XML
HTML
Plain text
Registries included below
Francesca Palombini, Matt Miller, Justin Richer, Carsten Bormann
| Range | Registration Procedures |
|---|---|
| Integer values in the range -1 to -65536 | delegated to the COSE Header Algorithm Parameters registry |
| Integer values between 1 and 255 | Standards Action With Expert Review |
| Integer values from 256 to 65535 | Specification Required |
| Integer values greater than 65535 | Expert Review |
| Strings of length 1 | Standards Action With Expert Review |
| Strings of length 2 | Specification Required |
| Strings of length greater than 2 | Expert Review |
| Name | Label | Value Type | Value Registry | Description | Reference |
|---|---|---|---|---|---|
| Reserved for Private Use | less than -65536 | [RFC8152] | |||
| delegated to the COSE Header Algorithm Parameters registry | -65536 to -1 | ||||
| Reserved | 0 | [RFC8152] | |||
| alg | 1 | int / tstr | COSE Algorithms registry | Cryptographic algorithm to use | [RFC8152] |
| crit | 2 | [+ label] | COSE Header Parameters registry | Critical headers to be understood | [RFC8152] |
| content type | 3 | tstr / uint | [COAP Content-Formats] or [Media Types] registry | Content type of the payload | [RFC8152] |
| kid | 4 | bstr | Key identifier | [RFC8152] | |
| IV | 5 | bstr | Full Initialization Vector | [RFC8152] | |
| Partial IV | 6 | bstr | Partial Initialization Vector | [RFC8152] | |
| counter signature | 7 | COSE_Signature / [+ COSE_Signature ] | CBOR-encoded signature structure | [RFC8152] | |
| Unassigned | 8 | ||||
| CounterSignature0 | 9 | bstr | Counter signature with implied signer and headers | [RFC8152] |
Expert Review
Jim Schaad, Göran Selander, Derek Atkins, Sean Turner
| Name | Algorithm | Label | Type | Description | Reference |
|---|---|---|---|---|---|
| Unassigned | -65536 to -27 | ||||
| PartyV other | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -26 | bstr | Party V other provided information | [RFC8152] |
| PartyV nonce | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -25 | bstr / int | Party V provided nonce | [RFC8152] |
| PartyV identity | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -24 | bstr | Party V identity information | [RFC8152] |
| PartyU other | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -23 | bstr | Party U other provided information | [RFC8152] |
| PartyU nonce | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -22 | bstr / int | Party U provided nonce | [RFC8152] |
| PartyU identity | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -21 | bstr | Party U identity information | [RFC8152] |
| salt | direct+HKDF-SHA-256, direct+HKDF-SHA-512, direct+HKDF-AES-128, direct+HKDF-AES-256, ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -20 | bstr | Random salt | [RFC8152] |
| Unassigned | -19 to -4 | ||||
| static key id | ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -3 | bstr | Static public key identifier for the sender | [RFC8152] |
| static key | ECDH-SS+HKDF-256, ECDH-SS+HKDF-512, ECDH-SS+A128KW, ECDH-SS+A192KW, ECDH-SS+A256KW | -2 | COSE_Key | Static public key for the sender | [RFC8152] |
| ephemeral key | ECDH-ES+HKDF-256, ECDH-ES+HKDF-512, ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW | -1 | COSE_Key | Ephemeral public key for the sender | [RFC8152] |
