I'm trying to compute the shared secret for ECDH (elliptic-curve Diffie Hellman) using PHP.
Assume I have someone's public key:
$clientPublickey="BOLcHOg4ajSHR6BjbSBeX_6aXjMu1V5RrUYXqyV_FqtQSd8RzdU1gkMv1DlRPDIUtFK6Nd16Jql0eSzyZh4V2uc";
I generate my keys using openssl:
exec('openssl ecparam -genkey -name prime256v1 -noout -out example-ecc.pem');
$private = openssl_pkey_get_private("file://example-ecc.pem");
Then I call:
$sharedSecret=openssl_dh_compute_key(base64_decode($clientPublickey), $private);
... and I get false. Calling openssl_error_string() returns nothing, no error.
I've var_dumped openssl_pkey_get_details($private) and verified it was created properly.
Any advice anyone? There doesn't seem to be much info on this function. http://php.net/manual/en/function.openssl-dh-compute-key.php
https://www.openssl.org/docs/manmaster/crypto/DH_compute_key.html describes that function as being for (non-EC) Diffie Hellman. You would need ECDH_compute_key (which I don't know if PHP exposes).
Though https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman recommends using the EVP_PKEY wrappers instead of the low level routines. But, again, I can't say what support PHP has.
Quite an old post, but still..
I think your public key is not formatted in Base64, but in URL-safe-Base64.
See: https://en.wikipedia.org/wiki/Base64#URL_applications
Furthermore, you can create the keys also from PHP now. Using openssl_pkey_new().
See: https://www.php.net/manual/en/function.openssl-pkey-new.php