diff --git a/Cargo.toml b/Cargo.toml
index 0c9c460..e5d5750 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -4,7 +4,7 @@ description = "An implementation of the ACE-OAuth framework"
 version = "0.4.0"
 edition = "2021"
 authors = ["Falko Galperin <falko1@uni-bremen.de>"]
-rust-version = "1.58"
+rust-version = "1.62"
 license = "MIT OR Apache-2.0"
 keywords = ["no_std", "framework", "oauth", "ace"]
 categories = ["authentication", "data-structures", "embedded", "encoding", "no-std"]
diff --git a/src/common/test_helper.rs b/src/common/test_helper.rs
index bd5e0ca..e0050a6 100644
--- a/src/common/test_helper.rs
+++ b/src/common/test_helper.rs
@@ -20,7 +20,7 @@ use rand::{CryptoRng, Rng};
 
 use crate::common::cbor_map::ToCborMap;
 use crate::error::{AccessTokenError, CoseCipherError, MultipleCoseError};
-use crate::token::cose::encrypt::{CoseEncryptCipher, CoseKeyDistributionCipher};
+use crate::token::cose::encrypted::{CoseEncryptCipher, CoseKeyDistributionCipher};
 use crate::token::cose::key::{CoseEc2Key, CoseSymmetricKey};
 use crate::token::cose::CoseCipher;
 use crate::CoseSignCipher;
@@ -93,11 +93,6 @@ where
 {
     fn from(x: CoseCipherError<MultipleCoseError<C, K>>) -> Self {
         match x {
-            CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            } => CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            },
             CoseCipherError::VerificationFailure => CoseCipherError::VerificationFailure,
             CoseCipherError::DecryptionFailure => CoseCipherError::DecryptionFailure,
             CoseCipherError::Other(x) => CoseCipherError::Other(x.to_string()),
@@ -119,12 +114,9 @@ where
                 CoseCipherError::KeyAlgorithmMismatch(v, w)
             }
             CoseCipherError::DuplicateHeaders(v) => CoseCipherError::DuplicateHeaders(v),
-            CoseCipherError::InvalidKeyId(v) => CoseCipherError::InvalidKeyId(v),
             CoseCipherError::MissingKeyParam(v) => CoseCipherError::MissingKeyParam(v),
             CoseCipherError::InvalidKeyParam(v, w) => CoseCipherError::InvalidKeyParam(v, w),
-            CoseCipherError::TypeMismatch(v) => CoseCipherError::TypeMismatch(v),
             CoseCipherError::NoKeyFound => CoseCipherError::NoKeyFound,
-            CoseCipherError::IvRequired => CoseCipherError::IvRequired,
             CoseCipherError::MissingHeaderParam(v) => CoseCipherError::MissingHeaderParam(v),
             CoseCipherError::InvalidHeaderParam(v, w) => CoseCipherError::InvalidHeaderParam(v, w),
             CoseCipherError::AadUnsupported => CoseCipherError::AadUnsupported,
@@ -144,10 +136,6 @@ where
                 AccessTokenError::CoseCipherError(CoseCipherError::from(x))
             }
             AccessTokenError::UnknownCoseStructure => AccessTokenError::UnknownCoseStructure,
-            AccessTokenError::NoMatchingRecipient => AccessTokenError::NoMatchingRecipient,
-            AccessTokenError::MultipleMatchingRecipients => {
-                AccessTokenError::MultipleMatchingRecipients
-            }
         }
     }
 }
diff --git a/src/error/mod.rs b/src/error/mod.rs
index 14203a6..ecfac10 100644
--- a/src/error/mod.rs
+++ b/src/error/mod.rs
@@ -248,31 +248,24 @@ pub enum CoseCipherError<T>
 where
     T: Display,
 {
-    /// A header which the cipher is supposed to set has already been set.
-    HeaderAlreadySet {
-        /// The name of the header which has already been set.
-        existing_header_name: String,
-    },
     /// The given signature or MAC tag is either invalid or does not match the given data.
     VerificationFailure,
     /// The given ciphertext could not be decrypted.
     DecryptionFailure,
-    /// A different error has occurred. Details are provided in the contained error.
-    Other(T),
     /// Key type is not supported.
     UnsupportedKeyType(KeyType),
     /// Curve is not supported by coset or the chosen cryptographic backend.
     UnsupportedCurve(EllipticCurve),
-    /// Algorithm is not supported by coset or the chosen cryptographic backend.
+    /// Algorithm is not supported by coset, the chosen cryptographic backend or dcaf-rs itself.
     UnsupportedAlgorithm(Algorithm),
     /// The cryptographic backend does not support deriving the public key from the private key, and
-    /// your provided key does not provide the public key parts even though it is required for this
+    /// the provided key does not provide the public key parts even though it is required for this
     /// operation.
     UnsupportedKeyDerivation,
     /// The algorithm has not explicitly been specified anywhere (protected headers, unprotected
     /// headers or the key itself).
     NoAlgorithmDeterminable,
-    /// Your provided key does not support the given operation.
+    /// The provided key does not support the given operation.
     KeyOperationNotPermitted(BTreeSet<KeyOperation>, KeyOperation),
     /// Key in given curve must be in different format.
     KeyTypeCurveMismatch(KeyType, EllipticCurve),
@@ -281,50 +274,22 @@ where
     /// Algorithm provided in key does not match algorithm selected for operation.
     KeyAlgorithmMismatch(Algorithm, Algorithm),
     DuplicateHeaders(Vec<Label>),
-    InvalidKeyId(Vec<u8>),
     MissingKeyParam(KeyParam),
     InvalidKeyParam(KeyParam, Value),
     MissingHeaderParam(HeaderParam),
     InvalidHeaderParam(HeaderParam, Value),
-    TypeMismatch(Value),
     /// Provided algorithm does not support additional authenticated data (which also includes
     /// protected headers).
     AadUnsupported,
     NoKeyFound,
-    IvRequired,
+    /// A different error has occurred. Details are provided in the contained error.
+    Other(T),
 }
 
