Edit File by line
/home/barbar84/public_h.../wp-inclu.../sodium_c.../src
File: Compat.php
<?php
[0] Fix | Delete
[1] Fix | Delete
/**
[2] Fix | Delete
* Libsodium compatibility layer
[3] Fix | Delete
*
[4] Fix | Delete
* This is the only class you should be interfacing with, as a user of
[5] Fix | Delete
* sodium_compat.
[6] Fix | Delete
*
[7] Fix | Delete
* If the PHP extension for libsodium is installed, it will always use that
[8] Fix | Delete
* instead of our implementations. You get better performance and stronger
[9] Fix | Delete
* guarantees against side-channels that way.
[10] Fix | Delete
*
[11] Fix | Delete
* However, if your users don't have the PHP extension installed, we offer a
[12] Fix | Delete
* compatible interface here. It will give you the correct results as if the
[13] Fix | Delete
* PHP extension was installed. It won't be as fast, of course.
[14] Fix | Delete
*
[15] Fix | Delete
* CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION *
[16] Fix | Delete
* *
[17] Fix | Delete
* Until audited, this is probably not safe to use! DANGER WILL ROBINSON *
[18] Fix | Delete
* *
[19] Fix | Delete
* CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION *
[20] Fix | Delete
*/
[21] Fix | Delete
[22] Fix | Delete
if (class_exists('ParagonIE_Sodium_Compat', false)) {
[23] Fix | Delete
return;
[24] Fix | Delete
}
[25] Fix | Delete
[26] Fix | Delete
class ParagonIE_Sodium_Compat
[27] Fix | Delete
{
[28] Fix | Delete
/**
[29] Fix | Delete
* This parameter prevents the use of the PECL extension.
[30] Fix | Delete
* It should only be used for unit testing.
[31] Fix | Delete
*
[32] Fix | Delete
* @var bool
[33] Fix | Delete
*/
[34] Fix | Delete
public static $disableFallbackForUnitTests = false;
[35] Fix | Delete
[36] Fix | Delete
/**
[37] Fix | Delete
* Use fast multiplication rather than our constant-time multiplication
[38] Fix | Delete
* implementation. Can be enabled at runtime. Only enable this if you
[39] Fix | Delete
* are absolutely certain that there is no timing leak on your platform.
[40] Fix | Delete
*
[41] Fix | Delete
* @var bool
[42] Fix | Delete
*/
[43] Fix | Delete
public static $fastMult = false;
[44] Fix | Delete
[45] Fix | Delete
const LIBRARY_MAJOR_VERSION = 9;
[46] Fix | Delete
const LIBRARY_MINOR_VERSION = 1;
[47] Fix | Delete
const LIBRARY_VERSION_MAJOR = 9;
[48] Fix | Delete
const LIBRARY_VERSION_MINOR = 1;
[49] Fix | Delete
const VERSION_STRING = 'polyfill-1.0.8';
[50] Fix | Delete
[51] Fix | Delete
// From libsodium
[52] Fix | Delete
const BASE64_VARIANT_ORIGINAL = 1;
[53] Fix | Delete
const BASE64_VARIANT_ORIGINAL_NO_PADDING = 3;
[54] Fix | Delete
const BASE64_VARIANT_URLSAFE = 5;
[55] Fix | Delete
const BASE64_VARIANT_URLSAFE_NO_PADDING = 7;
[56] Fix | Delete
const CRYPTO_AEAD_AES256GCM_KEYBYTES = 32;
[57] Fix | Delete
const CRYPTO_AEAD_AES256GCM_NSECBYTES = 0;
[58] Fix | Delete
const CRYPTO_AEAD_AES256GCM_NPUBBYTES = 12;
[59] Fix | Delete
const CRYPTO_AEAD_AES256GCM_ABYTES = 16;
[60] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES = 32;
[61] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES = 0;
[62] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES = 8;
[63] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_ABYTES = 16;
[64] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES = 32;
[65] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES = 0;
[66] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES = 12;
[67] Fix | Delete
const CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES = 16;
[68] Fix | Delete
const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES = 32;
