(JavaScript) How to Generate an Elliptic Curve Shared Secret

Demonstrates how to generate an ECC (Elliptic Curve Cryptography) shared secret. Imagine a cilent has one ECC private key, the server has another. A shared secret is computed by each side providing it's public key to the other. The private keys are kept private.

Note: This example requires Chilkat v11.0.0 or greater.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example includes both client-side and server-side code.
// Each code segment is marked as client-side or server-side.
// Imagine these segments are running on separate computers...

// -----------------------------------------------------------------
// (Client-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
var prngClient = new CkPrng();
var eccClient = new CkEcc();
var privKeyClient = new CkPrivateKey();
success = eccClient.GenKey("secp256r1",prngClient,privKeyClient);
if (success == false) {
    console.log(eccClient.LastErrorText);
    return;
}

var pubKeyClient = new CkPublicKey();
privKeyClient.ToPublicKey(pubKeyClient);
pubKeyClient.SavePemFile(false,"qa_output/eccClientPub.pem");

// -----------------------------------------------------------------
// (Server-Side) Generate an ECC key, save the public part to a file.
// -----------------------------------------------------------------
var prngServer = new CkPrng();
var eccServer = new CkEcc();
var privKeyServer = new CkPrivateKey();
eccServer.GenKey("secp256r1",prngServer,privKeyServer);

var pubKeyServer = new CkPublicKey();
privKeyServer.ToPublicKey(pubKeyServer);
pubKeyServer.SavePemFile(false,"qa_output/eccServerPub.pem");

// -----------------------------------------------------------------
// (Client-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------

// Imagine that the server sent the public key PEM to the client.
// (This is simulated by loading the server's public key from the file.
var pubKeyFromServer = new CkPublicKey();
pubKeyFromServer.LoadFromFile("qa_output/eccServerPub.pem");
var sharedSecret1 = eccClient.SharedSecretENC(privKeyClient,pubKeyFromServer,"base64");

// -----------------------------------------------------------------
// (Server-Side) Generate the shared secret using our private key, and the other's public key.
// -----------------------------------------------------------------

// Imagine that the client sent the public key PEM to the server.
// (This is simulated by loading the client's public key from the file.
var pubKeyFromClient = new CkPublicKey();
pubKeyFromClient.LoadFromFile("qa_output/eccClientPub.pem");
var sharedSecret2 = eccServer.SharedSecretENC(privKeyServer,pubKeyFromClient,"base64");

// ---------------------------------------------------------
// Examine the shared secrets.  They should be the same.
// Both sides now have a secret that only they know.
// ---------------------------------------------------------
console.log(sharedSecret1);
console.log(sharedSecret2);