Objective-C
Objective-C
JWE using ECDH-ES+A256KW
See more JSON Web Encryption (JWE) Examples
Create a JWE with the following public/private key pair:
{
"kty": "EC",
"d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
"use": "enc",
"crv": "P-256",
"kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
"x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
"y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
"alg": "ECDH-ES+A256KW"
}
Also shows how to decrypt.
Chilkat Objective-C Downloads
#import <CkoJsonObject.h>
#import <CkoPublicKey.h>
#import <CkoJwt.h>
#import <CkoJwe.h>
#import <NSString.h>
#import <CkoPrivateKey.h>
BOOL success = NO;
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Create the following JSON:
// {
// "kty": "EC",
// "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
// "use": "enc",
// "crv": "P-256",
// "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
// "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
// "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
// "alg": "ECDH-ES+A256KW"
// }
CkoJsonObject *json = [[CkoJsonObject alloc] init];
[json UpdateString: @"kty" value: @"EC"];
[json UpdateString: @"d" value: @"jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c"];
[json UpdateString: @"use" value: @"enc"];
[json UpdateString: @"crv" value: @"P-256"];
[json UpdateString: @"kid" value: @"evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs"];
[json UpdateString: @"x" value: @"LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM"];
[json UpdateString: @"y" value: @"voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4"];
[json UpdateString: @"alg" value: @"ECDH-ES+A256KW"];
CkoPublicKey *pubkey = [[CkoPublicKey alloc] init];
success = [pubkey LoadFromString: [json Emit]];
if (success == NO) {
NSLog(@"%@",pubkey.LastErrorText);
return;
}
// Build our protected header:
// {
// "alg": "ECDH-ES+A256KW",
// "enc": "A256GCM",
// "exp": 1621957030,
// "cty": "NJWT",
// "epk": {
// "kty": "EC",
// "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
// "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
// "crv": "BP-256"
// }
// }
// Use jwt only for getting the current date/time + 3600 seconds.
CkoJwt *jwt = [[CkoJwt alloc] init];
CkoJsonObject *jweProtHdr = [[CkoJsonObject alloc] init];
[jweProtHdr UpdateString: @"alg" value: @"ECDH-ES+A256KW"];
[jweProtHdr UpdateString: @"enc" value: @"A256GCM"];
[jweProtHdr UpdateInt: @"exp" value: [jwt GenNumericDate: [NSNumber numberWithInt: 3600]]];
[jweProtHdr UpdateString: @"cty" value: @"NJWT"];
[jweProtHdr UpdateString: @"epk.kty" value: @"EC"];
[jweProtHdr UpdateString: @"epk.x" value: @"LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM"];
[jweProtHdr UpdateString: @"epk.y" value: @"voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4"];
[jweProtHdr UpdateString: @"epk.crv" value: @"P-256"];
CkoJwe *jwe = [[CkoJwe alloc] init];
[jwe SetProtectedHeader: jweProtHdr];
[jwe SetPublicKey: [NSNumber numberWithInt: 0] pubKey: pubkey];
NSString *plainText = @"This is the text to be encrypted.";
NSString *strJwe = [jwe Encrypt: plainText charset: @"utf-8"];
if (jwe.LastMethodSuccess != YES) {
NSLog(@"%@",jwe.LastErrorText);
return;
}
NSLog(@"%@",strJwe);
// Let's decrypt...
CkoPrivateKey *privkey = [[CkoPrivateKey alloc] init];
success = [privkey LoadJwk: [json Emit]];
if (success == NO) {
NSLog(@"%@",privkey.LastErrorText);
return;
}
CkoJwe *jwe2 = [[CkoJwe alloc] init];
success = [jwe2 LoadJwe: strJwe];
if (success == NO) {
NSLog(@"%@",jwe2.LastErrorText);
return;
}
[jwe2 SetPrivateKey: [NSNumber numberWithInt: 0] privKey: privkey];
// Decrypt.
NSString *decryptedText = [jwe2 Decrypt: [NSNumber numberWithInt: 0] charset: @"utf-8"];
if (jwe2.LastMethodSuccess != YES) {
NSLog(@"%@",jwe2.LastErrorText);
return;
}
NSLog(@"%@",decryptedText);