|
|
(JavaScript) Compute JWK Thumbprint for RSA and EC Private Keys
Demonstrates how to compute a JSON Web Key thumbprint for a private key (RSA or ECC).
Note: This example requires Chilkat v9.5.0.66 or greater.
var success = false;
var privKey = new CkPrivateKey();
// A private key can be loaded from any format (binary DER, PEM, etc.)
// This example will load the private keys from PEM format,
// and will then compute the JWK thumbprint.
// First do it for this RSA private key...
var sbPem = new CkStringBuilder();
var bCrlf = true;
sbPem.AppendLine("-----BEGIN RSA PRIVATE KEY-----",bCrlf);
sbPem.AppendLine("Proc-Type: 4,ENCRYPTED",bCrlf);
sbPem.AppendLine("DEK-Info: DES-EDE3-CBC,2E65118E6C7B5207",bCrlf);
sbPem.AppendLine("",bCrlf);
sbPem.AppendLine("7cYUTW4ZBdmVZ4ILB08hcTdm5ib0E0zcy+I7pHpNQfJHtI7BJ4omys5S19ufJPBJ",bCrlf);
sbPem.AppendLine("IzYjeO7oTVqI37F6EUmjZqG4WVE2UQbQDkosZbZN82O4Ipu1lFAPEbwjqePMKufz",bCrlf);
sbPem.AppendLine("snSQHKfnbyyDPEVNlJbs19NXC8v6g+pQay5rH/I6N2iBxgsTmuemZ54EhNQMZyEN",bCrlf);
sbPem.AppendLine("R/CiheArWEH9H8/4hd2gc9Tb2s0MwGHILL4kbbNm5tp3xw4ik7OYWNrj3m+nG6Xb",bCrlf);
sbPem.AppendLine("vKXh2xEanAZAyMXTqDJTHdn7/CEqusQPJjZGV+Mf1kjKu7p4qcXFnIXP5ILnTW7b",bCrlf);
sbPem.AppendLine("lHoWC4eweDzKOMRzXmbABEVSUvx2SmPl4TcoC5L1SCAHEmZaKbaY7S5l53u6gl0f",bCrlf);
sbPem.AppendLine("ULuQbt7Hr3THznlNFKkGT1/yVNt2QOm1emZd55LaNe8E7XsNSlhl0grYQ+Ue8Jba",bCrlf);
sbPem.AppendLine("x85OapltVjxM9wVCwbgFyi04ihdKHo9e+uYKeTGKv0hU5O7HEH1ev6t/s2u/UG6h",bCrlf);
sbPem.AppendLine("TqEsYrVp0CMHpt5uAF6nZyK6GZ/CHTxh/rz1hADMofem59+e6tVtjnPGA3EjnJT8",bCrlf);
sbPem.AppendLine("BMOw/D2QIDxjxj2GUzz+YJp50ENhWrL9oSDkG2nzv4NVL77QIy+T/2/f4PgokUDO",bCrlf);
sbPem.AppendLine("QJjIfxPWE40cHGHpnQtZvEPoxP0H3T0YhmEVwuJxX3uaWOY/8Fa1c7Ln0SwWdfV5",bCrlf);
sbPem.AppendLine("gYvJV8o6c3sumcq1O3agPDlHC5O4IxG7AZQ8CHRDyASogzfkY6P579ZOGYaO4al7",bCrlf);
sbPem.AppendLine("WA1YIpsHs3/1f4SByMuWe0NVkFfvXckjpqGrBQpTmqQzk6baa0VQ0cwU3XlkwHac",bCrlf);
sbPem.AppendLine("WB/fQ4jylwFzZDcp5JAo53n6aU72zgNvDlGTNKwdXXZI5U3JPocH0AiZgFFWYJLd",bCrlf);
sbPem.AppendLine("63PJLDnjyE3i6XMVlxifXKkXVv0RYSz+ByS7Oz9aCgnQhNU8ycv+UxtfkPQih5zE",bCrlf);
sbPem.AppendLine("/0Y2EEFknajmFJpNXczzF8OEzaswmR0AOjcCiklZKRf61rf5faJxJhhqKEEBJuL6",bCrlf);
