...

Text file src/gopkg.in/go-jose/go-jose.v2/jose-util/README.md

Documentation: gopkg.in/go-jose/go-jose.v2/jose-util 

     1# JOSE CLI
     2
     3The `jose-util` command line utility allows for encryption, decryption, signing
     4and verification of JOSE messages. Its main purpose is to facilitate dealing
     5with JOSE messages when testing or debugging.
     6
     7## Usage
     8
     9The utility includes the subcommands `encrypt`, `decrypt`, `sign`, `verify` and
    10`expand`. Examples for each command can be found below.
    11
    12Algorithms are selected via the `--alg` and `--enc` flags, which influence the
    13`alg` and `enc` headers in respectively. For JWE, `--alg` specifies the key
    14management algorithm (e.g. `RSA-OAEP`) and `--enc` specifies the content
    15encryption algorithm (e.g. `A128GCM`). For JWS, `--alg` specifies the
    16signature algorithm (e.g. `PS256`).
    17
    18Input and output files can be specified via the `--in` and `--out` flags.
    19Either flag can be omitted, in which case `jose-util` uses stdin/stdout for
    20input/output respectively. By default, each command will output a compact
    21message, but it's possible to get the full serialization by supplying the
    22`--full` flag.
    23
    24Keys are specified via the `--key` flag. Supported key types are naked RSA/EC
    25keys and X.509 certificates with embedded RSA/EC keys. Keys must be in PEM
    26or DER formats.
    27
    28
    29## Testing
    30
    31`cram` is used for testing.  This can be installed with pip or `sudo apt install
    32python-cram` See the travis file for how this is used in testing. For example,
    33`go build && PATH=$PWD:$PATH cram -v jose-util.t`
    34
    35
    36## Examples
    37
    38### Encrypt
    39
    40Takes a plaintext as input, encrypts, and prints the encrypted message.
    41
    42    echo 'test message' | jose-util encrypt --key public-key.pem --alg RSA-OAEP --enc A128GCM
    43
    44### Decrypt
    45
    46Takes an encrypted message (JWE) as input, decrypts, and prints the plaintext.
    47
    48    jose-util decrypt --key private-key.pem
    49
    50### Sign
    51
    52Takes a payload as input, signs it, and prints the signed message with the embedded payload.
    53
    54    jose-util sign --key private-key.pem --alg PS256
    55
    56### Verify
    57
    58Reads a signed message (JWS), verifies it, and extracts the payload.
    59
    60    jose-util verify --key public-key.pem
    61
    62### Expand
    63
    64Expands a compact message to the full serialization format.
    65
    66    jose-util expand --format JWE   # Expands a compact JWE to full format
    67    jose-util expand --format JWS   # Expands a compact JWS to full format

View as plain text