Unicode C++
Unicode C++
Create JWK Set Containing Certificates
See more Certificates Examples
Demonstrates how to create a JWK Set containing N certificates.Chilkat Unicode C++ Downloads
#include <CkCertW.h>
#include <CkCrypt2W.h>
#include <CkJsonObjectW.h>
#include <CkPublicKeyW.h>
void ChilkatSample(void)
{
bool success = false;
// This example creates the following JWK Set from two certificates:
// {
// "keys": [
// {
// "kty": "RSA",
// "use": "sig",
// "kid": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
// "x5t": "BB8CeFVqyaGrGNuehJIiL4dfjzw",
// "n": "nYf1jpn7cFdQ...9Iw",
// "e": "AQAB",
// "x5c": [
// "MIIDBTCCAe2...Z+NTZo"
// ]
// },
// {
// "kty": "RSA",
// "use": "sig",
// "kid": "M6pX7RHoraLsprfJeRCjSxuURhc",
// "x5t": "M6pX7RHoraLsprfJeRCjSxuURhc",
// "n": "xHScZMPo8F...EO4QQ",
// "e": "AQAB",
// "x5c": [
// "MIIC8TCCAdmgA...Vt5432GA=="
// ]
// }
// ]
// }
// First get two certificates from files.
CkCertW cert1;
success = cert1.LoadFromFile(L"qa_data/certs/brasil_cert.pem");
if (success == false) {
wprintf(L"%s\n",cert1.lastErrorText());
return;
}
CkCertW cert2;
success = cert2.LoadFromFile(L"qa_data/certs/testCert.cer");
if (success == false) {
wprintf(L"%s\n",cert2.lastErrorText());
return;
}
// We'll need this crypt object re-encode the SHA1 thumbprint from hex to base64.
CkCrypt2W crypt;
CkJsonObjectW json;
// Let's begin with the 1st cert:
json.put_I(0);
json.UpdateString(L"keys[i].kty",L"RSA");
json.UpdateString(L"keys[i].use",L"sig");
const wchar_t *hexThumbprint = cert1.sha1Thumbprint();
const wchar_t *base64Thumbprint = crypt.reEncode(hexThumbprint,L"hex",L"base64");
json.UpdateString(L"keys[i].kid",base64Thumbprint);
json.UpdateString(L"keys[i].x5t",base64Thumbprint);
// (We're assuming these are RSA certificates)
// To get the modulus (n) and exponent (e), we need to get the cert's public key and then get its JWK.
CkPublicKeyW pubKey;
cert1.GetPublicKey(pubKey);
CkJsonObjectW pubKeyJwk;
pubKeyJwk.Load(pubKey.getJwk());
json.UpdateString(L"keys[i].n",pubKeyJwk.stringOf(L"n"));
json.UpdateString(L"keys[i].e",pubKeyJwk.stringOf(L"e"));
// Now add the entire X.509 certificate
json.UpdateString(L"keys[i].x5c[0]",cert1.getEncoded());
// Now do the same for cert2..
json.put_I(1);
json.UpdateString(L"keys[i].kty",L"RSA");
json.UpdateString(L"keys[i].use",L"sig");
hexThumbprint = cert2.sha1Thumbprint();
base64Thumbprint = crypt.reEncode(hexThumbprint,L"hex",L"base64");
json.UpdateString(L"keys[i].kid",base64Thumbprint);
json.UpdateString(L"keys[i].x5t",base64Thumbprint);
cert2.GetPublicKey(pubKey);
pubKeyJwk.Load(pubKey.getJwk());
json.UpdateString(L"keys[i].n",pubKeyJwk.stringOf(L"n"));
json.UpdateString(L"keys[i].e",pubKeyJwk.stringOf(L"e"));
// Now add the entire X.509 certificate
json.UpdateString(L"keys[i].x5c[0]",cert2.getEncoded());
// Emit the JSON..
json.put_EmitCompact(false);
wprintf(L"%s\n",json.emit());
}