 impl<T> CoseCipherError<T>
 where
     T: Display,
 {
-    /// Creates a new [`CoseCipherError`] of type
-    /// [`HeaderAlreadySet`](CoseCipherError::HeaderAlreadySet) where the header
-    /// that was already set has the name of the given `label`.
-    #[must_use]
-    pub fn existing_header_label(label: &Label) -> CoseCipherError<T> {
-        let existing_header_name = match label {
-            Label::Int(i) => i.to_string(),
-            Label::Text(s) => s.to_string(),
-        };
-        CoseCipherError::HeaderAlreadySet {
-            existing_header_name,
-        }
-    }
-
-    /// Creates a new [`CoseCipherError`] of type
-    /// [`HeaderAlreadySet`](CoseCipherError::HeaderAlreadySet) where the header
-    /// that was already set has the given `name`.
-    #[must_use]
-    pub fn existing_header<S>(name: S) -> CoseCipherError<T>
-    where
-        S: Into<String>,
-    {
-        CoseCipherError::HeaderAlreadySet {
-            existing_header_name: name.into(),
-        }
-    }
-
     /// Creates a new [`CoseCipherError`] of type
     /// [`Other`](CoseCipherError::Other) (i.e., an error type that doesn't fit any other
     /// [`CoseCipherError`] variant) containing the given nested error `other`.
@@ -339,11 +304,6 @@ where
     ) -> CoseCipherError<MultipleCoseError<T, C>> {
         match error {
             CoseCipherError::Other(x) => CoseCipherError::Other(MultipleCoseError::KekError(x)),
-            CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            } => CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            },
             CoseCipherError::VerificationFailure => CoseCipherError::VerificationFailure,
             CoseCipherError::DecryptionFailure => CoseCipherError::DecryptionFailure,
             CoseCipherError::UnsupportedKeyType(v) => CoseCipherError::UnsupportedKeyType(v),
@@ -364,12 +324,9 @@ where
                 CoseCipherError::KeyAlgorithmMismatch(v, w)
             }
             CoseCipherError::DuplicateHeaders(v) => CoseCipherError::DuplicateHeaders(v),
-            CoseCipherError::InvalidKeyId(v) => CoseCipherError::InvalidKeyId(v),
             CoseCipherError::MissingKeyParam(v) => CoseCipherError::MissingKeyParam(v),
             CoseCipherError::InvalidKeyParam(v, w) => CoseCipherError::InvalidKeyParam(v, w),
-            CoseCipherError::TypeMismatch(v) => CoseCipherError::TypeMismatch(v),
             CoseCipherError::NoKeyFound => CoseCipherError::NoKeyFound,
-            CoseCipherError::IvRequired => CoseCipherError::IvRequired,
             CoseCipherError::MissingHeaderParam(v) => CoseCipherError::MissingHeaderParam(v),
             CoseCipherError::InvalidHeaderParam(v, w) => CoseCipherError::InvalidHeaderParam(v, w),
             CoseCipherError::AadUnsupported => CoseCipherError::AadUnsupported,
@@ -381,11 +338,6 @@ where
     ) -> CoseCipherError<MultipleCoseError<K, T>> {
         match error {
             CoseCipherError::Other(x) => CoseCipherError::Other(MultipleCoseError::CekError(x)),
-            CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            } => CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            },
             CoseCipherError::VerificationFailure => CoseCipherError::VerificationFailure,
             CoseCipherError::DecryptionFailure => CoseCipherError::DecryptionFailure,
             CoseCipherError::UnsupportedKeyType(v) => CoseCipherError::UnsupportedKeyType(v),
@@ -406,12 +358,9 @@ where
                 CoseCipherError::KeyAlgorithmMismatch(v, w)
             }
             CoseCipherError::DuplicateHeaders(v) => CoseCipherError::DuplicateHeaders(v),
-            CoseCipherError::InvalidKeyId(v) => CoseCipherError::InvalidKeyId(v),
             CoseCipherError::MissingKeyParam(v) => CoseCipherError::MissingKeyParam(v),
             CoseCipherError::InvalidKeyParam(v, w) => CoseCipherError::InvalidKeyParam(v, w),
-            CoseCipherError::TypeMismatch(v) => CoseCipherError::TypeMismatch(v),
             CoseCipherError::NoKeyFound => CoseCipherError::NoKeyFound,
-            CoseCipherError::IvRequired => CoseCipherError::IvRequired,
             CoseCipherError::MissingHeaderParam(v) => CoseCipherError::MissingHeaderParam(v),
             CoseCipherError::InvalidHeaderParam(v, w) => CoseCipherError::InvalidHeaderParam(v, w),
             CoseCipherError::AadUnsupported => CoseCipherError::AadUnsupported,
@@ -425,13 +374,7 @@ where
 {
     fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
         match self {
-            // TODO this can probably be done better (use thiserror instead as soon as std::error::Error has been moved to core?)
-            CoseCipherError::HeaderAlreadySet {
-                existing_header_name,
-            } => write!(
-                f,
-                "cipher-defined header '{existing_header_name}' already set"
-            ),
+            // TODO (#14): this can probably be done better (use thiserror instead as soon as std::error::Error has been moved to core?)
             CoseCipherError::VerificationFailure => write!(f, "data verification failed"),
             CoseCipherError::DecryptionFailure => write!(f, "decryption failed"),
             CoseCipherError::Other(s) => write!(f, "{s}"),
@@ -458,21 +401,11 @@ where
                 write!(f, "key does not support the given algorithm")
             }
             CoseCipherError::DuplicateHeaders(_) => write!(f, "duplicate headers"),
-            // TODO is this one still needed or maybe misnamed?
-            CoseCipherError::InvalidKeyId(_) => write!(f, "invalid key ID"),
             CoseCipherError::MissingKeyParam(_) => write!(f, "required key parameter missing"),
             CoseCipherError::InvalidKeyParam(_, _) => write!(f, "key parameter has invalid value"),
-            // TODO is this one still needed or maybe misnamed?
-            CoseCipherError::TypeMismatch(_) => write!(f, "key parameter has invalid type"),
             CoseCipherError::NoKeyFound => {
                 write!(f, "no suitable key was found for this operation")
             }
-            CoseCipherError::IvRequired => {
-                write!(
-                    f,
-                    "chosen algorithm requires an initialization vector, but none was provided"
-                )
-            }
             CoseCipherError::MissingHeaderParam(_) => {
                 write!(f, "header parameter missing")
             }
@@ -638,14 +571,6 @@ where
     /// [`CoseEncrypt0`](coset::CoseEncrypt0), [`CoseSign1`](coset::CoseSign1),
     /// nor [`CoseMac0`](coset::CoseMac0).
     UnknownCoseStructure,
-    /// No matching recipient was found in the list of COSE_Recipient structures.
-    /// This means that the given Key Encryption Key could not be used to decrypt any of the
-    /// recipients, which means no Content Encryption Key could be extracted.
-    NoMatchingRecipient,
-    /// Multiple matching recipients were found in the list of COSE_Recipient structures.
-    /// This means that the given Key Encryption Key could be used to decrypt multiple of the
-    /// recipients, which means the token is malformed.
-    MultipleMatchingRecipients,
 }
 
 impl<T> Display for AccessTokenError<T>
@@ -660,12 +585,6 @@ where
                 f,
                 "input is either invalid or none of CoseEncrypt0, CoseSign1 nor CoseMac0"
             ),
-            AccessTokenError::NoMatchingRecipient => {
-                write!(f, "given KEK doesn't match any recipient")
-            }
-            AccessTokenError::MultipleMatchingRecipients => {
-                write!(f, "given KEK matches multiple recipients")
-            }
         }
     }
 }
@@ -706,10 +625,6 @@ where
             }
             AccessTokenError::CoseError(x) => AccessTokenError::CoseError(x),
             AccessTokenError::UnknownCoseStructure => AccessTokenError::UnknownCoseStructure,
-            AccessTokenError::NoMatchingRecipient => AccessTokenError::NoMatchingRecipient,
-            AccessTokenError::MultipleMatchingRecipients => {
-                AccessTokenError::MultipleMatchingRecipients
-            }
         }
     }
 
@@ -722,10 +637,6 @@ where
             }
             AccessTokenError::CoseError(x) => AccessTokenError::CoseError(x),
             AccessTokenError::UnknownCoseStructure => AccessTokenError::UnknownCoseStructure,
-            AccessTokenError::NoMatchingRecipient => AccessTokenError::NoMatchingRecipient,
-            AccessTokenError::MultipleMatchingRecipients => {
-                AccessTokenError::MultipleMatchingRecipients
-            }
         }
     }
 }
diff --git a/src/token/cose/crypto_impl/openssl.rs b/src/token/cose/crypto_impl/openssl.rs
index 0762e33..5b44aeb 100644
--- a/src/token/cose/crypto_impl/openssl.rs
+++ b/src/token/cose/crypto_impl/openssl.rs
@@ -26,11 +26,11 @@ use openssl::symm::{decrypt_aead, encrypt_aead, Cipher};
 use strum_macros::Display;
 
 use crate::error::CoseCipherError;
-use crate::token::cose::encrypt::{CoseEncryptCipher, CoseKeyDistributionCipher};
+use crate::token::cose::encrypted::{CoseEncryptCipher, CoseKeyDistributionCipher};
 use crate::token::cose::header_util::HeaderParam;
 use crate::token::cose::key::{CoseEc2Key, CoseSymmetricKey, EllipticCurve};
-use crate::token::cose::mac::CoseMacCipher;
-use crate::token::cose::sign::CoseSignCipher;
+use crate::token::cose::maced::CoseMacCipher;
+use crate::token::cose::signed::CoseSignCipher;
 use crate::token::cose::CoseCipher;
 
 /// Represents an error caused by the OpenSSL cryptographic backend.
@@ -307,11 +307,9 @@ fn verify_ecdsa(
         .map_err(CoseOpensslCipherError::from)
         .map_err(CoseCipherError::from)
         .and_then(|verification_successful| {
-            if verification_successful {
-                Ok(())
-            } else {
-                Err(CoseCipherError::VerificationFailure)
-            }
+            verification_successful
+                .then_some(())
+                .ok_or(CoseCipherError::VerificationFailure)
         })
 }
 
diff --git a/src/token/cose/encrypt/encrypt/mod.rs b/src/token/cose/encrypted/encrypt/mod.rs
similarity index 95%
rename from src/token/cose/encrypt/encrypt/mod.rs
rename to src/token/cose/encrypted/encrypt/mod.rs
index 796d935..a495b22 100644
--- a/src/token/cose/encrypt/encrypt/mod.rs
+++ b/src/token/cose/encrypted/encrypt/mod.rs
@@ -5,9 +5,9 @@ use core::cell::RefCell;
 use coset::{CoseEncrypt, CoseEncryptBuilder, EncryptionContext, Header};
 
 use crate::error::CoseCipherError;
-use crate::token::cose::encrypt;
-use crate::token::cose::encrypt::try_decrypt;
-use crate::token::cose::encrypt::{CoseEncryptCipher, CoseKeyDistributionCipher};
+use crate::token::cose::encrypted;
+use crate::token::cose::encrypted::try_decrypt;
+use crate::token::cose::encrypted::{CoseEncryptCipher, CoseKeyDistributionCipher};
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider};
 use crate::token::cose::recipient::{
     struct_to_recipient_context, CoseNestedRecipientSearchContext,
@@ -55,7 +55,7 @@ impl CoseEncryptBuilderExt for CoseEncryptBuilder {
                 unprotected.as_ref(),
             ),
             |plaintext, aad| {
-                encrypt::try_encrypt(
+                encrypted::try_encrypt(
                     backend,
                     key_provider,
                     protected.as_ref(),
@@ -108,7 +108,7 @@ impl CoseEncryptExt for CoseEncrypt {
                 Some(&self.unprotected),
             ),
             |ciphertext, aad| {
-                encrypt::try_decrypt(
+                encrypted::try_decrypt(
                     &backend,
                     &key_provider,
                     &self.protected.header,
diff --git a/src/token/cose/encrypt/encrypt/tests.rs b/src/token/cose/encrypted/encrypt/tests.rs
similarity index 97%
rename from src/token/cose/encrypt/encrypt/tests.rs
rename to src/token/cose/encrypted/encrypt/tests.rs
index 3b24cfb..ee03ae6 100644
--- a/src/token/cose/encrypt/encrypt/tests.rs
+++ b/src/token/cose/encrypted/encrypt/tests.rs
@@ -10,8 +10,10 @@ use coset::{
 use rstest::rstest;
 
