PHP 8.4.0 RC4 available for testing

sodium_crypto_auth

(PHP 7 >= 7.2.0, PHP 8)

sodium_crypto_authCompute a tag for the message

Descrição

sodium_crypto_auth(string $message, #[\SensitiveParameter] string $key): string

Symmetric message authentication via sodium_crypto_auth() provides integrity, but not confidentiality.

Unlike with digital signatures (e.g. sodium_crypto_sign_detached()), any party capable of verifying a message is also capable of authenticating their own messages. (Hence, symmetric authentication.)

Parâmetros

message

The message you intend to authenticate

key

Authentication key

Valor Retornado

Authentication tag

adicione uma nota

Notas Enviadas por Usuários (em inglês) 1 note

up
1
craig at craigfrancis dot co dot uk
6 years ago
Here's a quick example on how to use sodium_crypto_auth(); where you have a message that you want to sign, so anyone who can access the *shared* key can confirm that the message hasn't been tampered with.

This is similar to sodium_crypto_sign_detached(), but both signer and verifier have access to the same key.

<?php

$key
= sodium_crypto_auth_keygen();

//--------------------------------------------------
// Person 1, signing

$message = 'Hello';

$signature = sodium_crypto_auth($message, $key);

//--------------------------------------------------
// Person 2, verifying

$message_valid = sodium_crypto_auth_verify($signature, $message, $key);

if (!
$message_valid) {
exit(
'Message has been changed.');
}

?>
To Top