AutoIt
AutoIt
JWE using AES Key Wrap and AES_128_CBC_HMAC_SHA_256
See more JSON Web Encryption (JWE) Examples
This example duplicates the example A.3 in RFC 7516 for JSON Web Encryption (JWE).Note: This example requires Chilkat v9.5.0.66 or greater.
Chilkat AutoIt Downloads
Local $bSuccess = False
; This requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
; Note: This example requires Chilkat v9.5.0.66 or greater.
Local $sPlaintext = "Live long and prosper."
$oJwe = ObjCreate("Chilkat.Jwe")
; First build the JWE Protected Header: {"alg":"A128KW","enc":"A128CBC-HS256"}
$oJweProtHdr = ObjCreate("Chilkat.JsonObject")
$oJweProtHdr.AppendString("alg","A128KW")
$oJweProtHdr.AppendString("enc","A128CBC-HS256")
$oJwe.SetProtectedHeader($oJweProtHdr)
ConsoleWrite("JWE Protected Header: " & $oJweProtHdr.Emit() & @CRLF)
ConsoleWrite("--" & @CRLF)
; The example A.3 in RFC 7516 uses the following 128-bit AES key,
; specified in JWK (JSON Web Key) format:
; {"kty":"oct",
; "k":"GawgguFyGrWKav7AX4VKUg"
; }
; This is just a way of saying: The key type ("kty") is
; a bunch of octets ("k") in base64url encoding.
; We can simply set the AES wrapping key like this:
Local $sAesWrappingKey = "GawgguFyGrWKav7AX4VKUg"
$oJwe.SetWrappingKey(0,$sAesWrappingKey,"base64url")
; Encrypt and return the JWE:
Local $strJwe = $oJwe.Encrypt($sPlaintext,"utf-8")
If ($oJwe.LastMethodSuccess <> True) Then
ConsoleWrite($oJwe.LastErrorText & @CRLF)
Exit
EndIf
; Show the JWE we just created:
ConsoleWrite($strJwe & @CRLF)
; Decrypt the JWE that was just produced.
; 1) Load the JWE.
; 2) Set the AES wrapping key.
; 3) Decrypt.
$oJwe2 = ObjCreate("Chilkat.Jwe")
$bSuccess = $oJwe2.LoadJwe($strJwe)
If ($bSuccess <> True) Then
ConsoleWrite($oJwe2.LastErrorText & @CRLF)
Exit
EndIf
; Set the AES wrap key.
$oJwe2.SetWrappingKey(0,$sAesWrappingKey,"base64url")
; Decrypt.
Local $sOriginalPlaintext = $oJwe2.Decrypt(0,"utf-8")
If ($oJwe2.LastMethodSuccess <> True) Then
ConsoleWrite($oJwe2.LastErrorText & @CRLF)
Exit
EndIf
ConsoleWrite("original text: " & @CRLF)
ConsoleWrite($sOriginalPlaintext & @CRLF)
; ---------------------------------------------------------------------------------
; It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.3.7
; because it was produced using the same AES Wrap key.
$oSbJwe = ObjCreate("Chilkat.StringBuilder")
$oSbJwe.Append("eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.")
$oSbJwe.Append("6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ.")
$oSbJwe.Append("AxY8DCtDaGlsbGljb3RoZQ.")
$oSbJwe.Append("KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.")
$oSbJwe.Append("U0m_YmjN04DJvceFICbCVQ")
$bSuccess = $oJwe2.LoadJweSb($oSbJwe)
If ($bSuccess <> True) Then
ConsoleWrite($oJwe2.LastErrorText & @CRLF)
Exit
EndIf
$oJwe2.SetWrappingKey(0,$sAesWrappingKey,"base64url")
; Decrypt.
$sOriginalPlaintext = $oJwe2.Decrypt(0,"utf-8")
If ($oJwe2.LastMethodSuccess <> True) Then
ConsoleWrite($oJwe2.LastErrorText & @CRLF)
Exit
EndIf
ConsoleWrite($sOriginalPlaintext & @CRLF)