PowerShell
PowerShell
Create a JWS Using ECDSA P-256 SHA-256
See more JSON Web Signatures (JWS) Examples
Creates and validates a JSON Web Signature (JWS) that uses ECDSA P-256 SHA-256Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Note: This example requires Chilkat v9.5.0.66 or greater.
# Use the following ECC key loaded from JWK format.
$sbJwk = New-Object Chilkat.StringBuilder
$sbJwk.Append("{`"kty`":`"EC`",")
$sbJwk.Append("`"crv`":`"P-256`",")
$sbJwk.Append("`"x`":`"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU`",")
$sbJwk.Append("`"y`":`"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0`",")
$sbJwk.Append("`"d`":`"jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI`"")
$sbJwk.Append("}")
$eccKey = New-Object Chilkat.PrivateKey
# Note: This example loads the ECDSA key from JWK format. Any format can be loaded
# into the private key object. (See the online reference documentation..)
$success = $eccKey.LoadJwk($sbJwk.GetAsString())
if ($success -eq $false) {
$($eccKey.LastErrorText)
exit
}
# Create the JWS Protected Header
$jwsProtHdr = New-Object Chilkat.JsonObject
$jwsProtHdr.AppendString("alg","ES256")
$jws = New-Object Chilkat.Jws
# Set the protected header:
$signatureIndex = 0
$jws.SetProtectedHeader($signatureIndex,$jwsProtHdr)
# Set the ECC key:
$jws.SetPrivateKey($signatureIndex,$eccKey)
# Set the payload.
$bIncludeBom = $false
$payloadStr = "In our village, folks say God crumbles up the old moon into stars."
$jws.SetPayload($payloadStr,"utf-8",$bIncludeBom)
# Create the JWS
# By default, the compact serialization is used.
$jwsCompact = $jws.CreateJws()
if ($jws.LastMethodSuccess -eq $false) {
$($jws.LastErrorText)
exit
}
$("JWS: " + $jwsCompact)
# Note: ECC signatures use random values, so the output will be different each time a signature is produced.
# sample output:
# JWS: eyJhbGciOiJFUzI1NiJ9.SW4gb3VyIHZpbGxhZ2UsIGZvbGtzIHNheSBHb2QgY3J1bWJsZXMgdXAgdGhlIG9sZCBtb29uIGludG8gc3RhcnMu.J6EGTNkeuEjehHHBu0SOKzifm8r35wbx49A5964pxzB7gannyZZPMkK7vmlaPJ-K8Xmm8cZsQySAPC12Xd8avw
# Now load the JWS, validate, and recover the original text.
$jws2 = New-Object Chilkat.Jws
# Load the JWS.
$success = $jws2.LoadJws($jwsCompact)
$eccPubKey = New-Object Chilkat.PublicKey
$eccKey.ToPublicKey($eccPubKey)
# Set the ECC public key used for validation.
$signatureIndex = 0
$jws2.SetPublicKey($signatureIndex,$eccPubKey)
# Validate the 1st (and only) signature at index 0..
$v = $jws2.Validate($signatureIndex)
if ($v -lt 0) {
# Perhaps Chilkat was not unlocked or the trial expired..
$("Method call failed for some other reason.")
$($jws2.LastErrorText)
exit
}
if ($v -eq 0) {
$("Invalid signature. The ECC key was incorrect, the JWS was invalid, or both.")
exit
}
# If we get here, the signature was validated..
$("Signature validated.")
# Recover the original content:
$($jws2.GetPayload("utf-8"))
# Examine the protected header:
$joseHeader = New-Object Chilkat.JsonObject
$jws2.GetProtectedH($signatureIndex,$joseHeader)
$joseHeader.EmitCompact = $false
$("Protected (JOSE) header:")
$($joseHeader.Emit())
# Output:
# Signature validated.
# In our village, folks say God crumbles up the old moon into stars.
# Protected (JOSE) header:
# {
# "alg": "ES256"
# }