git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
jose
1
0
Fork 0
Files
Tree: fde0fe3481
Branches Tags
jose
/
doc
/
ronn
/
jose-jwk-use.1

jose-jwk-use.1 2.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. .\" generated with Ronn/v0.7.3
    2. 

  2. .\" http://github.com/rtomayko/ronn/tree/0.7.3
    3. 

  3. .
    4. 

  4. .TH "JOSE\-JWK\-USE" "1" "June 2017" "" ""
    5. 

  5. .
    6. 

  6. .SH "NAME"
    7. 

  7. \fBjose\-jwk\-use\fR \- Validates a key for the specified use(s)
    8. 

  8. .
    9. 

  9. .SH "SYNOPSIS"
    10. 

  10. \fBjose jwk use\fR \-i JWK [\-a] [\-r] \-u OP
    11. 

  11. .
    12. 

  12. .SH "OVERVIEW"
    13. 

  13. The \fBjose jwk use\fR command validates one or more JWK(Set) inputs for a given set of usages\. This will be validated against the "use" and "key_ops" properties of each JWK\.
    14. 

  14. .
    15. 

  15. .P
    16. 

  16. By default, if a JWK has no restrictions an operation will be allowed\. However, by specifying the \fB\-r\fR option you can ensure that a JWK will not be allowed unless it explicitly permits the option\.
    17. 

  17. .
    18. 

  18. .P
    19. 

  19. In normal operation, \fBjose jwk use\fR will fail if any of the JWKs do not validate\. However, if the \fB\-o\fR option is used \fBjose jwk use\fR will instead write a JWK(Set) containing all of the input keys that validate\. If no JWKs validate, the command will fail\.
    20. 

  20. .
    21. 

  21. .SH "OPTIONS"
    22. 

  22. .
    23. 

  23. .TP
    24. 

  24. \fB\-i\fR \fIJSON\fR, \fB\-\-input\fR=\fIJSON\fR
    25. 

  25. Parse JWK(Set) from JSON
    26. 

  26. .
    27. 

  27. .TP
    28. 

  28. \fB\-i\fR \fIFILE\fR, \fB\-\-input\fR=\fIFILE\fR
    29. 

  29. Read JWK(Set) from FILE
    30. 

  30. .
    31. 

  31. .TP
    32. 

  32. \fB\-i\fR \-, \fB\-\-input\fR=\-
    33. 

  33. Read JWK(Set) standard input
    34. 

  34. .
    35. 

  35. .TP
    36. 

  36. \fB\-u\fR sign, \fB\-\-use\fR=sign
    37. 

  37. Validate the key for signing
    38. 

  38. .
    39. 

  39. .TP
    40. 

  40. \fB\-u\fR verify, \fB\-\-use\fR=verify
    41. 

  41. Validate the key for verifying
    42. 

  42. .
    43. 

  43. .TP
    44. 

  44. \fB\-u\fR encrypt, \fB\-\-use\fR=encrypt
    45. 

  45. Validate the key for encrypting
    46. 

  46. .
    47. 

  47. .TP
    48. 

  48. \fB\-u\fR decrypt, \fB\-\-use\fR=decrypt
    49. 

  49. Validate the key for decrypting
    50. 

  50. .
    51. 

  51. .TP
    52. 

  52. \fB\-u\fR wrapKey, \fB\-\-use\fR=wrapKey
    53. 

  53. Validate the key for wrapping
    54. 

  54. .
    55. 

  55. .TP
    56. 

  56. \fB\-u\fR unwrapKey, \fB\-\-use\fR=unwrapKey
    57. 

  57. Validate the key for unwrapping
    58. 

  58. .
    59. 

  59. .TP
    60. 

  60. \fB\-u\fR deriveKey, \fB\-\-use\fR=deriveKey
    61. 

  61. Validate the key for deriving keys
    62. 

  62. .
    63. 

  63. .TP
    64. 

  64. \fB\-u\fR deriveBits, \fB\-\-use\fR=deriveBits
    65. 

  65. Validate the key for deriving bits
    66. 

  66. .
    67. 

  67. .TP
    68. 

  68. \fB\-a\fR, \fB\-\-all\fR
    69. 

  69. Succeeds only if all operations are allowed
    70. 

  70. .
    71. 

  71. .TP
    72. 

  72. \fB\-r\fR, \fB\-\-required\fR
    73. 

  73. Operations must be explicitly allowed
    74. 

  74. .
    75. 

  75. .TP
    76. 

  76. \fB\-o\fR \fIFILE\fR, \fB\-\-output\fR=\fIFILE\fR
    77. 

  77. Filter keys to FILE as JWK(Set)
    78. 

  78. .
    79. 

  79. .TP
    80. 

  80. \fB\-o\fR \-, \fB\-\-output\fR=\-
    81. 

  81. Filter keys to standard output as JWK(Set)
    82. 

  82. .
    83. 

  83. .TP
    84. 

  84. \fB\-s\fR, \fB\-\-set\fR
    85. 

  85. Always output a JWKSet
    86. 

  86. .
    87. 

  87. .SH "EXAMPLES"
    88. 

  88. Examples of both success and failure from a private and public key:
    89. 

  89. .
    90. 

  90. .IP "" 4
    91. 

  91. .
    92. 

  92. .nf
    93. 

  93. 

  94. $ jose jwk gen \-i \'{"alg":"ES256"}\' \-o prv\.jwk
    95. 

  95. $ jose jwk pub \-i prv\.jwk \-o pub\.jwk
    96. 

  96. $ jose jwk use \-i prv\.jwk \-u sign
    97. 

  97. $ echo $?
    98. 

  98. 0
    99. 

  99. $ jose jwk use \-i pub\.jwk \-u sign
    100. 

  100. $ echo $?
    101. 

  101. 1
    102. 

  102. .
    103. 

  103. .fi
    104. 

  104. .
    105. 

  105. .IP "" 0
    106. 

  106. .
    107. 

  107. .SH "AUTHOR"
    108. 

  108. Nathaniel McCallum <npmccallum@redhat\.com>
    109. 

  109. .
    110. 

  110. .SH "SEE ALSO"
    111. 

  111. \fBjose\-jwk\-gen\fR(1)
    112.