Delphi DLL
Delphi DLL
How to Generate a JSON Web Key (JWK)
See more JSON Web Signatures (JWS) Examples
Demonstrates how to generate the following types of JSON Web Keys:- RSA key pair
- EC key pair
- Octet sequence key (HMAC-256)
- 192-bit AES GCM key
Chilkat Delphi DLL Downloads
uses
Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Prng, Crypt2, JsonObject, PrivateKey, Rsa, Ecc;
...
procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
rsa: HCkRsa;
rsaKey: HCkPrivateKey;
rsaJwkStr: PWideChar;
json: HCkJsonObject;
prng: HCkPrng;
ecc: HCkEcc;
ecKey: HCkPrivateKey;
ecJwkStr: PWideChar;
crypt: HCkCrypt2;
jwkHmac: HCkJsonObject;
jwkAes: HCkJsonObject;
begin
success := False;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// ----------------------------------------------
// Generate an RSA key pair in JWK format.
// (Examples for generating other key types are shown below...)
rsa := CkRsa_Create();
rsaKey := CkPrivateKey_Create();
success := CkRsa_GenKey(rsa,2048,rsaKey);
if (success = False) then
begin
Memo1.Lines.Add(CkRsa__lastErrorText(rsa));
Exit;
end;
rsaJwkStr := CkPrivateKey__getJwk(rsaKey);
// The string returned is the most compact possible, and therefore it is not
// very readable. To pretty-print, load into a JSON object and emit..
json := CkJsonObject_Create();
CkJsonObject_putEmitCompact(json,False);
CkJsonObject_Load(json,rsaJwkStr);
Memo1.Lines.Add(CkJsonObject__emit(json));
// Sample RSA JWK:
// {
// "kty": "RSA",
// "n": "6w1Xpof7gKmytJ3yc_yjI5_K3MvVXnBYBDy5Oh2W6Xqu_fOl3W18SjS2AU5xJrTHlB_j84yQjPyXJh_ixjACK4K4dCSYqlLmn3R7QJ84vnHLIEkqwUICqOHdCBjK5xhMrdZxIhuNlJzbARY-3u9RqjsT3HYTjA6JNHUWTYBBRou4gYGm4cJgvX4uexdikqxnze014RmZMaOV_4MR--WL4G8QfNJ2pRBEXQeKyije89H6M5oTSK7KZqFTIqu9hwNtx2oGpGAIcS0Jv5xVl-hDtwXZNwQJaOxMzLw1nwnb2kMliJa67EabQFrQY_xthQNsfzcHJJlpqYiMprW8wRkzmQ",
// "e": "AQAB",
// "d": "1_bnXMw-SeYhmxAwb19lqVqtMpdaES5ZwHLmoT4EpbsiQ5T1BfENrMSnoaWoEy8w3Kk8cU7qlY-TdOUBIKWFqOKvhY8GciA_Y6zLfgGNSnYVczGmxfBXr0HvKvxUmWZbNbH9OqBkQnKoSmRdGcp7l1Q2mG4o4ZuNdxRJjKXV0_DTrNLUJzst0hsfoZ6mWUrQcn39XGvvLjz9ySS-DYGI1vli3ayx8jVNuw0rU8UXVs9WmPQLvZO_ZDMhoLEeKsdejnNkUNPAUjqxcSOZRojt4BfCmbt-_1slFb0NsoaqnDVZGezd9J9ocxGuyIWHAJu9GGZEcdaFyiDDs_WA1IS_fQ",
// "p": "9dU8f6yOklRcpV6ayVMKpyQ6AMuBTF3rZmB498eAvvTkVG1-upm8IkikTVNpPjEalc82Sxuq8oF4N5x1-F33sgVEoCZG-1WFZTn-rnPnXSALES9hqSaVYEwnh61EiY8ckjBVr9jD2nL1JKdbfgVVeo69-9PdjnKYYDVL8eLNPwM",
// "q": "9MX2sW0GyaOsZ86AYe3eG2ZgcgKHvhJa573gih5Jvi2e-Nv-L0EVK29_DA7n0Pjm-gl9zVAsGsMMkphJyEF9QgyUlJ-59XLqWnECS5gO6WZdtHrJxVvcO-_AOrLIxeYnYcwhmaVaxs_UEpqGzupKHCWgf4cfXe49lrIsqGKH4jM",
// "dp": "IQgj9uvSxGq9gCL0HXUhC1Bc0tqFZyN_i-QOnQybig0R2R5VVvFtTBYCrbk1fPvQHK0ZGIKBN9CZvK8zUsodjDgU_ofmJcNaBz4BsKM2RVcW5Zo-PyJGFAhnj12CxhEKv8Hq4ZP4zROBSQmLy6Uf1TX05S-Up51SSCshJ0FYXs0",
