Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Objective-C) JWE using RSAES-PKCS1-v1_5 and AES_128_CBC_HMAC_SHA_256This example duplicates the example A.2 in RFC 7516 for JSON Web Encryption (JWE). Note: This example requires Chilkat v9.5.0.66 or greater.
#import <NSString.h> #import <CkoJsonObject.h> #import <CkoStringBuilder.h> #import <CkoPrivateKey.h> #import <CkoPublicKey.h> #import <CkoJwe.h> // This requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: This example requires Chilkat v9.5.0.66 or greater. BOOL success; NSString *plaintext = @"Live long and prosper."; // First build the JWE Protected Header. // We want to build this: {"alg":"RSA1_5","enc":"A128CBC-HS256"} CkoJsonObject *jweProtHdr = [[CkoJsonObject alloc] init]; [jweProtHdr AppendString: @"alg" value: @"RSA1_5"]; [jweProtHdr AppendString: @"enc" value: @"A128CBC-HS256"]; NSLog(@"%@%@",@"JWE Protected Header: ",[jweProtHdr Emit]); NSLog(@"%@",@"--"); // The specific RSA key used in the A.2 example is the following JWK: CkoStringBuilder *sbJwk = [[CkoStringBuilder alloc] init]; [sbJwk Append: @"{\"kty\":\"RSA\","]; [sbJwk Append: @"\"n\":\"sXchDaQebHnPiGvyDOAT4saGEUetSyo9MKLOoWFsueri23bOdgWp4Dy1Wl"]; [sbJwk Append: @"UzewbgBHod5pcM9H95GQRV3JDXboIRROSBigeC5yjU1hGzHHyXss8UDpre"]; [sbJwk Append: @"cbAYxknTcQkhslANGRUZmdTOQ5qTRsLAt6BTYuyvVRdhS8exSZEy_c4gs_"]; [sbJwk Append: @"7svlJJQ4H9_NxsiIoLwAEk7-Q3UXERGYw_75IDrGA84-lA_-Ct4eTlXHBI"]; [sbJwk Append: @"Y2EaV7t7LjJaynVJCpkv4LKjTTAumiGUIuQhrNhZLuF_RJLqHpM2kgWFLU"]; [sbJwk Append: @"7-VTdL1VbC2tejvcI2BlMkEpk1BzBZI0KQB0GaDWFLN-aEAw3vRw\","]; [sbJwk Append: @"\"e\":\"AQAB\","]; [sbJwk Append: @"\"d\":\"VFCWOqXr8nvZNyaaJLXdnNPXZKRaWCjkU5Q2egQQpTBMwhprMzWzpR8Sxq"]; [sbJwk Append: @"1OPThh_J6MUD8Z35wky9b8eEO0pwNS8xlh1lOFRRBoNqDIKVOku0aZb-ry"]; [sbJwk Append: @"nq8cxjDTLZQ6Fz7jSjR1Klop-YKaUHc9GsEofQqYruPhzSA-QgajZGPbE_"]; [sbJwk Append: @"0ZaVDJHfyd7UUBUKunFMScbflYAAOYJqVIVwaYR5zWEEceUjNnTNo_CVSj"]; [sbJwk Append: @"-VvXLO5VZfCUAVLgW4dpf1SrtZjSt34YLsRarSb127reG_DUwg9Ch-Kyvj"]; [sbJwk Append: @"T1SkHgUWRVGcyly7uvVGRSDwsXypdrNinPA4jlhoNdizK2zF2CWQ\","]; [sbJwk Append: @"\"p\":\"9gY2w6I6S6L0juEKsbeDAwpd9WMfgqFoeA9vEyEUuk4kLwBKcoe1x4HG68"]; [sbJwk Append: @"ik918hdDSE9vDQSccA3xXHOAFOPJ8R9EeIAbTi1VwBYnbTp87X-xcPWlEP"]; [sbJwk Append: @"krdoUKW60tgs1aNd_Nnc9LEVVPMS390zbFxt8TN_biaBgelNgbC95sM\","]; [sbJwk Append: @"\"q\":\"uKlCKvKv_ZJMVcdIs5vVSU_6cPtYI1ljWytExV_skstvRSNi9r66jdd9-y"]; [sbJwk Append: @"BhVfuG4shsp2j7rGnIio901RBeHo6TPKWVVykPu1iYhQXw1jIABfw-MVsN"]; [sbJwk Append: @"-3bQ76WLdt2SDxsHs7q7zPyUyHXmps7ycZ5c72wGkUwNOjYelmkiNS0\","]; [sbJwk Append: @"\"dp\":\"w0kZbV63cVRvVX6yk3C8cMxo2qCM4Y8nsq1lmMSYhG4EcL6FWbX5h9yuv"]; [sbJwk Append: @"ngs4iLEFk6eALoUS4vIWEwcL4txw9LsWH_zKI-hwoReoP77cOdSL4AVcra"]; [sbJwk Append: @"Hawlkpyd2TWjE5evgbhWtOxnZee3cXJBkAi64Ik6jZxbvk-RR3pEhnCs\","]; [sbJwk Append: @"\"dq\":\"o_8V14SezckO6CNLKs_btPdFiO9_kC1DsuUTd2LAfIIVeMZ7jn1Gus_Ff"]; [sbJwk Append: @"7B7IVx3p5KuBGOVF8L-qifLb6nQnLysgHDh132NDioZkhH7mI7hPG-PYE_"]; [sbJwk Append: @"odApKdnqECHWw0J-F0JWnUd6D2B_1TvF9mXA2Qx-iGYn8OVV1Bsmp6qU\","]; [sbJwk Append: @"\"qi\":\"eNho5yRBEBxhGBtQRww9QirZsB66TrfFReG_CcteI1aCneT0ELGhYlRlC"]; [sbJwk Append: @"tUkTRclIfuEPmNsNDPbLoLqqCVznFbvdB7x-Tl-m0l_eFTj2KiqwGqE9PZ"]; [sbJwk Append: @"B9nNTwMVvH3VRRSLWACvPnSiwP8N5Usy-WRXS-V7TbpxIhvepTfE0NNo\""]; [sbJwk Append: @"}"]; // Load this JWK into a Chilkat private key object. CkoPrivateKey *rsaPrivKey = [[CkoPrivateKey alloc] init]; success = [rsaPrivKey LoadJwk: [sbJwk GetAsString]]; if (success != YES) { NSLog(@"%@",rsaPrivKey.LastErrorText); return; } // The public key is used to encrypt (i.e. create the JWE), // and the private key is used to decrypt. // The RSA public key is simply a subset of the private key. The RSA public key // is composed of the "n" and "e" members shown above. These are also known as the // modulus and exponent. // We can simply get the public key object from the private key object CkoPublicKey *rsaPubKey = [rsaPrivKey GetPublicKey]; // Create the JWE... CkoJwe *jwe = [[CkoJwe alloc] init]; [jwe SetProtectedHeader: jweProtHdr]; [jwe SetPublicKey: [NSNumber numberWithInt: 0] pubKey: rsaPubKey]; NSString *strJwe = [jwe Encrypt: plaintext charset: @"utf-8"]; if (jwe.LastMethodSuccess != YES) { NSLog(@"%@",jwe.LastErrorText); return; } // Show the JWE we just created: NSLog(@"%@",strJwe); // Note: The RSA PKCS1_V1_5 padding uses random value, and the results // will be different each time. However, each result should be successfully // decrypting if using the correct RSA private key. // Let's decrypt the JWE that was just produced. // Do the following to decrypt a JWE: // 1) Load the JWE. // 2) Set the private key for decryption. // 3) Decrypt. CkoJwe *jwe2 = [[CkoJwe alloc] init]; success = [jwe2 LoadJwe: strJwe]; if (success != YES) { NSLog(@"%@",jwe2.LastErrorText); return; } // Provide the RSA private key for decryption. // (The JWE was encrypted for a single recipient at index 0.) [jwe2 SetPrivateKey: [NSNumber numberWithInt: 0] privKey: rsaPrivKey]; // Decrypt. NSString *originalPlaintext = [jwe2 Decrypt: [NSNumber numberWithInt: 0] charset: @"utf-8"]; if (jwe2.LastMethodSuccess != YES) { NSLog(@"%@",jwe2.LastErrorText); return; } NSLog(@"%@",@"original text: "); NSLog(@"%@",originalPlaintext); // --------------------------------------------------------------------------------- // It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.2.7 // because it was produced using the same RSA key. CkoStringBuilder *sbJwe = [[CkoStringBuilder alloc] init]; [sbJwe Append: @"eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0."]; [sbJwe Append: @"UGhIOguC7IuEvf_NPVaXsGMoLOmwvc1GyqlIKOK1nN94nHPoltGRhWhw7Zx0-kFm"]; [sbJwe Append: @"1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7Pc"]; [sbJwe Append: @"HALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIF"]; [sbJwe Append: @"NPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8"]; [sbJwe Append: @"rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv"]; [sbJwe Append: @"-B3oWh2TbqmScqXMR4gp_A."]; [sbJwe Append: @"AxY8DCtDaGlsbGljb3RoZQ."]; [sbJwe Append: @"KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY."]; [sbJwe Append: @"9hH0vgRfYgPnAHOd8stkvw"]; success = [jwe2 LoadJweSb: sbJwe]; if (success != YES) { NSLog(@"%@",jwe2.LastErrorText); return; } // Provide the RSA private key for decryption. [jwe2 SetPrivateKey: [NSNumber numberWithInt: 0] privKey: rsaPrivKey]; // Decrypt. originalPlaintext = [jwe2 Decrypt: [NSNumber numberWithInt: 0] charset: @"utf-8"]; if (jwe2.LastMethodSuccess != YES) { NSLog(@"%@",jwe2.LastErrorText); return; } NSLog(@"%@",originalPlaintext); |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.