1JOSE-JWK-USE(1)                                                JOSE-JWK-USE(1)
2
3
4

NAME

6       jose-jwk-use - Validates a key for the specified use(s)
7

SYNOPSIS

9       jose jwk use -i JWK [-a] [-r] -u OP
10

OVERVIEW

12       The jose jwk use command validates one or more JWK(Set) inputs for a
13       given set of usages. This will be validated against the "use" and
14       "key_ops" properties of each JWK.
15
16       By default, if a JWK has no restrictions an operation will be allowed.
17       However, by specifying the -r option you can ensure that a JWK will not
18       be allowed unless it explicitly permits the option.
19
20       In normal operation, jose jwk use will fail if any of the JWKs do not
21       validate. However, if the -o option is used jose jwk use will instead
22       write a JWK(Set) containing all of the input keys that validate. If no
23       JWKs validate, the command will fail.
24

OPTIONS

26       •   -i JSON, --input=JSON : Parse JWK(Set) from JSON
27
28       •   -i FILE, --input=FILE : Read JWK(Set) from FILE
29
30       •   -i -, --input=- : Read JWK(Set) standard input
31
32       •   -u sign, --use=sign : Validate the key for signing
33
34       •   -u verify, --use=verify : Validate the key for verifying
35
36       •   -u encrypt, --use=encrypt : Validate the key for encrypting
37
38       •   -u decrypt, --use=decrypt : Validate the key for decrypting
39
40       •   -u wrapKey, --use=wrapKey : Validate the key for wrapping
41
42       •   -u unwrapKey, --use=unwrapKey : Validate the key for unwrapping
43
44       •   -u deriveKey, --use=deriveKey : Validate the key for deriving keys
45
46       •   -u deriveBits, --use=deriveBits : Validate the key for deriving
47           bits
48
49       •   -a, --all : Succeeds only if all operations are allowed
50
51       •   -r, --required : Operations must be explicitly allowed
52
53       •   -o FILE, --output=FILE : Filter keys to FILE as JWK(Set)
54
55       •   -o -, --output=- : Filter keys to standard output as JWK(Set)
56
57       •   -s, --set : Always output a JWKSet
58

EXAMPLES

60       Examples of both success and failure from a private and public key:
61
62           $ jose jwk gen -i '{"alg":"ES256"}' -o prv.jwk
63           $ jose jwk pub -i prv.jwk -o pub.jwk
64           $ jose jwk use -i prv.jwk -u sign
65           $ echo $?
66           0
67           $ jose jwk use -i pub.jwk -u sign
68           $ echo $?
69           1
70

AUTHOR

72       Nathaniel McCallum <npmccallum@redhat.com>
73

SEE ALSO

75       jose-jwk-gen(1)
76
77
78
79                                  07/22/2021                   JOSE-JWK-USE(1)