enmi-conf.org: wp/wp-includes/sodium_compat/src/File.php@8c2e4d02f4ef (annotated)

9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	2
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	3	if (class_exists('ParagonIE_Sodium_File', false)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	4	return;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	5	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	6	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	7	* Class ParagonIE_Sodium_File
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	8	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	9	class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	10	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	11	/* PHP's default buffer size is 8192 for fread()/fwrite(). */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	12	const BUFFER_SIZE = 8192;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	13
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	14	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	15	* Box a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	16	* ParagonIE_Sodium_Compat::crypto_box(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	17	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	18	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	19	* @param string $inputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	20	* @param string $outputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	21	* @param string $nonce Number to be used only once
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	22	* @param string $keyPair ECDH secret key and ECDH public key concatenated
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	23	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	24	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	25	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	26	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	27	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	28	public static function box(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	29	$inputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	30	$outputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	31	$nonce,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	32	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	33	$keyPair
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	34	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	35	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	36	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	37	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	38	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	39	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	40	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	41	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	42	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	43	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	44	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	45
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	46	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	47	if (!is_string($keyPair)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	48	throw new TypeError('Argument 4 must be a string, ' . gettype($keyPair) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	49	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	50	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	51	throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	52	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	53	if (self::strlen($keyPair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	54	throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	55	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	56
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	57	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	58	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	59	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	60	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	61	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	62
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	63	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	64	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	65	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	66	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	67	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	68
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	69	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	70	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	71	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	72	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	73	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	74	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	75
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	76	$res = self::box_encrypt($ifp, $ofp, $size, $nonce, $keyPair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	77	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	78	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	79	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	80	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	81
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	82	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	83	* Open a boxed file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	84	* ParagonIE_Sodium_Compat::crypto_box_open(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	85	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	86	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	87	* Warning: Does not protect against TOCTOU attacks. You should
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	88	* just load the file into memory and use crypto_box_open() if
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	89	* you are worried about those.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	90	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	91	* @param string $inputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	92	* @param string $outputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	93	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	94	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	95	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	96	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	97	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	98	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	99	public static function box_open(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	100	$inputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	101	$outputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	102	$nonce,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	103	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	104	$keypair
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	105	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	106	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	107	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	108	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	109	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	110	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	111	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	112	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	113	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	114	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	115	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	116	if (!is_string($keypair)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	117	throw new TypeError('Argument 4 must be a string, ' . gettype($keypair) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	118	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	119
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	120	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	121	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	122	throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	123	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	124	if (self::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	125	throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	126	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	127
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	128	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	129	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	130	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	131	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	132	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	133
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	134	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	135	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	136	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	137	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	138	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	139
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	140	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	141	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	142	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	143	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	144	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	145	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	146
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	147	$res = self::box_decrypt($ifp, $ofp, $size, $nonce, $keypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	148	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	149	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	150	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	151	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	152	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	153	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	154	if (isset($ephKeypair)) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	155	unset($ephKeypair);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	156	}
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	157	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	158	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	159	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	160
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	161	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	162	* Seal a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	163	* ParagonIE_Sodium_Compat::crypto_box_seal(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	164	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	165	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	166	* @param string $inputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	167	* @param string $outputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	168	* @param string $publicKey ECDH public key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	169	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	170	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	171	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	172	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	173	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	174	public static function box_seal(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	175	$inputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	176	$outputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	177	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	178	$publicKey
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	179	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	180	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	181	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	182	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	183	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	184	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	185	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	186	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	187	if (!is_string($publicKey)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	188	throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	189	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	190
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	191	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	192	if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	193	throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	194	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	195
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	196	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	197	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	198	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	199	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	200	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	201
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	202	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	203	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	204	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	205	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	206	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	207
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	208	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	209	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	210	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	211	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	212	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	213	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	214
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	215	/** @var string $ephKeypair */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	216	$ephKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	217
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	218	/** @var string $msgKeypair */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	219	$msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	220	ParagonIE_Sodium_Compat::crypto_box_secretkey($ephKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	221	$publicKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	222	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	223
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	224	/** @var string $ephemeralPK */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	225	$ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	226
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	227	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	228	$nonce = ParagonIE_Sodium_Compat::crypto_generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	229	$ephemeralPK . $publicKey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	230	'',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	231	24
