Encrypt/decrypt function pair that *only* requires the data to be encrypted and a key

[mnpenner]

It's nice libsodium takes care of many the details, but this is still too much code to get wrong.

1. Why do I need to provide a nonce when it should just be random bytes anyway? What if I use an insecure source of random bytes? What if I provide an incorrect # of bytes? Why do I even need to know SODIUM_CRYPTO_SECRETBOX_NONCEBYTES exists?
2. What's optimal way to package up the nonce and "secretbox" into a single standalone string that I can use for decryption later? In the example linked, we have to know that the nonce can be prefixed with the secret box, and then we have to do this substr stuff to extract it again.
3. What's with all this sodium_memzero stuff? Seems like libsodium PHP bindings should be able to clean up after itself
4. Error checking. libsodium can do all the length checks and throw an Exception if something fails. We shouldn't need to check for false everywhere.

For input/output options, I suggest providing a few different encodings, like binary, base64 and hex. Node providers several: 'ascii', 'utf8', 'utf16le'/'ucs2', 'base64', 'base64url', 'latin1'/'binary', and 'hex'. https://nodejs.org/docs/latest/api/buffer.html#buffers-and-character-encodings (although utf8/16 isn't really relevant here for an output encoding)

The signatures should be something like:

• encryptString($unencrypted_data, $key, $output_encoding='8bit')
• decryptString($encrypted_data, $key, $input_encoding='8bit')

I chose "8bit" for the binary format to match the mb_ family of functions.

[jedisct1]

It doesn't have to be as complicated as the post you linked. The accepted response that immediately follows it is more relevant. Even the README file of the PHP extension has way simpler examples.

Nonces are often defined by the protocol itself. For example, if a sequence of messages is encrypted with the same key, it can be a simple counter. So they don't have to be transmitted at all. sodium_crypto_secretstream() can also take care of everything.

There's no need to check for false anywhere except to check if decryption fails.

Inputs and outputs are binary everywhere. There's no need to encode anything, except if you need to embed binary data in a text such as HTML code. But in that case, it's what filters in HTML template engines are for.

Finally, this repository is about the library itself, not PHP.