 use crate::token::cose::crypto_impl::openssl::OpensslContext;
-use crate::token::cose::encrypt::encrypt::{CoseEncryptBuilderExt, CoseEncryptExt};
-use crate::token::cose::encrypt::{CoseEncryptCipher, CoseKeyDistributionCipher, HeaderBuilderExt};
+use crate::token::cose::encrypted::encrypt::{CoseEncryptBuilderExt, CoseEncryptExt};
+use crate::token::cose::encrypted::{
+    CoseEncryptCipher, CoseKeyDistributionCipher, HeaderBuilderExt,
+};
 use crate::token::cose::header_util::determine_algorithm;
 use crate::token::cose::key::CoseSymmetricKey;
 use crate::token::cose::recipient::CoseRecipientBuilderExt;
diff --git a/src/token/cose/encrypt/encrypt0/mod.rs b/src/token/cose/encrypted/encrypt0/mod.rs
similarity index 95%
rename from src/token/cose/encrypt/encrypt0/mod.rs
rename to src/token/cose/encrypted/encrypt0/mod.rs
index 0647ab1..6603813 100644
--- a/src/token/cose/encrypt/encrypt0/mod.rs
+++ b/src/token/cose/encrypted/encrypt0/mod.rs
@@ -5,8 +5,8 @@ use core::cell::RefCell;
 use coset::{CoseEncrypt0, CoseEncrypt0Builder, EncryptionContext, Header};
 
 use crate::error::CoseCipherError;
-use crate::token::cose::encrypt;
-use crate::token::cose::encrypt::CoseEncryptCipher;
+use crate::token::cose::encrypted;
+use crate::token::cose::encrypted::CoseEncryptCipher;
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider};
 
 #[cfg(all(test, feature = "std"))]
@@ -39,7 +39,7 @@ impl CoseEncrypt0Ext for CoseEncrypt0 {
                 Some(&self.unprotected),
             ),
             |ciphertext, aad| {
-                encrypt::try_decrypt(
+                encrypted::try_decrypt(
                     &backend,
                     &key_provider,
                     &self.protected.header,
@@ -92,7 +92,7 @@ impl CoseEncrypt0BuilderExt for CoseEncrypt0Builder {
                 unprotected.as_ref(),
             ),
             |plaintext, aad| {
-                encrypt::try_encrypt(
+                encrypted::try_encrypt(
                     backend,
                     key_provider,
                     protected.as_ref(),
diff --git a/src/token/cose/encrypt/encrypt0/tests.rs b/src/token/cose/encrypted/encrypt0/tests.rs
similarity index 97%
rename from src/token/cose/encrypt/encrypt0/tests.rs
rename to src/token/cose/encrypted/encrypt0/tests.rs
index 1c36f5f..dbd1c0b 100644
--- a/src/token/cose/encrypt/encrypt0/tests.rs
+++ b/src/token/cose/encrypted/encrypt0/tests.rs
@@ -5,8 +5,8 @@ use coset::{CoseEncrypt0, CoseEncrypt0Builder, CoseError, CoseKey, HeaderBuilder
 use rstest::rstest;
 
 use crate::token::cose::crypto_impl::openssl::OpensslContext;
-use crate::token::cose::encrypt::encrypt0::{CoseEncrypt0BuilderExt, CoseEncrypt0Ext};
-use crate::token::cose::encrypt::{CoseEncryptCipher, HeaderBuilderExt};
+use crate::token::cose::encrypted::encrypt0::{CoseEncrypt0BuilderExt, CoseEncrypt0Ext};
+use crate::token::cose::encrypted::{CoseEncryptCipher, HeaderBuilderExt};
 use crate::token::cose::test_helper::{
     apply_attribute_failures, apply_header_failures, perform_cose_reference_output_test,
     perform_cose_self_signed_test, serialize_cose_with_failures, CoseStructTestHelper, TestCase,
diff --git a/src/token/cose/encrypt/mod.rs b/src/token/cose/encrypted/mod.rs
similarity index 79%
rename from src/token/cose/encrypt/mod.rs
rename to src/token/cose/encrypted/mod.rs
index af28aad..28dddde 100644
--- a/src/token/cose/encrypt/mod.rs
+++ b/src/token/cose/encrypted/mod.rs
@@ -7,7 +7,7 @@ use coset::{iana, Algorithm, Header, HeaderBuilder, KeyOperation};
 
 use crate::error::CoseCipherError;
 use crate::token::cose::header_util::{
-    check_for_duplicate_headers, determine_algorithm, determine_key_candidates,
+    check_for_duplicate_headers, determine_algorithm, determine_key_candidates, HeaderParam,
 };
 use crate::token::cose::key::{CoseKeyProvider, CoseParsedKey, CoseSymmetricKey};
 use crate::token::cose::{key, CoseCipher};
@@ -72,6 +72,8 @@ pub trait HeaderBuilderExt: Sized {
     ) -> Result<Self, CoseCipherError<B::Error>>;
 }
 
+const AES_GCM_NONCE_SIZE: usize = 12;
+
 impl HeaderBuilderExt for HeaderBuilder {
     fn gen_iv<B: CoseCipher>(
         self,
@@ -79,10 +81,10 @@ impl HeaderBuilderExt for HeaderBuilder {
         alg: &Algorithm,
     ) -> Result<Self, CoseCipherError<B::Error>> {
         let iv_size = match alg {
-            // AES-GCM: Nonce is fixed at 96 bits
+            // AES-GCM: Nonce is fixed at 96 bits (RFC 9053, Section 4.1)
             Algorithm::Assigned(
                 iana::Algorithm::A128GCM | iana::Algorithm::A192GCM | iana::Algorithm::A256GCM,
-            ) => 12,
+            ) => AES_GCM_NONCE_SIZE,
             v => return Err(CoseCipherError::UnsupportedAlgorithm(v.clone())),
         };
         let mut iv = vec![0; iv_size];
@@ -98,13 +100,14 @@ fn try_encrypt<B: CoseEncryptCipher, CKP: CoseKeyProvider>(
     unprotected: Option<&Header>,
     try_all_keys: bool,
     plaintext: &[u8],
-    // NOTE: aad ist not the external AAD provided by the user, but the Enc_structure as defined in RFC 9052, Section 5.3
-    aad: &[u8],
+    // NOTE: this should be treated as the AAD for the purposes of the cryptographic backend
+    // (RFC 9052, Section 5.3).
+    enc_structure: &[u8],
 ) -> Result<Vec<u8>, CoseCipherError<B::Error>> {
     if let (Some(protected), Some(unprotected)) = (protected, unprotected) {
         check_for_duplicate_headers(protected, unprotected)?;
     }
-    let key = determine_key_candidates::<B::Error, CKP>(
+    let key = determine_key_candidates::<CKP>(
         key_provider,
         protected,
         unprotected,
@@ -121,17 +124,19 @@ fn try_encrypt<B: CoseEncryptCipher, CKP: CoseKeyProvider>(
             iana::Algorithm::A128GCM | iana::Algorithm::A192GCM | iana::Algorithm::A256GCM,
         ) => {
             // Check if this is a valid AES key.
-            let symm_key = key::is_valid_aes_key::<B::Error>(&algorithm, parsed_key)?;
-
-            let iv = if protected.is_some() && !protected.unwrap().iv.is_empty() {
-                protected.unwrap().iv.as_ref()
-            } else if unprotected.is_some() && !unprotected.unwrap().iv.is_empty() {
-                unprotected.unwrap().iv.as_ref()
-            } else {
-                return Err(CoseCipherError::IvRequired);
-            };
-
-            backend.encrypt_aes_gcm(algorithm, symm_key, plaintext, aad, iv)
+            let symm_key = key::ensure_valid_aes_key::<B::Error>(&algorithm, parsed_key)?;
+
+            let iv = protected
+                .into_iter()
+                .chain(unprotected.into_iter())
+                .filter(|x| !x.iv.is_empty())
+                .map(|x| x.iv.as_ref())
+                .next()
+                .ok_or(CoseCipherError::MissingHeaderParam(HeaderParam::Generic(
+                    iana::HeaderParameter::Iv,
+                )))?;
+
+            backend.encrypt_aes_gcm(algorithm, symm_key, plaintext, enc_structure, iv)
         }
         v @ Algorithm::Assigned(_) => Err(CoseCipherError::UnsupportedAlgorithm(v.clone())),
         // TODO make this extensible? I'm unsure whether it would be worth the effort, considering
@@ -148,8 +153,9 @@ fn try_decrypt_with_key<B: CoseEncryptCipher>(
     protected: &Header,
     unprotected: &Header,
     ciphertext: &[u8],
-    // NOTE: aad ist not the external AAD provided by the user, but the Enc_structure as defined in RFC 9052, Section 5.3
-    aad: &[u8],
+    // NOTE: this should be treated as the AAD for the purposes of the cryptographic backend
+    // (RFC 9052, Section 5.3).
+    enc_structure: &[u8],
 ) -> Result<Vec<u8>, CoseCipherError<B::Error>> {
     check_for_duplicate_headers(protected, unprotected)?;
     let algorithm = determine_algorithm(Some(&key), Some(protected), Some(unprotected))?;
@@ -159,22 +165,23 @@ fn try_decrypt_with_key<B: CoseEncryptCipher>(
             iana::Algorithm::A128GCM | iana::Algorithm::A192GCM | iana::Algorithm::A256GCM,
         ) => {
             // Check if this is a valid AES key.
-            let symm_key = key::is_valid_aes_key::<B::Error>(&algorithm, key)?;
+            let symm_key = key::ensure_valid_aes_key::<B::Error>(&algorithm, key)?;
 
