Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Unicode C) Validate JWS Using RSASSA-PKCS1-v1_5 SHA-256Validates a JSON Web Signature (JWS) that uses RSASSA-PKCS1-v1_5 SHA-256. Note: This example requires Chilkat v9.5.0.66 or greater.
#include <C_CkStringBuilderW.h> #include <C_CkPublicKeyW.h> #include <C_CkJwsW.h> #include <C_CkJsonObjectW.h> void ChilkatSample(void) { HCkStringBuilderW sbPubKey; HCkPublicKeyW pubKey; BOOL success; HCkJwsW jws; int signatureIndex; HCkStringBuilderW sbJws; int v; HCkJsonObjectW joseHeader; // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: This example requires Chilkat v9.5.0.66 or greater. // This example takes a JSON signature in compact serialization format, // and uses an RSA public key to validate and recover the protected header and payload. // We only need a public key for signature validation. This is the RSA public key // that is used: // {"kty":"RSA", // "n":"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx // HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs // D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH // SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV // MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8 // NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ", // "e":"AQAB" // } sbPubKey = CkStringBuilderW_Create(); CkStringBuilderW_Append(sbPubKey,L"{\"kty\":\"RSA\","); CkStringBuilderW_Append(sbPubKey,L"\"n\":\"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx"); CkStringBuilderW_Append(sbPubKey,L"HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs"); CkStringBuilderW_Append(sbPubKey,L"D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH"); CkStringBuilderW_Append(sbPubKey,L"SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV"); CkStringBuilderW_Append(sbPubKey,L"MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8"); CkStringBuilderW_Append(sbPubKey,L"NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ\","); CkStringBuilderW_Append(sbPubKey,L"\"e\":\"AQAB\""); CkStringBuilderW_Append(sbPubKey,L"}"); pubKey = CkPublicKeyW_Create(); success = CkPublicKeyW_LoadFromString(pubKey,CkStringBuilderW_getAsString(sbPubKey)); if (success != TRUE) { wprintf(L"%s\n",CkPublicKeyW_lastErrorText(pubKey)); CkStringBuilderW_Dispose(sbPubKey); CkPublicKeyW_Dispose(pubKey); return; } jws = CkJwsW_Create(); // Set the RSA public key: signatureIndex = 0; CkJwsW_SetPublicKey(jws,signatureIndex,pubKey); // Load the JWS. sbJws = CkStringBuilderW_Create(); CkStringBuilderW_Append(sbJws,L"eyJhbGciOiJSUzI1NiJ9"); CkStringBuilderW_Append(sbJws,L"."); CkStringBuilderW_Append(sbJws,L"eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt"); CkStringBuilderW_Append(sbJws,L"cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"); CkStringBuilderW_Append(sbJws,L"."); CkStringBuilderW_Append(sbJws,L"cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7"); CkStringBuilderW_Append(sbJws,L"AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4"); CkStringBuilderW_Append(sbJws,L"BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K"); CkStringBuilderW_Append(sbJws,L"0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv"); CkStringBuilderW_Append(sbJws,L"hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB"); CkStringBuilderW_Append(sbJws,L"p0igcN_IoypGlUPQGe77Rw"); success = CkJwsW_LoadJwsSb(jws,sbJws); if (success != TRUE) { wprintf(L"%s\n",CkJwsW_lastErrorText(jws)); CkStringBuilderW_Dispose(sbPubKey); CkPublicKeyW_Dispose(pubKey); CkJwsW_Dispose(jws); CkStringBuilderW_Dispose(sbJws); return; } // Validate the 1st (and only) signature at index 0.. v = CkJwsW_Validate(jws,signatureIndex); if (v < 0) { // Perhaps Chilkat was not unlocked or the trial expired.. wprintf(L"Method call failed for some other reason.\n"); wprintf(L"%s\n",CkJwsW_lastErrorText(jws)); CkStringBuilderW_Dispose(sbPubKey); CkPublicKeyW_Dispose(pubKey); CkJwsW_Dispose(jws); CkStringBuilderW_Dispose(sbJws); return; } if (v == 0) { wprintf(L"Invalid signature. The RSA key was incorrect, the JWS was invalid, or both.\n"); CkStringBuilderW_Dispose(sbPubKey); CkPublicKeyW_Dispose(pubKey); CkJwsW_Dispose(jws); CkStringBuilderW_Dispose(sbJws); return; } // If we get here, the signature was validated.. wprintf(L"Signature validated.\n"); wprintf(L"--\n"); // Recover the original content: wprintf(L"Recovered content:\n"); wprintf(L"%s\n",CkJwsW_getPayload(jws,L"utf-8")); wprintf(L"--\n"); // Examine the protected header: joseHeader = CkJwsW_GetProtectedHeader(jws,signatureIndex); if (CkJwsW_getLastMethodSuccess(jws) != TRUE) { wprintf(L"No protected header found at the given index.\n"); CkStringBuilderW_Dispose(sbPubKey); CkPublicKeyW_Dispose(pubKey); CkJwsW_Dispose(jws); CkStringBuilderW_Dispose(sbJws); return; } CkJsonObjectW_putEmitCompact(joseHeader,FALSE); wprintf(L"Protected (JOSE) header:\n"); wprintf(L"%s\n",CkJsonObjectW_emit(joseHeader)); CkJsonObjectW_Dispose(joseHeader); // Output: // Signature validated. // -- // Recovered content: // {"iss":"joe", // "exp":1300819380, // "http://example.com/is_root":true} // -- // Protected (JOSE) header: // { // "alg": "RS256" // } CkStringBuilderW_Dispose(sbPubKey); CkPublicKeyW_Dispose(pubKey); CkJwsW_Dispose(jws); CkStringBuilderW_Dispose(sbJws); } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.