PEM ⇄ JWK converter
Paste a key in either format — the direction is detected automatically. RSA, EC (P-256/P-384/P-521) and Ed25519; public and private keys.
This tool is deliberately different from the others: it runs entirely in your browser (WebCrypto). Keys — including private ones — are never sent anywhere.
Result
Supported forms
PEM input must be PUBLIC KEY (SPKI) or PRIVATE KEY (PKCS#8) —
the modern OpenSSL defaults. Legacy RSA PRIVATE KEY / EC PRIVATE
KEY / OPENSSH PRIVATE KEY blocks aren't importable by WebCrypto;
re-wrap them first with
openssl pkey -in old.pem -out pkcs8.pem.
Often you don't need this at all
use K2gl\Dsse\PublicKey;
// The k2gl packages accept either form directly — often you don't need
// to convert at all:
$verifier = PublicKey::fromPem($pem);
$verifier = PublicKey::fromJwk($jwk); k2gl/dsse (and everything built on it — SD-JWT verification included) takes PEM and JWK interchangeably.