Instance Method
sharedSecretFromKeyAgreement(with:format:)
Computes an ECDH shared secret by calling secp256k1_ecdh with a custom hash closure that serializes the shared point.
- iOS 13.0+
- macCatalyst 13.0+
- macOS 10.15+
- tvOS 13.0+
- visionOS 1.0+
- watchOS 6.0+
func sharedSecretFromKeyAgreement(with publicKeyShare: P256K.KeyAgreement.PublicKey, format: P256K.Format = .compressed) -> SharedSecret
Parameters
-
publicKeyShare
-
The peer’s secp256k1 public key.
-
format
-
Whether to serialize the shared point as compressed (33 bytes, default) or uncompressed (65 bytes).
Return Value
A SharedSecret containing the serialized shared point.
Discussion
The shared point is serialized as a compressed (33-byte) or uncompressed (65-byte) public key depending on format. This overrides the upstream default (secp256k1_ecdh_hash_function_sha256, which would return a 32-byte SHA-256 hash of the compressed point) so callers receive the raw serialized EC point, suitable as input to any higher-level KDF.
Important
Context randomization does not protect this operation against side-channel attacks. Per upstream secp256k1_context_randomize documentation, ECDH uses variable-point multiplication rather than base-point multiplication, and is explicitly excluded from the protection that randomization provides to ECDSA / Schnorr signing.