|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Validate JWS Using RSASSA-PKCS1-v1_5 SHA-256Validates a JSON Web Signature (JWS) that uses RSASSA-PKCS1-v1_5 SHA-256. Note: This example requires Chilkat v9.5.0.66 or greater.
load ./chilkat.dll # This requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # Note: This example requires Chilkat v9.5.0.66 or greater. # This example takes a JSON signature in compact serialization format, # and uses an RSA public key to validate and recover the protected header and payload. # We only need a public key for signature validation. This is the RSA public key # that is used: # {"kty":"RSA", # "n":"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx # HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs # D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH # SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV # MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8 # NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ", # "e":"AQAB" # } set sbPubKey [new_CkStringBuilder] CkStringBuilder_Append $sbPubKey "{\"kty\":\"RSA\"," CkStringBuilder_Append $sbPubKey "\"n\":\"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx" CkStringBuilder_Append $sbPubKey "HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs" CkStringBuilder_Append $sbPubKey "D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH" CkStringBuilder_Append $sbPubKey "SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV" CkStringBuilder_Append $sbPubKey "MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8" CkStringBuilder_Append $sbPubKey "NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ\"," CkStringBuilder_Append $sbPubKey "\"e\":\"AQAB\"" CkStringBuilder_Append $sbPubKey "}" set pubKey [new_CkPublicKey] set success [CkPublicKey_LoadFromString $pubKey [CkStringBuilder_getAsString $sbPubKey]] if {$success != 1} then { puts [CkPublicKey_lastErrorText $pubKey] delete_CkStringBuilder $sbPubKey delete_CkPublicKey $pubKey exit } set jws [new_CkJws] # Set the RSA public key: set signatureIndex 0 CkJws_SetPublicKey $jws $signatureIndex $pubKey # Load the JWS. set sbJws [new_CkStringBuilder] CkStringBuilder_Append $sbJws "eyJhbGciOiJSUzI1NiJ9" CkStringBuilder_Append $sbJws "." CkStringBuilder_Append $sbJws "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" CkStringBuilder_Append $sbJws "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ" CkStringBuilder_Append $sbJws "." CkStringBuilder_Append $sbJws "cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" CkStringBuilder_Append $sbJws "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" CkStringBuilder_Append $sbJws "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" CkStringBuilder_Append $sbJws "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" CkStringBuilder_Append $sbJws "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" CkStringBuilder_Append $sbJws "p0igcN_IoypGlUPQGe77Rw" set success [CkJws_LoadJwsSb $jws $sbJws] if {$success != 1} then { puts [CkJws_lastErrorText $jws] delete_CkStringBuilder $sbPubKey delete_CkPublicKey $pubKey delete_CkJws $jws delete_CkStringBuilder $sbJws exit } # Validate the 1st (and only) signature at index 0.. set v [CkJws_Validate $jws $signatureIndex] if {$v < 0} then { # Perhaps Chilkat was not unlocked or the trial expired.. puts "Method call failed for some other reason." puts [CkJws_lastErrorText $jws] delete_CkStringBuilder $sbPubKey delete_CkPublicKey $pubKey delete_CkJws $jws delete_CkStringBuilder $sbJws exit } if {$v == 0} then { puts "Invalid signature. The RSA key was incorrect, the JWS was invalid, or both." delete_CkStringBuilder $sbPubKey delete_CkPublicKey $pubKey delete_CkJws $jws delete_CkStringBuilder $sbJws exit } # If we get here, the signature was validated.. puts "Signature validated." puts "--" # Recover the original content: puts "Recovered content:" puts [CkJws_getPayload $jws utf-8] puts "--" # Examine the protected header: # joseHeader is a CkJsonObject set joseHeader [CkJws_GetProtectedHeader $jws $signatureIndex] if {[CkJws_get_LastMethodSuccess $jws] != 1} then { puts "No protected header found at the given index." delete_CkStringBuilder $sbPubKey delete_CkPublicKey $pubKey delete_CkJws $jws delete_CkStringBuilder $sbJws exit } CkJsonObject_put_EmitCompact $joseHeader 0 puts "Protected (JOSE) header:" puts [CkJsonObject_emit $joseHeader] delete_CkJsonObject $joseHeader # Output: # Signature validated. # -- # Recovered content: # {"iss":"joe", # "exp":1300819380, # "http://example.com/is_root":true} # -- # Protected (JOSE) header: # { # "alg": "RS256" # } delete_CkStringBuilder $sbPubKey delete_CkPublicKey $pubKey delete_CkJws $jws delete_CkStringBuilder $sbJws |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.