|
Chilkat • HOME • Android™ • Classic ASP • C • C++ • C# • Mono C# • .NET Core C# • C# UWP/WinRT • DataFlex • Delphi ActiveX • Delphi DLL • Visual FoxPro • Java • Lianja • MFC • Objective-C • Perl • PHP ActiveX • PHP Extension • PowerBuilder • PowerShell • PureBasic • CkPython • Chilkat2-Python • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • Visual Basic 6.0 • VB.NET • VB.NET UWP/WinRT • VBScript • Xojo Plugin • Node.js • Excel • Go
(MFC) Validate JWS Using RSASSA-PKCS1-v1_5 SHA-256Validates a JSON Web Signature (JWS) that uses RSASSA-PKCS1-v1_5 SHA-256. Note: This example requires Chilkat v9.5.0.66 or greater.
#include <CkStringBuilder.h> #include <CkPublicKey.h> #include <CkJws.h> #include <CkJsonObject.h> void ChilkatSample(void) { CkString strOut; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: This example requires Chilkat v9.5.0.66 or greater. // This example takes a JSON signature in compact serialization format, // and uses an RSA public key to validate and recover the protected header and payload. // We only need a public key for signature validation. This is the RSA public key // that is used: // {"kty":"RSA", // "n":"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx // HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs // D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH // SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV // MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8 // NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ", // "e":"AQAB" // } CkStringBuilder sbPubKey; sbPubKey.Append("{\"kty\":\"RSA\","); sbPubKey.Append("\"n\":\"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx"); sbPubKey.Append("HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs"); sbPubKey.Append("D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH"); sbPubKey.Append("SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV"); sbPubKey.Append("MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8"); sbPubKey.Append("NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ\","); sbPubKey.Append("\"e\":\"AQAB\""); sbPubKey.Append("}"); CkPublicKey pubKey; bool success = pubKey.LoadFromString(sbPubKey.getAsString()); if (success != true) { strOut.append(pubKey.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } CkJws jws; // Set the RSA public key: int signatureIndex = 0; jws.SetPublicKey(signatureIndex,pubKey); // Load the JWS. CkStringBuilder sbJws; sbJws.Append("eyJhbGciOiJSUzI1NiJ9"); sbJws.Append("."); sbJws.Append("eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt"); sbJws.Append("cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"); sbJws.Append("."); sbJws.Append("cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7"); sbJws.Append("AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4"); sbJws.Append("BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K"); sbJws.Append("0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv"); sbJws.Append("hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB"); sbJws.Append("p0igcN_IoypGlUPQGe77Rw"); success = jws.LoadJwsSb(sbJws); if (success != true) { strOut.append(jws.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Validate the 1st (and only) signature at index 0.. int v = jws.Validate(signatureIndex); if (v < 0) { // Perhaps Chilkat was not unlocked or the trial expired.. strOut.append("Method call failed for some other reason."); strOut.append("\r\n"); strOut.append(jws.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } if (v == 0) { strOut.append("Invalid signature. The RSA key was incorrect, the JWS was invalid, or both."); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // If we get here, the signature was validated.. strOut.append("Signature validated."); strOut.append("\r\n"); strOut.append("--"); strOut.append("\r\n"); // Recover the original content: strOut.append("Recovered content:"); strOut.append("\r\n"); strOut.append(jws.getPayload("utf-8")); strOut.append("\r\n"); strOut.append("--"); strOut.append("\r\n"); // Examine the protected header: CkJsonObject *joseHeader = jws.GetProtectedHeader(signatureIndex); if (jws.get_LastMethodSuccess() != true) { strOut.append("No protected header found at the given index."); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } joseHeader->put_EmitCompact(false); strOut.append("Protected (JOSE) header:"); strOut.append("\r\n"); strOut.append(joseHeader->emit()); strOut.append("\r\n"); delete joseHeader; // Output: // Signature validated. // -- // Recovered content: // {"iss":"joe", // "exp":1300819380, // "http://example.com/is_root":true} // -- // Protected (JOSE) header: // { // "alg": "RS256" // } SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
||||
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.