Tcl
Tcl
Load Encrypted PEM Containing ECC Private Key and Certs and Examine Contents
See more PEM Examples
Loads an encrypted PEM containing an ECC private key and ECC certificate (and chain), and examines the contents.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Create a PEM containing a valid EC private key and certificates.
# The password for this encrypted PEM is "secret123"
set sb [new_CkStringBuilder]
set bCrlf 1
CkStringBuilder_AppendLine $sb "-----BEGIN ENCRYPTED PRIVATE KEY-----" $bCrlf
CkStringBuilder_AppendLine $sb "MIGtMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAiweNs9xIWNoAICCAAw" $bCrlf
CkStringBuilder_AppendLine $sb "HQYJYIZIAWUDBAECBBCz0IMryNxuJEo5ChMktg9cBGCsKDEeRqGJX4g/X2c6CNtK" $bCrlf
CkStringBuilder_AppendLine $sb "I8q7KClUwy9ms7ckHZAw/997WuW9QIGGnJEfHL/jSJsZViDwFAB4sunmdHSOTGMD" $bCrlf
CkStringBuilder_AppendLine $sb "3ZINNlkA+XobMaQtj1HNERtb1qskW1mf/X0sauw5aPA=" $bCrlf
CkStringBuilder_AppendLine $sb "-----END ENCRYPTED PRIVATE KEY-----" $bCrlf
CkStringBuilder_AppendLine $sb "-----BEGIN CERTIFICATE-----" $bCrlf
CkStringBuilder_AppendLine $sb "MIICzjCCAlOgAwIBAgIETULS8zAKBggqhkjOPQQDAzBtMQswCQYDVQQGEwJVUzEW" $bCrlf
CkStringBuilder_AppendLine $sb "MBQGA1UEChMNRW50cnVzdCwgSW5jLjEfMB0GA1UECxMWRm9yIFRlc3QgUHVycG9z" $bCrlf
CkStringBuilder_AppendLine $sb "ZXMgT25seTElMCMGA1UEAxMcRW50cnVzdCBFQ0MgRGVtb25zdHJhdGlvbiBDQTAe" $bCrlf
CkStringBuilder_AppendLine $sb "Fw0xNjAzMTgxMjM5MzFaFw0xNjA1MTcxMzA5MzFaMFgxHzAdBgNVBAsTFkZvciBU" $bCrlf
CkStringBuilder_AppendLine $sb "ZXN0IFB1cnBvc2VzIE9ubHkxHTAbBgNVBAsTFFBlcnNvbmEgTm90IFZlcmlmaWVk" $bCrlf
CkStringBuilder_AppendLine $sb "MRYwFAYDVQQDEw1DaGlsa2F0IEFkbWluMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE" $bCrlf
CkStringBuilder_AppendLine $sb "uB62JGMJKXnp1PNsOOIYKGhrzfLev3O+UuthL6UzEqNNDTd8dEYMUQP/DTS3qk98" $bCrlf
CkStringBuilder_AppendLine $sb "gyQEFxdmZUsPF0fFokkZZ1cV6z7QD3MsPvSjrBzB0GUB3r8CLnDK/F4pF2Q995hr" $bCrlf
CkStringBuilder_AppendLine $sb "o4HYMIHVMA4GA1UdDwEB/wQEAwIDiDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB" $bCrlf
CkStringBuilder_AppendLine $sb "BQUHAwQwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5lbnRydXN0LmNvbS9D" $bCrlf
CkStringBuilder_AppendLine $sb "UkwvZWNjZGVtby5jcmwwIAYDVR0RBBkwF4EVYWRtaW5AY2hpbGthdHNvZnQuY29t" $bCrlf
CkStringBuilder_AppendLine $sb "MB8GA1UdIwQYMBaAFCQFS+Fkghr4Ccz7eHkh+nDmkzLqMB0GA1UdDgQWBBTB82fm" $bCrlf
CkStringBuilder_AppendLine $sb "vrdG2iX5uS/agVW3L4DisjAJBgNVHRMEAjAAMAoGCCqGSM49BAMDA2kAMGYCMQCH" $bCrlf
CkStringBuilder_AppendLine $sb "ILghMprWoYPEp9mCE+tpVE7vYwkFV3m0RDzT2BSUezL8Ky78XNk+XPqSB2biT70C" $bCrlf
CkStringBuilder_AppendLine $sb "MQDCase1oaPY4AxCmjB+rEB1ir+QS8mrtF+iCSqHVv1aIxT6abQL57BZSdvwIm/T" $bCrlf
CkStringBuilder_AppendLine $sb "T8o=" $bCrlf
CkStringBuilder_AppendLine $sb "-----END CERTIFICATE-----" $bCrlf
