JOSE-JWE-DEC(1)

NAME¶

jose-jwe-dec - Decrypts a JWE using the supplied JWKs

SYNOPSIS¶

jose jwe dec -i JWE [-I CT] -k JWK [-p] [-O PT]

OVERVIEW¶

The jose jwe dec command decrypts a JWE using one or more JWK (-k) or password (-p). Decryption succeeds if any key is able to perform decryption.

If the JWE is a detached JWE, meaning that the ciphertext is stored in binary form external to the JWE itself, the ciphertext can be loaded using the -I parameter.

Please note that, when specifying the -O option to output the plaintext, plaintext output begins before ciphertext validation. Therefore, you must check the return value of the command before using the data.

OPTIONS¶

•-i JSON, --input=JSON : Parse JWE from JSON

•-i FILE, --input=FILE : Read JWE from FILE

•-i -, --input=- : Read JWE from standard input

•-I FILE, --detached=FILE : Read decoded ciphertext from FILE

•-I -, --detached=- : Read decoded ciphertext from standard input

•-p, --password : Prompt for a decryption password, if necessary

•-k FILE, --key=FILE : Read JWK(Set) from FILE

•-k -, --key=- : Read JWK(Set) from standard input

•-O JSON, --detach=JSON : Parse JWE from JSON

•-O FILE, --detach=FILE : Read JWE from FILE

•-O -, --detach=- : Read JWE from standard input

EXAMPLES¶

Decrypt a JWE with a JWK:

$ jose jwe dec -i msg.jwe -k rsa.key -O msg.txt

Decrypt a JWE with a password:

$ jose jwe dec -i msg.jwe -p -O msg.txt
Please enter decryption password:

Decrypt a JWE with either of two JWKs:

$ jose jwe dec -i msg.jwe -k ec.jwk -k rsa.jwk -O msg.txt

AUTHOR¶

Nathaniel McCallum <npmccallum@redhat.com>

Source file:	jose-jwe-dec.1.en.gz (from jose 11-3.el9)
Source last updated:	2022-06-23 23:53:45
Converted to HTML:	2024-06-22 22:16:55