halite icon indicating copy to clipboard operation
halite copied to clipboard
verified publisher icon paragonie

How do I store public keys into a database?

Open trymeouteh opened this issue 4 months ago • 2 comments

How do I store a public key into a database and be able to use it later with this library? I am able to save the public key into a file and I could just save the key into a temporary file, and then read that temporary file into a string and store it into a database and the reverse the process by taking the string from the database and writing it into a temporary file and loading the file into a public key.

Is there not a simpler way to achieve this? Or will one have to work with temporary files to achieve this?

trymeouteh avatar Nov 01 '25 19:11 trymeouteh

Use KeyFactory.

Specifically, the export() method will give you a string you can use to save in a database. Later, you can use importEncryptionPublicKey() (or equivalent) for loading it back into a Key object at runtime.

paragonie-security avatar Nov 09 '25 07:11 paragonie-security

Use KeyFactory.

Specifically, the export() method will give you a string you can use to save in a database. Later, you can use importEncryptionPublicKey() (or equivalent) for loading it back into a Key object at runtime.

Thank you.

I did not see the export() method in the KeyFactory docs

I was able to convert the asynchronous keys into strings and convert them back to keys, but I am unable to achieve this with the signature keys. This is my code and it seems there are restrictions for signing keys?

Error

PHP Fatal error:  Uncaught ParagonIE\Halite\Alerts\InvalidKey: Signature public key must be CRYPTO_SIGN_PUBLICKEYBYTES (32) bytes long in /home/john/Desktop/vendor/paragonie/halite/src/Asymmetric/SignaturePublicKey.php:37

Code

<?php

require 'vendor/autoload.php';

const MY_TEXT = 'My Text';

//Create signing and verifying key
$signingVerifyingKeyPairs = \ParagonIE\Halite\KeyFactory::generateSignatureKeyPair();
$signingKey = $signingVerifyingKeyPairs->getSecretKey();
$verifyingKey = $signingVerifyingKeyPairs->getPublicKey();

//Convert signing key into a string
$signingKeyHiddenString = \ParagonIE\Halite\KeyFactory::export($signingKey);
$signingKeyString = $signingKeyHiddenString->getString();
echo $signingKeyString . PHP_EOL . PHP_EOL;

//Convert verifying key into a string
$verifyingKeyHiddenString = \ParagonIE\Halite\KeyFactory::export($verifyingKey);
$verifyingKeyString = $verifyingKeyHiddenString->getString();
echo $verifyingKeyString . PHP_EOL . PHP_EOL;

//Convert signing key string into a key
$signingKeyHiddenString = new \ParagonIE\HiddenString\HiddenString($signingKeyString);
$signingKey = \ParagonIE\Halite\KeyFactory::importSignaturePublicKey($signingKeyHiddenString);

//Convert verifying key string into a key
$verifyingKeyHiddenString = new \ParagonIE\HiddenString\HiddenString($verifyingKeyString);
$verifyingKey = \ParagonIE\Halite\KeyFactory::importSignatureSecretKey($verifyingKeyHiddenString);

//Sign
$signature = \ParagonIE\Halite\Asymmetric\Crypto::sign(MY_TEXT, $signingKey);

echo $signature . PHP_EOL . PHP_EOL;

//Verify
$isValid = \ParagonIE\Halite\Asymmetric\Crypto::verify(MY_TEXT, $verifyingKey, $signature);

if ($isValid) {
	echo 'Valid';
} else {
	echo 'Invalid';
}

echo PHP_EOL;

trymeouteh avatar Nov 10 '25 00:11 trymeouteh