enmi-conf.org: wp/wp-includes/sodium_compat/src/Crypto32.php@8c2e4d02f4ef (annotated)

9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	2
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	3	if (class_exists('ParagonIE_Sodium_Crypto32', false)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	4	return;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	5	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	6
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	7	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	8	* Class ParagonIE_Sodium_Crypto
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	9	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	10	* ATTENTION!
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	11	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	12	* If you are using this library, you should be using
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	13	* ParagonIE_Sodium_Compat in your code, not this class.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	14	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	15	abstract class ParagonIE_Sodium_Crypto32
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	16	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	17	const aead_chacha20poly1305_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	18	const aead_chacha20poly1305_NSECBYTES = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	19	const aead_chacha20poly1305_NPUBBYTES = 8;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	20	const aead_chacha20poly1305_ABYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	21
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	22	const aead_chacha20poly1305_IETF_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	23	const aead_chacha20poly1305_IETF_NSECBYTES = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	24	const aead_chacha20poly1305_IETF_NPUBBYTES = 12;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	25	const aead_chacha20poly1305_IETF_ABYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	26
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	27	const aead_xchacha20poly1305_IETF_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	28	const aead_xchacha20poly1305_IETF_NSECBYTES = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	29	const aead_xchacha20poly1305_IETF_NPUBBYTES = 24;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	30	const aead_xchacha20poly1305_IETF_ABYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	31
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	32	const box_curve25519xsalsa20poly1305_SEEDBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	33	const box_curve25519xsalsa20poly1305_PUBLICKEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	34	const box_curve25519xsalsa20poly1305_SECRETKEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	35	const box_curve25519xsalsa20poly1305_BEFORENMBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	36	const box_curve25519xsalsa20poly1305_NONCEBYTES = 24;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	37	const box_curve25519xsalsa20poly1305_MACBYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	38	const box_curve25519xsalsa20poly1305_BOXZEROBYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	39	const box_curve25519xsalsa20poly1305_ZEROBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	40
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	41	const onetimeauth_poly1305_BYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	42	const onetimeauth_poly1305_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	43
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	44	const secretbox_xsalsa20poly1305_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	45	const secretbox_xsalsa20poly1305_NONCEBYTES = 24;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	46	const secretbox_xsalsa20poly1305_MACBYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	47	const secretbox_xsalsa20poly1305_BOXZEROBYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	48	const secretbox_xsalsa20poly1305_ZEROBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	49
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	50	const secretbox_xchacha20poly1305_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	51	const secretbox_xchacha20poly1305_NONCEBYTES = 24;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	52	const secretbox_xchacha20poly1305_MACBYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	53	const secretbox_xchacha20poly1305_BOXZEROBYTES = 16;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	54	const secretbox_xchacha20poly1305_ZEROBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	55
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	56	const stream_salsa20_KEYBYTES = 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	57
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	58	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	59	* AEAD Decryption with ChaCha20-Poly1305
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	60	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	61	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	62	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	63	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	64	* @param string $ad
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	65	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	66	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	67	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	68	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	69	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	70	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	71	public static function aead_chacha20poly1305_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	72	$message = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	73	$ad = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	74	$nonce = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	75	$key = ''
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	76	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	77	/** @var int $len - Length of message (ciphertext + MAC) */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	78	$len = ParagonIE_Sodium_Core32_Util::strlen($message);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	79
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	80	/** @var int $clen - Length of ciphertext */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	81	$clen = $len - self::aead_chacha20poly1305_ABYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	82
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	83	/** @var int $adlen - Length of associated data */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	84	$adlen = ParagonIE_Sodium_Core32_Util::strlen($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	85
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	86	/** @var string $mac - Message authentication code */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	87	$mac = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	88	$message,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	89	$clen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	90	self::aead_chacha20poly1305_ABYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	91	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	92
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	93	/** @var string $ciphertext - The encrypted message (sans MAC) */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	94	$ciphertext = ParagonIE_Sodium_Core32_Util::substr($message, 0, $clen);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	95
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	96	/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	97	$block0 = ParagonIE_Sodium_Core32_ChaCha20::stream(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	98	32,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	99	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	100	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	101	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	102
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	103	/* Recalculate the Poly1305 authentication tag (MAC): */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	104	$state = new ParagonIE_Sodium_Core32_Poly1305_State($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	105	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	106	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	107	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	108	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	109	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	110	$state->update($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	111	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	112	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	113	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($clen));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	114	$computed_mac = $state->finish();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	115
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	116	/* Compare the given MAC with the recalculated MAC: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	117	if (!ParagonIE_Sodium_Core32_Util::verify_16($computed_mac, $mac)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	118	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	119	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	120
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	121	// Here, we know that the MAC is valid, so we decrypt and return the plaintext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	122	return ParagonIE_Sodium_Core32_ChaCha20::streamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	123	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	124	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	125	$key,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	126	ParagonIE_Sodium_Core32_Util::store64_le(1)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	127	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	128	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	129
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	130	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	131	* AEAD Encryption with ChaCha20-Poly1305
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	132	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	133	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	134	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	135	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	136	* @param string $ad
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	137	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	138	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	139	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	140	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	141	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	142	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	143	public static function aead_chacha20poly1305_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	144	$message = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	145	$ad = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	146	$nonce = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	147	$key = ''
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	148	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	149	/** @var int $len - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	150	$len = ParagonIE_Sodium_Core32_Util::strlen($message);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	151
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	152	/** @var int $adlen - Length of the associated data */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	153	$adlen = ParagonIE_Sodium_Core32_Util::strlen($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	154
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	155	/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	156	$block0 = ParagonIE_Sodium_Core32_ChaCha20::stream(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	157	32,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	158	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	159	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	160	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	161	$state = new ParagonIE_Sodium_Core32_Poly1305_State($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	162	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	163	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	164	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	165	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	166	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	167
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	168	/** @var string $ciphertext - Raw encrypted data */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	169	$ciphertext = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	170	$message,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	171	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	172	$key,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	173	ParagonIE_Sodium_Core32_Util::store64_le(1)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	174	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	175
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	176	$state->update($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	177	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	178	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	179	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($len));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	180	return $ciphertext . $state->finish();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	181	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	182
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	183	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	184	* AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	185	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	186	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	187	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	188	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	189	* @param string $ad
