Sample code for 30+ languages & platforms
Delphi DLL

JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following public/private key pair:
{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Jwe, Jwt, PublicKey, JsonObject, PrivateKey;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
json: HCkJsonObject;
pubkey: HCkPublicKey;
jwt: HCkJwt;
jweProtHdr: HCkJsonObject;
jwe: HCkJwe;
plainText: PWideChar;
strJwe: PWideChar;
privkey: HCkPrivateKey;
jwe2: HCkJwe;
decryptedText: PWideChar;

begin
success := False;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Create the following JSON:
// {
//     "kty": "EC",
//     "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
//     "use": "enc",
//     "crv": "P-256",
//     "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
//     "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
//     "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
//     "alg": "ECDH-ES+A256KW"
// }

json := CkJsonObject_Create();
CkJsonObject_UpdateString(json,'kty','EC');
CkJsonObject_UpdateString(json,'d','jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c');
CkJsonObject_UpdateString(json,'use','enc');
CkJsonObject_UpdateString(json,'crv','P-256');
CkJsonObject_UpdateString(json,'kid','evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs');
CkJsonObject_UpdateString(json,'x','LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM');
CkJsonObject_UpdateString(json,'y','voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4');
CkJsonObject_UpdateString(json,'alg','ECDH-ES+A256KW');

pubkey := CkPublicKey_Create();

success := CkPublicKey_LoadFromString(pubkey,CkJsonObject__emit(json));
if (success = False) then
  begin
    Memo1.Lines.Add(CkPublicKey__lastErrorText(pubkey));
    Exit;
  end;

// Build our protected header:

// 	{
// 	  "alg": "ECDH-ES+A256KW",
// 	  "enc": "A256GCM",
// 	  "exp": 1621957030,
// 	  "cty": "NJWT",
// 	  "epk": {
// 	    "kty": "EC",
// 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
// 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
// 	    "crv": "BP-256"
// 	  }
// 	}

// Use jwt only for getting the current date/time + 3600 seconds.
jwt := CkJwt_Create();

jweProtHdr := CkJsonObject_Create();
CkJsonObject_UpdateString(jweProtHdr,'alg','ECDH-ES+A256KW');
CkJsonObject_UpdateString(jweProtHdr,'enc','A256GCM');
CkJsonObject_UpdateInt(jweProtHdr,'exp',CkJwt_GenNumericDate(jwt,3600));
CkJsonObject_UpdateString(jweProtHdr,'cty','NJWT');
CkJsonObject_UpdateString(jweProtHdr,'epk.kty','EC');
CkJsonObject_UpdateString(jweProtHdr,'epk.x','LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM');
CkJsonObject_UpdateString(jweProtHdr,'epk.y','voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4');
CkJsonObject_UpdateString(jweProtHdr,'epk.crv','P-256');

jwe := CkJwe_Create();
CkJwe_SetProtectedHeader(jwe,jweProtHdr);
CkJwe_SetPublicKey(jwe,0,pubkey);

plainText := 'This is the text to be encrypted.';
strJwe := CkJwe__encrypt(jwe,plainText,'utf-8');
if (CkJwe_getLastMethodSuccess(jwe) <> True) then
  begin
    Memo1.Lines.Add(CkJwe__lastErrorText(jwe));
    Exit;
  end;

Memo1.Lines.Add(strJwe);

// Let's decrypt...
privkey := CkPrivateKey_Create();

success := CkPrivateKey_LoadJwk(privkey,CkJsonObject__emit(json));
if (success = False) then
  begin
    Memo1.Lines.Add(CkPrivateKey__lastErrorText(privkey));
    Exit;
  end;

jwe2 := CkJwe_Create();
success := CkJwe_LoadJwe(jwe2,strJwe);
if (success = False) then
  begin
    Memo1.Lines.Add(CkJwe__lastErrorText(jwe2));
    Exit;
  end;

CkJwe_SetPrivateKey(jwe2,0,privkey);

//  Decrypt.
decryptedText := CkJwe__decrypt(jwe2,0,'utf-8');
if (CkJwe_getLastMethodSuccess(jwe2) <> True) then
  begin
    Memo1.Lines.Add(CkJwe__lastErrorText(jwe2));
    Exit;
  end;

Memo1.Lines.Add(decryptedText);

CkJsonObject_Dispose(json);
CkPublicKey_Dispose(pubkey);
CkJwt_Dispose(jwt);
CkJsonObject_Dispose(jweProtHdr);
CkJwe_Dispose(jwe);
CkPrivateKey_Dispose(privkey);
CkJwe_Dispose(jwe2);

end;