CkStringBuilder_AppendLine $sb "-----BEGIN CERTIFICATE-----" $bCrlf
CkStringBuilder_AppendLine $sb "MIICljCCAhugAwIBAgIETUHhezAKBggqhkjOPQQDAzBtMQswCQYDVQQGEwJVUzEW" $bCrlf
CkStringBuilder_AppendLine $sb "MBQGA1UEChMNRW50cnVzdCwgSW5jLjEfMB0GA1UECxMWRm9yIFRlc3QgUHVycG9z" $bCrlf
CkStringBuilder_AppendLine $sb "ZXMgT25seTElMCMGA1UEAxMcRW50cnVzdCBFQ0MgRGVtb25zdHJhdGlvbiBDQTAe" $bCrlf
CkStringBuilder_AppendLine $sb "Fw0xMTAxMjcyMDQ5NTRaFw0zNjAxMjcyMTE5NTRaMG0xCzAJBgNVBAYTAlVTMRYw" $bCrlf
CkStringBuilder_AppendLine $sb "FAYDVQQKEw1FbnRydXN0LCBJbmMuMR8wHQYDVQQLExZGb3IgVGVzdCBQdXJwb3Nl" $bCrlf
CkStringBuilder_AppendLine $sb "cyBPbmx5MSUwIwYDVQQDExxFbnRydXN0IEVDQyBEZW1vbnN0cmF0aW9uIENBMHYw" $bCrlf
CkStringBuilder_AppendLine $sb "EAYHKoZIzj0CAQYFK4EEACIDYgAEhCWBpuJuzvRtQyibkcbCj7EkcwAqS2EqRQ/Q" $bCrlf
CkStringBuilder_AppendLine $sb "ntroTdRM2SssEN4TruTxtwcY/7lR64L6Tfjz3+ujrfjNFss3EWVpUlbOJ+xHC3xH" $bCrlf
CkStringBuilder_AppendLine $sb "PteNyAGZtHbZO3tVuhP6yX6dFqCCo4GLMIGIMCsGA1UdEAQkMCKADzIwMTEwMTI3" $bCrlf
CkStringBuilder_AppendLine $sb "MjA0OTU0WoEPMjAzNjAxMjcyMTE5NTRaMAsGA1UdDwQEAwIBBjAfBgNVHSMEGDAW" $bCrlf
CkStringBuilder_AppendLine $sb "gBQkBUvhZIIa+AnM+3h5Ifpw5pMy6jAdBgNVHQ4EFgQUJAVL4WSCGvgJzPt4eSH6" $bCrlf
CkStringBuilder_AppendLine $sb "cOaTMuowDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAwNpADBmAjEAyAhA70OIb6lb" $bCrlf
CkStringBuilder_AppendLine $sb "fN6kOTQloHyCLmihNK+PT5wOuaMR//KSQP2c/H18YhDYnlwMxF9fAjEA0URaJOXM" $bCrlf
CkStringBuilder_AppendLine $sb "F0qwdvS2rm7N5PWMLc/4BbeOZyZ94XJiG5u96iTgp6N9JI0MMmCQE87N" $bCrlf
CkStringBuilder_AppendLine $sb "-----END CERTIFICATE-----" $bCrlf
set pem [new_CkPem]
set success [CkPem_LoadPem $pem [CkStringBuilder_getAsString $sb] "secret123"]
if {$success == 0} then {
puts [CkPem_lastErrorText $pem]
delete_CkStringBuilder $sb
delete_CkPem $pem
exit
}
# Get the private key and examine it in JSON Web Key form (JWK)
set privKey [new_CkPrivateKey]
set success [CkPem_PrivateKeyAt $pem 0 $privKey]
if {$success == 0} then {
puts [CkPem_lastErrorText $pem]
delete_CkStringBuilder $sb
delete_CkPem $pem
delete_CkPrivateKey $privKey
exit
}
set json [new_CkJsonObject]
CkJsonObject_Load $json [CkPrivateKey_getJwk $privKey]
CkJsonObject_put_EmitCompact $json 0
puts [CkJsonObject_emit $json]
# JWK output:
# {
# "kty": "EC",
# "crv": "P-384",
# "x": "uB62JGMJKXnp1PNsOOIYKGhrzfLev3O-UuthL6UzEqNNDTd8dEYMUQP_DTS3qk98",
# "y": "gyQEFxdmZUsPF0fFokkZZ1cV6z7QD3MsPvSjrBzB0GUB3r8CLnDK_F4pF2Q995hr",
# "d": "ugTy2ZpuQqv1uQyLSgz1SPRvngzrd5vLyzU2ICaJd25zZRIxxlNR-uFo9UWC6llt"
# }
# Now get 1st certificate and examine in XML format:
set cert [new_CkCert]
set success [CkPem_CertAt $pem 0 $cert]
if {$success == 0} then {
puts [CkPem_lastErrorText $pem]
delete_CkStringBuilder $sb
delete_CkPem $pem
delete_CkPrivateKey $privKey
delete_CkJsonObject $json
