PHP Classes

How to Implement PHP Type Safety Using Ristretto PHP: Manipulate values in type safe way using classes

Recommend this page to a friend!
  Info   View files Documentation   View files View files (12)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog (1)    
Ratings Unique User Downloads Download Rankings
Not yet rated by the usersTotal: 33 All time: 10,939 This week: 200Up
Version License PHP version Categories
ristretto-php 1.0.0MIT/X Consortium ...5PHP 5, Cryptography, Data types
Description 

Author

This package can manipulate values in type safe way using classes.

It implements a base class named Ristretto that implements essential functions like comparison of values of the same type and hexadecimal encoding of a value.

The package also provides sub-classes that implement specific functions of some data types, like generating random values, value hashing, and arithmetic operations.

Currently, it provides the following data type classes:

- Group element

- Public Key

- Scalar Value

- Secret Key

Innovation Award
PHP Programming Innovation award nominee
November 2022
Number 6
Type safety is a characteristic of languages that require certain operations with values of the correct values. This characteristic is good for catching bugs early in application development.

PHP was not originally a type-safe language. PHP is more tolerant of developer mistakes. This fact makes PHP a more accepted language among developers without formal education in programming.

This package provides a solution to make PHP more type-safe to avoid that applications shipping code with programming mistakes.

It provides several classes that implement type-safe operations, including some that are useful for cryptography applications.

With this package, you can implement cryptography applications with greater quality when compared to applications that do not use type safety.

Manuel Lemos
Picture of Scott Arciszewski
  Performance   Level  
Name: Scott Arciszewski <contact>
Classes: 36 packages by
Country: United States United States
Age: ???
All time rank: 1183171 in United States United States
Week rank: 117 Up11 in United States United States Up
Innovation award
Innovation award
Nominee: 28x

Winner: 1x

Documentation

Ristretto (PHP)

Build Status Latest Stable Version Latest Unstable Version License Downloads

Implements a type-safe API for working with the Ristretto Group in PHP projects.

Requirements

  • PHP 8.1 or newer

Installing

composer require paragonie/ristretto

Documentation

There are two basic types: ScalarValue and GroupElement.

The ScalarValue object wraps a big integer between 0 and the order of the Ristretto Group, L.

The GroupElement object wraps a group element of the Ristretto Group.

If an analogy helps, in the world of Ed25519 and X25519, the ScalarValue is your secret key, and GroupElement is your public key.

For that reason, there are also a SecretKey and PublicKey class, which contains some basic helper methods for ease-of-use.

Usage

You can convert from scalars to group elements with multBase(), and then use scalarPointMultiply() to perform a commutative group action (e.g. Diffie-Hellman).

<?php
use ParagonIE\Ristretto\{GroupElement, ScalarValue};

$aliceSecret = ScalarValue::random();
$alicePublic = $aliceSecret->multBase();
$bobSecret = ScalarValue::random();
$bobPublic = $bobSecret->multBase();

// You can perform a similar commutative group action
$aliceToBob = $aliceSecret->scalarPointMultiply($bobPublic);
$bobToAlice = $bobSecret->scalarPointMultiply($alicePublic);
var_dump($aliceToBob->equals($bobToAlice)); // bool(true)

Otherwise, most operations are within a given type (GroupElement to GroupElement, ScalarValue to ScalarValue).

GroupElement

<?php
use ParagonIE\Ristretto\{GroupElement};

$x = GroupElement::random();
$y = GroupElement::random();

$z = $x->add($y);
$w = $z->sub($y);
var_dump($w->equals($x)); // bool(true)

ScalarValue

Example

This is a PHP implementation of the libsodium example protocol.

> Perform a secure two-party computation of f(x) = p(x)^k. x is the input sent to the second party > by the first party after blinding it using a random invertible scalar r, and k is a secret key > only known by the second party. p(x) is a hash-to-group function.

<?php
use ParagonIE\Ristretto\{GroupElement};

// -------- First party -------- Send blinded p(x)
$x = random_bytes(64);

// Compute px = p(x), a group element derived from x
$px = GroupElement::fromHash($x);

// Compute a = p(x) * g^r
$r = ScalarValue::random();
$gr = $r->multBase();
$a = $px->add($gr);

// -------- Second party -------- Send g^k and a^k
$k = ScalarValue::random();

// Compute v = g^k
$v = $k->multBase();

// Compute b = a^k
$b = $k->scalarPointMultiply($a);

// -------- First party -------- Unblind f(x)
// Compute vir = v^(-r)
$ir = $r->negate();
$vir = $v->scalarPointMultiply($ir);

// Compute f(x) = b v^(-r) = (p(x) g^r)^k * (g^k)^(-r)
//              = (p(x) g)^k g^(-k) = p(x)^k
$fx = $b->add($vir);

// --------- Correctness testing -----------
// If you knew both p(x) and k, you could calculate it directly.

// Directly calculate p(x)^k with both parties' secrets
$pxk = $px->scalarPointMultiply($k);
var_dump($fx->equals($pxk)); // bool(true)


  Files folder image Files  
File Role Description
Files folder image.github (1 directory)
Files folder imagesrc (5 files)
Files folder imagetests (1 file)
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file phpunit.xml Data Auxiliary data
Accessible without login Plain text file psalm.xml Data Auxiliary data
Accessible without login Plain text file README.md Doc. Read me

  Files folder image Files  /  .github  
File Role Description
Files folder imageworkflows (2 files)

  Files folder image Files  /  .github  /  workflows  
File Role Description
  Accessible without login Plain text file ci.yml Data Auxiliary data
  Accessible without login Plain text file psalm.yml Data Auxiliary data

  Files folder image Files  /  src  
File Role Description
  Accessible without login Plain text file GroupElement.php Class Class source
  Accessible without login Plain text file PublicKey.php Class Class source
  Accessible without login Plain text file Ristretto.php Class Class source
  Accessible without login Plain text file ScalarValue.php Class Class source
  Accessible without login Plain text file SecretKey.php Class Class source

  Files folder image Files  /  tests  
File Role Description
  Accessible without login Plain text file RistrettoTest.php Class Class source

 Version Control Unique User Downloads Download Rankings  
 100%
Total:33
This week:0
All time:10,939
This week:200Up