[PHP 7 >= 7.2.0, PHP 8]
sodium_crypto_secretbox — Authenticated shared-key encryption
Description
sodium_crypto_secretbox[string $message
, string $nonce
, string $key
]: string
Parameters
message
The plaintext message to encrypt.
nonce
A number that must be only used once, per message. 24 bytes long. This is a large enough bound to generate randomly [i.e. random_bytes[]].
key
Encryption key [256-bit].
Return Values
Returns the encrypted string.
Errors/Exceptions
- If
nonce
has a length of bytes different thanSODIUM_CRYPTO_SECRETBOX_NONCEBYTES
[24 bytes], a SodiumException will be thrown. - If
key
has a length of bytes different thanSODIUM_CRYPTO_SECRETBOX_KEYBYTES
[32 bytes], a SodiumException will be thrown. - Throws a SodiumException on failure.
Examples
Example #1 sodium_crypto_secretbox[] example
The above example will output something similar to:
string[78] "3a1fa3e9f7b72ef8be51d40abf8e296c6899c185d07b18b4c93e7f26aa776d24c50852cd6b1076" string[23] "message to be encrypted"
See Also
- sodium_crypto_secretbox_open[] - Authenticated shared-key decryption
- sodium_crypto_secretbox_keygen[] - Generate random key for sodium_crypto_secretbox
- random_bytes[] - Generates cryptographically secure pseudo-random bytes
celso fontes ¶
2 years ago
An example to how encrypt or decrypt using sodium:
The above example will output:
See Also
- sodium_crypto_secretbox[] - Authenticated shared-key encryption
- sodium_crypto_secretbox_keygen[] - Generate random key for sodium_crypto_secretbox
- random_bytes[] - Generates cryptographically secure pseudo-random bytes
khalyomede at gmail dot com ¶
3 years ago
This method will return a string, or false if the data failed to be decrypted.
$key = 'secret';
$data = 'binarydata';
$nonce = random_bytes[SODIUM_CRYPT_SECRETBOX_NONCEBYTES];
$decrypted = sodium_crypto_secretbox_open[$data, $nonce, $key];
if [$decrypted === false] {
throw new Exception['failed to decrypt data'];
}