DataFlex
DataFlex
How to Generate a JSON Web Key (JWK)
See more JSON Web Signatures (JWS) Examples
Demonstrates how to generate the following types of JSON Web Keys:- RSA key pair
- EC key pair
- Octet sequence key (HMAC-256)
- 192-bit AES GCM key
Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoRsa
Key Handle hoRsaKey
String sRsaJwkStr
Handle hoJson
Variant vPrng
Handle hoPrng
Handle hoEcc
Variant vEcKey
Handle hoEcKey
String sEcJwkStr
Handle hoCrypt
Handle hoJwkHmac
Handle hoJwkAes
String sTemp1
Move False To iSuccess
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// ----------------------------------------------
// Generate an RSA key pair in JWK format.
// (Examples for generating other key types are shown below...)
Get Create (RefClass(cComChilkatRsa)) To hoRsa
If (Not(IsComObjectCreated(hoRsa))) Begin
Send CreateComObject of hoRsa
End
Get Create (RefClass(cComChilkatPrivateKey)) To hoRsaKey
If (Not(IsComObjectCreated(hoRsaKey))) Begin
Send CreateComObject of hoRsaKey
End
Get pvComObject of hoRsaKey to vRsaKey
Get ComGenKey Of hoRsa 2048 vRsaKey To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoRsa To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComGetJwk Of hoRsaKey To sRsaJwkStr
// The string returned is the most compact possible, and therefore it is not
// very readable. To pretty-print, load into a JSON object and emit..
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Set ComEmitCompact Of hoJson To False
Get ComLoad Of hoJson sRsaJwkStr To iSuccess
Get ComEmit Of hoJson To sTemp1
Showln sTemp1
// Sample RSA JWK:
// {
// "kty": "RSA",
// "n": "6w1Xpof7gKmytJ3yc_yjI5_K3MvVXnBYBDy5Oh2W6Xqu_fOl3W18SjS2AU5xJrTHlB_j84yQjPyXJh_ixjACK4K4dCSYqlLmn3R7QJ84vnHLIEkqwUICqOHdCBjK5xhMrdZxIhuNlJzbARY-3u9RqjsT3HYTjA6JNHUWTYBBRou4gYGm4cJgvX4uexdikqxnze014RmZMaOV_4MR--WL4G8QfNJ2pRBEXQeKyije89H6M5oTSK7KZqFTIqu9hwNtx2oGpGAIcS0Jv5xVl-hDtwXZNwQJaOxMzLw1nwnb2kMliJa67EabQFrQY_xthQNsfzcHJJlpqYiMprW8wRkzmQ",
// "e": "AQAB",
// "d": "1_bnXMw-SeYhmxAwb19lqVqtMpdaES5ZwHLmoT4EpbsiQ5T1BfENrMSnoaWoEy8w3Kk8cU7qlY-TdOUBIKWFqOKvhY8GciA_Y6zLfgGNSnYVczGmxfBXr0HvKvxUmWZbNbH9OqBkQnKoSmRdGcp7l1Q2mG4o4ZuNdxRJjKXV0_DTrNLUJzst0hsfoZ6mWUrQcn39XGvvLjz9ySS-DYGI1vli3ayx8jVNuw0rU8UXVs9WmPQLvZO_ZDMhoLEeKsdejnNkUNPAUjqxcSOZRojt4BfCmbt-_1slFb0NsoaqnDVZGezd9J9ocxGuyIWHAJu9GGZEcdaFyiDDs_WA1IS_fQ",
// "p": "9dU8f6yOklRcpV6ayVMKpyQ6AMuBTF3rZmB498eAvvTkVG1-upm8IkikTVNpPjEalc82Sxuq8oF4N5x1-F33sgVEoCZG-1WFZTn-rnPnXSALES9hqSaVYEwnh61EiY8ckjBVr9jD2nL1JKdbfgVVeo69-9PdjnKYYDVL8eLNPwM",
// "q": "9MX2sW0GyaOsZ86AYe3eG2ZgcgKHvhJa573gih5Jvi2e-Nv-L0EVK29_DA7n0Pjm-gl9zVAsGsMMkphJyEF9QgyUlJ-59XLqWnECS5gO6WZdtHrJxVvcO-_AOrLIxeYnYcwhmaVaxs_UEpqGzupKHCWgf4cfXe49lrIsqGKH4jM",
// "dp": "IQgj9uvSxGq9gCL0HXUhC1Bc0tqFZyN_i-QOnQybig0R2R5VVvFtTBYCrbk1fPvQHK0ZGIKBN9CZvK8zUsodjDgU_ofmJcNaBz4BsKM2RVcW5Zo-PyJGFAhnj12CxhEKv8Hq4ZP4zROBSQmLy6Uf1TX05S-Up51SSCshJ0FYXs0",
// "dq": "RijsMiUfGfL5OvP85pUI4e-xW1yQThHyzpQlZVGTL5jiBVEBhcfw6ndWAj3Pgp2ljyvjTFNboPwhgW93Tpg-8AytFgDGi605sVzNHJ_kPlBiMZY0eYaAFQn-npSaaecziJu7UdAMugneLsruMycCwRij7Ynsmr7sFmLR3B4J9vM",
// "qi": "jZE-a1pa8YjflpCSH5oqp1f6f6I6-hpZcLdamLCoAcjVSIPk86gtXtOFES4411-DqYzYIZM6B_g_SRYY6JpKAOuZ40mmMTlnIEoVf8BHiGl3g6bBAiN1yQGXrwXJsg2OYnocyRA-xWNdcMSSFA52SwEdar2Mmw29qVzxtC1QbpA"
