New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →

@transmute/cose

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@transmute/cose

COSE and related work.

0.0.14
Source
npm

Version published: last year

Weekly downloads: 13; decreased by-75.93%

Maintainers: 3

Weekly downloads

Created: 2 years ago

Source

cose

Branches Functions Lines Statements Jest coverage

Questions? Contact Transmute

Usage

npm install '@transmute/cose'

import cose from '@transmute/cose'

const cose = require('@transmute/cose')

Inclusion Proof

const signed_inclusion_proof = await cose.merkle.inclusion_proof({
    alg: signer.alg,
    kid: log_id,
    leaf_index: 2,
    leaves,
    signer,
  })

18(                                 / COSE Single Signer Data Object        /
    [
      h'a2012604...6d706c65',       / Protected header                      /
      {                             / Unprotected header                    /
        100: [                      / Inclusion proofs (2)                  /
          h'83040282...1f487bb1',   / Inclusion proof 1                     /
          h'83040382...1f487bb1',   / Inclusion proof 2                     /
        ]
      },
      h'',                          / Payload                               /
      h'efde9a59...b4cb142b'        / Signature                             /
    ]
)

{                                   / Protected header                      /
  1: -7,                            / Cryptographic algorithm to use        /
  4: h'68747470...6d706c65'         / Key identifier                        /
}

[                                   / Inclusion proof 1                     /
  4,                                / Tree size                             /
  2,                                / Leaf index                            /
  [                                 / Inclusion hashes (2)                  /
     h'a39655d4...d29a968a'         / Intermediate hash 1                   /
     h'57187dff...1f487bb1'         / Intermediate hash 2                   /
  ]
]

[                                   / Inclusion proof 2                     /
  4,                                / Tree size                             /
  3,                                / Leaf index                            /
  [                                 / Inclusion hashes (2)                  /
     h'e7f16481...aab81688'         / Intermediate hash 1                   /
     h'57187dff...1f487bb1'         / Intermediate hash 2                   /
  ]
]

Setup

import cose from '@transmute/cose'
const signer = await cose.signer({
  privateKeyJwk: {
    kty: 'EC',
    crv: 'P-256',
    alg: 'ES256',
    d: 'o_95vWSheg19YU7viU3PmW_kRIWk14HiVLXDXiZjEL0',
    x: 'LYdh0ITBGLOUpywy0adFxXyaIaQapIEOLgfw7933TRE',
    y: 'I6R3hgQZf2topOWa0VBjEugRgHISJ39LvOlfVX29P0w',
  },
})
const verifier = await cose.verifier({
  publicKeyJwk: {
    kty: 'EC',
    crv: 'P-256',
    alg: 'ES256',
    x: 'LYdh0ITBGLOUpywy0adFxXyaIaQapIEOLgfw7933TRE',
    y: 'I6R3hgQZf2topOWa0VBjEugRgHISJ39LvOlfVX29P0w',
  },
})

Issue Inclusion Proof

const message0 = cose.cbor.encode(0)
const message1 = cose.cbor.encode('1')
const message2 = cose.cbor.encode([2, 2])
const message3 = cose.cbor.encode({ 3: 3 })

const entries = [message0, message1, message2, message3]
const leaves = entries.map(cose.merkle.leaf)
const old_root = await cose.merkle.root({ leaves })

const signed_inclusion_proof = await cose.merkle.inclusion_proof({
  leaf_index: 2,
  leaves,
  signer,
})

Verify Inclusion Proof

const verified_inclusion_proof = await cose.merkle.verify_inclusion_proof({
  leaf: cose.merkle.leaf(entries[2]),
  signed_inclusion_proof,
  verifier,
})

Multi Verify

const verified3 = await cose.merkle.verify_multiple(
  {
    leaves: [cose.merkle.leaf(entries[2]), cose.merkle.leaf(entries[3])],
    signed_inclusion_proof: updated,
    verifier
  }
)

Issue Consistency Proof

const message4 = cose.cbor.encode(['🔥', 4])
const message5 = cose.cbor.encode({ five: '💀' })
const leaves2 = entries.map(cose.merkle.leaf)
const signed_consistency_proof = await cose.merkle.consistency_proof({
  signed_inclusion_proof,
  leaves: leaves2,
  signer,
})

Verify Consistency Proof

const verified = await cose.merkle.verify_consistency_proof({
  old_root,
  signed_consistency_proof,
  verifier,
})

Develop

npm i
npm t
npm run lint
npm run build

FAQs

What is @transmute/cose?

Is @transmute/cose popular?

Is @transmute/cose well maintained?

Package last updated on 15 Oct 2023

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install