-            let iv = if !protected.iv.is_empty() {
-                protected.iv.as_ref()
-            } else if !unprotected.iv.is_empty() {
-                unprotected.iv.as_ref()
-            } else {
-                return Err(CoseCipherError::IvRequired);
-            };
+            let iv = core::iter::once(protected)
+                .chain(core::iter::once(unprotected))
+                .filter(|x| !x.iv.is_empty())
+                .map(|x| x.iv.as_ref())
+                .next()
+                .ok_or(CoseCipherError::MissingHeaderParam(HeaderParam::Generic(
+                    iana::HeaderParameter::Iv,
+                )))?;
 
             // Authentication tag is 16 bytes long and should be included in the ciphertext.
             if ciphertext.len() < 16 {
                 return Err(CoseCipherError::VerificationFailure);
             }
 
-            backend.decrypt_aes_gcm(algorithm, symm_key, ciphertext, aad, iv)
+            backend.decrypt_aes_gcm(algorithm, symm_key, ciphertext, enc_structure, iv)
         }
         v @ Algorithm::Assigned(_) => Err(CoseCipherError::UnsupportedAlgorithm(v.clone())),
         // TODO make this extensible? I'm unsure whether it would be worth the effort, considering
@@ -192,11 +199,12 @@ pub(crate) fn try_decrypt<B: CoseEncryptCipher, CKP: CoseKeyProvider>(
     unprotected: &Header,
     try_all_keys: bool,
     ciphertext: &[u8],
-    // NOTE: aad ist not the external AAD provided by the user, but the Enc_structure as defined in RFC 9052, Section 5.3
-    aad: &[u8],
+    // NOTE: this should be treated as the AAD for the purposes of the cryptographic backend
+    // (RFC 9052, Section 5.3).
+    enc_structure: &[u8],
 ) -> Result<Vec<u8>, CoseCipherError<B::Error>> {
     check_for_duplicate_headers(protected, unprotected)?;
-    for key in determine_key_candidates::<B::Error, CKP>(
+    for key in determine_key_candidates::<CKP>(
         *key_provider.borrow_mut(),
         Some(protected),
         Some(unprotected),
@@ -209,7 +217,7 @@ pub(crate) fn try_decrypt<B: CoseEncryptCipher, CKP: CoseKeyProvider>(
             protected,
             unprotected,
             ciphertext,
-            aad,
+            enc_structure,
         ) {
             Ok(v) => return Ok(v),
             Err(_e) => {
diff --git a/src/token/cose/header_util.rs b/src/token/cose/header_util.rs
index 9e2a443..e03af6e 100644
--- a/src/token/cose/header_util.rs
+++ b/src/token/cose/header_util.rs
@@ -3,7 +3,6 @@ use alloc::collections::BTreeSet;
 use alloc::vec::Vec;
 use core::fmt::Display;
 
-use ciborium::Value;
 use coset::iana::EnumI64;
 use coset::{iana, Algorithm, CoseKey, Header, KeyOperation, Label};
 
@@ -59,21 +58,6 @@ fn create_header_parameter_set(header_bucket: &Header) -> BTreeSet<Label> {
     header_bucket_fields
 }
 
-pub(crate) fn find_param_index_by_label(
-    label: &Label,
-    param_vec: &[(Label, Value)],
-) -> Option<usize> {
-    // TODO assert that parameters are sorted (Vec::is_sorted is unstable rn).
-    param_vec.binary_search_by(|(v, _)| v.cmp(label)).ok()
-}
-
-pub(crate) fn find_param_by_label<'a>(
-    label: &Label,
-    param_vec: &'a [(Label, Value)],
-) -> Option<&'a Value> {
-    find_param_index_by_label(label, param_vec).map(|i| &param_vec.get(i).unwrap().1)
-}
-
 pub(crate) fn check_for_duplicate_headers<E: Display>(
     protected_header: &Header,
     unprotected_header: &Header,
@@ -113,7 +97,7 @@ pub(crate) fn determine_algorithm<CE: Display>(
     }
 }
 
-pub(crate) fn determine_key_candidates<'a, CE: Display, CKP: CoseKeyProvider>(
+pub(crate) fn determine_key_candidates<'a, CKP: CoseKeyProvider>(
     key_provider: &'a mut CKP,
     protected: Option<&'a Header>,
     unprotected: Option<&'a Header>,
diff --git a/src/token/cose/key.rs b/src/token/cose/key.rs
index ce5fc68..9018a1e 100644
--- a/src/token/cose/key.rs
+++ b/src/token/cose/key.rs
@@ -5,16 +5,31 @@ use core::fmt::Display;
 use core::marker::PhantomData;
 
 use ciborium::Value;
-use coset::iana::EnumI64;
+use coset::iana::{Ec2KeyParameter, EnumI64};
 use coset::{
     iana, Algorithm, AsCborValue, CoseKey, EncryptionContext, Header, KeyType, Label,
     RegisteredLabelWithPrivate,
 };
 
 use crate::error::CoseCipherError;
-use crate::token::cose::header_util::find_param_by_label;
 use crate::token::cose::CoseCipher;
 
+/// Finds a key parameter by its label.
+///
+/// The provided `param_vec` *MUST* be sorted, otherwise the result is undefined.
+fn find_param_by_label<'a>(label: &Label, param_vec: &[&'a (Label, Value)]) -> Option<&'a Value> {
+    // TODO assert that parameters are sorted (Vec::is_sorted is unstable rn).
+    param_vec
+        .binary_search_by(|(v, _)| v.cmp(label))
+        .ok()
+        .map(|i| &param_vec.get(i).unwrap().1)
+}
+
+#[inline]
+fn sort_params(param_vec: &mut [&(Label, Value)]) {
+    param_vec.sort_by(|(label1, _value1), (label2, _value2)| label1.cmp(label2));
+}
+
 #[derive(Debug, Clone, Copy, PartialEq)]
 pub enum KeyParam {
     Common(iana::KeyParameter),
@@ -117,14 +132,14 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseEc2Key<'a, OE> {
     fn try_from(key: &'a CoseKey) -> Result<Self, Self::Error> {
         // Unless stated otherwise, these checks are according to RFC 9053, Section 7.1.1.
 
+        let mut params: Vec<&(Label, Value)> = key.params.iter().collect();
+        sort_params(&mut params);
+
         // Curve must be set
-        let crv = find_param_by_label(
-            &Label::Int(iana::Ec2KeyParameter::Crv.to_i64()),
-            &key.params,
-        )
-        .ok_or(CoseCipherError::MissingKeyParam(
-            iana::Ec2KeyParameter::Crv.into(),
-        ))?;
+        let crv = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::Crv.to_i64()), &params)
+            .ok_or(CoseCipherError::MissingKeyParam(
+                iana::Ec2KeyParameter::Crv.into(),
+            ))?;
         // Curve must be of correct type
         let crv = EllipticCurve::from_cbor_value(crv.clone()).map_err(|_e| {
             // TODO e as error source (as soon as we use core::error::Error).
@@ -158,7 +173,7 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseEc2Key<'a, OE> {
 
         // Parse parameters d and x (private key and part of the public key), must be of type
         // bstr.
-        let d = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::D.to_i64()), &key.params)
+        let d = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::D.to_i64()), &params)
             .map(|v| match v.as_bytes() {
                 None => Err(CoseCipherError::InvalidKeyParam(
                     iana::Ec2KeyParameter::D.into(),
@@ -167,7 +182,7 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseEc2Key<'a, OE> {
                 Some(b) => Ok(b.as_slice()),
             })
             .transpose()?;
-        let x = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::X.to_i64()), &key.params)
+        let x = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::X.to_i64()), &params)
             .map(|v| match v.as_bytes() {
                 None => Err(CoseCipherError::InvalidKeyParam(
                     iana::Ec2KeyParameter::X.into(),
@@ -177,9 +192,9 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseEc2Key<'a, OE> {
             })
             .transpose()?;
 
