Sample code for 30+ languages & platforms
AutoIt

Create JWK Set Containing Certificates

See more Certificates Examples

Demonstrates how to create a JWK Set containing N certificates.

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

; This example creates the following JWK Set from two certificates:

; {
;   "keys": [
;     {
;       "kty": "RSA",
;       "use": "sig",
;       "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
;       "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
;       "n": "nYf1jpn7cFdQ...9Iw",
;       "e": "AQAB",
;       "x5c": [
;         "MIIDBTCCAe2...Z+NTZo"
;       ]
;     },
;     {
;       "kty": "RSA",
;       "use": "sig",
;       "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
;       "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
;       "n": "xHScZMPo8F...EO4QQ",
;       "e": "AQAB",
;       "x5c": [
;         "MIIC8TCCAdmgA...Vt5432GA=="
;       ]
;     }
;   ]
; }

; First get two certificates from files.
$oCert1 = ObjCreate("Chilkat.Cert")
$bSuccess = $oCert1.LoadFromFile("qa_data/certs/brasil_cert.pem")
If ($bSuccess = False) Then
    ConsoleWrite($oCert1.LastErrorText & @CRLF)
    Exit
EndIf

$oCert2 = ObjCreate("Chilkat.Cert")
$bSuccess = $oCert2.LoadFromFile("qa_data/certs/testCert.cer")
If ($bSuccess = False) Then
    ConsoleWrite($oCert2.LastErrorText & @CRLF)
    Exit
EndIf

; We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
$oCrypt = ObjCreate("Chilkat.Crypt2")

$oJson = ObjCreate("Chilkat.JsonObject")

; Let's begin with the 1st cert:
$oJson.I = 0
$oJson.UpdateString("keys[i].kty","RSA")
$oJson.UpdateString("keys[i].use","sig")

Local $sHexThumbprint = $oCert1.Sha1Thumbprint
Local $sBase64Thumbprint = $oCrypt.ReEncode($sHexThumbprint,"hex","base64")
$oJson.UpdateString("keys[i].kid",$sBase64Thumbprint)
$oJson.UpdateString("keys[i].x5t",$sBase64Thumbprint)

; (We're assuming these are RSA certificates)
; To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
$oPubKey = ObjCreate("Chilkat.PublicKey")
$oCert1.GetPublicKey($oPubKey)

$oPubKeyJwk = ObjCreate("Chilkat.JsonObject")
$oPubKeyJwk.Load($oPubKey.GetJwk())
$oJson.UpdateString("keys[i].n",$oPubKeyJwk.StringOf("n"))
$oJson.UpdateString("keys[i].e",$oPubKeyJwk.StringOf("e"))

; Now add the entire X.509 certificate 
$oJson.UpdateString("keys[i].x5c[0]",$oCert1.GetEncoded())

; Now do the same for cert2..
$oJson.I = 1

$oJson.UpdateString("keys[i].kty","RSA")
$oJson.UpdateString("keys[i].use","sig")

$sHexThumbprint = $oCert2.Sha1Thumbprint
$sBase64Thumbprint = $oCrypt.ReEncode($sHexThumbprint,"hex","base64")
$oJson.UpdateString("keys[i].kid",$sBase64Thumbprint)
$oJson.UpdateString("keys[i].x5t",$sBase64Thumbprint)
$oCert2.GetPublicKey($oPubKey)

$oPubKeyJwk.Load($oPubKey.GetJwk())
$oJson.UpdateString("keys[i].n",$oPubKeyJwk.StringOf("n"))
$oJson.UpdateString("keys[i].e",$oPubKeyJwk.StringOf("e"))

; Now add the entire X.509 certificate 
$oJson.UpdateString("keys[i].x5c[0]",$oCert2.GetEncoded())

; Emit the JSON..
$oJson.EmitCompact = False
ConsoleWrite($oJson.Emit() & @CRLF)