COSE signatures

Signatures

Create new

Signature will contain a DID issuer header which will point back to the did document hosted here .well-known/did.json

Use the file if you have it, or or
If you do not have a file but know the file representation in HEX then use this field
If you do not have the file to upload but just its text content then use this field.
Header Value
Header Value
Header Value
Header keys are usually ints (see IANA). Use dot notation to create maps and brackets for arrays (with limitations). To add more use API instead. Default Cose protected headers: 1: ES256, 391: did:web:playground-cose-eastus-api.azurewebsites.net, 392: demo, 393: [ issuance_ts: 1732165025, register_by: 1732251425, sequence_no: 1 ], 3: text/plain, 4: #969d754c61dbde26e5b6527f16898f60dbfca7a970765d24473c725ca3f493d1
Create with cURL

Payload as a file:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/signature/create' -X POST \
                  --form payloadfile='@./my/payload/file.txt' \
                  -o signature.cose

Payload as a hex value:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/signature/create' -X POST \
                  --form payloadhex='d2845828a301260446666f6f...17219018758186469643a77' \
                  -o signature.cose

Payload as plain text:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/signature/create' -X POST \
                  --form payload='{"foo":"bar"}' \
                  --form headerkey='3' \
                  --form headerval='application/json' \
                  -o signature.cose

Adding multiple headers:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/signature/create' -X POST \
                  --form payloadfile='@./my/payload/file' \
                  --form headerkey='3' \
                  --form headerval='some/type' \
                  --form headerkey='15.1' \
                  --form headerval='did:x509:0:sha256:WE4P5dd8DnLHSkyHaIjhp4udlkF9LqoKwCvu9gl38jk::subject:C:US:ST:California:O:My%20Organisation' \
                  --form headerkey='33[0]' \
                  --form headerval='base64Cert' \
                  --form headerkey='33[1]' \
                  --form headerval='anotherBase64Cert' \
                  -o signature.cose

Verify

Verification will download did:web keys from the given signature issuer and will validate the signature against it.

Attach the cose file if you have it, or
If you do not have a file but know the signature representation in HEX then use this field
Verify with cURL

Using a file:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/signature/verify' -X POST \
                  --form signaturefile='@./my/signature/file.cose'

Using a hex value:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/signature/verify' -X POST \
                  --form signaturehex='d2845828a301260446666f6f...17219018758186469643a77'

Transparent statements (countersignatures)

Countersign

This implementation produces a full countersignature - COSE_Countersignature. It contains a signature over the details of the submitted COSE_Sign1 parts (CounterSignatureV2). Please refer to RFC9338 for more details on countersignatures.

Attach the cose file if you have it, or
If you do not have a file but know the signature representation in HEX then use this field
Specify how you want the receipt to be issued. Embedded option suits when you want keep signature and countersignature in one file.
Countersign with cURL

Using a file:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/receipt/create' -X POST \
                  --form signaturefile='@./my/signature/file.cose'
                  --form receipttype='embedded'

Using a hex value:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/receipt/create' -X POST \
                  --form signaturehex='d2845828a301260446666f6f...17219018758186469643a77'
                  --form receipttype='embedded'

Verify countersignature

For the verification it is necessary to have both the receipt and the original signature. The receipt might be embedded into the original signature or be a separate file.

Attach the cose file if you have it, or
If you do not have a file but know the signature representation in HEX then use this field
Attach the receipt file if you have it, or
If you do not have a file but know the representation in HEX then use this field
Verify with cURL

Using a file:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/receipt/verify' -X POST \
                  --form signaturefile='@./my/signature/file.cose'
                  --form receiptfile='@./my/signature/receipt.cbor'

Using a hex value:

curl -L 'https://playground-cose-eastus-api.azurewebsites.net/receipt/verify' -X POST \
                  --form signaturehex='d2845828a301260446666f6f...17219018758186469643a77'
                  --form receipthex='d2845828a301260446666f6f...17219018758186469643a77'

To preview signature use the following websites