Sample code for 30+ languages & platforms
PHP ActiveX

How to Generate an Elliptic Curve Shared Secret

See more ECC Examples

Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example includes both client-side and server-side code.
// Each code segment is marked as client-side or server-side.
// Imagine these segments are running on separate computers...

// -----------------------------------------------------------------
// (Client-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
$prngClient = new COM("Chilkat.Prng");
$eccClient = new COM("Chilkat.Ecc");
$privKeyClient = new COM("Chilkat.PrivateKey");
$success = $eccClient->GenKey('secp256r1',$prngClient,$privKeyClient);
if ($success == 0) {
    print $eccClient->LastErrorText . "\n";
    exit;
}

$pubKeyClient = new COM("Chilkat.PublicKey");
$privKeyClient->ToPublicKey($pubKeyClient);
$pubKeyClient->SavePemFile(0,'qa_output/eccClientPub.pem');

// -----------------------------------------------------------------
// (Server-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
$prngServer = new COM("Chilkat.Prng");
$eccServer = new COM("Chilkat.Ecc");
$privKeyServer = new COM("Chilkat.PrivateKey");
$eccServer->GenKey('secp256r1',$prngServer,$privKeyServer);

$pubKeyServer = new COM("Chilkat.PublicKey");
$privKeyServer->ToPublicKey($pubKeyServer);
$pubKeyServer->SavePemFile(0,'qa_output/eccServerPub.pem');

// -----------------------------------------------------------------
// (Client-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------

// Imagine that the server sent the public key PEM to the client.
// (This is simulated by loading the server's public key from the file.
$pubKeyFromServer = new COM("Chilkat.PublicKey");
$pubKeyFromServer->LoadFromFile('qa_output/eccServerPub.pem');
$sharedSecret1 = $eccClient->sharedSecretENC($privKeyClient,$pubKeyFromServer,'base64');

// -----------------------------------------------------------------
// (Server-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------

// Imagine that the client sent the public key PEM to the server.
// (This is simulated by loading the client's public key from the file.
$pubKeyFromClient = new COM("Chilkat.PublicKey");
$pubKeyFromClient->LoadFromFile('qa_output/eccClientPub.pem');
$sharedSecret2 = $eccServer->sharedSecretENC($privKeyServer,$pubKeyFromClient,'base64');

// ---------------------------------------------------------
// Examine the shared secrets.  They should be the same.
// Both sides now have a secret that only they know.
// ---------------------------------------------------------
print $sharedSecret1 . "\n";
print $sharedSecret2 . "\n";

?>