Tcl
Tcl
JWE using ECDH-ES, BP-256, A256GCM
See more JSON Web Encryption (JWE) Examples
Create a JWE with the following header:
{
"alg": "ECDH-ES",
"enc": "A256GCM",
"exp": 1621957030,
"cty": "NJWT",
"epk": {
"kty": "EC",
"x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
"y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
"crv": "BP-256"
}
}
Note: This example requires Chilkat v9.5.0.87 or greater.
Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Load our brainpool BP-256 public key.
# {
# "use": "enc",
# "kid": "puk_idp_enc",
# "kty": "EC",
# "crv": "BP-256",
# "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w",
# "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
# }
set json [new_CkJsonObject]
CkJsonObject_UpdateString $json "use" "enc"
CkJsonObject_UpdateString $json "kid" "puk_idp_enc"
CkJsonObject_UpdateString $json "kty" "EC"
CkJsonObject_UpdateString $json "crv" "BP-256"
CkJsonObject_UpdateString $json "x" "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
CkJsonObject_UpdateString $json "y" "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
set pubkey [new_CkPublicKey]
set success [CkPublicKey_LoadFromString $pubkey [CkJsonObject_emit $json]]
if {$success == 0} then {
puts [CkPublicKey_lastErrorText $pubkey]
delete_CkJsonObject $json
delete_CkPublicKey $pubkey
exit
}
# Build our protected header:
# {
# "alg": "ECDH-ES",
# "enc": "A256GCM",
# "exp": 1621957030,
# "cty": "NJWT",
# "epk": {
# "kty": "EC",
# "x": "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
# "y": "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
# "crv": "BP-256"
# }
# }
# Use jwt only for getting the current date/time + 3600 seconds.
set jwt [new_CkJwt]
set jweProtHdr [new_CkJsonObject]
CkJsonObject_UpdateString $jweProtHdr "alg" "ECDH-ES"
CkJsonObject_UpdateString $jweProtHdr "enc" "A256GCM"
CkJsonObject_UpdateInt $jweProtHdr "exp" [CkJwt_GenNumericDate $jwt 3600]
CkJsonObject_UpdateString $jweProtHdr "cty" "NJWT"
CkJsonObject_UpdateString $jweProtHdr "epk.kty" "EC"
CkJsonObject_UpdateString $jweProtHdr "epk.x" "QLpJ_LpFx-6yJhsb4OvHwU1khLnviiOwYOvmf5clK7w"
CkJsonObject_UpdateString $jweProtHdr "epk.y" "AJh7pJ3zZKDJkm8rbeG69GBooTosXJgSsvNFH0i3Vxnu"
CkJsonObject_UpdateString $jweProtHdr "epk.crv" "BP-256"
set jwe [new_CkJwe]
CkJwe_SetProtectedHeader $jwe $jweProtHdr
CkJwe_SetPublicKey $jwe 0 $pubkey
set plainText "This is the text to be encrypted."
set strJwe [CkJwe_encrypt $jwe $plainText "utf-8"]
if {[CkJwe_get_LastMethodSuccess $jwe] != 1} then {
puts [CkJwe_lastErrorText $jwe]
delete_CkJsonObject $json
delete_CkPublicKey $pubkey
delete_CkJwt $jwt
delete_CkJsonObject $jweProtHdr
delete_CkJwe $jwe
exit
}
puts "$strJwe"
puts "Success."
delete_CkJsonObject $json
delete_CkPublicKey $pubkey
delete_CkJwt $jwt
delete_CkJsonObject $jweProtHdr
delete_CkJwe $jwe