Name | Value | Hash | Description |
---|---|---|---|
ES256 | -7 | SHA-256 | ECDSA w/ SHA-256 |
ES384 | -35 | SHA-384 | ECDSA w/ SHA-384 |
ES512 | -36 | SHA-512 | ECDSA w/ SHA-512 |
Name | Value | Description |
---|---|---|
EdDSA | -8 | EdDSA |
Name | Value | Hash | Tag Length | Description |
---|---|---|---|---|
HMAC 256/64 | 4 | SHA-256 | 64 | HMAC w/ SHA-256 truncated to 64 bits |
HMAC 256/256 | 5 | SHA-256 | 256 | HMAC w/ SHA-256 |
HMAC 384/384 | 6 | SHA-384 | 384 | HMAC w/ SHA-384 |
HMAC 512/512 | 7 | SHA-512 | 512 | HMAC w/ SHA-512 |
Name | Value | Key Length | Tag Length | Description |
---|---|---|---|---|
AES-MAC 128/64 | 14 | 128 | 64 | AES-MAC 128-bit key, 64-bit tag |
AES-MAC 256/64 | 15 | 256 | 64 | AES-MAC 256-bit key, 64-bit tag |
AES-MAC 128/128 | 25 | 128 | 128 | AES-MAC 128-bit key, 128-bit tag |
AES-MAC 256/128 | 26 | 256 | 128 | AES-MAC 256-bit key, 128-bit tag |
Name | Value | Description |
---|---|---|
A128GCM | 1 | AES-GCM mode w/ 128-bit key, 128-bit tag |
A192GCM | 2 | AES-GCM mode w/ 192-bit key, 128-bit tag |
A256GCM | 3 | AES-GCM mode w/ 256-bit key, 128-bit tag |
Name | Value | L | M | k | Description |
---|---|---|---|---|---|
AES-CCM-16-64-128 | 10 | 16 | 64 | 128 | AES-CCM mode 128-bit key, 64-bit tag, 13-byte nonce |
AES-CCM-16-64-256 | 11 | 16 | 64 | 256 | AES-CCM mode 256-bit key, 64-bit tag, 13-byte nonce |
AES-CCM-64-64-128 | 12 | 64 | 64 | 128 | AES-CCM mode 128-bit key, 64-bit tag, 7-byte nonce |
AES-CCM-64-64-256 | 13 | 64 | 64 | 256 | AES-CCM mode 256-bit key, 64-bit tag, 7-byte nonce |
AES-CCM-16-128-128 | 30 | 16 | 128 | 128 | AES-CCM mode 128-bit key, 128-bit tag, 13-byte nonce |
AES-CCM-16-128-256 | 31 | 16 | 128 | 256 | AES-CCM mode 256-bit key, 128-bit tag, 13-byte nonce |
AES-CCM-64-128-128 | 32 | 64 | 128 | 128 | AES-CCM mode 128-bit key, 128-bit tag, 7-byte nonce |
AES-CCM-64-128-256 | 33 | 64 | 128 | 256 | AES-CCM mode 256-bit key, 128-bit tag, 7-byte nonce |
Name | Value | Description |
---|---|---|
ChaCha20/Poly1305 | 24 | ChaCha20/Poly1305 w/ 256-bit key, 128-bit tag |
Name | PRF | Description |
---|---|---|
HKDF SHA-256 | HMAC with SHA-256 | HKDF using HMAC SHA-256 as the PRF |
HKDF SHA-512 | HMAC with SHA-512 | HKDF using HMAC SHA-512 as the PRF |
HKDF AES-MAC-128 | AES-CBC-MAC-128 | HKDF using AES-MAC as the PRF w/ 128-bit key |
HKDF AES-MAC-256 | AES-CBC-MAC-256 | HKDF using AES-MAC as the PRF w/ 256-bit key |
Name | Label | Type | Algorithm | Description |
---|---|---|---|---|
salt | -20 | bstr | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Random salt |
Name | Label | Type | Algorithm | Description |
---|---|---|---|---|
PartyU identity | -21 | bstr | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Party U identity information |
PartyU nonce | -22 | bstr / int | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Party U provided nonce |
PartyU other | -23 | bstr | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Party U other provided information |
PartyV identity | -24 | bstr | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Party V identity information |
PartyV nonce | -25 | bstr / int | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Party V provided nonce |
PartyV other | -26 | bstr | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Party V other provided information |
Name | Value | Description |
---|---|---|
direct | -6 | Direct use of CEK |
Name | Value | KDF | Description |
---|---|---|---|
direct+HKDF-SHA-256 | -10 | HKDF SHA-256 | Shared secret w/ HKDF and SHA-256 |
direct+HKDF-SHA-512 | -11 | HKDF SHA-512 | Shared secret w/ HKDF and SHA-512 |
