PHP Extension
PHP Extension
How to Generate an Elliptic Curve Shared Secret
See more ECC Examples
Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This example includes both client-side and server-side code.
// Each code segment is marked as client-side or server-side.
// Imagine these segments are running on separate computers...
// -----------------------------------------------------------------
// (Client-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
$prngClient = new CkPrng();
$eccClient = new CkEcc();
$privKeyClient = new CkPrivateKey();
$success = $eccClient->GenKey('secp256r1',$prngClient,$privKeyClient);
if ($success == false) {
print $eccClient->lastErrorText() . "\n";
exit;
}
$pubKeyClient = new CkPublicKey();
$privKeyClient->ToPublicKey($pubKeyClient);
$pubKeyClient->SavePemFile(false,'qa_output/eccClientPub.pem');
// -----------------------------------------------------------------
// (Server-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
$prngServer = new CkPrng();
$eccServer = new CkEcc();
$privKeyServer = new CkPrivateKey();
$eccServer->GenKey('secp256r1',$prngServer,$privKeyServer);
$pubKeyServer = new CkPublicKey();
$privKeyServer->ToPublicKey($pubKeyServer);
$pubKeyServer->SavePemFile(false,'qa_output/eccServerPub.pem');
// -----------------------------------------------------------------
// (Client-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------
// Imagine that the server sent the public key PEM to the client.
// (This is simulated by loading the server's public key from the file.
$pubKeyFromServer = new CkPublicKey();
$pubKeyFromServer->LoadFromFile('qa_output/eccServerPub.pem');
$sharedSecret1 = $eccClient->sharedSecretENC($privKeyClient,$pubKeyFromServer,'base64');
// -----------------------------------------------------------------
// (Server-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------
// Imagine that the client sent the public key PEM to the server.
// (This is simulated by loading the client's public key from the file.
$pubKeyFromClient = new CkPublicKey();
$pubKeyFromClient->LoadFromFile('qa_output/eccClientPub.pem');
$sharedSecret2 = $eccServer->sharedSecretENC($privKeyServer,$pubKeyFromClient,'base64');
// ---------------------------------------------------------
// Examine the shared secrets. They should be the same.
// Both sides now have a secret that only they know.
// ---------------------------------------------------------
print $sharedSecret1 . "\n";
print $sharedSecret2 . "\n";
?>