coolaj86
/
keypairs-cli.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
CLI for Keypairs.js. It's magic.
1 Commit 1 Branch 6 Tags 33 KiB
JavaScript 96.2%
Shell 3.8%
Go to file
AJ ONeal a5f2365761 initial commit (wip) 2019-03-05 04:55:31 -07:00
bin initial commit (wip) 2019-03-05 04:55:31 -07:00
README.md initial commit (wip) 2019-03-05 04:55:31 -07:00
package.json initial commit (wip) 2019-03-05 04:55:31 -07:00
test.js initial commit (wip) 2019-03-05 04:55:31 -07:00

README.md

Keypairs CLI

The most useful and easy-to-use crypto cli on the planet (because openssl is confusing).

  • Universal Standards-based Crypto Support:
    • RSA (2048, 3072, 4096, 8192)
    • EC (NIST ECDSA) P-256 (prime256v1, secp256r1), P-384 (secp384r1)
  • Supported Encodings: PEM, JSON
  • Private Key Formats: PKCS1, SEC1, PKCS8, JWK, OpenSSH
  • Public Key Formats: PKCS1, PKIX (SPKI), SSH
  • Create JWT tokens
  • Sign JWT/JWS claims/tokens/payloads
  • Verify JWT/JWS tokens/json

Install

You must have node.js installed.

npm install --global keypairs-cli

Usage

Guess and check.

The keypairs CLI is pretty fuzzy. If you just type at it, it'll probably work.

That said, the fuzzy behavior is not API-stable and is subject to change, so you should only script to the documented syntax. ;)

Overview

  • Generate: keypairs gen
  • Convert: keypairs ./priv.pem
  • Sign: keypairs ./priv.pem sign https://example.com/ '{"sub":"jon@example.com"}'
  • Verify: keypairs verify 'xxxxx.yyyyy.zzzzz'

Generate a New Key

No arguments - generates a universally compatible key of more-than-sufficient entropy.

keypairs gen

Generate an ecdsa key:

keypairs gen ec P-256

Generate an RSA key:

keypairs gen rsa 2048

Parse/Convert an existing key

keypairs ./priv.pem

keypairs '{"kty":"EC",...}'

keypairs ./priv.jwk.json

Syntax: keypairs <in> [priv-out opts...] [pub-out opts...]

keypairs <inkey> [[encoding|scheme] [priv-out]] [[encoding|scheme] [pub-out]] [public|private]

Note: If you specify a private and a public key, and you want to specify the schema/encoding of the public key, you must also specify the scheme and encoding of the public key. Order matters. Private keys come first.

JWK Keypair to PEM-encoded Private and Public keys:

keypairs ./priv.json pem pkcs1 ./priv.pem pem spki ./pub.pem
keypairs ./priv.json pem ./priv.pem ssh ./pub.json
keypairs ./priv.json pkcs8 ./priv.pem spki ./pub.json

PEM Keypair to JSON-encoded JWK (Public Key Only):

keypairs ./priv.pem jwk ./priv.pem public
keypairs ./priv.pem json ./priv.pem public

Generic PEM to JWK:

keypairs priv.pem priv.jwk.json

keypairs priv.pem priv.jwk.json pub.jwk.json

keypairs priv.pem pub.jwk.json public

# fails if the input is public
keypairs priv.pem priv.jwk.json private

Generic JWK to PEM:

keypairs '{"kty":"EC",...}' priv.pem

keypairs priv.json priv.pem

Sign a Token (JWT)

keypairs ./priv.pem sign https://example.com/ '{"sub":"jon@example.com"}' 1h

Verify a JWT (Token)

Verify a JWT based on its issuer

keypairs verify 'xxx.yyy.zzz'