delete_CkCert $cert
exit
}
set certXml [CkCert_exportCertXml $cert]
puts "$certXml"
# XML output:
# <?xml version="1.0" encoding="utf-8" ?>
# <sequence>
# <sequence>
# <contextSpecific tag="0" constructed="1">
# <int>02</int>
# </contextSpecific>
# <int>4D42D2F3</int>
# <sequence>
# <oid>1.2.840.10045.4.3.3</oid>
# </sequence>
# <sequence>
# <set>
# <sequence>
# <oid>2.5.4.6</oid>
# <printable>US</printable>
# </sequence>
# </set>
# <set>
# <sequence>
# <oid>2.5.4.10</oid>
# <printable>Entrust, Inc.</printable>
# </sequence>
# </set>
# <set>
# <sequence>
# <oid>2.5.4.11</oid>
# <printable>For Test Purposes Only</printable>
# </sequence>
# </set>
# <set>
# <sequence>
# <oid>2.5.4.3</oid>
# <printable>Entrust ECC Demonstration CA</printable>
# </sequence>
# </set>
# </sequence>
# <sequence>
# <utctime>160318123931Z</utctime>
# <utctime>160517130931Z</utctime>
# </sequence>
# <sequence>
# <set>
# <sequence>
# <oid>2.5.4.11</oid>
# <printable>For Test Purposes Only</printable>
# </sequence>
# </set>
# <set>
# <sequence>
# <oid>2.5.4.11</oid>
# <printable>Persona Not Verified</printable>
# </sequence>
# </set>
# <set>
# <sequence>
# <oid>2.5.4.3</oid>
# <printable>Chilkat Admin</printable>
# </sequence>
# </set>
# </sequence>
# <sequence>
# <sequence>
# <oid>1.2.840.10045.2.1</oid>
# <oid>1.3.132.0.34</oid>
# </sequence>
# <bits n="776">04B81EB62463092979E9D4F36C38E21828686BCDF2DEBF73BE52EB612FA53312A34D0D377C74460C5103FF0D34B7AA4F7C832404171766654B0F1747C5A24919675715EB3ED00F732C3EF4A3AC1CC1D06501DEBF022E70CAFC5E2917643DF7986B</bits>
# </sequence>
# <contextSpecific tag="3" constructed="1">
# <sequence>
# <sequence>
# <oid>2.5.29.15</oid>
# <bool>1</bool>
# <octets>AwIDiA==</octets>
# </sequence>
# <sequence>
# <oid>2.5.29.37</oid>
# <octets>MBQGCCsGAQUFBwMCBggrBgEFBQcDBA==</octets>
# </sequence>
# <sequence>
# <oid>2.5.29.31</oid>
# <octets>MC4wLKAqoCiGJmh0dHA6Ly9jcmwuZW50cnVzdC5jb20vQ1JML2VjY2RlbW8uY3Js</octets>
# </sequence>
# <sequence>
# <oid>2.5.29.17</oid>
# <octets>MBeBFWFkbWluQGNoaWxrYXRzb2Z0LmNvbQ==</octets>
# </sequence>
# <sequence>
# <oid>2.5.29.35</oid>
# <octets>MBaAFCQFS+Fkghr4Ccz7eHkh+nDmkzLq</octets>
# </sequence>
# <sequence>
# <oid>2.5.29.14</oid>
# <octets>BBTB82fmvrdG2iX5uS/agVW3L4Disg==</octets>
# </sequence>
# <sequence>
# <oid>2.5.29.19</oid>
# <octets>MAA=</octets>
# </sequence>
# </sequence>
# </contextSpecific>
# </sequence>
# <sequence>
# <oid>1.2.840.10045.4.3.3</oid>
# </sequence>
# <bits n="832">30660231008720B821329AD6A183C4A7D98213EB69544EEF6309055779B4443CD3D814947B32FC2B2EFC5CD93E5CFA920766E24FBD023100C26AC7B5A1A3D8E00C429A307EAC40758ABF904BC9ABB45FA2092A8756FD5A2314FA69B40BE7B05949DBF0226FD34FCA</bits>
# </sequence>
#
#
#
delete_CkStringBuilder $sb
delete_CkPem $pem
delete_CkPrivateKey $privKey
delete_CkJsonObject $json
delete_CkCert $cert