|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) Validate JWS Using RSASSA-PKCS1-v1_5 SHA-256Validates a JSON Web Signature (JWS) that uses RSASSA-PKCS1-v1_5 SHA-256. Note: This example requires Chilkat v9.5.0.66 or greater.
#include <C_CkStringBuilder.h> #include <C_CkPublicKey.h> #include <C_CkJws.h> #include <C_CkJsonObject.h> void ChilkatSample(void) { HCkStringBuilder sbPubKey; HCkPublicKey pubKey; BOOL success; HCkJws jws; int signatureIndex; HCkStringBuilder sbJws; int v; HCkJsonObject joseHeader; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: This example requires Chilkat v9.5.0.66 or greater. // This example takes a JSON signature in compact serialization format, // and uses an RSA public key to validate and recover the protected header and payload. // We only need a public key for signature validation. This is the RSA public key // that is used: // {"kty":"RSA", // "n":"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx // HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs // D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH // SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV // MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8 // NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ", // "e":"AQAB" // } sbPubKey = CkStringBuilder_Create(); CkStringBuilder_Append(sbPubKey,"{\"kty\":\"RSA\","); CkStringBuilder_Append(sbPubKey,"\"n\":\"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx"); CkStringBuilder_Append(sbPubKey,"HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs"); CkStringBuilder_Append(sbPubKey,"D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH"); CkStringBuilder_Append(sbPubKey,"SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV"); CkStringBuilder_Append(sbPubKey,"MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8"); CkStringBuilder_Append(sbPubKey,"NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ\","); CkStringBuilder_Append(sbPubKey,"\"e\":\"AQAB\""); CkStringBuilder_Append(sbPubKey,"}"); pubKey = CkPublicKey_Create(); success = CkPublicKey_LoadFromString(pubKey,CkStringBuilder_getAsString(sbPubKey)); if (success != TRUE) { printf("%s\n",CkPublicKey_lastErrorText(pubKey)); CkStringBuilder_Dispose(sbPubKey); CkPublicKey_Dispose(pubKey); return; } jws = CkJws_Create(); // Set the RSA public key: signatureIndex = 0; CkJws_SetPublicKey(jws,signatureIndex,pubKey); // Load the JWS. sbJws = CkStringBuilder_Create(); CkStringBuilder_Append(sbJws,"eyJhbGciOiJSUzI1NiJ9"); CkStringBuilder_Append(sbJws,"."); CkStringBuilder_Append(sbJws,"eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt"); CkStringBuilder_Append(sbJws,"cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"); CkStringBuilder_Append(sbJws,"."); CkStringBuilder_Append(sbJws,"cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7"); CkStringBuilder_Append(sbJws,"AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4"); CkStringBuilder_Append(sbJws,"BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K"); CkStringBuilder_Append(sbJws,"0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv"); CkStringBuilder_Append(sbJws,"hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB"); CkStringBuilder_Append(sbJws,"p0igcN_IoypGlUPQGe77Rw"); success = CkJws_LoadJwsSb(jws,sbJws); if (success != TRUE) { printf("%s\n",CkJws_lastErrorText(jws)); CkStringBuilder_Dispose(sbPubKey); CkPublicKey_Dispose(pubKey); CkJws_Dispose(jws); CkStringBuilder_Dispose(sbJws); return; } // Validate the 1st (and only) signature at index 0.. v = CkJws_Validate(jws,signatureIndex); if (v < 0) { // Perhaps Chilkat was not unlocked or the trial expired.. printf("Method call failed for some other reason.\n"); printf("%s\n",CkJws_lastErrorText(jws)); CkStringBuilder_Dispose(sbPubKey); CkPublicKey_Dispose(pubKey); CkJws_Dispose(jws); CkStringBuilder_Dispose(sbJws); return; } if (v == 0) { printf("Invalid signature. The RSA key was incorrect, the JWS was invalid, or both.\n"); CkStringBuilder_Dispose(sbPubKey); CkPublicKey_Dispose(pubKey); CkJws_Dispose(jws); CkStringBuilder_Dispose(sbJws); return; } // If we get here, the signature was validated.. printf("Signature validated.\n"); printf("--\n"); // Recover the original content: printf("Recovered content:\n"); printf("%s\n",CkJws_getPayload(jws,"utf-8")); printf("--\n"); // Examine the protected header: joseHeader = CkJws_GetProtectedHeader(jws,signatureIndex); if (CkJws_getLastMethodSuccess(jws) != TRUE) { printf("No protected header found at the given index.\n"); CkStringBuilder_Dispose(sbPubKey); CkPublicKey_Dispose(pubKey); CkJws_Dispose(jws); CkStringBuilder_Dispose(sbJws); return; } CkJsonObject_putEmitCompact(joseHeader,FALSE); printf("Protected (JOSE) header:\n"); printf("%s\n",CkJsonObject_emit(joseHeader)); CkJsonObject_Dispose(joseHeader); // Output: // Signature validated. // -- // Recovered content: // {"iss":"joe", // "exp":1300819380, // "http://example.com/is_root":true} // -- // Protected (JOSE) header: // { // "alg": "RS256" // } CkStringBuilder_Dispose(sbPubKey); CkPublicKey_Dispose(pubKey); CkJws_Dispose(jws); CkStringBuilder_Dispose(sbJws); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.