-
-
Notifications
You must be signed in to change notification settings - Fork 645
Sample Node Tool jwssign
TOP | Wiki | DOWNLOADS | TUTORIALS | API REFERENCE | Online Tool | DEMO | NODE TOOL
Script source code is here.
This script signs JWS(JSON Web Signature) by specified header and payload file or string. This can be also sign JWT(JSON Web Token) by specifying proper header and payload.
To generate JWS file 'aaa.jws' with specified PKCS#8 RSA private key 'rsa1.prv', header and payload, type following at the command line:
% jwssign -k rsa1.prv '{"typ":"jws","alg":"RS256"}' \
'{"product":"orange","quantity":100}' aaa.jws
Generated file will be following: eyJ0eXAiOiJqd3MiLCJhbGciOiJSUzI1NiJ9.eyJuYW1lIjoib...
You can also specify header and payload by files respectively:
% jwssign -k rsa1.prv header.txt payload.txt aaa.jws
To output JWS signature to standard output not to a file, you can specify "-" as output:
% jwssign -k rsa1.prv header.txt payload.txt -
eyJ0eXAiOiJqd3MiLCJhbGciOiJSUzI1NiJ9.eyJuYW1lIjoib...
To force specifying signature algorithm as though whatever algorithm specified in a header, use "-f" option:
% jwssign -k rsa1.prv -f PS384 '{"typ":"jws","alg":"RS256"}' payload.txt aaa.jws
For RSA private key, you can specify RS* and PS* signature algorithms.
To generate ES256 signature with ECC private key, type following:
% jwssign -k ec1.prv '{"typ":"jws","alg":"ES256"}' payload.txt aaa.jws
To generate HS* hmac JWS signature, there are four ways to specify hmac password using password type '-t' and password '-p' option.
- -t utf8 -p aaa (specify password 'aaa' by UTF-8 string)
- -t hex -p 616161 (specify password '616161' (i.e. aaa) by hexadecimal string
- -t b64 -p YWFh (specify password 'YWFh' (i.e. aaa) by Base64 encoded string
- -t b64u -p YWFh (specify password 'YWFh' (i.e. aaa) by Base64URL encoded string
For example, to generate HS256 JWS signature with password 'passwd', command will be following:
% jwssign -t utf8 -p passwd '{"typ":"jws","alg":"HS256"}' payload.txt' aaa.jws
With '-h' or '--help' option, script shows command line help:
% jwssign -h
Usage: jwssign [options] <JWS Header file/string> \
<JWS payload file/string> <output JWS file>
sign JWS by header/payload file or string
Options:
-h, --help output usage information
-V, --version output the version number
-t, --passtype <utf8|hex|b64|b64u> Hmac(HS*) pass type
-p, --pass <pass> Hmac(HS*) password in specfied type
-k, --prvkey <file> private key file (ex. PKCS#8 PEM)
-f, --forcealg <sigalg> overwrite alg in header (ex. HS512)