[69] Fix | Delete
const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NSECBYTES = 0;
[70] Fix | Delete
const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES = 24;
[71] Fix | Delete
const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES = 16;
[72] Fix | Delete
const CRYPTO_AUTH_BYTES = 32;
[73] Fix | Delete
const CRYPTO_AUTH_KEYBYTES = 32;
[74] Fix | Delete
const CRYPTO_BOX_SEALBYTES = 16;
[75] Fix | Delete
const CRYPTO_BOX_SECRETKEYBYTES = 32;
[76] Fix | Delete
const CRYPTO_BOX_PUBLICKEYBYTES = 32;
[77] Fix | Delete
const CRYPTO_BOX_KEYPAIRBYTES = 64;
[78] Fix | Delete
const CRYPTO_BOX_MACBYTES = 16;
[79] Fix | Delete
const CRYPTO_BOX_NONCEBYTES = 24;
[80] Fix | Delete
const CRYPTO_BOX_SEEDBYTES = 32;
[81] Fix | Delete
const CRYPTO_CORE_RISTRETTO255_BYTES = 32;
[82] Fix | Delete
const CRYPTO_CORE_RISTRETTO255_SCALARBYTES = 32;
[83] Fix | Delete
const CRYPTO_CORE_RISTRETTO255_HASHBYTES = 64;
[84] Fix | Delete
const CRYPTO_CORE_RISTRETTO255_NONREDUCEDSCALARBYTES = 64;
[85] Fix | Delete
const CRYPTO_KDF_BYTES_MIN = 16;
[86] Fix | Delete
const CRYPTO_KDF_BYTES_MAX = 64;
[87] Fix | Delete
const CRYPTO_KDF_CONTEXTBYTES = 8;
[88] Fix | Delete
const CRYPTO_KDF_KEYBYTES = 32;
[89] Fix | Delete
const CRYPTO_KX_BYTES = 32;
[90] Fix | Delete
const CRYPTO_KX_PRIMITIVE = 'x25519blake2b';
[91] Fix | Delete
const CRYPTO_KX_SEEDBYTES = 32;
[92] Fix | Delete
const CRYPTO_KX_KEYPAIRBYTES = 64;
[93] Fix | Delete
const CRYPTO_KX_PUBLICKEYBYTES = 32;
[94] Fix | Delete
const CRYPTO_KX_SECRETKEYBYTES = 32;
[95] Fix | Delete
const CRYPTO_KX_SESSIONKEYBYTES = 32;
[96] Fix | Delete
const CRYPTO_GENERICHASH_BYTES = 32;
[97] Fix | Delete
const CRYPTO_GENERICHASH_BYTES_MIN = 16;
[98] Fix | Delete
const CRYPTO_GENERICHASH_BYTES_MAX = 64;
[99] Fix | Delete
const CRYPTO_GENERICHASH_KEYBYTES = 32;
[100] Fix | Delete
const CRYPTO_GENERICHASH_KEYBYTES_MIN = 16;
[101] Fix | Delete
const CRYPTO_GENERICHASH_KEYBYTES_MAX = 64;
[102] Fix | Delete
const CRYPTO_PWHASH_SALTBYTES = 16;
[103] Fix | Delete
const CRYPTO_PWHASH_STRPREFIX = '$argon2id$';
[104] Fix | Delete
const CRYPTO_PWHASH_ALG_ARGON2I13 = 1;
[105] Fix | Delete
const CRYPTO_PWHASH_ALG_ARGON2ID13 = 2;
[106] Fix | Delete
const CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE = 33554432;
[107] Fix | Delete
const CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE = 4;
[108] Fix | Delete
const CRYPTO_PWHASH_MEMLIMIT_MODERATE = 134217728;
[109] Fix | Delete
const CRYPTO_PWHASH_OPSLIMIT_MODERATE = 6;
[110] Fix | Delete
const CRYPTO_PWHASH_MEMLIMIT_SENSITIVE = 536870912;
[111] Fix | Delete
const CRYPTO_PWHASH_OPSLIMIT_SENSITIVE = 8;
[112] Fix | Delete
const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES = 32;
[113] Fix | Delete
const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRPREFIX = '$7$';
[114] Fix | Delete
const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE = 534288;
[115] Fix | Delete
const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE = 16777216;
[116] Fix | Delete
const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_SENSITIVE = 33554432;
[117] Fix | Delete
const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_SENSITIVE = 1073741824;
[118] Fix | Delete
const CRYPTO_SCALARMULT_BYTES = 32;
[119] Fix | Delete
const CRYPTO_SCALARMULT_SCALARBYTES = 32;
[120] Fix | Delete
const CRYPTO_SCALARMULT_RISTRETTO255_BYTES = 32;
[121] Fix | Delete
const CRYPTO_SCALARMULT_RISTRETTO255_SCALARBYTES = 32;
[122] Fix | Delete
const CRYPTO_SHORTHASH_BYTES = 8;
[123] Fix | Delete
const CRYPTO_SHORTHASH_KEYBYTES = 16;
