C
C
JWE using A256GCMKW
See more JSON Web Encryption (JWE) Examples
This example demonstrates creating a JCE with AES GCM key wrap.Chilkat C Downloads
#include <C_CkJwe.h>
#include <C_CkJsonObject.h>
#include <C_CkPrng.h>
void ChilkatSample(void)
{
BOOL success;
const char *plaintext;
HCkJwe jwe;
HCkJsonObject jweProtHdr;
HCkPrng prng;
const char *aesWrappingKey;
const char *strJwe;
HCkJwe jwe2;
const char *originalPlaintext;
success = FALSE;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
plaintext = "My text to enrypt";
jwe = CkJwe_Create();
// First build the JWE Protected Header:
// {
// "alg": "A256GCMKW",
// "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
// "tag": "kfPduVQ3T3H6vnewt--ksw",
// "iv": "KkYT0GX_2jHlfqN_",
// "enc": "A128CBC-HS256"
// }
jweProtHdr = CkJsonObject_Create();
CkJsonObject_AppendString(jweProtHdr,"alg","A256GCMKW");
// kid is optional
CkJsonObject_AppendString(jweProtHdr,"kid","18ec08e1-bfa9-4d95-b205-2b4dd1d4321d");
// tag is optional
CkJsonObject_AppendString(jweProtHdr,"tag","kfPduVQ3T3H6vnewt--ksw");
CkJsonObject_AppendString(jweProtHdr,"enc","A256GCM");
// the iv should be 16 random chars.
prng = CkPrng_Create();
CkJsonObject_AppendString(jweProtHdr,"iv",CkPrng_randomString(prng,16,TRUE,TRUE,TRUE));
CkJwe_SetProtectedHeader(jwe,jweProtHdr);
printf("JWE Protected Header: %s\n",CkJsonObject_emit(jweProtHdr));
printf("--\n");
// Given that we have 256-bit AES, our key should be 32 bytes.
// The ascii string here is 32 bytes, therefore the 2nd arg is "ascii" to use these
// ascii chars directly as the key.
aesWrappingKey = "2baf4f730f5e4542b428593ef9cceb0e";
CkJwe_SetWrappingKey(jwe,0,aesWrappingKey,"ascii");
// Encrypt and return the JWE:
strJwe = CkJwe_encrypt(jwe,plaintext,"utf-8");
if (CkJwe_getLastMethodSuccess(jwe) != TRUE) {
printf("%s\n",CkJwe_lastErrorText(jwe));
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkPrng_Dispose(prng);
return;
}
// Show the JWE we just created:
printf("%s\n",strJwe);
// Decrypt the JWE that was just produced.
// 1) Load the JWE.
// 2) Set the AES wrapping key.
// 3) Decrypt.
jwe2 = CkJwe_Create();
success = CkJwe_LoadJwe(jwe2,strJwe);
if (success != TRUE) {
printf("%s\n",CkJwe_lastErrorText(jwe2));
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkPrng_Dispose(prng);
CkJwe_Dispose(jwe2);
return;
}
// Set the AES wrap key. Important to use "ascii"
CkJwe_SetWrappingKey(jwe2,0,aesWrappingKey,"ascii");
// Decrypt.
originalPlaintext = CkJwe_decrypt(jwe2,0,"utf-8");
if (CkJwe_getLastMethodSuccess(jwe2) != TRUE) {
printf("%s\n",CkJwe_lastErrorText(jwe2));
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkPrng_Dispose(prng);
CkJwe_Dispose(jwe2);
return;
}
printf("original text: \n");
printf("%s\n",originalPlaintext);
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkPrng_Dispose(prng);
CkJwe_Dispose(jwe2);
}