-        // Parse parameters y (other half of public key), is either a bstr containing the Y
+        // Parse parameter y (other half of public key), is either a bstr containing the Y
         // coordinate or a boolean indicating the sign.
-        let y = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::Y.to_i64()), &key.params);
+        let y = find_param_by_label(&Label::Int(iana::Ec2KeyParameter::Y.to_i64()), &params);
         let (y, sign) = match y {
             None => (None, None),
             Some(Value::Bytes(b)) => (Some(b.as_slice()), None),
@@ -231,20 +246,19 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseOkpKey<'a, OE> {
 
     fn try_from(key: &'a CoseKey) -> Result<Self, Self::Error> {
         // Unless stated otherwise, these checks are according to RFC 9053, Section 7.2.
+        let mut params: Vec<&(Label, Value)> = key.params.iter().collect();
+        sort_params(&mut params);
 
         // Curve must be set
-        let crv = find_param_by_label(
-            &Label::Int(iana::OkpKeyParameter::Crv.to_i64()),
-            &key.params,
-        )
-        .ok_or(CoseCipherError::MissingKeyParam(
-            iana::Ec2KeyParameter::Crv.into(),
-        ))?;
+        let crv = find_param_by_label(&Label::Int(iana::OkpKeyParameter::Crv.to_i64()), &params)
+            .ok_or(CoseCipherError::MissingKeyParam(
+                iana::OkpKeyParameter::Crv.into(),
+            ))?;
 
         // Curve must be of correct type
         let crv = EllipticCurve::from_cbor_value(crv.clone()).map_err(|_e| {
             // TODO e as error source (as soon as we use core::error::Error).
-            CoseCipherError::InvalidKeyParam(iana::Ec2KeyParameter::Crv.into(), crv.clone())
+            CoseCipherError::InvalidKeyParam(iana::OkpKeyParameter::Crv.into(), crv.clone())
         })?;
 
         // Check whether curve and key type are consistent (RFC 9053, Section 7.1)
@@ -259,7 +273,7 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseOkpKey<'a, OE> {
         }
 
         // Parse parameters d and x (private key and public key), must be of type bstr.
-        let d = find_param_by_label(&Label::Int(iana::OkpKeyParameter::D.to_i64()), &key.params)
+        let d = find_param_by_label(&Label::Int(iana::OkpKeyParameter::D.to_i64()), &params)
             .map(|v| match v.as_bytes() {
                 None => Err(CoseCipherError::InvalidKeyParam(
                     iana::OkpKeyParameter::D.into(),
@@ -268,7 +282,7 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseOkpKey<'a, OE> {
                 Some(b) => Ok(b.as_slice()),
             })
             .transpose()?;
-        let x = find_param_by_label(&Label::Int(iana::OkpKeyParameter::X.to_i64()), &key.params)
+        let x = find_param_by_label(&Label::Int(iana::OkpKeyParameter::X.to_i64()), &params)
             .map(|v| match v.as_bytes() {
                 None => Err(CoseCipherError::InvalidKeyParam(
                     iana::OkpKeyParameter::X.into(),
@@ -312,11 +326,13 @@ impl<'a, OE: Display> TryFrom<&'a CoseKey> for CoseSymmetricKey<'a, OE> {
 
     fn try_from(key: &'a CoseKey) -> Result<Self, Self::Error> {
         // Unless stated otherwise, these checks are according to RFC 9053, Section 7.3.
+        let mut params: Vec<&(Label, Value)> = key.params.iter().collect();
+        sort_params(&mut params);
 
         // Parse key value, must be of type bstr and be set.
         let k = find_param_by_label(
             &Label::Int(iana::SymmetricKeyParameter::K.to_i64()),
-            &key.params,
+            &params,
         )
         .ok_or(CoseCipherError::MissingKeyParam(
             iana::SymmetricKeyParameter::K.into(),
@@ -531,7 +547,7 @@ fn symmetric_key_size<BE: Display>(algorithm: &Algorithm) -> Result<usize, CoseC
     }
 }
 
-pub(crate) fn is_valid_aes_key<'a, BE: Display>(
+pub(crate) fn ensure_valid_aes_key<'a, BE: Display>(
     algorithm: &Algorithm,
     parsed_key: CoseParsedKey<'a, BE>,
 ) -> Result<CoseSymmetricKey<'a, BE>, CoseCipherError<BE>> {
@@ -595,3 +611,52 @@ pub(crate) fn generate_cek_for_alg<B: CoseCipher>(
         v => Err(CoseCipherError::UnsupportedAlgorithm(v)),
     }
 }
+
+pub fn ensure_valid_ecdsa_key<'a, BE: Display>(
+    algorithm: &Algorithm,
+    parsed_key: CoseParsedKey<'a, BE>,
+    key_should_be_private: bool,
+) -> Result<CoseEc2Key<'a, BE>, CoseCipherError<BE>> {
+    // Checks according to RFC 9053, Section 2.1 or RFC 8812, Section 3.2.
+
+    // Key type must be EC2
+    let ec2_key = if let CoseParsedKey::Ec2(ec2_key) = parsed_key {
+        ec2_key
+    } else {
+        return Err(CoseCipherError::KeyTypeAlgorithmMismatch(
+            parsed_key.as_ref().kty.clone(),
+            algorithm.clone(),
+        ));
+    };
+
+    // If algorithm in key is set, it must match our algorithm
+    if let Some(alg) = &ec2_key.as_ref().alg {
+        if alg != algorithm {
+            return Err(CoseCipherError::KeyAlgorithmMismatch(
+                alg.clone(),
+                algorithm.clone(),
+            ));
+        }
+    }
+
+    // Key must contain private key information to perform signature, and either D or X and Y to
+    // verify a signature.
+    if key_should_be_private && ec2_key.d.is_none() {
+        return Err(CoseCipherError::MissingKeyParam(KeyParam::Ec2(
+            Ec2KeyParameter::D,
+        )));
+    } else if !key_should_be_private && ec2_key.d.is_none() {
+        if ec2_key.x.is_none() {
+            return Err(CoseCipherError::MissingKeyParam(KeyParam::Ec2(
+                Ec2KeyParameter::X,
+            )));
+        }
+        if ec2_key.y.is_none() {
+            return Err(CoseCipherError::MissingKeyParam(KeyParam::Ec2(
+                Ec2KeyParameter::Y,
+            )));
+        }
+    }
+
+    Ok(ec2_key)
+}
diff --git a/src/token/cose/mac/mac/mod.rs b/src/token/cose/maced/mac/mod.rs
similarity index 97%
rename from src/token/cose/mac/mac/mod.rs
rename to src/token/cose/maced/mac/mod.rs
index ea67773..2515cb7 100644
--- a/src/token/cose/mac/mac/mod.rs
+++ b/src/token/cose/maced/mac/mod.rs
@@ -5,9 +5,9 @@ use core::cell::RefCell;
 use coset::{CoseMac, CoseMacBuilder, EncryptionContext, Header};
 
 use crate::error::CoseCipherError;
-use crate::token::cose::encrypt::CoseKeyDistributionCipher;
+use crate::token::cose::encrypted::CoseKeyDistributionCipher;
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider};
-use crate::token::cose::mac::{try_compute, try_verify, CoseMacCipher};
+use crate::token::cose::maced::{try_compute, try_verify, CoseMacCipher};
 use crate::token::cose::recipient::CoseNestedRecipientSearchContext;
 
 #[cfg(all(test, feature = "std"))]
diff --git a/src/token/cose/mac/mac/tests.rs b/src/token/cose/maced/mac/tests.rs
similarity index 96%
rename from src/token/cose/mac/mac/tests.rs
rename to src/token/cose/maced/mac/tests.rs
index f74cffe..3130ef2 100644
--- a/src/token/cose/mac/mac/tests.rs
+++ b/src/token/cose/maced/mac/tests.rs
@@ -10,11 +10,11 @@ use coset::{
 use rstest::rstest;
 
 use crate::token::cose::crypto_impl::openssl::OpensslContext;
-use crate::token::cose::encrypt::CoseKeyDistributionCipher;
+use crate::token::cose::encrypted::CoseKeyDistributionCipher;
 use crate::token::cose::header_util::determine_algorithm;
 use crate::token::cose::key::CoseSymmetricKey;
-use crate::token::cose::mac::mac::{CoseMacBuilderExt, CoseMacExt};
-use crate::token::cose::mac::CoseMacCipher;
+use crate::token::cose::maced::mac::{CoseMacBuilderExt, CoseMacExt};
+use crate::token::cose::maced::CoseMacCipher;
 use crate::token::cose::recipient::CoseRecipientBuilderExt;
 use crate::token::cose::test_helper::{
     apply_attribute_failures, apply_header_failures, serialize_cose_with_failures,
diff --git a/src/token/cose/mac/mac0/mod.rs b/src/token/cose/maced/mac0/mod.rs
similarity index 97%
rename from src/token/cose/mac/mac0/mod.rs
rename to src/token/cose/maced/mac0/mod.rs
index 8aae503..44ebd76 100644
--- a/src/token/cose/mac/mac0/mod.rs
+++ b/src/token/cose/maced/mac0/mod.rs
@@ -6,7 +6,7 @@ use coset::{CoseMac0, CoseMac0Builder, Header};
 
 use crate::error::CoseCipherError;
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider};
-use crate::token::cose::mac::{try_compute, try_verify, CoseMacCipher};
+use crate::token::cose::maced::{try_compute, try_verify, CoseMacCipher};
 
