function encrypt($plaintext, $password) {
$method = "AES-256-ECB";
$key = hash('sha256', $password, true);
$encrypt_iv = openssl_random_pseudo_bytes(16);
$ciphertext = openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $encrypt_iv);
$hash = hash_hmac('sha256', $ciphertext . $encrypt_iv, $key, true);
return $encrypt_iv . $hash . $ciphertext;
}
function decrypt($ivHashCiphertext, $password) {
$method = "AES-256-ECB";
$decrypt_iv = substr($ivHashCiphertext, 0, 16);
$hash = substr($ivHashCiphertext, 16, 32);
$ciphertext = substr($ivHashCiphertext, 48);
$key = hash('sha256', $password, true);
if (!hash_equals(hash_hmac('sha256', $ciphertext . $decrypt_iv, $key, true), $hash)) return null;
return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $decrypt_iv);
}