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	190	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	191	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	192	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	193	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	194	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	195	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	196	public static function aead_chacha20poly1305_ietf_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	197	$message = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	198	$ad = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	199	$nonce = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	200	$key = ''
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	201	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	202	/** @var int $adlen - Length of associated data */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	203	$adlen = ParagonIE_Sodium_Core32_Util::strlen($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	204
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	205	/** @var int $len - Length of message (ciphertext + MAC) */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	206	$len = ParagonIE_Sodium_Core32_Util::strlen($message);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	207
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	208	/** @var int $clen - Length of ciphertext */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	209	$clen = $len - self::aead_chacha20poly1305_IETF_ABYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	210
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	211	/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	212	$block0 = ParagonIE_Sodium_Core32_ChaCha20::ietfStream(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	213	32,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	214	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	215	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	216	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	217
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	218	/** @var string $mac - Message authentication code */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	219	$mac = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	220	$message,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	221	$len - self::aead_chacha20poly1305_IETF_ABYTES,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	222	self::aead_chacha20poly1305_IETF_ABYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	223	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	224
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	225	/** @var string $ciphertext - The encrypted message (sans MAC) */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	226	$ciphertext = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	227	$message,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	228	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	229	$len - self::aead_chacha20poly1305_IETF_ABYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	230	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	231
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	232	/* Recalculate the Poly1305 authentication tag (MAC): */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	233	$state = new ParagonIE_Sodium_Core32_Poly1305_State($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	234	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	235	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	236	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	237	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	238	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	239	$state->update($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	240	$state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	241	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	242	$state->update(str_repeat("\x00", (0x10 - $clen) & 0xf));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	243	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	244	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($clen));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	245	$computed_mac = $state->finish();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	246
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	247	/* Compare the given MAC with the recalculated MAC: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	248	if (!ParagonIE_Sodium_Core32_Util::verify_16($computed_mac, $mac)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	249	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	250	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	251
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	252	// Here, we know that the MAC is valid, so we decrypt and return the plaintext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	253	return ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	254	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	255	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	256	$key,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	257	ParagonIE_Sodium_Core32_Util::store64_le(1)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	258	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	259	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	260
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	261	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	262	* AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	263	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	264	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	265	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	266	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	267	* @param string $ad
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	268	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	269	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	270	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	271	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	272	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	273	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	274	public static function aead_chacha20poly1305_ietf_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	275	$message = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	276	$ad = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	277	$nonce = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	278	$key = ''
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	279	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	280	/** @var int $len - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	281	$len = ParagonIE_Sodium_Core32_Util::strlen($message);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	282
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	283	/** @var int $adlen - Length of the associated data */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	284	$adlen = ParagonIE_Sodium_Core32_Util::strlen($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	285
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	286	/** @var string The first block of the chacha20 keystream, used as a poly1305 key */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	287	$block0 = ParagonIE_Sodium_Core32_ChaCha20::ietfStream(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	288	32,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	289	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	290	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	291	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	292	$state = new ParagonIE_Sodium_Core32_Poly1305_State($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	293	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	294	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	295	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	296	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	297	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	298
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	299	/** @var string $ciphertext - Raw encrypted data */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	300	$ciphertext = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	301	$message,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	302	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	303	$key,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	304	ParagonIE_Sodium_Core32_Util::store64_le(1)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	305	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	306
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	307	$state->update($ad);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	308	$state->update(str_repeat("\x00", ((0x10 - $adlen) & 0xf)));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	309	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	310	$state->update(str_repeat("\x00", ((0x10 - $len) & 0xf)));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	311	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($adlen));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	312	$state->update(ParagonIE_Sodium_Core32_Util::store64_le($len));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	313	return $ciphertext . $state->finish();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	314	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	315
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	316	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	317	* AEAD Decryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	318	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	319	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	320	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	321	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	322	* @param string $ad
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	323	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	324	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	325	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	326	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	327	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	328	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	329	public static function aead_xchacha20poly1305_ietf_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	330	$message = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	331	$ad = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	332	$nonce = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	333	$key = ''
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	334	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	335	$subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	336	ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	337	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	338	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	339	$nonceLast = "\x00\x00\x00\x00" .
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	340	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	341
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	342	return self::aead_chacha20poly1305_ietf_decrypt($message, $ad, $nonceLast, $subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	343	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	344
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	345	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	346	* AEAD Encryption with ChaCha20-Poly1305, IETF mode (96-bit nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	347	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	348	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	349	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	350	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	351	* @param string $ad
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	352	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	353	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	354	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	355	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	356	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	357	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	358	public static function aead_xchacha20poly1305_ietf_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	359	$message = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	360	$ad = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	361	$nonce = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	362	$key = ''
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	363	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	364	$subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	365	ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	366	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	367	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	368	$nonceLast = "\x00\x00\x00\x00" .
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	369	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	370
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	371	return self::aead_chacha20poly1305_ietf_encrypt($message, $ad, $nonceLast, $subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	372	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	373
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	374	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	375	* HMAC-SHA-512-256 (a.k.a. the leftmost 256 bits of HMAC-SHA-512)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	376	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	377	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	378	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	379	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	380	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	381	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	382	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	383	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	384	public static function auth($message, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	385	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	386	return ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	387	hash_hmac('sha512', $message, $key, true),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	388	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	389	32
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	390	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	391	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	392
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	393	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	394	* HMAC-SHA-512-256 validation. Constant-time via hash_equals().
