Ruby
Ruby
Create JWK Set Containing Certificates
See more Certificates Examples
Demonstrates how to create a JWK Set containing N certificates.Chilkat Ruby Downloads
require 'chilkat'
success = false
# This example creates the following JWK Set from two certificates:
# {
# "keys": [
# {
# "kty": "RSA",
# "use": "sig",
# "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
# "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
# "n": "nYf1jpn7cFdQ...9Iw",
# "e": "AQAB",
# "x5c": [
# "MIIDBTCCAe2...Z+NTZo"
# ]
# },
# {
# "kty": "RSA",
# "use": "sig",
# "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
# "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
# "n": "xHScZMPo8F...EO4QQ",
# "e": "AQAB",
# "x5c": [
# "MIIC8TCCAdmgA...Vt5432GA=="
# ]
# }
# ]
# }
# First get two certificates from files.
cert1 = Chilkat::CkCert.new()
success = cert1.LoadFromFile("qa_data/certs/brasil_cert.pem")
if (success == false)
print cert1.lastErrorText() + "\n";
exit
end
cert2 = Chilkat::CkCert.new()
success = cert2.LoadFromFile("qa_data/certs/testCert.cer")
if (success == false)
print cert2.lastErrorText() + "\n";
exit
end
# We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
crypt = Chilkat::CkCrypt2.new()
json = Chilkat::CkJsonObject.new()
# Let's begin with the 1st cert:
json.put_I(0)
json.UpdateString("keys[i].kty","RSA")
json.UpdateString("keys[i].use","sig")
hexThumbprint = cert1.sha1Thumbprint()
base64Thumbprint = crypt.reEncode(hexThumbprint,"hex","base64")
json.UpdateString("keys[i].kid",base64Thumbprint)
json.UpdateString("keys[i].x5t",base64Thumbprint)
# (We're assuming these are RSA certificates)
# To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
pubKey = Chilkat::CkPublicKey.new()
cert1.GetPublicKey(pubKey)
pubKeyJwk = Chilkat::CkJsonObject.new()
pubKeyJwk.Load(pubKey.getJwk())
json.UpdateString("keys[i].n",pubKeyJwk.stringOf("n"))
json.UpdateString("keys[i].e",pubKeyJwk.stringOf("e"))
# Now add the entire X.509 certificate
json.UpdateString("keys[i].x5c[0]",cert1.getEncoded())
# Now do the same for cert2..
json.put_I(1)
json.UpdateString("keys[i].kty","RSA")
json.UpdateString("keys[i].use","sig")
hexThumbprint = cert2.sha1Thumbprint()
base64Thumbprint = crypt.reEncode(hexThumbprint,"hex","base64")
json.UpdateString("keys[i].kid",base64Thumbprint)
json.UpdateString("keys[i].x5t",base64Thumbprint)
cert2.GetPublicKey(pubKey)
pubKeyJwk.Load(pubKey.getJwk())
json.UpdateString("keys[i].n",pubKeyJwk.stringOf("n"))
json.UpdateString("keys[i].e",pubKeyJwk.stringOf("e"))
# Now add the entire X.509 certificate
json.UpdateString("keys[i].x5c[0]",cert2.getEncoded())
# Emit the JSON..
json.put_EmitCompact(false)
print json.emit() + "\n";