/**
* Encrypt a string
*
* @param string $plaintext
* @return string
*/
public function encrypt($plaintext)
{
$nonce = \Sodium::randombytes_buf(\Sodium::CRYPTO_SECRETBOX_NONCEBYTES);
$encrypted = \base64_encode($nonce . \Sodium::crypto_secretbox(\json_encode($plaintext), $nonce, $this->key->getKey()));
\Sodium::memzero($plaintext);
return $encrypted;
}
/**
* Get a new salt for use with
*
* @return string
*/
public static function newPasswordSalt()
{
return \Sodium::randombytes_buf(\Sodium::CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES);
}
/**
* If the libsodium PHP extension is loaded, we'll use it above any other
* solution.
*
* libsodium-php project:
* @ref https://github.com/jedisct1/libsodium-php
*
* @param int $bytes
*
* @throws Exception
*
* @return string
*/
function random_bytes($bytes)
{
try {
$bytes = RandomCompat_intval($bytes);
} catch (TypeError $ex) {
throw new TypeError('random_bytes(): $bytes must be an integer');
}
if ($bytes < 1) {
throw new Error('Length must be greater than 0');
}
/**
* \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be
* generated in one invocation.
*/
if ($bytes > 2147483647) {
$buf = '';
for ($i = 0; $i < $bytes; $i += 1073741824) {
$n = $bytes - $i > 1073741824 ? 1073741824 : $bytes - $i;
$buf .= Sodium::randombytes_buf($n);
}
} else {
$buf = Sodium::randombytes_buf($bytes);
}
if ($buf !== false) {
if (RandomCompat_strlen($buf) === $bytes) {
return $buf;
}
}
/**
* If we reach here, PHP has failed us.
*/
throw new Exception('Could not gather sufficient random data');
}