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	395	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	396	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	397	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	398	* @param string $mac
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	399	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	400	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	401	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	402	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	403	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	404	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	405	public static function auth_verify($mac, $message, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	406	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	407	return ParagonIE_Sodium_Core32_Util::hashEquals(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	408	$mac,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	409	self::auth($message, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	410	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	411	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	412
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	413	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	414	* X25519 key exchange followed by XSalsa20Poly1305 symmetric encryption
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	415	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	416	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	417	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	418	* @param string $plaintext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	419	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	420	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	421	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	422	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	423	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	424	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	425	public static function box($plaintext, $nonce, $keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	426	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	427	return self::secretbox(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	428	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	429	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	430	self::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	431	self::box_secretkey($keypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	432	self::box_publickey($keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	433	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	434	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	435	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	436
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	437	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	438	* X25519-XSalsa20-Poly1305 with one ephemeral X25519 keypair.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	439	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	440	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	441	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	442	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	443	* @param string $publicKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	444	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	445	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	446	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	447	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	448	public static function box_seal($message, $publicKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	449	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	450	/** @var string $ephemeralKeypair */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	451	$ephemeralKeypair = self::box_keypair();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	452
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	453	/** @var string $ephemeralSK */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	454	$ephemeralSK = self::box_secretkey($ephemeralKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	455
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	456	/** @var string $ephemeralPK */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	457	$ephemeralPK = self::box_publickey($ephemeralKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	458
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	459	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	460	$nonce = self::generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	461	$ephemeralPK . $publicKey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	462	'',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	463	24
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	464	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	465
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	466	/** @var string $keypair - The combined keypair used in crypto_box() */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	467	$keypair = self::box_keypair_from_secretkey_and_publickey($ephemeralSK, $publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	468
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	469	/** @var string $ciphertext Ciphertext + MAC from crypto_box */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	470	$ciphertext = self::box($message, $nonce, $keypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	471	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	472	ParagonIE_Sodium_Compat::memzero($ephemeralKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	473	ParagonIE_Sodium_Compat::memzero($ephemeralSK);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	474	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	475	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	476	$ephemeralKeypair = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	477	$ephemeralSK = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	478	$nonce = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	479	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	480	return $ephemeralPK . $ciphertext;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	481	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	482
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	483	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	484	* Opens a message encrypted via box_seal().
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	485	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	486	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	487	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	488	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	489	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	490	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	491	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	492	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	493	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	494	public static function box_seal_open($message, $keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	495	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	496	/** @var string $ephemeralPK */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	497	$ephemeralPK = ParagonIE_Sodium_Core32_Util::substr($message, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	498
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	499	/** @var string $ciphertext (ciphertext + MAC) */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	500	$ciphertext = ParagonIE_Sodium_Core32_Util::substr($message, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	501
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	502	/** @var string $secretKey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	503	$secretKey = self::box_secretkey($keypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	504
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	505	/** @var string $publicKey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	506	$publicKey = self::box_publickey($keypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	507
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	508	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	509	$nonce = self::generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	510	$ephemeralPK . $publicKey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	511	'',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	512	24
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	513	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	514
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	515	/** @var string $keypair */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	516	$keypair = self::box_keypair_from_secretkey_and_publickey($secretKey, $ephemeralPK);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	517
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	518	/** @var string $m */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	519	$m = self::box_open($ciphertext, $nonce, $keypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	520	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	521	ParagonIE_Sodium_Compat::memzero($secretKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	522	ParagonIE_Sodium_Compat::memzero($ephemeralPK);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	523	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	524	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	525	$secretKey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	526	$ephemeralPK = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	527	$nonce = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	528	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	529	return $m;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	530	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	531
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	532	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	533	* Used by crypto_box() to get the crypto_secretbox() key.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	534	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	535	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	536	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	537	* @param string $sk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	538	* @param string $pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	539	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	540	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	541	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	542	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	543	public static function box_beforenm($sk, $pk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	544	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	545	return ParagonIE_Sodium_Core32_HSalsa20::hsalsa20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	546	str_repeat("\x00", 16),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	547	self::scalarmult($sk, $pk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	548	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	549	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	550
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	551	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	552	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	553	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	554	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	555	* @throws Exception
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	556	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	557	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	558	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	559	public static function box_keypair()
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	560	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	561	$sKey = random_bytes(32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	562	$pKey = self::scalarmult_base($sKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	563	return $sKey . $pKey;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	564	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	565
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	566	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	567	* @param string $seed
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	568	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	569	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	570	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	571	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	572	public static function box_seed_keypair($seed)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	573	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	574	$sKey = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	575	hash('sha512', $seed, true),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	576	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	577	32
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	578	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	579	$pKey = self::scalarmult_base($sKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	580	return $sKey . $pKey;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	581	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	582
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	583	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	584	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	585	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	586	* @param string $sKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	587	* @param string $pKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	588	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	589	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	590	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	591	public static function box_keypair_from_secretkey_and_publickey($sKey, $pKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	592	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	593	return ParagonIE_Sodium_Core32_Util::substr($sKey, 0, 32) .
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	594	ParagonIE_Sodium_Core32_Util::substr($pKey, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	595	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	596
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	597	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	598	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	599	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	600	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	601	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	602	* @throws RangeException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	603	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	604	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	605	public static function box_secretkey($keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	606	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	607	if (ParagonIE_Sodium_Core32_Util::strlen($keypair) !== 64) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	608	throw new RangeException(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	609	'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	610	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	611	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	612	return ParagonIE_Sodium_Core32_Util::substr($keypair, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	613	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	614
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	615	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	616	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	617	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	618	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	619	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	620	* @throws RangeException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	621	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	622	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	623	public static function box_publickey($keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	624	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	625	if (ParagonIE_Sodium_Core32_Util::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	626	throw new RangeException(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	627	'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES bytes long.'
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	628	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	629	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	630	return ParagonIE_Sodium_Core32_Util::substr($keypair, 32, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	631	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	632
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	633	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	634	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	635	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	636	* @param string $sKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	637	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	638	* @throws RangeException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	639	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	640	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	641	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	642	public static function box_publickey_from_secretkey($sKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	643	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	644	if (ParagonIE_Sodium_Core32_Util::strlen($sKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	645	throw new RangeException(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	646	'Must be ParagonIE_Sodium_Compat::CRYPTO_BOX_SECRETKEYBYTES bytes long.'
