Sample code for 30+ languages & platforms
VBScript

JWE using AES Key Wrap and AES_128_CBC_HMAC_SHA_256

See more JSON Web Encryption (JWE) Examples

This example duplicates the example A.3 in RFC 7516 for JSON Web Encryption (JWE).

Note: This example requires Chilkat v9.5.0.66 or greater.

Chilkat VBScript Downloads

VBScript
Dim fso, outFile
Set fso = CreateObject("Scripting.FileSystemObject")
'Create a Unicode (utf-16) output text file.
Set outFile = fso.CreateTextFile("output.txt", True, True)

success = 0

' This requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' Note: This example requires Chilkat v9.5.0.66 or greater.

plaintext = "Live long and prosper."

set jwe = CreateObject("Chilkat.Jwe")

' First build the JWE Protected Header: {"alg":"A128KW","enc":"A128CBC-HS256"}
set jweProtHdr = CreateObject("Chilkat.JsonObject")
success = jweProtHdr.AppendString("alg","A128KW")
success = jweProtHdr.AppendString("enc","A128CBC-HS256")
success = jwe.SetProtectedHeader(jweProtHdr)

outFile.WriteLine("JWE Protected Header: " & jweProtHdr.Emit())
outFile.WriteLine("--")

' The example A.3 in RFC 7516 uses the following 128-bit AES key,
' specified in JWK (JSON Web Key) format:
'      {"kty":"oct",
'       "k":"GawgguFyGrWKav7AX4VKUg"
'      }
' This is just a way of saying: The key type ("kty") is 
' a bunch of octets ("k") in base64url encoding.
' We can simply set the AES wrapping key like this:
aesWrappingKey = "GawgguFyGrWKav7AX4VKUg"
success = jwe.SetWrappingKey(0,aesWrappingKey,"base64url")

' Encrypt and return the JWE:
strJwe = jwe.Encrypt(plaintext,"utf-8")
If (jwe.LastMethodSuccess <> 1) Then
    outFile.WriteLine(jwe.LastErrorText)
    WScript.Quit
End If

' Show the JWE we just created:
outFile.WriteLine(strJwe)

' Decrypt the JWE that was just produced.
' 1) Load the JWE.
' 2) Set the AES wrapping key.
' 3) Decrypt.
set jwe2 = CreateObject("Chilkat.Jwe")
success = jwe2.LoadJwe(strJwe)
If (success <> 1) Then
    outFile.WriteLine(jwe2.LastErrorText)
    WScript.Quit
End If

' Set the AES wrap key.
success = jwe2.SetWrappingKey(0,aesWrappingKey,"base64url")

' Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
If (jwe2.LastMethodSuccess <> 1) Then
    outFile.WriteLine(jwe2.LastErrorText)
    WScript.Quit
End If

outFile.WriteLine("original text: ")
outFile.WriteLine(originalPlaintext)

' ---------------------------------------------------------------------------------
' It should also be possible to decrypt the JWE as shown in RFC 7516, Appendix A.3.7
' because it was produced using the same AES Wrap key.

set sbJwe = CreateObject("Chilkat.StringBuilder")
success = sbJwe.Append("eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.")
success = sbJwe.Append("6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ.")
success = sbJwe.Append("AxY8DCtDaGlsbGljb3RoZQ.")
success = sbJwe.Append("KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.")
success = sbJwe.Append("U0m_YmjN04DJvceFICbCVQ")

success = jwe2.LoadJweSb(sbJwe)
If (success <> 1) Then
    outFile.WriteLine(jwe2.LastErrorText)
    WScript.Quit
End If

success = jwe2.SetWrappingKey(0,aesWrappingKey,"base64url")

' Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
If (jwe2.LastMethodSuccess <> 1) Then
    outFile.WriteLine(jwe2.LastErrorText)
    WScript.Quit
End If

outFile.WriteLine(originalPlaintext)

outFile.Close