Reading/Writing JSON Web Keys (JWK) in R

RSA / ECDSA keys

JSON Web Keys (JWK) is a format specified in RFC7517 for storing RSA/EC/AES keys in a JSON based format. It can be used to import/export such keys in the browser using the new W3C WebCryptoAPI.

The jose package makes it easy to read/write such keys in R for use with JWT or any other functionality from the openssl package.

library(openssl)

Linking to: OpenSSL 3.0.13 30 Jan 2024

library(jose)

# Generate a ECDSA key
key <- openssl::ec_keygen()
jsonlite::prettify(write_jwk(key))

{
    "kty": "EC",
    "crv": "P-256",
    "x": "zGnDvKnnzHM_CO2zbcbQdmnZ_PsQhgzwQUh68EkQVng",
    "y": "jtNH1AEiWrHVLxNfEEAZ7WfjvyqgDmdKq8jD3PYvKaQ",
    "d": "AmP-YcOTKiOXcJ98xA1n1aBR03BQR-OKJtiEYTzmlcI"
}
 

# Use public key
pubkey <- as.list(key)$pubkey
json <- write_jwk(pubkey)
jsonlite::prettify(json)

{
    "kty": "EC",
    "crv": "P-256",
    "x": "zGnDvKnnzHM_CO2zbcbQdmnZ_PsQhgzwQUh68EkQVng",
    "y": "jtNH1AEiWrHVLxNfEEAZ7WfjvyqgDmdKq8jD3PYvKaQ"
}
 

# Read JWK key
(out <- read_jwk(json))

[256-bit ecdsa public key]
md5: 9b795006f6341dee4c83e09d1ef7582f
sha256: 9668c634feb13501a68768bf2eba5e332f1d7498293c9bc931ca620cd9188f11

identical(pubkey, out)

[1] TRUE

AES/HMAC keys

JWT also specifies a format for encoding AES/HMAC secrets. Such secret keys are simply raw bytes.

# Random secret
(key <- rand_bytes(16))

 [1] 52 0d ae f8 0a e4 38 a0 84 8e f4 19 71 b5 6c 39

(jwk <- write_jwk(key))

{"kty":"oct","k":"Ug2u-ArkOKCEjvQZcbVsOQ"} 

read_jwk(jwk)

 [1] 52 0d ae f8 0a e4 38 a0 84 8e f4 19 71 b5 6c 39