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	647	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	648	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	649	return self::scalarmult_base($sKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	650	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	651
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	652	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	653	* Decrypt a message encrypted with box().
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	654	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	655	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	656	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	657	* @param string $ciphertext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	658	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	659	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	660	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	661	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	662	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	663	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	664	public static function box_open($ciphertext, $nonce, $keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	665	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	666	return self::secretbox_open(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	667	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	668	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	669	self::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	670	self::box_secretkey($keypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	671	self::box_publickey($keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	672	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	673	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	674	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	675
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	676	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	677	* Calculate a BLAKE2b hash.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	678	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	679	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	680	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	681	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	682	* @param string\|null $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	683	* @param int $outlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	684	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	685	* @throws RangeException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	686	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	687	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	688	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	689	public static function generichash($message, $key = '', $outlen = 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	690	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	691	// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	692	ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	693
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	694	$k = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	695	if (!empty($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	696	/** @var SplFixedArray $k */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	697	$k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	698	if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	699	throw new RangeException('Invalid key size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	700	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	701	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	702
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	703	/** @var SplFixedArray $in */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	704	$in = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($message);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	705
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	706	/** @var SplFixedArray $ctx */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	707	$ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outlen);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	708	ParagonIE_Sodium_Core32_BLAKE2b::update($ctx, $in, $in->count());
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	709
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	710	/** @var SplFixedArray $out */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	711	$out = new SplFixedArray($outlen);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	712	$out = ParagonIE_Sodium_Core32_BLAKE2b::finish($ctx, $out);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	713
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	714	/** @var array<int, int> */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	715	$outArray = $out->toArray();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	716	return ParagonIE_Sodium_Core32_Util::intArrayToString($outArray);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	717	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	718
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	719	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	720	* Finalize a BLAKE2b hashing context, returning the hash.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	721	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	722	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	723	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	724	* @param string $ctx
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	725	* @param int $outlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	726	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	727	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	728	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	729	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	730	public static function generichash_final($ctx, $outlen = 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	731	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	732	if (!is_string($ctx)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	733	throw new TypeError('Context must be a string');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	734	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	735	$out = new SplFixedArray($outlen);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	736
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	737	/** @var SplFixedArray $context */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	738	$context = ParagonIE_Sodium_Core32_BLAKE2b::stringToContext($ctx);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	739
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	740	/** @var SplFixedArray $out */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	741	$out = ParagonIE_Sodium_Core32_BLAKE2b::finish($context, $out);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	742
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	743	/** @var array<int, int> */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	744	$outArray = $out->toArray();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	745	return ParagonIE_Sodium_Core32_Util::intArrayToString($outArray);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	746	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	747
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	748	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	749	* Initialize a hashing context for BLAKE2b.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	750	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	751	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	752	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	753	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	754	* @param int $outputLength
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	755	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	756	* @throws RangeException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	757	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	758	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	759	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	760	public static function generichash_init($key = '', $outputLength = 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	761	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	762	// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	763	ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	764
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	765	$k = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	766	if (!empty($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	767	$k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	768	if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	769	throw new RangeException('Invalid key size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	770	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	771	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	772
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	773	/** @var SplFixedArray $ctx */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	774	$ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outputLength);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	775
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	776	return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	777	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	778
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	779	/**
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	780	* Initialize a hashing context for BLAKE2b.
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	781	*
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	782	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	783	*
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	784	* @param string $key
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	785	* @param int $outputLength
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	786	* @param string $salt
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	787	* @param string $personal
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	788	* @return string
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	789	* @throws RangeException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	790	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	791	* @throws TypeError
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	792	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	793	public static function generichash_init_salt_personal(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	794	$key = '',
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	795	$outputLength = 32,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	796	$salt = '',
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	797	$personal = ''
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	798	) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	799	// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	800	ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	801
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	802	$k = null;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	803	if (!empty($key)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	804	$k = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($key);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	805	if ($k->count() > ParagonIE_Sodium_Core32_BLAKE2b::KEYBYTES) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	806	throw new RangeException('Invalid key size');
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	807	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	808	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	809	if (!empty($salt)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	810	$s = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($salt);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	811	} else {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	812	$s = null;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	813	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	814	if (!empty($salt)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	815	$p = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($personal);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	816	} else {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	817	$p = null;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	818	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	819
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	820	/** @var SplFixedArray $ctx */
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	821	$ctx = ParagonIE_Sodium_Core32_BLAKE2b::init($k, $outputLength, $s, $p);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	822
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	823	return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($ctx);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	824	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	825
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	826	/**
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	827	* Update a hashing context for BLAKE2b with $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	828	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	829	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	830	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	831	* @param string $ctx
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	832	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	833	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	834	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	835	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	836	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	837	public static function generichash_update($ctx, $message)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	838	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	839	// This ensures that ParagonIE_Sodium_Core32_BLAKE2b::$iv is initialized
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	840	ParagonIE_Sodium_Core32_BLAKE2b::pseudoConstructor();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	841
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	842	/** @var SplFixedArray $context */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	843	$context = ParagonIE_Sodium_Core32_BLAKE2b::stringToContext($ctx);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	844
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	845	/** @var SplFixedArray $in */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	846	$in = ParagonIE_Sodium_Core32_BLAKE2b::stringToSplFixedArray($message);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	847
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	848	ParagonIE_Sodium_Core32_BLAKE2b::update($context, $in, $in->count());
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	849
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	850	return ParagonIE_Sodium_Core32_BLAKE2b::contextToString($context);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	851	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	852
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	853	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	854	* Libsodium's crypto_kx().
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	855	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	856	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	857	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	858	* @param string $my_sk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	859	* @param string $their_pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	860	* @param string $client_pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	861	* @param string $server_pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	862	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	863	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	864	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	865	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	866	public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	867	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	868	return self::generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	869	self::scalarmult($my_sk, $their_pk) .
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	870	$client_pk .
