Unicode C
Unicode C
Get ETK Public Key (api-acpt.ehealth.fgov.be)
See more Belgian eHealth Platform Examples
The following URL returns JSON, which contains a PKCS7 signed data:https://api-acpt.ehealth.fgov.be/etee/v1/etks?identifier=12345678901&type=SSIN
This example extracts the signed data, validates it, and then extracts the public key from the certificate (obtained from signed content in the PKCS7)
Note: The URL above uses "12345678901" which is not valid. You should replace it with a valid number.
Chilkat Unicode C Downloads
#include <C_CkHttpW.h>
#include <C_CkJsonArrayW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkBinDataW.h>
#include <C_CkCrypt2W.h>
#include <C_CkCertW.h>
#include <C_CkPublicKeyW.h>
void ChilkatSample(void)
{
BOOL success;
HCkHttpW http;
const wchar_t *jsonStr;
HCkJsonArrayW jarr;
HCkJsonObjectW json;
HCkBinDataW bdPkcs7;
HCkCrypt2W crypt;
HCkCertW cert;
HCkPublicKeyW pubKey;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
http = CkHttpW_Create();
jsonStr = CkHttpW_quickGetStr(http,L"https://api-acpt.ehealth.fgov.be/etee/v1/etks?identifier=12345678901&type=SSIN");
if (CkHttpW_getLastMethodSuccess(http) == FALSE) {
wprintf(L"%s\n",CkHttpW_lastErrorText(http));
CkHttpW_Dispose(http);
return;
}
wprintf(L"%s\n",jsonStr);
// The JSON contains something like this:
// [
// {
// "key": {
// "applicationIdentifier": "",
// "ssin": "12345678901"
// },
// "value": "MIAGCSq....AAAAAAAA=="
// }
// ]
// Note: The above is a JSON array (not a JSON object)
// It should be loaded into a Chilkat JSON array.
jarr = CkJsonArrayW_Create();
success = CkJsonArrayW_Load(jarr,jsonStr);
if (success == FALSE) {
wprintf(L"Failed to load JSON.\n");
CkHttpW_Dispose(http);
CkJsonArrayW_Dispose(jarr);
return;
}
json = CkJsonArrayW_ObjectAt(jarr,0);
bdPkcs7 = CkBinDataW_Create();
CkBinDataW_AppendEncoded(bdPkcs7,CkJsonObjectW_stringOf(json,L"value"),L"base64");
CkJsonObjectW_Dispose(json);
// Let's verify the PKCS7, and then examine the signing cert,
// and get the signing cert's public key.
crypt = CkCrypt2W_Create();
// Validate the signedData PKCS7, and replace the contents of bdPkcs7 with the extracted signed content.
success = CkCrypt2W_OpaqueVerifyBd(crypt,bdPkcs7);
if (success == FALSE) {
wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
CkHttpW_Dispose(http);
CkJsonArrayW_Dispose(jarr);
CkBinDataW_Dispose(bdPkcs7);
CkCrypt2W_Dispose(crypt);
return;
}
// The signed content is the DER of a certificate.
// In other words, bdPkcs7 now contains a certificate.
cert = CkCertW_Create();
success = CkCertW_LoadFromBd(cert,bdPkcs7);
if (success == FALSE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
CkHttpW_Dispose(http);
CkJsonArrayW_Dispose(jarr);
CkBinDataW_Dispose(bdPkcs7);
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
return;
}
// Show some certificate information:
wprintf(L"Subject: %s\n",CkCertW_subjectDN(cert));
wprintf(L"Serial: %s\n",CkCertW_serialNumber(cert));
wprintf(L"Issuer: %s\n",CkCertW_issuerDN(cert));
// Let's get the cert's public key...
pubKey = CkPublicKeyW_Create();
CkCertW_GetPublicKey(cert,pubKey);
// OK, you now have the public key and can do whatever is needed..
wprintf(L"%s\n",CkPublicKeyW_keyType(pubKey));
wprintf(L"%d\n",CkPublicKeyW_getKeySize(pubKey));
CkHttpW_Dispose(http);
CkJsonArrayW_Dispose(jarr);
CkBinDataW_Dispose(bdPkcs7);
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
CkPublicKeyW_Dispose(pubKey);
}