PureBasic
PureBasic
How to Generate an Elliptic Curve Shared Secret
See more ECC Examples
Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.Chilkat PureBasic Downloads
IncludeFile "CkPublicKey.pb"
IncludeFile "CkEcc.pb"
IncludeFile "CkPrng.pb"
IncludeFile "CkPrivateKey.pb"
Procedure ChilkatExample()
success.i = 0
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
; This example includes both client-side and server-side code.
; Each code segment is marked as client-side or server-side.
; Imagine these segments are running on separate computers...
; -----------------------------------------------------------------
; (Client-Side) Generate an ECC key, save the public part to a file.
; -----------------------------------------------------------------
prngClient.i = CkPrng::ckCreate()
If prngClient.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
eccClient.i = CkEcc::ckCreate()
If eccClient.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
privKeyClient.i = CkPrivateKey::ckCreate()
If privKeyClient.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkEcc::ckGenKey(eccClient,"secp256r1",prngClient,privKeyClient)
If success = 0
Debug CkEcc::ckLastErrorText(eccClient)
CkPrng::ckDispose(prngClient)
CkEcc::ckDispose(eccClient)
CkPrivateKey::ckDispose(privKeyClient)
ProcedureReturn
EndIf
pubKeyClient.i = CkPublicKey::ckCreate()
If pubKeyClient.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkPrivateKey::ckToPublicKey(privKeyClient,pubKeyClient)
CkPublicKey::ckSavePemFile(pubKeyClient,0,"qa_output/eccClientPub.pem")
; -----------------------------------------------------------------
; (Server-Side) Generate an ECC key, save the public part to a file.
; -----------------------------------------------------------------
prngServer.i = CkPrng::ckCreate()
If prngServer.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
eccServer.i = CkEcc::ckCreate()
If eccServer.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
privKeyServer.i = CkPrivateKey::ckCreate()
If privKeyServer.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkEcc::ckGenKey(eccServer,"secp256r1",prngServer,privKeyServer)
pubKeyServer.i = CkPublicKey::ckCreate()
If pubKeyServer.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkPrivateKey::ckToPublicKey(privKeyServer,pubKeyServer)
CkPublicKey::ckSavePemFile(pubKeyServer,0,"qa_output/eccServerPub.pem")
; -----------------------------------------------------------------
; (Client-Side) Generate the shared secret using our private key, and the other's public key.
; -----------------------------------------------------------------
; Imagine that the server sent the public key PEM to the client.
; (This is simulated by loading the server's public key from the file.
pubKeyFromServer.i = CkPublicKey::ckCreate()
If pubKeyFromServer.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkPublicKey::ckLoadFromFile(pubKeyFromServer,"qa_output/eccServerPub.pem")
sharedSecret1.s = CkEcc::ckSharedSecretENC(eccClient,privKeyClient,pubKeyFromServer,"base64")
; -----------------------------------------------------------------
; (Server-Side) Generate the shared secret using our private key, and the other's public key.
; -----------------------------------------------------------------
; Imagine that the client sent the public key PEM to the server.
; (This is simulated by loading the client's public key from the file.
pubKeyFromClient.i = CkPublicKey::ckCreate()
If pubKeyFromClient.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkPublicKey::ckLoadFromFile(pubKeyFromClient,"qa_output/eccClientPub.pem")
sharedSecret2.s = CkEcc::ckSharedSecretENC(eccServer,privKeyServer,pubKeyFromClient,"base64")
; ---------------------------------------------------------
; Examine the shared secrets. They should be the same.
; Both sides now have a secret that only they know.
; ---------------------------------------------------------
Debug sharedSecret1
Debug sharedSecret2
CkPrng::ckDispose(prngClient)
CkEcc::ckDispose(eccClient)
CkPrivateKey::ckDispose(privKeyClient)
CkPublicKey::ckDispose(pubKeyClient)
CkPrng::ckDispose(prngServer)
CkEcc::ckDispose(eccServer)
CkPrivateKey::ckDispose(privKeyServer)
CkPublicKey::ckDispose(pubKeyServer)
CkPublicKey::ckDispose(pubKeyFromServer)
CkPublicKey::ckDispose(pubKeyFromClient)
ProcedureReturn
EndProcedure