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	232	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	233
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	234	/** @var int $firstWrite */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	235	$firstWrite = fwrite(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	236	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	237	$ephemeralPK,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	238	ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	239	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	240	if (!is_int($firstWrite)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	241	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	242	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	243	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	244	throw new SodiumException('Could not write to output file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	245	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	246	if ($firstWrite !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	247	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	248	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	249	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	250	throw new SodiumException('Error writing public key to output file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	251	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	252
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	253	$res = self::box_encrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	254	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	255	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	256	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	257	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	258	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	259	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	260	/** @psalm-suppress PossiblyUndefinedVariable */
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	261	unset($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	262	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	263	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	264	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	265
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	266	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	267	* Open a sealed file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	268	* ParagonIE_Sodium_Compat::crypto_box_seal_open(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	269	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	270	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	271	* Warning: Does not protect against TOCTOU attacks. You should
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	272	* just load the file into memory and use crypto_box_seal_open() if
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	273	* you are worried about those.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	274	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	275	* @param string $inputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	276	* @param string $outputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	277	* @param string $ecdhKeypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	278	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	279	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	280	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	281	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	282	public static function box_seal_open(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	283	$inputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	284	$outputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	285	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	286	$ecdhKeypair
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	287	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	288	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	289	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	290	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	291	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	292	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	293	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	294	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	295	if (!is_string($ecdhKeypair)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	296	throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	297	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	298
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	299	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	300	if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	301	throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	302	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	303
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	304	$publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	305
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	306	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	307	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	308	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	309	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	310	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	311
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	312	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	313	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	314	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	315	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	316	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	317
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	318	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	319	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	320	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	321	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	322	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	323	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	324
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	325	$ephemeralPK = fread($ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	326	if (!is_string($ephemeralPK)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	327	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	328	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	329	if (self::strlen($ephemeralPK) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	330	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	331	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	332	throw new SodiumException('Could not read public key from sealed file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	333	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	334
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	335	$nonce = ParagonIE_Sodium_Compat::crypto_generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	336	$ephemeralPK . $publicKey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	337	'',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	338	24
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	339	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	340	$msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	341	ParagonIE_Sodium_Compat::crypto_box_secretkey($ecdhKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	342	$ephemeralPK
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	343	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	344
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	345	$res = self::box_decrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	346	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	347	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	348	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	349	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	350	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	351	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	352	if (isset($ephKeypair)) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	353	unset($ephKeypair);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	354	}
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	355	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	356	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	357	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	358
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	359	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	360	* Calculate the BLAKE2b hash of a file.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	361	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	362	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	363	* @param string\|null $key BLAKE2b key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	364	* @param int $outputLength Length of hash output
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	365	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	366	* @return string BLAKE2b hash
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	367	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	368	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	369	* @psalm-suppress FailedTypeResolution
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	370	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	371	public static function generichash(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	372	$filePath,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	373	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	374	$key = '',
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	375	$outputLength = 32
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	376	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	377	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	378	if (!is_string($filePath)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	379	throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	380	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	381	if (!is_string($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	382	if (is_null($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	383	$key = '';
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	384	} else {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	385	throw new TypeError('Argument 2 must be a string, ' . gettype($key) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	386	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	387	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	388	if (!is_int($outputLength)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	389	if (!is_numeric($outputLength)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	390	throw new TypeError('Argument 3 must be an integer, ' . gettype($outputLength) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	391	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	392	$outputLength = (int) $outputLength;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	393	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	394
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	395	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	396	if (!empty($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	397	if (self::strlen($key) < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	398	throw new TypeError('Argument 2 must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	399	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	400	if (self::strlen($key) > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	401	throw new TypeError('Argument 2 must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	402	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	403	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	404	if ($outputLength < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	405	throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MIN');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	406	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	407	if ($outputLength > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	408	throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	409	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	410
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	411	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	412	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	413	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	414	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	415	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	416
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	417	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	418	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	419	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	420	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	421	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	422	$ctx = ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outputLength);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	423	while ($size > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	424	$blockSize = $size > 64
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	425	? 64
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	426	: $size;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	427	$read = fread($fp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	428	if (!is_string($read)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	429	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	430	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	431	ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $read);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	432	$size -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	433	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	434
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	435	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	436	return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	437	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	438
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	439	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	440	* Encrypt a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	441	* ParagonIE_Sodium_Compat::crypto_secretbox(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	442	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	443	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	444	* @param string $inputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	445	* @param string $outputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	446	* @param string $nonce Number to be used only once
