(DataFlex) JWE using AES Key Wrap and AES_128_CBC_HMAC_SHA_256

This example duplicates the example A.3 in RFC 7516 for JSON Web Encryption (JWE).

Note: This example requires Chilkat v9.5.0.66 or greater.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    String sPlaintext
    Handle hoJwe
    Variant vJweProtHdr
    Handle hoJweProtHdr
    String sAesWrappingKey
    String sStrJwe
    Handle hoJwe2
    String sOriginalPlaintext
    Variant vSbJwe
    Handle hoSbJwe
    String sTemp1
    Boolean bTemp1

    // This requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Note: This example requires Chilkat v9.5.0.66 or greater.

    Move "Live long and prosper." To sPlaintext

    Get Create (RefClass(cComChilkatJwe)) To hoJwe
    If (Not(IsComObjectCreated(hoJwe))) Begin
        Send CreateComObject of hoJwe
    End

    // First build the JWE Protected Header: {"alg":"A128KW","enc":"A128CBC-HS256"}
    Get Create (RefClass(cComChilkatJsonObject)) To hoJweProtHdr
    If (Not(IsComObjectCreated(hoJweProtHdr))) Begin
        Send CreateComObject of hoJweProtHdr
    End
    Get ComAppendString Of hoJweProtHdr "alg" "A128KW" To iSuccess
    Get ComAppendString Of hoJweProtHdr "enc" "A128CBC-HS256" To iSuccess
    Get pvComObject of hoJweProtHdr to vJweProtHdr
    Get ComSetProtectedHeader Of hoJwe vJweProtHdr To iSuccess

    Get ComEmit Of hoJweProtHdr To sTemp1
    Showln "JWE Protected Header: " sTemp1
    Showln "--"

    // The example A.3 in RFC 7516 uses the following 128-bit AES key,
    // specified in JWK (JSON Web Key) format:
    //      {"kty":"oct",
    //       "k":"GawgguFyGrWKav7AX4VKUg"
    //      }
    // This is just a way of saying: The key type ("kty") is 
    // a bunch of octets ("k") in base64url encoding.
    // We can simply set the AES wrapping key like this:
    Move "GawgguFyGrWKav7AX4VKUg" To sAesWrappingKey
    Get ComSetWrappingKey Of hoJwe 0 sAesWrappingKey "base64url" To iSuccess

    // Encrypt and return the JWE:
    Get ComEncrypt Of hoJwe sPlaintext "utf-8" To sStrJwe
    Get ComLastMethodSuccess Of hoJwe To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoJwe To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Show the JWE we just created:
    Showln sStrJwe

    // Decrypt the JWE that was just produced.
    // 1) Load the JWE.
    // 2) Set the AES wrapping key.
    // 3) Decrypt.
    Get Create (RefClass(cComChilkatJwe)) To hoJwe2
    If (Not(IsComObjectCreated(hoJwe2))) Begin
        Send CreateComObject of hoJwe2
    End
    Get ComLoadJwe Of hoJwe2 sStrJwe To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoJwe2 To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Set the AES wrap key.
    Get ComSetWrappingKey Of hoJwe2 0 sAesWrappingKey "base64url" To iSuccess

    // Decrypt.
    Get ComDecrypt Of hoJwe2 0 "utf-8" To sOriginalPlaintext
    Get ComLastMethodSuccess Of hoJwe2 To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoJwe2 To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "original text: "
    Showln sOriginalPlaintext

    // ---------------------------------------------------------------------------------
    // It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.3.7
    // because it was produced using the same AES Wrap key.

    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbJwe
    If (Not(IsComObjectCreated(hoSbJwe))) Begin
        Send CreateComObject of hoSbJwe
    End
    Get ComAppend Of hoSbJwe "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0." To iSuccess
    Get ComAppend Of hoSbJwe "6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ." To iSuccess
    Get ComAppend Of hoSbJwe "AxY8DCtDaGlsbGljb3RoZQ." To iSuccess
    Get ComAppend Of hoSbJwe "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY." To iSuccess
    Get ComAppend Of hoSbJwe "U0m_YmjN04DJvceFICbCVQ" To iSuccess

    Get pvComObject of hoSbJwe to vSbJwe
    Get ComLoadJweSb Of hoJwe2 vSbJwe To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoJwe2 To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get ComSetWrappingKey Of hoJwe2 0 sAesWrappingKey "base64url" To iSuccess

    // Decrypt.
    Get ComDecrypt Of hoJwe2 0 "utf-8" To sOriginalPlaintext
    Get ComLastMethodSuccess Of hoJwe2 To bTemp1
    If (bTemp1 <> True) Begin
        Get ComLastErrorText Of hoJwe2 To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln sOriginalPlaintext


End_Procedure