Chilkat2-Python
Chilkat2-Python
JWE using A256GCMKW
See more JSON Web Encryption (JWE) Examples
This example demonstrates creating a JCE with AES GCM key wrap.Chilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
plaintext = "My text to enrypt"
jwe = chilkat2.Jwe()
# First build the JWE Protected Header:
# {
# "alg": "A256GCMKW",
# "kid": "18ec08e1-bfa9-4d95-b205-2b4dd1d4321d",
# "tag": "kfPduVQ3T3H6vnewt--ksw",
# "iv": "KkYT0GX_2jHlfqN_",
# "enc": "A128CBC-HS256"
# }
jweProtHdr = chilkat2.JsonObject()
jweProtHdr.AppendString("alg","A256GCMKW")
# kid is optional
jweProtHdr.AppendString("kid","18ec08e1-bfa9-4d95-b205-2b4dd1d4321d")
# tag is optional
jweProtHdr.AppendString("tag","kfPduVQ3T3H6vnewt--ksw")
jweProtHdr.AppendString("enc","A256GCM")
# the iv should be 16 random chars.
prng = chilkat2.Prng()
jweProtHdr.AppendString("iv",prng.RandomString(16,True,True,True))
jwe.SetProtectedHeader(jweProtHdr)
print("JWE Protected Header: " + jweProtHdr.Emit())
print("--")
# Given that we have 256-bit AES, our key should be 32 bytes.
# The ascii string here is 32 bytes, therefore the 2nd arg is "ascii" to use these
# ascii chars directly as the key.
aesWrappingKey = "2baf4f730f5e4542b428593ef9cceb0e"
jwe.SetWrappingKey(0,aesWrappingKey,"ascii")
# Encrypt and return the JWE:
strJwe = jwe.Encrypt(plaintext,"utf-8")
if (jwe.LastMethodSuccess != True):
print(jwe.LastErrorText)
sys.exit()
# Show the JWE we just created:
print(strJwe)
# Decrypt the JWE that was just produced.
# 1) Load the JWE.
# 2) Set the AES wrapping key.
# 3) Decrypt.
jwe2 = chilkat2.Jwe()
success = jwe2.LoadJwe(strJwe)
if (success != True):
print(jwe2.LastErrorText)
sys.exit()
# Set the AES wrap key. Important to use "ascii"
jwe2.SetWrappingKey(0,aesWrappingKey,"ascii")
# Decrypt.
originalPlaintext = jwe2.Decrypt(0,"utf-8")
if (jwe2.LastMethodSuccess != True):
print(jwe2.LastErrorText)
sys.exit()
print("original text: ")
print(originalPlaintext)