Documentation

Cryptex
in package

FinalYes

Authenticated encryption with XChaCha20-Poly1305.

Use a salt of length SODIUM_CRYPTO_PWHASH_SALTBYTES when deriving the key.

Table of Contents

Constants

MINIMUM_DECODED_PAYLOAD_LENGTH  = self::NONCE_LENGTH + self::TAG_LENGTH
NONCE_LENGTH  = \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES
SALT_LENGTH  = \SODIUM_CRYPTO_PWHASH_SALTBYTES
TAG_LENGTH  = \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES

Methods

decrypt()  : string
Decrypts a hex-encoded nonce and ciphertext produced by encrypt().
encrypt()  : string
Encrypts plaintext with a key derived from the supplied salt.
generateSalt()  : string
Generates a random salt.
assertValidSaltLength()  : void
generateDerivedKey()  : string
Derives the AEAD key from the supplied key material and salt.
wipeBuffer()  : void

Constants

MINIMUM_DECODED_PAYLOAD_LENGTH

private mixed MINIMUM_DECODED_PAYLOAD_LENGTH = self::NONCE_LENGTH + self::TAG_LENGTH

NONCE_LENGTH

private mixed NONCE_LENGTH = \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES

SALT_LENGTH

private mixed SALT_LENGTH = \SODIUM_CRYPTO_PWHASH_SALTBYTES

TAG_LENGTH

private mixed TAG_LENGTH = \SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES

Methods

decrypt()

Decrypts a hex-encoded nonce and ciphertext produced by encrypt().

public static decrypt(string $ciphertext, string $key, string $salt) : string
Parameters
$ciphertext : string

Hex-encoded nonce and ciphertext.

$key : string

Passphrase or key material.

$salt : string

Salt of length SODIUM_CRYPTO_PWHASH_SALTBYTES.

Tags
throws
SaltLengthException

If the salt length is invalid.

throws
NonceLengthException

If the decoded payload is too short.

throws
DecryptionException

If authentication fails.

throws
SodiumException

If hex decoding or key derivation fails.

Return values
string

Plaintext.

encrypt()

Encrypts plaintext with a key derived from the supplied salt.

public static encrypt(string $plaintext, string $key, string $salt) : string

Returns a hex-encoded nonce concatenated with the authenticated ciphertext.

Parameters
$plaintext : string

Plaintext to encrypt.

$key : string

Passphrase or key material.

$salt : string

Salt of length SODIUM_CRYPTO_PWHASH_SALTBYTES.

Tags
throws
EncryptionException

If encryption fails.

throws
SaltLengthException

If the salt length is invalid.

throws
RandomException

If nonce generation fails.

throws
SodiumException

If key derivation or encryption fails.

Return values
string

Hex-encoded nonce and ciphertext.

generateSalt()

Generates a random salt.

public static generateSalt() : string
Tags
throws
RandomException

If salt generation fails.

Return values
string

Random salt of length SODIUM_CRYPTO_PWHASH_SALTBYTES.

assertValidSaltLength()

private static assertValidSaltLength(string $salt) : void
Parameters
$salt : string
Tags
throws
SaltLengthException

If the salt length is invalid.

generateDerivedKey()

Derives the AEAD key from the supplied key material and salt.

private static generateDerivedKey(string $key, string $salt) : string
Parameters
$key : string

Passphrase or key material.

$salt : string

Salt value of length SODIUM_CRYPTO_PWHASH_SALTBYTES.

Tags
throws
SaltLengthException

If the salt is not the expected length.

throws
SodiumException

If key derivation fails.

Return values
string

Derived binary key.

wipeBuffer()

private static wipeBuffer(string &$buffer) : void
Parameters
$buffer : string 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results