npmpackage.info

Gathering detailed insights and metrics for cose-js

Other packages similar to cose-js

@types/cose-js

0.8.3

TypeScript definitions for cose-js

Gathering detailed insights and metrics for cose-js

cose-js - 0.9.0 | npmpackage.info

cose-js

JavaScript implementation of COSE

0.9.0

Apache-2.0

JavaScript

827.36 kB

5.9

Installations

npm install cose-js

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Min. Node Version

>=12.0

Node Version

17.8.0

NPM Version

8.5.5 Pull Requests

Open

9

Total

48

Closed

3

Merged

36

Issues

Open

4

Total

24

Closed

20

Releases

v0.9.0

Updated on Sep 22, 2023

v0.8.4

Updated on Feb 12, 2022

v0.8.3

Updated on Dec 19, 2021

v0.8.2

Updated on Nov 07, 2021

v0.8.0

Updated on Nov 04, 2021

added RSA support

v0.7.0

Updated on Sep 27, 2021

View All 9 releases

Languages

JavaScript

JavaScript (100%)

Developer

erdtman

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

Apache-2.0 License

30 Stars

182 Commits

26 Forks

2 Watchers

9 Branches

9 Contributors

Updated on Apr 16, 2025

Maintainers

View All 9 Contributors

Package Meta Information

Latest Version

0.9.0

Package Id

cose-js@0.9.0

Unpacked Size

827.36 kB

Size

121.70 kB

File Count

348

NPM Version

8.5.5

Node Version

17.8.0

Published on

Sep 22, 2023

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

aes-cbc-mac any-promise cbor elliptic node-hkdf-sync node-rsa

Dev Dependencies

ava base64url jsonfile jwk-to-pem live-server npm-run-all nyc semistandard watch

cose-js

JavaScript implementation of COSE, RFC8152

MAC

1const cose = require('cose-js');
2try {
3  const plaintext = 'Important message!';
4  const headers = {
5    p: { alg: 'SHA-256_64' },
6    u: { kid: 'our-secret' }
7  };
8  const recipent = {
9    key: Buffer.from('231f4c4d4d3051fdc2ec0a3851d5b383', 'hex')
10  };
11  const buf = await cose.mac.create(headers, plaintext, recipent);
12  console.log('MACed message: ' + buf.toString('hex'));
13} catch (error) {
14  console.log(error);
15}

Verify MAC

1const cose = require('cose-js');
2try {
3  const key = Buffer.from('231f4c4d4d3051fdc2ec0a3851d5b383', 'hex');
4  const COSEMessage = Buffer.from('d18443a10104a1044a6f75722d73656372657472496d706f7274616e74206d65737361676521488894981d4aa5d614', 'hex');
5  const buf = await cose.mac.read(COSEMessage, key);
6  console.log('Verified message: ' + buf.toString('utf8'));
7} catch (error) {
8  console.log(error);
9}

Sign

1const cose = require('cose-js');
2try {
3  const plaintext = 'Important message!';
4  const headers = {
5    p: { alg: 'ES256' },
6    u: { kid: '11' }
7  };
8  const signer = {
9    key: {
10      d: Buffer.from('6c1382765aec5358f117733d281c1c7bdc39884d04a45a1e6c67c858bc206c19', 'hex')
11    }
12  };
13  const buf = await cose.sign.create(headers, plaintext, signer);
14  console.log('Signed message: ' + buf.toString('hex'));
15} catch (error) {
16  console.log(error);
17}

Verify Signature

1const cose = require('cose-js');
2try {
3  const verifier = {
4    key: {
5      x: Buffer.from('143329cce7868e416927599cf65a34f3ce2ffda55a7eca69ed8919a394d42f0f', 'hex'),
6      y: Buffer.from('60f7f1a780d8a783bfb7a2dd6b2796e8128dbbcef9d3d168db9529971a36e7b9', 'hex')
7    }
8  };
9  const COSEMessage = Buffer.from('d28443a10126a10442313172496d706f7274616e74206d6573736167652158404c2b6b66dfedc4cfef0f221cf7ac7f95087a4c4245fef0063a0fd4014b670f642d31e26d38345bb4efcdc7ded3083ab4fe71b62a23f766d83785f044b20534f9', 'hex');
10  const buf = await cose.sign.verify(COSEMessage, verifier);
11  console.log('Verified message: ' + buf.toString('utf8'));
12} catch (error) {
13  console.log(error);
14}

Encrypt

1const cose = require('cose-js');
2try {
3  const plaintext = 'Secret message!';
4  const headers = {
5    p: { alg: 'A128GCM' },
6    u: { kid: 'our-secret' }
7  };
8  const recipient = {
9    key: Buffer.from('231f4c4d4d3051fdc2ec0a3851d5b383', 'hex')
10  };
11  const buf = await cose.encrypt.create(headers, plaintext, recipient);
12  console.log('Encrypted message: ' + buf.toString('hex'));
13} catch (error) {
14  console.log(error);
15}

Decrypt

1const cose = require('cose-js');
2try {
3  const key = Buffer.from('231f4c4d4d3051fdc2ec0a3851d5b383', 'hex');
4  const COSEMessage = Buffer.from('d8608443a10101a2044a6f75722d736563726574054c291a40271067ff57b1623c30581f23b663aaf9dfb91c5a39a175118ad7d72d416385b1b610e28b3b3fd824a397818340a040', 'hex');
5  const buf = await cose.encrypt.read(COSEMessage, key);
6  console.log('Protected message: ' + buf.toString('utf8'));
7} catch (error) {
8  console.log(error);
9}

Install

npm install cose-js --save

Test

npm test

No vulnerabilities found.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

10

License

Determines if the project has defined a license.

10

Pinned-Dependencies

Determines if the project has declared and pinned its dependencies.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dependency-Update-Tool

Determines if the project uses a dependency update tool.

2

Code-Review

Determines if the project requires code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has a CII Best Practices Badge.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

Score

5.9

/10

Last Scanned on 2022-08-15

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More