(JavaScript) JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following public/private key pair:

{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Create the following JSON:
// {
//     "kty": "EC",
//     "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
//     "use": "enc",
//     "crv": "P-256",
//     "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
//     "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
//     "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
//     "alg": "ECDH-ES+A256KW"
// }

var json = new CkJsonObject();
json.UpdateString("kty","EC");
json.UpdateString("d","jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c");
json.UpdateString("use","enc");
json.UpdateString("crv","P-256");
json.UpdateString("kid","evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs");
json.UpdateString("x","LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM");
json.UpdateString("y","voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4");
json.UpdateString("alg","ECDH-ES+A256KW");

var pubkey = new CkPublicKey();

success = pubkey.LoadFromString(json.Emit());
if (success == false) {
    console.log(pubkey.LastErrorText);
    return;
}

// Build our protected header:

// 	{
// 	  "alg": "ECDH-ES+A256KW",
// 	  "enc": "A256GCM",
// 	  "exp": 1621957030,
// 	  "cty": "NJWT",
// 	  "epk": {
// 	    "kty": "EC",
// 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
// 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
// 	    "crv": "BP-256"
// 	  }
// 	}

// Use jwt only for getting the current date/time + 3600 seconds.
var jwt = new CkJwt();

var jweProtHdr = new CkJsonObject();
jweProtHdr.UpdateString("alg","ECDH-ES+A256KW");
jweProtHdr.UpdateString("enc","A256GCM");
jweProtHdr.UpdateInt("exp",jwt.GenNumericDate(3600));
jweProtHdr.UpdateString("cty","NJWT");
jweProtHdr.UpdateString("epk.kty","EC");
jweProtHdr.UpdateString("epk.x","LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM");
jweProtHdr.UpdateString("epk.y","voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4");
jweProtHdr.UpdateString("epk.crv","P-256");

var jwe = new CkJwe();
jwe.SetProtectedHeader(jweProtHdr);
jwe.SetPublicKey(0,pubkey);

var plainText = "This is the text to be encrypted.";
var strJwe = jwe.Encrypt(plainText,"utf-8");
if (jwe.LastMethodSuccess !== true) {
    console.log(jwe.LastErrorText);
    return;
}

console.log(strJwe);

// Let's decrypt...
var privkey = new CkPrivateKey();

success = privkey.LoadJwk(json.Emit());
if (success == false) {
    console.log(privkey.LastErrorText);
    return;
}

var jwe2 = new CkJwe();
success = jwe2.LoadJwe(strJwe);
if (success == false) {
    console.log(jwe2.LastErrorText);
    return;
}

jwe2.SetPrivateKey(0,privkey);

//  Decrypt.
var decryptedText = jwe2.Decrypt(0,"utf-8");
if (jwe2.LastMethodSuccess !== true) {
    console.log(jwe2.LastErrorText);
    return;
}

console.log(decryptedText);