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	871	$server_pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	872	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	873	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	874
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	875	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	876	* ECDH over Curve25519
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	877	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	878	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	879	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	880	* @param string $sKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	881	* @param string $pKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	882	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	883	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	884	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	885	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	886	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	887	public static function scalarmult($sKey, $pKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	888	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	889	$q = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10($sKey, $pKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	890	self::scalarmult_throw_if_zero($q);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	891	return $q;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	892	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	893
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	894	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	895	* ECDH over Curve25519, using the basepoint.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	896	* Used to get a secret key from a public key.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	897	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	898	* @param string $secret
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	899	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	900	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	901	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	902	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	903	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	904	public static function scalarmult_base($secret)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	905	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	906	$q = ParagonIE_Sodium_Core32_X25519::crypto_scalarmult_curve25519_ref10_base($secret);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	907	self::scalarmult_throw_if_zero($q);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	908	return $q;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	909	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	910
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	911	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	912	* This throws an Error if a zero public key was passed to the function.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	913	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	914	* @param string $q
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	915	* @return void
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	916	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	917	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	918	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	919	protected static function scalarmult_throw_if_zero($q)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	920	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	921	$d = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	922	for ($i = 0; $i < self::box_curve25519xsalsa20poly1305_SECRETKEYBYTES; ++$i) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	923	$d \|= ParagonIE_Sodium_Core32_Util::chrToInt($q[$i]);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	924	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	925
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	926	/* branch-free variant of === 0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	927	if (-(1 & (($d - 1) >> 8))) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	928	throw new SodiumException('Zero public key is not allowed');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	929	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	930	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	931
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	932	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	933	* XSalsa20-Poly1305 authenticated symmetric-key encryption.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	934	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	935	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	936	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	937	* @param string $plaintext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	938	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	939	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	940	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	941	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	942	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	943	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	944	public static function secretbox($plaintext, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	945	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	946	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	947	$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	948
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	949	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	950	$block0 = str_repeat("\x00", 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	951
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	952	/** @var int $mlen - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	953	$mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	954	$mlen0 = $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	955	if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	956	$mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	957	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	958	$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	959
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	960	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	961	$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	962	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	963	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	964	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	965	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	966
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	967	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	968	$c = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	969	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	970	self::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	971	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	972	if ($mlen > $mlen0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	973	$c .= ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	974	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	975	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	976	self::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	977	),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	978	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	979	1,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	980	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	981	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	982	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	983	$state = new ParagonIE_Sodium_Core32_Poly1305_State(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	984	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	985	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	986	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	987	self::onetimeauth_poly1305_KEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	988	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	989	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	990	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	991	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	992	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	993	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	994	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	995	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	996	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	997
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	998	$state->update($c);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	999
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1000	/** @var string $c - MAC \|\| ciphertext */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1001	$c = $state->finish() . $c;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1002	unset($state);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1003
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1004	return $c;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1005	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1006
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1007	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1008	* Decrypt a ciphertext generated via secretbox().
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1009	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1010	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1011	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1012	* @param string $ciphertext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1013	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1014	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1015	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1016	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1017	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1018	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1019	public static function secretbox_open($ciphertext, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1020	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1021	/** @var string $mac */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1022	$mac = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1023	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1024	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1025	self::secretbox_xsalsa20poly1305_MACBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1026	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1027
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1028	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1029	$c = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1030	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1031	self::secretbox_xsalsa20poly1305_MACBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1032	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1033
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1034	/** @var int $clen */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1035	$clen = ParagonIE_Sodium_Core32_Util::strlen($c);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1036
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1037	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1038	$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1039
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1040	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1041	$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1042	64,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1043	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1044	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1045	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1046	$verified = ParagonIE_Sodium_Core32_Poly1305::onetimeauth_verify(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1047	$mac,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1048	$c,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1049	ParagonIE_Sodium_Core32_Util::substr($block0, 0, 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1050	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1051	if (!$verified) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1052	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1053	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1054	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1055	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1056	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1057	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1058	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1059
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1060	/** @var string $m - Decrypted message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1061	$m = ParagonIE_Sodium_Core32_Util::xorStrings(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1062	ParagonIE_Sodium_Core32_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1063	ParagonIE_Sodium_Core32_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1064	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1065	if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1066	// We had more than 1 block, so let's continue to decrypt the rest.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1067	$m .= ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1068	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1069	$c,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1070	self::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1071	),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1072	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1073	1,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1074	(string) $subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1075	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1076	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1077	return $m;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1078	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1079
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1080	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1081	* XChaCha20-Poly1305 authenticated symmetric-key encryption.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1082	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1083	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1084	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1085	* @param string $plaintext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1086	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1087	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1088	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1089	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1090	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1091	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1092	public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1093	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1094	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1095	$subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1096	ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1097	$key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1098	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1099	$nonceLast = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1100
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1101	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1102	$block0 = str_repeat("\x00", 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1103
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1104	/** @var int $mlen - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1105	$mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1106	$mlen0 = $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1107	if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1108	$mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1109	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1110	$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1111
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1112	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1113	$block0 = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1114	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1115	$nonceLast,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1116	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1117	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1118
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1119	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1120	$c = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1121	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1122	self::secretbox_xchacha20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1123	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1124	if ($mlen > $mlen0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1125	$c .= ParagonIE_Sodium_Core32_ChaCha20::streamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1126	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1127	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1128	self::secretbox_xchacha20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1129	),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1130	$nonceLast,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1131	$subkey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1132	ParagonIE_Sodium_Core32_Util::store64_le(1)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1133	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1134	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1135	$state = new ParagonIE_Sodium_Core32_Poly1305_State(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1136	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1137	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1138	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1139	self::onetimeauth_poly1305_KEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1140	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1141	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1142	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1143	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1144	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1145	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1146	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1147	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1148	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1149
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1150	$state->update($c);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1151
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1152	/** @var string $c - MAC \|\| ciphertext */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1153	$c = $state->finish() . $c;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1154	unset($state);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1155
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1156	return $c;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1157	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1158
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1159	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1160	* Decrypt a ciphertext generated via secretbox_xchacha20poly1305().