[124] Fix | Delete
const CRYPTO_SECRETBOX_KEYBYTES = 32;
[125] Fix | Delete
const CRYPTO_SECRETBOX_MACBYTES = 16;
[126] Fix | Delete
const CRYPTO_SECRETBOX_NONCEBYTES = 24;
[127] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES = 17;
[128] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES = 24;
[129] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_KEYBYTES = 32;
[130] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_PUSH = 0;
[131] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_PULL = 1;
[132] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY = 2;
[133] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_FINAL = 3;
[134] Fix | Delete
const CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX = 0x3fffffff80;
[135] Fix | Delete
const CRYPTO_SIGN_BYTES = 64;
[136] Fix | Delete
const CRYPTO_SIGN_SEEDBYTES = 32;
[137] Fix | Delete
const CRYPTO_SIGN_PUBLICKEYBYTES = 32;
[138] Fix | Delete
const CRYPTO_SIGN_SECRETKEYBYTES = 64;
[139] Fix | Delete
const CRYPTO_SIGN_KEYPAIRBYTES = 96;
[140] Fix | Delete
const CRYPTO_STREAM_KEYBYTES = 32;
[141] Fix | Delete
const CRYPTO_STREAM_NONCEBYTES = 24;
[142] Fix | Delete
const CRYPTO_STREAM_XCHACHA20_KEYBYTES = 32;
[143] Fix | Delete
const CRYPTO_STREAM_XCHACHA20_NONCEBYTES = 24;
[144] Fix | Delete
[145] Fix | Delete
/**
[146] Fix | Delete
* Add two numbers (little-endian unsigned), storing the value in the first
[147] Fix | Delete
* parameter.
[148] Fix | Delete
*
[149] Fix | Delete
* This mutates $val.
[150] Fix | Delete
*
[151] Fix | Delete
* @param string $val
[152] Fix | Delete
* @param string $addv
[153] Fix | Delete
* @return void
[154] Fix | Delete
* @throws SodiumException
[155] Fix | Delete
*/
[156] Fix | Delete
public static function add(&$val, $addv)
[157] Fix | Delete
{
[158] Fix | Delete
$val_len = ParagonIE_Sodium_Core_Util::strlen($val);
[159] Fix | Delete
$addv_len = ParagonIE_Sodium_Core_Util::strlen($addv);
[160] Fix | Delete
if ($val_len !== $addv_len) {
[161] Fix | Delete
throw new SodiumException('values must have the same length');
[162] Fix | Delete
}
[163] Fix | Delete
$A = ParagonIE_Sodium_Core_Util::stringToIntArray($val);
[164] Fix | Delete
$B = ParagonIE_Sodium_Core_Util::stringToIntArray($addv);
[165] Fix | Delete
[166] Fix | Delete
$c = 0;
[167] Fix | Delete
for ($i = 0; $i < $val_len; $i++) {
[168] Fix | Delete
$c += ($A[$i] + $B[$i]);
[169] Fix | Delete
$A[$i] = ($c & 0xff);
[170] Fix | Delete
$c >>= 8;
[171] Fix | Delete
}
[172] Fix | Delete
$val = ParagonIE_Sodium_Core_Util::intArrayToString($A);
[173] Fix | Delete
}
[174] Fix | Delete
[175] Fix | Delete
/**
[176] Fix | Delete
* @param string $encoded
[177] Fix | Delete
* @param int $variant
[178] Fix | Delete
* @param string $ignore
[179] Fix | Delete
* @return string
[180] Fix | Delete
* @throws SodiumException
[181] Fix | Delete
*/
[182] Fix | Delete
public static function base642bin($encoded, $variant, $ignore = '')
[183] Fix | Delete
{
[184] Fix | Delete
/* Type checks: */
[185] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($encoded, 'string', 1);
[186] Fix | Delete
[187] Fix | Delete
/** @var string $encoded */
[188] Fix | Delete
$encoded = (string) $encoded;
[189] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($encoded) === 0) {
[190] Fix | Delete
return '';
[191] Fix | Delete
}
[192] Fix | Delete
[193] Fix | Delete
// Just strip before decoding
[194] Fix | Delete
if (!empty($ignore)) {
[195] Fix | Delete
$encoded = str_replace($ignore, '', $encoded);
[196] Fix | Delete
}
[197] Fix | Delete
[198] Fix | Delete
try {
[199] Fix | Delete
switch ($variant) {
