|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PureBasic) JWE using RSAES-PKCS1-v1_5 and AES_128_CBC_HMAC_SHA_256This example duplicates the example A.2 in RFC 7516 for JSON Web Encryption (JWE). Note: This example requires Chilkat v9.5.0.66 or greater.
IncludeFile "CkStringBuilder.pb" IncludeFile "CkJsonObject.pb" IncludeFile "CkJwe.pb" IncludeFile "CkPrivateKey.pb" IncludeFile "CkPublicKey.pb" Procedure ChilkatExample() ; This requires the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. ; Note: This example requires Chilkat v9.5.0.66 or greater. success.i plaintext.s = "Live long and prosper." ; First build the JWE Protected Header. ; We want to build this: {"alg":"RSA1_5","enc":"A128CBC-HS256"} jweProtHdr.i = CkJsonObject::ckCreate() If jweProtHdr.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkJsonObject::ckAppendString(jweProtHdr,"alg","RSA1_5") CkJsonObject::ckAppendString(jweProtHdr,"enc","A128CBC-HS256") Debug "JWE Protected Header: " + CkJsonObject::ckEmit(jweProtHdr) Debug "--" ; The specific RSA key used in the A.2 example is the following JWK: sbJwk.i = CkStringBuilder::ckCreate() If sbJwk.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkStringBuilder::ckAppend(sbJwk,"{" + Chr(34) + "kty" + Chr(34) + ":" + Chr(34) + "RSA" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "n" + Chr(34) + ":" + Chr(34) + "sXchDaQebHnPiGvyDOAT4saGEUetSyo9MKLOoWFsueri23bOdgWp4Dy1Wl") CkStringBuilder::ckAppend(sbJwk,"UzewbgBHod5pcM9H95GQRV3JDXboIRROSBigeC5yjU1hGzHHyXss8UDpre") CkStringBuilder::ckAppend(sbJwk,"cbAYxknTcQkhslANGRUZmdTOQ5qTRsLAt6BTYuyvVRdhS8exSZEy_c4gs_") CkStringBuilder::ckAppend(sbJwk,"7svlJJQ4H9_NxsiIoLwAEk7-Q3UXERGYw_75IDrGA84-lA_-Ct4eTlXHBI") CkStringBuilder::ckAppend(sbJwk,"Y2EaV7t7LjJaynVJCpkv4LKjTTAumiGUIuQhrNhZLuF_RJLqHpM2kgWFLU") CkStringBuilder::ckAppend(sbJwk,"7-VTdL1VbC2tejvcI2BlMkEpk1BzBZI0KQB0GaDWFLN-aEAw3vRw" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "e" + Chr(34) + ":" + Chr(34) + "AQAB" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "d" + Chr(34) + ":" + Chr(34) + "VFCWOqXr8nvZNyaaJLXdnNPXZKRaWCjkU5Q2egQQpTBMwhprMzWzpR8Sxq") CkStringBuilder::ckAppend(sbJwk,"1OPThh_J6MUD8Z35wky9b8eEO0pwNS8xlh1lOFRRBoNqDIKVOku0aZb-ry") CkStringBuilder::ckAppend(sbJwk,"nq8cxjDTLZQ6Fz7jSjR1Klop-YKaUHc9GsEofQqYruPhzSA-QgajZGPbE_") CkStringBuilder::ckAppend(sbJwk,"0ZaVDJHfyd7UUBUKunFMScbflYAAOYJqVIVwaYR5zWEEceUjNnTNo_CVSj") CkStringBuilder::ckAppend(sbJwk,"-VvXLO5VZfCUAVLgW4dpf1SrtZjSt34YLsRarSb127reG_DUwg9Ch-Kyvj") CkStringBuilder::ckAppend(sbJwk,"T1SkHgUWRVGcyly7uvVGRSDwsXypdrNinPA4jlhoNdizK2zF2CWQ" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "p" + Chr(34) + ":" + Chr(34) + "9gY2w6I6S6L0juEKsbeDAwpd9WMfgqFoeA9vEyEUuk4kLwBKcoe1x4HG68") CkStringBuilder::ckAppend(sbJwk,"ik918hdDSE9vDQSccA3xXHOAFOPJ8R9EeIAbTi1VwBYnbTp87X-xcPWlEP") CkStringBuilder::ckAppend(sbJwk,"krdoUKW60tgs1aNd_Nnc9LEVVPMS390zbFxt8TN_biaBgelNgbC95sM" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "q" + Chr(34) + ":" + Chr(34) + "uKlCKvKv_ZJMVcdIs5vVSU_6cPtYI1ljWytExV_skstvRSNi9r66jdd9-y") CkStringBuilder::ckAppend(sbJwk,"BhVfuG4shsp2j7rGnIio901RBeHo6TPKWVVykPu1iYhQXw1jIABfw-MVsN") CkStringBuilder::ckAppend(sbJwk,"-3bQ76WLdt2SDxsHs7q7zPyUyHXmps7ycZ5c72wGkUwNOjYelmkiNS0" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "dp" + Chr(34) + ":" + Chr(34) + "w0kZbV63cVRvVX6yk3C8cMxo2qCM4Y8nsq1lmMSYhG4EcL6FWbX5h9yuv") CkStringBuilder::ckAppend(sbJwk,"ngs4iLEFk6eALoUS4vIWEwcL4txw9LsWH_zKI-hwoReoP77cOdSL4AVcra") CkStringBuilder::ckAppend(sbJwk,"Hawlkpyd2TWjE5evgbhWtOxnZee3cXJBkAi64Ik6jZxbvk-RR3pEhnCs" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "dq" + Chr(34) + ":" + Chr(34) + "o_8V14SezckO6CNLKs_btPdFiO9_kC1DsuUTd2LAfIIVeMZ7jn1Gus_Ff") CkStringBuilder::ckAppend(sbJwk,"7B7IVx3p5KuBGOVF8L-qifLb6nQnLysgHDh132NDioZkhH7mI7hPG-PYE_") CkStringBuilder::ckAppend(sbJwk,"odApKdnqECHWw0J-F0JWnUd6D2B_1TvF9mXA2Qx-iGYn8OVV1Bsmp6qU" + Chr(34) + ",") CkStringBuilder::ckAppend(sbJwk,Chr(34) + "qi" + Chr(34) + ":" + Chr(34) + "eNho5yRBEBxhGBtQRww9QirZsB66TrfFReG_CcteI1aCneT0ELGhYlRlC") CkStringBuilder::ckAppend(sbJwk,"tUkTRclIfuEPmNsNDPbLoLqqCVznFbvdB7x-Tl-m0l_eFTj2KiqwGqE9PZ") CkStringBuilder::ckAppend(sbJwk,"B9nNTwMVvH3VRRSLWACvPnSiwP8N5Usy-WRXS-V7TbpxIhvepTfE0NNo" + Chr(34)) CkStringBuilder::ckAppend(sbJwk,"}") ; Load this JWK into a Chilkat private key object. rsaPrivKey.i = CkPrivateKey::ckCreate() If rsaPrivKey.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success = CkPrivateKey::ckLoadJwk(rsaPrivKey,CkStringBuilder::ckGetAsString(sbJwk)) If success <> 1 Debug CkPrivateKey::ckLastErrorText(rsaPrivKey) CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) ProcedureReturn EndIf ; The public key is used to encrypt (i.e. create the JWE), ; and the private key is used to decrypt. ; The RSA public key is simply a subset of the private key. The RSA public key ; is composed of the "n" and "e" members shown above. These are also known as the ; modulus and exponent. ; We can simply get the public key object from the private key object rsaPubKey.i = CkPrivateKey::ckGetPublicKey(rsaPrivKey) ; Create the JWE... jwe.i = CkJwe::ckCreate() If jwe.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkJwe::ckSetProtectedHeader(jwe,jweProtHdr) CkJwe::ckSetPublicKey(jwe,0,rsaPubKey) CkPublicKey::ckDispose(rsaPubKey) strJwe.s = CkJwe::ckEncrypt(jwe,plaintext,"utf-8") If CkJwe::ckLastMethodSuccess(jwe) <> 1 Debug CkJwe::ckLastErrorText(jwe) CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) CkJwe::ckDispose(jwe) ProcedureReturn EndIf ; Show the JWE we just created: Debug strJwe ; Note: The RSA PKCS1_V1_5 padding uses random value, and the results ; will be different each time. However, each result should be successfully ; decrypting if using the correct RSA private key. ; Let's decrypt the JWE that was just produced. ; Do the following