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	447	* @param string $key Encryption key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	448	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	449	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	450	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	451	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	452	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	453	public static function secretbox(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	454	$inputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	455	$outputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	456	$nonce,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	457	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	458	$key
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	459	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	460	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	461	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	462	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	463	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	464	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	465	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	466	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	467	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	468	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	469	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	470
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	471	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	472	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	473	throw new TypeError('Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	474	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	475	if (!is_string($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	476	throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	477	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	478	if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	479	throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	480	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	481
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	482	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	483	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	484	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	485	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	486	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	487
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	488	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	489	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	490	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	491	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	492	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	493
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	494	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	495	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	496	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	497	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	498	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	499	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	500
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	501	$res = self::secretbox_encrypt($ifp, $ofp, $size, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	502	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	503	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	504	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	505	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	506	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	507	* Seal a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	508	* ParagonIE_Sodium_Compat::crypto_secretbox_open(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	509	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	510	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	511	* Warning: Does not protect against TOCTOU attacks. You should
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	512	* just load the file into memory and use crypto_secretbox_open() if
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	513	* you are worried about those.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	514	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	515	* @param string $inputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	516	* @param string $outputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	517	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	518	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	519	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	520	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	521	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	522	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	523	public static function secretbox_open(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	524	$inputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	525	$outputFile,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	526	$nonce,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	527	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	528	$key
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	529	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	530	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	531	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	532	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	533	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	534	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	535	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	536	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	537	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	538	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	539	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	540	if (!is_string($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	541	throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	542	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	543
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	544	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	545	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	546	throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	547	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	548	if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	549	throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	550	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	551
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	552	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	553	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	554	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	555	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	556	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	557
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	558	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	559	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	560	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	561	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	562	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	563
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	564	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	565	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	566	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	567	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	568	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	569	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	570
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	571	$res = self::secretbox_decrypt($ifp, $ofp, $size, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	572	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	573	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	574	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	575	ParagonIE_Sodium_Compat::memzero($key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	576	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	577	/** @psalm-suppress PossiblyUndefinedVariable */
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	578	unset($key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	579	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	580	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	581	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	582
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	583	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	584	* Sign a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	585	* ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	586	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	587	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	588	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	589	* @param string $secretKey Secret signing key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	590	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	591	* @return string Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	592	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	593	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	594	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	595	public static function sign(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	596	$filePath,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	597	#[\SensitiveParameter]
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	598	$secretKey
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	599	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	600	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	601	if (!is_string($filePath)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	602	throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	603	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	604	if (!is_string($secretKey)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	605	throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	606	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	607
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	608	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	609	if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	610	throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	611	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	612	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	613	return self::sign_core32($filePath, $secretKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	614	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	615
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	616	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	617	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	618	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	619	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	620	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	621
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	622	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	623	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	624	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	625	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	626	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	627
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	628	/** @var string $az */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	629	$az = hash('sha512', self::substr($secretKey, 0, 32), true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	630
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	631	$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	632	$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) \| 64);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	633
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	634	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	635	self::hash_update($hs, self::substr($az, 32, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	636	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	637	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	638
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	639	/** @var string $nonceHash */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	640	$nonceHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	641
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	642	/** @var string $pk */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	643	$pk = self::substr($secretKey, 32, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	644
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	645	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	646	$nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	647
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	648	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	649	$sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	650	ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	651	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	652
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	653	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	654	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	655	self::hash_update($hs, self::substr($pk, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	656	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	657	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	658
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	659	/** @var string $hramHash */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	660	$hramHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	661
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	662	/** @var string $hram */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	663	$hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	664
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	665	/** @var string $sigAfter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	666	$sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	667
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	668	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	669	$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	670
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	671	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	672	ParagonIE_Sodium_Compat::memzero($az);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	673	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	674	$az = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	675	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	676	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	677	return $sig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	678	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	679
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	680	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	681	* Verify a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	682	* ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	683	* produces the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	684	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	685	* @param string $sig Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	686	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	687	* @param string $publicKey Signing public key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	688	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	689	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	690	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	691	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	692	* @throws Exception
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	693	*/
22 8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	694	public static function verify(
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	695	$sig,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	696	$filePath,
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	697	$publicKey
8c2e4d02f4ef Update WordPress to latest version (6.7) ymh <ymh.work@gmail.com> parents: 19 diff changeset	698	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	699	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	700	if (!is_string($sig)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	701	throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	702	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	703	if (!is_string($filePath)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	704	throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	705	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	706	if (!is_string($publicKey)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	707	throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	708	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	709
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	710	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	711	if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	712	throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	713	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	714	if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	715	throw new TypeError('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	716	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	717	if (self::strlen($sig) < 64) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	718	throw new SodiumException('Signature is too short');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	719	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	720
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	721	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	722	return self::verify_core32($sig, $filePath, $publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	723	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	724
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	725	/* Security checks */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	726	if (
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	727	(ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	728	&&
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	729	ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	730	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	731	throw new SodiumException('S < L - Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	732	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	733	if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	734	throw new SodiumException('Signature is on too small of an order');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	735	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	736	if ((self::chrToInt($sig[63]) & 224) !== 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	737	throw new SodiumException('Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	738	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	739	$d = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	740	for ($i = 0; $i < 32; ++$i) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	741	$d \|= self::chrToInt($publicKey[$i]);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	742	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	743	if ($d === 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	744	throw new SodiumException('All zero public key');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	745	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	746
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	747	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	748	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	749	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	750	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	751	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	752
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	753	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	754	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	755	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	756	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	757	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	758
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	759	/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	760	$orig = ParagonIE_Sodium_Compat::$fastMult;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	761
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	762	// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	763	ParagonIE_Sodium_Compat::$fastMult = true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	764
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	765	/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	766	$A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	767
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	768	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	769	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	770	self::hash_update($hs, self::substr($publicKey, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	771	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	772	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	773	/** @var string $hDigest */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	774	$hDigest = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	775
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	776	/** @var string $h */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	777	$h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	778
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	779	/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	780	$R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	781	$h,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	782	$A,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	783	self::substr($sig, 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	784	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	785
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	786	/** @var string $rcheck */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	787	$rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes($R);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	788
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	789	// Close the file handle
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	790	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	791
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	792	// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	793	ParagonIE_Sodium_Compat::$fastMult = $orig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	794	return self::verify_32($rcheck, self::substr($sig, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	795	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	796
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	797	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	798	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	799	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	800	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	801	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	802	* @param string $boxKeypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	803	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	804	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	805	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	806	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	807	protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	808	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	809	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	810	return self::secretbox_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	811	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	812	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	813	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	814	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	815	ParagonIE_Sodium_Crypto32::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	816	ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	817	ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	818	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	819	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	820	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	821	return self::secretbox_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	822	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	823	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	824	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	825	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	826	ParagonIE_Sodium_Crypto::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	827	ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	828	ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	829	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	830	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	831	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	832
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	833
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	834	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	835	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	836	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	837	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	838	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	839	* @param string $boxKeypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	840	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	841	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	842	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	843	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	844	protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	845	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	846	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	847	return self::secretbox_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	848	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	849	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	850	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	851	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	852	ParagonIE_Sodium_Crypto32::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	853	ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	854	ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	855	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	856	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	857	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	858	return self::secretbox_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	859	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	860	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	861	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	862	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	863	ParagonIE_Sodium_Crypto::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	864	ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	865	ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	866	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	867	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	868	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	869
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	870	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	871	* Encrypt a file
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	872	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	873	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	874	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	875	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	876	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	877	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	878	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	879	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	880	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	881	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	882	protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	883	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	884	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	885	return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	886	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	887
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	888	$plaintext = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	889	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	890	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	891	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	892	$first32 = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	893
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	894	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	895	$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	896
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	897	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	898	$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	899
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	900	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	901	$block0 = str_repeat("\x00", 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	902
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	903	/** @var int $mlen - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	904	$mlen0 = $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	905	if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	906	$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	907	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	908	$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	909
