Lianja
Lianja
Create JWK Set Containing Certificates
See more Certificates Examples
Demonstrates how to create a JWK Set containing N certificates.Chilkat Lianja Downloads
llSuccess = .F.
// This example creates the following JWK Set from two certificates:
// {
// "keys": [
// {
// "kty": "RSA",
// "use": "sig",
// "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
// "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
// "n": "nYf1jpn7cFdQ...9Iw",
// "e": "AQAB",
// "x5c": [
// "MIIDBTCCAe2...Z+NTZo"
// ]
// },
// {
// "kty": "RSA",
// "use": "sig",
// "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
// "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
// "n": "xHScZMPo8F...EO4QQ",
// "e": "AQAB",
// "x5c": [
// "MIIC8TCCAdmgA...Vt5432GA=="
// ]
// }
// ]
// }
// First get two certificates from files.
loCert1 = createobject("CkCert")
llSuccess = loCert1.LoadFromFile("qa_data/certs/brasil_cert.pem")
if (llSuccess = .F.) then
? loCert1.LastErrorText
release loCert1
return
endif
loCert2 = createobject("CkCert")
llSuccess = loCert2.LoadFromFile("qa_data/certs/testCert.cer")
if (llSuccess = .F.) then
? loCert2.LastErrorText
release loCert1
release loCert2
return
endif
// We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
loCrypt = createobject("CkCrypt2")
loJson = createobject("CkJsonObject")
// Let's begin with the 1st cert:
loJson.I = 0
loJson.UpdateString("keys[i].kty","RSA")
loJson.UpdateString("keys[i].use","sig")
lcHexThumbprint = loCert1.Sha1Thumbprint
lcBase64Thumbprint = loCrypt.ReEncode(lcHexThumbprint,"hex","base64")
loJson.UpdateString("keys[i].kid",lcBase64Thumbprint)
loJson.UpdateString("keys[i].x5t",lcBase64Thumbprint)
// (We're assuming these are RSA certificates)
// To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
loPubKey = createobject("CkPublicKey")
loCert1.GetPublicKey(loPubKey)
loPubKeyJwk = createobject("CkJsonObject")
loPubKeyJwk.Load(loPubKey.GetJwk())
loJson.UpdateString("keys[i].n",loPubKeyJwk.StringOf("n"))
loJson.UpdateString("keys[i].e",loPubKeyJwk.StringOf("e"))
// Now add the entire X.509 certificate
loJson.UpdateString("keys[i].x5c[0]",loCert1.GetEncoded())
// Now do the same for cert2..
loJson.I = 1
loJson.UpdateString("keys[i].kty","RSA")
loJson.UpdateString("keys[i].use","sig")
lcHexThumbprint = loCert2.Sha1Thumbprint
lcBase64Thumbprint = loCrypt.ReEncode(lcHexThumbprint,"hex","base64")
loJson.UpdateString("keys[i].kid",lcBase64Thumbprint)
loJson.UpdateString("keys[i].x5t",lcBase64Thumbprint)
loCert2.GetPublicKey(loPubKey)
loPubKeyJwk.Load(loPubKey.GetJwk())
loJson.UpdateString("keys[i].n",loPubKeyJwk.StringOf("n"))
loJson.UpdateString("keys[i].e",loPubKeyJwk.StringOf("e"))
// Now add the entire X.509 certificate
loJson.UpdateString("keys[i].x5c[0]",loCert2.GetEncoded())
// Emit the JSON..
loJson.EmitCompact = .F.
? loJson.Emit()
release loCert1
release loCert2
release loCrypt
release loJson
release loPubKey
release loPubKeyJwk