|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Create JWK Set Containing CertificatesDemonstrates how to create a JWK Set containing N certificates.
load ./chilkat.dll # This example creates the following JWK Set from two certificates: # { # "keys": [ # { # "kty": "RSA", # "use": "sig", # "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw", # "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw", # "n": "nYf1jpn7cFdQ...9Iw", # "e": "AQAB", # "x5c": [ # "MIIDBTCCAe2...Z+NTZo" # ] # }, # { # "kty": "RSA", # "use": "sig", # "kid": "M6pX7RHoraLsprfJeRCjSxuURhc", # "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc", # "n": "xHScZMPo8F...EO4QQ", # "e": "AQAB", # "x5c": [ # "MIIC8TCCAdmgA...Vt5432GA==" # ] # } # ] # } # First get two certificates from files. set cert1 [new_CkCert] set success [CkCert_LoadFromFile $cert1 "qa_data/certs/brasil_cert.pem"] if {$success != 1} then { puts [CkCert_lastErrorText $cert1] delete_CkCert $cert1 exit } set cert2 [new_CkCert] set success [CkCert_LoadFromFile $cert2 "qa_data/certs/testCert.cer"] if {$success != 1} then { puts [CkCert_lastErrorText $cert2] delete_CkCert $cert1 delete_CkCert $cert2 exit } # We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64. set crypt [new_CkCrypt2] set json [new_CkJsonObject] # Let's begin with the 1st cert: CkJsonObject_put_I $json 0 CkJsonObject_UpdateString $json "keys[i].kty" "RSA" CkJsonObject_UpdateString $json "keys[i].use" "sig" set hexThumbprint [CkCert_sha1Thumbprint $cert1] set base64Thumbprint [CkCrypt2_reEncode $crypt $hexThumbprint "hex" "base64"] CkJsonObject_UpdateString $json "keys[i].kid" $base64Thumbprint CkJsonObject_UpdateString $json "keys[i].x5t" $base64Thumbprint # (We're assuming these are RSA certificates) # To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK. # pubKey is a CkPublicKey set pubKey [CkCert_ExportPublicKey $cert1] set pubKeyJwk [new_CkJsonObject] CkJsonObject_Load $pubKeyJwk [CkPublicKey_getJwk $pubKey] delete_CkPublicKey $pubKey CkJsonObject_UpdateString $json "keys[i].n" [CkJsonObject_stringOf $pubKeyJwk "n"] CkJsonObject_UpdateString $json "keys[i].e" [CkJsonObject_stringOf $pubKeyJwk "e"] # Now add the entire X.509 certificate CkJsonObject_UpdateString $json "keys[i].x5c[0]" [CkCert_getEncoded $cert1] # Now do the same for cert2.. CkJsonObject_put_I $json 1 CkJsonObject_UpdateString $json "keys[i].kty" "RSA" CkJsonObject_UpdateString $json "keys[i].use" "sig" set hexThumbprint [CkCert_sha1Thumbprint $cert2] set base64Thumbprint [CkCrypt2_reEncode $crypt $hexThumbprint "hex" "base64"] CkJsonObject_UpdateString $json "keys[i].kid" $base64Thumbprint CkJsonObject_UpdateString $json "keys[i].x5t" $base64Thumbprint set pubKey [CkCert_ExportPublicKey $cert2] CkJsonObject_Load $pubKeyJwk [CkPublicKey_getJwk $pubKey] delete_CkPublicKey $pubKey CkJsonObject_UpdateString $json "keys[i].n" [CkJsonObject_stringOf $pubKeyJwk "n"] CkJsonObject_UpdateString $json "keys[i].e" [CkJsonObject_stringOf $pubKeyJwk "e"] # Now add the entire X.509 certificate CkJsonObject_UpdateString $json "keys[i].x5c[0]" [CkCert_getEncoded $cert2] # Emit the JSON.. CkJsonObject_put_EmitCompact $json 0 puts [CkJsonObject_emit $json] delete_CkCert $cert1 delete_CkCert $cert2 delete_CkCrypt2 $crypt delete_CkJsonObject $json delete_CkJsonObject $pubKeyJwk |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.