Sample code for 30+ languages & platforms
Visual FoxPro

JWE using AES Key Wrap and AES_128_CBC_HMAC_SHA_256

See more JSON Web Encryption (JWE) Examples

This example duplicates the example A.3 in RFC 7516 for JSON Web Encryption (JWE).

Note: This example requires Chilkat v9.5.0.66 or greater.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL lcPlaintext
LOCAL loJwe
LOCAL loJweProtHdr
LOCAL lcAesWrappingKey
LOCAL lcStrJwe
LOCAL loJwe2
LOCAL lcOriginalPlaintext
LOCAL loSbJwe

lnSuccess = 0

* This requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* Note: This example requires Chilkat v9.5.0.66 or greater.

lcPlaintext = "Live long and prosper."

loJwe = CreateObject('Chilkat.Jwe')

* First build the JWE Protected Header: {"alg":"A128KW","enc":"A128CBC-HS256"}
loJweProtHdr = CreateObject('Chilkat.JsonObject')
loJweProtHdr.AppendString("alg","A128KW")
loJweProtHdr.AppendString("enc","A128CBC-HS256")
loJwe.SetProtectedHeader(loJweProtHdr)

? "JWE Protected Header: " + loJweProtHdr.Emit()
? "--"

* The example A.3 in RFC 7516 uses the following 128-bit AES key,
* specified in JWK (JSON Web Key) format:
*      {"kty":"oct",
*       "k":"GawgguFyGrWKav7AX4VKUg"
*      }
* This is just a way of saying: The key type ("kty") is 
* a bunch of octets ("k") in base64url encoding.
* We can simply set the AES wrapping key like this:
lcAesWrappingKey = "GawgguFyGrWKav7AX4VKUg"
loJwe.SetWrappingKey(0,lcAesWrappingKey,"base64url")

* Encrypt and return the JWE:
lcStrJwe = loJwe.Encrypt(lcPlaintext,"utf-8")
IF (loJwe.LastMethodSuccess <> 1) THEN
    ? loJwe.LastErrorText
    RELEASE loJwe
    RELEASE loJweProtHdr
    CANCEL
ENDIF

* Show the JWE we just created:
? lcStrJwe

* Decrypt the JWE that was just produced.
* 1) Load the JWE.
* 2) Set the AES wrapping key.
* 3) Decrypt.
loJwe2 = CreateObject('Chilkat.Jwe')
lnSuccess = loJwe2.LoadJwe(lcStrJwe)
IF (lnSuccess <> 1) THEN
    ? loJwe2.LastErrorText
    RELEASE loJwe
    RELEASE loJweProtHdr
    RELEASE loJwe2
    CANCEL
ENDIF

* Set the AES wrap key.
loJwe2.SetWrappingKey(0,lcAesWrappingKey,"base64url")

* Decrypt.
lcOriginalPlaintext = loJwe2.Decrypt(0,"utf-8")
IF (loJwe2.LastMethodSuccess <> 1) THEN
    ? loJwe2.LastErrorText
    RELEASE loJwe
    RELEASE loJweProtHdr
    RELEASE loJwe2
    CANCEL
ENDIF

? "original text: "
? lcOriginalPlaintext

* ---------------------------------------------------------------------------------
* It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.3.7
* because it was produced using the same AES Wrap key.

loSbJwe = CreateObject('Chilkat.StringBuilder')
loSbJwe.Append("eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.")
loSbJwe.Append("6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ.")
loSbJwe.Append("AxY8DCtDaGlsbGljb3RoZQ.")
loSbJwe.Append("KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.")
loSbJwe.Append("U0m_YmjN04DJvceFICbCVQ")

lnSuccess = loJwe2.LoadJweSb(loSbJwe)
IF (lnSuccess <> 1) THEN
    ? loJwe2.LastErrorText
    RELEASE loJwe
    RELEASE loJweProtHdr
    RELEASE loJwe2
    RELEASE loSbJwe
    CANCEL
ENDIF

loJwe2.SetWrappingKey(0,lcAesWrappingKey,"base64url")

* Decrypt.
lcOriginalPlaintext = loJwe2.Decrypt(0,"utf-8")
IF (loJwe2.LastMethodSuccess <> 1) THEN
    ? loJwe2.LastErrorText
    RELEASE loJwe
    RELEASE loJweProtHdr
    RELEASE loJwe2
    RELEASE loSbJwe
    CANCEL
ENDIF

? lcOriginalPlaintext

RELEASE loJwe
RELEASE loJweProtHdr
RELEASE loJwe2
RELEASE loSbJwe