2 require_once('Crypto.php');
4 $key = Crypto::CreateNewRandomKey();
5 // WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
6 // they may leak the key to the attacker through side channels.
7 } catch (CryptoTestFailedException $ex) {
8 die('Cannot safely create a key');
9 } catch (CannotPerformOperationException $ex) {
10 die('Cannot safely create a key');
13 $message = "ATTACK AT DAWN";
15 $ciphertext = Crypto::Encrypt($message, $key);
16 } catch (CryptoTestFailedException $ex) {
17 die('Cannot safely perform encryption');
18 } catch (CannotPerformOperationException $ex) {
19 die('Cannot safely perform decryption');
23 $decrypted = Crypto::Decrypt($ciphertext, $key);
24 } catch (InvalidCiphertextException $ex) { // VERY IMPORTANT
26 // 1. The ciphertext was modified by the attacker,
27 // 2. The key is wrong, or
28 // 3. $ciphertext is not a valid ciphertext or was corrupted.
30 die('DANGER! DANGER! The ciphertext has been tampered with!');
31 } catch (CryptoTestFailedException $ex) {
32 die('Cannot safely perform encryption');
33 } catch (CannotPerformOperationException $ex) {
34 die('Cannot safely perform decryption');