enmi-conf.org: wp/wp-includes/sodium_compat/src/File.php@be944660c56a (annotated)

9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	2
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	3	if (class_exists('ParagonIE_Sodium_File', false)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	4	return;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	5	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	6	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	7	* Class ParagonIE_Sodium_File
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	8	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	9	class ParagonIE_Sodium_File extends ParagonIE_Sodium_Core_Util
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	10	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	11	/* PHP's default buffer size is 8192 for fread()/fwrite(). */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	12	const BUFFER_SIZE = 8192;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	13
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	14	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	15	* Box a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	16	* ParagonIE_Sodium_Compat::crypto_box(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	17	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	18	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	19	* @param string $inputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	20	* @param string $outputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	21	* @param string $nonce Number to be used only once
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	22	* @param string $keyPair ECDH secret key and ECDH public key concatenated
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	23	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	24	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	25	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	26	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	27	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	28	public static function box($inputFile, $outputFile, $nonce, $keyPair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	29	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	30	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	31	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	32	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	33	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	34	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	35	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	36	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	37	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	38	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	39	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	40
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	41	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	42	if (!is_string($keyPair)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	43	throw new TypeError('Argument 4 must be a string, ' . gettype($keyPair) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	44	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	45	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	46	throw new TypeError('Argument 3 must be CRYPTO_BOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	47	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	48	if (self::strlen($keyPair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	49	throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	50	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	51
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	52	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	53	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	54	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	55	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	56	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	57
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	58	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	59	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	60	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	61	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	62	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	63
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	64	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	65	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	66	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	67	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	68	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	69	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	70
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	71	$res = self::box_encrypt($ifp, $ofp, $size, $nonce, $keyPair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	72	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	73	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	74	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	75	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	76
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	77	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	78	* Open a boxed file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	79	* ParagonIE_Sodium_Compat::crypto_box_open(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	80	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	81	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	82	* Warning: Does not protect against TOCTOU attacks. You should
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	83	* just load the file into memory and use crypto_box_open() if
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	84	* you are worried about those.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	85	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	86	* @param string $inputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	87	* @param string $outputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	88	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	89	* @param string $keypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	90	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	91	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	92	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	93	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	94	public static function box_open($inputFile, $outputFile, $nonce, $keypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	95	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	96	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	97	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	98	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	99	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	100	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	101	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	102	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	103	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	104	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	105	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	106	if (!is_string($keypair)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	107	throw new TypeError('Argument 4 must be a string, ' . gettype($keypair) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	108	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	109
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	110	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	111	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	112	throw new TypeError('Argument 4 must be CRYPTO_BOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	113	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	114	if (self::strlen($keypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	115	throw new TypeError('Argument 4 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	116	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	117
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	118	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	119	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	120	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	121	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	122	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	123
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	124	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	125	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	126	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	127	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	128	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	129
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	130	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	131	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	132	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	133	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	134	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	135	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	136
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	137	$res = self::box_decrypt($ifp, $ofp, $size, $nonce, $keypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	138	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	139	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	140	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	141	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	142	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	143	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	144	if (isset($ephKeypair)) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	145	unset($ephKeypair);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	146	}
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	147	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	148	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	149	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	150
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	151	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	152	* Seal a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	153	* ParagonIE_Sodium_Compat::crypto_box_seal(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	154	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	155	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	156	* @param string $inputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	157	* @param string $outputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	158	* @param string $publicKey ECDH public key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	159	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	160	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	161	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	162	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	163	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	164	public static function box_seal($inputFile, $outputFile, $publicKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	165	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	166	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	167	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	168	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	169	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	170	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	171	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	172	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	173	if (!is_string($publicKey)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	174	throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	175	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	176
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	177	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	178	if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	179	throw new TypeError('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	180	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	181
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	182	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	183	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	184	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	185	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	186	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	187
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	188	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	189	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	190	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	191	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	192	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	193
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	194	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	195	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	196	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	197	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	198	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	199	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	200
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	201	/** @var string $ephKeypair */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	202	$ephKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair();
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	203
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	204	/** @var string $msgKeypair */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	205	$msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	206	ParagonIE_Sodium_Compat::crypto_box_secretkey($ephKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	207	$publicKey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	208	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	209
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	210	/** @var string $ephemeralPK */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	211	$ephemeralPK = ParagonIE_Sodium_Compat::crypto_box_publickey($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	212
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	213	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	214	$nonce = ParagonIE_Sodium_Compat::crypto_generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	215	$ephemeralPK . $publicKey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	216	'',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	217	24
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	218	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	219
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	220	/** @var int $firstWrite */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	221	$firstWrite = fwrite(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	222	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	223	$ephemeralPK,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	224	ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	225	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	226	if (!is_int($firstWrite)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	227	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	228	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	229	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	230	throw new SodiumException('Could not write to output file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	231	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	232	if ($firstWrite !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	233	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	234	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	235	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	236	throw new SodiumException('Error writing public key to output file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	237	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	238
