1JOSE-JWS-VER(1)                                                JOSE-JWS-VER(1)
2
3
4

NAME

6       jose-jws-ver - Verifies a JWS using the supplied JWKs
7

SYNOPSIS

9       jose jws ver -i JWS [-I PAY] -k JWK [-a] [-O PAY]
10

OVERVIEW

12       The  jose jws ver command verifies a signature over a payload using one
13       or more JWKs. When specifying more than one JWK (-k), the program  will
14       succeed  when any of the provided JWKs successfully verify a signature.
15       Alternatively, if the -a option is given, the program will succeed only
16       when all JWKs successfully verify a signature.
17
18       If  the  JWS  is  a detached JWS, meaning that the payload is stored in
19       binary form external to the JWS itself, the payload can be loaded using
20       the -I parameter.
21
22       Please  note that, when specifying the -O option to output the payload,
23       the payload is output whether or not the  signature  validates.  Thereā€
24       fore,  you  must  check the return value of the command before trusting
25       the data.
26

OPTIONS

28       -i JSON, --input=JSON
29              Parse JWS from JSON
30
31       -i FILE, --input=FILE
32              Read JWS from FILE
33
34       -i -, --input=-
35              Read JWS from standard input
36
37       -I FILE, --detached=FILE
38              Read decoded payload from FILE
39
40       -I -, --detached=-
41              Read decoded payload from standard input
42
43       -k FILE, --key=FILE
44              Read JWK(Set) from FILE
45
46       -k -, --key=-
47              Read JWK(Set) from standard input
48
49       -O FILE, --detach=FILE
50              Decode payload to FILE
51
52       -O -, --detach=-
53              Decode payload to standard output
54
55       -a, --all
56              Ensure the JWS validates with all keys
57

EXAMPLES

59       Verify a regular JWS and output the payload:
60
61
62
63           $ jose jws ver -i msg.jws -k key.jwk -O msg.txt
64
65
66
67       Verify a detached JWS without outputting the payload:
68
69
70
71           $ jose jws ver -i msg.jws -I msg.txt -k key.jwk
72
73
74
75       Ensure that a JWS is signed with all specified keys:
76
77
78
79           $ jose jws ver -i msg.jws -k ec.jwk -k rsa.jwk -a
80
81
82

AUTHOR

84       Nathaniel McCallum <npmccallum@redhat.com>
85

SEE ALSO

87       jose-jws-fmt(1), jose-jws-sig(1)
88
89
90
91                                   May 2017                    JOSE-JWS-VER(1)
Impressum