|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) Validate a JWS Using ECDSA P-256 SHA-256Validates a JSON Web Signature (JWS) that uses ECDSA P-256 SHA-256 Note: This example requires Chilkat v9.5.0.66 or greater.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int DECLARE @iTmp0 int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. -- Note: This example requires Chilkat v9.5.0.66 or greater. -- This example takes a JSON signature in compact serialization format, -- and uses an ECDSA public key to validate and recover the protected header and payload. -- We only need a public key for signature validation. This is the ECDSA public key -- that is used: -- {"kty":"EC", -- "crv":"P-256", -- "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU", -- "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0" -- } DECLARE @sbPubKey int -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbPubKey OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END DECLARE @success int EXEC sp_OAMethod @sbPubKey, 'Append', @success OUT, '{"kty":"EC",' EXEC sp_OAMethod @sbPubKey, 'Append', @success OUT, '"crv":"P-256",' EXEC sp_OAMethod @sbPubKey, 'Append', @success OUT, '"x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU",' EXEC sp_OAMethod @sbPubKey, 'Append', @success OUT, '"y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0"' EXEC sp_OAMethod @sbPubKey, 'Append', @success OUT, '}' DECLARE @pubKey int -- Use "Chilkat_9_5_0.PublicKey" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubKey OUT DECLARE @success int EXEC sp_OAMethod @sbPubKey, 'GetAsString', @sTmp0 OUT EXEC sp_OAMethod @pubKey, 'LoadFromString', @success OUT, @sTmp0 IF @success <> 1 BEGIN EXEC sp_OAGetProperty @pubKey, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @sbPubKey EXEC @hr = sp_OADestroy @pubKey RETURN END DECLARE @jws int -- Use "Chilkat_9_5_0.Jws" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Jws', @jws OUT -- Set the ECC public key: DECLARE @signatureIndex int SELECT @signatureIndex = 0 EXEC sp_OAMethod @jws, 'SetPublicKey', @success OUT, @signatureIndex, @pubKey -- Load the JWS. DECLARE @sbJws int -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbJws OUT EXEC sp_OAMethod @sbJws, 'Append', @success OUT, 'eyJhbGciOiJFUzI1NiJ9' EXEC sp_OAMethod @sbJws, 'Append', @success OUT, '.' EXEC sp_OAMethod @sbJws, 'Append', @success OUT, 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt' EXEC sp_OAMethod @sbJws, 'Append', @success OUT, 'cGxlLmNvbS9pc19yb290Ijp0cnVlfQ' EXEC sp_OAMethod @sbJws, 'Append', @success OUT, '.' EXEC sp_OAMethod @sbJws, 'Append', @success OUT, 'DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSA' EXEC sp_OAMethod @sbJws, 'Append', @success OUT, 'pmWQxfKTUJqPP3-Kg6NU1Q' EXEC sp_OAMethod @jws, 'LoadJwsSb', @success OUT, @sbJws IF @success <> 1 BEGIN EXEC sp_OAGetProperty @jws, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @sbPubKey EXEC @hr = sp_OADestroy @pubKey EXEC @hr = sp_OADestroy @jws EXEC @hr = sp_OADestroy @sbJws RETURN END -- Validate the 1st (and only) signature at index 0.. DECLARE @v int EXEC sp_OAMethod @jws, 'Validate', @v OUT, @signatureIndex IF @v < 0 BEGIN -- Perhaps Chilkat was not unlocked or the trial expired.. PRINT 'Method call failed for some other reason.' EXEC sp_OAGetProperty @jws, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @sbPubKey EXEC @hr = sp_OADestroy @pubKey EXEC @hr = sp_OADestroy @jws EXEC @hr = sp_OADestroy @sbJws RETURN END IF @v = 0 BEGIN PRINT 'Invalid signature. The ECC key was incorrect, the JWS was invalid, or both.' EXEC @hr = sp_OADestroy @sbPubKey EXEC @hr = sp_OADestroy @pubKey EXEC @hr = sp_OADestroy @jws EXEC @hr = sp_OADestroy @sbJws RETURN END -- If we get here, the signature was validated.. PRINT 'Signature validated.' PRINT '--' -- Recover the original content: PRINT 'Recovered content:' EXEC sp_OAMethod @jws, 'GetPayload', @sTmp0 OUT, 'utf-8' PRINT @sTmp0 PRINT '--' -- Examine the protected header: DECLARE @joseHeader int EXEC sp_OAMethod @jws, 'GetProtectedHeader', @joseHeader OUT, @signatureIndex EXEC sp_OAGetProperty @jws, 'LastMethodSuccess', @iTmp0 OUT IF @iTmp0 <> 1 BEGIN PRINT 'No protected header found at the given index.' EXEC @hr = sp_OADestroy @sbPubKey EXEC @hr = sp_OADestroy @pubKey EXEC @hr = sp_OADestroy @jws EXEC @hr = sp_OADestroy @sbJws RETURN END EXEC sp_OASetProperty @joseHeader, 'EmitCompact', 0 PRINT 'Protected (JOSE) header:' EXEC sp_OAMethod @joseHeader, 'Emit', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @joseHeader -- Output: -- Signature validated. -- -- -- Recovered content: -- {"iss":"joe", -- "exp":1300819380, -- "http://example.com/is_root":true} -- -- -- Protected (JOSE) header: -- { -- "alg": "ES256" -- } EXEC @hr = sp_OADestroy @sbPubKey EXEC @hr = sp_OADestroy @pubKey EXEC @hr = sp_OADestroy @jws EXEC @hr = sp_OADestroy @sbJws END GO |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.