Jim Schaad, Göran Selander, Derek Atkins, Sean Turner
| Range | Registration Procedures |
|---|---|
| Integer values from -65536 to -257 | Specification Required |
| Integer values between -256 and 255 | Standards Action With Expert Review |
| Integer values from 256 to 65535 | Specification Required |
| Integer values greater than 65535 | Expert Review |
| Strings of length 1 | Standards Action With Expert Review |
| Strings of length 2 | Specification Required |
| Strings of length greater than 2 | Expert Review |
| Name | Value | Description | Reference | Recommended |
|---|---|---|---|---|
| Reserved for Private Use | less than -65536 | [RFC8152] | No | |
| Unassigned | -65536 | |||
| RS1 (TEMPORARY - registered 2018-04-19, expires 2019-04-19) | -65535 | RSASSA-PKCS1-v1_5 w/ SHA-1 | [draft-jones-webauthn-cose-algorithms] | Deprecated |
| Unassigned | -65534 to -260 | |||
| RS512 (TEMPORARY - registered 2018-04-19, expires 2019-04-19) | -259 | RSASSA-PKCS1-v1_5 w/ SHA-512 | [draft-jones-webauthn-cose-algorithms] | No |
| RS384 (TEMPORARY - registered 2018-04-19, expires 2019-04-19) | -258 | RSASSA-PKCS1-v1_5 w/ SHA-384 | [draft-jones-webauthn-cose-algorithms] | No |
| RS256 (TEMPORARY - registered 2018-04-19, expires 2019-04-19) | -257 | RSASSA-PKCS1-v1_5 w/ SHA-256 | [draft-jones-webauthn-cose-algorithms] | No |
| Unassigned | -256 to -43 | |||
| RSAES-OAEP w/ SHA-512 | -42 | RSAES-OAEP w/ SHA-512 | [RFC8230] | Yes |
| RSAES-OAEP w/ SHA-256 | -41 | RSAES-OAEP w/ SHA-256 | [RFC8230] | Yes |
| RSAES-OAEP w/ RFC 8017 default parameters | -40 | RSAES-OAEP w/ SHA-1 | [RFC8230] | Yes |
| PS512 | -39 | RSASSA-PSS w/ SHA-512 | [RFC8230] | Yes |
| PS384 | -38 | RSASSA-PSS w/ SHA-384 | [RFC8230] | Yes |
| PS256 | -37 | RSASSA-PSS w/ SHA-256 | [RFC8230] | Yes |
| ES512 | -36 | ECDSA w/ SHA-512 | [RFC8152] | Yes |
| ES384 | -35 | ECDSA w/ SHA-384 | [RFC8152] | Yes |
| ECDH-SS + A256KW | -34 | ECDH SS w/ Concat KDF and AES Key Wrap w/ 256-bit key | [RFC8152] | Yes |
| ECDH-SS + A192KW | -33 | ECDH SS w/ Concat KDF and AES Key Wrap w/ 192-bit key | [RFC8152] | Yes |
| ECDH-SS + A128KW | -32 | ECDH SS w/ Concat KDF and AES Key Wrap w/ 128-bit key | [RFC8152] | Yes |
| ECDH-ES + A256KW | -31 | ECDH ES w/ Concat KDF and AES Key Wrap w/ 256-bit key | [RFC8152] | Yes |
| ECDH-ES + A192KW | -30 | ECDH ES w/ Concat KDF and AES Key Wrap w/ 192-bit key | [RFC8152] | Yes |
| ECDH-ES + A128KW | -29 | ECDH ES w/ Concat KDF and AES Key Wrap w/ 128-bit key | [RFC8152] | Yes |
| ECDH-SS + HKDF-512 | -28 | ECDH SS w/ HKDF - generate key directly | [RFC8152] | Yes |
| ECDH-SS + HKDF-256 | -27 | ECDH SS w/ HKDF - generate key directly | [RFC8152] | Yes |
| ECDH-ES + HKDF-512 | -26 | ECDH ES w/ HKDF - generate key directly | [RFC8152] | Yes |
| ECDH-ES + HKDF-256 | -25 | ECDH ES w/ HKDF - generate key directly | [RFC8152] | Yes |
| Unassigned | -24 to -14 | |||
| direct+HKDF-AES-256 | -13 | Shared secret w/ AES-MAC 256-bit key | [RFC8152] | Yes |
| direct+HKDF-AES-128 | -12 | Shared secret w/ AES-MAC 128-bit key | [RFC8152] | Yes |
| direct+HKDF-SHA-512 | -11 | Shared secret w/ HKDF and SHA-512 | [RFC8152] | Yes |
| direct+HKDF-SHA-256 | -10 | Shared secret w/ HKDF and SHA-256 | [RFC8152] | Yes |
