Sample code for 30+ languages & platforms
Lianja

Get ETK Public Key (api-acpt.ehealth.fgov.be)

See more Belgian eHealth Platform Examples

The following URL returns JSON, which contains a PKCS7 signed data:
https://api-acpt.ehealth.fgov.be/etee/v1/etks?identifier=12345678901&type=SSIN

This example extracts the signed data, validates it, and then extracts the public key from the certificate (obtained from signed content in the PKCS7)

Note: The URL above uses "12345678901" which is not valid. You should replace it with a valid number.

Chilkat Lianja Downloads

Lianja
llSuccess = .F.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

loHttp = createobject("CkHttp")

lcJsonStr = loHttp.QuickGetStr("https://api-acpt.ehealth.fgov.be/etee/v1/etks?identifier=12345678901&type=SSIN")
if (loHttp.LastMethodSuccess = .F.) then
    ? loHttp.LastErrorText
    release loHttp
    return
endif

? lcJsonStr

// The JSON contains something like this:

// [
//     {
//         "key": {
//             "applicationIdentifier": "",
//             "ssin": "12345678901"
//         },
//         "value": "MIAGCSq....AAAAAAAA=="
//     }
// ]

// Note: The above is a JSON array (not a JSON object)
// It should be loaded into a Chilkat JSON array.
loJarr = createobject("CkJsonArray")
llSuccess = loJarr.Load(lcJsonStr)
if (llSuccess = .F.) then
    ? "Failed to load JSON."
    release loHttp
    release loJarr
    return
endif

loJson = loJarr.ObjectAt(0)
loBdPkcs7 = createobject("CkBinData")
loBdPkcs7.AppendEncoded(loJson.StringOf("value"),"base64")
release loJson

// Let's verify the PKCS7, and then examine the signing cert,
// and get the signing cert's public key.
loCrypt = createobject("CkCrypt2")

// Validate the signedData PKCS7, and replace the contents of bdPkcs7 with the extracted signed content.
llSuccess = loCrypt.OpaqueVerifyBd(loBdPkcs7)
if (llSuccess = .F.) then
    ? loCrypt.LastErrorText
    release loHttp
    release loJarr
    release loBdPkcs7
    release loCrypt
    return
endif

// The signed content is the DER of a certificate.
// In other words, bdPkcs7 now contains a certificate.
loCert = createobject("CkCert")
llSuccess = loCert.LoadFromBd(loBdPkcs7)
if (llSuccess = .F.) then
    ? loCert.LastErrorText
    release loHttp
    release loJarr
    release loBdPkcs7
    release loCrypt
    release loCert
    return
endif

// Show some certificate information:
? "Subject: " + loCert.SubjectDN
? "Serial: " + loCert.SerialNumber
? "Issuer: " + loCert.IssuerDN

// Let's get the cert's public key...
loPubKey = createobject("CkPublicKey")
loCert.GetPublicKey(loPubKey)

// OK, you now have the public key and can do whatever is needed..
? loPubKey.KeyType
? str(loPubKey.KeySize)


release loHttp
release loJarr
release loBdPkcs7
release loCrypt
release loCert
release loPubKey