Sign

SignMessage messages are used when there are multiple receivers or additional information required to validate the message signature. The basic COSE structure, consisting of headers and payload, is extended with a list of CoseSignature structures.

The payload can either be included in the message or remain detached. Detached payloads must be provided as detached_payload argument during signing and verification.

class pycose.messages.signmessage.SignMessage(phdr=None, uhdr=None, payload=None, signers=None, *args, **kwargs)
classmethod decode(received, *args, **kwargs)

Decode received COSE message based on the CBOR tag.

If called on CoseMessage, this function can decode any supported message type. Otherwise, if called on a sub-class of CoseMessage, only messages of that type will be allowed to be decoded.

Parameters:

received – COSE messages encoded as bytes

Raises:

  • AttributeError – When the COSE message, it cannot be decoded properly

  • ValueError – The received parameter must be bytes

  • KeyError – thrown when the CBOR tag, identifying the COSE message is unrecognized

  • TypeError – thrown when the messages cannot be decoded properly

  • TypeError – The message’s tag does not match the expected type.

Returns:

An initialized CoseMessage

encode(tag=True, detached_payload=None, *args, **kwargs)

Encodes and protects the COSE_Sign message.

get_attr(attribute, default=None)

Fetches an header attribute from the COSE header buckets.

Parameters:

  • attribute – A header parameter to fetch from the buckets.

  • default – A default return value in case the attribute was not found

Raises:

CoseException – When the same attribute is found in both the protected and unprotected header.

Returns:

If found returns a header attribute else ‘None’ or the default value

property phdr_encoded

Encode the protected header.

Returns:

Returns the encoded protected header.

property signers

The signers of the message.

Returns:

Returns the list of signers as CoseSignature objects.

property uhdr_encoded

Encode the unprotected header.

Returns:

Returns the encoded unprotected header.

class pycose.messages.signer.CoseSignature(phdr=None, uhdr=None, signature=b'', external_aad=b'', key=None, *args, **kwargs)
compute_signature(detached_payload=None, *args, **kwargs)

Computes the signature over a COSE message.

Returns:

the signature

classmethod decode(received, *args, **kwargs)

Decode received COSE message based on the CBOR tag.

If called on CoseMessage, this function can decode any supported message type. Otherwise, if called on a sub-class of CoseMessage, only messages of that type will be allowed to be decoded.

Parameters:

received – COSE messages encoded as bytes

Raises:

  • AttributeError – When the COSE message, it cannot be decoded properly

  • ValueError – The received parameter must be bytes

  • KeyError – thrown when the CBOR tag, identifying the COSE message is unrecognized

  • TypeError – thrown when the messages cannot be decoded properly

  • TypeError – The message’s tag does not match the expected type.

Returns:

An initialized CoseMessage

get_attr(attribute, default=None)

Fetches an header attribute from the COSE header buckets.

Parameters:

  • attribute – A header parameter to fetch from the buckets.

  • default – A default return value in case the attribute was not found

Raises:

CoseException – When the same attribute is found in both the protected and unprotected header.

Returns:

If found returns a header attribute else ‘None’ or the default value

property phdr_encoded

Encode the protected header.

Returns:

Returns the encoded protected header.

property uhdr_encoded

Encode the unprotected header.

Returns:

Returns the encoded unprotected header.

verify_signature(detached_payload=None, *args, **kwargs)

Verifies the signature of a received COSE message.

Returns:

True for a valid signature or False for an invalid signature