|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) How to Generate an Elliptic Curve Shared SecretDemonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private. Note: This example requires Chilkat v11.0.0 or greater.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # This example includes both client-side and server-side code. # Each code segment is marked as client-side or server-side. # Imagine these segments are running on separate computers... # ----------------------------------------------------------------- # (Client-Side) Generate an ECC key, save the public part to a file. # ----------------------------------------------------------------- set prngClient [new_CkPrng] set eccClient [new_CkEcc] set privKeyClient [new_CkPrivateKey] set success [CkEcc_GenKey $eccClient "secp256r1" $prngClient $privKeyClient] if {$success == 0} then { puts [CkEcc_lastErrorText $eccClient] delete_CkPrng $prngClient delete_CkEcc $eccClient delete_CkPrivateKey $privKeyClient exit } set pubKeyClient [new_CkPublicKey] CkPrivateKey_ToPublicKey $privKeyClient $pubKeyClient CkPublicKey_SavePemFile $pubKeyClient 0 "qa_output/eccClientPub.pem" # ----------------------------------------------------------------- # (Server-Side) Generate an ECC key, save the public part to a file. # ----------------------------------------------------------------- set prngServer [new_CkPrng] set eccServer [new_CkEcc] set privKeyServer [new_CkPrivateKey] CkEcc_GenKey $eccServer "secp256r1" $prngServer $privKeyServer set pubKeyServer [new_CkPublicKey] CkPrivateKey_ToPublicKey $privKeyServer $pubKeyServer CkPublicKey_SavePemFile $pubKeyServer 0 "qa_output/eccServerPub.pem" # ----------------------------------------------------------------- # (Client-Side) Generate the shared secret using our private key, and the other's public key. # ----------------------------------------------------------------- # Imagine that the server sent the public key PEM to the client. # (This is simulated by loading the server's public key from the file. set pubKeyFromServer [new_CkPublicKey] CkPublicKey_LoadFromFile $pubKeyFromServer "qa_output/eccServerPub.pem" set sharedSecret1 [CkEcc_sharedSecretENC $eccClient $privKeyClient $pubKeyFromServer "base64"] # ----------------------------------------------------------------- # (Server-Side) Generate the shared secret using our private key, and the other's public key. # ----------------------------------------------------------------- # Imagine that the client sent the public key PEM to the server. # (This is simulated by loading the client's public key from the file. set pubKeyFromClient [new_CkPublicKey] CkPublicKey_LoadFromFile $pubKeyFromClient "qa_output/eccClientPub.pem" set sharedSecret2 [CkEcc_sharedSecretENC $eccServer $privKeyServer $pubKeyFromClient "base64"] # --------------------------------------------------------- # Examine the shared secrets. They should be the same. # Both sides now have a secret that only they know. # --------------------------------------------------------- puts "$sharedSecret1" puts "$sharedSecret2" delete_CkPrng $prngClient delete_CkEcc $eccClient delete_CkPrivateKey $privKeyClient delete_CkPublicKey $pubKeyClient delete_CkPrng $prngServer delete_CkEcc $eccServer delete_CkPrivateKey $privKeyServer delete_CkPublicKey $pubKeyServer delete_CkPublicKey $pubKeyFromServer delete_CkPublicKey $pubKeyFromClient |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.