The php Function Sodium_Crypto_Sign

There are a lot of built-in functions in PHP that perform common programming tasks. However, not all functions are created equal. Functions can have different types, varying parameters, return values, and other characteristics that you should be aware of before using them.

This article introduces the php function sodium_crypto_sign, which is part of the Sodium library. Sodium is a modern, easy-to-use library for encryption, decryption, signatures, and password hashing. It offers high-level APIs that hide the low-level details of the cryptographic algorithms.

When you use sodium_crypto_sign, you can create a signed message that is only accessible to the recipient. This can prevent malicious tampering of the message. However, the recipient must be able to verify that the message originated from the signer. This is possible by ensuring that the signer is in possession of the sender's public key, and that the message has not been tampered with during transmission.

To use sodium_crypto_sign, you need to have a private and a public key for each recipient. You must exchange these keys securely. Then, each message you encrypt must contain a unique nonce value. This nonce value must be included with the encrypted message to authenticate the message against replay attacks.

Unlike mcrypt and most ciphers from OpenSSL, the Sodium library provides authenticated asymmetric encryption and signatures. To use a symmetric cipher, you must also have a secret key that is only available to the process that encrypts, and a nonce that is unique for each message. This nonce value must be provided to the encrypting process in order to generate an authenticated ciphertext, and it may also be required in order to decrypt a message.

Andreas Behr - CTO of DesertCoderz
You are a developer and looking for Shopware projects?
Apply Now!

sodium_crypto_sign example


        /* Type checks: */
        ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1);
        ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2);

        /* Input validation: */
        if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) {
            throw new SodiumException('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.');
        }

        if (self::useNewSodiumAPI()) {
            return sodium_crypto_sign($message$secretKey);
        }
        if (self::use_fallback('crypto_sign')) {
            return (string) call_user_func('\\Sodium\\crypto_sign', $message$secretKey);
        }
        if (PHP_INT_SIZE === 4) {
            return ParagonIE_Sodium_Crypto32::sign($message$secretKey);
        }
        return ParagonIE_Sodium_Crypto::sign($message$secretKey);
    }

    /** * Validates a signed message then returns the message. * * @param string $signedMessage A signed message * @param string $publicKey A public key * @return string The original message (if the signature is * valid for this public key) * @throws SodiumException * @throws TypeError * @psalm-suppress MixedArgument * @psalm-suppress MixedInferredReturnType * @psalm-suppress MixedReturnStatement */
Home | Imprint | This part of the site doesn't use cookies.