Sample code for 30+ languages & platforms
Delphi DLL

How to Generate an Elliptic Curve Shared Secret

See more ECC Examples

Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, PublicKey, PrivateKey, Prng, Ecc;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Boolean;
prngClient: HCkPrng;
eccClient: HCkEcc;
privKeyClient: HCkPrivateKey;
pubKeyClient: HCkPublicKey;
prngServer: HCkPrng;
eccServer: HCkEcc;
privKeyServer: HCkPrivateKey;
pubKeyServer: HCkPublicKey;
pubKeyFromServer: HCkPublicKey;
sharedSecret1: PWideChar;
pubKeyFromClient: HCkPublicKey;
sharedSecret2: PWideChar;

begin
success := False;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example includes both client-side and server-side code.
// Each code segment is marked as client-side or server-side.
// Imagine these segments are running on separate computers...

// -----------------------------------------------------------------
// (Client-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
prngClient := CkPrng_Create();
eccClient := CkEcc_Create();
privKeyClient := CkPrivateKey_Create();
success := CkEcc_GenKey(eccClient,'secp256r1',prngClient,privKeyClient);
if (success = False) then
  begin
    Memo1.Lines.Add(CkEcc__lastErrorText(eccClient));
    Exit;
  end;
pubKeyClient := CkPublicKey_Create();
CkPrivateKey_ToPublicKey(privKeyClient,pubKeyClient);
CkPublicKey_SavePemFile(pubKeyClient,False,'qa_output/eccClientPub.pem');

// -----------------------------------------------------------------
// (Server-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
prngServer := CkPrng_Create();
eccServer := CkEcc_Create();
privKeyServer := CkPrivateKey_Create();
CkEcc_GenKey(eccServer,'secp256r1',prngServer,privKeyServer);

pubKeyServer := CkPublicKey_Create();
CkPrivateKey_ToPublicKey(privKeyServer,pubKeyServer);
CkPublicKey_SavePemFile(pubKeyServer,False,'qa_output/eccServerPub.pem');

// -----------------------------------------------------------------
// (Client-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------

// Imagine that the server sent the public key PEM to the client.
// (This is simulated by loading the server's public key from the file.
pubKeyFromServer := CkPublicKey_Create();
CkPublicKey_LoadFromFile(pubKeyFromServer,'qa_output/eccServerPub.pem');
sharedSecret1 := CkEcc__sharedSecretENC(eccClient,privKeyClient,pubKeyFromServer,'base64');

// -----------------------------------------------------------------
// (Server-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------

// Imagine that the client sent the public key PEM to the server.
// (This is simulated by loading the client's public key from the file.
pubKeyFromClient := CkPublicKey_Create();
CkPublicKey_LoadFromFile(pubKeyFromClient,'qa_output/eccClientPub.pem');
sharedSecret2 := CkEcc__sharedSecretENC(eccServer,privKeyServer,pubKeyFromClient,'base64');

// ---------------------------------------------------------
// Examine the shared secrets.  They should be the same.
// Both sides now have a secret that only they know.
// ---------------------------------------------------------
Memo1.Lines.Add(sharedSecret1);
Memo1.Lines.Add(sharedSecret2);

CkPrng_Dispose(prngClient);
CkEcc_Dispose(eccClient);
CkPrivateKey_Dispose(privKeyClient);
CkPublicKey_Dispose(pubKeyClient);
CkPrng_Dispose(prngServer);
CkEcc_Dispose(eccServer);
CkPrivateKey_Dispose(privKeyServer);
CkPublicKey_Dispose(pubKeyServer);
CkPublicKey_Dispose(pubKeyFromServer);
CkPublicKey_Dispose(pubKeyFromClient);

end;