Sample code for 30+ languages & platforms
Ruby

JWE using A256GCMKW

See more JSON Web Encryption (JWE) Examples

This example demonstrates creating a JCE with AES GCM key wrap.

Chilkat Ruby Downloads

Ruby
require 'chilkat'

success = false

# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

plaintext = "My text to enrypt"

jwe = Chilkat::CkJwe.new()

# First build the JWE Protected Header: 

#         {
#             "alg": "A256GCMKW",
#             "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
#             "tag": "kfPduVQ3T3H6vnewt--ksw",
#             "iv": "KkYT0GX_2jHlfqN_",
#             "enc": "A128CBC-HS256"
#         }

jweProtHdr = Chilkat::CkJsonObject.new()
jweProtHdr.AppendString("alg","A256GCMKW")
# kid is optional
jweProtHdr.AppendString("kid","18ec08e1-bfa9-4d95-b205-2b4dd1d4321d")
# tag is optional
jweProtHdr.AppendString("tag","kfPduVQ3T3H6vnewt--ksw")
jweProtHdr.AppendString("enc","A256GCM")
# the iv should be 16 random chars.
prng = Chilkat::CkPrng.new()
jweProtHdr.AppendString("iv",prng.randomString(16,true,true,true))
jwe.SetProtectedHeader(jweProtHdr)

print "JWE Protected Header: " + jweProtHdr.emit() + "\n";
print "--" + "\n";

# Given that we have 256-bit AES, our key should be 32 bytes.
# The ascii string here is 32 bytes, therefore the 2nd arg is "ascii" to use these
# ascii chars directly as the key.
aesWrappingKey = "2baf4f730f5e4542b428593ef9cceb0e"
jwe.SetWrappingKey(0,aesWrappingKey,"ascii")

# Encrypt and return the JWE:
strJwe = jwe.encrypt(plaintext,"utf-8")
if (jwe.get_LastMethodSuccess() != true)
    print jwe.lastErrorText() + "\n";
    exit
end

# Show the JWE we just created:
print strJwe + "\n";

# Decrypt the JWE that was just produced.
# 1) Load the JWE.
# 2) Set the AES wrapping key.
# 3) Decrypt.
jwe2 = Chilkat::CkJwe.new()
success = jwe2.LoadJwe(strJwe)
if (success != true)
    print jwe2.lastErrorText() + "\n";
    exit
end

# Set the AES wrap key.  Important to use "ascii"
jwe2.SetWrappingKey(0,aesWrappingKey,"ascii")

# Decrypt.
originalPlaintext = jwe2.decrypt(0,"utf-8")
if (jwe2.get_LastMethodSuccess() != true)
    print jwe2.lastErrorText() + "\n";
    exit
end

print "original text: " + "\n";
print originalPlaintext + "\n";