PHP Classes

File: docs/examples/04-key-generation.md

Recommend this page to a friend!
  Classes of Scott Arciszewski   Cipher Sweet   docs/examples/04-key-generation.md   Download  
File: docs/examples/04-key-generation.md
Role: Auxiliary data
Content type: text/markdown
Description: Auxiliary data
Class: Cipher Sweet
Encrypt data in away that can be searched
Author: By
Last change:
Date: 6 years ago
Size: 1,232 bytes
 

Contents

Class file image Download

Key Generation

Use random_bytes(). It's available in PHP 7 and higher, but a polyfill provided by random_compat is loaded as a Composer dependency, so being on PHP 5 isn't a problem.

Just use random_bytes(), like so:

<?php
require 'vendor/autoload.php';

$key = random_bytes(32);

Then save $key somewhere:

  • A text file
  • A string entry into an existing configuration file
  • A PHP script that does `return ParagonIE\ConstantTime\Hex::decode(/your hex-encoded key here/);`

The sky's the limit, really.

Then, either use an existing KeyProvider or define your own, using the KeyProviderInterface.

That's all there is to it.

Don't do something crazy like try to use a human-memorizable password as an encryption key without key-stretching (i.e. sodium_crypto_pwhash()).

This library tries to side-step common mistakes, but if you go out of your way to do something insecure, it cannot save you from the consequences of your choices.

When in doubt, consult a cryptographer.