initial commit (wip)
This commit is contained in:
commit
a5f2365761
|
|
@ -0,0 +1,153 @@
|
|||
# Keypairs CLI
|
||||
|
||||
The most useful and easy-to-use crypto cli on the planet
|
||||
(because `openssl` is confusing).
|
||||
|
||||
* [x] Universal Standards-based Crypto Support:
|
||||
* [x] RSA (2048, 3072, 4096, 8192)
|
||||
* [x] EC (NIST ECDSA) P-256 (prime256v1, secp256r1), P-384 (secp384r1)
|
||||
* [x] Supported Encodings: PEM, JSON
|
||||
* [x] Private Key Formats: PKCS1, SEC1, PKCS8, JWK, OpenSSH
|
||||
* [x] Public Key Formats: PKCS1, PKIX (SPKI), SSH
|
||||
* [x] Create JWT tokens
|
||||
* [x] Sign JWT/JWS claims/tokens/payloads
|
||||
* [x] Verify JWT/JWS tokens/json
|
||||
|
||||
# Install
|
||||
|
||||
You must have [node.js](https://nodejs.org) installed.
|
||||
|
||||
```bash
|
||||
npm install --global keypairs-cli
|
||||
```
|
||||
|
||||
# Usage
|
||||
|
||||
Guess and check.
|
||||
|
||||
The keypairs CLI is pretty fuzzy. **If you just type at it, it'll probably work.**
|
||||
|
||||
That said, the fuzzy behavior is _not_ API-stable and is subject to change,
|
||||
so you should only script to the documented syntax. ;)
|
||||
|
||||
# Overview
|
||||
|
||||
* Generate: `keypairs gen`
|
||||
* Convert: `keypairs ./priv.pem`
|
||||
* Sign: `keypairs ./priv.pem sign https://example.com/ '{"sub":"jon@example.com"}'`
|
||||
* Verify: `keypairs verify 'xxxxx.yyyyy.zzzzz'`
|
||||
|
||||
## Generate a New Key
|
||||
|
||||
No arguments - generates a universally compatible key of more-than-sufficient entropy.
|
||||
|
||||
```bash
|
||||
keypairs gen
|
||||
```
|
||||
|
||||
Generate an ecdsa key:
|
||||
|
||||
```bash
|
||||
keypairs gen ec P-256
|
||||
```
|
||||
|
||||
Generate an RSA key:
|
||||
|
||||
```bash
|
||||
keypairs gen rsa 2048
|
||||
```
|
||||
|
||||
## Parse/Convert an existing key
|
||||
|
||||
```bash
|
||||
keypairs ./priv.pem
|
||||
```
|
||||
|
||||
```bash
|
||||
keypairs '{"kty":"EC",...}'
|
||||
```
|
||||
|
||||
```bash
|
||||
keypairs ./priv.jwk.json
|
||||
```
|
||||
|
||||
**Syntax**: `keypairs <in> [priv-out opts...] [pub-out opts...]`
|
||||
|
||||
```bash
|
||||
keypairs <inkey> [[encoding|scheme] [priv-out]] [[encoding|scheme] [pub-out]] [public|private]
|
||||
```
|
||||
|
||||
**Note**: If you specify a private _and_ a public key, and you want to specify the schema/encoding
|
||||
of the public key, you must also specify the scheme and encoding of the public key. Order matters.
|
||||
Private keys come first.
|
||||
|
||||
JWK Keypair to PEM-encoded Private and Public keys:
|
||||
|
||||
```bash
|
||||
keypairs ./priv.json pem pkcs1 ./priv.pem pem spki ./pub.pem
|
||||
keypairs ./priv.json pem ./priv.pem ssh ./pub.json
|
||||
keypairs ./priv.json pkcs8 ./priv.pem spki ./pub.json
|
||||
```
|
||||
|
||||
PEM Keypair to JSON-encoded JWK (Public Key Only):
|
||||
|
||||
```bash
|
||||
keypairs ./priv.pem jwk ./priv.pem public
|
||||
keypairs ./priv.pem json ./priv.pem public
|
||||
```
|
||||
|
||||
Generic PEM to JWK:
|
||||
|
||||
```bash
|
||||
keypairs priv.pem priv.jwk.json
|
||||
```
|
||||
|
||||
```bash
|
||||
keypairs priv.pem priv.jwk.json pub.jwk.json
|
||||
```
|
||||
|
||||
```bash
|
||||
keypairs priv.pem pub.jwk.json public
|
||||
```
|
||||
|
||||
```bash
|
||||
# fails if the input is public
|
||||
keypairs priv.pem priv.jwk.json private
|
||||
```
|
||||
|
||||
|
||||
Generic JWK to PEM:
|
||||
|
||||
```bash
|
||||
keypairs '{"kty":"EC",...}' priv.pem
|
||||
```
|
||||
|
||||
```bash
|
||||
keypairs priv.json priv.pem
|
||||
```
|
||||
|
||||
## Sign a Token (JWT)
|
||||
|
||||
<!-- or Payload (JWS) -->
|
||||
|
||||
```bash
|
||||
keypairs ./priv.pem sign https://example.com/ '{"sub":"jon@example.com"}' 1h
|
||||
```
|
||||
|
||||
## Verify a JWT (Token)
|
||||
|
||||
<!-- or JWS (Payload) -->
|
||||
|
||||
Verify a JWT based on its issuer
|
||||
|
||||
```bash
|
||||
keypairs verify 'xxx.yyy.zzz'
|
||||
```
|
||||
|
||||
<!--
|
||||
Verify using a specific key
|
||||
|
||||
```bash
|
||||
keypairs priv.pem verify 'xxx.yyy.zzz' nofetch
|
||||
```
|
||||
-->
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
#!/usr/bin/env node
|
||||
'use strict';
|
||||
|
||||
require("keypairs/bin/keypairs.js");
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
{
|
||||
"name": "keypairs-cli",
|
||||
"version": "1.2.0",
|
||||
"description": "CLI for Keypairs.js",
|
||||
"homepage": "https://git.coolaj86.com/coolaj86/keypairs-cli.js",
|
||||
"main": "bin/keypairs-cli.js",
|
||||
"files": [ "CLI.md", "bin/keypairs.js" ],
|
||||
"scripts": {
|
||||
"test": "node test.js"
|
||||
},
|
||||
"bin": {
|
||||
"keypairs": "bin/keypairs-cli.js"
|
||||
},
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "https://git.coolaj86.com/coolaj86/keypairs-cli.js"
|
||||
},
|
||||
"keywords": [
|
||||
"CLI",
|
||||
"commandline",
|
||||
"bash",
|
||||
"EC",
|
||||
"RSA",
|
||||
"ECDSA",
|
||||
"PEM",
|
||||
"JWK"
|
||||
],
|
||||
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
|
||||
"license": "MPL-2.0",
|
||||
"dependencies": {
|
||||
"keypairs": "1.x",
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue