improve encryption strength

 - Submitted by @john-shaffer - thanks!

 Use the full amount of entropy in encrypt_decrypt. The previous imple¦mentation was using only half the entropy we should have (128 bits for the key instead of 256 and 8 bits for the IV rather than 16).

src/CoreOptions.php

@@ -309,19 +309,21 @@ public static function encrypt_decrypt( string $action, string $string ) : strin
             'ec64SSHB{8|AA_ThIIlm:PD(Z!qga!/Dwll 4|i.?UkC§NNO}z?{Qr/q.KpH55K9';
 
         $key = hash( 'sha256', $secret_key );
-        $variate = substr( hash( 'sha256', $secret_iv ), 0, 16 );
+        $variate = substr( hash( 'sha256', $secret_iv ), 0, 32 );
+        $hex_key = (string) hex2bin( $key );
+        $hex_iv = (string) hex2bin( $variate );
 
         if ( $action == 'decrypt' ) {
             return (string) openssl_decrypt(
                 (string) base64_decode( $string ),
                 $encrypt_method,
-                $key,
+                $hex_key,
                 0,
-                $variate
+                $hex_iv
             );
         }
 
-        $output = openssl_encrypt( $string, $encrypt_method, $key, 0, $variate );
+        $output = openssl_encrypt( $string, $encrypt_method, $hex_key, 0, $hex_iv );
 
         return (string) base64_encode( (string) $output );
     }