1JOSE-JWK-EXC(1)                                                JOSE-JWK-EXC(1)
2
3
4

NAME

6       jose-jwk-exc - Performs a key exchange using the two input keys
7

SYNOPSIS

9       jose jwk exc [-i JWK] -l JWK -r JWK [-o JWK]
10

OVERVIEW

12       The  jose  jwk  exc command performs a key exchange using the two input
13       keys and provides the result of the exchange as output.  The  user  can
14       specify  a  JWK  template  as  input  and the specified properties will
15       appear in the output JWK unmodified.
16
17       A key exchange requires two keys:
18
19       1.  The local key, which usually contains private key material.
20
21       2.  The remote key, which usually contains public key material.
22
23
24
25       The algorithm for the exchange is inferred from the inputs.
26
27       The ECDH algorithm performs a standard  elliptic  curve  multiplication
28       such that the public value of \p rem is multiplied by the private value
29       of \p.
30
31       The ECMR algorithm has three modes of operation. Where  the  local  key
32       has a private key (the "d" property), it performs exactly like ECDH. If
33       the local key does not have a private key and the remote key does  have
34       a  private key, elliptic curve addition is performed on the two values.
35       Otherwise, if neither the local key nor the remote key have  a  private
36       key,  the  remote  key  is subtracted from the local key using elliptic
37       curve subtraction. When using ECMR, be sure to validate the content  of
38       your inputs to avoid triggering the incorrect operation!
39

OPTIONS

41       -i JSON, --input=JSON
42              Parse JWK template from JSON
43
44       -i FILE, --input=FILE
45              Read JWK template from FILE
46
47       -i -, --input=-
48              Read JWK template from standard input
49
50       -o FILE, --output=FILE
51              Write JWK(Set) to FILE
52
53       -o -, --output=-
54              Write JWK(Set) to standard input
55
56       -l FILE, --local=FILE
57              Read local JWK from FILE
58
59       -l -, --local=-
60              Read local JWK from standard input
61
62       -r FILE, --remote=FILE
63              Read remote JWK from FILE
64
65       -r -, --remote=-
66              Read remote JWK from standard input
67

EXAMPLES

69       Perform a key exchange:
70
71
72
73           $ jose jwk gen -i ´{"alg":"ECDH"}´ -o local.jwk
74           $ jose jwk gen -i ´{"alg":"ECDH"}´ | jose jwk pub -i- -o remote.jwk
75           $ jose jwk exc -l local.jwk -r remote.jwk -o exchanged.jwk
76
77
78

AUTHOR

80       Nathaniel McCallum <npmccallum@redhat.com>
81

SEE ALSO

83       jose-alg(1), jose-jwk-exc(1), jose-jwk-gen(1), jose-jwk-pub(1)
84
85
86
87                                   June 2017                   JOSE-JWK-EXC(1)
Impressum