$this->
parseParams($params);
if (empty($this->key
)) { throw EncryptionException::
forNeedsStarterKey();
} // create a nonce for this operation
$nonce =
random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES
); // 24 bytes
// add padding before we encrypt the data
if ($this->blockSize <= 0
) { throw EncryptionException::
forEncryptionFailed();
} $data =
sodium_pad($data,
$this->blockSize
);
// encrypt message and combine with nonce
$ciphertext =
$nonce .
sodium_crypto_secretbox($data,
$nonce,
$this->key
);
// cleanup buffers
sodium_memzero($data);
sodium_memzero($this->key
);