[200] Fix | Delete
case self::BASE64_VARIANT_ORIGINAL:
[201] Fix | Delete
return ParagonIE_Sodium_Core_Base64_Original::decode($encoded, true);
[202] Fix | Delete
case self::BASE64_VARIANT_ORIGINAL_NO_PADDING:
[203] Fix | Delete
return ParagonIE_Sodium_Core_Base64_Original::decode($encoded, false);
[204] Fix | Delete
case self::BASE64_VARIANT_URLSAFE:
[205] Fix | Delete
return ParagonIE_Sodium_Core_Base64_UrlSafe::decode($encoded, true);
[206] Fix | Delete
case self::BASE64_VARIANT_URLSAFE_NO_PADDING:
[207] Fix | Delete
return ParagonIE_Sodium_Core_Base64_UrlSafe::decode($encoded, false);
[208] Fix | Delete
default:
[209] Fix | Delete
throw new SodiumException('invalid base64 variant identifier');
[210] Fix | Delete
}
[211] Fix | Delete
} catch (Exception $ex) {
[212] Fix | Delete
if ($ex instanceof SodiumException) {
[213] Fix | Delete
throw $ex;
[214] Fix | Delete
}
[215] Fix | Delete
throw new SodiumException('invalid base64 string');
[216] Fix | Delete
}
[217] Fix | Delete
}
[218] Fix | Delete
[219] Fix | Delete
/**
[220] Fix | Delete
* @param string $decoded
[221] Fix | Delete
* @param int $variant
[222] Fix | Delete
* @return string
[223] Fix | Delete
* @throws SodiumException
[224] Fix | Delete
*/
[225] Fix | Delete
public static function bin2base64($decoded, $variant)
[226] Fix | Delete
{
[227] Fix | Delete
/* Type checks: */
[228] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($decoded, 'string', 1);
[229] Fix | Delete
/** @var string $decoded */
[230] Fix | Delete
$decoded = (string) $decoded;
[231] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($decoded) === 0) {
[232] Fix | Delete
return '';
[233] Fix | Delete
}
[234] Fix | Delete
[235] Fix | Delete
switch ($variant) {
[236] Fix | Delete
case self::BASE64_VARIANT_ORIGINAL:
[237] Fix | Delete
return ParagonIE_Sodium_Core_Base64_Original::encode($decoded);
[238] Fix | Delete
case self::BASE64_VARIANT_ORIGINAL_NO_PADDING:
[239] Fix | Delete
return ParagonIE_Sodium_Core_Base64_Original::encodeUnpadded($decoded);
[240] Fix | Delete
case self::BASE64_VARIANT_URLSAFE:
[241] Fix | Delete
return ParagonIE_Sodium_Core_Base64_UrlSafe::encode($decoded);
[242] Fix | Delete
case self::BASE64_VARIANT_URLSAFE_NO_PADDING:
[243] Fix | Delete
return ParagonIE_Sodium_Core_Base64_UrlSafe::encodeUnpadded($decoded);
[244] Fix | Delete
default:
[245] Fix | Delete
throw new SodiumException('invalid base64 variant identifier');
[246] Fix | Delete
}
[247] Fix | Delete
}
[248] Fix | Delete
[249] Fix | Delete
/**
[250] Fix | Delete
* Cache-timing-safe implementation of bin2hex().
[251] Fix | Delete
*
[252] Fix | Delete
* @param string $string A string (probably raw binary)
[253] Fix | Delete
* @return string A hexadecimal-encoded string
[254] Fix | Delete
* @throws SodiumException
[255] Fix | Delete
* @throws TypeError
[256] Fix | Delete
* @psalm-suppress MixedArgument
[257] Fix | Delete
*/
[258] Fix | Delete
public static function bin2hex($string)
[259] Fix | Delete
{
[260] Fix | Delete
/* Type checks: */
[261] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1);
[262] Fix | Delete
[263] Fix | Delete
if (self::useNewSodiumAPI()) {
[264] Fix | Delete
return (string) sodium_bin2hex($string);
[265] Fix | Delete
}
[266] Fix | Delete
if (self::use_fallback('bin2hex')) {
[267] Fix | Delete
return (string) call_user_func('\\Sodium\\bin2hex', $string);
[268] Fix | Delete
}
[269] Fix | Delete
return ParagonIE_Sodium_Core_Util::bin2hex($string);
[270] Fix | Delete
}
[271] Fix | Delete
[272] Fix | Delete
/**
[273] Fix | Delete
* Compare two strings, in constant-time.
