SQL Server
SQL Server
Load a JWK Set into a JCEKS (Convert JWK Set to JCEKS)
See more Java KeyStore (JKS) Examples
Demonstrates how to convert JSON Web Key Sets to JCEKS format.This example uses the JWK sample files that you may download from Sample JWK Sets
This example requires Chilkat v9.5.0.66 or greater.
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @jceks int
EXEC @hr = sp_OACreate 'Chilkat.JavaKeyStore', @jceks OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- First load the following JWK Set (found in secretKeys.json)
-- {
-- "keys": [
-- {
-- "kty": "oct",
-- "alg": "AES",
-- "k": "vHekQQB0Gc1NvppapUTW2g",
-- "kid": "my aes key"
-- },
-- {
-- "kty": "oct",
-- "alg": "BLOWFISH",
-- "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
-- "kid": "my blowfish key"
-- },
-- {
-- "kty": "oct",
-- "alg": "HMAC_SHA256",
-- "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
-- "kid": "my hmac key"
-- },
-- {
-- "kty": "oct",
-- "alg": "CHACHA",
-- "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
-- "kid": "my chacha20 key"
-- }
-- ]
-- }
DECLARE @jwkSet int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jwkSet OUT
EXEC sp_OAMethod @jwkSet, 'LoadFile', @success OUT, 'qa_data/jwk/secretKeys.json'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @jwkSet, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
RETURN
END
-- The password is applied to each of the keys in the set.
-- (It is the password that will be required to access the item after the JCEKS is opened.)
DECLARE @password nvarchar(4000)
SELECT @password = 'secret'
EXEC sp_OAMethod @jceks, 'LoadJwkSet', @success OUT, @password, @jwkSet
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @jceks, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
RETURN
END
-- Write the JCEKS to a file, then examine with a tool such as the KeyStore Explorer
-- to verify that all is OK. (The "kid" becomes the alias of each key.)
DECLARE @filePassword nvarchar(4000)
SELECT @filePassword = 'secret2'
EXEC sp_OAMethod @jceks, 'ToFile', @success OUT, @filePassword, 'qa_output/secretKeys.jceks'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @jceks, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
RETURN
END
-- -------------------------------------------------------------------------
-- Now load a JWK Set that contains one ECC private key (and certs)
-- This is the JSON that is loaded from ecc_jwkset.json:
-- {
-- "keys": [
-- {
-- "kty": "EC",
-- "crv": "P-384",
-- "x": "uB62JGMJKXnp1PNsOOIYKGhrzfLev3O-UuthL6UzEqNNDTd8dEYMUQP_DTS3qk98",
-- "y": "gyQEFxdmZUsPF0fFokkZZ1cV6z7QD3MsPvSjrBzB0GUB3r8CLnDK_F4pF2Q995hr",
-- "d": "ugTy2ZpuQqv1uQyLSgz1SPRvngzrd5vLyzU2ICaJd25zZRIxxlNR-uFo9UWC6llt",
-- "kid": "my_ecc_key",
-- "x5c": [
-- "MIICzjCCAlOgAwIBAgIETULS8zAKBggqhkjOPQQDAzBtMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEfMB0GA1UECxMWRm9yIFRlc3QgUHVycG9zZXMgT25seTElMCMGA1UEAxMcRW50cnVzdCBFQ0MgRGVtb25zdHJhdGlvbiBDQTAeFw0xNjAzMTgxMjM5MzFaFw0xNjA1MTcxMzA5MzFaMFgxHzAdBgNVBAsTFkZvciBUZXN0IFB1cnBvc2VzIE9ubHkxHTAbBgNVBAsTFFBlcnNvbmEgTm90IFZlcmlmaWVkMRYwFAYDVQQDEw1DaGlsa2F0IEFkbWluMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEuB62JGMJKXnp1PNsOOIYKGhrzfLev3O+UuthL6UzEqNNDTd8dEYMUQP/DTS3qk98gyQEFxdmZUsPF0fFokkZZ1cV6z7QD3MsPvSjrBzB0GUB3r8CLnDK/F4pF2Q995hro4HYMIHVMA4GA1UdDwEB/wQEAwIDiDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5lbnRydXN0LmNvbS9DUkwvZWNjZGVtby5jcmwwIAYDVR0RBBkwF4EVYWRtaW5AY2hpbGthdHNvZnQuY29tMB8GA1UdIwQYMBaAFCQFS+Fkghr4Ccz7eHkh+nDmkzLqMB0GA1UdDgQWBBTB82fmvrdG2iX5uS/agVW3L4DisjAJBgNVHRMEAjAAMAoGCCqGSM49BAMDA2kAMGYCMQCHILghMprWoYPEp9mCE+tpVE7vYwkFV3m0RDzT2BSUezL8Ky78XNk+XPqSB2biT70CMQDCase1oaPY4AxCmjB+rEB1ir+QS8mrtF+iCSqHVv1aIxT6abQL57BZSdvwIm/TT8o=",
-- "MIICljCCAhugAwIBAgIETUHhezAKBggqhkjOPQQDAzBtMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEfMB0GA1UECxMWRm9yIFRlc3QgUHVycG9zZXMgT25seTElMCMGA1UEAxMcRW50cnVzdCBFQ0MgRGVtb25zdHJhdGlvbiBDQTAeFw0xMTAxMjcyMDQ5NTRaFw0zNjAxMjcyMTE5NTRaMG0xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMR8wHQYDVQQLExZGb3IgVGVzdCBQdXJwb3NlcyBPbmx5MSUwIwYDVQQDExxFbnRydXN0IEVDQyBEZW1vbnN0cmF0aW9uIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEhCWBpuJuzvRtQyibkcbCj7EkcwAqS2EqRQ/QntroTdRM2SssEN4TruTxtwcY/7lR64L6Tfjz3+ujrfjNFss3EWVpUlbOJ+xHC3xHPteNyAGZtHbZO3tVuhP6yX6dFqCCo4GLMIGIMCsGA1UdEAQkMCKADzIwMTEwMTI3MjA0OTU0WoEPMjAzNjAxMjcyMTE5NTRaMAsGA1UdDwQEAwIBBjAfBgNVHSMEGDAWgBQkBUvhZIIa+AnM+3h5Ifpw5pMy6jAdBgNVHQ4EFgQUJAVL4WSCGvgJzPt4eSH6cOaTMuowDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAwNpADBmAjEAyAhA70OIb6lbfN6kOTQloHyCLmihNK+PT5wOuaMR//KSQP2c/H18YhDYnlwMxF9fAjEA0URaJOXMF0qwdvS2rm7N5PWMLc/4BbeOZyZ94XJiG5u96iTgp6N9JI0MMmCQE87N"
-- ]
-- }
-- ]
-- }
EXEC sp_OAMethod @jwkSet, 'LoadFile', @success OUT, 'qa_data/jwk/ecc_jwkset.json'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @jwkSet, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
RETURN
END
SELECT @password = 'secret'
EXEC sp_OAMethod @jceks, 'LoadJwkSet', @success OUT, @password, @jwkSet
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @jceks, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
RETURN
END
SELECT @filePassword = 'secret2'
EXEC sp_OAMethod @jceks, 'ToFile', @success OUT, @filePassword, 'qa_output/ecc.jceks'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @jceks, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
RETURN
END
PRINT 'Success.'
EXEC @hr = sp_OADestroy @jceks
EXEC @hr = sp_OADestroy @jwkSet
END
GO