(C++) JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following public/private key pair:

{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Chilkat C/C++ Library Downloads

MS Visual C/C++

C++ Builder

Linux C/C++

Alpine Linux C/C++

MacOS C/C++

iOS C/C++

Android C/C++

MinGW C/C++

#include <CkJsonObject.h>
#include <CkPublicKey.h>
#include <CkJwt.h>
#include <CkJwe.h>
#include <CkPrivateKey.h>

void ChilkatSample(void)
    {
    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    bool success;

    // Create the following JSON:
    // {
    //     "kty": "EC",
    //     "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    //     "use": "enc",
    //     "crv": "P-256",
    //     "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    //     "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    //     "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    //     "alg": "ECDH-ES+A256KW"
    // }

    CkJsonObject json;
    json.UpdateString("kty","EC");
    json.UpdateString("d","jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c");
    json.UpdateString("use","enc");
    json.UpdateString("crv","P-256");
    json.UpdateString("kid","evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs");
    json.UpdateString("x","LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM");
    json.UpdateString("y","voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4");
    json.UpdateString("alg","ECDH-ES+A256KW");

    CkPublicKey pubkey;

    success = pubkey.LoadFromString(json.emit());
    if (success == false) {
        std::cout << pubkey.lastErrorText() << "\r\n";
        return;
    }

    // Build our protected header:

    // 	{
    // 	  "alg": "ECDH-ES+A256KW",
    // 	  "enc": "A256GCM",
    // 	  "exp": 1621957030,
    // 	  "cty": "NJWT",
    // 	  "epk": {
    // 	    "kty": "EC",
    // 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
    // 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
    // 	    "crv": "BP-256"
    // 	  }
    // 	}

    // Use jwt only for getting the current date/time + 3600 seconds.
    CkJwt jwt;

    CkJsonObject jweProtHdr;
    jweProtHdr.UpdateString("alg","ECDH-ES+A256KW");
    jweProtHdr.UpdateString("enc","A256GCM");
    jweProtHdr.UpdateInt("exp",jwt.GenNumericDate(3600));
    jweProtHdr.UpdateString("cty","NJWT");
    jweProtHdr.UpdateString("epk.kty","EC");
    jweProtHdr.UpdateString("epk.x","LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM");
    jweProtHdr.UpdateString("epk.y","voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4");
    jweProtHdr.UpdateString("epk.crv","P-256");

    CkJwe jwe;
    jwe.SetProtectedHeader(jweProtHdr);
    jwe.SetPublicKey(0,pubkey);

    const char *plainText = "This is the text to be encrypted.";
    const char *strJwe = jwe.encrypt(plainText,"utf-8");
    if (jwe.get_LastMethodSuccess() != true) {
        std::cout << jwe.lastErrorText() << "\r\n";
        return;
    }

    std::cout << strJwe << "\r\n";

    // Let's decrypt...
    CkPrivateKey privkey;

    success = privkey.LoadJwk(json.emit());
    if (success == false) {
        std::cout << privkey.lastErrorText() << "\r\n";
        return;
    }

    CkJwe jwe2;
    success = jwe2.LoadJwe(strJwe);
    if (success == false) {
        std::cout << jwe2.lastErrorText() << "\r\n";
        return;
    }

    jwe2.SetPrivateKey(0,privkey);

    //  Decrypt.
    const char *decryptedText = jwe2.decrypt(0,"utf-8");
    if (jwe2.get_LastMethodSuccess() != true) {
        std::cout << jwe2.lastErrorText() << "\r\n";
        return;
    }

    std::cout << decryptedText << "\r\n";
    }