// "dq": "RijsMiUfGfL5OvP85pUI4e-xW1yQThHyzpQlZVGTL5jiBVEBhcfw6ndWAj3Pgp2ljyvjTFNboPwhgW93Tpg-8AytFgDGi605sVzNHJ_kPlBiMZY0eYaAFQn-npSaaecziJu7UdAMugneLsruMycCwRij7Ynsmr7sFmLR3B4J9vM",
// "qi": "jZE-a1pa8YjflpCSH5oqp1f6f6I6-hpZcLdamLCoAcjVSIPk86gtXtOFES4411-DqYzYIZM6B_g_SRYY6JpKAOuZ40mmMTlnIEoVf8BHiGl3g6bBAiN1yQGXrwXJsg2OYnocyRA-xWNdcMSSFA52SwEdar2Mmw29qVzxtC1QbpA"
// }
// ----------------------------------------------
// Generate an EC P-256 key pair in JWK format
prng := CkPrng_Create();
ecc := CkEcc_Create();
ecKey := CkPrivateKey_Create();
CkEcc_GenKey(ecc,'P-256',prng,ecKey);
ecJwkStr := CkPrivateKey__getJwk(ecKey);
CkJsonObject_Load(json,ecJwkStr);
Memo1.Lines.Add(CkJsonObject__emit(json));
// Sample EC JWK Key:
// {
// "kty": "EC",
// "crv": "P-256",
// "x": "tDeeYABgKEAbWicYPCEEI8sP4SRIhHKcHDW7VqrB4LA",
// "y": "J08HOoIZ0rX2Me3bNFZUltfxIk1Hrc8FsLu8VaSxsMI",
// "d": "-bqt1T0wNAN8sP5ruycQZRVlMlt3V_dSwlJ60xAX5io"
// }
// ----------------------------------------------
// Octet sequence keys are intended for representing secret keys, such as HMAC keys and AES keys.
// We'll use crypt to generate a random UUID..
crypt := CkCrypt2_Create();
// AES and HMAC keys are simply random arrays of bytes
// For these, we can just build the JSON directly,
// with the help of the PRNG object.
jwkHmac := CkJsonObject_Create();
CkJsonObject_putEmitCompact(jwkHmac,False);
// Generate a 256-bit HMAK key (32 bytes)
CkJsonObject_AppendString(jwkHmac,'kty','oct');
// Give the key an optional ID, which can be anything, even strings as simple as "1", "2", etc.
CkJsonObject_AppendString(jwkHmac,'kid',CkCrypt2__generateUuid(crypt));
// Indicate the intended key alg (optional)
CkJsonObject_AppendString(jwkHmac,'alg','HS256');
// Generate the actual key bytes
CkJsonObject_AppendString(jwkHmac,'k',CkPrng__genRandom(prng,32,'base64url'));
Memo1.Lines.Add(CkJsonObject__emit(jwkHmac));
// Sample HMAC-256 JWK:
// {
// "kty": "oct",
// "kid": "06c2515d-41fb-e436-e405-3abb361f5f7a",
// "alg": "HS256",
// "k": "wR32w7yiMe5Lhb1vkW2koBpoMxpXTFYuxOYCCIEKjdE"
// }
// ----------------------------------------------
// Now generate a 192-bit (24 byte) key that could be used with AES192GCM
jwkAes := CkJsonObject_Create();
CkJsonObject_putEmitCompact(jwkAes,False);
CkJsonObject_AppendString(jwkAes,'kty','oct');
CkJsonObject_AppendString(jwkAes,'kid','2');
CkJsonObject_AppendString(jwkAes,'k',CkPrng__genRandom(prng,24,'base64url'));
Memo1.Lines.Add(CkJsonObject__emit(jwkAes));
// Sample AES key:
// {
// "kty": "oct",
// "kid": "2",
// "k": "akAkq-L_ZTZ6-tEIhDUMtU2ENhsEgL-p"
// }
CkRsa_Dispose(rsa);
CkPrivateKey_Dispose(rsaKey);
CkJsonObject_Dispose(json);
CkPrng_Dispose(prng);
CkEcc_Dispose(ecc);
CkPrivateKey_Dispose(ecKey);
CkCrypt2_Dispose(crypt);
CkJsonObject_Dispose(jwkHmac);
CkJsonObject_Dispose(jwkAes);
end;