This crate holds a set of Rust types for working with CBOR Object Signing and Encryption (COSE) objects, as defined in RFC 8152. It builds on the core CBOR parsing functionality from the ciborium
crate.
See crate docs, or the signature example for documentation on how to use the code.
This repo is under construction and so details of the API and the code may change without warning.
The std
feature of the crate enables an implementation of std::error::Error
for CoseError
.
no_std
SupportThis crate supports no_std
(when the std
feature is not set, which is the default), but uses the alloc
crate.
MSRV is 1.58.
CBOR supports integers in the range:
[-18_446_744_073_709_551_616, -1] ∪ [0, 18_446_744_073_709_551_615]
which is [-264, -1] ∪ [0, 264 - 1].
This does not map onto a single Rust integer type, so different CBOR crates take different approaches.
serde_cbor
crate uses a single i128
integer type for all integer values, which means that all CBOR integer values can be expressed, but there are also i128
values that cannot be encoded in CBOR. This also means that data size is larger.ciborium
also uses a single i128
integer type internally, but wraps it in its own Integer
type and only implements TryFrom
(not From
) for i128
/ u128
conversions so that unrepresentable numbers can be rejected.sk-cbor
crate uses distinct types:This crate uses a single type to encompass both positive and negative values, but uses i64
for that type to keep data sizes smaller. This means that:
i64
cover [0, 263 - 1]i64
cover [-263, -1]and so there are large values – both positive and negative – which are not supported by this crate.
Local coding conventions are enforced by the continuous integration jobs and include:
rustfmt
using the local rustfmt.toml settings.TODO
markers should be of form TODO(#99)
and refer to an open GitHub issue.panic!
, unwrap
, expect
) should have a comment on the same line in the form // safe: reason
(or /* safe: reason */
) to document the reason why panicking is acceptable.This is not an officially supported Google product.