 #[cfg(all(test, feature = "std"))]
 mod tests;
diff --git a/src/token/cose/mac/mac0/tests.rs b/src/token/cose/maced/mac0/tests.rs
similarity index 97%
rename from src/token/cose/mac/mac0/tests.rs
rename to src/token/cose/maced/mac0/tests.rs
index 0d04896..decc7c2 100644
--- a/src/token/cose/mac/mac0/tests.rs
+++ b/src/token/cose/maced/mac0/tests.rs
@@ -8,8 +8,8 @@ use rstest::rstest;
 
 use crate::token::cose::crypto_impl::openssl::OpensslContext;
 use crate::token::cose::header_util::determine_algorithm;
-use crate::token::cose::mac::mac0::{CoseMac0BuilderExt, CoseMac0Ext};
-use crate::token::cose::mac::CoseMacCipher;
+use crate::token::cose::maced::mac0::{CoseMac0BuilderExt, CoseMac0Ext};
+use crate::token::cose::maced::CoseMacCipher;
 use crate::token::cose::test_helper::{
     apply_attribute_failures, apply_header_failures, serialize_cose_with_failures,
     CoseStructTestHelper, TestCase,
diff --git a/src/token/cose/mac/mod.rs b/src/token/cose/maced/mod.rs
similarity index 98%
rename from src/token/cose/mac/mod.rs
rename to src/token/cose/maced/mod.rs
index 1b78f8c..bbc882c 100644
--- a/src/token/cose/mac/mod.rs
+++ b/src/token/cose/maced/mod.rs
@@ -99,7 +99,7 @@ fn try_compute<B: CoseMacCipher, CKP: CoseKeyProvider>(
     if let (Some(protected), Some(unprotected)) = (protected, unprotected) {
         check_for_duplicate_headers(protected, unprotected)?;
     }
-    let key = determine_key_candidates::<B::Error, CKP>(
+    let key = determine_key_candidates::<CKP>(
         key_provider,
         protected,
         unprotected,
@@ -160,7 +160,7 @@ pub(crate) fn try_verify<B: CoseMacCipher, CKP: CoseKeyProvider>(
     data: &[u8],
 ) -> Result<(), CoseCipherError<B::Error>> {
     check_for_duplicate_headers(protected, unprotected)?;
-    for key in determine_key_candidates::<B::Error, CKP>(
+    for key in determine_key_candidates::<CKP>(
         *key_provider.borrow_mut(),
         Some(protected),
         Some(unprotected),
diff --git a/src/token/cose/mod.rs b/src/token/cose/mod.rs
index 995c8a8..521ceb5 100644
--- a/src/token/cose/mod.rs
+++ b/src/token/cose/mod.rs
@@ -3,12 +3,12 @@ use core::fmt::{Debug, Display};
 use crate::error::CoseCipherError;
 
 pub mod crypto_impl;
-pub mod encrypt;
+pub mod encrypted;
 pub mod header_util;
 pub mod key;
-pub mod sign;
+pub mod signed;
 
-pub mod mac;
+pub mod maced;
 pub mod recipient;
 #[cfg(all(test, feature = "std"))]
 pub(crate) mod test_helper;
diff --git a/src/token/cose/recipient/mod.rs b/src/token/cose/recipient/mod.rs
index d898e19..5d23ae4 100644
--- a/src/token/cose/recipient/mod.rs
+++ b/src/token/cose/recipient/mod.rs
@@ -12,9 +12,9 @@ use coset::{
 };
 
 use crate::error::CoseCipherError;
-use crate::token::cose::encrypt::CoseKeyDistributionCipher;
+use crate::token::cose::encrypted::CoseKeyDistributionCipher;
 use crate::token::cose::header_util::{determine_algorithm, determine_key_candidates};
-use crate::token::cose::key::is_valid_aes_key;
+use crate::token::cose::key::ensure_valid_aes_key;
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider, CoseParsedKey};
 
 pub(crate) struct CoseNestedRecipientSearchContext<
@@ -360,7 +360,7 @@ impl CoseRecipientBuilderExt for CoseRecipientBuilder {
         // Determine key operations that fulfill the requirements of the algorithm.
         let operation = determine_encrypt_key_ops_for_alg(&alg)?;
 
-        let key = determine_key_candidates::<B::Error, CKP>(
+        let key = determine_key_candidates::<CKP>(
             key_provider,
             protected.as_ref(),
             unprotected.as_ref(),
@@ -389,7 +389,7 @@ impl CoseRecipientBuilderExt for CoseRecipientBuilder {
             Algorithm::Assigned(
                 iana::Algorithm::A128KW | iana::Algorithm::A192KW | iana::Algorithm::A256KW,
             ) => {
-                let symm_key = is_valid_aes_key(&alg, parsed_key)?;
+                let symm_key = ensure_valid_aes_key(&alg, parsed_key)?;
 
                 if protected.is_some() && !protected.as_ref().unwrap().is_empty() {
                     return Err(CoseCipherError::AadUnsupported);
@@ -462,7 +462,7 @@ impl CoseRecipientExt for CoseRecipient {
         // Determine key operations that fulfill the requirements of the algorithm.
         let operation = determine_decrypt_key_ops_for_alg(&alg)?;
 
-        let key_candidates: Vec<CoseKey> = determine_key_candidates::<B::Error, CKP>(
+        let key_candidates: Vec<CoseKey> = determine_key_candidates::<CKP>(
             key_provider,
             Some(&self.protected.header),
             Some(&self.unprotected),
@@ -483,7 +483,7 @@ impl CoseRecipientExt for CoseRecipient {
                 Algorithm::Assigned(
                     iana::Algorithm::A128KW | iana::Algorithm::A192KW | iana::Algorithm::A256KW,
                 ) => {
-                    let symm_key = match is_valid_aes_key(&alg, parsed_key) {
+                    let symm_key = match ensure_valid_aes_key(&alg, parsed_key) {
                         Ok(v) => v,
                         Err(_e) => {
                             // Key is not an AES key, skip.
diff --git a/src/token/cose/sign/mod.rs b/src/token/cose/signed/mod.rs
similarity index 79%
rename from src/token/cose/sign/mod.rs
rename to src/token/cose/signed/mod.rs
index c4e538c..f7251c2 100644
--- a/src/token/cose/sign/mod.rs
+++ b/src/token/cose/signed/mod.rs
@@ -10,9 +10,7 @@
  */
 use alloc::collections::BTreeSet;
 use alloc::vec::Vec;
-use core::fmt::Display;
 
-use coset::iana::Ec2KeyParameter;
 use coset::{iana, Algorithm, Header, KeyOperation};
 
 pub use sign::{CoseSignBuilderExt, CoseSignExt};
@@ -22,8 +20,8 @@ use crate::error::CoseCipherError;
 use crate::token::cose::header_util::{
     check_for_duplicate_headers, determine_algorithm, determine_key_candidates,
 };
-use crate::token::cose::key::{CoseEc2Key, CoseKeyProvider, CoseParsedKey, KeyParam};
-use crate::token::cose::CoseCipher;
+use crate::token::cose::key::{CoseEc2Key, CoseKeyProvider, CoseParsedKey};
+use crate::token::cose::{key, CoseCipher};
 