sbPem.AppendLine("oodDVRk3OGU1yQSBazT8nK3V+e6FMo3tWkra2BXFCD+pKxTy014Cp59S1w6F1Fjt",bCrlf);
sbPem.AppendLine("WX7eMWSLWfQ56j2kLMBHq5gb2arqlqH3fsYOTD3TNjCYF3Sgx309kVPuOK5vw61P",bCrlf);
sbPem.AppendLine("pnL/LN3iGY42WR+9lfAyNN2qj9zvwKwscyYs5+DPQoPmcPcVGc3v/u66bLcOGbEU",bCrlf);
sbPem.AppendLine("OlGa/6gdD4GCp5E4fP/7GbnEY/PW2abquFhGB+pVdl3/4+1U/8kItlfWNZoG4FhE",bCrlf);
sbPem.AppendLine("gjMd7glmrdFiNJFFpf5ks1lVXGqJ4mZxqtEZrxUEwciZjm4V27a+E2KyV9NnksZ6",bCrlf);
sbPem.AppendLine("xF4tGPKIPsvNTV5o8ZqjiacxgbYmr2ywqDXKCgpU/RWSh1sLapqSQqbH/w0MquUj",bCrlf);
sbPem.AppendLine("VhVX0RMYH/foKtjagZf/KO1/mnCITl86treIdachGgR4wr/qqMjrpPUaPLCRY3JQ",bCrlf);
sbPem.AppendLine("00XUP1Mu6YPE0SnMYAVxZheqKHly3a1pg4Xp7YWlM671oUORs3+VENfnbIxgr+2D",bCrlf);
sbPem.AppendLine("TiJT9PxwpfK53Oh7RBSWHJZRuAdLUXE8DG+bl0N/QkJM6pFUxTI1AQ==",bCrlf);
sbPem.AppendLine("-----END RSA PRIVATE KEY-----",bCrlf);
// The actual password for the above PEM is "passwd".
success = privKey.LoadEncryptedPem(sbPem.GetAsString(),"passwd");
if (success !== true) {
console.log(privKey.LastErrorText);
return;
}
// Generate the JWK thumbprint:
console.log("JWK thumbprint: " + privKey.GetJwkThumbprint("SHA256"));
// Output:
// JWK thumbprint: QzUpUAW1Y5iksGxq3r1o3JMROR6D7FLwvRlHmDQVg0I
// --------------------------------------------------------------
// Now let's do an EC private key. The following is an unencrypted PEM containing a 384-bit EC key..
sbPem.Clear();
sbPem.AppendLine("-----BEGIN PRIVATE KEY-----",bCrlf);
sbPem.AppendLine("MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAamStb0Xep3y3sWw2u",bCrlf);
sbPem.AppendLine("SSAdUPkgQ9Rvhlnx8XEVOYy2teh69T0on77ja02m03n8t8WhZANiAARUNSar38Rz",bCrlf);
sbPem.AppendLine("lKPyZFsNSGUanzpNRth0C+MikVEH8FAlDHMMpAs34dyF4IK0uxgbiEe9bQ+ieLrl",bCrlf);
sbPem.AppendLine("6xwFR0yaTivuwoyXC+ScGUnwnpaXmid6UUgw4ypbneHsaKuZ9JLdMAo=",bCrlf);
sbPem.AppendLine("-----END PRIVATE KEY-----",bCrlf);
success = privKey.LoadPem(sbPem.GetAsString());
if (success !== true) {
console.log(privKey.LastErrorText);
return;
}
// Generate the JWK thumbprint:
console.log("JWK thumbprint: " + privKey.GetJwkThumbprint("SHA256"));
// Output:
// JWK thumbprint: ABAUUfNSONFsZYvZ_o_0bsPT3qeG3jttXB09VC_ETWQ
|