// }
// ----------------------------------------------
// Generate an EC P-256 key pair in JWK format
Get Create (RefClass(cComChilkatPrng)) To hoPrng
If (Not(IsComObjectCreated(hoPrng))) Begin
Send CreateComObject of hoPrng
End
Get Create (RefClass(cComChilkatEcc)) To hoEcc
If (Not(IsComObjectCreated(hoEcc))) Begin
Send CreateComObject of hoEcc
End
Get Create (RefClass(cComChilkatPrivateKey)) To hoEcKey
If (Not(IsComObjectCreated(hoEcKey))) Begin
Send CreateComObject of hoEcKey
End
Get pvComObject of hoPrng to vPrng
Get pvComObject of hoEcKey to vEcKey
Get ComGenKey Of hoEcc "P-256" vPrng vEcKey To iSuccess
Get ComGetJwk Of hoEcKey To sEcJwkStr
Get ComLoad Of hoJson sEcJwkStr To iSuccess
Get ComEmit Of hoJson To sTemp1
Showln sTemp1
// Sample EC JWK Key:
// {
// "kty": "EC",
// "crv": "P-256",
// "x": "tDeeYABgKEAbWicYPCEEI8sP4SRIhHKcHDW7VqrB4LA",
// "y": "J08HOoIZ0rX2Me3bNFZUltfxIk1Hrc8FsLu8VaSxsMI",
// "d": "-bqt1T0wNAN8sP5ruycQZRVlMlt3V_dSwlJ60xAX5io"
// }
// ----------------------------------------------
// Octet sequence keys are intended for representing secret keys, such as HMAC keys and AES keys.
// We'll use crypt to generate a random UUID..
Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
If (Not(IsComObjectCreated(hoCrypt))) Begin
Send CreateComObject of hoCrypt
End
// AES and HMAC keys are simply random arrays of bytes
// For these, we can just build the JSON directly,
// with the help of the PRNG object.
Get Create (RefClass(cComChilkatJsonObject)) To hoJwkHmac
If (Not(IsComObjectCreated(hoJwkHmac))) Begin
Send CreateComObject of hoJwkHmac
End
Set ComEmitCompact Of hoJwkHmac To False
// Generate a 256-bit HMAK key (32 bytes)
Get ComAppendString Of hoJwkHmac "kty" "oct" To iSuccess
// Give the key an optional ID, which can be anything, even strings as simple as "1", "2", etc.
Get ComGenerateUuid Of hoCrypt To sTemp1
Get ComAppendString Of hoJwkHmac "kid" sTemp1 To iSuccess
// Indicate the intended key alg (optional)
Get ComAppendString Of hoJwkHmac "alg" "HS256" To iSuccess
// Generate the actual key bytes
Get ComGenRandom Of hoPrng 32 "base64url" To sTemp1
Get ComAppendString Of hoJwkHmac "k" sTemp1 To iSuccess
Get ComEmit Of hoJwkHmac To sTemp1
Showln sTemp1
// Sample HMAC-256 JWK:
// {
// "kty": "oct",
// "kid": "06c2515d-41fb-e436-e405-3abb361f5f7a",
// "alg": "HS256",
// "k": "wR32w7yiMe5Lhb1vkW2koBpoMxpXTFYuxOYCCIEKjdE"
// }
// ----------------------------------------------
// Now generate a 192-bit (24 byte) key that could be used with AES192GCM
Get Create (RefClass(cComChilkatJsonObject)) To hoJwkAes
If (Not(IsComObjectCreated(hoJwkAes))) Begin
Send CreateComObject of hoJwkAes
End
Set ComEmitCompact Of hoJwkAes To False
Get ComAppendString Of hoJwkAes "kty" "oct" To iSuccess
Get ComAppendString Of hoJwkAes "kid" "2" To iSuccess
Get ComGenRandom Of hoPrng 24 "base64url" To sTemp1
Get ComAppendString Of hoJwkAes "k" sTemp1 To iSuccess
Get ComEmit Of hoJwkAes To sTemp1
Showln sTemp1
// Sample AES key:
// {
// "kty": "oct",
// "kid": "2",
// "k": "akAkq-L_ZTZ6-tEIhDUMtU2ENhsEgL-p"
// }
End_Procedure