'\" t
.\"     Title: jose-jwk-gen
.\"    Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
.\"      Date: 07/06/2024
.\"    Manual: \ \&
.\"    Source: \ \&
.\"  Language: English
.\"
.TH "JOSE\-JWK\-GEN" "1" "07/06/2024" "\ \&" "\ \&"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
jose-jwk-gen \- Creates a random JWK for each input JWK template
.SH "SYNOPSIS"
.sp
\fBjose jwk gen\fR \-i JWK [\-o JWK]
.SH "OVERVIEW"
.sp
The \fBjose jwk gen\fR command generates a key from one or more JWK(Set) templates\&. If a single template is given as input, a single JWK will be output\&. However, if multiple templates are given as input, a single JWKSet will be output containing all the keys\&.
.sp
The best way to generate a key is to specify the algorithm it will be used with in the "alg" property of the JWK template\&. This method should be preferred since, when generating from an algorithm, an appropriate "key_ops" parameter will be emitted automatically\&. Further, having a JWK with the algorithm already specified will assist algorithm inference when encrypting or signing\&.
.sp
Alternatively, you can generate a key by specifying its key type ("kty") JWK property, along with the required type\-specific generation parameter\&. See the examples below for how to do this for each key type\&. If the type\-specific generation parameter is non\-standard (for example: "bytes" and "bits"), it will be removed excluded from the output\&.
.SH "OPTIONS"
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-i\fR
\fIJSON\fR,
\fB\-\-input\fR=\fIJSON\fR
: Parse JWK(Set) template from JSON
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-i\fR
\fIFILE\fR,
\fB\-\-input\fR=\fIFILE\fR
: Read JWK(Set) template from FILE
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-i\fR
\-,
\fB\-\-input\fR=\- : Read JWK(Set) template from standard input
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-o\fR
\fIFILE\fR,
\fB\-\-output\fR=\fIFILE\fR
: Write JWK(Set) to FILE
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-o\fR
\-,
\fB\-\-output\fR=\- : Write JWK(Set) to standard input
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
\fB\-s\fR,
\fB\-\-set\fR
: Always output a JWKSet
.RE
.SH "EXAMPLES"
.sp
Generate three keys, each targeting a different algorithm:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jwk gen \-i \*(Aq{"alg":"HS256"}\*(Aq \-o oct\&.jwk
$ jose jwk gen \-i \*(Aq{"alg":"RS256"}\*(Aq \-o rsa\&.jwk
$ jose jwk gen \-i \*(Aq{"alg":"ES256"}\*(Aq \-o ec\&.jwk
.fi
.if n \{\
.RE
.\}
.sp
Generate three keys using key parameters rather than algorithms:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jwk gen \-i \*(Aq{"kty":"oct","bytes":32}\*(Aq \-o oct\&.jwk
$ jose jwk gen \-i \*(Aq{"kty":"RSA","bits":4096}\*(Aq \-o rsa\&.jwk
$ jose jwk gen \-i \*(Aq{"kty":"EC","crv":"P\-256"}\*(Aq \-o ec\&.jwk
.fi
.if n \{\
.RE
.\}
.sp
Create multiple keys at once using a JWKSet template:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jwk gen \e
  \-i \*(Aq{"keys":[{"alg":"HS256"},{"alg":"ES256"}]}\*(Aq \e
  \-o keys\&.jwkset
.fi
.if n \{\
.RE
.\}
.sp
Create multiple keys at once using multiple JWK templates:
.sp
.if n \{\
.RS 4
.\}
.nf
$ jose jwk gen \e
  \-i \*(Aq{"alg":"HS256"}\*(Aq \e
  \-i \*(Aq{"alg":"ES256"}\*(Aq \e
  \-o keys\&.jwkset
.fi
.if n \{\
.RE
.\}
.SH "AUTHOR"
.sp
Nathaniel McCallum <npmccallum@redhat\&.com>
.SH "SEE ALSO"
.sp
\fBjose\-alg\fR(1), \fBjose\-jwe\-dec\fR(1), \fBjose\-jwe\-enc\fR(1), \fBjose\-jwk\-exc\fR(1), \fBjose\-jwk\-pub\fR(1), \fBjose\-jwk\-thp\fR(1), \fBjose\-jwk\-use\fR(1), \fBjose\-jws\-sig\fR(1), \fBjose\-jws\-ver\fR(1),