Skip to content
/ rsa2jwk Public

Converts Single or Multiple RSA pem (PKCS1/PKCS8 serializaed as "AQAB") to JWK Private and Public sets (json files). RSA private key could be generated using openssl like `openssl genrsa -out private-key.pem 2048`.

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

serg-kovalev/rsa2jwk

BranchesTags

Repository files navigation

rsa2jwk

GitHub version MIT License Go Report Card CI CodeQL Maintainability

Overview

Converts Single or Multiple RSA pem (PKCS1/PKCS8 serialized as "AQAB") to JWK Private and Public sets (json files).

RSA private key could be generated using openssl like openssl genrsa -out private-key.pem 2048

Download the latest release

Please find the latest release here

Build

go build

CLI Usage

Usage: rsa2jwk [-a] DIR

Converts Single or Multiple RSA pem to JWK Private and Public sets (json files)

Arguments:
  DIR          Directory where to lookup PEM files (default ".")

Options:
  -a, --alg    Algorithm to use for the JWK keys (default "RS256")

It supports the following algorithms:

  • RS256
  • RS384
  • RS512

The tool verifies the private key size according to specification in RFC 7518. Specifically, section 6.3.1 of the RFC defines the required key sizes for each algorithm as follows:

  • RS256: The key size MUST be 2048 bits or larger
  • RS384: The key size MUST be 3072 bits or larger
  • RS512: The key size MUST be 4096 bits or larger

CLI Usage Example

rsa2jwk tmp
# Output:
#                                        Kid	Filename
#5lUPIy6kHHaYBpTQscwg15UCR39O1zyWJG6neFG2bTk	tmp/test.pem

W/o headers:

rsa2jwk tmp | tail -n 1
#5lUPIy6kHHaYBpTQscwg15UCR39O1zyWJG6neFG2bTk	tmp/test.pem

In the specified folder you will find two newly generated files:

  • rsa2jwk_jwkPrivate.json
  • rsa2jwk_jwkPublic.json
cat tmp/rsa2jwk_jwkPublic.json | jq

Output:

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "5lUPIy6kHHaYBpTQscwg15UCR39O1zyWJG6neFG2bTk",
      "alg": "RS256",
      "n": "16ClrRqxEX_73X0VTzOmoGpuOnNqHb425CyyAaoAWcoqMR1sFNOnrPeEzhRbJfDJ5SIQLCUzLIwxsWtiDxZnHS7D9BahtXCBwfokXkAZFDcyJPxEluV1I5VHyl-3uDuoLll2EkBd3v5AfXjwdPDmvVr9ugV52u5VSGr-j630dtzpc47QB9EgGN_RlQGGPQusJ3uEFy0k3ivDgsFbmZCUdfZFNfm30NjxIwBIzeTdWKdsSrwok7rla1TuveuaUjt-HBjImHHH47ocJq78OlAdJh5Mh2BRBHRwWvIJIChQ-MK-jJoef1u0Su15U4CsfWk7Dw7XbBOw9jdyOjuNNO50Dw"
    }
  ]
}

Package

To use this program as a package, you can simply import it into another Go file and call the functions in the same way they are called in the main function. For example:

import "github.com/serg-kovalev/rsa2jwk"

// ...

filePaths, err := rsa2jwk.LookupPemFiles(dir)
if err != nil {
	log.Fatal(err)
}

jwkPriv, err := rsa2jwk.RsaPemToJwk(filePaths[0], "RS256")
if err != nil {
	log.Fatal(err)
}

err = rsa2jwk.MarshalAndSave(jwkPriv, "jwk.json")
if err != nil {
	log.Fatal(err)
}

Contributing

Contributing

Code of Conduct

Code of Conduct

About

Converts Single or Multiple RSA pem (PKCS1/PKCS8 serializaed as "AQAB") to JWK Private and Public sets (json files). RSA private key could be generated using openssl like `openssl genrsa -out private-key.pem 2048`.

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 23

v0.7.13 Latest
Nov 25, 2024
+ 22 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages