public function decrypt($data,
$params = null
) { $this->
parseParams($params);
if (empty($this->key
)) { throw EncryptionException::
forNeedsStarterKey();
} if (mb_strlen($data, '8bit'
) <
(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES + SODIUM_CRYPTO_SECRETBOX_MACBYTES
)) { // message was truncated
throw EncryptionException::
forAuthenticationFailed();
} // Extract info from encrypted data
$nonce = self::
substr($data, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES
);
$ciphertext = self::
substr($data, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES
);
// decrypt data
$data =
sodium_crypto_secretbox_open($ciphertext,
$nonce,
$this->key
);
if ($data === false
) { // message was tampered in transit