Skip to content

Simple command line tool to generate and verify COSE signatures

License

Notifications You must be signed in to change notification settings

kommendorkapten/cosetool

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

cosetool

Simple command line utility to interact with COSE envelopes. Provides generation and validation of COSE envelopes. Keys can be provided in PEM format, or be generated in memory during signature generation. For ephemeral keys, the generated public key is stored in the file public.pem. Existing files will be overwritten without questions. When generating a signature, the content type can be set via the -t parameter.

Limitations

  • Only a single signer/Sign1 is implemented.
  • Only ECDSA/P256 with SHA256 is supported.

Examples

Generate a key pair

$ coset -g ecdsa
$ ls
private.pem	public.pem

Sign a message

$ coset -s -m "hello world" -t text/plain -k private.pem
$ ls
private.pem	public.pem	sig.cbor

Verify a signature

$ coset -f sig.cbor -k public.pem
$ echo $?
0

No output is printed on success

Verify a signature and print body

$ coset -f sig.cbor -k public.pem -o text
hello world

Sign a file with an ephemeral key

$ dd if=/dev/random bs=512 count=1 of=binary
1+0 records in
1+0 records out
512 bytes transferred in 0.000145 secs (3531034 bytes/sec)
$ coset -s -t application/octet-stream -f binary
$ ls
binary		public.pem	sig.cbor
$ coset -k public.pem -f sig.cbor -o base64
Nx/yRw3R209ufdTr5DAeAI3T8uv/lFgzMdCQM+havVuyYSHeYVonSEe5c1QfVQ3OkSEIlbfZ
V+mXDYggYdDnOWtuy4n1jlGss4QD2fvntCqqNo473QJcgOZBgb/YtMSQkg115i5/ssD7+LWS
pfp/0EMi/vC2mo22sdUSrpDiz1EJ0mQx27AvRgC4y2k69nhIMw9ljr8TDwSMUr/M7/tdSxnd
LBx8pYO6i+8i9w5ayfUpjUjdAzU5m9quTux3X0ftMD3fHpHGjnC0Hu5CdgRUfO9aMiENc6qr
+tw4Khlp711RZ+LFukTriB7r8dYLAlcpRHn6ufrxphf0f73KBYaB2g1UDuAg+sVSWXXQkXk5
NRSKod4TWfuI6H/h6wHQbgWirzTc6gOysUGSavv4z+nM6hUHE/vz7VrG9l7KwE4eKuqZ5vly
7KMPYEiAmFUccESzh2RkGbWvhLlDia23hL1tgCVB9bWILxdEbG766i5lyZcGQVt22w/KwCvA
Y9YMu0u3GLyyA3BBhF/AZz0ZQgQzgnGJ0vj1c5n1gN/kRLW1o26qLri0uYTHpRsdsf+lCemK
/oozuIYULc3XOJhVUV8H5Nv9j5XprbM+ZfWQG+9RNvUZQaLCQ6kpQbgnFF9mdRMTM8ePsl4I
vsqKZNooHIWjGZsO1kZC8kRBJEgPV+67Rd8=

Sign with AAD (Additional Authenticated Data)

$ coset -s -m "hello world" -e Nx/yRw3R208=
$ coset -k public.pem -f sig.cbor -e Nx/yRw3R209=
$ coset -k public.pem -f sig.cbor -e Nx/yRw3R200=
panic: verification error

About

Simple command line tool to generate and verify COSE signatures

Resources

License

Stars

Watchers

Forks

Packages

No packages published