LogoLogo
ProductsCommunityGitHubShare Feedback
SSI Kit
SSI Kit
  • General
    • Introduction
    • Transition To The Community Stack
    • SSI Kit | Basics
      • Overview
      • Functionality
      • Components
    • SSI Kit
      • SSI Flavors & Ecosystems
        • Trust Registries
        • Keys
        • Decentralized Identifiers (DIDs)
        • Verifiable Credentials (VCs)
        • Data Exchange Protocols
      • Architecture
        • Low-Level Service Abstraction
        • Ecosystem Abstraction
        • High-Level Interfaces / APIs
      • Use Cases
      • Self-Sovereign Identity (SSI)
        • SSI | Basics
        • Technologies & Concepts
          • Registries
          • Decentralised Identifiers (DIDs)
          • Verifiable Credentials (VCs)
          • Verifiable Presentations (VPs)
          • Data Exchange (Protocols)
  • Getting started
    • Quick Start
    • REST API
      • Signatory API - For Issuers
      • Custodian API - For Holders
        • Key management
        • Did management
        • Credentials management
      • Auditor API - For Verifiers
      • Core API
        • Cryptographic keys
        • Decentralised-Identifiers
        • Verifiable-Credentials
      • API Serving Configs
    • Dependency (JVM)
      • Java Examples
      • Kotlin Examples
    • CLI | Command Line Interface
      • Key Management
      • Decentralized Identifiers
      • Verifiable Credentials
      • OpenID Connect (OIDC)
    • Building the Project
      • Docker Build
      • Local Build
    • Project Configurations
    • Demo
  • Ecosystems
    • EBSI
      • Basics
      • Use Cases & Flow Diagrams
      • Command line interface
        • DID Registration
      • REST API
      • Usage / examples
        • Onboarding & DIDs
        • Build end-to-end use cases
    • IOTA
      • OIDC4VP profile for Login-with-IOTA
      • Login With IOTA Demo
    • Velocity
      • Basics
        • Onboarding
        • Issuing
        • Inspection
      • Integration with SSIKit
      • Command line interface
        • Onboarding
        • Issuing
        • Inspection
    • cheqd
      • Integration architecture
      • Create DID
      • Issue VC
      • Verify VC
  • Tutorials
    • My First VC
    • Advanced VC
  • Concepts
    • Credential Templates
    • Verification Policies
      • Static Policies
      • Parameterized Policies
      • Dynamic/Custom Policies
        • Creating Dynamic Policies
        • Using Dynamic Policies
        • Removing Dynamic Policies
        • Dynamic Policies | Data Classes
    • Selective Disclosure
      • Intro
      • Issuing a SD-JWT Credential
      • Verifying a SD-JWT Credential
    • Credential Statuses
      • StatusList2021Entry
      • SimpleCredentialStatus2022
      • Issue credentials with credentialStatus
      • REST API
        • Check the status of a credential
        • Revoke a credential
      • CLI
        • Check the status of a credential
        • Revoke a credential
    • DID Web
    • Open Policy Agent (OPA)
      • Setup
    • OpenID Connect (OIDC)
      • Credential Issuance
        • OIDC4CI | Example
      • Presentation Exchange
        • OIDC4VP | Example
    • Delegation and Mandates
  • Community
    • Discord
    • Twitter
    • Newsletter
    • GitHub Discussions
  • DEVELOPER RELATIONS
    • Contribute
    • Roadmap
    • Share Feedback
    • Contact
  • Product Editions
    • Open Source | Always Free
    • Enterprise | Self-Managed
    • Cloud Platform | Managed
Powered by GitBook
On this page
  • Generate key
  • List keys
  • Import key
  • Export key
  • Delete key

Was this helpful?

Export as PDF
  1. Getting started
  2. CLI | Command Line Interface

Key Management

Key management functions like generation, listing, export/import, and deletion.

PreviousCLI | Command Line InterfaceNextDecentralized Identifiers

Last updated 1 month ago

Was this helpful?

SSI-Kit CLI key management commands can be accessed with the key command. It provides the following functionality:

  • - using gen command

  • - using list command

  • - using import command

  • - using export command

  • - using delete command

All commands have the help option available:

  • <your-command> -h

  • or <your-command> --help

E.g. key gen -h

Generate key

Use the gen command to create asymmetric key pair by the specified algorithm. Supported algorithms are:

  • RSA:

    • key gen -a RSA

    • or key gen --algorithm RSA

  • ECDSA Secp256k1:

    • key gen -a Secp256k1

    • or key gen --algorithm Secp256k1

  • EdDSA Ed25519 (default)

    • key gen

    • or key gen -a Ed25519

    • or key gen --algorithm Ed25519

The returned value represents the keyId of the newly created key.

E.g. key gen -a Secp256k1

List keys

Use the list command to list all keys in the key store:

  • key list

It will output the following fields:

  • key index - index within the list

  • keyId - key identification number

  • key algorithm - algorithm used to create the key

  • crypto service - the cryptographic service used to create the key

Import key

Use the import command to import a key in JWK or PEM format:

  • key import <your-key-file-path>

    • JWK - based on the JWK key ID and key material, an internal key object will be created and placed in the corresponding key store

    • PEM - if there's no key ID in the PEM file (which is usually the case), a random key ID will be generated and, based on the key material, an internal key object will be created and placed in the corresponding key store. PEM files must have the file extension 'pem':

      • RSA keys - file should contain either the private key or private and public keys concatenated with a 'new line' character

      • Ed25519, Secp256k1 - file should contain both private and public keys concatenated with a 'new line' character

E.g.

Ed25519 JWK public key

key import ./ed25519jwk.json

Secp256k1 PEM key

key import ./secp256k1.pem

Export key

Use the export command to export a specified key type with the specified id and format.

Available key type:

  • public (default):

    • key export <your-key-id>

    • or key export <your-key-id> --pub

  • private:

    • key export <your-key-id> --priv

Available export formats:

  • JWK (default):

    • key export <your-key-id>

    • or key export <your-key-id> -f JWK

    • or key export <your-key-id> --key-format JWK

  • PEM:

    • key export <your-key-id> -f PEM

    • key export <your-key-id> --key-format PEM

The output will display the exported key in the specified format.

E.g.

key export 17592087c6f04c358b9b813dbe2ef027 --pub -f PEM

key export 17592087c6f04c358b9b813dbe2ef027 --pub

key export 17592087c6f04c358b9b813dbe2ef027 --priv -f PEM

key export 17592087c6f04c358b9b813dbe2ef027 --priv

Delete key

Use the delete command to delete a key with the specified ID:

  • key delete <your-key-id>

E.g. key delete 17592087c6f04c358b9b813dbe2ef027

Generate key
List keys
Import key
Export key
Delete key
Generate key help command output
Generate Secp256k1 key command output
List keys command output
Ed25519 public key JWK input
JWK Ed25519 key import output
Secp256k1 key PEM input
PEM Secp256k1 key import output
Export output for PEM format public key
Export output for JWK format public key
Export output for PEM format private key
Export output for JWK format private key
Delete key output