![]() |
Chilkat HOME Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi DLL Go Java Node.js Objective-C PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(C++) Create JWK Set Containing CertificatesDemonstrates how to create a JWK Set containing N certificates. Note: This example requires Chilkat v11.0.0 or greater.
#include <CkCert.h> #include <CkCrypt2.h> #include <CkJsonObject.h> #include <CkPublicKey.h> void ChilkatSample(void) { bool success = false; // This example creates the following JWK Set from two certificates: // { // "keys": [ // { // "kty": "RSA", // "use": "sig", // "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw", // "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw", // "n": "nYf1jpn7cFdQ...9Iw", // "e": "AQAB", // "x5c": [ // "MIIDBTCCAe2...Z+NTZo" // ] // }, // { // "kty": "RSA", // "use": "sig", // "kid": "M6pX7RHoraLsprfJeRCjSxuURhc", // "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc", // "n": "xHScZMPo8F...EO4QQ", // "e": "AQAB", // "x5c": [ // "MIIC8TCCAdmgA...Vt5432GA==" // ] // } // ] // } // First get two certificates from files. CkCert cert1; success = cert1.LoadFromFile("qa_data/certs/brasil_cert.pem"); if (success == false) { std::cout << cert1.lastErrorText() << "\r\n"; return; } CkCert cert2; success = cert2.LoadFromFile("qa_data/certs/testCert.cer"); if (success == false) { std::cout << cert2.lastErrorText() << "\r\n"; return; } // We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64. CkCrypt2 crypt; CkJsonObject json; // Let's begin with the 1st cert: json.put_I(0); json.UpdateString("keys[i].kty","RSA"); json.UpdateString("keys[i].use","sig"); const char *hexThumbprint = cert1.sha1Thumbprint(); const char *base64Thumbprint = crypt.reEncode(hexThumbprint,"hex","base64"); json.UpdateString("keys[i].kid",base64Thumbprint); json.UpdateString("keys[i].x5t",base64Thumbprint); // (We're assuming these are RSA certificates) // To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK. CkPublicKey pubKey; cert1.GetPublicKey(pubKey); CkJsonObject pubKeyJwk; pubKeyJwk.Load(pubKey.getJwk()); json.UpdateString("keys[i].n",pubKeyJwk.stringOf("n")); json.UpdateString("keys[i].e",pubKeyJwk.stringOf("e")); // Now add the entire X.509 certificate json.UpdateString("keys[i].x5c[0]",cert1.getEncoded()); // Now do the same for cert2.. json.put_I(1); json.UpdateString("keys[i].kty","RSA"); json.UpdateString("keys[i].use","sig"); hexThumbprint = cert2.sha1Thumbprint(); base64Thumbprint = crypt.reEncode(hexThumbprint,"hex","base64"); json.UpdateString("keys[i].kid",base64Thumbprint); json.UpdateString("keys[i].x5t",base64Thumbprint); cert2.GetPublicKey(pubKey); pubKeyJwk.Load(pubKey.getJwk()); json.UpdateString("keys[i].n",pubKeyJwk.stringOf("n")); json.UpdateString("keys[i].e",pubKeyJwk.stringOf("e")); // Now add the entire X.509 certificate json.UpdateString("keys[i].x5c[0]",cert2.getEncoded()); // Emit the JSON.. json.put_EmitCompact(false); std::cout << json.emit() << "\r\n"; } |
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.