[274] Fix | Delete
* Compared to memcmp(), compare() is more useful for sorting.
[275] Fix | Delete
*
[276] Fix | Delete
* @param string $left The left operand; must be a string
[277] Fix | Delete
* @param string $right The right operand; must be a string
[278] Fix | Delete
* @return int If < 0 if the left operand is less than the right
[279] Fix | Delete
* If = 0 if both strings are equal
[280] Fix | Delete
* If > 0 if the right operand is less than the left
[281] Fix | Delete
* @throws SodiumException
[282] Fix | Delete
* @throws TypeError
[283] Fix | Delete
* @psalm-suppress MixedArgument
[284] Fix | Delete
*/
[285] Fix | Delete
public static function compare($left, $right)
[286] Fix | Delete
{
[287] Fix | Delete
/* Type checks: */
[288] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1);
[289] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2);
[290] Fix | Delete
[291] Fix | Delete
if (self::useNewSodiumAPI()) {
[292] Fix | Delete
return (int) sodium_compare($left, $right);
[293] Fix | Delete
}
[294] Fix | Delete
if (self::use_fallback('compare')) {
[295] Fix | Delete
return (int) call_user_func('\\Sodium\\compare', $left, $right);
[296] Fix | Delete
}
[297] Fix | Delete
return ParagonIE_Sodium_Core_Util::compare($left, $right);
[298] Fix | Delete
}
[299] Fix | Delete
[300] Fix | Delete
/**
[301] Fix | Delete
* Is AES-256-GCM even available to use?
[302] Fix | Delete
*
[303] Fix | Delete
* @return bool
[304] Fix | Delete
* @psalm-suppress UndefinedFunction
[305] Fix | Delete
* @psalm-suppress MixedInferredReturnType
[306] Fix | Delete
* @psalm-suppress MixedReturnStatement
[307] Fix | Delete
*/
[308] Fix | Delete
public static function crypto_aead_aes256gcm_is_available()
[309] Fix | Delete
{
[310] Fix | Delete
if (self::useNewSodiumAPI()) {
[311] Fix | Delete
return sodium_crypto_aead_aes256gcm_is_available();
[312] Fix | Delete
}
[313] Fix | Delete
if (self::use_fallback('crypto_aead_aes256gcm_is_available')) {
[314] Fix | Delete
return call_user_func('\\Sodium\\crypto_aead_aes256gcm_is_available');
[315] Fix | Delete
}
[316] Fix | Delete
if (PHP_VERSION_ID < 70100) {
[317] Fix | Delete
// OpenSSL doesn't support AEAD before 7.1.0
[318] Fix | Delete
return false;
[319] Fix | Delete
}
[320] Fix | Delete
if (!is_callable('openssl_encrypt') || !is_callable('openssl_decrypt')) {
[321] Fix | Delete
// OpenSSL isn't installed
[322] Fix | Delete
return false;
[323] Fix | Delete
}
[324] Fix | Delete
return (bool) in_array('aes-256-gcm', openssl_get_cipher_methods());
[325] Fix | Delete
}
[326] Fix | Delete
[327] Fix | Delete
/**
[328] Fix | Delete
* Authenticated Encryption with Associated Data: Decryption
[329] Fix | Delete
*
[330] Fix | Delete
* Algorithm:
[331] Fix | Delete
* AES-256-GCM
[332] Fix | Delete
*
[333] Fix | Delete
* This mode uses a 64-bit random nonce with a 64-bit counter.
[334] Fix | Delete
* IETF mode uses a 96-bit random nonce with a 32-bit counter.
