# 警告：sodium_crypto_sign_secretkey()：参数 #1 ($key_pair) 必须是一个不透明的密钥对 (SODIUM_CRYPTO_SIGN_KEYPAIR)，位于 /var/www/app/src/Auth/Ed25519Signer.php 第 34 行

- **ID:** `php/sodium-crypto-sign-keypair-invalid`
- **领域:** php
- **类别:** type_error
- **验证级别:** ai_generated
- **修复率:** 85%

## 根因

向 sodium_crypto_sign_secretkey() 传递了原始字符串或无效对象，而不是由 sodium_crypto_sign_keypair() 生成的有效密钥对。

## 版本兼容性

| 版本 | 状态 | 引入 | 弃用 |
|------|------|------|------|
| PHP 8.1.29 | active | — | — |
| PHP 8.2.17 | active | — | — |
| PHP 8.3.4 | active | — | — |

## 解决方案

1. ```
   Always generate key pairs with sodium_crypto_sign_keypair() and store the entire binary output, then reconstruct with sodium_crypto_sign_secretkey(): $keyPair = sodium_crypto_sign_keypair(); $secretKey = sodium_crypto_sign_secretkey($keyPair);
   ```
2. ```
   If loading from storage, use sodium_crypto_sign_keypair_from_secretkey_and_publickey() with both parts: $keyPair = sodium_crypto_sign_keypair_from_secretkey_and_publickey($secret, $public);
   ```

## 无效尝试

- **** — Base64-decoding the key pair string and passing the raw bytes directly, assuming it's the same as the key pair object, fails because sodium expects a specific internal structure. (85% 失败率)
- **** — Using sodium_crypto_sign_seed_keypair() with an invalid seed length (not exactly 32 bytes) produces a different error but still doesn't fix the type issue. (70% 失败率)