| Unassigned | -9 | |||
| EdDSA | -8 | EdDSA | [RFC8152] | Yes |
| ES256 | -7 | ECDSA w/ SHA-256 | [RFC8152] | Yes |
| direct | -6 | Direct use of CEK | [RFC8152] | Yes |
| A256KW | -5 | AES Key Wrap w/ 256-bit key | [RFC8152] | Yes |
| A192KW | -4 | AES Key Wrap w/ 192-bit key | [RFC8152] | Yes |
| A128KW | -3 | AES Key Wrap w/ 128-bit key | [RFC8152] | Yes |
| Unassigned | -2 to -1 | |||
| Reserved | 0 | [RFC8152] | No | |
| A128GCM | 1 | AES-GCM mode w/ 128-bit key, 128-bit tag | [RFC8152] | Yes |
| A192GCM | 2 | AES-GCM mode w/ 192-bit key, 128-bit tag | [RFC8152] | Yes |
| A256GCM | 3 | AES-GCM mode w/ 256-bit key, 128-bit tag | [RFC8152] | Yes |
| HMAC 256/64 | 4 | HMAC w/ SHA-256 truncated to 64 bits | [RFC8152] | Yes |
| HMAC 256/256 | 5 | HMAC w/ SHA-256 | [RFC8152] | Yes |
| HMAC 384/384 | 6 | HMAC w/ SHA-384 | [RFC8152] | Yes |
| HMAC 512/512 | 7 | HMAC w/ SHA-512 | [RFC8152] | Yes |
| Unassigned | 8-9 | |||
| AES-CCM-16-64-128 | 10 | AES-CCM mode 128-bit key, 64-bit tag, 13-byte nonce | [RFC8152] | Yes |
| AES-CCM-16-64-256 | 11 | AES-CCM mode 256-bit key, 64-bit tag, 13-byte nonce | [RFC8152] | Yes |
| AES-CCM-64-64-128 | 12 | AES-CCM mode 128-bit key, 64-bit tag, 7-byte nonce | [RFC8152] | Yes |
| AES-CCM-64-64-256 | 13 | AES-CCM mode 256-bit key, 64-bit tag, 7-byte nonce | [RFC8152] | Yes |
| AES-MAC 128/64 | 14 | AES-MAC 128-bit key, 64-bit tag | [RFC8152] | Yes |
| AES-MAC 256/64 | 15 | AES-MAC 256-bit key, 64-bit tag | [RFC8152] | Yes |
| Unassigned | 16-23 | |||
| ChaCha20/Poly1305 | 24 | ChaCha20/Poly1305 w/ 256-bit key, 128-bit tag | [RFC8152] | Yes |
| AES-MAC 128/128 | 25 | AES-MAC 128-bit key, 128-bit tag | [RFC8152] | Yes |
| AES-MAC 256/128 | 26 | AES-MAC 256-bit key, 128-bit tag | [RFC8152] | Yes |
| Unassigned | 27-29 | |||
| AES-CCM-16-128-128 | 30 | AES-CCM mode 128-bit key, 128-bit tag, 13-byte nonce | [RFC8152] | Yes |
| AES-CCM-16-128-256 | 31 | AES-CCM mode 256-bit key, 128-bit tag, 13-byte nonce | [RFC8152] | Yes |
| AES-CCM-64-128-128 | 32 | AES-CCM mode 128-bit key, 128-bit tag, 7-byte nonce | [RFC8152] | Yes |
| AES-CCM-64-128-256 | 33 | AES-CCM mode 256-bit key, 128-bit tag, 7-byte nonce | [RFC8152] | Yes |
Francesca Palombini, Matt Miller, Justin Richer, Carsten Bormann
| Range | Registration Procedures |
|---|---|
| Integer values in the range -65536 to -1 | used for key parameters specific to a single algorithm delegated to the COSE Key Type Parameters registry |
| Integer values between 0 and 255 | Standards Action With Expert Review |
| Integer values from 256 to 65535 | Specification Required |
| Integer values greater than 65535 | Expert Review |
| Strings of length 1 | Standards Action With Expert Review |
| Strings of length 2 | Specification Required |
| Strings of length greater than 2 | Expert Review |
| Name | Label | CBOR Type | Value Registry | Description | Reference |
|---|---|---|---|---|---|
| Reserved for Private Use | less than -65536 | [RFC8152] | |||
| used for key parameters specific to a single algorithm delegated to the COSE Key Type Parameters registry | -65536 to -1 | [RFC8152] | |||
| Reserved | 0 | [RFC8152] | |||
| kty | 1 | tstr / int | COSE Key Common Parameters | Identification of the key type | [RFC8152] |
