table of contents
| RNBYC(1) | User Commands | RNBYC(1) |
NAME¶
rnbyc - JWK and JWT parser and generator
DESCRIPTION¶
rnbyc - JWK/JWKS parser and generator, JWT parser and serializer, supports signed, encrypted and nested JWTs
Version 1.1.8
COPYRIGHT¶
Copyright 2020-2022 Nicolas Mora <mail@babelouest.org>
This program is free software; you can redistribute it and/or modify it under the terms of the GPL 3
Command-line options:
-j --jwks
- Action: JWKS, parse or generate keys and output JWKS
-g --generate <type>
- Generate a key pair or a symmetric key <type> - values available: RSA[key size] (default key size: 4096), EC256, EC384, EC521, Ed25519, Ed448, X25519, X448, oct[key size] (default key size: 128 bits)
-i --stdin
- Reads key to parse from stdin
-f --in-file
- Reads key to parse from a file
-k --key-id
- Specifies the key-id to add to the current key
-a --alg
- Action: JWKS - Specifies the alg value to add to the current key Action: Serialize - Specifies the alg value to sign the token
-e --enc
- Specifies the enc value to encrypt the token (default A128CBC)
-l --enc-alg
- Specifies the encryption algorithm for key management of the token
-o --out-file
- Specifies the output file for the private keys (or all the keys if no public file is specified) in the JWKS
-p --out-file-public
- Specifies the output file for the public keys in the JWKS
-n --indent
- JWKS output spaces indentation: 0 is compact mode, default is 2 spaces indent
-F --format
- Output format, values available are JWK (default), PEM or DER
-x --split
- Split JWKS output in public and private keys
-t --parse-token
- Action: Parse token
-s --serialize-token
- Action: serialize given claims in a token
-H --header
- Display header of a parsed token
-C --claims
- Display claims of a parsed token, default true
-P --public-key
- Specifies the public key for key management encryption or signature verification Public key must be in JWKS format and can be either a JWKS string or a path to a JWKS file
-K --private-key
- Specifies the private key for key management decryption or signature generation Public key must be in JWKS format and can be either a JWKS string or a path to a JWKS file
-S --self-signed
- Verifies the JWT signature if the signed JWT has its public key included in its header as 'jwk', 'x5c' or 'x5u' parameter
-W --password
- Specifies the password for key management encryption/decryption using PBES2 alg or signature generation/verification using HS alg
-u --x5u-flags
- Set x5u flags to retrieve online certificate, values available are:
- cert: ignore server certificate errors (self-signed, expired, etc.) follow: follow jwks_uri redirection if any values can be contatenated, e.g. --x5u-flags cert,follow
-v --version
- Print rnbyc's current version
-h --help
- Print this message
-d --debug
- Display debug messages
SEE ALSO¶
The full documentation for rnbyc is maintained as a Texinfo manual. If the info and rnbyc programs are properly installed at your site, the command
- info rnbyc
should give you access to the complete manual.
| September 2023 | rnbyc 1.1.8 |