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	910	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	911	$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	912	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	913	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	914	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	915	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	916
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	917	$state = new ParagonIE_Sodium_Core_Poly1305_State(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	918	ParagonIE_Sodium_Core_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	919	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	920	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	921	ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	922	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	923	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	924
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	925	// Pre-write 16 blank bytes for the Poly1305 tag
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	926	$start = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	927	fwrite($ofp, str_repeat("\x00", 16));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	928
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	929	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	930	$cBlock = ParagonIE_Sodium_Core_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	931	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	932	ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	933	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	934	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	935	fwrite($ofp, $cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	936	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	937
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	938	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	939	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	940
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	941	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	942	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	943
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	944	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	945	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	946	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	947	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	948	fseek($ifp, $first32, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	949
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	950	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	951	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	952	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	953	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	954	$plaintext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	955	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	956	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	957	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	958	$cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	959	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	960	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	961	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	962	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	963	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	964	fwrite($ofp, $cBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	965	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	966
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	967	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	968	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	969	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	970	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	971	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	972	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	973	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	974	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	975	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	976	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	977	$end = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	978
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	979	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	980	* Write the Poly1305 authentication tag that provides integrity
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	981	* over the ciphertext (encrypt-then-MAC)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	982	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	983	fseek($ofp, $start, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	984	fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	985	fseek($ofp, $end, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	986	unset($state);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	987
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	988	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	989	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	990
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	991	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	992	* Decrypt a file
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	993	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	994	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	995	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	996	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	997	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	998	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	999	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1000	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1001	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1002	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1003	protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1004	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1005	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1006	return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1007	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1008	$tag = fread($ifp, 16);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1009	if (!is_string($tag)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1010	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1011	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1012
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1013	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1014	$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1015
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1016	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1017	$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1018
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1019	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1020	$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1021	64,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1022	ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1023	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1024	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1025
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1026	/* Verify the Poly1305 MAC -before- attempting to decrypt! */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1027	$state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1028	if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1029	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1030	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1031
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1032	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1033	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1034	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1035	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1036	$first32 = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1037	if (!is_string($first32)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1038	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1039	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1040	$first32len = self::strlen($first32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1041	fwrite(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1042	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1043	self::xorStrings(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1044	self::substr($block0, 32, $first32len),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1045	self::substr($first32, 0, $first32len)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1046	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1047	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1048	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1049
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1050	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1051	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1052
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1053	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1054	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1055
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1056	/* Decrypts ciphertext, writes to output file. */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1057	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1058	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1059	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1060	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1061	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1062	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1063	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1064	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1065	$pBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1066	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1067	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1068	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1069	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1070	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1071	fwrite($ofp, $pBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1072	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1073	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1074	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1075	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1076	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1077
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1078	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1079	* @param ParagonIE_Sodium_Core_Poly1305_State $state
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1080	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1081	* @param string $tag
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1082	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1083	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1084	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1085	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1086	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1087	protected static function onetimeauth_verify(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1088	ParagonIE_Sodium_Core_Poly1305_State $state,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1089	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1090	$tag = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1091	$mlen = 0
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1092	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1093	/** @var int $pos */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1094	$pos = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1095
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1096	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1097	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1098
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1099	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1100	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1101
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1102	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1103	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1104	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1105	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1106	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1107	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1108	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1109	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1110	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1111	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1112	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1113	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1114	$res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish());
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1115
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1116	fseek($ifp, $pos, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1117	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1118	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1119
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1120	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1121	* Update a hash context with the contents of a file, without
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1122	* loading the entire file into memory.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1123	*
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1124	* @param resource\|HashContext $hash
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1125	* @param resource $fp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1126	* @param int $size
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1127	* @return resource\|object Resource on PHP < 7.2, HashContext object on PHP >= 7.2
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1128	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1129	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1130	* @psalm-suppress PossiblyInvalidArgument
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1131	* PHP 7.2 changes from a resource to an object,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1132	* which causes Psalm to complain about an error.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1133	* @psalm-suppress TypeCoercion
