Skip to content

Commit

Permalink
align command options to jwssign
Browse files Browse the repository at this point in the history
  • Loading branch information
kjur committed Nov 25, 2015
1 parent d91c1b7 commit 92d8cb8
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 63 deletions.
3 changes: 2 additions & 1 deletion ChangeLog.txt
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
ChangeLog for jsrsasign

* Changes between 5.0.4 to next release
- node sample 'jwssign' added.
- node sample 'jwssign', 'jwtverify', 'asn1dump'
and 'pemtobin' added.

* Changes between 5.0.2 to 5.0.4 (2015-Nov-23)
- jwtverify, asn1dump and pemtobin sample Node script in
Expand Down
2 changes: 2 additions & 0 deletions index.html
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,11 @@ <h2 id="project_tagline">opensource free pure JavaScript cryptographic library s
<a href="http://kjur.github.io/jsrsasign/index_jws.html">jsjws</a> |
<a href="https://github.com/kjur/jsrsasign/releases" target="_blank">DOWNLOADS</a> |
<a href="https://github.com/kjur/jsrsasign/wiki#programming-tutorial">TUTORIALS</a> |
<a href="https://github.com/kjur/jsrsasign/wiki" target="_blank">Wiki</a> |
<a href="http://kjur.github.io/jsrsasign/api/" target="_blank">API REFERENCE</a> |
<a href="http://kjur.github.io/jsrsasign/index.html#demo" target="_blank">DEMOS</a> |
<a href="http://kjur.github.io/jsrsasign/sample/" target="_blank">NEW DEMOS</a> |
<a href="https://github.com/kjur/jsrsasign/tree/master/sample_node">Node sample</a> |
<a href="https://npmjs.org/package/jsrsasign" target="_blank">NPM</a> |
</header>
</div>
Expand Down
55 changes: 3 additions & 52 deletions sample_node/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,35 +8,9 @@ Here is sample node utility scripts using 'jsrsasign' module.

1. [jwtverify](https://github.com/kjur/jsrsasign/tree/master/sample_node/jwtverify) - JWT and JWS verification tool

This script is to verify JWT(JSON Web Token) or JWS(JSON Web Signature) file or string
using [KJUR.jws.JWS.verifyJWT()](http://kjur.github.io/jsrsasign/api/symbols/KJUR.jws.JWS.html#.verifyJWT) method. It has following features:

* HS256/384/512,RS256/384/512,PS256/384/512,ES256/384 signature algorithm support

* string, hexadecimal and Base64URL passcode support for HS* signatures

* JWS and JWT validation

* JWT/JWS signature can be provided by a file or a string argument.

* Verbose mode for validation in detail.

To verify JWS, provide simply passcode or public key:

% jwtverify -s password aaa.jws // passcode is 'password'
% jwtverify -x 616161 aaa.jws // passcode is 0x616161 (i.e. aaa)
% jwtverify -k aaa.pub aaa.jws // verify by PKCS#8 public key

You can specify a JWS signature to verify as script argument not a file.

% jwtverify -s aaa eyJhbGciOiJIUzI1NiIsInR5c...

Verifying JWT is very similar to JWS however you can specify optional arguments:

% jwtverify -s aaa --verify_at 20051231235959Z aaa.jwt // verify at 2005 Dec 31.
// current time by default.
% jwtverify -s aaa --accept_iss "http://example.com" aaa.jwt // acceptable issuer
% jwtverify -s aaa --accept_sub "http://example.com" aaa.jwt // acceptable subject
This script is to verify JWT(JSON Web Token) or JWS(JSON Web Signature) for HMAC password or public key.
using [KJUR.jws.JWS.verifyJWT()](http://kjur.github.io/jsrsasign/api/symbols/KJUR.jws.JWS.html#.verifyJWT) method.
See [here](https://github.com/kjur/jsrsasign/wiki/Sample-Node-Script---jwtverify) in detail.

1. [asn1dump](https://github.com/kjur/jsrsasign/tree/master/sample_node/asn1dump) - simple ASN.1 dumper

Expand Down Expand Up @@ -68,26 +42,3 @@ To execute above scripts some npm packages are reuiqred:

% npm install -g commander
% npm install -g jsrsasign

## ONLINE HELP

All above scripts supports '-h' or '--help' option:

% ./jwtverify -h

Usage: jwtverify [options] <JWT/JWS file or string to verify>

verify JWT/jWS file or string

Options:

-h, --help output usage information
-V, --version output the version number
-s, --hmacpassstr <pass string> Hmac(HS*) pass string (ex. passwd)
-x, --hmacpasshex <pass hex> Hmac(HS*) pass hex (ex. 7e5f...)
-b, --hmacpassb64u <pass b64u> Hmac(HS*) pass base 64 url encoding)
-k, --pubkey <file> public key file (ex. PKCS#8 PEM or JWK)
-v, --verbose show header and payload
--accept_iss <iss1,...> check iss is in the iss list (ex. [email protected],[email protected])
--accept_sub <sub1,...> check sub is in the sub list (ex. [email protected],[email protected])
--verify_at <YYYYMMDDHHmmSSZ> verify at specified UTC time(ex. 20151123235959Z)
20 changes: 10 additions & 10 deletions sample_node/jwtverify
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@
var program = require('commander');
var rs = require('jsrsasign');
var path = require('path');
var JWS = rs.jws.JWS;

program
.version('0.0.1')
.version('1.0.0 (2015-Nov-25)')
.usage('[options] <JWT/JWS file or string to verify>')
.description('verify JWT/jWS file or string')
.option('-s, --hmacpassstr <pass string>', 'Hmac(HS*) pass string (ex. passwd)')
.option('-x, --hmacpasshex <pass hex>', 'Hmac(HS*) pass hex (ex. 7e5f...)')
.option('-b, --hmacpassb64u <pass b64u>', 'Hmac(HS*) pass base 64 url encoding)')
.option('-t, --passtype <utf8|hex|b64|b64u>', 'Hmac(HS*) pass type', 'utf8')
.option('-p, --pass <pass>', 'Hmac(HS*) password in specfied type', 'passwd')
.option('-k, --pubkey <file>', 'public key file (ex. PKCS#8 PEM or JWK)')
.option('-v, --verbose', 'show header and payload')
.option('--accept_iss <iss1,...>', 'check iss is in the iss list (ex. [email protected],[email protected])')
Expand All @@ -48,12 +48,12 @@ var pass;
var pubKeyObj;
var acceptField = {};

if (program.hmacpassstr !== undefined)
pass = {utf8: program.hmacpassstr};
if (program.hmacpasshex !== undefined)
pass = {hex: program.hmacpasshex};
if (program.hmacpassb64u !== undefined)
pass = {b64u: program.hmacpassb64u};
if (! JWS.inArray(program.passtype, ['utf8', 'hex', 'b64', 'b64u']))
throw "unsupported HS* password type: " + program.passtype;
if (program.passtype !== undefined && program.pass !== undefined) {
pass = {};
pass[program.passtype] = program.pass;
}

if (program.pubkey !== undefined) {
var pubKeyPEM = rs.readFile(program.pubkey);
Expand Down

0 comments on commit 92d8cb8

Please sign in to comment.