· 6 years ago · Jun 25, 2019, 08:08 AM
1<?php
2
3function encrypt($message, $pass)
4{
5 $alg = SODIUM_CRYPTO_PWHASH_ALG_DEFAULT;
6 $opslimit = SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE;
7 $memlimit = SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE;
8 $final = $salt = openssl_random_pseudo_bytes(SODIUM_CRYPTO_PWHASH_SALTBYTES);
9 $secret_key = sodium_crypto_pwhash(SODIUM_CRYPTO_SECRETBOX_KEYBYTES, $pass, $salt, $opslimit, $memlimit, $alg);
10 $final .= hash_hmac('sha3-256', $message, $secret_key, true);
11 $final .= $nonce = openssl_random_pseudo_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
12 $final .= sodium_crypto_secretbox($message, $nonce, $secret_key);
13 return $final;
14}
15
16function decrypt($encrypted, $pass)
17{
18 $alg = SODIUM_CRYPTO_PWHASH_ALG_DEFAULT;
19 $opslimit = SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE;
20 $memlimit = SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE;
21 $ls = SODIUM_CRYPTO_PWHASH_SALTBYTES;
22 $ln = SODIUM_CRYPTO_SECRETBOX_NONCEBYTES;
23 $salt = substr($encrypted, 0, $ls);
24 $secret_key = sodium_crypto_pwhash(SODIUM_CRYPTO_SECRETBOX_KEYBYTES, $pass, $salt, $opslimit, $memlimit, $alg);
25 $hmac_original = substr($encrypted, $ls, 32);
26 $nonce = substr($encrypted, $ls + 32, $ln);
27 $message = sodium_crypto_secretbox_open(substr($encrypted, $ls + 32 + $ln), $nonce, $secret_key);
28 if (!hash_equals($hmac_original, hash_hmac('sha3-256', $message, $secret_key, true)))
29 return false;
30 return $message;
31}