|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) How to Generate a JSON Web Key (JWK)Demonstrates how to generate the following types of JSON Web Keys:
Note: This example requires Chilkat v9.5.0.66 or later.
#include <C_CkRsa.h> #include <C_CkPrivateKey.h> #include <C_CkJsonObject.h> #include <C_CkPrng.h> #include <C_CkEcc.h> #include <C_CkCrypt2.h> void ChilkatSample(void) { HCkRsa rsa; BOOL success; HCkPrivateKey rsaKey; const char *rsaJwkStr; HCkJsonObject json; HCkPrng prng; HCkEcc ecc; HCkPrivateKey ecKey; const char *ecJwkStr; HCkCrypt2 crypt; HCkJsonObject jwkHmac; HCkJsonObject jwkAes; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // ---------------------------------------------- // Generate an RSA key pair in JWK format. // (Examples for generating other key types are shown below...) rsa = CkRsa_Create(); success = CkRsa_GenerateKey(rsa,2048); rsaKey = CkRsa_ExportPrivateKeyObj(rsa); rsaJwkStr = CkPrivateKey_getJwk(rsaKey); // The string returned is the most compact possible, and therefore it is not // very readable. To pretty-print, load into a JSON object and emit.. json = CkJsonObject_Create(); CkJsonObject_putEmitCompact(json,FALSE); CkJsonObject_Load(json,rsaJwkStr); printf("%s\n",CkJsonObject_emit(json)); CkPrivateKey_Dispose(rsaKey); // Sample RSA JWK: // { // "kty": "RSA", // "n": "6w1Xpof7gKmytJ3yc_yjI5_K3MvVXnBYBDy5Oh2W6Xqu_fOl3W18SjS2AU5xJrTHlB_j84yQjPyXJh_ixjACK4K4dCSYqlLmn3R7QJ84vnHLIEkqwUICqOHdCBjK5xhMrdZxIhuNlJzbARY-3u9RqjsT3HYTjA6JNHUWTYBBRou4gYGm4cJgvX4uexdikqxnze014RmZMaOV_4MR--WL4G8QfNJ2pRBEXQeKyije89H6M5oTSK7KZqFTIqu9hwNtx2oGpGAIcS0Jv5xVl-hDtwXZNwQJaOxMzLw1nwnb2kMliJa67EabQFrQY_xthQNsfzcHJJlpqYiMprW8wRkzmQ", // "e": "AQAB", // "d": "1_bnXMw-SeYhmxAwb19lqVqtMpdaES5ZwHLmoT4EpbsiQ5T1BfENrMSnoaWoEy8w3Kk8cU7qlY-TdOUBIKWFqOKvhY8GciA_Y6zLfgGNSnYVczGmxfBXr0HvKvxUmWZbNbH9OqBkQnKoSmRdGcp7l1Q2mG4o4ZuNdxRJjKXV0_DTrNLUJzst0hsfoZ6mWUrQcn39XGvvLjz9ySS-DYGI1vli3ayx8jVNuw0rU8UXVs9WmPQLvZO_ZDMhoLEeKsdejnNkUNPAUjqxcSOZRojt4BfCmbt-_1slFb0NsoaqnDVZGezd9J9ocxGuyIWHAJu9GGZEcdaFyiDDs_WA1IS_fQ", // "p": "9dU8f6yOklRcpV6ayVMKpyQ6AMuBTF3rZmB498eAvvTkVG1-upm8IkikTVNpPjEalc82Sxuq8oF4N5x1-F33sgVEoCZG-1WFZTn-rnPnXSALES9hqSaVYEwnh61EiY8ckjBVr9jD2nL1JKdbfgVVeo69-9PdjnKYYDVL8eLNPwM", // "q": "9MX2sW0GyaOsZ86AYe3eG2ZgcgKHvhJa573gih5Jvi2e-Nv-L0EVK29_DA7n0Pjm-gl9zVAsGsMMkphJyEF9QgyUlJ-59XLqWnECS5gO6WZdtHrJxVvcO-_AOrLIxeYnYcwhmaVaxs_UEpqGzupKHCWgf4cfXe49lrIsqGKH4jM", // "dp": "IQgj9uvSxGq9gCL0HXUhC1Bc0tqFZyN_i-QOnQybig0R2R5VVvFtTBYCrbk1fPvQHK0ZGIKBN9CZvK8zUsodjDgU_ofmJcNaBz4BsKM2RVcW5Zo-PyJGFAhnj12CxhEKv8Hq4ZP4zROBSQmLy6Uf1TX05S-Up51SSCshJ0FYXs0", // "dq": "RijsMiUfGfL5OvP85pUI4e-xW1yQThHyzpQlZVGTL5jiBVEBhcfw6ndWAj3Pgp2ljyvjTFNboPwhgW93Tpg-8AytFgDGi605sVzNHJ_kPlBiMZY0eYaAFQn-npSaaecziJu7UdAMugneLsruMycCwRij7Ynsmr7sFmLR3B4J9vM", // "qi": "jZE-a1pa8YjflpCSH5oqp1f6f6I6-hpZcLdamLCoAcjVSIPk86gtXtOFES4411-DqYzYIZM6B_g_SRYY6JpKAOuZ40mmMTlnIEoVf8BHiGl3g6bBAiN1yQGXrwXJsg2OYnocyRA-xWNdcMSSFA52SwEdar2Mmw29qVzxtC1QbpA" // } // ---------------------------------------------- // Generate