The php Function sodium_crypto_Box_Keypair

The php function sodium_crypto_box_keypair takes a public key and private key pair to create a signature and encrypt a message. The message can then be decrypted using the recipient's public key to verify it was indeed sent by the sender. It also includes an authentication tag that can be used to detect tampering.

This article discusses how to use this libsodium function along with a few others from the library. Libsodium is a modern, lightweight and easy-to-use software library for encryption, decryption, signatures, password hashing, and more. It is a fork of NaCl and offers more secure and opinionated defaults that reduce the risk of making mistakes when implementing cryptography in your application.

Libsodium provides several functions for encrypting and authenticating messages (such as the asymmetric crypto_box()), but it's worth noting that there are also more advanced algorithms like asymmetric crypto_box_seal() that's used in more interactive protocols such as chat applications. The difference is that crypto_box_seal() has more robust authentication functionality and requires the two parties to have negotiated a secret key between themselves, whereas crypto_box() is meant for one-sided encryption.

In addition to the ciphertext, the asymmetric crypto_box_seal() function also includes an authentication tag, which can be used to detect tampering. The authentication tag is generated by a large number that must be randomly generated (see scrypt for a safe choice in PHP) and included in the message alongside the ciphertext. This prevents "chosen ciphertext" attacks that would allow an attacker to spoof the MAC by modifying just the chosen ciphertext, while preserving the original MAC.

Andreas Behr - CTO of DesertCoderz
You are a developer and looking for Shopware projects?
Apply Now!

sodium_crypto_box_keypair example

use Symfony\Component\Cache\Marshaller\SodiumMarshaller;

/** * @requires extension sodium */
class SodiumMarshallerTest extends TestCase
{
    private string $decryptionKey;

    protected function setUp(): void
    {
        $this->decryptionKey = sodium_crypto_box_keypair();
    }

    public function testMarshall()
    {
        $defaultMarshaller = new DefaultMarshaller();
        $sodiumMarshaller = new SodiumMarshaller([$this->decryptionKey]$defaultMarshaller);

        $values = ['a' => '123'];
        $failed = [];
        $defaultResult = $defaultMarshaller->marshall($values$failed);

        
if ('' !== $this->decryptionKey && !is_file($this->pathPrefix.'encrypt.public.php')) {
            $this->export('encrypt.public', $this->encryptionKey);
        }

        if (!$override && null !== $this->encryptionKey) {
            $this->lastMessage = sprintf('Sodium keys already exist at "%s*.{public,private}" and won\'t be overridden.', $this->getPrettyPath($this->pathPrefix));

            return false;
        }

        $this->decryptionKey = sodium_crypto_box_keypair();
        $this->encryptionKey = sodium_crypto_box_publickey($this->decryptionKey);

        $this->export('encrypt.public', $this->encryptionKey);
        $this->export('decrypt.private', $this->decryptionKey);

        $this->lastMessage = sprintf('Sodium keys have been generated at "%s*.public/private.php".', $this->getPrettyPath($this->pathPrefix));

        return true;
    }

    public function seal(string $name, string $value): void
    {

    public static function crypto_box_keypair()
    {
        if (self::useNewSodiumAPI()) {
            return (string) sodium_crypto_box_keypair();
        }
        if (self::use_fallback('crypto_box_keypair')) {
            return (string) call_user_func('\\Sodium\\crypto_box_keypair');
        }
        if (PHP_INT_SIZE === 4) {
            return ParagonIE_Sodium_Crypto32::box_keypair();
        }
        return ParagonIE_Sodium_Crypto::box_keypair();
    }

    /** * Combine two keys into a keypair for use in library methods that expect * a keypair. This doesn't necessarily have to be the same person's keys. * * @param string $secretKey Secret key * @param string $publicKey Public key * @return string Keypair * @throws SodiumException * @throws TypeError * @psalm-suppress MixedArgument */
Home | Imprint | This part of the site doesn't use cookies.