1
0

jose-jws-ver.1 2.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. .\" generated with Ronn/v0.7.3
  2. .\" http://github.com/rtomayko/ronn/tree/0.7.3
  3. .
  4. .TH "JOSE\-JWS\-VER" "1" "May 2017" "" ""
  5. .
  6. .SH "NAME"
  7. \fBjose\-jws\-ver\fR \- Verifies a JWS using the supplied JWKs
  8. .
  9. .SH "SYNOPSIS"
  10. \fBjose jws ver\fR \-i JWS [\-I PAY] \-k JWK [\-a] [\-O PAY]
  11. .
  12. .SH "OVERVIEW"
  13. The \fBjose jws ver\fR command verifies a signature over a payload using one or more JWKs\. When specifying more than one JWK (\fB\-k\fR), the program will succeed when any of the provided JWKs successfully verify a signature\. Alternatively, if the \fB\-a\fR option is given, the program will succeed only when all JWKs successfully verify a signature\.
  14. .
  15. .P
  16. If the JWS is a detached JWS, meaning that the payload is stored in binary form external to the JWS itself, the payload can be loaded using the \fB\-I\fR parameter\.
  17. .
  18. .P
  19. Please note that, when specifying the \fB\-O\fR option to output the payload, the payload is output whether or not the signature validates\. Therefore, you must check the return value of the command before trusting the data\.
  20. .
  21. .SH "OPTIONS"
  22. .
  23. .TP
  24. \fB\-i\fR \fIJSON\fR, \fB\-\-input\fR=\fIJSON\fR
  25. Parse JWS from JSON
  26. .
  27. .TP
  28. \fB\-i\fR \fIFILE\fR, \fB\-\-input\fR=\fIFILE\fR
  29. Read JWS from FILE
  30. .
  31. .TP
  32. \fB\-i\fR \-, \fB\-\-input\fR=\-
  33. Read JWS from standard input
  34. .
  35. .TP
  36. \fB\-I\fR \fIFILE\fR, \fB\-\-detached\fR=\fIFILE\fR
  37. Read decoded payload from FILE
  38. .
  39. .TP
  40. \fB\-I\fR \-, \fB\-\-detached\fR=\-
  41. Read decoded payload from standard input
  42. .
  43. .TP
  44. \fB\-k\fR \fIFILE\fR, \fB\-\-key\fR=\fIFILE\fR
  45. Read JWK(Set) from FILE
  46. .
  47. .TP
  48. \fB\-k\fR \-, \fB\-\-key\fR=\-
  49. Read JWK(Set) from standard input
  50. .
  51. .TP
  52. \fB\-O\fR \fIFILE\fR, \fB\-\-detach\fR=\fIFILE\fR
  53. Decode payload to FILE
  54. .
  55. .TP
  56. \fB\-O\fR \-, \fB\-\-detach\fR=\-
  57. Decode payload to standard output
  58. .
  59. .TP
  60. \fB\-a\fR, \fB\-\-all\fR
  61. Ensure the JWS validates with all keys
  62. .
  63. .SH "EXAMPLES"
  64. Verify a regular JWS and output the payload:
  65. .
  66. .IP "" 4
  67. .
  68. .nf
  69. $ jose jws ver \-i msg\.jws \-k key\.jwk \-O msg\.txt
  70. .
  71. .fi
  72. .
  73. .IP "" 0
  74. .
  75. .P
  76. Verify a detached JWS without outputting the payload:
  77. .
  78. .IP "" 4
  79. .
  80. .nf
  81. $ jose jws ver \-i msg\.jws \-I msg\.txt \-k key\.jwk
  82. .
  83. .fi
  84. .
  85. .IP "" 0
  86. .
  87. .P
  88. Ensure that a JWS is signed with all specified keys:
  89. .
  90. .IP "" 4
  91. .
  92. .nf
  93. $ jose jws ver \-i msg\.jws \-k ec\.jwk \-k rsa\.jwk \-a
  94. .
  95. .fi
  96. .
  97. .IP "" 0
  98. .
  99. .SH "AUTHOR"
  100. Nathaniel McCallum <npmccallum@redhat\.com>
  101. .
  102. .SH "SEE ALSO"
  103. \fBjose\-jws\-fmt\fR(1), \fBjose\-jws\-sig\fR(1)