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1134	* Ditto.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1135	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1136	public static function updateHashWithFile($hash, $fp, $size = 0)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1137	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1138	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1139	if (PHP_VERSION_ID < 70200) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1140	if (!is_resource($hash)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1141	throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1142	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1143	} else {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1144	if (!is_object($hash)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1145	throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1146	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1147	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1148
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1149	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1150	throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1151	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1152	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1153	throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1154	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1155
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1156	/** @var int $originalPosition */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1157	$originalPosition = self::ftell($fp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1158
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1159	// Move file pointer to beginning of file
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1160	fseek($fp, 0, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1161	for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1162	/** @var string\|bool $message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1163	$message = fread(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1164	$fp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1165	($size - $i) > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1166	? $size - $i
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1167	: self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1168	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1169	if (!is_string($message)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1170	throw new SodiumException('Unexpected error reading from file.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1171	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1172	/** @var string $message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1173	/** @psalm-suppress InvalidArgument */
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1174	self::hash_update($hash, $message);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1175	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1176	// Reset file pointer's position
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1177	fseek($fp, $originalPosition, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1178	return $hash;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1179	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1180
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1181	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1182	* Sign a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1183	* ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1184	* the same result. (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1185	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1186	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1187	* @param string $secretKey Secret signing key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1188	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1189	* @return string Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1190	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1191	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1192	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1193	private static function sign_core32($filePath, $secretKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1194	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1195	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1196	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1197	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1198	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1199
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1200	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1201	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1202	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1203	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1204
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1205	/** @var string $az */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1206	$az = hash('sha512', self::substr($secretKey, 0, 32), true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1207
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1208	$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1209	$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) \| 64);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1210
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1211	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1212	self::hash_update($hs, self::substr($az, 32, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1213	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1214	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1215
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1216	$nonceHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1217	$pk = self::substr($secretKey, 32, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1218	$nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1219	$sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1220	ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1221	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1222
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1223	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1224	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1225	self::hash_update($hs, self::substr($pk, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1226	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1227	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1228
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1229	$hramHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1230
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1231	$hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1232
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1233	$sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1234
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1235	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1236	$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1237
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1238	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1239	ParagonIE_Sodium_Compat::memzero($az);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1240	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1241	$az = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1242	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1243	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1244	return $sig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1245	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1246
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1247	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1248	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1249	* Verify a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1250	* ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1251	* produces the same result. (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1252	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1253	* @param string $sig Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1254	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1255	* @param string $publicKey Signing public key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1256	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1257	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1258	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1259	* @throws Exception
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1260	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1261	public static function verify_core32($sig, $filePath, $publicKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1262	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1263	/* Security checks */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1264	if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1265	throw new SodiumException('S < L - Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1266	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1267	if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1268	throw new SodiumException('Signature is on too small of an order');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1269	}
19 3d72ae0968f4 upgrade wordpress to 6.0.2 ymh <ymh.work@gmail.com> parents: 18 diff changeset	1270
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1271	if ((self::chrToInt($sig[63]) & 224) !== 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1272	throw new SodiumException('Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1273	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1274	$d = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1275	for ($i = 0; $i < 32; ++$i) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1276	$d \|= self::chrToInt($publicKey[$i]);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1277	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1278	if ($d === 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1279	throw new SodiumException('All zero public key');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1280	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1281
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1282	/** @var int\|bool $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1283	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1284	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1285	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1286	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1287	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1288
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1289	/** @var resource\|bool $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1290	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1291	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1292	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1293	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1294	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1295
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1296	/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1297	$orig = ParagonIE_Sodium_Compat::$fastMult;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1298
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1299	// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1300	ParagonIE_Sodium_Compat::$fastMult = true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1301
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1302	/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1303	$A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1304
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1305	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1306	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1307	self::hash_update($hs, self::substr($publicKey, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1308	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1309	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1310	/** @var string $hDigest */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1311	$hDigest = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1312
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1313	/** @var string $h */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1314	$h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1315
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1316	/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1317	$R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1318	$h,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1319	$A,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1320	self::substr($sig, 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1321	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1322
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1323	/** @var string $rcheck */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1324	$rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1325
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1326	// Close the file handle
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1327	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1328
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1329	// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1330	ParagonIE_Sodium_Compat::$fastMult = $orig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1331	return self::verify_32($rcheck, self::substr($sig, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1332	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1333
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1334	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1335	* Encrypt a file (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1336	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1337	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1338	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1339	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1340	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1341	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1342	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1343	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1344	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1345	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1346	protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1347	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1348	$plaintext = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1349	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1350	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1351	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1352	$first32 = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1353
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1354	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1355	$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1356
