(SQL Server) JWE using ECDH-ES, BP-256, A256GCM

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following header:

	{
	  "alg": "ECDH-ES",
	  "enc": "A256GCM",
	  "exp": 1621957030,
	  "cty": "NJWT",
	  "epk": {
	    "kty": "EC",
	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
	    "crv": "BP-256"
	  }
	}

Note: This example requires Chilkat v9.5.0.87 or greater.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    -- This requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @success int

    -- Load our brainpool BP-256 public key.

    -- 	{
    -- 	  "use": "enc",
    -- 	  "kid": "puk_idp_enc",
    -- 	  "kty": "EC",
    -- 	  "crv": "BP-256",
    -- 	  "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w",
    -- 	  "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
    -- 	}

    DECLARE @json int
    -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'use', 'enc'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'kid', 'puk_idp_enc'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'kty', 'EC'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'crv', 'BP-256'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'x', 'QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'y', 'AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu'

    DECLARE @pubkey int
    -- Use "Chilkat_9_5_0.PublicKey" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.PublicKey', @pubkey OUT

    EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT
    EXEC sp_OAMethod @pubkey, 'LoadFromString', @success OUT, @sTmp0
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pubkey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        RETURN
      END

    -- Build our protected header:

    -- 	{
    -- 	  "alg": "ECDH-ES",
    -- 	  "enc": "A256GCM",
    -- 	  "exp": 1621957030,
    -- 	  "cty": "NJWT",
    -- 	  "epk": {
    -- 	    "kty": "EC",
    -- 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
    -- 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
    -- 	    "crv": "BP-256"
    -- 	  }
    -- 	}

    -- Use jwt only for getting the current date/time + 3600 seconds.
    DECLARE @jwt int
    -- Use "Chilkat_9_5_0.Jwt" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Jwt', @jwt OUT

    DECLARE @jweProtHdr int
    -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jweProtHdr OUT

    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'alg', 'ECDH-ES'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'enc', 'A256GCM'
    EXEC sp_OAMethod @jwt, 'GenNumericDate', @iTmp0 OUT, 3600
    EXEC sp_OAMethod @jweProtHdr, 'UpdateInt', @success OUT, 'exp', @iTmp0
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'cty', 'NJWT'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.kty', 'EC'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.x', 'QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.y', 'AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu'
    EXEC sp_OAMethod @jweProtHdr, 'UpdateString', @success OUT, 'epk.crv', 'BP-256'

    DECLARE @jwe int
    -- Use "Chilkat_9_5_0.Jwe" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Jwe', @jwe OUT

    EXEC sp_OAMethod @jwe, 'SetProtectedHeader', @success OUT, @jweProtHdr
    EXEC sp_OAMethod @jwe, 'SetPublicKey', @success OUT, 0, @pubkey

    DECLARE @plainText nvarchar(4000)
    SELECT @plainText = 'This is the text to be encrypted.'
    DECLARE @strJwe nvarchar(4000)
    EXEC sp_OAMethod @jwe, 'Encrypt', @strJwe OUT, @plainText, 'utf-8'
    EXEC sp_OAGetProperty @jwe, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 <> 1
      BEGIN
        EXEC sp_OAGetProperty @jwe, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @pubkey
        EXEC @hr = sp_OADestroy @jwt
        EXEC @hr = sp_OADestroy @jweProtHdr
        EXEC @hr = sp_OADestroy @jwe
        RETURN
      END


    PRINT @strJwe


    PRINT 'Success.'

    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @pubkey
    EXEC @hr = sp_OADestroy @jwt
    EXEC @hr = sp_OADestroy @jweProtHdr
    EXEC @hr = sp_OADestroy @jwe


END
GO