obsigil-cli 0.1.0

Command-line tool for the obsigil mandate-token format: mint, verify, open, forward, and the byte-level conformance ops

Size
Source code size: 56.04 kB This is the summed size of all the files inside the crates.io package for this release.
Links
obsigil/obsigil-rs
0 0 0
crates.io
Dependencies
Versions
- 0.1.0 (2026-06-17)
Owners

obsigil-cli-0.1.0 is not a library.

obsigil-cli

Command-line tool for the obsigil mandate-token format — a shared-secret JWT alternative. Installs an obsigil binary.

Install

cargo install obsigil-cli

Commands

High-level:

mint — mint a token from clauses (and an optional manifest)
verify — verify a token's mandate; prints the clauses as JSON, or exits 1
open-manifest — open a token's keyless, advisory manifest
forward — print the forwardable .0mandate form of a token

Byte-level conformance ops (spec §10):

seal / open — seal raw octets into a half ciphertext and back
parse — parse a token structurally to JSON

Keys are 128 hex characters, or the keywords manifest / mandate for the published test keys. Any token argument may be - to read from stdin.

Example

# Mint under the published `mandate` test key, then verify:
TOKEN=$(obsigil mint --key mandate --ttl 3600 --aud api --sub u1 \
          --fields '{"role":"admin"}')
obsigil verify "$TOKEN" --key mandate --audience api
# -> {"exp":...,"tid":"...","app":{"role":"admin"}, ...}

Exit codes

0 — success
1 — operation rejected (verify/open/parse failure — uniform, per spec §9.5)
2 — usage error

License

Licensed under either of

Apache License, Version 2.0 (LICENSE-APACHE)
MIT license (LICENSE-MIT)

at your option.