Sample code for 30+ languages & platforms
SQL Server

JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following public/private key pair:
{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- Create the following JSON:
    -- {
    --     "kty": "EC",
    --     "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    --     "use": "enc",
    --     "crv": "P-256",
    --     "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    --     "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    --     "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    --     "alg": "ECDH-ES+A256KW"
    -- }

    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'kty', 'EC'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'd', 'jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'use', 'enc'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'crv', 'P-256'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'kid', 'evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'x', 'LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'y', 'voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'alg', 'ECDH-ES+A256KW'

    DECLARE @pubkey int
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubkey OUT

    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @pubkey, 'LoadFromString', @success OUT, @sTmp0
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pubkey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        RETURN
      END

    -- Build our protected header:

    -- 	{
    -- 	  "alg": "ECDH-ES+A256KW",
    -- 	  "enc": "A256GCM",
    -- 	  "exp": 1621957030,
    -- 	  "cty": "NJWT",
    -- 	  "epk": {
    -- 	    "kty": "EC",
    -- 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
    -- 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
    -- 	    "crv": "BP-256"
    -- 	  }
    -- 	}

    -- Use jwt only for getting the current date/time + 3600 seconds.
    DECLARE @jwt int
    EXEC @hr = sp_OACreate 'Chilkat.Jwt', @jwt OUT

    DECLARE @jweProtHdr int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jweProtHdr OUT

    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'alg', 'ECDH-ES+A256KW'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'enc', 'A256GCM'
    EXEC sp_OAMethod @jwt, 'GenNumericDate', @iTmp0 OUT, 3600
    EXEC sp_OAMethod @jweProtHdr, 'UpdateInt', @success OUT, 'exp', @iTmp0
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'cty', 'NJWT'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.kty', 'EC'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.x', 'LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.y', 'voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.crv', 'P-256'

    DECLARE @jwe int
    EXEC @hr = sp_OACreate 'Chilkat.Jwe', @jwe OUT

    EXEC sp_OAMethod @jwe, 'SetProtectedHeader', @success OUT, @jweProtHdr
    EXEC sp_OAMethod @jwe, 'SetPublicKey', @success OUT, 0, @pubkey

    DECLARE @plainText nvarchar(4000)
    SELECT @plainText = 'This is the text to be encrypted.'
    DECLARE @strJwe nvarchar(4000)
    EXEC sp_OAMethod @jwe, 'Encrypt', @strJwe OUT, @plainText, 'utf-8'
    EXEC sp_OAGetProperty @jwe, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 <> 1
      BEGIN
        EXEC sp_OAGetProperty @jwe, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jweProtHdr
        EXEC @hr = sp_OADestroy @jwe
        RETURN
      END


    PRINT @strJwe

    -- Let's decrypt...
    DECLARE @privkey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @privkey OUT

    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @privkey, 'LoadJwk', @success OUT, @sTmp0
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @privkey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jweProtHdr
        EXEC @hr = sp_OADestroy @jwe
        EXEC @hr = sp_OADestroy @privkey
        RETURN
      END

    DECLARE @jwe2 int
    EXEC @hr = sp_OACreate 'Chilkat.Jwe', @jwe2 OUT

    EXEC sp_OAMethod @jwe2, 'LoadJwe', @success OUT, @strJwe
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @jwe2, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jweProtHdr
        EXEC @hr = sp_OADestroy @jwe
        EXEC @hr = sp_OADestroy @privkey
        EXEC @hr = sp_OADestroy @jwe2
        RETURN
      END

    EXEC sp_OAMethod @jwe2, 'SetPrivateKey', @success OUT, 0, @privkey

    --  Decrypt.
    DECLARE @decryptedText nvarchar(4000)
    EXEC sp_OAMethod @jwe2, 'Decrypt', @decryptedText OUT, 0, 'utf-8'
    EXEC sp_OAGetProperty @jwe2, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 <> 1
      BEGIN
        EXEC sp_OAGetProperty @jwe2, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jweProtHdr
        EXEC @hr = sp_OADestroy @jwe
        EXEC @hr = sp_OADestroy @privkey
        EXEC @hr = sp_OADestroy @jwe2
        RETURN
      END


    PRINT @decryptedText

    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @pubkey
    EXEC @hr = sp_OADestroy @jwt
    EXEC @hr = sp_OADestroy @jweProtHdr
    EXEC @hr = sp_OADestroy @jwe
    EXEC @hr = sp_OADestroy @privkey
    EXEC @hr = sp_OADestroy @jwe2


END
GO