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1161	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1162	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1163	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1164	* @param string $ciphertext
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1165	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1166	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1167	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1168	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1169	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1170	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1171	public static function secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1172	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1173	/** @var string $mac */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1174	$mac = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1175	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1176	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1177	self::secretbox_xchacha20poly1305_MACBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1178	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1179
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1180	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1181	$c = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1182	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1183	self::secretbox_xchacha20poly1305_MACBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1184	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1185
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1186	/** @var int $clen */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1187	$clen = ParagonIE_Sodium_Core32_Util::strlen($c);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1188
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1189	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1190	$subkey = ParagonIE_Sodium_Core32_HChaCha20::hchacha20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1191
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1192	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1193	$block0 = ParagonIE_Sodium_Core32_ChaCha20::stream(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1194	64,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1195	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1196	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1197	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1198	$verified = ParagonIE_Sodium_Core32_Poly1305::onetimeauth_verify(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1199	$mac,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1200	$c,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1201	ParagonIE_Sodium_Core32_Util::substr($block0, 0, 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1202	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1203
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1204	if (!$verified) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1205	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1206	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1207	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1208	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1209	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1210	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1211	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1212
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1213	/** @var string $m - Decrypted message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1214	$m = ParagonIE_Sodium_Core32_Util::xorStrings(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1215	ParagonIE_Sodium_Core32_Util::substr($block0, self::secretbox_xchacha20poly1305_ZEROBYTES),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1216	ParagonIE_Sodium_Core32_Util::substr($c, 0, self::secretbox_xchacha20poly1305_ZEROBYTES)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1217	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1218
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1219	if ($clen > self::secretbox_xchacha20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1220	// We had more than 1 block, so let's continue to decrypt the rest.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1221	$m .= ParagonIE_Sodium_Core32_ChaCha20::streamXorIc(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1222	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1223	$c,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1224	self::secretbox_xchacha20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1225	),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1226	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1227	(string) $subkey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1228	ParagonIE_Sodium_Core32_Util::store64_le(1)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1229	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1230	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1231	return $m;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1232	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1233
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1234	/**
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1235	* @param string $key
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1236	* @return array<int, string> Returns a state and a header.
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1237	* @throws Exception
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1238	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1239	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1240	public static function secretstream_xchacha20poly1305_init_push($key)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1241	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1242	# randombytes_buf(out, crypto_secretstream_xchacha20poly1305_HEADERBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1243	$out = random_bytes(24);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1244
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1245	# crypto_core_hchacha20(state->k, out, k, NULL);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1246	$subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20($out, $key);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1247	$state = new ParagonIE_Sodium_Core32_SecretStream_State(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1248	$subkey,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1249	ParagonIE_Sodium_Core32_Util::substr($out, 16, 8) . str_repeat("\0", 4)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1250	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1251
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1252	# _crypto_secretstream_xchacha20poly1305_counter_reset(state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1253	$state->counterReset();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1254
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1255	# memcpy(STATE_INONCE(state), out + crypto_core_hchacha20_INPUTBYTES,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1256	# crypto_secretstream_xchacha20poly1305_INONCEBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1257	# memset(state->_pad, 0, sizeof state->_pad);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1258	return array(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1259	$state->toString(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1260	$out
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1261	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1262	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1263
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1264	/**
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1265	* @param string $key
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1266	* @param string $header
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1267	* @return string Returns a state.
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1268	* @throws Exception
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1269	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1270	public static function secretstream_xchacha20poly1305_init_pull($key, $header)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1271	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1272	# crypto_core_hchacha20(state->k, in, k, NULL);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1273	$subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1274	ParagonIE_Sodium_Core32_Util::substr($header, 0, 16),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1275	$key
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1276	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1277	$state = new ParagonIE_Sodium_Core32_SecretStream_State(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1278	$subkey,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1279	ParagonIE_Sodium_Core32_Util::substr($header, 16)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1280	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1281	$state->counterReset();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1282	# memcpy(STATE_INONCE(state), in + crypto_core_hchacha20_INPUTBYTES,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1283	# crypto_secretstream_xchacha20poly1305_INONCEBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1284	# memset(state->_pad, 0, sizeof state->_pad);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1285	# return 0;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1286	return $state->toString();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1287	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1288
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1289	/**
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1290	* @param string $state
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1291	* @param string $msg
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1292	* @param string $aad
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1293	* @param int $tag
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1294	* @return string
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1295	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1296	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1297	public static function secretstream_xchacha20poly1305_push(&$state, $msg, $aad = '', $tag = 0)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1298	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1299	$st = ParagonIE_Sodium_Core32_SecretStream_State::fromString($state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1300	# crypto_onetimeauth_poly1305_state poly1305_state;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1301	# unsigned char block[64U];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1302	# unsigned char slen[8U];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1303	# unsigned char *c;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1304	# unsigned char *mac;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1305
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1306	$msglen = ParagonIE_Sodium_Core32_Util::strlen($msg);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1307	$aadlen = ParagonIE_Sodium_Core32_Util::strlen($aad);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1308
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1309	if ((($msglen + 63) >> 6) > 0xfffffffe) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1310	throw new SodiumException(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1311	'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1312	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1313	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1314
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1315	# if (outlen_p != NULL) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1316	# *outlen_p = 0U;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1317	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1318	# if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1319	# sodium_misuse();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1320	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1321
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1322	# crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1323	# crypto_onetimeauth_poly1305_init(&poly1305_state, block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1324	# sodium_memzero(block, sizeof block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1325	$auth = new ParagonIE_Sodium_Core32_Poly1305_State(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1326	ParagonIE_Sodium_Core32_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1327	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1328
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1329	# crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1330	$auth->update($aad);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1331
