DataFlex
DataFlex
Create JWK Set Containing Certificates
See more Certificates Examples
Demonstrates how to create a JWK Set containing N certificates.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoCert1
Handle hoCert2
Handle hoCrypt
Handle hoJson
String sHexThumbprint
String sBase64Thumbprint
Variant vPubKey
Handle hoPubKey
Handle hoPubKeyJwk
String sTemp1
Move False To iSuccess
// This example creates the following JWK Set from two certificates:
// {
// "keys": [
// {
// "kty": "RSA",
// "use": "sig",
// "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
// "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
// "n": "nYf1jpn7cFdQ...9Iw",
// "e": "AQAB",
// "x5c": [
// "MIIDBTCCAe2...Z+NTZo"
// ]
// },
// {
// "kty": "RSA",
// "use": "sig",
// "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
// "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
// "n": "xHScZMPo8F...EO4QQ",
// "e": "AQAB",
// "x5c": [
// "MIIC8TCCAdmgA...Vt5432GA=="
// ]
// }
// ]
// }
// First get two certificates from files.
Get Create (RefClass(cComChilkatCert)) To hoCert1
If (Not(IsComObjectCreated(hoCert1))) Begin
Send CreateComObject of hoCert1
End
Get ComLoadFromFile Of hoCert1 "qa_data/certs/brasil_cert.pem" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert1 To sTemp1
Showln sTemp1
Procedure_Return
End
Get Create (RefClass(cComChilkatCert)) To hoCert2
If (Not(IsComObjectCreated(hoCert2))) Begin
Send CreateComObject of hoCert2
End
Get ComLoadFromFile Of hoCert2 "qa_data/certs/testCert.cer" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert2 To sTemp1
Showln sTemp1
Procedure_Return
End
// We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
If (Not(IsComObjectCreated(hoCrypt))) Begin
Send CreateComObject of hoCrypt
End
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
// Let's begin with the 1st cert:
Set ComI Of hoJson To 0
Get ComUpdateString Of hoJson "keys[i].kty" "RSA" To iSuccess
Get ComUpdateString Of hoJson "keys[i].use" "sig" To iSuccess
Get ComSha1Thumbprint Of hoCert1 To sHexThumbprint
Get ComReEncode Of hoCrypt sHexThumbprint "hex" "base64" To sBase64Thumbprint
Get ComUpdateString Of hoJson "keys[i].kid" sBase64Thumbprint To iSuccess
Get ComUpdateString Of hoJson "keys[i].x5t" sBase64Thumbprint To iSuccess
// (We're assuming these are RSA certificates)
// To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey
If (Not(IsComObjectCreated(hoPubKey))) Begin
Send CreateComObject of hoPubKey
End
Get pvComObject of hoPubKey to vPubKey
Get ComGetPublicKey Of hoCert1 vPubKey To iSuccess
Get Create (RefClass(cComChilkatJsonObject)) To hoPubKeyJwk
If (Not(IsComObjectCreated(hoPubKeyJwk))) Begin
Send CreateComObject of hoPubKeyJwk
End
Get ComGetJwk Of hoPubKey To sTemp1
Get ComLoad Of hoPubKeyJwk sTemp1 To iSuccess
Get ComStringOf Of hoPubKeyJwk "n" To sTemp1
Get ComUpdateString Of hoJson "keys[i].n" sTemp1 To iSuccess
Get ComStringOf Of hoPubKeyJwk "e" To sTemp1
Get ComUpdateString Of hoJson "keys[i].e" sTemp1 To iSuccess
// Now add the entire X.509 certificate
Get ComGetEncoded Of hoCert1 To sTemp1
Get ComUpdateString Of hoJson "keys[i].x5c[0]" sTemp1 To iSuccess
// Now do the same for cert2..
Set ComI Of hoJson To 1
Get ComUpdateString Of hoJson "keys[i].kty" "RSA" To iSuccess
Get ComUpdateString Of hoJson "keys[i].use" "sig" To iSuccess
Get ComSha1Thumbprint Of hoCert2 To sHexThumbprint
Get ComReEncode Of hoCrypt sHexThumbprint "hex" "base64" To sBase64Thumbprint
Get ComUpdateString Of hoJson "keys[i].kid" sBase64Thumbprint To iSuccess
Get ComUpdateString Of hoJson "keys[i].x5t" sBase64Thumbprint To iSuccess
Get pvComObject of hoPubKey to vPubKey
Get ComGetPublicKey Of hoCert2 vPubKey To iSuccess
Get ComGetJwk Of hoPubKey To sTemp1
Get ComLoad Of hoPubKeyJwk sTemp1 To iSuccess
Get ComStringOf Of hoPubKeyJwk "n" To sTemp1
Get ComUpdateString Of hoJson "keys[i].n" sTemp1 To iSuccess
Get ComStringOf Of hoPubKeyJwk "e" To sTemp1
Get ComUpdateString Of hoJson "keys[i].e" sTemp1 To iSuccess
// Now add the entire X.509 certificate
Get ComGetEncoded Of hoCert2 To sTemp1
Get ComUpdateString Of hoJson "keys[i].x5c[0]" sTemp1 To iSuccess
// Emit the JSON..
Set ComEmitCompact Of hoJson To False
Get ComEmit Of hoJson To sTemp1
Showln sTemp1
End_Procedure