[335] Fix | Delete
*
[336] Fix | Delete
* @param string $ciphertext Encrypted message (with Poly1305 MAC appended)
[337] Fix | Delete
* @param string $assocData Authenticated Associated Data (unencrypted)
[338] Fix | Delete
* @param string $nonce Number to be used only Once; must be 8 bytes
[339] Fix | Delete
* @param string $key Encryption key
[340] Fix | Delete
*
[341] Fix | Delete
* @return string|bool The original plaintext message
[342] Fix | Delete
* @throws SodiumException
[343] Fix | Delete
* @throws TypeError
[344] Fix | Delete
* @psalm-suppress MixedArgument
[345] Fix | Delete
* @psalm-suppress MixedInferredReturnType
[346] Fix | Delete
* @psalm-suppress MixedReturnStatement
[347] Fix | Delete
*/
[348] Fix | Delete
public static function crypto_aead_aes256gcm_decrypt(
[349] Fix | Delete
$ciphertext = '',
[350] Fix | Delete
$assocData = '',
[351] Fix | Delete
$nonce = '',
[352] Fix | Delete
$key = ''
[353] Fix | Delete
) {
[354] Fix | Delete
if (!self::crypto_aead_aes256gcm_is_available()) {
[355] Fix | Delete
throw new SodiumException('AES-256-GCM is not available');
[356] Fix | Delete
}
[357] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1);
[358] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2);
[359] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3);
[360] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);
[361] Fix | Delete
[362] Fix | Delete
/* Input validation: */
[363] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AES256GCM_NPUBBYTES) {
[364] Fix | Delete
throw new SodiumException('Nonce must be CRYPTO_AEAD_AES256GCM_NPUBBYTES long');
[365] Fix | Delete
}
[366] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_AES256GCM_KEYBYTES) {
[367] Fix | Delete
throw new SodiumException('Key must be CRYPTO_AEAD_AES256GCM_KEYBYTES long');
[368] Fix | Delete
}
[369] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_AES256GCM_ABYTES) {
[370] Fix | Delete
throw new SodiumException('Message must be at least CRYPTO_AEAD_AES256GCM_ABYTES long');
[371] Fix | Delete
}
[372] Fix | Delete
if (!is_callable('openssl_decrypt')) {
[373] Fix | Delete
throw new SodiumException('The OpenSSL extension is not installed, or openssl_decrypt() is not available');
[374] Fix | Delete
}
[375] Fix | Delete
[376] Fix | Delete
/** @var string $ctext */
[377] Fix | Delete
$ctext = ParagonIE_Sodium_Core_Util::substr($ciphertext, 0, -self::CRYPTO_AEAD_AES256GCM_ABYTES);
[378] Fix | Delete
/** @var string $authTag */
[379] Fix | Delete
$authTag = ParagonIE_Sodium_Core_Util::substr($ciphertext, -self::CRYPTO_AEAD_AES256GCM_ABYTES, 16);
[380] Fix | Delete
return openssl_decrypt(
[381] Fix | Delete
$ctext,
[382] Fix | Delete
'aes-256-gcm',
[383] Fix | Delete
$key,
[384] Fix | Delete
OPENSSL_RAW_DATA,
[385] Fix | Delete
$nonce,
[386] Fix | Delete
$authTag,
[387] Fix | Delete
$assocData
[388] Fix | Delete
);
[389] Fix | Delete
}
[390] Fix | Delete
[391] Fix | Delete
/**
[392] Fix | Delete
* Authenticated Encryption with Associated Data: Encryption
[393] Fix | Delete
*
[394] Fix | Delete
* Algorithm:
[395] Fix | Delete
* AES-256-GCM
[396] Fix | Delete
*
[397] Fix | Delete
* @param string $plaintext Message to be encrypted
[398] Fix | Delete
* @param string $assocData Authenticated Associated Data (unencrypted)
[399] Fix | Delete
* @param string $nonce Number to be used only Once; must be 8 bytes
[400] Fix | Delete
* @param string $key Encryption key
[401] Fix | Delete
*
[402] Fix | Delete
* @return string Ciphertext with a 16-byte GCM message
[403] Fix | Delete
* authentication code appended
[404] Fix | Delete
* @throws SodiumException
[405] Fix | Delete
* @throws TypeError
[406] Fix | Delete
* @psalm-suppress MixedArgument
[407] Fix | Delete
*/
[408] Fix | Delete
public static function crypto_aead_aes256gcm_encrypt(
[409] Fix | Delete
$plaintext = '',
[410] Fix | Delete
$assocData = '',
[411] Fix | Delete
$nonce = '',
[412] Fix | Delete
$key = ''
[413] Fix | Delete
) {
[414] Fix | Delete
if (!self::crypto_aead_aes256gcm_is_available()) {
[415] Fix | Delete
throw new SodiumException('AES-256-GCM is not available');
