Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

JWE using ECDH-ES+A256KW

See more JSON Web Encryption (JWE) Examples

Create a JWE with the following public/private key pair:
{
    "kty": "EC",
    "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
    "use": "enc",
    "crv": "P-256",
    "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
    "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
    "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
    "alg": "ECDH-ES+A256KW"
}

Also shows how to decrypt.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Jwe,
  Chilkat.Jwt,
  Chilkat.PublicKey,
  Chilkat.JsonObject,
  Chilkat.PrivateKey;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  json: TJsonObject;
  pubkey: TPublicKey;
  jwt: TJwt;
  jweProtHdr: TJsonObject;
  jwe: TJwe;
  plainText: string;
  strJwe: string;
  privkey: TPrivateKey;
  jwe2: TJwe;
  decryptedText: string;

begin
  success := False;

  //  This requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  Create the following JSON:
  //  {
  //      "kty": "EC",
  //      "d": "jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c",
  //      "use": "enc",
  //      "crv": "P-256",
  //      "kid": "evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs",
  //      "x": "LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM",
  //      "y": "voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4",
  //      "alg": "ECDH-ES+A256KW"
  //  }

  json := TJsonObject.Create;
  json.UpdateString('kty','EC');
  json.UpdateString('d','jZCffzVqJjryBH4EoaN0oD-TyLXrW2XHoDdIuPZnk8c');
  json.UpdateString('use','enc');
  json.UpdateString('crv','P-256');
  json.UpdateString('kid','evEK2thJMsWxBYRivXI8ykUf6n6zizLiLCGH3s58wKs');
  json.UpdateString('x','LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM');
  json.UpdateString('y','voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4');
  json.UpdateString('alg','ECDH-ES+A256KW');

  pubkey := TPublicKey.Create;

  success := pubkey.LoadFromString(json.Emit());
  if (success = False) then
    begin
      WriteLn(pubkey.LastErrorText);
      Exit;
    end;

  //  Build our protected header:

  //  	{
  //  	  "alg": "ECDH-ES+A256KW",
  //  	  "enc": "A256GCM",
  //  	  "exp": 1621957030,
  //  	  "cty": "NJWT",
  //  	  "epk": {
  //  	    "kty": "EC",
  //  	    "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
  //  	    "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
  //  	    "crv": "BP-256"
  //  	  }
  //  	}

  //  Use jwt only for getting the current date/time + 3600 seconds.
  jwt := TJwt.Create;

  jweProtHdr := TJsonObject.Create;
  jweProtHdr.UpdateString('alg','ECDH-ES+A256KW');
  jweProtHdr.UpdateString('enc','A256GCM');
  jweProtHdr.UpdateInt('exp',jwt.GenNumericDate(3600));
  jweProtHdr.UpdateString('cty','NJWT');
  jweProtHdr.UpdateString('epk.kty','EC');
  jweProtHdr.UpdateString('epk.x','LOakgGvxWBsWbCPLY6Vq6OuBktIqG8POXFXe7ngQ2oM');
  jweProtHdr.UpdateString('epk.y','voJvS6I-Mc4qqmEA_G2hLQqBck3a3vqaJbmzY7YPUD4');
  jweProtHdr.UpdateString('epk.crv','P-256');

  jwe := TJwe.Create;
  jwe.SetProtectedHeader(jweProtHdr);
  jwe.SetPublicKey(0,pubkey);

  plainText := 'This is the text to be encrypted.';
  strJwe := jwe.Encrypt(plainText,'utf-8');
  if (jwe.LastMethodSuccess <> True) then
    begin
      WriteLn(jwe.LastErrorText);
      Exit;
    end;

  WriteLn(strJwe);

  //  Let's decrypt...
  privkey := TPrivateKey.Create;

  success := privkey.LoadJwk(json.Emit());
  if (success = False) then
    begin
      WriteLn(privkey.LastErrorText);
      Exit;
    end;

  jwe2 := TJwe.Create;
  success := jwe2.LoadJwe(strJwe);
  if (success = False) then
    begin
      WriteLn(jwe2.LastErrorText);
      Exit;
    end;

  jwe2.SetPrivateKey(0,privkey);

  //   Decrypt.
  decryptedText := jwe2.Decrypt(0,'utf-8');
  if (jwe2.LastMethodSuccess <> True) then
    begin
      WriteLn(jwe2.LastErrorText);
      Exit;
    end;

  WriteLn(decryptedText);


  json.Free;
  pubkey.Free;
  jwt.Free;
  jweProtHdr.Free;
  jwe.Free;
  privkey.Free;
  jwe2.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.