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	239	$res = self::box_encrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	240	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	241	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	242	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	243	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	244	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	245	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	246	/** @psalm-suppress PossiblyUndefinedVariable */
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	247	unset($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	248	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	249	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	250	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	251
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	252	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	253	* Open a sealed file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	254	* ParagonIE_Sodium_Compat::crypto_box_seal_open(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	255	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	256	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	257	* Warning: Does not protect against TOCTOU attacks. You should
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	258	* just load the file into memory and use crypto_box_seal_open() if
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	259	* you are worried about those.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	260	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	261	* @param string $inputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	262	* @param string $outputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	263	* @param string $ecdhKeypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	264	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	265	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	266	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	267	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	268	public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	269	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	270	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	271	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	272	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	273	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	274	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	275	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	276	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	277	if (!is_string($ecdhKeypair)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	278	throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	279	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	280
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	281	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	282	if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	283	throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	284	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	285
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	286	$publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	287
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	288	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	289	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	290	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	291	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	292	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	293
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	294	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	295	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	296	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	297	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	298	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	299
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	300	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	301	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	302	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	303	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	304	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	305	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	306
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	307	$ephemeralPK = fread($ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	308	if (!is_string($ephemeralPK)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	309	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	310	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	311	if (self::strlen($ephemeralPK) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	312	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	313	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	314	throw new SodiumException('Could not read public key from sealed file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	315	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	316
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	317	$nonce = ParagonIE_Sodium_Compat::crypto_generichash(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	318	$ephemeralPK . $publicKey,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	319	'',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	320	24
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	321	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	322	$msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	323	ParagonIE_Sodium_Compat::crypto_box_secretkey($ecdhKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	324	$ephemeralPK
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	325	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	326
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	327	$res = self::box_decrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	328	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	329	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	330	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	331	ParagonIE_Sodium_Compat::memzero($nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	332	ParagonIE_Sodium_Compat::memzero($ephKeypair);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	333	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	334	if (isset($ephKeypair)) {
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	335	unset($ephKeypair);
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	336	}
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	337	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	338	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	339	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	340
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	341	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	342	* Calculate the BLAKE2b hash of a file.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	343	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	344	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	345	* @param string\|null $key BLAKE2b key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	346	* @param int $outputLength Length of hash output
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	347	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	348	* @return string BLAKE2b hash
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	349	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	350	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	351	* @psalm-suppress FailedTypeResolution
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	352	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	353	public static function generichash($filePath, $key = '', $outputLength = 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	354	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	355	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	356	if (!is_string($filePath)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	357	throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	358	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	359	if (!is_string($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	360	if (is_null($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	361	$key = '';
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	362	} else {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	363	throw new TypeError('Argument 2 must be a string, ' . gettype($key) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	364	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	365	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	366	if (!is_int($outputLength)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	367	if (!is_numeric($outputLength)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	368	throw new TypeError('Argument 3 must be an integer, ' . gettype($outputLength) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	369	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	370	$outputLength = (int) $outputLength;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	371	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	372
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	373	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	374	if (!empty($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	375	if (self::strlen($key) < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MIN) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	376	throw new TypeError('Argument 2 must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	377	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	378	if (self::strlen($key) > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_KEYBYTES_MAX) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	379	throw new TypeError('Argument 2 must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	380	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	381	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	382	if ($outputLength < ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MIN) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	383	throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MIN');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	384	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	385	if ($outputLength > ParagonIE_Sodium_Compat::CRYPTO_GENERICHASH_BYTES_MAX) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	386	throw new SodiumException('Argument 3 must be at least CRYPTO_GENERICHASH_BYTES_MAX');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	387	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	388
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	389	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	390	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	391	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	392	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	393	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	394
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	395	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	396	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	397	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	398	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	399	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	400	$ctx = ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outputLength);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	401	while ($size > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	402	$blockSize = $size > 64
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	403	? 64
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	404	: $size;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	405	$read = fread($fp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	406	if (!is_string($read)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	407	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	408	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	409	ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $read);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	410	$size -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	411	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	412
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	413	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	414	return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	415	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	416
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	417	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	418	* Encrypt a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	419	* ParagonIE_Sodium_Compat::crypto_secretbox(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	420	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	421	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	422	* @param string $inputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	423	* @param string $outputFile Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	424	* @param string $nonce Number to be used only once
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	425	* @param string $key Encryption key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	426	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	427	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	428	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	429	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	430	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	431	public static function secretbox($inputFile, $outputFile, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	432	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	433	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	434	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	435	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given..');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	436	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	437	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	438	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	439	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	440	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	441	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	442	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	443
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	444	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	445	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	446	throw new TypeError('Argument 3 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	447	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	448	if (!is_string($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	449	throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	450	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	451	if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	452	throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_KEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	453	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	454
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	455	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	456	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	457	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	458	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	459	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	460
