Sodium and the PHP Function Sodium_CryptoBoxSealOpen
PHP Functions are a set of instructions that will be executed at runtime. The instructions are passed to the functions through the arguments, which are listed within the parentheses of the function name. Each argument has a specific value, and you can include as many arguments as you want. You can use the comma (,) to divide the parameters.
Sodium is a fork of NaCl, and a much more modern and opinionated cryptography library that removes a lot of decision making from the end user. It provides a few algorithms with optimal defaults and opinionated key sizes to encrypt/decrypt data. It also supports authenticated encryption, which protects against Chosen-ciphertext attacks.
The libsodium PHP extension is the recommended way to use Sodium in your applications. It’s available as a PECL extension and is built into PHP since 7.2. Libsodium is highly performant and provides API variants to support a variety of use cases.
For example, it supports Authenticated Asymmetric Encryption/Decryption with crypto_box_seal(). This allows the sender to encrypt the message with the recipient's public key, and for the recipient to decrypt it with their private key. The recipient can then validate the message as being authenticated by the sender.
To do this, the message and some additional data is encoded together into an authentication tag. This tag is then embedded into the ciphertext for later verification. Unlike the case of HMAC, this type of encryption doesn’t require a shared secret key between parties – only the sender's private key is used.