Ruby implementation of RFC 8152 CBOR Object Signing and Encryption (COSE)
Add this line to your application's Gemfile:
gem 'cose'
And then execute:
$ bundle
Or install it yourself as:
$ gem install cose
cbor_data = "..." key = COSE::Key.deserialize(cbor_data)
Once you have a COSE::Key instance you can either access key parameters directly and/or convert it to an
OpenSSL::PKey::PKey instance (if supported for the key type) for operating with it
(encrypting/decrypting, signing/verifying, etc).
# Convert to an OpenSSL::PKey::PKey if key.respond_to?(:to_pkey) openssl_pkey = key.to_pkey end # Access COSE key parameters case key when COSE::Key::OKP key.crv key.x key.d when COSE::Key::EC2 key.crv key.x key.y key.d when COSE::Key::RSA key.n key.e key.d key.p key.q key.dp key.dq key.qinv when COSE::Key::Symmetric key.k end
If you already know which COSE key type is encoded in the CBOR data, then:
okp_key_cbor = "..." cose_okp_key = COSE::Key::OKP.deserialize(okp_key_cbor) cose_okp_key.crv cose_okp_key.x cose_okp_key.d
ec2_key_cbor = "..." cose_ec2_key = COSE::Key::EC2.deserialize(ec2_key_cbor) cose_ec2_key.crv cose_ec2_key.x cose_ec2_key.y cose_ec2_key.d # or ec_pkey = cose_ec2_key.to_pkey # Instance of an OpenSSL::PKey::EC
symmetric_key_cbor = "..." cose_symmetric_key = COSE::Key::Symmetric.deserialize(symmetric_key_cbor) cose_symmetric_key.k
rsa_key_cbor = "..." cose_rsa_key = COSE::Key::RSA.deserialize(rsa_key_cbor) cose_rsa_key.n cose_rsa_key.e cose_rsa_key.d cose_rsa_key.p cose_rsa_key.q cose_rsa_key.dp cose_rsa_key.dq cose_rsa_key.qinv # or rsa_pkey = cose_rsa_key.to_pkey # Instance of an OpenSSL::PKey::RSA
ec_pkey = OpenSSL::PKey::EC.new("prime256v1").generate_key cose_ec2_key_cbor = COSE::Key.serialize(ec_pkey)
rsa_pkey = OpenSSL::PKey::RSA.new(2048) cose_rsa_key_cbor = COSE::Key.serialize(rsa_pkey)
cbor_data = "..." sign = COSE::Sign.deserialize(cbor_data) # Verify by doing (key should be a COSE::Key): sign.verify(key) # or, if externally supplied authenticated data exists: sign.verify(key, external_aad) # Then access payload sign.payload
cbor_data = "..." sign1 = COSE::Sign1.deserialize(cbor_data) # Verify by doing (key should be a COSE::Key): sign1.verify(key) # or, if externally supplied authenticated data exists: sign1.verify(key, external_aad) # Then access payload sign1.payload
cbor_data = "..." mac = COSE::Mac.deserialize(cbor_data) # Verify by doing (key should be a COSE::Key::Symmetric): mac.verify(key) # or, if externally supplied authenticated data exists: mac.verify(key, external_aad) # Then access payload mac.payload
cbor_data = "..." mac0 = COSE::Mac0.deserialize(cbor_data) # Verify by doing (key should be a COSE::Key::Symmetric): mac0.verify(key) # or, if externally supplied authenticated data exists: mac0.verify(key, external_aad) # Then access payload mac0.payload
cbor_data = "..." encrypt = COSE::Encrypt.deserialize(cbor_data) encrypt.protected_headers encrypt.unprotected_headers encrypt.ciphertext encrypt.recipients.each do |recipient| recipient.protected_headers recipient.unprotected_headers recipient.ciphertext if recipient.recipients recipient.recipients.each do |recipient| recipient.protected_headers recipient.unprotected_headers recipient.ciphertext end end end
cbor_data = "..." encrypt0 = COSE::Encrypt0.deserialize(cbor_data) encrypt0.protected_headers encrypt0.unprotected_headers encrypt0.ciphertext
After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/cedarcode/cose-ruby.
The gem is available as open source under the terms of the MIT License.