(Delphi ActiveX) JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Chilkat for Delphi Downloads Chilkat ActiveX DLL for Delphi Chilkat non-ActiveX DLL for Delphi * The examples here use the ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
json: TChilkatJsonObject;
pubkey: TPublicKey;
jwt: TChilkatJwt;
jweProtHdr: TChilkatJsonObject;
jwe: TChilkatJwe;
plainText: WideString;
strJwe: WideString;
privkey: TPrivateKey;
jwe2: TChilkatJwe;
decryptedText: WideString;

begin
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Create the following JSON:
// {
//     "kty": "EC",
//     "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
//     "use": "enc",
//     "crv": "P-256",
//     "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
//     "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
//     "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
//     "alg": "ECDH-ES+A256KW"
// }

json := TChilkatJsonObject.Create(Self);
json.UpdateString('kty','EC');
json.UpdateString('d','jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c');
json.UpdateString('use','enc');
json.UpdateString('crv','P-256');
json.UpdateString('kid','evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs');
json.UpdateString('x','LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM');
json.UpdateString('y','voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4');
json.UpdateString('alg','ECDH-ES+A256KW');

pubkey := TPublicKey.Create(Self);

success := pubkey.LoadFromString(json.Emit());
if (success = 0) then
  begin
    Memo1.Lines.Add(pubkey.LastErrorText);
    Exit;
  end;

// Build our protected header:

// 	{
// 	  "alg": "ECDH-ES+A256KW",
// 	  "enc": "A256GCM",
// 	  "exp": 1621957030,
// 	  "cty": "NJWT",
// 	  "epk": {
// 	    "kty": "EC",
// 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
// 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
// 	    "crv": "BP-256"
// 	  }
// 	}

// Use jwt only for getting the current date/time + 3600 seconds.
jwt := TChilkatJwt.Create(Self);

jweProtHdr := TChilkatJsonObject.Create(Self);
jweProtHdr.UpdateString('alg','ECDH-ES+A256KW');
jweProtHdr.UpdateString('enc','A256GCM');
jweProtHdr.UpdateInt('exp',jwt.GenNumericDate(3600));
jweProtHdr.UpdateString('cty','NJWT');
jweProtHdr.UpdateString('epk.kty','EC');
jweProtHdr.UpdateString('epk.x','LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM');
jweProtHdr.UpdateString('epk.y','voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4');
jweProtHdr.UpdateString('epk.crv','P-256');

jwe := TChilkatJwe.Create(Self);
jwe.SetProtectedHeader(jweProtHdr.ControlInterface);
jwe.SetPublicKey(0,pubkey.ControlInterface);

plainText := 'This is the text to be encrypted.';
strJwe := jwe.Encrypt(plainText,'utf-8');
if (jwe.LastMethodSuccess <> 1) then
  begin
    Memo1.Lines.Add(jwe.LastErrorText);
    Exit;
  end;

Memo1.Lines.Add(strJwe);

// Let's decrypt...
privkey := TPrivateKey.Create(Self);

success := privkey.LoadJwk(json.Emit());
if (success = 0) then
  begin
    Memo1.Lines.Add(privkey.LastErrorText);
    Exit;
  end;

jwe2 := TChilkatJwe.Create(Self);
success := jwe2.LoadJwe(strJwe);
if (success = 0) then
  begin
    Memo1.Lines.Add(jwe2.LastErrorText);
    Exit;
  end;

jwe2.SetPrivateKey(0,privkey.ControlInterface);

//  Decrypt.
decryptedText := jwe2.Decrypt(0,'utf-8');
if (jwe2.LastMethodSuccess <> 1) then
  begin
    Memo1.Lines.Add(jwe2.LastErrorText);
    Exit;
  end;

Memo1.Lines.Add(decryptedText);
end;