.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.3. .TH RNBYC "1" "September 2023" "rnbyc 1.1.8" "User Commands" .SH NAME rnbyc \- JWK and JWT parser and generator .SH DESCRIPTION rnbyc \- JWK/JWKS parser and generator, JWT parser and serializer, supports signed, encrypted and nested JWTs .PP Version 1.1.8 .SH COPYRIGHT Copyright 2020\-2022 Nicolas Mora .PP This program is free software; you can redistribute it and/or modify it under the terms of the GPL 3 .PP Command\-line options: .PP \fB\-j\fR \fB\-\-jwks\fR .IP Action: JWKS, parse or generate keys and output JWKS .PP \fB\-g\fR \fB\-\-generate\fR .IP Generate a key pair or a symmetric key \- values available: RSA[key size] (default key size: 4096), EC256, EC384, EC521, Ed25519, Ed448, X25519, X448, oct[key size] (default key size: 128 bits) .PP \fB\-i\fR \fB\-\-stdin\fR .IP Reads key to parse from stdin .PP \fB\-f\fR \fB\-\-in\-file\fR .IP Reads key to parse from a file .PP \fB\-k\fR \fB\-\-key\-id\fR .IP Specifies the key\-id to add to the current key .PP \fB\-a\fR \fB\-\-alg\fR .IP Action: JWKS \- Specifies the alg value to add to the current key Action: Serialize \- Specifies the alg value to sign the token .PP \fB\-e\fR \fB\-\-enc\fR .IP Specifies the enc value to encrypt the token (default A128CBC) .PP \fB\-l\fR \fB\-\-enc\-alg\fR .IP Specifies the encryption algorithm for key management of the token .PP \fB\-o\fR \fB\-\-out\-file\fR .IP Specifies the output file for the private keys (or all the keys if no public file is specified) in the JWKS .PP \fB\-p\fR \fB\-\-out\-file\-public\fR .IP Specifies the output file for the public keys in the JWKS .PP \fB\-n\fR \fB\-\-indent\fR .IP JWKS output spaces indentation: 0 is compact mode, default is 2 spaces indent .PP \fB\-F\fR \fB\-\-format\fR .IP Output format, values available are JWK (default), PEM or DER .PP \fB\-x\fR \fB\-\-split\fR .IP Split JWKS output in public and private keys .PP \fB\-t\fR \fB\-\-parse\-token\fR .IP Action: Parse token .PP \fB\-s\fR \fB\-\-serialize\-token\fR .IP Action: serialize given claims in a token .PP \fB\-H\fR \fB\-\-header\fR .IP Display header of a parsed token .PP \fB\-C\fR \fB\-\-claims\fR .IP Display claims of a parsed token, default true .PP \fB\-P\fR \fB\-\-public\-key\fR .IP Specifies the public key for key management encryption or signature verification Public key must be in JWKS format and can be either a JWKS string or a path to a JWKS file .PP \fB\-K\fR \fB\-\-private\-key\fR .IP Specifies the private key for key management decryption or signature generation Public key must be in JWKS format and can be either a JWKS string or a path to a JWKS file .PP \fB\-S\fR \fB\-\-self\-signed\fR .IP Verifies the JWT signature if the signed JWT has its public key included in its header as 'jwk', 'x5c' or 'x5u' parameter .PP \fB\-W\fR \fB\-\-password\fR .IP Specifies the password for key management encryption/decryption using PBES2 alg or signature generation/verification using HS alg .PP \fB\-u\fR \fB\-\-x5u\-flags\fR .IP Set x5u flags to retrieve online certificate, values available are: .IP cert: ignore server certificate errors (self\-signed, expired, etc.) follow: follow jwks_uri redirection if any values can be contatenated, e.g. \fB\-\-x5u\-flags\fR cert,follow .PP \fB\-v\fR \fB\-\-version\fR .IP Print rnbyc's current version .PP \fB\-h\fR \fB\-\-help\fR .IP Print this message .PP \fB\-d\fR \fB\-\-debug\fR .IP Display debug messages .SH "SEE ALSO" The full documentation for .B rnbyc is maintained as a Texinfo manual. If the .B info and .B rnbyc programs are properly installed at your site, the command .IP .B info rnbyc .PP should give you access to the complete manual.