Merge pull request #620 from dajiaji/ajitomi-add-docs-for-fully-specified-algs

dajiaji · web-flow · commit fa1ec2ce0400 · 2025-07-20T18:51:54.000+09:00
Update algorithms and supported specs for fully specified algs.
diff --git a/README.md b/README.md
@@ -15,6 +15,7 @@ implementation compliant with:
 - [RFC8392: CWT (CBOR Web Token)](https://tools.ietf.org/html/rfc8392)
 - [draft-07: Use of HPKE with COSE](https://www.ietf.org/archive/id/draft-ietf-cose-hpke-07.html) - experimental
 - [draft-06: CWT Claims in COSE Headers](https://www.ietf.org/archive/id/draft-ietf-cose-cwt-claims-in-headers-06.html) - experimental
+- [draft-13: Fully-Specified Algorithms for JOSE and COSE](https://www.ietf.org/archive/id/draft-ietf-jose-fully-specified-algorithms-13.html)
 - and related various specifications. See [Referenced Specifications](#referenced-specifications).
 
 It is designed to make users who already know about [JWS](https://tools.ietf.org/html/rfc7515)/[JWE](https://tools.ietf.org/html/rfc7516)/[JWT](https://tools.ietf.org/html/rfc7519)
@@ -1748,6 +1749,7 @@ Python CWT is (partially) compliant with following specifications:
 - [RFC8152: CBOR Object Signing and Encryption (COSE)](https://tools.ietf.org/html/rfc8152)
 - [draft-07: Use of HPKE with COSE](https://www.ietf.org/archive/id/draft-ietf-cose-hpke-07.html) - experimental
 - [draft-06: CWT Claims in COSE Headers](https://www.ietf.org/archive/id/draft-ietf-cose-cwt-claims-in-headers-06.html) - experimental
+- [draft-13: Fully-Specified Algorithms for JOSE and COSE](https://www.ietf.org/archive/id/draft-ietf-jose-fully-specified-algorithms-13.html)
 - [Electronic Health Certificate Specification](https://github.com/ehn-dcc-development/hcert-spec/blob/main/hcert_spec.md)
 - [Technical Specifications for Digital Green Certificates Volume 1](https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green-certificates_v1_en.pdf)
 
diff --git a/docs/algorithms.rst b/docs/algorithms.rst
@@ -30,12 +30,17 @@ COSE Key Types
 COSE Algorithms
 ---------------
 
-    -65534: 128,  # AES-CTR w/ 128-bit key (Deprecated)
-    -65533: 192,  # AES-CTR w/ 192-bit key (Deprecated)
-    -65532: 256,  # AES-CTR w/ 256-bit key (Deprecated)
-    -65531: 128,  # AES-CBC w/ 128-bit key (Deprecated)
-    -65530: 192,  # AES-CBC w/ 192-bit key (Deprecated)
-    -65529: 256,  # AES-CBC w/ 256-bit key (Deprecated)
+    -65534: A128CTR,  # AES-CTR w/ 128-bit key (Deprecated)
+    -65533: A192CTR,  # AES-CTR w/ 192-bit key (Deprecated)
+    -65532: A256CTR,  # AES-CTR w/ 256-bit key (Deprecated)
+    -65531: A128CBC,  # AES-CBC w/ 128-bit key (Deprecated)
+    -65530: A192CBC,  # AES-CBC w/ 192-bit key (Deprecated)
+    -65529: A256CBC,  # AES-CBC w/ 256-bit key (Deprecated)
+    -65529: A256CBC,  # AES-CBC w/ 256-bit key (Deprecated)
+    -36: ES512,  # ECDSA w/ SHA-512 (Deprecated)
+    -35: ES384,  # ECDSA w/ SHA-384 (Deprecated)
+    -8: EdDSA,  # EdDSA (Deprecated)
+    -7: ES256,  # ECDSA w/ SHA-256 (Deprecated)
 
 +------------------------+--------+-------+-----------------------------------------------------+
 | Name                   | Status | Value | Description                                         |
@@ -54,6 +59,14 @@ COSE Algorithms
 +------------------------+--------+-------+-----------------------------------------------------+
 | A256CBC                | ✅     | -65529| AES-CBC w/ 256-bit key                              |
 +------------------------+--------+-------+-----------------------------------------------------+
+| ESB512                 |        | -268  | ECDSA using BrainpoolP512r1 curve and SHA-512       |
++------------------------+--------+-------+-----------------------------------------------------+
+| ESB384                 |        | -267  | ECDSA using BrainpoolP384r1 curve and SHA-384       |
++------------------------+--------+-------+-----------------------------------------------------+
+| ESB320                 |        | -266  | ECDSA using BrainpoolP320r1 curve and SHA-384       |
++------------------------+--------+-------+-----------------------------------------------------+
+| ESB256                 |        | -265  | ECDSA using BrainpoolP256r1 curve and SHA-256       |
++------------------------+--------+-------+-----------------------------------------------------+
 | WalnutDSA              |        | -260  | WalnutDSA signature                                 |
 +------------------------+--------+-------+-----------------------------------------------------+
 | RS512                  | ✅     | -259  | RSASSA-PKCS1-v1_5 using SHA-512                     |
@@ -62,6 +75,12 @@ COSE Algorithms
 +------------------------+--------+-------+-----------------------------------------------------+
 | RS256                  | ✅     | -257  | RSASSA-PKCS1-v1_5 using SHA-256                     |
 +------------------------+--------+-------+-----------------------------------------------------+
+| Ed448                  | ✅     | -53   | EdDSA using Ed448 curve                             |
++------------------------+--------+-------+-----------------------------------------------------+
+| ESP512                 | ✅     | -52   | ECDSA using P-521 curve and SHA-512                 |
++------------------------+--------+-------+-----------------------------------------------------+
+| ESP384                 | ✅     | -51   | ECDSA using P-384 curve and SHA-384                 |
++------------------------+--------+-------+-----------------------------------------------------+
 | ES256K                 | ✅     | -47   | ECDSA using secp256k1 curve and SHA-256             |
 +------------------------+--------+-------+-----------------------------------------------------+
 | HSS-LMS                |        | -46   | HSS/LMS hash-based digital signature                |
@@ -116,6 +135,8 @@ COSE Algorithms
 +------------------------+--------+-------+-----------------------------------------------------+
 | ECDH-ES + HKDF-256     | ✅     | -25   | ECDH ES w/ HKDF - generate key directly             |
 +------------------------+--------+-------+-----------------------------------------------------+
+| Ed25519                | ✅     | -19    | EdDSA using Ed25519 curve                          |
++------------------------+--------+-------+-----------------------------------------------------+
 | SHAKE128               |        | -18   | SHAKE-128 256-bit Hash Value                        |
 +------------------------+--------+-------+-----------------------------------------------------+
 | SHA-512/256            |        | -17   | SHA-2 512-bit Hash truncated to 256-bits            |
@@ -134,6 +155,8 @@ COSE Algorithms
 +------------------------+--------+-------+-----------------------------------------------------+
 | direct+HKDF-SHA-256    | ✅     | -10   | Shared secret w/ HKDF and SHA-256                   |
 +------------------------+--------+-------+-----------------------------------------------------+
+| ESP256                 | ✅     | -9    | ECDSA using P-256 curve and SHA-256                 |
++------------------------+--------+-------+-----------------------------------------------------+
 | EdDSA                  | ✅     | -8    | EdDSA                                               |
 +------------------------+--------+-------+-----------------------------------------------------+
 | ES256                  | ✅     | -7    | ECDSA w/ SHA-256                                    |