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	461	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	462	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	463	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	464	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	465	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	466
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	467	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	468	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	469	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	470	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	471	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	472	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	473
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	474	$res = self::secretbox_encrypt($ifp, $ofp, $size, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	475	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	476	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	477	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	478	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	479	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	480	* Seal a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	481	* ParagonIE_Sodium_Compat::crypto_secretbox_open(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	482	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	483	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	484	* Warning: Does not protect against TOCTOU attacks. You should
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	485	* just load the file into memory and use crypto_secretbox_open() if
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	486	* you are worried about those.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	487	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	488	* @param string $inputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	489	* @param string $outputFile
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	490	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	491	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	492	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	493	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	494	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	495	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	496	public static function secretbox_open($inputFile, $outputFile, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	497	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	498	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	499	if (!is_string($inputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	500	throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	501	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	502	if (!is_string($outputFile)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	503	throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	504	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	505	if (!is_string($nonce)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	506	throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	507	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	508	if (!is_string($key)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	509	throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	510	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	511
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	512	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	513	if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	514	throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	515	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	516	if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	517	throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	518	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	519
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	520	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	521	$size = filesize($inputFile);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	522	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	523	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	524	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	525
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	526	/** @var resource $ifp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	527	$ifp = fopen($inputFile, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	528	if (!is_resource($ifp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	529	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	530	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	531
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	532	/** @var resource $ofp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	533	$ofp = fopen($outputFile, 'wb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	534	if (!is_resource($ofp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	535	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	536	throw new SodiumException('Could not open output file for writing');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	537	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	538
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	539	$res = self::secretbox_decrypt($ifp, $ofp, $size, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	540	fclose($ifp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	541	fclose($ofp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	542	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	543	ParagonIE_Sodium_Compat::memzero($key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	544	} catch (SodiumException $ex) {
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	545	/** @psalm-suppress PossiblyUndefinedVariable */
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	546	unset($key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	547	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	548	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	549	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	550
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	551	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	552	* Sign a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	553	* ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	554	* the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	555	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	556	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	557	* @param string $secretKey Secret signing key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	558	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	559	* @return string Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	560	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	561	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	562	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	563	public static function sign($filePath, $secretKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	564	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	565	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	566	if (!is_string($filePath)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	567	throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	568	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	569	if (!is_string($secretKey)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	570	throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	571	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	572
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	573	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	574	if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	575	throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	576	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	577	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	578	return self::sign_core32($filePath, $secretKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	579	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	580
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	581	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	582	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	583	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	584	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	585	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	586
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	587	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	588	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	589	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	590	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	591	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	592
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	593	/** @var string $az */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	594	$az = hash('sha512', self::substr($secretKey, 0, 32), true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	595
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	596	$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	597	$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) \| 64);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	598
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	599	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	600	self::hash_update($hs, self::substr($az, 32, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	601	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	602	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	603
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	604	/** @var string $nonceHash */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	605	$nonceHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	606
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	607	/** @var string $pk */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	608	$pk = self::substr($secretKey, 32, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	609
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	610	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	611	$nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	612
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	613	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	614	$sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	615	ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	616	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	617
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	618	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	619	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	620	self::hash_update($hs, self::substr($pk, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	621	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	622	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	623
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	624	/** @var string $hramHash */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	625	$hramHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	626
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	627	/** @var string $hram */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	628	$hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	629
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	630	/** @var string $sigAfter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	631	$sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	632
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	633	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	634	$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	635
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	636	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	637	ParagonIE_Sodium_Compat::memzero($az);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	638	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	639	$az = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	640	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	641	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	642	return $sig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	643	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	644
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	645	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	646	* Verify a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	647	* ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	648	* produces the same result.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	649	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	650	* @param string $sig Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	651	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	652	* @param string $publicKey Signing public key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	653	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	654	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	655	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	656	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	657	* @throws Exception
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	658	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	659	public static function verify($sig, $filePath, $publicKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	660	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	661	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	662	if (!is_string($sig)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	663	throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	664	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	665	if (!is_string($filePath)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	666	throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	667	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	668	if (!is_string($publicKey)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	669	throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	670	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	671
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	672	/* Input validation: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	673	if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	674	throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	675	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	676	if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	677	throw new TypeError('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	678	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	679	if (self::strlen($sig) < 64) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	680	throw new SodiumException('Signature is too short');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	681	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	682
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	683	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	684	return self::verify_core32($sig, $filePath, $publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	685	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	686
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	687	/* Security checks */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	688	if (
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	689	(ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	690	&&
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	691	ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	692	) {