an EC P-256 key pair in JWK format prng = CkPrng_Create(); ecc = CkEcc_Create(); ecKey = CkEcc_GenEccKey(ecc,"P-256",prng); if (CkEcc_getLastMethodSuccess(ecc) != TRUE) { printf("%s\n",CkEcc_lastErrorText(ecc)); CkRsa_Dispose(rsa); CkJsonObject_Dispose(json); CkPrng_Dispose(prng); CkEcc_Dispose(ecc); return; } ecJwkStr = CkPrivateKey_getJwk(ecKey); CkJsonObject_Load(json,ecJwkStr); printf("%s\n",CkJsonObject_emit(json)); CkPrivateKey_Dispose(ecKey); // Sample EC JWK Key: // { // "kty": "EC", // "crv": "P-256", // "x": "tDeeYABgKEAbWicYPCEEI8sP4SRIhHKcHDW7VqrB4LA", // "y": "J08HOoIZ0rX2Me3bNFZUltfxIk1Hrc8FsLu8VaSxsMI", // "d": "-bqt1T0wNAN8sP5ruycQZRVlMlt3V_dSwlJ60xAX5io" // } // ---------------------------------------------- // Octet sequence keys are intended for representing secret keys, such as HMAC keys and AES keys. // We'll use crypt to generate a random UUID.. crypt = CkCrypt2_Create(); // AES and HMAC keys are simply random arrays of bytes // For these, we can just build the JSON directly, // with the help of the PRNG object. jwkHmac = CkJsonObject_Create(); CkJsonObject_putEmitCompact(jwkHmac,FALSE); // Generate a 256-bit HMAK key (32 bytes) CkJsonObject_AppendString(jwkHmac,"kty","oct"); // Give the key an optional ID, which can be anything, even strings as simple as "1", "2", etc. CkJsonObject_AppendString(jwkHmac,"kid",CkCrypt2_generateUuid(crypt)); // Indicate the intended key alg (optional) CkJsonObject_AppendString(jwkHmac,"alg","HS256"); // Generate the actual key bytes CkJsonObject_AppendString(jwkHmac,"k",CkPrng_genRandom(prng,32,"base64url")); printf("%s\n",CkJsonObject_emit(jwkHmac)); // Sample HMAC-256 JWK: // { // "kty": "oct", // "kid": "06c2515d-41fb-e436-e405-3abb361f5f7a", // "alg": "HS256", // "k": "wR32w7yiMe5Lhb1vkW2koBpoMxpXTFYuxOYCCIEKjdE" // } // ---------------------------------------------- // Now generate a 192-bit (24 byte) key that could be used with AES192GCM jwkAes = CkJsonObject_Create(); CkJsonObject_putEmitCompact(jwkAes,FALSE); CkJsonObject_AppendString(jwkAes,"kty","oct"); CkJsonObject_AppendString(jwkAes,"kid","2"); CkJsonObject_AppendString(jwkAes,"k",CkPrng_genRandom(prng,24,"base64url")); printf("%s\n",CkJsonObject_emit(jwkAes)); // Sample AES key: // { // "kty": "oct", // "kid": "2", // "k": "akAkq-L_ZTZ6-tEIhDUMtU2ENhsEgL-p" // } CkRsa_Dispose(rsa); CkJsonObject_Dispose(json); CkPrng_Dispose(prng); CkEcc_Dispose(ecc); CkCrypt2_Dispose(crypt); CkJsonObject_Dispose(jwkHmac); CkJsonObject_Dispose(jwkAes); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.