direct+HKDF-AES-128 | -12 | HKDF AES-MAC-128 | Shared secret w/ AES-MAC 128-bit key |
direct+HKDF-AES-256 | -13 | HKDF AES-MAC-256 | Shared secret w/ AES-MAC 256-bit key |
Name | Value | Key Size | Description |
---|---|---|---|
A128KW | -3 | 128 | AES Key Wrap w/ 128-bit key |
A192KW | -4 | 192 | AES Key Wrap w/ 192-bit key |
A256KW | -5 | 256 | AES Key Wrap w/ 256-bit key |
Name | Value | KDF | Ephemeral- Static | Key Wrap | Description |
---|---|---|---|---|---|
ECDH-ES + HKDF-256 | -25 | HKDF - SHA-256 | yes | none | ECDH ES w/ HKDF - generate key directly |
ECDH-ES + HKDF-512 | -26 | HKDF - SHA-512 | yes | none | ECDH ES w/ HKDF - generate key directly |
ECDH-SS + HKDF-256 | -27 | HKDF - SHA-256 | no | none | ECDH SS w/ HKDF - generate key directly |
ECDH-SS + HKDF-512 | -28 | HKDF - SHA-512 | no | none | ECDH SS w/ HKDF - generate key directly |
Name | Label | Type | Algorithm | Description |
---|---|---|---|---|
ephemeral key | -1 | COSE_Key | ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW | Ephemeral public key for the sender |
static key | -2 | COSE_Key | ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Static public key for the sender |
static key id | -3 | bstr | ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | Static public key identifier for the sender |
Name | Value | KDF | Ephemeral- Static | Key Wrap | Description |
---|---|---|---|---|---|
ECDH-ES + A128KW | -29 | HKDF - SHA-256 | yes | A128KW | ECDH ES w/ Concat KDF and AES Key Wrap w/ 128-bit key |
ECDH-ES + A192KW | -30 | HKDF - SHA-256 | yes | A192KW | ECDH ES w/ Concat KDF and AES Key Wrap w/ 192-bit key |
ECDH-ES + A256KW | -31 | HKDF - SHA-256 | yes | A256KW | ECDH ES w/ Concat KDF and AES Key Wrap w/ 256-bit key |
ECDH-SS + A128KW | -32 | HKDF - SHA-256 | no | A128KW | ECDH SS w/ Concat KDF and AES Key Wrap w/ 128-bit key |
ECDH-SS + A192KW | -33 | HKDF - SHA-256 | no | A192KW | ECDH SS w/ Concat KDF and AES Key Wrap w/ 192-bit key |
ECDH-SS + A256KW | -34 | HKDF - SHA-256 | no | A256KW | ECDH SS w/ Concat KDF and AES Key Wrap w/ 256-bit key |
Name | Value | Description |
---|---|---|
OKP | 1 | Octet Key Pair |
EC2 | 2 | Elliptic Curve Keys w/ x- and y-coordinate pair |
Symmetric | 4 | Symmetric Keys |
Reserved | 0 | This value is reserved |
Name | Value | Key Type | Description |
---|---|---|---|
P-256 | 1 | EC2 | NIST P-256 also known as secp256r1 |
P-384 | 2 | EC2 | NIST P-384 also known as secp384r1 |
P-521 | 3 | EC2 | NIST P-521 also known as secp521r1 |
X25519 | 4 | OKP | X25519 for use w/ ECDH only |
X448 | 5 | OKP | X448 for use w/ ECDH only |
Ed25519 | 6 | OKP | Ed25519 for use w/ EdDSA only |
Ed448 | 7 | OKP | Ed448 for use w/ EdDSA only |
Key Type | Name | Label | CBOR Type | Description |
---|---|---|---|---|
2 | crv | -1 | int / tstr | EC identifier - Taken from the "COSE Elliptic Curves" registry |
2 | x | -2 | bstr | x-coordinate |
2 | y | -3 | bstr / bool | y-coordinate |
2 | d | -4 | bstr | Private key |
Name | Key Type | Label | Type | Description |
---|---|---|---|---|
crv | 1 | -1 | int / tstr | EC identifier - Taken from the "COSE Elliptic Curves" registry |
x | 1 | -2 | bstr | Public Key |
d | 1 | -4 | bstr | Private key |
Name | Key Type | Label | Type | Description |
---|---|---|---|---|
k | 4 | -1 | bstr | Key Value |
Value | Name | Capabilities |
---|---|---|
1 | OKP | [kty(1), crv] |
2 | EC2 | [kty(2), crv] |
3 | RSA | [kty(3)] |
4 | Symmetric | [kty(4)] |
5 | HSS-LMS | [kty(5), hash algorithm] |
Name | Value | Description | Reference | Recommended |
---|---|---|---|---|
IV Generation | IV-GENERATION | Reserved for doing IV generation for symmetric algorithms. | [[THIS DOCUMENT]] | No |