use of NewEncryptionKey

[Kiura]

Hello, I was wondering why would one use NewEncryptionKey? As far as I know one creates/stores somewhere EncryptionKey and reuses it for every encryption/decryption (EncryptionKey has to be the same to decode token which has been encoded using the EncryptionKey).

The process of encoding and decoding is not entirely clear, it would be useful to provide some examples of encoding/decoding text, something like this:

var encKey = os.Getenv("ENC_KEY")
// [32]byte{'_','_','r','a','n','d','o','m','_','s','t','r','o','n','g','_','e','n','c','r','y','p','t','i','o','n','_','k','e','y','_','_'}


text := "some text to encrypt"
encText, err := cryptopasta.Encrypt([]byte(text), &encKey)
if err != nil {
  //handle error
}
fmt.Println("plain text:", text)
fmt.Println("encrypted text", encText)

decryptedText, err := cryptopasta.Encrypt(encText, &encKey)
if err != nil {
  //handle error
}
fmt.Println("decrypted text:", decryptedText)

Is the example correct?
Are there any other things to be aware of?

[ptinsley]

In a use case I just wrote I'm actually generating a random encryption key for every bit of data stored and storing those keys encrypted by a master key. For a lot of use cases you are correct you'd have one well protected key and use it all the time.

[Kiura]

@ptinsley, Thank you for the explanation. Maybe it is worth adding a similar example to docs?