(JavaScript) Load a JWK Set into a JCEKS (Convert JWK Set to JCEKS)

Demonstrates how to convert JSON Web Key Sets to JCEKS format.

This example uses the JWK sample files that you may download from Sample JWK Sets

This example requires Chilkat v9.5.0.66 or greater.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

var jceks = new CkJavaKeyStore();

// First load the following JWK Set (found in secretKeys.json)

// { 
//   "keys": [
//     { 
//       "kty": "oct",
//       "alg": "AES",
//       "k": "vHekQQB0Gc1NvppapUTW2g",
//       "kid": "my aes key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "BLOWFISH",
//       "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
//       "kid": "my blowfish key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "HMAC_SHA256",
//       "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
//       "kid": "my hmac key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "CHACHA",
//       "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
//       "kid": "my chacha20 key"
//     }
//   ]
// }

var jwkSet = new CkJsonObject();
success = jwkSet.LoadFile("qa_data/jwk/secretKeys.json");
if (success !== true) {
    console.log(jwkSet.LastErrorText);
    return;
}

// The password is applied to each of the keys in the set.
// (It is the password that will be required to access the item after the JCEKS is opened.)
var password = "secret";
success = jceks.LoadJwkSet(password,jwkSet);
if (success !== true) {
    console.log(jceks.LastErrorText);
    return;
}

// Write the JCEKS to a file, then examine with a tool such as the KeyStore Explorer
// to verify that all is OK.  (The "kid" becomes the alias of each key.)
var filePassword = "secret2";
success = jceks.ToFile(filePassword,"qa_output/secretKeys.jceks");
if (success !== true) {
    console.log(jceks.LastErrorText);
    return;
}

// -------------------------------------------------------------------------
// Now load a JWK Set that contains one ECC private key (and certs)
// This is the JSON that is loaded from ecc_jwkset.json:

// { 
//   "keys": [
//     { 
//       "kty": "EC",
//       "crv": "P-384",
//       "x": "uB62JGMJKXnp1PNsOOIYKGhrzfLev3O-UuthL6UzEqNNDTd8dEYMUQP_DTS3qk98",
//       "y": "gyQEFxdmZUsPF0fFokkZZ1cV6z7QD3MsPvSjrBzB0GUB3r8CLnDK_F4pF2Q995hr",
//       "d": "ugTy2ZpuQqv1uQyLSgz1SPRvngzrd5vLyzU2ICaJd25zZRIxxlNR-uFo9UWC6llt",
//       "kid": "my_ecc_key",
//       "x5c": [
//         "MIICzjCCAlOgAwIBAgIETULS8zAKBggqhkjOPQQDAzBtMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEfMB0GA1UECxMWRm9yIFRlc3QgUHVycG9zZXMgT25seTElMCMGA1UEAxMcRW50cnVzdCBFQ0MgRGVtb25zdHJhdGlvbiBDQTAeFw0xNjAzMTgxMjM5MzFaFw0xNjA1MTcxMzA5MzFaMFgxHzAdBgNVBAsTFkZvciBUZXN0IFB1cnBvc2VzIE9ubHkxHTAbBgNVBAsTFFBlcnNvbmEgTm90IFZlcmlmaWVkMRYwFAYDVQQDEw1DaGlsa2F0IEFkbWluMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEuB62JGMJKXnp1PNsOOIYKGhrzfLev3O+UuthL6UzEqNNDTd8dEYMUQP/DTS3qk98gyQEFxdmZUsPF0fFokkZZ1cV6z7QD3MsPvSjrBzB0GUB3r8CLnDK/F4pF2Q995hro4HYMIHVMA4GA1UdDwEB/wQEAwIDiDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5lbnRydXN0LmNvbS9DUkwvZWNjZGVtby5jcmwwIAYDVR0RBBkwF4EVYWRtaW5AY2hpbGthdHNvZnQuY29tMB8GA1UdIwQYMBaAFCQFS+Fkghr4Ccz7eHkh+nDmkzLqMB0GA1UdDgQWBBTB82fmvrdG2iX5uS/agVW3L4DisjAJBgNVHRMEAjAAMAoGCCqGSM49BAMDA2kAMGYCMQCHILghMprWoYPEp9mCE+tpVE7vYwkFV3m0RDzT2BSUezL8Ky78XNk+XPqSB2biT70CMQDCase1oaPY4AxCmjB+rEB1ir+QS8mrtF+iCSqHVv1aIxT6abQL57BZSdvwIm/TT8o=",
//         "MIICljCCAhugAwIBAgIETUHhezAKBggqhkjOPQQDAzBtMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEfMB0GA1UECxMWRm9yIFRlc3QgUHVycG9zZXMgT25seTElMCMGA1UEAxMcRW50cnVzdCBFQ0MgRGVtb25zdHJhdGlvbiBDQTAeFw0xMTAxMjcyMDQ5NTRaFw0zNjAxMjcyMTE5NTRaMG0xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMR8wHQYDVQQLExZGb3IgVGVzdCBQdXJwb3NlcyBPbmx5MSUwIwYDVQQDExxFbnRydXN0IEVDQyBEZW1vbnN0cmF0aW9uIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhCWBpuJuzvRtQyibkcbCj7EkcwAqS2EqRQ/QntroTdRM2SssEN4TruTxtwcY/7lR64L6Tfjz3+ujrfjNFss3EWVpUlbOJ+xHC3xHPteNyAGZtHbZO3tVuhP6yX6dFqCCo4GLMIGIMCsGA1UdEAQkMCKADzIwMTEwMTI3MjA0OTU0WoEPMjAzNjAxMjcyMTE5NTRaMAsGA1UdDwQEAwIBBjAfBgNVHSMEGDAWgBQkBUvhZIIa+AnM+3h5Ifpw5pMy6jAdBgNVHQ4EFgQUJAVL4WSCGvgJzPt4eSH6cOaTMuowDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAwNpADBmAjEAyAhA70OIb6lbfN6kOTQloHyCLmihNK+PT5wOuaMR//KSQP2c/H18YhDYnlwMxF9fAjEA0URaJOXMF0qwdvS2rm7N5PWMLc/4BbeOZyZ94XJiG5u96iTgp6N9JI0MMmCQE87N"
//       ]
//     }
//   ]
// }

success = jwkSet.LoadFile("qa_data/jwk/ecc_jwkset.json");
if (success !== true) {
    console.log(jwkSet.LastErrorText);
    return;
}

password = "secret";
success = jceks.LoadJwkSet(password,jwkSet);
if (success !== true) {
    console.log(jceks.LastErrorText);
    return;
}

filePassword = "secret2";
success = jceks.ToFile(filePassword,"qa_output/ecc.jceks");
if (success !== true) {
    console.log(jceks.LastErrorText);
    return;
}

console.log("Success.");