Skip to content

How to generate JWT RS256 key and JWKS

Dmitry Viskov edited this page Mar 6, 2020 · 3 revisions
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
# Don't add passphrase
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pub
cat jwtRS256.key
cat jwtRS256.key.pub

(Taken from https://gist.github.com/ygotthilf/baa58da5c3dd1f69fae9)

You may do the same using Python and pycryptodome library:

from Crypto.PublicKey import RSA

key = RSA.generate(4096)
private_key = key.exportKey()
public_key = key.publickey().exportKey()

Convert Public Key to JWKS using Python and jwcrypto library:

import json
from jwcrypto.jwk import JWK

f = open("jwtRS256.key.pub", "r")
public_key = f.read()
f.close()

jwk_obj = JWK.from_pem(public_key.encode('utf-8'))
public_jwk = json.loads(jwk_obj.export_public())
public_jwk['alg'] = 'RS256'
public_jwk['use'] = 'sig'
public_jwk_str = json.dumps(public_jwk)
print(public_jwk_str)
Clone this wiki locally