[416] Fix | Delete
}
[417] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1);
[418] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2);
[419] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3);
[420] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);
[421] Fix | Delete
[422] Fix | Delete
/* Input validation: */
[423] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AES256GCM_NPUBBYTES) {
[424] Fix | Delete
throw new SodiumException('Nonce must be CRYPTO_AEAD_AES256GCM_NPUBBYTES long');
[425] Fix | Delete
}
[426] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_AES256GCM_KEYBYTES) {
[427] Fix | Delete
throw new SodiumException('Key must be CRYPTO_AEAD_AES256GCM_KEYBYTES long');
[428] Fix | Delete
}
[429] Fix | Delete
[430] Fix | Delete
if (!is_callable('openssl_encrypt')) {
[431] Fix | Delete
throw new SodiumException('The OpenSSL extension is not installed, or openssl_encrypt() is not available');
[432] Fix | Delete
}
[433] Fix | Delete
[434] Fix | Delete
$authTag = '';
[435] Fix | Delete
$ciphertext = openssl_encrypt(
[436] Fix | Delete
$plaintext,
[437] Fix | Delete
'aes-256-gcm',
[438] Fix | Delete
$key,
[439] Fix | Delete
OPENSSL_RAW_DATA,
[440] Fix | Delete
$nonce,
[441] Fix | Delete
$authTag,
[442] Fix | Delete
$assocData
[443] Fix | Delete
);
[444] Fix | Delete
return $ciphertext . $authTag;
[445] Fix | Delete
}
[446] Fix | Delete
[447] Fix | Delete
/**
[448] Fix | Delete
* Return a secure random key for use with the AES-256-GCM
[449] Fix | Delete
* symmetric AEAD interface.
[450] Fix | Delete
*
[451] Fix | Delete
* @return string
[452] Fix | Delete
* @throws Exception
[453] Fix | Delete
* @throws Error
[454] Fix | Delete
*/
[455] Fix | Delete
public static function crypto_aead_aes256gcm_keygen()
[456] Fix | Delete
{
[457] Fix | Delete
return random_bytes(self::CRYPTO_AEAD_AES256GCM_KEYBYTES);
[458] Fix | Delete
}
[459] Fix | Delete
[460] Fix | Delete
/**
[461] Fix | Delete
* Authenticated Encryption with Associated Data: Decryption
[462] Fix | Delete
*
[463] Fix | Delete
* Algorithm:
[464] Fix | Delete
* ChaCha20-Poly1305
[465] Fix | Delete
*
[466] Fix | Delete
* This mode uses a 64-bit random nonce with a 64-bit counter.
[467] Fix | Delete
* IETF mode uses a 96-bit random nonce with a 32-bit counter.
[468] Fix | Delete
*
[469] Fix | Delete
* @param string $ciphertext Encrypted message (with Poly1305 MAC appended)
[470] Fix | Delete
* @param string $assocData Authenticated Associated Data (unencrypted)
[471] Fix | Delete
* @param string $nonce Number to be used only Once; must be 8 bytes
[472] Fix | Delete
* @param string $key Encryption key
[473] Fix | Delete
*
[474] Fix | Delete
* @return string The original plaintext message
[475] Fix | Delete
* @throws SodiumException
[476] Fix | Delete
* @throws TypeError
[477] Fix | Delete
* @psalm-suppress MixedArgument
[478] Fix | Delete
* @psalm-suppress MixedInferredReturnType
[479] Fix | Delete
* @psalm-suppress MixedReturnStatement
[480] Fix | Delete
*/
[481] Fix | Delete
public static function crypto_aead_chacha20poly1305_decrypt(
[482] Fix | Delete
$ciphertext = '',
[483] Fix | Delete
$assocData = '',
[484] Fix | Delete
$nonce = '',
[485] Fix | Delete
$key = ''
[486] Fix | Delete
) {
[487] Fix | Delete
/* Type checks: */
[488] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1);
[489] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2);
[490] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3);
[491] Fix | Delete
ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);
[492] Fix | Delete
[493] Fix | Delete
/* Input validation: */
[494] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) {
[495] Fix | Delete
throw new SodiumException('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long');
[496] Fix | Delete
}
[497] Fix | Delete
if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) {
[498] Fix | Delete
throw new SodiumException('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long');
[499] Fix | Delete
123456...8
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function