Objective-C
Objective-C
Get ETK Public Key (api-acpt.ehealth.fgov.be)
See more Belgian eHealth Platform Examples
The following URL returns JSON, which contains a PKCS7 signed data:https://api-acpt.ehealth.fgov.be/etee/v1/etks?identifier=12345678901&type=SSIN
This example extracts the signed data, validates it, and then extracts the public key from the certificate (obtained from signed content in the PKCS7)
Note: The URL above uses "12345678901" which is not valid. You should replace it with a valid number.
Chilkat Objective-C Downloads
#import <CkoHttp.h>
#import <NSString.h>
#import <CkoJsonArray.h>
#import <CkoJsonObject.h>
#import <CkoBinData.h>
#import <CkoCrypt2.h>
#import <CkoCert.h>
#import <CkoPublicKey.h>
BOOL success = NO;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkoHttp *http = [[CkoHttp alloc] init];
NSString *jsonStr = [http QuickGetStr: @"https://api-acpt.ehealth.fgov.be/etee/v1/etks?identifier=12345678901&type=SSIN"];
if (http.LastMethodSuccess == NO) {
NSLog(@"%@",http.LastErrorText);
return;
}
NSLog(@"%@",jsonStr);
// The JSON contains something like this:
// [
// {
// "key": {
// "applicationIdentifier": "",
// "ssin": "12345678901"
// },
// "value": "MIAGCSq....AAAAAAAA=="
// }
// ]
// Note: The above is a JSON array (not a JSON object)
// It should be loaded into a Chilkat JSON array.
CkoJsonArray *jarr = [[CkoJsonArray alloc] init];
success = [jarr Load: jsonStr];
if (success == NO) {
NSLog(@"%@",@"Failed to load JSON.");
return;
}
CkoJsonObject *json = [jarr ObjectAt: [NSNumber numberWithInt: 0]];
CkoBinData *bdPkcs7 = [[CkoBinData alloc] init];
[bdPkcs7 AppendEncoded: [json StringOf: @"value"] encoding: @"base64"];
// Let's verify the PKCS7, and then examine the signing cert,
// and get the signing cert's public key.
CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
// Validate the signedData PKCS7, and replace the contents of bdPkcs7 with the extracted signed content.
success = [crypt OpaqueVerifyBd: bdPkcs7];
if (success == NO) {
NSLog(@"%@",crypt.LastErrorText);
return;
}
// The signed content is the DER of a certificate.
// In other words, bdPkcs7 now contains a certificate.
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadFromBd: bdPkcs7];
if (success == NO) {
NSLog(@"%@",cert.LastErrorText);
return;
}
// Show some certificate information:
NSLog(@"%@%@",@"Subject: ",cert.SubjectDN);
NSLog(@"%@%@",@"Serial: ",cert.SerialNumber);
NSLog(@"%@%@",@"Issuer: ",cert.IssuerDN);
// Let's get the cert's public key...
CkoPublicKey *pubKey = [[CkoPublicKey alloc] init];
[cert GetPublicKey: pubKey];
// OK, you now have the public key and can do whatever is needed..
NSLog(@"%@",pubKey.KeyType);
NSLog(@"%d",[pubKey.KeySize intValue]);