sodium_crypto_sign_detached

(PHP 7 >= 7.2.0, PHP 8)

sodium_crypto_sign_detachedSign the message

说明

sodium_crypto_sign_detached ( string $message , string $secret_key ) : string

Sign a message with a secret key, that can be verified by the corresponding public key. This function returns a detached signature.

参数

message

Message to sign.

secret_key

Secret key. See sodium_crypto_sign_secretkey()

返回值

Cryptographic signature.

User Contributed Notes

cb at dialogs dot com 12-May-2020 01:06
For those(like me) confused by sodium_crypto_sign() vs. sodium_crypto_sign_detached()

From the libsodium docs https://libsodium.gitbook.io/doc/public-key_cryptography/public-key_signatures

The crypto_sign() function prepends a signature to a message  "Combined mode"

In "detached mode" the signature is stored without attaching a copy of the original message to it.
craig at craigfrancis dot co dot uk 25-Aug-2018 07:33
Here's a quick example on how to use sodium_crypto_sign_detached(); where you have a message that you want to sign, so anyone with the public key can confirm that the message hasn't been tampered with.

This is similar to sodium_crypto_sign(), but the returned string does not contain the original message, it is just a signature.

<?php

// $sign_seed = random_bytes(SODIUM_CRYPTO_SIGN_SEEDBYTES);
// $sign_pair = sodium_crypto_sign_seed_keypair($sign_seed);

$sign_pair = sodium_crypto_sign_keypair();
$sign_secret = sodium_crypto_sign_secretkey($sign_pair);
$sign_public = sodium_crypto_sign_publickey($sign_pair);

//--------------------------------------------------
// Person 1, signing

$message = 'Hello';

$signature = sodium_crypto_sign_detached($message, $sign_secret);

//--------------------------------------------------
// Person 2, verifying

$message_valid = sodium_crypto_sign_verify_detached($signature, $message, $sign_public);

if (!
$message_valid) {
    exit(
'Message has been changed.');
}

?>
PHP8中文手册 站长在线 整理 版权归PHP文档组所有