(PHP 7 >= 7.2.0, PHP 8)

sodium_crypto_box_sealAnonymous public-key encryption


sodium_crypto_box_seal(string $message, string $public_key): string

Encrypt a message such that only the recipient can decrypt it.

Unlike with sodium_crypto_box(), you only need to know the recipient's public key to use sodium_crypto_box_seal(). One consequence of this convenience, however, is that the ciphertext isn't bound to a static public key, and is therefore not authenticated. Hence, anonymous public-key encryption.

sodium_crypto_box_seal() still provides ciphertext integrity. Just not sender identity authentication.

If you also need sender authentication, the sodium_crypto_sign() functions are likely the best place to start.

Elenco dei parametri


The message to encrypt.


The public key that corresponds to the only key that can decrypt the message.

Valori restituiti

A ciphertext string in the format of (one-time public key, encrypted message, authentication tag).


Example #1 sodium_crypto_box_seal() example

$public_key sodium_crypto_box_publickey($keypair);

// Obfuscated plaintext to make the example more fun
$plaintext_b64 "V3JpdGluZyBzb2Z0d2FyZSBpbiBQSFAgY2FuIGJlIGEgZGVsaWdodCE=";
$decoded_plaintext sodium_base642bin($plaintext_b64SODIUM_BASE64_VARIANT_ORIGINAL);

$sealed sodium_crypto_box_seal($decoded_plaintext$public_key);

$opened sodium_crypto_box_seal_open($sealed$keypair);

Il precedente esempio visualizzerĂ  qualcosa simile a:

string(120) "oRBXXAV4iQBrxlV4A21Bord8Yo/D8ZlrIIGNyaRCcGBfpz0map52I3xq6l+CST+1NSgQkbV+HiYyFjXWiWiaCGupGf+zl4bgWj/A9Adtem7Jt3h3emrMsLw="
string(41) "Writing software in PHP can be a delight!"
add a note add a note

User Contributed Notes 1 note

craig at craigfrancis dot co dot uk
4 years ago
Here's a quick example on how to use sodium_crypto_box_seal(); where you have 2 people exchanging a $message - person 1 encrypts it so that only person 2 can decrypt it. It does not allow person 2 to know who sent it, as only their public key way used (see sodium_crypto_box to do that).


= sodium_crypto_box_keypair();
$keypair_public = sodium_crypto_box_publickey($keypair);
$keypair_secret = sodium_crypto_box_secretkey($keypair);

// $key_public = sodium_crypto_box_publickey_from_secretkey($keypair_secret);
// $keypair = sodium_crypto_box_keypair_from_secretkey_and_publickey($keypair_secret, $key_public);

// Person 1, encrypting

$message = 'hello';

$encrypted = sodium_crypto_box_seal($message, $keypair_public);

base64_encode($encrypted) . "\n";

// Person 2, decrypting

$decrypted = sodium_crypto_box_seal_open($encrypted, $keypair);

$decrypted . "\n";

To Top