Supported COSE Algorithms

IANA Registry for COSE lists many cryptographic algorithms for MAC, signing, and encryption. This section shows the algorithms which this library currently supports.

✅ : Supported.
➖ : No plan to support.

COSE Key Types

Name	Status	Value	Description
OKP	✅	1	Octet Key Pair
EC2	✅	2	Elliptic Curve Keys w/ x- and y-coordinate pair
RSA	✅	3	RSA Key
Symmetric	✅	4	Symmetric Keys
HSS-LMS		5	Public key for HSS/LMS hash-based digital signature
WalnutDSA		6	WalnutDSA public key

COSE Algorithms

-65534: A128CTR, # AES-CTR w/ 128-bit key (Deprecated) -65533: A192CTR, # AES-CTR w/ 192-bit key (Deprecated) -65532: A256CTR, # AES-CTR w/ 256-bit key (Deprecated) -65531: A128CBC, # AES-CBC w/ 128-bit key (Deprecated) -65530: A192CBC, # AES-CBC w/ 192-bit key (Deprecated) -65529: A256CBC, # AES-CBC w/ 256-bit key (Deprecated) -65529: A256CBC, # AES-CBC w/ 256-bit key (Deprecated) -36: ES512, # ECDSA w/ SHA-512 (Deprecated) -35: ES384, # ECDSA w/ SHA-384 (Deprecated) -8: EdDSA, # EdDSA (Deprecated) -7: ES256, # ECDSA w/ SHA-256 (Deprecated)

