'\" t
.\" Title: jose-jws-ver
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot
.\" Date: 07/06/2024
.\" Manual: \ \&
.\" Source: \ \&
.\" Language: English
.\"
.TH "JOSE\-JWS\-VER" "1" "07/06/2024" "\ \&" "\ \&"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
jose-jws-ver \- Verifies a JWS using the supplied JWKs
.SH "SYNOPSIS"
.sp
\fBjose jws ver\fR \-i JWS [\-I PAY] \-k JWK [\-a] [\-O PAY]
.SH "OVERVIEW"
.sp
The \fBjose jws ver\fR command verifies a signature over a payload using one or more JWKs\&. When specifying more than one JWK (\fB\-k\fR), the program will succeed when any of the provided JWKs successfully verify a signature\&. Alternatively, if the \fB\-a\fR option is given, the program will succeed only when all JWKs successfully verify a signature\&.
.sp
If the JWS is a detached JWS, meaning that the payload is stored in binary form external to the JWS itself, the payload can be loaded using the \fB\-I\fR parameter\&.
.sp
Please note that, when specifying the \fB\-O\fR option to output the payload, the payload is output whether or not the signature validates\&. Therefore, you must check the return value of the command before trusting the data\&.
.SH "OPTIONS"
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-i\fR
\fIJSON\fR,
\fB\-\-input\fR=\fIJSON\fR
: Parse JWS from JSON
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-i\fR
\fIFILE\fR,
\fB\-\-input\fR=\fIFILE\fR
: Read JWS from FILE
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-i\fR
\-,
\fB\-\-input\fR=\- : Read JWS from standard input
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-I\fR
\fIFILE\fR,
\fB\-\-detached\fR=\fIFILE\fR
: Read decoded payload from FILE
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-I\fR
\-,
\fB\-\-detached\fR=\- : Read decoded payload from standard input
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-k\fR
\fIFILE\fR,
\fB\-\-key\fR=\fIFILE\fR
: Read JWK(Set) from FILE
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-k\fR
\-,
\fB\-\-key\fR=\- : Read JWK(Set) from standard input
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-O\fR
\fIFILE\fR,
\fB\-\-detach\fR=\fIFILE\fR
: Decode payload to FILE
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-O\fR
\-,
\fB\-\-detach\fR=\- : Decode payload to standard output
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-a\fR,
\fB\-\-all\fR
: Ensure the JWS validates with all keys
.RE
.SH "EXAMPLES"
.sp
Verify a regular JWS and output the payload:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jws ver \-i msg\&.jws \-k key\&.jwk \-O msg\&.txt
.fi
.if n \{\
.RE
.\}
.sp
Verify a detached JWS without outputting the payload:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jws ver \-i msg\&.jws \-I msg\&.txt \-k key\&.jwk
.fi
.if n \{\
.RE
.\}
.sp
Ensure that a JWS is signed with all specified keys:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jws ver \-i msg\&.jws \-k ec\&.jwk \-k rsa\&.jwk \-a
.fi
.if n \{\
.RE
.\}
.SH "AUTHOR"
.sp
Nathaniel McCallum
.SH "SEE ALSO"
.sp
\fBjose\-jws\-fmt\fR(1), \fBjose\-jws\-sig\fR(1)