JOSE-JWK-USE(1) JOSE-JWK-USE(1)
NAME
jose-jwk-use - Validates a key for the specified use(s)
SYNOPSIS
jose jwk use -i JWK [-a] [-r] -u OP
OVERVIEW
The jose jwk use command validates one or more JWK(Set) inputs for a
given set of usages. This will be validated against the "use" and
"key_ops" properties of each JWK.
By default, if a JWK has no restrictions an operation will be allowed.
However, by specifying the -r option you can ensure that a JWK will not
be allowed unless it explicitly permits the option.
In normal operation, jose jwk use will fail if any of the JWKs do not
validate. However, if the -o option is used jose jwk use will instead
write a JWK(Set) containing all of the input keys that validate. If no
JWKs validate, the command will fail.
OPTIONS
-i JSON, --input=JSON
Parse JWK(Set) from JSON
-i FILE, --input=FILE
Read JWK(Set) from FILE
-i -, --input=-
Read JWK(Set) standard input
-u sign, --use=sign
Validate the key for signing
-u verify, --use=verify
Validate the key for verifying
-u encrypt, --use=encrypt
Validate the key for encrypting
-u decrypt, --use=decrypt
Validate the key for decrypting
-u wrapKey, --use=wrapKey
Validate the key for wrapping
-u unwrapKey, --use=unwrapKey
Validate the key for unwrapping
-u deriveKey, --use=deriveKey
Validate the key for deriving keys
-u deriveBits, --use=deriveBits
Validate the key for deriving bits
-a, --all
Succeeds only if all operations are allowed
-r, --required
Operations must be explicitly allowed
-o FILE, --output=FILE
Filter keys to FILE as JWK(Set)
-o -, --output=-
Filter keys to standard output as JWK(Set)
-s, --set
Always output a JWKSet
EXAMPLES
Examples of both success and failure from a private and public key:
$ jose jwk gen -i '{"alg":"ES256"}' -o prv.jwk
$ jose jwk pub -i prv.jwk -o pub.jwk
$ jose jwk use -i prv.jwk -u sign
$ echo $?
0
$ jose jwk use -i pub.jwk -u sign
$ echo $?
1
AUTHOR
Nathaniel McCallum <npmccallum AT redhat.com>
SEE ALSO
jose-jwk-gen(1)
July 2019 JOSE-JWK-USE(1)
Linux-Distributionen
Huschi als Linux-Admin