Name	Status	Value	Description
RS1	➖	-65535	RSASSA-PKCS1-v1_5 using SHA-1
A128CTR	✅	-65534	AES-CTR w/ 128-bit key
A192CTR	✅	-65533	AES-CTR w/ 192-bit key
A256CTR	✅	-65532	AES-CTR w/ 256-bit key
A128CBC	✅	-65531	AES-CBC w/ 128-bit key
A192CBC	✅	-65530	AES-CBC w/ 192-bit key
A256CBC	✅	-65529	AES-CBC w/ 256-bit key
ESB512		-268	ECDSA using BrainpoolP512r1 curve and SHA-512
ESB384		-267	ECDSA using BrainpoolP384r1 curve and SHA-384
ESB320		-266	ECDSA using BrainpoolP320r1 curve and SHA-384
ESB256		-265	ECDSA using BrainpoolP256r1 curve and SHA-256
WalnutDSA		-260	WalnutDSA signature
RS512	✅	-259	RSASSA-PKCS1-v1_5 using SHA-512
RS384	✅	-258	RSASSA-PKCS1-v1_5 using SHA-384
RS256	✅	-257	RSASSA-PKCS1-v1_5 using SHA-256
Ed448	✅	-53	EdDSA using Ed448 curve
ESP512	✅	-52	ECDSA using P-521 curve and SHA-512
ESP384	✅	-51	ECDSA using P-384 curve and SHA-384
ES256K	✅	-47	ECDSA using secp256k1 curve and SHA-256
HSS-LMS		-46	HSS/LMS hash-based digital signature
SHAKE256		-45	SHAKE-256 512-bit Hash Value
SHA-512		-44	SHA-2 512-bit Hash
SHA-384		-43	SHA-2 384-bit Hash
RSAES-OAEP w/ SHA-512		-42	RSAES-OAEP w/ SHA-512
RSAES-OAEP w/ SHA-256		-41	RSAES-OAEP w/ SHA-256
RSAES-OAEP w/ RFC 8017 default parameters		-40	RSAES-OAEP w/ SHA-1
PS512	✅	-39	RSASSA-PSS w/ SHA-512
PS384	✅	-38	RSASSA-PSS w/ SHA-384
PS256	✅	-37	RSASSA-PSS w/ SHA-256
ES512	✅	-36	ECDSA w/ SHA-512
ES384	✅	-35	ECDSA w/ SHA-384
ECDH-SS + A256KW	✅	-34	ECDH SS w/ Concat KDF and AES Key Wrap w/ 256-bit key
ECDH-SS + A192KW	✅	-33	ECDH SS w/ Concat KDF and AES Key Wrap w/ 192-bit key
ECDH-SS + A128KW	✅	-32	ECDH SS w/ Concat KDF and AES Key Wrap w/ 128-bit key
ECDH-ES + A256KW	✅	-31	ECDH ES w/ Concat KDF and AES Key Wrap w/ 256-bit key
ECDH-ES + A192KW	✅	-30	ECDH ES w/ Concat KDF and AES Key Wrap w/ 192-bit key
ECDH-ES + A128KW	✅	-29	ECDH ES w/ Concat KDF and AES Key Wrap w/ 128-bit key
ECDH-SS + HKDF-512	✅	-28	ECDH SS w/ HKDF - generate key directly
ECDH-SS + HKDF-256	✅	-27	ECDH SS w/ HKDF - generate key directly
ECDH-ES + HKDF-512	✅	-26	ECDH ES w/ HKDF - generate key directly
ECDH-ES + HKDF-256	✅	-25	ECDH ES w/ HKDF - generate key directly
Ed25519	✅	-19 \| EdDSA using Ed25519 curve
SHAKE128		-18	SHAKE-128 256-bit Hash Value
SHA-512/256		-17	SHA-2 512-bit Hash truncated to 256-bits
SHA-256		-16	SHA-2 256-bit Hash
SHA-256/64		-15	SHA-2 256-bit Hash truncated to 64-bits
SHA-1	➖	-14	SHA-1 Hash
direct+HKDF-AES-256		-13	Shared secret w/ AES-MAC 256-bit key
direct+HKDF-AES-128		-12	Shared secret w/ AES-MAC 128-bit key
direct+HKDF-SHA-512	✅	-11	Shared secret w/ HKDF and SHA-512
direct+HKDF-SHA-256	✅	-10	Shared secret w/ HKDF and SHA-256
ESP256	✅	-9	ECDSA using P-256 curve and SHA-256
EdDSA	✅	-8	EdDSA
ES256	✅	-7	ECDSA w/ SHA-256
direct	✅	-6	Direct use of CEK
A256KW	✅	-5	AES Key Wrap w/ 256-bit key
A192KW	✅	-4	AES Key Wrap w/ 192-bit key
A128KW	✅	-3	AES Key Wrap w/ 128-bit key
A128GCM	✅	1	AES-GCM mode w/ 128-bit key, 128-bit tag
A192GCM	✅	2	AES-GCM mode w/ 192-bit key, 128-bit tag
A256GCM	✅	3	AES-GCM mode w/ 256-bit key, 128-bit tag
HMAC 256/64	✅	4	HMAC w/ SHA-256 truncated to 64 bits
HMAC 256/256 (“HS256” can also be used.)	✅	5	HMAC w/ SHA-256
HMAC 384/384 (“HS384” can also be used.)	✅	6	HMAC w/ SHA-384
HMAC 512/512 (“HS512” can also be used.)	✅	7	HMAC w/ SHA-512
AES-CCM-16-64-128	✅	10	AES-CCM mode 128-bit key, 64-bit tag, 13-byte nonce
AES-CCM-16-64-256	✅	11	AES-CCM mode 256-bit key, 64-bit tag, 13-byte nonce
AES-CCM-64-64-128	✅	12	AES-CCM mode 128-bit key, 64-bit tag, 7-byte nonce
AES-CCM-64-64-256	✅	13	AES-CCM mode 256-bit key, 64-bit tag, 7-byte nonce
AES-MAC 128/64	➖	14	AES-MAC 128-bit key, 64-bit tag
AES-MAC 256/64	➖	15	AES-MAC 256-bit key, 64-bit tag
ChaCha20/Poly1305	✅	24	ChaCha20/Poly1305 w/ 256-bit key, 128-bit tag
AES-MAC 128/128	➖	25	AES-MAC 128-bit key, 128-bit tag
AES-MAC 128/128	➖	26	AES-MAC 256-bit key, 128-bit tag
AES-CCM-16-128-128	✅	30	AES-CCM mode 128-bit key, 128-bit tag, 13-byte nonce
AES-CCM-16-128-256	✅	31	AES-CCM mode 256-bit key, 128-bit tag, 13-byte nonce
AES-CCM-64-128-128	✅	32	AES-CCM mode 128-bit key, 128-bit tag, 7-byte nonce
AES-CCM-64-128-256	✅	33	AES-CCM mode 256-bit key, 128-bit tag, 7-byte nonce

COSE Elliptic Curves

Name	Status	Value	Description
P-256	✅	1	NIST P-256 also known as secp256r1
P-384	✅	2	NIST P-384 also known as secp384r1
P-521	✅	3	NIST P-521 also known as secp521r1
X25519	✅	4	X25519 for use w/ ECDH only
X448	✅	5	X448 for use w/ ECDH only
Ed25519	✅	6	Ed25519 for use w/ EdDSA only
Ed448	✅	7	Ed448 for use w/ EdDSA only
secp256k1	✅	8	SECG secp256k1 curve