|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Objective-C) Validate a JWS Using ECDSA P-521 SHA-512Validates a JSON Web Signature (JWS) that uses ECDSA P-521 SHA-512 Note: This example requires Chilkat v9.5.0.66 or greater.
#import <CkoStringBuilder.h> #import <CkoPublicKey.h> #import <CkoJws.h> #import <CkoJsonObject.h> // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: This example requires Chilkat v9.5.0.66 or greater. // This example takes a JSON signature in compact serialization format, // and uses an ECDSA public key to validate and recover the protected header and payload. // We only need a public key for signature validation. This is the ECDSA public key // that is used: // {"kty":"EC", // "crv":"P-521", // "x":"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk", // "y":"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2" // } CkoStringBuilder *sbPubKey = [[CkoStringBuilder alloc] init]; [sbPubKey Append: @"{\"kty\":\"EC\","]; [sbPubKey Append: @"\"crv\":\"P-521\","]; [sbPubKey Append: @"\"x\":\"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk\","]; [sbPubKey Append: @"\"y\":\"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2\""]; [sbPubKey Append: @"}"]; CkoPublicKey *pubKey = [[CkoPublicKey alloc] init]; BOOL success = [pubKey LoadFromString: [sbPubKey GetAsString]]; if (success != YES) { NSLog(@"%@",pubKey.LastErrorText); return; } CkoJws *jws = [[CkoJws alloc] init]; // Set the ECC public key: int signatureIndex = 0; [jws SetPublicKey: [NSNumber numberWithInt: signatureIndex] pubKey: pubKey]; // Load the JWS. CkoStringBuilder *sbJws = [[CkoStringBuilder alloc] init]; [sbJws Append: @"eyJhbGciOiJFUzUxMiJ9"]; [sbJws Append: @"."]; [sbJws Append: @"UGF5bG9hZA"]; [sbJws Append: @"."]; [sbJws Append: @"AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZq"]; [sbJws Append: @"wqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8Kp"]; [sbJws Append: @"EHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn"]; success = [jws LoadJwsSb: sbJws]; if (success != YES) { NSLog(@"%@",jws.LastErrorText); return; } // Validate the 1st (and only) signature at index 0.. int v = [[jws Validate: [NSNumber numberWithInt: signatureIndex]] intValue]; if (v < 0) { // Perhaps Chilkat was not unlocked or the trial expired.. NSLog(@"%@",@"Method call failed for some other reason."); NSLog(@"%@",jws.LastErrorText); return; } if (v == 0) { NSLog(@"%@",@"Invalid signature. The ECC key was incorrect, the JWS was invalid, or both."); return; } // If we get here, the signature was validated.. NSLog(@"%@",@"Signature validated."); NSLog(@"%@",@"--"); // Recover the original content: NSLog(@"%@",@"Recovered content:"); NSLog(@"%@",[jws GetPayload: @"utf-8"]); NSLog(@"%@",@"--"); // Examine the protected header: CkoJsonObject *joseHeader = [jws GetProtectedHeader: [NSNumber numberWithInt: signatureIndex]]; if (jws.LastMethodSuccess != YES) { NSLog(@"%@",@"No protected header found at the given index."); return; } joseHeader.EmitCompact = NO; NSLog(@"%@",@"Protected (JOSE) header:"); NSLog(@"%@",[joseHeader Emit]); // Output: // (the string "Payload" was the content that was signed.) // Signature validated. // -- // Recovered content: // Payload // -- // Protected (JOSE) header: // { // "alg": "ES512" // } |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.