Sample code for 30+ languages & platforms
Classic ASP

JWE using RSAES-PKCS1-v1_5 and AES_128_CBC_HMAC_SHA_256

See more JSON Web Encryption (JWE) Examples

This example duplicates the example A.2 in RFC 7516 for JSON Web Encryption (JWE).

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' Note: This example requires Chilkat v9.5.0.66 or greater.

plaintext = "Live long and prosper."

' First build the JWE Protected Header.
' We want to build this: {"alg":"RSA1_5","enc":"A128CBC-HS256"}
set jweProtHdr = Server.CreateObject("Chilkat.JsonObject")
success = jweProtHdr.AppendString("alg","RSA1_5")
success = jweProtHdr.AppendString("enc","A128CBC-HS256")
Response.Write "<pre>" & Server.HTMLEncode( "JWE Protected Header: " & jweProtHdr.Emit()) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( "--") & "</pre>"

' The specific RSA key used in the A.2 example is the following JWK:
set sbJwk = Server.CreateObject("Chilkat.StringBuilder")
success = sbJwk.Append("{""kty"":""RSA"",")
success = sbJwk.Append("""n"":""sXchDaQebHnPiGvyDOAT4saGEUetSyo9MKLOoWFsueri23bOdgWp4Dy1Wl")
success = sbJwk.Append("UzewbgBHod5pcM9H95GQRV3JDXboIRROSBigeC5yjU1hGzHHyXss8UDpre")
success = sbJwk.Append("cbAYxknTcQkhslANGRUZmdTOQ5qTRsLAt6BTYuyvVRdhS8exSZEy_c4gs_")
success = sbJwk.Append("7svlJJQ4H9_NxsiIoLwAEk7-Q3UXERGYw_75IDrGA84-lA_-Ct4eTlXHBI")
success = sbJwk.Append("Y2EaV7t7LjJaynVJCpkv4LKjTTAumiGUIuQhrNhZLuF_RJLqHpM2kgWFLU")
success = sbJwk.Append("7-VTdL1VbC2tejvcI2BlMkEpk1BzBZI0KQB0GaDWFLN-aEAw3vRw"",")
success = sbJwk.Append("""e"":""AQAB"",")
success = sbJwk.Append("""d"":""VFCWOqXr8nvZNyaaJLXdnNPXZKRaWCjkU5Q2egQQpTBMwhprMzWzpR8Sxq")
success = sbJwk.Append("1OPThh_J6MUD8Z35wky9b8eEO0pwNS8xlh1lOFRRBoNqDIKVOku0aZb-ry")
success = sbJwk.Append("nq8cxjDTLZQ6Fz7jSjR1Klop-YKaUHc9GsEofQqYruPhzSA-QgajZGPbE_")
success = sbJwk.Append("0ZaVDJHfyd7UUBUKunFMScbflYAAOYJqVIVwaYR5zWEEceUjNnTNo_CVSj")
success = sbJwk.Append("-VvXLO5VZfCUAVLgW4dpf1SrtZjSt34YLsRarSb127reG_DUwg9Ch-Kyvj")
success = sbJwk.Append("T1SkHgUWRVGcyly7uvVGRSDwsXypdrNinPA4jlhoNdizK2zF2CWQ"",")
success = sbJwk.Append("""p"":""9gY2w6I6S6L0juEKsbeDAwpd9WMfgqFoeA9vEyEUuk4kLwBKcoe1x4HG68")
success = sbJwk.Append("ik918hdDSE9vDQSccA3xXHOAFOPJ8R9EeIAbTi1VwBYnbTp87X-xcPWlEP")
success = sbJwk.Append("krdoUKW60tgs1aNd_Nnc9LEVVPMS390zbFxt8TN_biaBgelNgbC95sM"",")
success = sbJwk.Append("""q"":""uKlCKvKv_ZJMVcdIs5vVSU_6cPtYI1ljWytExV_skstvRSNi9r66jdd9-y")
success = sbJwk.Append("BhVfuG4shsp2j7rGnIio901RBeHo6TPKWVVykPu1iYhQXw1jIABfw-MVsN")
success = sbJwk.Append("-3bQ76WLdt2SDxsHs7q7zPyUyHXmps7ycZ5c72wGkUwNOjYelmkiNS0"",")
success = sbJwk.Append("""dp"":""w0kZbV63cVRvVX6yk3C8cMxo2qCM4Y8nsq1lmMSYhG4EcL6FWbX5h9yuv")
success = sbJwk.Append("ngs4iLEFk6eALoUS4vIWEwcL4txw9LsWH_zKI-hwoReoP77cOdSL4AVcra")
success = sbJwk.Append("Hawlkpyd2TWjE5evgbhWtOxnZee3cXJBkAi64Ik6jZxbvk-RR3pEhnCs"",")
success = sbJwk.Append("""dq"":""o_8V14SezckO6CNLKs_btPdFiO9_kC1DsuUTd2LAfIIVeMZ7jn1Gus_Ff")
success = sbJwk.Append("7B7IVx3p5KuBGOVF8L-qifLb6nQnLysgHDh132NDioZkhH7mI7hPG-PYE_")
success = sbJwk.Append("odApKdnqECHWw0J-F0JWnUd6D2B_1TvF9mXA2Qx-iGYn8OVV1Bsmp6qU"",")
success = sbJwk.Append("""qi"":""eNho5yRBEBxhGBtQRww9QirZsB66TrfFReG_CcteI1aCneT0ELGhYlRlC")
success = sbJwk.Append("tUkTRclIfuEPmNsNDPbLoLqqCVznFbvdB7x-Tl-m0l_eFTj2KiqwGqE9PZ")
success = sbJwk.Append("B9nNTwMVvH3VRRSLWACvPnSiwP8N5Usy-WRXS-V7TbpxIhvepTfE0NNo""")
success = sbJwk.Append("}")

