Sample code for 30+ languages & platforms
Lianja

JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following public/private key pair:
{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Chilkat Lianja Downloads

Lianja
llSuccess = .F.

// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Create the following JSON:
// {
//     "kty": "EC",
//     "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
//     "use": "enc",
//     "crv": "P-256",
//     "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
//     "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
//     "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
//     "alg": "ECDH-ES+A256KW"
// }

loJson = createobject("CkJsonObject")
loJson.UpdateString("kty","EC")
loJson.UpdateString("d","jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c")
loJson.UpdateString("use","enc")
loJson.UpdateString("crv","P-256")
loJson.UpdateString("kid","evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs")
loJson.UpdateString("x","LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM")
loJson.UpdateString("y","voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4")
loJson.UpdateString("alg","ECDH-ES+A256KW")

loPubkey = createobject("CkPublicKey")

llSuccess = loPubkey.LoadFromString(loJson.Emit())
if (llSuccess = .F.) then
    ? loPubkey.LastErrorText
    release loJson
    release loPubkey
    return
endif

// Build our protected header:

// 	{
// 	  "alg": "ECDH-ES+A256KW",
// 	  "enc": "A256GCM",
// 	  "exp": 1621957030,
// 	  "cty": "NJWT",
// 	  "epk": {
// 	    "kty": "EC",
// 	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
// 	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
// 	    "crv": "BP-256"
// 	  }
// 	}

// Use jwt only for getting the current date/time + 3600 seconds.
loJwt = createobject("CkJwt")

loJweProtHdr = createobject("CkJsonObject")
loJweProtHdr.UpdateString("alg","ECDH-ES+A256KW")
loJweProtHdr.UpdateString("enc","A256GCM")
loJweProtHdr.UpdateInt("exp",loJwt.GenNumericDate(3600))
loJweProtHdr.UpdateString("cty","NJWT")
loJweProtHdr.UpdateString("epk.kty","EC")
loJweProtHdr.UpdateString("epk.x","LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM")
loJweProtHdr.UpdateString("epk.y","voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4")
loJweProtHdr.UpdateString("epk.crv","P-256")

loJwe = createobject("CkJwe")
loJwe.SetProtectedHeader(loJweProtHdr)
loJwe.SetPublicKey(0,loPubkey)

lcPlainText = "This is the text to be encrypted."
lcStrJwe = loJwe.Encrypt(lcPlainText,"utf-8")
if (loJwe.LastMethodSuccess <> .T.) then
    ? loJwe.LastErrorText
    release loJson
    release loPubkey
    release loJwt
    release loJweProtHdr
    release loJwe
    return
endif

? lcStrJwe

// Let's decrypt...
loPrivkey = createobject("CkPrivateKey")

llSuccess = loPrivkey.LoadJwk(loJson.Emit())
if (llSuccess = .F.) then
    ? loPrivkey.LastErrorText
    release loJson
    release loPubkey
    release loJwt
    release loJweProtHdr
    release loJwe
    release loPrivkey
    return
endif

loJwe2 = createobject("CkJwe")
llSuccess = loJwe2.LoadJwe(lcStrJwe)
if (llSuccess = .F.) then
    ? loJwe2.LastErrorText
    release loJson
    release loPubkey
    release loJwt
    release loJweProtHdr
    release loJwe
    release loPrivkey
    release loJwe2
    return
endif

loJwe2.SetPrivateKey(0,loPrivkey)

//  Decrypt.
lcDecryptedText = loJwe2.Decrypt(0,"utf-8")
if (loJwe2.LastMethodSuccess <> .T.) then
    ? loJwe2.LastErrorText
    release loJson
    release loPubkey
    release loJwt
    release loJweProtHdr
    release loJwe
    release loPrivkey
    release loJwe2
    return
endif

? lcDecryptedText


release loJson
release loPubkey
release loJwt
release loJweProtHdr
release loJwe
release loPrivkey
release loJwe2