C
C
JWE using "dir" Direct use of Shared Symmetric Key
See more JSON Web Encryption (JWE) Examples
Demonstrates how to create a JWE using the "dir" alg -- which is to directly use a shared symmetric key.Note: This example requires Chilkat v9.5.0.66 or greater.
Chilkat C Downloads
#include <C_CkJwe.h>
#include <C_CkJsonObject.h>
void ChilkatSample(void)
{
BOOL success;
const char *plaintext;
HCkJwe jwe;
HCkJsonObject jweProtHdr;
int recipientIndex;
const char *strJwe;
HCkJwe jwe2;
const char *originalPlaintext;
success = FALSE;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: This example requires Chilkat v9.5.0.66 or greater.
plaintext = "Live long and prosper.";
jwe = CkJwe_Create();
// First build the JWE Protected Header..
jweProtHdr = CkJsonObject_Create();
CkJsonObject_AppendString(jweProtHdr,"alg","dir");
CkJsonObject_AppendString(jweProtHdr,"enc","A128GCM");
// Don't forget to actually provide the protected header to the JWE object:
CkJwe_SetProtectedHeader(jwe,jweProtHdr);
// The JWE is to use 128-bit AES GCM encryption as specified by the "enc" parameter.
// Given that the "alg" = "dir", we are to directly specify the AES GCM key.
// (It is assumed that the decrypting side also has knowledge of the direct key to be used..)
// Our key will be these 16 hex bytes: 000102030405060708090A0B0C0D0E0F
// The SetWrappingKey method is also used for "dir" direct keys.
// However, if there are multiple recipients, they must all share the same CEK (Content Encryption Key),
// which is specified by calling SetWrappingKey with an index of 0.
recipientIndex = 0;
CkJwe_SetWrappingKey(jwe,recipientIndex,"000102030405060708090A0B0C0D0E0F","hex");
// Encrypt and return the JWE:
strJwe = CkJwe_encrypt(jwe,plaintext,"utf-8");
if (CkJwe_getLastMethodSuccess(jwe) != TRUE) {
printf("%s\n",CkJwe_lastErrorText(jwe));
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
return;
}
// Show the JWE we just created:
printf("%s\n",strJwe);
// Decrypt the JWE.
jwe2 = CkJwe_Create();
success = CkJwe_LoadJwe(jwe2,strJwe);
if (success != TRUE) {
printf("%s\n",CkJwe_lastErrorText(jwe2));
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkJwe_Dispose(jwe2);
return;
}
CkJwe_SetWrappingKey(jwe2,0,"000102030405060708090A0B0C0D0E0F","hex");
// Decrypt.
originalPlaintext = CkJwe_decrypt(jwe2,0,"utf-8");
if (CkJwe_getLastMethodSuccess(jwe2) != TRUE) {
printf("%s\n",CkJwe_lastErrorText(jwe2));
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkJwe_Dispose(jwe2);
return;
}
printf("original text: \n");
printf("%s\n",originalPlaintext);
// Sample output:
// eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4R0NNIn0..20HX5Huc7f1nQC4pBUtiCQ.axFZIxtZy5j0ifJQUzGXLKIpsBuxJA.eBrOC-NrsreN6JeGuOPk1g
// original text:
// Live long and prosper.
CkJwe_Dispose(jwe);
CkJsonObject_Dispose(jweProtHdr);
CkJwe_Dispose(jwe2);
}