Skip to content

Releases: wolfSSL/wolfCOSE

wolfCOSE 1.0.0

26 Jun 00:33
@aidangarske aidangarske
v1.0.0
0b16cee
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
wolfCOSE 1.0.0 Latest
Latest

First stable release of wolfCOSE, a zero-allocation C implementation of CBOR (RFC 8949) and COSE (RFC 9052/9053) built on wolfCrypt. All six COSE message types, 40 algorithms, and standardized post-quantum ML-DSA (RFC 9964), with no dynamic memory and a small footprint.

What it does

  • All six COSE message types, single-actor and multi-actor: COSE_Sign1/COSE_Sign, COSE_Encrypt0/COSE_Encrypt, COSE_Mac0/COSE_Mac (includes multi-signer and multi-recipient).
  • Dependency-free CBOR engine (RFC 8949) with deterministic/preferred-encoding enforcement and strict decode (rejects non-preferred and trailing input).
  • COSE_Key / COSE_KeySet serialization for every supported key type, including full RFC 8230 RSA private keys.
  • Post-quantum signing: ML-DSA (FIPS 204) at all three levels, conformant to RFC 9964 using the AKP key type.

Why it is different

  • Zero dynamic allocation. Every operation uses caller-provided buffers. No heap, no .data, no .bss. Memory use is deterministic.
  • Tiny footprint. ES256 COSE_Sign1 is about 5.1 KB verify-only and 6.8 KB sign+verify for the COSE + CBOR engine.
  • Lean by config. WOLFCOSE_LEAN, WOLFCOSE_HAVE_* gates, WOLFCOSE_LEAN_VERIFY, and a bounded-stack WOLFCOSE_MIN_BUFFERS profile. Verify-only ECC links against sign-disabled wolfCrypt.
  • Path to FIPS 140-3 through wolfCrypt FIPS Certificate #4718, the sole crypto dependency.

Algorithms (40, RFC 9053)

  • Signing: ES256/384/512, EdDSA (Ed25519/Ed448), PS256/384/512, ML-DSA-44/65/87
  • Encryption: AES-GCM (128/192/256), AES-CCM variants, ChaCha20-Poly1305
  • MAC: HMAC-SHA256/384/512, AES-MAC
  • Key distribution: Direct, AES Key Wrap, ECDH-ES + HKDF

Tested

MISRA C:2012/C:2023 and ISO C99 conformant. ~240 algorithm-combination round-trips, static analysis (cppcheck, Clang analyzer, GCC -fanalyzer, Coverity), CodeQL + Semgrep security scanning, ASan/UBSan, and a wolfCOSE / t_cose wire-interop conformance suite.

What's in 1.0.0

  • COSE + algorithms: core algorithm set and CLI tooling (#1), full coverage and multi-party support (#10), RFC 9052/9053 message-path hardening (#30)
  • Post-quantum: RFC 9964 ML-DSA / AKP key type (#49), Dilithium to ML-DSA rename + latest-stable CI (#33)
  • RFC 8230 RSA keys: private-key round-trip (#46), dP/dQ + fixed-width d (#50), decode + length-guard + zeroize coverage (#48)
  • Lean / embedded: WOLFCOSE_LEAN gates (#42), lean verify + ML-DSA profiles (#43), bounded-stack + WOLFCOSE_MIN_BUFFERS (#38), verify-only ECC (#53)
  • Quality / security: MISRA checker (#16), CodeQL + Semgrep gates (#52), t_cose interop (#45), C99 conformance (#37), hardening (#55, #56, #40), Coverity fixes (#58)

Requirements

Requires wolfSSL 5.8.0+ as the crypto backend; ML-DSA needs wolfSSL 5.9.2+. Makefile-only, single dependency on wolfCrypt: make && make test. Dual-licensed GPLv3 / commercial; for commercial, FIPS, or support, contact facts@wolfssl.com. Full notes: ChangeLog.md.

The GitHub-generated source archives are an automatic bundle. Official downloads are on the wolfSSL download page.

Assets 7
Loading