Classic ASP
Classic ASP
JWE using AES Key Wrap and AES_128_CBC_HMAC_SHA_256
See more JSON Web Encryption (JWE) Examples
This example duplicates the example A.3 in RFC 7516 for JSON Web Encryption (JWE).Note: This example requires Chilkat v9.5.0.66 or greater.
Chilkat Classic ASP Downloads
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0
' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
' Note: This example requires Chilkat v9.5.0.66 or greater.
plaintext = "Live long and prosper."
set jwe = Server.CreateObject("Chilkat.Jwe")
' First build the JWE Protected Header: {"alg":"A128KW","enc":"A128CBC-HS256"}
set jweProtHdr = Server.CreateObject("Chilkat.JsonObject")
success = jweProtHdr.AppendString("alg","A128KW")
success = jweProtHdr.AppendString("enc","A128CBC-HS256")
success = jwe.SetProtectedHeader(jweProtHdr)
Response.Write "<pre>" & Server.HTMLEncode( "JWE Protected Header: " & jweProtHdr.Emit()) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( "--") & "</pre>"
' The example A.3 in RFC 7516 uses the following 128-bit AES key,
' specified in JWK (JSON Web Key) format:
' {"kty":"oct",
' "k":"GawgguFyGrWKav7AX4VKUg"
' }
' This is just a way of saying: The key type ("kty") is
' a bunch of octets ("k") in base64url encoding.
' We can simply set the AES wrapping key like this:
aesWrappingKey = "GawgguFyGrWKav7AX4VKUg"
success = jwe.SetWrappingKey(0,aesWrappingKey,"base64url")
' Encrypt and return the JWE:
strJwe = jwe.Encrypt(plaintext,"utf-8")
If (jwe.LastMethodSuccess <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( jwe.LastErrorText) & "</pre>"
Response.End
End If
' Show the JWE we just created:
Response.Write "<pre>" & Server.HTMLEncode( strJwe) & "</pre>"
' Decrypt the JWE that was just produced.
' 1) Load the JWE.
' 2) Set the AES wrapping key.
' 3) Decrypt.
set jwe2 = Server.CreateObject("Chilkat.Jwe")
success = jwe2.LoadJwe(strJwe)
If (success <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
Response.End
End If
' Set the AES wrap key.
success = jwe2.SetWrappingKey(0,aesWrappingKey,"base64url")
' Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
If (jwe2.LastMethodSuccess <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
Response.End
End If
Response.Write "<pre>" & Server.HTMLEncode( "original text: ") & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( originalPlaintext) & "</pre>"
' ---------------------------------------------------------------------------------
' It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.3.7
' because it was produced using the same AES Wrap key.
set sbJwe = Server.CreateObject("Chilkat.StringBuilder")
success = sbJwe.Append("eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.")
success = sbJwe.Append("6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ.")
success = sbJwe.Append("AxY8DCtDaGlsbGljb3RoZQ.")
success = sbJwe.Append("KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.")
success = sbJwe.Append("U0m_YmjN04DJvceFICbCVQ")
success = jwe2.LoadJweSb(sbJwe)
If (success <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
Response.End
End If
success = jwe2.SetWrappingKey(0,aesWrappingKey,"base64url")
' Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
If (jwe2.LastMethodSuccess <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
Response.End
End If
Response.Write "<pre>" & Server.HTMLEncode( originalPlaintext) & "</pre>"
%>
</body>
</html>