create-keys v1.0.1
create-key
Terminal assistant to generate or read cryptographic keys. This utility was created out of frustration, as more time was spent Googling how to use openssl rather than getting things done. This utility is originally aimed to be used via npx, but it can also be used in NodeJS programs. It is not as powerful as openssl as it only support RSA and ECDSA ciphers. Thanks to npx, there is no need to install this utility, just make sure that npm > 5.2 is installed and then run:
npx create-keysThis command starts a terminal questionnaire that helps building the keys you need.
Currently, this package only supports the following:
- Ciphers: RSA or ECDSA
- Encoding: PCKS8 for private keys, PCKS1 for RSA public keys and SPKI for ECDSA public keys
- ECDSA curves: P-256 (prime256v1) and P-384 (secp384r1)
- Output formats: PEM and JWK
Table of contents
CLI
For any help with the CLI, use:
npx create-keys helpCreating new keys
npx create-keysConverting from one format to another
npx create-keys convert private.pemor
npx create-keys convert private.jsoncreate-keys automatically detectects the format (PEM vs JWK), the type (private vs public keys) and the cipher (RSA vs ECDSA).
Listing OpenID JWK public keys using an OpenID discovery endpoint
npx create-keys list https://accounts.google.com/.well-known/openid-configurationor
npx create-keys list https://www.googleapis.com/oauth2/v3/certscreate-keys supports both an OpenID discovery endpoint or the direct jwks_uri endpoint.
Converting OpenID JWK public keys to PEM files
npx create-keys convert https://accounts.google.com/.well-known/openid-configurationor
npx create-keys convert https://www.googleapis.com/oauth2/v3/certscreate-keys supports both an OpenID discovery endpoint or the direct jwks_uri endpoint.
Using it in Node
- Install:
npm i create-keys- In your code:
const { Keypair, Key } = require('create-keys')
const rsaKeypair = new Keypair({ cipher:'rsa', length:1024 })
const ecKeypair = new Keypair({ cipher:'ec', curve:'prime256v1' }) // supported curves: 'prime256v1' and 'secp384r1'
const main = async () => {
// Creates RSA key pair
const [rsaPemErrors, rsaPemKeys] = await rsaKeypair.to('pem')
const [rsaJwkErrors, rsaJwkKeys] = await rsaKeypair.to('jwk')
// Creates ECDSA key pair
const [ecPemErrors, ecPemKeys] = await ecKeypair.to('pem')
const [ecJwkErrors, ecJwkKeys] = await ecKeypair.to('jwk')
console.log('RSA PRIVATE PEM')
console.log(rsaPemKeys.private)
console.log('RSA PUBLIC PEM')
console.log(rsaPemKeys.public)
console.log('RSA PRIVATE JWK')
console.log(JSON.stringify(rsaJwkKeys.private, null, ' '))
console.log('RSA PUBLIC JWK')
console.log(JSON.stringify(rsaJwkKeys.public, null, ' '))
console.log('ECDSA PRIVATE PEM')
console.log(ecPemKeys.private)
console.log('ECDSA PUBLIC PEM')
console.log(ecPemKeys.public)
console.log('ECDSA PRIVATE JWK')
console.log(JSON.stringify(ecJwkKeys.private, null, ' '))
console.log('ECDSA PUBLIC JWK')
console.log(JSON.stringify(ecJwkKeys.public, null, ' '))
const [rsaPrivateJwkErros, rsaPrivateJwk] = new Key({ pem:rsaPemKeys.private }).to('jwk')
console.log('RSA PRIVATE PEM TO JWK')
console.log(JSON.stringify(rsaPrivateJwk, null, ' '))
const [ecPublicPemErrors, ecPublicPem] = new Key({ jwk:ecJwkKeys.public }).to('pem')
console.log('ECDSA PUBLIC JWK TO PEM')
console.log(ecPublicPem)
}
main()