/**
* Derive an encryption key from a password and a salt
*
* @param string $password
* @param string $salt
* @param int $len (how long should the key be?)
*
* @return Key
*/
public function derive($password, $salt, $len = \Sodium::CRYPTO_SECRETBOX_KEYBYTES)
{
if (\mb_strlen($salt, '8bit') !== \Sodium::CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES) {
throw new \Exception('Salt must be ' . \Sodium::CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES . ' bytes long');
}
$this->secretbox_key = \Sodium::crypto_pwhash_scryptsalsa208sha256($len, $password, $salt, \Sodium::CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE, \Sodium::CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE);
\Sodium::memzero($password);
return $this;
}