| kid | 2 | bstr | Key identification value - match to kid in message | [RFC8152] | |
| alg | 3 | tstr / int | COSE Algorithms | Key usage restriction to this algorithm | [RFC8152] |
| key_ops | 4 | [+ (tstr/int)] | Restrict set of permissible operations | [RFC8152] | |
| Base IV | 5 | bstr | Base IV to be XORed with Partial IVs | [RFC8152] |
Expert Review
Jim Schaad, Göran Selander, Derek Atkins, Sean Turner
| Key Type | Name | Label | CBOR Type | Description | Reference |
|---|---|---|---|---|---|
| 1 | crv | -1 | int / tstr | EC identifier - Taken from the "COSE Elliptic Curves" registry | [RFC8152] |
| 2 | crv | -1 | int / tstr | EC identifier - Taken from the "COSE Key Common Parameters" registry | [RFC8152] |
| 4 | k | -1 | bstr | Key Value | [RFC8152] |
| 1 | x | -2 | bstr | x-coordinate | [RFC8152] |
| 2 | x | -2 | bstr | x-coordinate | [RFC8152] |
| 2 | y | -3 | bstr / bool | y-coordinate | [RFC8152] |
| 1 | d | -4 | bstr | Private key | [RFC8152] |
| 2 | d | -4 | bstr | Private key | [RFC8152] |
| 3 | n | -1 | bstr | the RSA modulus n | [RFC8230] |
| 3 | e | -2 | bstr | the RSA public exponent e | [RFC8230] |
| 3 | d | -3 | bstr | the RSA private exponent d | [RFC8230] |
| 3 | p | -4 | bstr | the prime factor p of n | [RFC8230] |
| 3 | q | -5 | bstr | the prime factor q of n | [RFC8230] |
| 3 | dP | -6 | bstr | dP is d mod (p - 1) | [RFC8230] |
| 3 | dQ | -7 | bstr | dQ is d mod (q - 1) | [RFC8230] |
| 3 | qInv | -8 | bstr | qInv is the CRT coefficient q^(-1) mod p | [RFC8230] |
| 3 | other | -9 | array | other prime infos, an array | [RFC8230] |
| 3 | r_i | -10 | bstr | a prime factor r_i of n, where i >= 3 | [RFC8230] |
| 3 | d_i | -11 | bstr | d_i = d mod (r_i - 1) | [RFC8230] |
| 3 | t_i | -12 | bstr | the CRT coefficient t_i = (r_1 * r_2 * ... * r_(i-1))^(-1) mod r_i | [RFC8230] |
Expert Review
Jim Schaad, Göran Selander, Derek Atkins, Sean Turner
| Name | Value | Description | Reference |
|---|---|---|---|
| Reserved | 0 | This value is reserved | [RFC8152] |
| OKP | 1 | Octet Key Pair | [RFC8152] |
| EC2 | 2 | Elliptic Curve Keys w/ x- and y-coordinate pair | [RFC8152] |
| RSA | 3 | RSA Key | [RFC8230] |
| Symmetric | 4 | Symmetric Keys | [RFC8152] |
Jim Schaad, Göran Selander, Derek Atkins, Sean Turner
| Range | Registration Procedures |
|---|---|
| Integer values -65536 to -257 | Specification Required |
| Integer values -256 to 255 | Standards Action With Expert Review |
| Integer values 256 to 65535 | Specification Required |
| Integer values greater than 65535 | Expert Review |
| Name | Value | Key Type | Description | Reference | Recommended |
|---|---|---|---|---|---|
| Reserved for Private Use | Integer values less than -65536 | [RFC8152] | No | ||
| Unassigned | -65536 to -1 | ||||
| Reserved | 0 | [RFC8152] | No | ||
| P-256 | 1 | EC2 | NIST P-256 also known as secp256r1 | [RFC8152] | Yes |
| P-384 | 2 | EC2 | NIST P-384 also known as secp384r1 | [RFC8152] | Yes |
| P-521 | 3 | EC2 | NIST P-521 also known as secp521r1 | [RFC8152] | Yes |
| X25519 | 4 | OKP | X25519 for use w/ ECDH only | [RFC8152] | Yes |
| X448 | 5 | OKP | X448 for use w/ ECDH only | [RFC8152] | Yes |
| Ed25519 | 6 | OKP | Ed25519 for use w/ EdDSA only | [RFC8152] | Yes |
| Ed448 | 7 | OKP | Ed448 for use w/ EdDSA only | [RFC8152] | Yes |