 mod sign;
 mod sign1;
@@ -61,7 +59,7 @@ pub trait CoseSignCipher: CoseCipher {
     ///           Note that curve and hash bit sizes do not necessarily match.
     ///           Implementations may assume the struct field `d` (the private key) to always be set
     ///           and panic if this is not the case.
-    ///           The fields x and y (the public key) may be used by implementations if they are
+    ///           The fields `x` and `y` (the public key) may be used by implementations if they are
     ///           set. If they are not, implementations may either derive the public key from `d` or
     ///           return a [CoseCipherError::UnsupportedKeyDerivation] if this derivation is
     ///           unsupported.
@@ -81,8 +79,10 @@ pub trait CoseSignCipher: CoseCipher {
     /// # Panics
     ///
     /// Implementations may panic if the provided algorithm is not an ECDSA algorithm, the
-    /// provided key is not part of a curve suitable for ECDSA or if an unrecoverable backend error
-    /// occurs that necessitates a panic (at their own discretion).
+    /// provided key is not part of a curve suitable for ECDSA, the `d` field of the key is not set
+    /// or if an unrecoverable backend error occurs that necessitates a panic (at their own
+    /// discretion).
+    /// In the last of the above cases, additional panics should be documented on the backend level.
     ///
     /// For unknown algorithms or key curves, however, the implementation must not panic and return
     /// [CoseCipherError::UnsupportedAlgorithm] instead (in case new ECDSA variants are defined).
@@ -114,31 +114,37 @@ pub trait CoseSignCipher: CoseCipher {
     ///           algorithm, the implementation may return [CoseCipherError::UnsupportedAlgorithm]
     ///           or panic.
     ///           Note that curve and hash bit sizes do not necessarily match.
-    ///           Implementations may assume the struct field `d` (the private key) to always be set
-    ///           and panic if this is not the case.
     ///           The fields x and y (the public key) may be used by implementations if they are
     ///           set. If they are not, implementations may either derive the public key from `d` or
     ///           return a [CoseCipherError::UnsupportedKeyDerivation] if this derivation is
     ///           unsupported.
-    /// * `signature` - the signature to verify.
+    /// * `signature` - the signature to verify. This signature should be a valid signature
+    ///           conforming to RFC 9053, Section 2.1 (i.e. the `r` and `s` values of the signature
+    ///           are each padded with zeros at the beginning to the key size rounded up to the next
+    ///           full byte), but as this is user-provided input, the implementation should not rely
+    ///           on this being the case.
     /// * `target` - Data that was presumably signed using the signature.
     ///
     /// # Return Value
     ///
-    /// It is expected that the return value is a signature conforming to RFC 9053, Section 2.1,
-    /// i.e. the return value should consist of the `r` and `s` values of the signature, which are
-    /// each padded (at the beginning) with zeros to the key size (rounded up to the next full
-    /// byte).
+    /// It is expected that the return value is Ok(()) if the provided signature is a valid ECDSA
+    /// signature for the provided key.
     ///
-    /// In case of errors, the implementation may return any valid [CoseCipherError].
+    /// If the signature is not malformed, but not valid for the given `alg`, `key`,
+    /// and `target`, a [CoseCipherError::VerificationFailure] must be returned.
+    ///
+    /// In case of other errors, the implementation may return any valid [CoseCipherError]
+    /// (including [CoseCipherError::VerificationFailure]).
     /// For backend-specific errors, [CoseCipherError::Other] may be used to convey a
     /// backend-specific error.
     ///
     /// # Panics
     ///
     /// Implementations may panic if the provided algorithm is not an ECDSA algorithm, the
-    /// provided key is not part of a curve suitable for ECDSA or if an unrecoverable backend error
-    /// occurs that necessitates a panic (at their own discretion).
+    /// provided key is not part of a curve suitable for ECDSA, neither the `x` and `y` fields nor
+    /// the `d` field of the provided key are set or if an unrecoverable backend error occurs that
+    /// necessitates a panic (at their own discretion).
+    /// In the last of the above cases, additional panics should be documented on the backend level.
     ///
     /// For unknown algorithms or key curves, however, the implementation must not panic and return
     /// [CoseCipherError::UnsupportedAlgorithm] instead (in case new ECDSA variants are defined).
@@ -151,47 +157,6 @@ pub trait CoseSignCipher: CoseCipher {
     ) -> Result<(), CoseCipherError<Self::Error>>;
 }
 
-fn is_valid_ecdsa_key<'a, BE: Display>(
-    algorithm: &Algorithm,
-    parsed_key: CoseParsedKey<'a, BE>,
-    key_should_be_private: bool,
-) -> Result<CoseEc2Key<'a, BE>, CoseCipherError<BE>> {
-    // Checks according to RFC 9053, Section 2.1 or RFC 8812, Section 3.2.
-
-    // Key type must be EC2
-    let ec2_key = if let CoseParsedKey::Ec2(ec2_key) = parsed_key {
-        ec2_key
-    } else {
-        return Err(CoseCipherError::KeyTypeAlgorithmMismatch(
-            parsed_key.as_ref().kty.clone(),
-            algorithm.clone(),
-        ));
-    };
-
-    // If algorithm in key is set, it must match our algorithm
-    if let Some(alg) = &ec2_key.as_ref().alg {
-        if alg != algorithm {
-            return Err(CoseCipherError::KeyAlgorithmMismatch(
-                alg.clone(),
-                algorithm.clone(),
-            ));
-        }
-    }
-
-    // Key must contain private key information to perform signature.
-    if key_should_be_private && ec2_key.d.is_none() {
-        return Err(CoseCipherError::MissingKeyParam(KeyParam::Ec2(
-            Ec2KeyParameter::D,
-        )));
-    } else if ec2_key.x.is_none() || ec2_key.y.is_none() {
-        return Err(CoseCipherError::MissingKeyParam(KeyParam::Ec2(
-            Ec2KeyParameter::X,
-        )));
-    }
-
-    Ok(ec2_key)
-}
-
 fn try_sign<B: CoseSignCipher, CKP: CoseKeyProvider>(
     backend: &mut B,
     key_provider: &mut CKP,
@@ -202,7 +167,7 @@ fn try_sign<B: CoseSignCipher, CKP: CoseKeyProvider>(
     if let (Some(protected), Some(unprotected)) = (protected, unprotected) {
         check_for_duplicate_headers(protected, unprotected)?;
     }
-    let key = determine_key_candidates::<B::Error, CKP>(
+    let key = determine_key_candidates::<CKP>(
         key_provider,
         protected,
         unprotected,
@@ -222,7 +187,7 @@ fn try_sign<B: CoseSignCipher, CKP: CoseKeyProvider>(
             | iana::Algorithm::ES256K,
         ) => {
             // Check if this is a valid ECDSA key.
-            let ec2_key = is_valid_ecdsa_key::<B::Error>(&algorithm, parsed_key, true)?;
+            let ec2_key = key::ensure_valid_ecdsa_key::<B::Error>(&algorithm, parsed_key, true)?;
 
             // Perform signing operation using backend.
             move |tosign| backend.sign_ecdsa(algorithm, &ec2_key, tosign)
@@ -257,7 +222,7 @@ fn try_verify_with_key<B: CoseSignCipher>(
             | iana::Algorithm::ES256K,
         ) => {
             // Check if this is a valid ECDSA key.
-            let ec2_key = is_valid_ecdsa_key::<B::Error>(&algorithm, key, false)?;
+            let ec2_key = key::ensure_valid_ecdsa_key::<B::Error>(&algorithm, key, false)?;
 
             backend.verify_ecdsa(algorithm, &ec2_key, signature, toverify)
         }
@@ -280,7 +245,7 @@ fn try_verify<B: CoseSignCipher, CKP: CoseKeyProvider>(
     toverify: &[u8],
 ) -> Result<(), CoseCipherError<B::Error>> {
     check_for_duplicate_headers(protected, unprotected)?;
-    for key in determine_key_candidates::<B::Error, CKP>(
+    for key in determine_key_candidates::<CKP>(
         key_provider,
         Some(protected),
         Some(unprotected),
diff --git a/src/token/cose/sign/sign/mod.rs b/src/token/cose/signed/sign/mod.rs
similarity index 97%
rename from src/token/cose/sign/sign/mod.rs
rename to src/token/cose/signed/sign/mod.rs
index 9b2e438..37fc819 100644
--- a/src/token/cose/sign/sign/mod.rs
+++ b/src/token/cose/signed/sign/mod.rs
@@ -2,7 +2,7 @@ use coset::{CoseSign, CoseSignBuilder, CoseSignature};
 
 use crate::error::CoseCipherError;
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider};
-use crate::token::cose::sign;
+use crate::token::cose::signed;
 use crate::CoseSignCipher;
 