' Load this JWK into a Chilkat private key object.
set rsaPrivKey = Server.CreateObject("Chilkat.PrivateKey")
success = rsaPrivKey.LoadJwk(sbJwk.GetAsString())
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( rsaPrivKey.LastErrorText) & "</pre>"
    Response.End
End If

' The public key is used to encrypt (i.e. create the JWE), 
' and the private key is used to decrypt.
' The RSA public key is simply a subset of the private key.  The RSA public key
' is composed of the "n" and "e" members shown above.  These are also known as the
' modulus and exponent.
' We can simply get the public key object from the private key object
set rsaPubKey = Server.CreateObject("Chilkat.PublicKey")
success = rsaPrivKey.ToPublicKey(rsaPubKey)

' Create the JWE...
set jwe = Server.CreateObject("Chilkat.Jwe")
success = jwe.SetProtectedHeader(jweProtHdr)
success = jwe.SetPublicKey(0,rsaPubKey)

strJwe = jwe.Encrypt(plaintext,"utf-8")
If (jwe.LastMethodSuccess = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( jwe.LastErrorText) & "</pre>"
    Response.End
End If

' Show the JWE we just created:
Response.Write "<pre>" & Server.HTMLEncode( strJwe) & "</pre>"

' Note: The RSA PKCS1_V1_5 padding uses random value, and the results
' will be different each time.  However, each result should be successfully
' decrypting if using the correct RSA private key.

' Let's decrypt the JWE that was just produced.
' Do the following to decrypt a JWE:
' 1) Load the JWE.
' 2) Set the private key for decryption.
' 3) Decrypt.
set jwe2 = Server.CreateObject("Chilkat.Jwe")
success = jwe2.LoadJwe(strJwe)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
    Response.End
End If

' Provide the RSA private key for decryption.
' (The JWE was encrypted for a single recipient at index 0.)
success = jwe2.SetPrivateKey(0,rsaPrivKey)

' Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
If (jwe2.LastMethodSuccess = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( "original text: ") & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( originalPlaintext) & "</pre>"

' ---------------------------------------------------------------------------------
' It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.2.7
' because it was produced using the same RSA key.

set sbJwe = Server.CreateObject("Chilkat.StringBuilder")
success = sbJwe.Append("eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.")
success = sbJwe.Append("UGhIOguC7IuEvf_NPVaXsGMoLOmwvc1GyqlIKOK1nN94nHPoltGRhWhw7Zx0-kFm")
success = sbJwe.Append("1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7Pc")
success = sbJwe.Append("HALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIF")
success = sbJwe.Append("NPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8")
success = sbJwe.Append("rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv")
success = sbJwe.Append("-B3oWh2TbqmScqXMR4gp_A.")
success = sbJwe.Append("AxY8DCtDaGlsbGljb3RoZQ.")
success = sbJwe.Append("KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.")
success = sbJwe.Append("9hH0vgRfYgPnAHOd8stkvw")

success = jwe2.LoadJweSb(sbJwe)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
    Response.End
End If

' Provide the RSA private key for decryption.
success = jwe2.SetPrivateKey(0,rsaPrivKey)

' Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
If (jwe2.LastMethodSuccess = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( jwe2.LastErrorText) & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( originalPlaintext) & "</pre>"

%>
</body>
</html>