Sample code for 30+ languages & platforms
Swift

Create JWK Set Containing Certificates

See more Certificates Examples

Demonstrates how to create a JWK Set containing N certificates.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example creates the following JWK Set from two certificates:

    // {
    //   "keys": [
    //     {
    //       "kty": "RSA",
    //       "use": "sig",
    //       "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
    //       "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
    //       "n": "nYf1jpn7cFdQ...9Iw",
    //       "e": "AQAB",
    //       "x5c": [
    //         "MIIDBTCCAe2...Z+NTZo"
    //       ]
    //     },
    //     {
    //       "kty": "RSA",
    //       "use": "sig",
    //       "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
    //       "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
    //       "n": "xHScZMPo8F...EO4QQ",
    //       "e": "AQAB",
    //       "x5c": [
    //         "MIIC8TCCAdmgA...Vt5432GA=="
    //       ]
    //     }
    //   ]
    // }

    // First get two certificates from files.
    let cert1 = CkoCert()!
    success = cert1.load(fromFile: "qa_data/certs/brasil_cert.pem")
    if success == false {
        print("\(cert1.lastErrorText!)")
        return
    }

    let cert2 = CkoCert()!
    success = cert2.load(fromFile: "qa_data/certs/testCert.cer")
    if success == false {
        print("\(cert2.lastErrorText!)")
        return
    }

    // We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
    let crypt = CkoCrypt2()!

    let json = CkoJsonObject()!

    // Let's begin with the 1st cert:
    json.i = 0
    json.updateString(jsonPath: "keys[i].kty", value: "RSA")
    json.updateString(jsonPath: "keys[i].use", value: "sig")

    var hexThumbprint: String? = cert1.sha1Thumbprint
    var base64Thumbprint: String? = crypt.reEncode(data: hexThumbprint, fromEncoding: "hex", toEncoding: "base64")
    json.updateString(jsonPath: "keys[i].kid", value: base64Thumbprint)
    json.updateString(jsonPath: "keys[i].x5t", value: base64Thumbprint)

    // (We're assuming these are RSA certificates)
    // To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
    let pubKey = CkoPublicKey()!
    cert1.getPublicKey(pubKey: pubKey)

    let pubKeyJwk = CkoJsonObject()!
    pubKeyJwk.load(json: pubKey.getJwk())
    json.updateString(jsonPath: "keys[i].n", value: pubKeyJwk.string(of: "n"))
    json.updateString(jsonPath: "keys[i].e", value: pubKeyJwk.string(of: "e"))

    // Now add the entire X.509 certificate 
    json.updateString(jsonPath: "keys[i].x5c[0]", value: cert1.getEncoded())

    // Now do the same for cert2..
    json.i = 1

    json.updateString(jsonPath: "keys[i].kty", value: "RSA")
    json.updateString(jsonPath: "keys[i].use", value: "sig")

    hexThumbprint = cert2.sha1Thumbprint
    base64Thumbprint = crypt.reEncode(data: hexThumbprint, fromEncoding: "hex", toEncoding: "base64")
    json.updateString(jsonPath: "keys[i].kid", value: base64Thumbprint)
    json.updateString(jsonPath: "keys[i].x5t", value: base64Thumbprint)
    cert2.getPublicKey(pubKey: pubKey)

    pubKeyJwk.load(json: pubKey.getJwk())
    json.updateString(jsonPath: "keys[i].n", value: pubKeyJwk.string(of: "n"))
    json.updateString(jsonPath: "keys[i].e", value: pubKeyJwk.string(of: "e"))

    // Now add the entire X.509 certificate 
    json.updateString(jsonPath: "keys[i].x5c[0]", value: cert2.getEncoded())

    // Emit the JSON..
    json.emitCompact = false
    print("\(json.emit()!)")

}