Sample code for 30+ languages & platforms
Perl

Create JWK Set Containing Certificates

See more Certificates Examples

Demonstrates how to create a JWK Set containing N certificates.

Chilkat Perl Downloads

Perl
use chilkat();

$success = 0;

# This example creates the following JWK Set from two certificates:

# {
#   "keys": [
#     {
#       "kty": "RSA",
#       "use": "sig",
#       "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
#       "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
#       "n": "nYf1jpn7cFdQ...9Iw",
#       "e": "AQAB",
#       "x5c": [
#         "MIIDBTCCAe2...Z+NTZo"
#       ]
#     },
#     {
#       "kty": "RSA",
#       "use": "sig",
#       "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
#       "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
#       "n": "xHScZMPo8F...EO4QQ",
#       "e": "AQAB",
#       "x5c": [
#         "MIIC8TCCAdmgA...Vt5432GA=="
#       ]
#     }
#   ]
# }

# First get two certificates from files.
$cert1 = chilkat::CkCert->new();
$success = $cert1->LoadFromFile("qa_data/certs/brasil_cert.pem");
if ($success == 0) {
    print $cert1->lastErrorText() . "\r\n";
    exit;
}

$cert2 = chilkat::CkCert->new();
$success = $cert2->LoadFromFile("qa_data/certs/testCert.cer");
if ($success == 0) {
    print $cert2->lastErrorText() . "\r\n";
    exit;
}

# We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
$crypt = chilkat::CkCrypt2->new();

$json = chilkat::CkJsonObject->new();

# Let's begin with the 1st cert:
$json->put_I(0);
$json->UpdateString("keys[i].kty","RSA");
$json->UpdateString("keys[i].use","sig");

$hexThumbprint = $cert1->sha1Thumbprint();
$base64Thumbprint = $crypt->reEncode($hexThumbprint,"hex","base64");
$json->UpdateString("keys[i].kid",$base64Thumbprint);
$json->UpdateString("keys[i].x5t",$base64Thumbprint);

# (We're assuming these are RSA certificates)
# To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
$pubKey = chilkat::CkPublicKey->new();
$cert1->GetPublicKey($pubKey);

$pubKeyJwk = chilkat::CkJsonObject->new();
$pubKeyJwk->Load($pubKey->getJwk());
$json->UpdateString("keys[i].n",$pubKeyJwk->stringOf("n"));
$json->UpdateString("keys[i].e",$pubKeyJwk->stringOf("e"));

# Now add the entire X.509 certificate 
$json->UpdateString("keys[i].x5c[0]",$cert1->getEncoded());

# Now do the same for cert2..
$json->put_I(1);

$json->UpdateString("keys[i].kty","RSA");
$json->UpdateString("keys[i].use","sig");

$hexThumbprint = $cert2->sha1Thumbprint();
$base64Thumbprint = $crypt->reEncode($hexThumbprint,"hex","base64");
$json->UpdateString("keys[i].kid",$base64Thumbprint);
$json->UpdateString("keys[i].x5t",$base64Thumbprint);
$cert2->GetPublicKey($pubKey);

$pubKeyJwk->Load($pubKey->getJwk());
$json->UpdateString("keys[i].n",$pubKeyJwk->stringOf("n"));
$json->UpdateString("keys[i].e",$pubKeyJwk->stringOf("e"));

# Now add the entire X.509 certificate 
$json->UpdateString("keys[i].x5c[0]",$cert2->getEncoded());

# Emit the JSON..
$json->put_EmitCompact(0);
print $json->emit() . "\r\n";