 #[cfg(all(test, feature = "std"))]
@@ -41,7 +41,7 @@ impl CoseSignBuilderExt for CoseSignBuilder {
             sig.clone(),
             aad.lookup_aad(None, Some(&sig.protected.header), Some(&sig.unprotected)),
             |tosign| {
-                sign::try_sign(
+                signed::try_sign(
                     backend,
                     key_provider,
                     Some(&sig.protected.header),
@@ -65,7 +65,7 @@ impl CoseSignBuilderExt for CoseSignBuilder {
             payload,
             aad.lookup_aad(None, Some(&sig.protected.header), Some(&sig.unprotected)),
             |tosign| {
-                sign::try_sign(
+                signed::try_sign(
                     backend,
                     key_provider,
                     Some(&sig.protected.header),
@@ -116,7 +116,7 @@ impl CoseSignExt for CoseSign {
                     Some(&self.signatures[sigindex].unprotected),
                 ),
                 |signature, toverify| {
-                    sign::try_verify(
+                    signed::try_verify(
                         backend,
                         key_provider,
                         &self.signatures[sigindex].protected.header,
@@ -156,7 +156,7 @@ impl CoseSignExt for CoseSign {
                     Some(&self.signatures[sigindex].unprotected),
                 ),
                 |signature, toverify| {
-                    sign::try_verify(
+                    signed::try_verify(
                         backend,
                         key_provider,
                         &self.signatures[sigindex].protected.header,
diff --git a/src/token/cose/sign/sign/tests.rs b/src/token/cose/signed/sign/tests.rs
similarity index 97%
rename from src/token/cose/sign/sign/tests.rs
rename to src/token/cose/signed/sign/tests.rs
index 2f38cba..ec8c258 100644
--- a/src/token/cose/sign/sign/tests.rs
+++ b/src/token/cose/signed/sign/tests.rs
@@ -6,8 +6,8 @@ use coset::{CoseError, CoseKey, CoseSign, CoseSignBuilder, CoseSignatureBuilder,
 use rstest::rstest;
 
 use crate::token::cose::crypto_impl::openssl::OpensslContext;
-use crate::token::cose::encrypt::CoseKeyDistributionCipher;
-use crate::token::cose::sign::{CoseSignBuilderExt, CoseSignExt};
+use crate::token::cose::encrypted::CoseKeyDistributionCipher;
+use crate::token::cose::signed::{CoseSignBuilderExt, CoseSignExt};
 use crate::token::cose::test_helper::{
     apply_attribute_failures, apply_header_failures, perform_cose_reference_output_test,
     perform_cose_self_signed_test, serialize_cose_with_failures, CoseStructTestHelper, TestCase,
diff --git a/src/token/cose/sign/sign1/mod.rs b/src/token/cose/signed/sign1/mod.rs
similarity index 91%
rename from src/token/cose/sign/sign1/mod.rs
rename to src/token/cose/signed/sign1/mod.rs
index 5ed1c63..715a822 100644
--- a/src/token/cose/sign/sign1/mod.rs
+++ b/src/token/cose/signed/sign1/mod.rs
@@ -2,7 +2,7 @@ use coset::{CoseSign1, CoseSign1Builder, Header};
 
 use crate::error::CoseCipherError;
 use crate::token::cose::key::{CoseAadProvider, CoseKeyProvider};
-use crate::token::cose::sign;
+use crate::token::cose::signed;
 use crate::CoseSignCipher;
 
 #[cfg(all(test, feature = "std"))]
@@ -13,14 +13,12 @@ mod tests;
 pub trait CoseSign1BuilderExt: Sized {
     /// Creates the signature for the CoseSign1 object using the given backend.
     ///
-    /// Will also set potentially required headers and check whether the given key is appropriate
-    /// for signing and matches the header information.
-    ///
     /// Parameters:
     /// - `backend`: cryptographic backend to use
-    /// - `key`: Key to use for signing.
+    /// - `key_provider`: Key provider to use for signing (usually a slice of keys will suffice).
     /// - `protected`: protected headers, will override the previously set ones.
     /// - `unprotected`: unprotected headers, will override the previously set ones.
+    /// - `aad`: External additional authenticated data to include in the signature calculation.
     ///
     /// TODO: Setting all of these options at once kind of defeats the purpose of
     ///       the builder pattern, but it is necessary here, as we lack access to the `protected`
@@ -37,14 +35,13 @@ pub trait CoseSign1BuilderExt: Sized {
 
     /// Builds the CoseSign1 object with a detached payload using the given backend.
     ///
-    /// Will also set potentially required headers and check whether the given key is appropriate
-    /// for signing and matches the header information.
-    ///
     /// Parameters:
     /// - `backend`: cryptographic backend to use
-    /// - `key`: Key to use for signing.
+    /// - `key_provider`: Key provider to use for signing (usually a slice of keys will suffice).
     /// - `protected`: protected headers, will override the previously set ones.
     /// - `unprotected`: unprotected headers, will override the previously set ones.
+    /// - `payload`: detached payload that should be signed.
+    /// - `aad`: External additional authenticated data to include in the signature calculation.
     ///
     /// TODO: Setting all of these options at once kind of defeats the purpose of
     ///       the builder pattern, but it is necessary here, as we lack access to the `protected`
@@ -80,7 +77,7 @@ impl CoseSign1BuilderExt for CoseSign1Builder {
         builder.try_create_signature(
             aad.lookup_aad(None, protected.as_ref(), unprotected.as_ref()),
             |tosign| {
-                sign::try_sign(
+                signed::try_sign(
                     backend,
                     key_provider,
                     protected.as_ref(),
@@ -110,7 +107,7 @@ impl CoseSign1BuilderExt for CoseSign1Builder {
             payload,
             aad.lookup_aad(None, protected.as_ref(), unprotected.as_ref()),
             |tosign| {
-                sign::try_sign(
+                signed::try_sign(
                     backend,
                     key_provider,
                     protected.as_ref(),
@@ -152,7 +149,7 @@ impl CoseSign1Ext for CoseSign1 {
         self.verify_signature(
             aad.lookup_aad(None, Some(&self.protected.header), Some(&self.unprotected)),
             |signature, toverify| {
-                sign::try_verify(
+                signed::try_verify(
                     backend,
                     key_provider,
                     &self.protected.header,
@@ -162,9 +159,7 @@ impl CoseSign1Ext for CoseSign1 {
                     toverify,
                 )
             },
-        )?;
-
-        Ok(())
+        )
     }
 
     fn try_verify_detached<
@@ -185,7 +180,7 @@ impl CoseSign1Ext for CoseSign1 {
             payload,
             aad.lookup_aad(None, Some(&self.protected.header), Some(&self.unprotected)),
             |signature, toverify| {
-                sign::try_verify(
+                signed::try_verify(
                     backend,
                     key_provider,
                     &self.protected.header,
diff --git a/src/token/cose/sign/sign1/tests.rs b/src/token/cose/signed/sign1/tests.rs
similarity index 97%
rename from src/token/cose/sign/sign1/tests.rs
rename to src/token/cose/signed/sign1/tests.rs
index bb08493..81dc385 100644
--- a/src/token/cose/sign/sign1/tests.rs
+++ b/src/token/cose/signed/sign1/tests.rs
@@ -5,8 +5,8 @@ use coset::{CoseError, CoseKey, CoseSign1, CoseSign1Builder, Header};
 use rstest::rstest;
 
 use crate::token::cose::crypto_impl::openssl::OpensslContext;
-use crate::token::cose::sign::CoseSign1BuilderExt;
-use crate::token::cose::sign::CoseSign1Ext;
+use crate::token::cose::signed::CoseSign1BuilderExt;
+use crate::token::cose::signed::CoseSign1Ext;
 use crate::token::cose::test_helper::{
     apply_attribute_failures, apply_header_failures, perform_cose_reference_output_test,
     perform_cose_self_signed_test, serialize_cose_with_failures, CoseStructTestHelper, TestCase,
diff --git a/src/token/mod.rs b/src/token/mod.rs
index 86f8e6d..1befd91 100644
--- a/src/token/mod.rs
+++ b/src/token/mod.rs
@@ -155,18 +155,18 @@
 
 use crate::common::cbor_values::ByteString;
 use crate::error::{AccessTokenError, CoseCipherError};
-use crate::token::cose::encrypt::{
+use crate::token::cose::encrypted::{
     CoseEncrypt0BuilderExt, CoseEncrypt0Ext, CoseEncryptBuilderExt, CoseEncryptCipher,
     CoseEncryptExt, CoseKeyDistributionCipher,
 };
 use crate::token::cose::header_util::determine_algorithm;
 use crate::token::cose::key::{generate_cek_for_alg, CoseKeyProvider, CoseParsedKey};
 use crate::token::cose::recipient::CoseRecipientBuilderExt;
-pub use crate::token::cose::sign::CoseSignCipher;
+pub use crate::token::cose::signed::CoseSignCipher;
 use crate::token::cose::CoseCipher;
 use ciborium::value::Value;
-use cose::sign::{CoseSign1BuilderExt, CoseSign1Ext};
-use cose::sign::{CoseSignBuilderExt, CoseSignExt};
+use cose::signed::{CoseSign1BuilderExt, CoseSign1Ext};
+use cose::signed::{CoseSignBuilderExt, CoseSignExt};
 use coset::cwt::ClaimsSet;
 use coset::{
     iana, Algorithm, AsCborValue, CborSerializable, CoseEncrypt, CoseEncrypt0, CoseEncrypt0Builder,
@@ -531,10 +531,8 @@ where
     CKP: CoseKeyProvider,
 {
     let sign = CoseSign1::from_slice(token.as_slice()).map_err(AccessTokenError::CoseError)?;
-    let result = sign.try_verify(backend, key_provider, try_all_keys, &mut external_aad);
-    result?;
-
-    Ok(())
+    sign.try_verify(backend, key_provider, try_all_keys, &mut external_aad)
+        .map_err(AccessTokenError::from)
 }
 
 /// Verifies the given `token` and `external_aad` with the `key` using the cipher