JSON Web Keys (JWK) is a format specified in RFC7517 for storing RSA/EC/AES keys in a JSON based format. It can be used to import/export such keys in the browser using the new W3C WebCryptoAPI.
The jose package makes it easy to read/write such keys
in R for use with JWT or any other functionality from the
openssl package.
library(openssl)Linking to: OpenSSL 3.5.4 30 Sep 2025library(jose)
# Generate a ECDSA key
key <- openssl::ec_keygen()
jsonlite::prettify(write_jwk(key)){
"kty": "EC",
"crv": "P-256",
"x": "SqYmu8Pxd8dIXaWhMhGwXp_Wgix-v9Hq3dfqDdEr2n8",
"y": "L60T0j9iR8MLOIfZbVC3ALekaBikS-bw5I5d7izmsbE",
"d": "Cf7A82jOEaDIjdcGt12HOF03hVQRQKQhki14RGs_uyc"
}
# Use public key
pubkey <- as.list(key)$pubkey
json <- write_jwk(pubkey)
jsonlite::prettify(json){
"kty": "EC",
"crv": "P-256",
"x": "SqYmu8Pxd8dIXaWhMhGwXp_Wgix-v9Hq3dfqDdEr2n8",
"y": "L60T0j9iR8MLOIfZbVC3ALekaBikS-bw5I5d7izmsbE"
}
# Read JWK key
(out <- read_jwk(json))[256-bit ecdsa public key]
md5: 3841de58d1a74390732276613f1dee64
sha256: e6c4a1f155b915517250940a43e345386e0ffccff094bb90edf9d521f0258958identical(pubkey, out)[1] TRUEJWT also specifies a format for encoding AES/HMAC secrets. Such secret keys are simply raw bytes.
# Random secret
(key <- rand_bytes(16)) [1] bc fb 0e b3 62 02 8b cd 76 0f c5 60 59 6d cb 97(jwk <- write_jwk(key)){"kty":"oct","k":"vPsOs2ICi812D8VgWW3Llw"} read_jwk(jwk) [1] bc fb 0e b3 62 02 8b cd 76 0f c5 60 59 6d cb 97