Sample code for 30+ languages & platforms
PureBasic

JWE using A256GCMKW

See more JSON Web Encryption (JWE) Examples

This example demonstrates creating a JCE with AES GCM key wrap.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkJwe.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkPrng.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    plaintext.s = "My text to enrypt"

    jwe.i = CkJwe::ckCreate()
    If jwe.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; First build the JWE Protected Header: 

    ;         {
    ;             "alg": "A256GCMKW",
    ;             "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
    ;             "tag": "kfPduVQ3T3H6vnewt--ksw",
    ;             "iv": "KkYT0GX_2jHlfqN_",
    ;             "enc": "A128CBC-HS256"
    ;         }

    jweProtHdr.i = CkJsonObject::ckCreate()
    If jweProtHdr.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckAppendString(jweProtHdr,"alg","A256GCMKW")
    ; kid is optional
    CkJsonObject::ckAppendString(jweProtHdr,"kid","18ec08e1-bfa9-4d95-b205-2b4dd1d4321d")
    ; tag is optional
    CkJsonObject::ckAppendString(jweProtHdr,"tag","kfPduVQ3T3H6vnewt--ksw")
    CkJsonObject::ckAppendString(jweProtHdr,"enc","A256GCM")
    ; the iv should be 16 random chars.
    prng.i = CkPrng::ckCreate()
    If prng.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckAppendString(jweProtHdr,"iv",CkPrng::ckRandomString(prng,16,1,1,1))
    CkJwe::ckSetProtectedHeader(jwe,jweProtHdr)

    Debug "JWE Protected Header: " + CkJsonObject::ckEmit(jweProtHdr)
    Debug "--"

    ; Given that we have 256-bit AES, our key should be 32 bytes.
    ; The ascii string here is 32 bytes, therefore the 2nd arg is "ascii" to use these
    ; ascii chars directly as the key.
    aesWrappingKey.s = "2baf4f730f5e4542b428593ef9cceb0e"
    CkJwe::ckSetWrappingKey(jwe,0,aesWrappingKey,"ascii")

    ; Encrypt and return the JWE:
    strJwe.s = CkJwe::ckEncrypt(jwe,plaintext,"utf-8")
    If CkJwe::ckLastMethodSuccess(jwe) <> 1
        Debug CkJwe::ckLastErrorText(jwe)
        CkJwe::ckDispose(jwe)
        CkJsonObject::ckDispose(jweProtHdr)
        CkPrng::ckDispose(prng)
        ProcedureReturn
    EndIf

    ; Show the JWE we just created:
    Debug strJwe

    ; Decrypt the JWE that was just produced.
    ; 1) Load the JWE.
    ; 2) Set the AES wrapping key.
    ; 3) Decrypt.
    jwe2.i = CkJwe::ckCreate()
    If jwe2.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkJwe::ckLoadJwe(jwe2,strJwe)
    If success <> 1
        Debug CkJwe::ckLastErrorText(jwe2)
        CkJwe::ckDispose(jwe)
        CkJsonObject::ckDispose(jweProtHdr)
        CkPrng::ckDispose(prng)
        CkJwe::ckDispose(jwe2)
        ProcedureReturn
    EndIf

    ; Set the AES wrap key.  Important to use "ascii"
    CkJwe::ckSetWrappingKey(jwe2,0,aesWrappingKey,"ascii")

    ; Decrypt.
    originalPlaintext.s = CkJwe::ckDecrypt(jwe2,0,"utf-8")
    If CkJwe::ckLastMethodSuccess(jwe2) <> 1
        Debug CkJwe::ckLastErrorText(jwe2)
        CkJwe::ckDispose(jwe)
        CkJsonObject::ckDispose(jweProtHdr)
        CkPrng::ckDispose(prng)
        CkJwe::ckDispose(jwe2)
        ProcedureReturn
    EndIf

    Debug "original text: "
    Debug originalPlaintext


    CkJwe::ckDispose(jwe)
    CkJsonObject::ckDispose(jweProtHdr)
    CkPrng::ckDispose(prng)
    CkJwe::ckDispose(jwe2)


    ProcedureReturn
EndProcedure