cli - A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

  •        27

step is a zero trust swiss army knife. It’s an easy-to-use and hard-to-misuse utility for building, operating, and automating systems that use zero trust technologies like authenticated encryption (X.509, TLS), single sign-on (OAuth OIDC, SAML), multi-factor authentication (OATH OTP, FIDO U2F), encryption mechanisms (JSON Web Encryption, NaCl), and verifiable claims (JWT, SAML assertions). For more information and docs see the step website and the blog post announcing step.

https://smallstep.com/cli
https://github.com/smallstep/cli

Tags
Implementation
License
Platform

   




Related Projects

jose-jwt - Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for

  •    CSharp

Minimallistic zero-dependency library for generating, decoding and encryption JSON Web Tokens. Supports full suite of JSON Web Algorithms as of July 4, 2014 version. JSON parsing agnostic, can plug any desired JSON processing library. Extensively tested for compatibility with jose.4.j, Nimbus-JOSE-JWT and json-jwt libraries.v2.1 and above added extra features support for .NET461+ and coming with 3 version of binaries (NET4, NET461 and netstandard1.4).

go-jose - An implementation of JOSE standards (JWE, JWS, JWT) in Go

  •    Go

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. This includes support for JSON Web Encryption, JSON Web Signature, and JSON Web Token standards.Disclaimer: This library contains encryption software that is subject to the U.S. Export Administration Regulations. You may not export, re-export, transfer or download this code or any part of it in violation of any United States law, directive or regulation. In particular this software may not be exported or re-exported in any form or on any media to Iran, North Sudan, Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any US maintained blocked list.

jose - :closed_lock_with_key: JSON Object Signing and Encryption library (JWT, JWS, JWE, JWA, JWK, JWKSet and more)

  •    PHP

The detached content is also supported.Unencoded payload is supported. This means you can sign and verify payload without base64 encoding operation. As per the RFC7797, the b64 header MUST be protected. When b64 header is set, the crit protected header with value b64 in its array of values is mandatory.

jose - A comprehensive set of JWT, JWS, and JWE libraries.

  •    Go

JOSE is a comprehensive set of JWT, JWS, and JWE libraries.The only other JWS/JWE/JWT implementations are specific to JWT, and none were particularly pleasant to work with.

python-jose - A JOSE implementation in Python

  •    Python

Docs are available on ReadTheDocs.The JavaScript Object Signing and Encryption (JOSE) technologies - JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) - collectively can be used to encrypt and/or sign content using a variety of algorithms. While the full set of permutations is extremely large, and might be daunting to some, it is expected that most applications will only use a small set of algorithms to meet their needs.


Apache Oltu - OAuth protocol implementation in Java

  •    Java

Apache Oltu is an OAuth protocol implementation in Java. It also covers others "OAuth family" related implementations such as JWT, JWS and OpenID Connect.

paseto - Platform-Agnostic Security Tokens

  •    PHP

Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards. What follows is a reference implementation. Requires PHP 7 or newer.

Cryptlib - provides Encryption and Authentication Service

  •    C

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

certificates - 🛡️ An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere

  •    Go

An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. For more information and docs see the Step website and the blog post announcing Step Certificate Authority.

s2n - an implementation of the TLS/SSL protocols from Amazon

  •    C

s2n is a C99 implementation of the TLS/SSL protocols that is designed to be simple, small, fast, and with security as a priority. s2n implements SSLv3, TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and 256-bit AES, in the CBC and GCM modes, 3DES, and RC4. For forward secrecy, s2n supports both DHE and ECDHE.

rustls - A modern TLS library in Rust

  •    Rust

Rustls is a modern TLS library written in Rust. It's pronounced 'rustles'. It uses ring for cryptography and libwebpki for certificate verification. It aims to provide a good level of cryptographic security, requires no configuration to achieve that security, and provides no unsafe features or obsolete cryptography.

jose - JSON Object Signing and Encryption library for PHP.

  •    PHP

This library provides a lightweight implementation of the JWS (JSON Web Signature) specification.This library needs PHP 5.5+ and the library OpenSSL.

forge - A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps

  •    Javascript

A native implementation of TLS (and various other cryptographic tools) in JavaScript. The Forge software is a fully native implementation of the TLS protocol in JavaScript, a set of cryptography utilities, and a set of tools for developing Web Apps that utilize many network resources.

TLS - Transport Layer Security protocol implementation in Python

  •    Python

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communication security over the Internet. This is an open source Python implementation of TLS 1.2, using the Python Cryptographic Authority's (PyCA's) Cryptography libraries for all cryptographic primitives (e.g. AES, RSA, etc.). This project is part of PyCA's efforts to standardize and improve crypto libraries in Python.

Conscrypt - Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension

  •    Java

Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographical primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK.The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt similar performance.

BouncyCastle - Lightweight Cryptography API for Java and CSharp

  •    Java

Bouncy Castle Crypto APIs is a lightweight cryptography API for Java and CSharp. It has provider for the Java Cryptography Extension and the Java Cryptography Architecture. It supports TLS, PKCS7, PKCS12, OpenPGP, S/MIME, OCSP, TSP, CMP, Extended Access Control, ASN and lot more.

play-pac4j - Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT

  •    Java

The play-pac4j project is an easy and powerful security library for Play framework v2 web applications which supports authentication and authorization, but also logout and advanced features like CSRF protection. It can work with Deadbolt. It's based on Play 2.6 (and Scala 2.11 or Scala 2.12) and on the pac4j security engine v3. It's available under the Apache 2 license. The LogoutController logs out the user from the application.

Search Guard - Elasticsearch plugin that offers encryption, authentication, and authorisation

  •    Java

Search Guard is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable authentication and authorization modules in addition. Search Guard is fully compatible with Kibana, Logstash and Beats.

OpenSSL - Toolkit for SSL and TLS

  •    C

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

jjwt - Java JWT: JSON Web Token for Java and Android

  •    Java

JJWT aims to be the easiest to use and understand library for creating and verifying JSON Web Tokens (JWTs) on the JVM.JJWT is a Java implementation based on the JWT, JWS, JWE, JWK and JWA RFC specifications.