how to generate pair of keys?

[Alexsey]

The JWK.generate function can be used to generate private OR public key depends on the last parameter. Is there a way to generate a pair of private AND public keys?

I'm not strong in cryptography, but I can not even imagine how public key may be useful by its own and what is the difference between a single private key and symmetric key

[big-kahuna-burger]

You have that already.

If you do something like:

const fs = require('fs')
const path = require('path')
const jose = require('@panva/jose')

const keystore = new jose.JWKS.KeyStore()
const jwkPrivateFilePath = path.resolve('private.json')
const jwkPublicFilePath = path.resolve('public.json')
keystore.generate('RSA', 2048, { use: 'sig' })
  .then(() => {
    fs.writeFileSync(
      jwkPrivateFilePath,
      JSON.stringify(keystore.toJWKS(true), null, 2)
    )
    fs.writeFileSync(
      jwkPublicFilePath,
      JSON.stringify(keystore.toJWKS(false), null, 2)
    )
  })

Turning point is keystore.toJWKS(param) where param is determining if other values will be exported.
Public part only consists of: "e", "n", "kty", "kid", "use"
See tests 3.3 and 3.4 of this library.
Have fun ;)

[panva]

I'm not strong in cryptography, but I can not even imagine how public key may be useful by its own

I don't know either that's why generating private is the default.

Is there a way to generate a pair of private AND public keys?

You just generate the private one, all private keys contain or are able to derive its public counterpart.

const j = require('@panva/jose');

const jwk = j.JWK.generateSync('EC');

console.log(`JWK private\n`, jwk.toJWK(true));
console.log(`JWK public\n`, jwk.toJWK());

console.log(`PEM private\n`, jwk.toPEM(true));
console.log(`PEM public\n`, jwk.toPEM());

> console.log(`JWK private\n`, jwk.toJWK(true));
JWK private 
{
  crv: 'P-256',
  x: 'o5D2ZC1-ObZWkle_8phaWmGSL_iA_tMPKSK345bF4vM',
  y: 'fZkBVzBhUL1xVBJtCXuc8hxuI7tBYvXUhIGcUl7qYNg',
  d: 'M8hmaP2eOixdq_ROVyFaSUMxqVxK42rExXtvgfHJzBY',
  kty: 'EC',
  kid: 'F3bJJkAA6mW1uvfjEEBo0-4pwnwYgc1VtUOW12XrFU4'
}

> console.log(`JWK public\n`, jwk.toJWK());
JWK public 
{
  crv: 'P-256',
  x: 'o5D2ZC1-ObZWkle_8phaWmGSL_iA_tMPKSK345bF4vM',
  y: 'fZkBVzBhUL1xVBJtCXuc8hxuI7tBYvXUhIGcUl7qYNg',
  kty: 'EC',
  kid: 'F3bJJkAA6mW1uvfjEEBo0-4pwnwYgc1VtUOW12XrFU4'
}

> 
> console.log(`PEM private\n`, jwk.toPEM(true));
PEM private
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgM8hmaP2eOixdq/RO
VyFaSUMxqVxK42rExXtvgfHJzBahRANCAASjkPZkLX45tlaSV7/ymFpaYZIv+ID+
0w8pIrfjlsXi832ZAVcwYVC9cVQSbQl7nPIcbiO7QWL11ISBnFJe6mDY
-----END PRIVATE KEY-----


> console.log(`PEM public\n`, jwk.toPEM());
PEM public
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEo5D2ZC1+ObZWkle/8phaWmGSL/iA
/tMPKSK345bF4vN9mQFXMGFQvXFUEm0Je5zyHG4ju0Fi9dSEgZxSXupg2A==
-----END PUBLIC KEY-----

[big-kahuna-burger]

I don't know either that's why generating private is the default.

This ☝️ !

[Alexsey]

@panva @big-kahuna-burger thank you for answering so fast! Now I can see how to use it :)