Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Create a JWS Using ECDSA P-256 SHA-256

See more JSON Web Signatures (JWS) Examples

Creates and validates a JSON Web Signature (JWS) that uses ECDSA P-256 SHA-256

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.StringBuilder,
  Chilkat.PrivateKey,
  Chilkat.Jws,
  Chilkat.PublicKey,
  Chilkat.JsonObject;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  sbJwk: TStringBuilder;
  eccKey: TPrivateKey;
  jwsProtHdr: TJsonObject;
  jws: TJws;
  signatureIndex: Integer;
  bIncludeBom: Boolean;
  payloadStr: string;
  jwsCompact: string;
  jws2: TJws;
  eccPubKey: TPublicKey;
  v: Integer;
  joseHeader: TJsonObject;

begin
  success := False;

  //  This requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  Note: This example requires Chilkat v9.5.0.66 or greater.

  //  Use the following ECC key loaded from JWK format.
  sbJwk := TStringBuilder.Create;
  sbJwk.Append('{"kty":"EC",');
  sbJwk.Append('"crv":"P-256",');
  sbJwk.Append('"x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU",');
  sbJwk.Append('"y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0",');
  sbJwk.Append('"d":"jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI"');
  sbJwk.Append('}');

  eccKey := TPrivateKey.Create;
  //  Note: This example loads the ECDSA key from JWK format.  Any format can be loaded
  //  into the private key object. (See the online reference documentation..)
  success := eccKey.LoadJwk(sbJwk.GetAsString());
  if (success = False) then
    begin
      WriteLn(eccKey.LastErrorText);
      Exit;
    end;

  //  Create the JWS Protected Header
  jwsProtHdr := TJsonObject.Create;
  jwsProtHdr.AppendString('alg','ES256');

  jws := TJws.Create;

  //  Set the protected header:
  signatureIndex := 0;
  jws.SetProtectedHeader(signatureIndex,jwsProtHdr);

  //  Set the ECC key:
  jws.SetPrivateKey(signatureIndex,eccKey);

  //  Set the payload.
  bIncludeBom := False;
  payloadStr := 'In our village, folks say God crumbles up the old moon into stars.';
  jws.SetPayload(payloadStr,'utf-8',bIncludeBom);

  //  Create the JWS
  //  By default, the compact serialization is used.
  jwsCompact := jws.CreateJws();
  if (jws.LastMethodSuccess = False) then
    begin
      WriteLn(jws.LastErrorText);
      Exit;
    end;

  WriteLn('JWS: ' + jwsCompact);

  //  Note: ECC signatures use random values, so the output will be different each time a signature is produced.
  //  sample output:
  //  JWS: eyJhbGciOiJFUzI1NiJ9.SW4gb3VyIHZpbGxhZ2UsIGZvbGtzIHNheSBHb2QgY3J1bWJsZXMgdXAgdGhlIG9sZCBtb29uIGludG8gc3RhcnMu.J6EGTNkeuEjehHHBu0SOKzifm8r35wbx49A5964pxzB7gannyZZPMkK7vmlaPJ-K8Xmm8cZsQySAPC12Xd8avw

  //  Now load the JWS, validate, and recover the original text.
  jws2 := TJws.Create;

  //  Load the JWS.
  success := jws2.LoadJws(jwsCompact);

  eccPubKey := TPublicKey.Create;
  eccKey.ToPublicKey(eccPubKey);

  //  Set the ECC public key used for validation.
  signatureIndex := 0;
  jws2.SetPublicKey(signatureIndex,eccPubKey);

  //  Validate the 1st (and only) signature at index 0..
  v := jws2.Validate(signatureIndex);
  if (v < 0) then
    begin
      //  Perhaps Chilkat was not unlocked or the trial expired..
      WriteLn('Method call failed for some other reason.');
      WriteLn(jws2.LastErrorText);
      Exit;
    end;
  if (v = 0) then
    begin
      WriteLn('Invalid signature.  The ECC key was incorrect, the JWS was invalid, or both.');
      Exit;
    end;

  //  If we get here, the signature was validated..
  WriteLn('Signature validated.');

  //  Recover the original content:
  WriteLn(jws2.GetPayload('utf-8'));

  //  Examine the protected header:
  joseHeader := TJsonObject.Create;
  jws2.GetProtectedH(signatureIndex,joseHeader);
  joseHeader.EmitCompact := False;

  WriteLn('Protected (JOSE) header:');
  WriteLn(joseHeader.Emit());

  //  Output:

  //  Signature validated.
  //  In our village, folks say God crumbles up the old moon into stars.
  //  Protected (JOSE) header:
  //  { 
  //    "alg": "ES256"
  //  }


  sbJwk.Free;
  eccKey.Free;
  jwsProtHdr.Free;
  jws.Free;
  jws2.Free;
  eccPubKey.Free;
  joseHeader.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.