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1357	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1358	$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1359
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1360	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1361	$block0 = str_repeat("\x00", 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1362
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1363	/** @var int $mlen - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1364	$mlen0 = $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1365	if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1366	$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1367	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1368	$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1369
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1370	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1371	$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1372	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1373	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1374	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1375	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1376
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1377	$state = new ParagonIE_Sodium_Core32_Poly1305_State(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1378	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1379	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1380	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1381	ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1382	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1383	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1384
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1385	// Pre-write 16 blank bytes for the Poly1305 tag
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1386	$start = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1387	fwrite($ofp, str_repeat("\x00", 16));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1388
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1389	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1390	$cBlock = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1391	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1392	ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1393	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1394	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1395	fwrite($ofp, $cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1396	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1397
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1398	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1399	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1400
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1401	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1402	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1403
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1404	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1405	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1406	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1407	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1408	fseek($ifp, $first32, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1409
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1410	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1411	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1412	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1413	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1414	$plaintext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1415	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1416	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1417	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1418	$cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1419	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1420	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1421	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1422	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1423	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1424	fwrite($ofp, $cBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1425	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1426
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1427	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1428	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1429	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1430	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1431	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1432	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1433	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1434	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1435	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1436	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1437	$end = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1438
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1439	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1440	* Write the Poly1305 authentication tag that provides integrity
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1441	* over the ciphertext (encrypt-then-MAC)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1442	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1443	fseek($ofp, $start, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1444	fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1445	fseek($ofp, $end, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1446	unset($state);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1447
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1448	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1449	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1450
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1451	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1452	* Decrypt a file (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1453	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1454	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1455	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1456	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1457	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1458	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1459	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1460	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1461	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1462	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1463	protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1464	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1465	$tag = fread($ifp, 16);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1466	if (!is_string($tag)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1467	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1468	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1469
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1470	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1471	$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1472
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1473	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1474	$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1475
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1476	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1477	$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1478	64,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1479	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1480	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1481	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1482
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1483	/* Verify the Poly1305 MAC -before- attempting to decrypt! */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1484	$state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1485	if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1486	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1487	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1488
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1489	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1490	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1491	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1492	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1493	$first32 = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1494	if (!is_string($first32)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1495	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1496	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1497	$first32len = self::strlen($first32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1498	fwrite(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1499	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1500	self::xorStrings(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1501	self::substr($block0, 32, $first32len),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1502	self::substr($first32, 0, $first32len)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1503	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1504	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1505	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1506
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1507	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1508	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1509
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1510	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1511	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1512
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1513	/* Decrypts ciphertext, writes to output file. */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1514	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1515	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1516	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1517	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1518	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1519	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1520	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1521	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1522	$pBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1523	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1524	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1525	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1526	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1527	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1528	fwrite($ofp, $pBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1529	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1530	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1531	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1532	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1533	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1534
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1535	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1536	* One-time message authentication for 32-bit systems
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1537	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1538	* @param ParagonIE_Sodium_Core32_Poly1305_State $state
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1539	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1540	* @param string $tag
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1541	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1542	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1543	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1544	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1545	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1546	protected static function onetimeauth_verify_core32(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1547	ParagonIE_Sodium_Core32_Poly1305_State $state,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1548	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1549	$tag = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1550	$mlen = 0
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1551	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1552	/** @var int $pos */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1553	$pos = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1554
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1555	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1556	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1557	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1558	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1559	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1560	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1561	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1562	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1563	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1564	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1565	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1566	$res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish());
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1567
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1568	fseek($ifp, $pos, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1569	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1570	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1571
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1572	/**
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1573	* @param resource $resource
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1574	* @return int
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1575	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1576	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1577	private static function ftell($resource)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1578	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1579	$return = ftell($resource);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1580	if (!is_int($return)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1581	throw new SodiumException('ftell() returned false');
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1582	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1583	return (int) $return;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1584	}
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1585	}

author	ymh <ymh.work@gmail.com>
	Fri, 05 Sep 2025 18:52:52 +0200
changeset 22	8c2e4d02f4ef
parent 19	3d72ae0968f4
permissions	-rw-r--r--