[PHP 7 >= 7.2.0, PHP 8]
sodium_crypto_secretbox — Authenticated shared-key encryption
Description
sodium_crypto_secretbox[string $message, string $nonce, string $key]: string
Parameters
messageThe plaintext message to encrypt.
nonceA number that must be only used once, per message. 24 bytes long. This is a large enough bound to generate randomly [i.e. random_bytes[]].
keyEncryption key [256-bit].
Return Values
Returns the encrypted string.
Errors/Exceptions
- If
noncehas a length of bytes different thanSODIUM_CRYPTO_SECRETBOX_NONCEBYTES[24 bytes], a SodiumException will be thrown. - If
keyhas a length of bytes different thanSODIUM_CRYPTO_SECRETBOX_KEYBYTES[32 bytes], a SodiumException will be thrown. - Throws a SodiumException on failure.
Examples
Example #1 sodium_crypto_secretbox[] example
The above example will output something similar to:
string[78] "3a1fa3e9f7b72ef8be51d40abf8e296c6899c185d07b18b4c93e7f26aa776d24c50852cd6b1076" string[23] "message to be encrypted"
See Also
- sodium_crypto_secretbox_open[] - Authenticated shared-key decryption
- sodium_crypto_secretbox_keygen[] - Generate random key for sodium_crypto_secretbox
- random_bytes[] - Generates cryptographically secure pseudo-random bytes
celso fontes ¶
2 years ago
An example to how encrypt or decrypt using sodium:
The above example will output:
See Also
- sodium_crypto_secretbox[] - Authenticated shared-key encryption
- sodium_crypto_secretbox_keygen[] - Generate random key for sodium_crypto_secretbox
- random_bytes[] - Generates cryptographically secure pseudo-random bytes
khalyomede at gmail dot com ¶
3 years ago
This method will return a string, or false if the data failed to be decrypted.
$key = 'secret';
$data = 'binarydata';
$nonce = random_bytes[SODIUM_CRYPT_SECRETBOX_NONCEBYTES];
$decrypted = sodium_crypto_secretbox_open[$data, $nonce, $key];
if [$decrypted === false] {
throw new Exception['failed to decrypt data'];
}