PureBasic
PureBasic
JWE using A256GCMKW
See more JSON Web Encryption (JWE) Examples
This example demonstrates creating a JCE with AES GCM key wrap.Chilkat PureBasic Downloads
IncludeFile "CkJwe.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkPrng.pb"
Procedure ChilkatExample()
success.i = 0
; This requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
plaintext.s = "My text to enrypt"
jwe.i = CkJwe::ckCreate()
If jwe.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; First build the JWE Protected Header:
; {
; "alg": "A256GCMKW",
; "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
; "tag": "kfPduVQ3T3H6vnewt--ksw",
; "iv": "KkYT0GX_2jHlfqN_",
; "enc": "A128CBC-HS256"
; }
jweProtHdr.i = CkJsonObject::ckCreate()
If jweProtHdr.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckAppendString(jweProtHdr,"alg","A256GCMKW")
; kid is optional
CkJsonObject::ckAppendString(jweProtHdr,"kid","18ec08e1-bfa9-4d95-b205-2b4dd1d4321d")
; tag is optional
CkJsonObject::ckAppendString(jweProtHdr,"tag","kfPduVQ3T3H6vnewt--ksw")
CkJsonObject::ckAppendString(jweProtHdr,"enc","A256GCM")
; the iv should be 16 random chars.
prng.i = CkPrng::ckCreate()
If prng.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckAppendString(jweProtHdr,"iv",CkPrng::ckRandomString(prng,16,1,1,1))
CkJwe::ckSetProtectedHeader(jwe,jweProtHdr)
Debug "JWE Protected Header: " + CkJsonObject::ckEmit(jweProtHdr)
Debug "--"
; Given that we have 256-bit AES, our key should be 32 bytes.
; The ascii string here is 32 bytes, therefore the 2nd arg is "ascii" to use these
; ascii chars directly as the key.
aesWrappingKey.s = "2baf4f730f5e4542b428593ef9cceb0e"
CkJwe::ckSetWrappingKey(jwe,0,aesWrappingKey,"ascii")
; Encrypt and return the JWE:
strJwe.s = CkJwe::ckEncrypt(jwe,plaintext,"utf-8")
If CkJwe::ckLastMethodSuccess(jwe) <> 1
Debug CkJwe::ckLastErrorText(jwe)
CkJwe::ckDispose(jwe)
CkJsonObject::ckDispose(jweProtHdr)
CkPrng::ckDispose(prng)
ProcedureReturn
EndIf
; Show the JWE we just created:
Debug strJwe
; Decrypt the JWE that was just produced.
; 1) Load the JWE.
; 2) Set the AES wrapping key.
; 3) Decrypt.
jwe2.i = CkJwe::ckCreate()
If jwe2.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkJwe::ckLoadJwe(jwe2,strJwe)
If success <> 1
Debug CkJwe::ckLastErrorText(jwe2)
CkJwe::ckDispose(jwe)
CkJsonObject::ckDispose(jweProtHdr)
CkPrng::ckDispose(prng)
CkJwe::ckDispose(jwe2)
ProcedureReturn
EndIf
; Set the AES wrap key. Important to use "ascii"
CkJwe::ckSetWrappingKey(jwe2,0,aesWrappingKey,"ascii")
; Decrypt.
originalPlaintext.s = CkJwe::ckDecrypt(jwe2,0,"utf-8")
If CkJwe::ckLastMethodSuccess(jwe2) <> 1
Debug CkJwe::ckLastErrorText(jwe2)
CkJwe::ckDispose(jwe)
CkJsonObject::ckDispose(jweProtHdr)
CkPrng::ckDispose(prng)
CkJwe::ckDispose(jwe2)
ProcedureReturn
EndIf
Debug "original text: "
Debug originalPlaintext
CkJwe::ckDispose(jwe)
CkJsonObject::ckDispose(jweProtHdr)
CkPrng::ckDispose(prng)
CkJwe::ckDispose(jwe2)
ProcedureReturn
EndProcedure