diff --git a/ChangeLog.txt b/ChangeLog.txt
index 17761692..d53d4705 100755
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -2,7 +2,8 @@
ChangeLog for jsrsasign
* Changes between 5.0.4 to next release
- - node sample 'jwssign' added.
+ - node sample 'jwssign', 'jwtverify', 'asn1dump'
+ and 'pemtobin' added.
* Changes between 5.0.2 to 5.0.4 (2015-Nov-23)
- jwtverify, asn1dump and pemtobin sample Node script in
diff --git a/index.html b/index.html
index f58c723c..5fe6464b 100755
--- a/index.html
+++ b/index.html
@@ -27,9 +27,11 @@
opensource free pure JavaScript cryptographic library s
jsjws |
DOWNLOADS |
TUTORIALS |
+Wiki |
API REFERENCE |
DEMOS |
NEW DEMOS |
+Node sample |
NPM |
diff --git a/sample_node/README.md b/sample_node/README.md
index 8b9c0780..2398b4c6 100644
--- a/sample_node/README.md
+++ b/sample_node/README.md
@@ -8,35 +8,9 @@ Here is sample node utility scripts using 'jsrsasign' module.
1. [jwtverify](https://github.com/kjur/jsrsasign/tree/master/sample_node/jwtverify) - JWT and JWS verification tool
-This script is to verify JWT(JSON Web Token) or JWS(JSON Web Signature) file or string
-using [KJUR.jws.JWS.verifyJWT()](http://kjur.github.io/jsrsasign/api/symbols/KJUR.jws.JWS.html#.verifyJWT) method. It has following features:
-
-* HS256/384/512,RS256/384/512,PS256/384/512,ES256/384 signature algorithm support
-
-* string, hexadecimal and Base64URL passcode support for HS* signatures
-
-* JWS and JWT validation
-
-* JWT/JWS signature can be provided by a file or a string argument.
-
-* Verbose mode for validation in detail.
-
-To verify JWS, provide simply passcode or public key:
-
- % jwtverify -s password aaa.jws // passcode is 'password'
- % jwtverify -x 616161 aaa.jws // passcode is 0x616161 (i.e. aaa)
- % jwtverify -k aaa.pub aaa.jws // verify by PKCS#8 public key
-
-You can specify a JWS signature to verify as script argument not a file.
-
- % jwtverify -s aaa eyJhbGciOiJIUzI1NiIsInR5c...
-
-Verifying JWT is very similar to JWS however you can specify optional arguments:
-
- % jwtverify -s aaa --verify_at 20051231235959Z aaa.jwt // verify at 2005 Dec 31.
- // current time by default.
- % jwtverify -s aaa --accept_iss "http://example.com" aaa.jwt // acceptable issuer
- % jwtverify -s aaa --accept_sub "http://example.com" aaa.jwt // acceptable subject
+This script is to verify JWT(JSON Web Token) or JWS(JSON Web Signature) for HMAC password or public key.
+using [KJUR.jws.JWS.verifyJWT()](http://kjur.github.io/jsrsasign/api/symbols/KJUR.jws.JWS.html#.verifyJWT) method.
+See [here](https://github.com/kjur/jsrsasign/wiki/Sample-Node-Script---jwtverify) in detail.
1. [asn1dump](https://github.com/kjur/jsrsasign/tree/master/sample_node/asn1dump) - simple ASN.1 dumper
@@ -68,26 +42,3 @@ To execute above scripts some npm packages are reuiqred:
% npm install -g commander
% npm install -g jsrsasign
-
-## ONLINE HELP
-
-All above scripts supports '-h' or '--help' option:
-
- % ./jwtverify -h
-
- Usage: jwtverify [options]
-
- verify JWT/jWS file or string
-
- Options:
-
- -h, --help output usage information
- -V, --version output the version number
- -s, --hmacpassstr Hmac(HS*) pass string (ex. passwd)
- -x, --hmacpasshex Hmac(HS*) pass hex (ex. 7e5f...)
- -b, --hmacpassb64u Hmac(HS*) pass base 64 url encoding)
- -k, --pubkey public key file (ex. PKCS#8 PEM or JWK)
- -v, --verbose show header and payload
- --accept_iss check iss is in the iss list (ex. a@a.com,b@b.com)
- --accept_sub check sub is in the sub list (ex. a@a.com,b@b.com)
- --verify_at verify at specified UTC time(ex. 20151123235959Z)
diff --git a/sample_node/jwtverify b/sample_node/jwtverify
index 0e0a9279..c07fb78f 100755
--- a/sample_node/jwtverify
+++ b/sample_node/jwtverify
@@ -17,14 +17,14 @@
var program = require('commander');
var rs = require('jsrsasign');
var path = require('path');
+var JWS = rs.jws.JWS;
program
- .version('0.0.1')
+ .version('1.0.0 (2015-Nov-25)')
.usage('[options] ')
.description('verify JWT/jWS file or string')
- .option('-s, --hmacpassstr ', 'Hmac(HS*) pass string (ex. passwd)')
- .option('-x, --hmacpasshex ', 'Hmac(HS*) pass hex (ex. 7e5f...)')
- .option('-b, --hmacpassb64u ', 'Hmac(HS*) pass base 64 url encoding)')
+ .option('-t, --passtype ', 'Hmac(HS*) pass type', 'utf8')
+ .option('-p, --pass ', 'Hmac(HS*) password in specfied type', 'passwd')
.option('-k, --pubkey ', 'public key file (ex. PKCS#8 PEM or JWK)')
.option('-v, --verbose', 'show header and payload')
.option('--accept_iss ', 'check iss is in the iss list (ex. a@a.com,b@b.com)')
@@ -48,12 +48,12 @@ var pass;
var pubKeyObj;
var acceptField = {};
-if (program.hmacpassstr !== undefined)
- pass = {utf8: program.hmacpassstr};
-if (program.hmacpasshex !== undefined)
- pass = {hex: program.hmacpasshex};
-if (program.hmacpassb64u !== undefined)
- pass = {b64u: program.hmacpassb64u};
+if (! JWS.inArray(program.passtype, ['utf8', 'hex', 'b64', 'b64u']))
+ throw "unsupported HS* password type: " + program.passtype;
+if (program.passtype !== undefined && program.pass !== undefined) {
+ pass = {};
+ pass[program.passtype] = program.pass;
+}
if (program.pubkey !== undefined) {
var pubKeyPEM = rs.readFile(program.pubkey);