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1332	# crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1333	# (0x10 - adlen) & 0xf);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1334	$auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1335
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1336	# memset(block, 0, sizeof block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1337	# block[0] = tag;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1338	# crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1339	# state->nonce, 1U, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1340	$block = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1341	ParagonIE_Sodium_Core32_Util::intToChr($tag) . str_repeat("\0", 63),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1342	$st->getCombinedNonce(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1343	$st->getKey(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1344	ParagonIE_Sodium_Core32_Util::store64_le(1)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1345	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1346
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1347	# crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1348	$auth->update($block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1349
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1350	# out[0] = block[0];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1351	$out = $block[0];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1352	# c = out + (sizeof tag);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1353	# crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, state->nonce, 2U, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1354	$cipher = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1355	$msg,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1356	$st->getCombinedNonce(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1357	$st->getKey(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1358	ParagonIE_Sodium_Core32_Util::store64_le(2)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1359	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1360
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1361	# crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1362	$auth->update($cipher);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1363
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1364	$out .= $cipher;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1365	unset($cipher);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1366
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1367	# crypto_onetimeauth_poly1305_update
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1368	# (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1369	$auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1370
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1371	# STORE64_LE(slen, (uint64_t) adlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1372	$slen = ParagonIE_Sodium_Core32_Util::store64_le($aadlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1373
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1374	# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1375	$auth->update($slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1376
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1377	# STORE64_LE(slen, (sizeof block) + mlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1378	$slen = ParagonIE_Sodium_Core32_Util::store64_le(64 + $msglen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1379
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1380	# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1381	$auth->update($slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1382
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1383	# mac = c + mlen;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1384	# crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1385	$mac = $auth->finish();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1386	$out .= $mac;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1387
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1388	# sodium_memzero(&poly1305_state, sizeof poly1305_state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1389	unset($auth);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1390
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1391
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1392	# XOR_BUF(STATE_INONCE(state), mac,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1393	# crypto_secretstream_xchacha20poly1305_INONCEBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1394	$st->xorNonce($mac);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1395
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1396	# sodium_increment(STATE_COUNTER(state),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1397	# crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1398	$st->incrementCounter();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1399	// Overwrite by reference:
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1400	$state = $st->toString();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1401
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1402	/** @var bool $rekey */
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1403	$rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1404	# if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 \|\|
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1405	# sodium_is_zero(STATE_COUNTER(state),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1406	# crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1407	# crypto_secretstream_xchacha20poly1305_rekey(state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1408	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1409	if ($rekey \|\| $st->needsRekey()) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1410	// DO REKEY
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1411	self::secretstream_xchacha20poly1305_rekey($state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1412	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1413	# if (outlen_p != NULL) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1414	# *outlen_p = crypto_secretstream_xchacha20poly1305_ABYTES + mlen;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1415	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1416	return $out;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1417	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1418
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1419	/**
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1420	* @param string $state
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1421	* @param string $cipher
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1422	* @param string $aad
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1423	* @return bool\|array{0: string, 1: int}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1424	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1425	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1426	public static function secretstream_xchacha20poly1305_pull(&$state, $cipher, $aad = '')
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1427	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1428	$st = ParagonIE_Sodium_Core32_SecretStream_State::fromString($state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1429
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1430	$cipherlen = ParagonIE_Sodium_Core32_Util::strlen($cipher);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1431	# mlen = inlen - crypto_secretstream_xchacha20poly1305_ABYTES;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1432	$msglen = $cipherlen - ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1433	$aadlen = ParagonIE_Sodium_Core32_Util::strlen($aad);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1434
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1435	# if (mlen > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1436	# sodium_misuse();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1437	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1438	if ((($msglen + 63) >> 6) > 0xfffffffe) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1439	throw new SodiumException(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1440	'message cannot be larger than SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes'
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1441	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1442	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1443
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1444	# crypto_stream_chacha20_ietf(block, sizeof block, state->nonce, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1445	# crypto_onetimeauth_poly1305_init(&poly1305_state, block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1446	# sodium_memzero(block, sizeof block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1447	$auth = new ParagonIE_Sodium_Core32_Poly1305_State(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1448	ParagonIE_Sodium_Core32_ChaCha20::ietfStream(32, $st->getCombinedNonce(), $st->getKey())
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1449	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1450
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1451	# crypto_onetimeauth_poly1305_update(&poly1305_state, ad, adlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1452	$auth->update($aad);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1453
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1454	# crypto_onetimeauth_poly1305_update(&poly1305_state, _pad0,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1455	# (0x10 - adlen) & 0xf);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1456	$auth->update(str_repeat("\0", ((0x10 - $aadlen) & 0xf)));
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1457
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1458
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1459	# memset(block, 0, sizeof block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1460	# block[0] = in[0];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1461	# crypto_stream_chacha20_ietf_xor_ic(block, block, sizeof block,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1462	# state->nonce, 1U, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1463	$block = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1464	$cipher[0] . str_repeat("\0", 63),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1465	$st->getCombinedNonce(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1466	$st->getKey(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1467	ParagonIE_Sodium_Core32_Util::store64_le(1)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1468	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1469	# tag = block[0];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1470	# block[0] = in[0];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1471	# crypto_onetimeauth_poly1305_update(&poly1305_state, block, sizeof block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1472	$tag = ParagonIE_Sodium_Core32_Util::chrToInt($block[0]);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1473	$block[0] = $cipher[0];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1474	$auth->update($block);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1475
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1476
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1477	# c = in + (sizeof tag);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1478	# crypto_onetimeauth_poly1305_update(&poly1305_state, c, mlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1479	$auth->update(ParagonIE_Sodium_Core32_Util::substr($cipher, 1, $msglen));
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1480
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1481	# crypto_onetimeauth_poly1305_update
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1482	# (&poly1305_state, _pad0, (0x10 - (sizeof block) + mlen) & 0xf);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1483	$auth->update(str_repeat("\0", ((0x10 - 64 + $msglen) & 0xf)));
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1484
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1485	# STORE64_LE(slen, (uint64_t) adlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1486	# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1487	$slen = ParagonIE_Sodium_Core32_Util::store64_le($aadlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1488	$auth->update($slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1489
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1490	# STORE64_LE(slen, (sizeof block) + mlen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1491	# crypto_onetimeauth_poly1305_update(&poly1305_state, slen, sizeof slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1492	$slen = ParagonIE_Sodium_Core32_Util::store64_le(64 + $msglen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1493	$auth->update($slen);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1494
