Sample code for 30+ languages & platforms
Unicode C

How to Generate an Elliptic Curve Shared Secret

See more ECC Examples

Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkPrngW.h>
#include <C_CkEccW.h>
#include <C_CkPrivateKeyW.h>
#include <C_CkPublicKeyW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkPrngW prngClient;
    HCkEccW eccClient;
    HCkPrivateKeyW privKeyClient;
    HCkPublicKeyW pubKeyClient;
    HCkPrngW prngServer;
    HCkEccW eccServer;
    HCkPrivateKeyW privKeyServer;
    HCkPublicKeyW pubKeyServer;
    HCkPublicKeyW pubKeyFromServer;
    const wchar_t *sharedSecret1;
    HCkPublicKeyW pubKeyFromClient;
    const wchar_t *sharedSecret2;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // This example includes both client-side and server-side code.
    // Each code segment is marked as client-side or server-side.
    // Imagine these segments are running on separate computers...

    // -----------------------------------------------------------------
    // (Client-Side) Generate an ECC key, save the public part to a file.
    // -----------------------------------------------------------------
    prngClient = CkPrngW_Create();
    eccClient = CkEccW_Create();
    privKeyClient = CkPrivateKeyW_Create();
    success = CkEccW_GenKey(eccClient,L"secp256r1",prngClient,privKeyClient);
    if (success == FALSE) {
        wprintf(L"%s\n",CkEccW_lastErrorText(eccClient));
        CkPrngW_Dispose(prngClient);
        CkEccW_Dispose(eccClient);
        CkPrivateKeyW_Dispose(privKeyClient);
        return;
    }

    pubKeyClient = CkPublicKeyW_Create();
    CkPrivateKeyW_ToPublicKey(privKeyClient,pubKeyClient);
    CkPublicKeyW_SavePemFile(pubKeyClient,FALSE,L"qa_output/eccClientPub.pem");

    // -----------------------------------------------------------------
    // (Server-Side) Generate an ECC key, save the public part to a file.
    // -----------------------------------------------------------------
    prngServer = CkPrngW_Create();
    eccServer = CkEccW_Create();
    privKeyServer = CkPrivateKeyW_Create();
    CkEccW_GenKey(eccServer,L"secp256r1",prngServer,privKeyServer);

    pubKeyServer = CkPublicKeyW_Create();
    CkPrivateKeyW_ToPublicKey(privKeyServer,pubKeyServer);
    CkPublicKeyW_SavePemFile(pubKeyServer,FALSE,L"qa_output/eccServerPub.pem");

    // -----------------------------------------------------------------
    // (Client-Side) Generate the shared secret using our private key, and the other's public key.
    // -----------------------------------------------------------------

    // Imagine that the server sent the public key PEM to the client.
    // (This is simulated by loading the server's public key from the file.
    pubKeyFromServer = CkPublicKeyW_Create();
    CkPublicKeyW_LoadFromFile(pubKeyFromServer,L"qa_output/eccServerPub.pem");
    sharedSecret1 = CkEccW_sharedSecretENC(eccClient,privKeyClient,pubKeyFromServer,L"base64");

    // -----------------------------------------------------------------
    // (Server-Side) Generate the shared secret using our private key, and the other's public key.
    // -----------------------------------------------------------------

    // Imagine that the client sent the public key PEM to the server.
    // (This is simulated by loading the client's public key from the file.
    pubKeyFromClient = CkPublicKeyW_Create();
    CkPublicKeyW_LoadFromFile(pubKeyFromClient,L"qa_output/eccClientPub.pem");
    sharedSecret2 = CkEccW_sharedSecretENC(eccServer,privKeyServer,pubKeyFromClient,L"base64");

    // ---------------------------------------------------------
    // Examine the shared secrets.  They should be the same.
    // Both sides now have a secret that only they know.
    // ---------------------------------------------------------
    wprintf(L"%s\n",sharedSecret1);
    wprintf(L"%s\n",sharedSecret2);


    CkPrngW_Dispose(prngClient);
    CkEccW_Dispose(eccClient);
    CkPrivateKeyW_Dispose(privKeyClient);
    CkPublicKeyW_Dispose(pubKeyClient);
    CkPrngW_Dispose(prngServer);
    CkEccW_Dispose(eccServer);
    CkPrivateKeyW_Dispose(privKeyServer);
    CkPublicKeyW_Dispose(pubKeyServer);
    CkPublicKeyW_Dispose(pubKeyFromServer);
    CkPublicKeyW_Dispose(pubKeyFromClient);

    }