
25 |
AES-MAC 128-bit key, 128-bit tag |
AES-MAC 128/128 |
➖ |
26 |
AES-MAC 256-bit key, 128-bit tag |
AES-CCM-16-128-128 |
✅ |
30 |
AES-CCM mode 128-bit key, 128-bit tag,
13-byte nonce
|
AES-CCM-16-128-256 |
✅ |
31 |
AES-CCM mode 256-bit key, 128-bit tag,
13-byte nonce
|
AES-CCM-64-128-128 |
✅ |
32 |
AES-CCM mode 128-bit key, 128-bit tag,
7-byte nonce
|
AES-CCM-64-128-256 |
✅ |
33 |
AES-CCM mode 256-bit key, 128-bit tag,
7-byte nonce
|
COSE Elliptic Curves¶
Name |
Status |
Value |
Description |
|---|---|---|---|
P-256 |
✅ |
1 |
NIST P-256 also known as secp256r1 |
P-384 |
✅ |
2 |
NIST P-384 also known as secp384r1 |
P-521 |
✅ |
3 |
NIST P-521 also known as secp521r1 |
X25519 |
✅ |
4 |
X25519 for use w/ ECDH only |
X448 |
✅ |
5 |
X448 for use w/ ECDH only |
Ed25519 |
✅ |
6 |
Ed25519 for use w/ EdDSA only |
Ed448 |
✅ |
7 |
Ed448 for use w/ EdDSA only |
secp256k1 |
✅ |
8 |
SECG secp256k1 curve |