Swift
Swift
How to Generate an Elliptic Curve Shared Secret
See more ECC Examples
Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.Chilkat Swift Downloads
func chilkatTest() {
var success: Bool = false
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This example includes both client-side and server-side code.
// Each code segment is marked as client-side or server-side.
// Imagine these segments are running on separate computers...
// -----------------------------------------------------------------
// (Client-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
let prngClient = CkoPrng()!
let eccClient = CkoEcc()!
let privKeyClient = CkoPrivateKey()!
success = eccClient.genKey(curveName: "secp256r1", prng: prngClient, privKey: privKeyClient)
if success == false {
print("\(eccClient.lastErrorText!)")
return
}
let pubKeyClient = CkoPublicKey()!
privKeyClient.toPublicKey(pubKey: pubKeyClient)
pubKeyClient.savePemFile(preferPkcs1: false, path: "qa_output/eccClientPub.pem")
// -----------------------------------------------------------------
// (Server-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
let prngServer = CkoPrng()!
let eccServer = CkoEcc()!
let privKeyServer = CkoPrivateKey()!
eccServer.genKey(curveName: "secp256r1", prng: prngServer, privKey: privKeyServer)
let pubKeyServer = CkoPublicKey()!
privKeyServer.toPublicKey(pubKey: pubKeyServer)
pubKeyServer.savePemFile(preferPkcs1: false, path: "qa_output/eccServerPub.pem")
// -----------------------------------------------------------------
// (Client-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------
// Imagine that the server sent the public key PEM to the client.
// (This is simulated by loading the server's public key from the file.
let pubKeyFromServer = CkoPublicKey()!
pubKeyFromServer.load(fromFile: "qa_output/eccServerPub.pem")
var sharedSecret1: String? = eccClient.sharedSecretENC(privKey: privKeyClient, pubKey: pubKeyFromServer, encoding: "base64")
// -----------------------------------------------------------------
// (Server-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------
// Imagine that the client sent the public key PEM to the server.
// (This is simulated by loading the client's public key from the file.
let pubKeyFromClient = CkoPublicKey()!
pubKeyFromClient.load(fromFile: "qa_output/eccClientPub.pem")
var sharedSecret2: String? = eccServer.sharedSecretENC(privKey: privKeyServer, pubKey: pubKeyFromClient, encoding: "base64")
// ---------------------------------------------------------
// Examine the shared secrets. They should be the same.
// Both sides now have a secret that only they know.
// ---------------------------------------------------------
print("\(sharedSecret1!)")
print("\(sharedSecret2!)")
}