The project comes with console commands.
They are available:
Available Commands
In the following example, we will call commands using ./jose.phar. If you need more information about a command, call the command with the option --help.
You can save the output in a file e.g. when you want to store a key or keyset in your local filesystem.
The following command will analyze the key passed as argument and find issues.
./jose.phar key:analyze '{"kty":"oct","k":"N2aIJSQCxTo"}'
The parameter "alg" should be added.
The parameter "use" should be added.
The parameter "kid" should be added.
The key length is less than 128 bits.
PKCS#1 Key Converter
This command will convert a RSA or EC key into PKCS#1 key.
The key loader commands will loader keys from various sources. The following options are available:
-u or --use: indicates the usage of the key (sig or enc): --use enc. This option is highly recommended.
-a or --alg: indicates the algorithm to be used with the key: --alg RSA-OAEP-256. This option is highly recommended.
Convert From PEM/DER Keys
This command can load and convert a DER/PEM key file into a JWK. It supports encrypted keys as well as PKCS#1 and PKCS#8 encodings or public/private keys.
./jose.phar key:load:key /path/to/file.pem "This is my secret to decrypt the key"
{"kty":"OKP","crv":"X25519","x":"TgTD7RS0KF3eU8HdTM6ACxu365uco3x2Cee9SBXiu2I","d":"BypCXV7KUai-zrwrdoAmgnHX6Kosw0sVpDVPwrXoNKY"}
Convert From PKCS#12 Keys
This command can load and convert a PKCS#12 key file into a JWK. It supports encrypted keys.
./jose.phar key:load:p12 /path/to/file.p12 "This is my secret to decrypt the key"
{"kty":"OKP","crv":"X25519","x":"TgTD7RS0KF3eU8HdTM6ACxu365uco3x2Cee9SBXiu2I","d":"BypCXV7KUai-zrwrdoAmgnHX6Kosw0sVpDVPwrXoNKY"}
Convert From A X.509 Certificate
This command can load and convert a X.509 key file into a JWK.
RSA keys generated by this framework are already optimized. This command may be needed when you import RSA keys from external sources.The optimization is not mandatory but highly recommended. cryptographic operations are up to 10 times faster.
This command has the same affect as key:convert:public except that it will convert all keys in the keyset. It has no effect on shared keys (e.g. oct keys).
The key set generator commands will generate key sets with random keys of the same type.
These commands have the same options as the key generator commands. The only difference is that you have to indicate the number of keys you want in the key set.