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1495	# crypto_onetimeauth_poly1305_final(&poly1305_state, mac);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1496	# sodium_memzero(&poly1305_state, sizeof poly1305_state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1497	$mac = $auth->finish();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1498
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1499	# stored_mac = c + mlen;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1500	# if (sodium_memcmp(mac, stored_mac, sizeof mac) != 0) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1501	# sodium_memzero(mac, sizeof mac);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1502	# return -1;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1503	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1504
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1505	$stored = ParagonIE_Sodium_Core32_Util::substr($cipher, $msglen + 1, 16);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1506	if (!ParagonIE_Sodium_Core32_Util::hashEquals($mac, $stored)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1507	return false;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1508	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1509
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1510	# crypto_stream_chacha20_ietf_xor_ic(m, c, mlen, state->nonce, 2U, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1511	$out = ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1512	ParagonIE_Sodium_Core32_Util::substr($cipher, 1, $msglen),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1513	$st->getCombinedNonce(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1514	$st->getKey(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1515	ParagonIE_Sodium_Core32_Util::store64_le(2)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1516	);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1517
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1518	# XOR_BUF(STATE_INONCE(state), mac,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1519	# crypto_secretstream_xchacha20poly1305_INONCEBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1520	$st->xorNonce($mac);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1521
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1522	# sodium_increment(STATE_COUNTER(state),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1523	# crypto_secretstream_xchacha20poly1305_COUNTERBYTES);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1524	$st->incrementCounter();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1525
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1526	# if ((tag & crypto_secretstream_xchacha20poly1305_TAG_REKEY) != 0 \|\|
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1527	# sodium_is_zero(STATE_COUNTER(state),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1528	# crypto_secretstream_xchacha20poly1305_COUNTERBYTES)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1529	# crypto_secretstream_xchacha20poly1305_rekey(state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1530	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1531
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1532	// Overwrite by reference:
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1533	$state = $st->toString();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1534
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1535	/** @var bool $rekey */
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1536	$rekey = ($tag & ParagonIE_Sodium_Compat::CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_REKEY) !== 0;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1537	if ($rekey \|\| $st->needsRekey()) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1538	// DO REKEY
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1539	self::secretstream_xchacha20poly1305_rekey($state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1540	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1541	return array($out, $tag);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1542	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1543
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1544	/**
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1545	* @param string $state
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1546	* @return void
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1547	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1548	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1549	public static function secretstream_xchacha20poly1305_rekey(&$state)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1550	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1551	$st = ParagonIE_Sodium_Core32_SecretStream_State::fromString($state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1552	# unsigned char new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES +
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1553	# crypto_secretstream_xchacha20poly1305_INONCEBYTES];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1554	# size_t i;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1555	# for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1556	# new_key_and_inonce[i] = state->k[i];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1557	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1558	$new_key_and_inonce = $st->getKey();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1559
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1560	# for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1561	# new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i] =
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1562	# STATE_INONCE(state)[i];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1563	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1564	$new_key_and_inonce .= ParagonIE_Sodium_Core32_Util::substR($st->getNonce(), 0, 8);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1565
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1566	# crypto_stream_chacha20_ietf_xor(new_key_and_inonce, new_key_and_inonce,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1567	# sizeof new_key_and_inonce,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1568	# state->nonce, state->k);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1569
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1570	$st->rekey(ParagonIE_Sodium_Core32_ChaCha20::ietfStreamXorIc(
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1571	$new_key_and_inonce,
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1572	$st->getCombinedNonce(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1573	$st->getKey(),
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1574	ParagonIE_Sodium_Core32_Util::store64_le(0)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1575	));
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1576
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1577	# for (i = 0U; i < crypto_stream_chacha20_ietf_KEYBYTES; i++) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1578	# state->k[i] = new_key_and_inonce[i];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1579	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1580	# for (i = 0U; i < crypto_secretstream_xchacha20poly1305_INONCEBYTES; i++) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1581	# STATE_INONCE(state)[i] =
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1582	# new_key_and_inonce[crypto_stream_chacha20_ietf_KEYBYTES + i];
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1583	# }
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1584	# _crypto_secretstream_xchacha20poly1305_counter_reset(state);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1585	$st->counterReset();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1586
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1587	$state = $st->toString();
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1588	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1589
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1590	/**
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1591	* Detached Ed25519 signature.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1592	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1593	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1594	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1595	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1596	* @param string $sk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1597	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1598	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1599	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1600	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1601	public static function sign_detached($message, $sk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1602	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1603	return ParagonIE_Sodium_Core32_Ed25519::sign_detached($message, $sk);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1604	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1605
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1606	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1607	* Attached Ed25519 signature. (Returns a signed message.)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1608	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1609	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1610	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1611	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1612	* @param string $sk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1613	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1614	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1615	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1616	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1617	public static function sign($message, $sk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1618	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1619	return ParagonIE_Sodium_Core32_Ed25519::sign($message, $sk);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1620	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1621
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1622	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1623	* Opens a signed message. If valid, returns the message.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1624	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1625	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1626	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1627	* @param string $signedMessage
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1628	* @param string $pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1629	* @return string
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1630	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1631	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1632	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1633	public static function sign_open($signedMessage, $pk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1634	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1635	return ParagonIE_Sodium_Core32_Ed25519::sign_open($signedMessage, $pk);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1636	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1637
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1638	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1639	* Verify a detached signature of a given message and public key.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1640	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1641	* @internal Do not use this directly. Use ParagonIE_Sodium_Compat.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1642	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1643	* @param string $signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1644	* @param string $message
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1645	* @param string $pk
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1646	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1647	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1648	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1649	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1650	public static function sign_verify_detached($signature, $message, $pk)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1651	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1652	return ParagonIE_Sodium_Core32_Ed25519::verify_detached($signature, $message, $pk);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1653	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1654	}

author	ymh <ymh.work@gmail.com>
	Fri, 05 Sep 2025 18:52:52 +0200
changeset 22	8c2e4d02f4ef
parent 16	a86126ab1dd4
permissions	-rw-r--r--