to decrypt a JWE: ; 1) Load the JWE. ; 2) Set the private key for decryption. ; 3) Decrypt. jwe2.i = CkJwe::ckCreate() If jwe2.i = 0 Debug "Failed to create object." ProcedureReturn EndIf success = CkJwe::ckLoadJwe(jwe2,strJwe) If success <> 1 Debug CkJwe::ckLastErrorText(jwe2) CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) CkJwe::ckDispose(jwe) CkJwe::ckDispose(jwe2) ProcedureReturn EndIf ; Provide the RSA private key for decryption. ; (The JWE was encrypted for a single recipient at index 0.) CkJwe::ckSetPrivateKey(jwe2,0,rsaPrivKey) ; Decrypt. originalPlaintext.s = CkJwe::ckDecrypt(jwe2,0,"utf-8") If CkJwe::ckLastMethodSuccess(jwe2) <> 1 Debug CkJwe::ckLastErrorText(jwe2) CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) CkJwe::ckDispose(jwe) CkJwe::ckDispose(jwe2) ProcedureReturn EndIf Debug "original text: " Debug originalPlaintext ; --------------------------------------------------------------------------------- ; It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.2.7 ; because it was produced using the same RSA key. sbJwe.i = CkStringBuilder::ckCreate() If sbJwe.i = 0 Debug "Failed to create object." ProcedureReturn EndIf CkStringBuilder::ckAppend(sbJwe,"eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.") CkStringBuilder::ckAppend(sbJwe,"UGhIOguC7IuEvf_NPVaXsGMoLOmwvc1GyqlIKOK1nN94nHPoltGRhWhw7Zx0-kFm") CkStringBuilder::ckAppend(sbJwe,"1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7Pc") CkStringBuilder::ckAppend(sbJwe,"HALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIF") CkStringBuilder::ckAppend(sbJwe,"NPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8") CkStringBuilder::ckAppend(sbJwe,"rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv") CkStringBuilder::ckAppend(sbJwe,"-B3oWh2TbqmScqXMR4gp_A.") CkStringBuilder::ckAppend(sbJwe,"AxY8DCtDaGlsbGljb3RoZQ.") CkStringBuilder::ckAppend(sbJwe,"KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.") CkStringBuilder::ckAppend(sbJwe,"9hH0vgRfYgPnAHOd8stkvw") success = CkJwe::ckLoadJweSb(jwe2,sbJwe) If success <> 1 Debug CkJwe::ckLastErrorText(jwe2) CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) CkJwe::ckDispose(jwe) CkJwe::ckDispose(jwe2) CkStringBuilder::ckDispose(sbJwe) ProcedureReturn EndIf ; Provide the RSA private key for decryption. CkJwe::ckSetPrivateKey(jwe2,0,rsaPrivKey) ; Decrypt. originalPlaintext = CkJwe::ckDecrypt(jwe2,0,"utf-8") If CkJwe::ckLastMethodSuccess(jwe2) <> 1 Debug CkJwe::ckLastErrorText(jwe2) CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) CkJwe::ckDispose(jwe) CkJwe::ckDispose(jwe2) CkStringBuilder::ckDispose(sbJwe) ProcedureReturn EndIf Debug originalPlaintext CkJsonObject::ckDispose(jweProtHdr) CkStringBuilder::ckDispose(sbJwk) CkPrivateKey::ckDispose(rsaPrivKey) CkJwe::ckDispose(jwe) CkJwe::ckDispose(jwe2) CkStringBuilder::ckDispose(sbJwe) ProcedureReturn EndProcedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.