README.md
1# JWK Key Generator
2
3The `jwk-keygen` command line utility generates keypairs used for asymmetric
4encryption and signing algorithms in JSON Web Key (JWK) format.
5
6## Usage
7
8The utility requires specification of both desired algorithm (`alg`) and key
9usage (`use`) to remind that same keypair should never be used both for
10encryption and signing.
11
12Algorithms are selected via the `--alg` flag, which influence the `alg` header.
13For JWE (`--use=enc`), `--alg` specifies the key management algorithm (e.g.
14`RSA-OAEP`). For JWS (`--use=sig`), `--alg` specifies the signature algorithm
15(e.g. `PS256`).
16
17Output file is determined by specified usage, algorithm and Key ID, e.g.
18`jwk-keygen --use=sig --alg=RS512 --kid=test` produces files
19`jwk_sig_RS512_test` and `jwk_sig_RS512_test.pub`. Keys are sent to stdout when
20no Key ID is specified: neither pre-defined nor random one.
21
22## Examples
23
24### RSA 2048
25
26Generate RSA/2048 key for encryption and output to stdout.
27
28 jwk-keygen --use enc --alg RSA-OAEP
29
30### Custom key length
31
32Generate RSA/4096 key for signing and store to files.
33
34 jwk-keygen --use sig --alg RS256 --bits 4096 --kid test
35
36