Man page - jose-jwk-use(1)

Packages contains this manual

Package:  jose
apt-get install jose

Manuals in package:
• jose-jwk-eql(1)
• jose-jwk-gen(1)
• jose-jws-ver(1)
• jose-jws-sig(1)
• jose(1)
• jose-b64-enc(1)
• jose-jwk-pub(1)
• jose-jwk-thp(1)
• jose-jwk-use(1)
• jose-jwe-enc(1)
• jose-b64-dec(1)
• jose-jws-fmt(1)
• jose-fmt(1)
• jose-jwe-dec(1)
• jose-jwk-exc(1)
• jose-jwe-fmt(1)
• jose-alg(1)
Documentations in package:
• jose

Manual

JOSE-JWK-USE

NAME
SYNOPSIS
OVERVIEW
OPTIONS
EXAMPLES
AUTHOR
SEE ALSO

---

NAME

jose-jwk-use - Validates a key for the specified use(s)

SYNOPSIS

jose jwk use -i JWK [-a] [-r] -u OP

OVERVIEW

The jose jwk use command validates one or more JWK(Set) inputs for a given set of usages. This will be validated against the "use" and "key_ops" properties of each JWK.

By default, if a JWK has no restrictions an operation will be allowed. However, by specifying the -r option you can ensure that a JWK will not be allowed unless it explicitly permits the option.

In normal operation, jose jwk use will fail if any of the JWKs do not validate. However, if the -o option is used jose jwk use will instead write a JWK(Set) containing all of the input keys that validate. If no JWKs validate, the command will fail.

OPTIONS

• -i JSON , --input = JSON : Parse JWK(Set) from JSON

• -i FILE , --input = FILE : Read JWK(Set) from FILE

• -i -, --input =- : Read JWK(Set) standard input

• -u sign, --use =sign : Validate the key for signing

• -u verify, --use =verify : Validate the key for verifying

• -u encrypt, --use =encrypt : Validate the key for encrypting

• -u decrypt, --use =decrypt : Validate the key for decrypting

• -u wrapKey, --use =wrapKey : Validate the key for wrapping

• -u unwrapKey, --use =unwrapKey : Validate the key for unwrapping

• -u deriveKey, --use =deriveKey : Validate the key for deriving keys

• -u deriveBits, --use =deriveBits : Validate the key for deriving bits

• -a , --all : Succeeds only if all operations are allowed

• -r , --required : Operations must be explicitly allowed

• -o FILE , --output = FILE : Filter keys to FILE as JWK(Set)

• -o -, --output =- : Filter keys to standard output as JWK(Set)

• -s , --set : Always output a JWKSet

EXAMPLES

Examples of both success and failure from a private and public key:

$ jose jwk gen -i '{"alg":"ES256"}' -o prv.jwk
$ jose jwk pub -i prv.jwk -o pub.jwk
$ jose jwk use -i prv.jwk -u sign
$ echo $?
0
$ jose jwk use -i pub.jwk -u sign
$ echo $?
1

AUTHOR

Nathaniel McCallum <npmccallum@redhat.com>

SEE ALSO

jose-jwk-gen (1) <jose-jwk-gen.1.adoc>

---