0.2.0 ā¢ Published 2 months ago
@transmute/cose v0.2.0
cose
Questions? Contact Transmute
Usage
š„ This package is not stable or suitable for production use š§
npm install '@transmute/cose'
import * as cose from "@transmute/cose";
const cose = require("@transmute/cose");
SCITT Receipts
const issuerSecretKeyJwk = await cose.key.generate<cose.SecretKeyJwk>(
"ES256",
"application/jwk+json"
);
const issuerPublicKeyJwk = await cose.key.publicFromPrivate<cose.PublicKeyJwk>(
issuerSecretKeyJwk
);
const notarySecretKeyJwk = await cose.key.generate<cose.SecretKeyJwk>(
"ES256",
"application/jwk+json"
);
const notaryPublicKeyJwk = await cose.key.publicFromPrivate<cose.PublicKeyJwk>(
notarySecretKeyJwk
);
const issuer = cose.detached.signer({
remote: cose.crypto.signer({
secretKeyJwk: issuerSecretKeyJwk,
}),
});
const notary = cose.detached.signer({
remote: cose.crypto.signer({
secretKeyJwk: notarySecretKeyJwk,
}),
});
const content = fs.readFileSync("./examples/image.png");
const signatureForImage = await issuer.sign({
protectedHeader: cose.ProtectedHeader([
[cose.Protected.Alg, cose.Signature.ES256], // signing algorithm ES256
[cose.Protected.ContentType, "image/png"], // content type image/png
[cose.Protected.Kid, issuerPublicKeyJwk.kid], // issuer key identifier
]),
payload: content,
});
const transparencyLogContainingImageSignatures = [
await cose.receipt.leaf(signatureForImage),
];
const receiptForImageSignature = await cose.receipt.inclusion.issue({
protectedHeader: cose.ProtectedHeader([
[cose.Protected.Alg, cose.Signature.ES256],
[cose.Protected.ProofType, cose.Receipt.Inclusion],
[cose.Protected.Kid, notaryPublicKeyJwk.kid],
]),
entry: 0,
entries: transparencyLogContainingImageSignatures,
signer: notary,
});
const transparentSignature = await cose.receipt.add(
signatureForImage,
receiptForImageSignature
);
const resolve = async (
coseSign1: cose.CoseSign1Bytes
): Promise<cose.PublicKeyJwk> => {
const { tag, value } = cose.cbor.decodeFirstSync(coseSign1);
if (tag !== cose.COSE_Sign1) {
throw new Error("Only tagged cose sign 1 are supported");
}
const [protectedHeaderBytes] = value;
const protectedHeaderMap = cose.cbor.decodeFirstSync(protectedHeaderBytes);
const kid = protectedHeaderMap.get(cose.Protected.Kid);
if (kid === issuerPublicKeyJwk.kid) {
return issuerPublicKeyJwk;
}
if (kid === notaryPublicKeyJwk.kid) {
return notaryPublicKeyJwk;
}
throw new Error("No verification key found in trust store.");
};
const verifier = await cose.receipt.verifier({
resolve,
});
const verified = await verifier.verify({
coseSign1: transparentSignature,
payload: content,
});
HPKE
const message = "š My lungs taste the air of Time Blown past falling sands ā";
const plaintext = new TextEncoder().encode(message);
const encryptionKeys = {
keys: [
{
kid: "meriadoc.brandybuck@buckland.example",
alg: "HPKE-Base-P256-SHA256-AES128GCM",
kty: "EC",
crv: "P-256",
x: "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
y: "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
},
],
};
const decryptionKeys = {
keys: [
{
kid: "meriadoc.brandybuck@buckland.example",
alg: "HPKE-Base-P256-SHA256-AES128GCM",
kty: "EC",
crv: "P-256",
x: "Ze2loSV3wrroKUN_4zhwGhCqo3Xhu1td4QjeQ5wIVR0",
y: "HlLtdXARY_f55A3fnzQbPcm6hgr34Mp8p-nuzQCE0Zw",
d: "r_kHyZ-a06rmxM3yESK84r1otSg-aQcVStkRhA-iCM8",
},
],
};
const ciphertext = await cose.encrypt.direct({
protectedHeader: ProtectedHeader([
[Protected.Alg, Direct["HPKE-Base-P256-SHA256-AES128GCM"]],
]),
plaintext,
recipients: encryptionKeys,
});
const decrypted = await cose.decrypt.direct({
ciphertext,
recipients: decryptionKeys,
});
COSE RFCs
- RFC9360 - Header Parameters for Carrying and Referencing X.509 Certificates
- RFC9052 - Structures and Process
- RFC9053 - Initial Algorithms
COSE Drafts
SCITT Drafts
Develop
npm i
npm t
npm run lint
npm run build
0.2.0
2 months ago
0.1.1
3 months ago
0.1.0
3 months ago
0.0.20
6 months ago
0.0.21
6 months ago
0.0.22
6 months ago
0.0.23
6 months ago
0.0.24
6 months ago
0.0.25
6 months ago
0.0.15
7 months ago
0.0.16
7 months ago
0.0.17
6 months ago
0.0.18
6 months ago
0.0.19
6 months ago
0.0.10
10 months ago
0.0.11
10 months ago
0.0.12
10 months ago
0.0.13
10 months ago
0.0.14
7 months ago
0.0.9
10 months ago
0.0.8
10 months ago
0.0.7
10 months ago
0.0.6
11 months ago
0.0.5
11 months ago
0.0.4
11 months ago
0.0.3
11 months ago
0.0.2
11 months ago
0.0.1
11 months ago
0.0.0
11 months ago