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	693	throw new SodiumException('S < L - Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	694	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	695	if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	696	throw new SodiumException('Signature is on too small of an order');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	697	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	698	if ((self::chrToInt($sig[63]) & 224) !== 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	699	throw new SodiumException('Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	700	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	701	$d = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	702	for ($i = 0; $i < 32; ++$i) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	703	$d \|= self::chrToInt($publicKey[$i]);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	704	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	705	if ($d === 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	706	throw new SodiumException('All zero public key');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	707	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	708
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	709	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	710	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	711	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	712	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	713	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	714
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	715	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	716	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	717	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	718	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	719	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	720
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	721	/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	722	$orig = ParagonIE_Sodium_Compat::$fastMult;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	723
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	724	// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	725	ParagonIE_Sodium_Compat::$fastMult = true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	726
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	727	/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	728	$A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	729
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	730	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	731	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	732	self::hash_update($hs, self::substr($publicKey, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	733	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	734	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	735	/** @var string $hDigest */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	736	$hDigest = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	737
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	738	/** @var string $h */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	739	$h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	740
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	741	/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	742	$R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	743	$h,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	744	$A,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	745	self::substr($sig, 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	746	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	747
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	748	/** @var string $rcheck */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	749	$rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes($R);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	750
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	751	// Close the file handle
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	752	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	753
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	754	// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	755	ParagonIE_Sodium_Compat::$fastMult = $orig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	756	return self::verify_32($rcheck, self::substr($sig, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	757	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	758
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	759	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	760	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	761	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	762	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	763	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	764	* @param string $boxKeypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	765	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	766	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	767	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	768	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	769	protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	770	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	771	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	772	return self::secretbox_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	773	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	774	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	775	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	776	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	777	ParagonIE_Sodium_Crypto32::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	778	ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	779	ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	780	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	781	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	782	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	783	return self::secretbox_encrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	784	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	785	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	786	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	787	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	788	ParagonIE_Sodium_Crypto::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	789	ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	790	ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	791	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	792	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	793	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	794
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	795
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	796	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	797	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	798	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	799	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	800	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	801	* @param string $boxKeypair
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	802	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	803	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	804	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	805	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	806	protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	807	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	808	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	809	return self::secretbox_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	810	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	811	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	812	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	813	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	814	ParagonIE_Sodium_Crypto32::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	815	ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	816	ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	817	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	818	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	819	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	820	return self::secretbox_decrypt(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	821	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	822	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	823	$mlen,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	824	$nonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	825	ParagonIE_Sodium_Crypto::box_beforenm(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	826	ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	827	ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	828	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	829	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	830	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	831
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	832	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	833	* Encrypt a file
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	834	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	835	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	836	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	837	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	838	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	839	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	840	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	841	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	842	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	843	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	844	protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	845	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	846	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	847	return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	848	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	849
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	850	$plaintext = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	851	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	852	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	853	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	854	$first32 = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	855
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	856	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	857	$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	858
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	859	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	860	$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	861
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	862	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	863	$block0 = str_repeat("\x00", 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	864
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	865	/** @var int $mlen - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	866	$mlen0 = $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	867	if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	868	$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	869	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	870	$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	871
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	872	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	873	$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	874	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	875	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	876	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	877	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	878
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	879	$state = new ParagonIE_Sodium_Core_Poly1305_State(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	880	ParagonIE_Sodium_Core_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	881	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	882	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	883	ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	884	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	885	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	886
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	887	// Pre-write 16 blank bytes for the Poly1305 tag
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	888	$start = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	889	fwrite($ofp, str_repeat("\x00", 16));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	890
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	891	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	892	$cBlock = ParagonIE_Sodium_Core_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	893	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	894	ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	895	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	896	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	897	fwrite($ofp, $cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	898	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	899
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	900	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	901	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	902
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	903	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	904	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	905
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	906	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	907	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	908	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	909	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	910	fseek($ifp, $first32, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	911
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	912	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	913	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	914	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	915	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	916	$plaintext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	917	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	918	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	919	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	920	$cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	921	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	922	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	923	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	924	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	925	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	926	fwrite($ofp, $cBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	927	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	928
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	929	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	930	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	931	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	932	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	933	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	934	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	935	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	936	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	937	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	938	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	939	$end = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	940
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	941	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	942	* Write the Poly1305 authentication tag that provides integrity
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	943	* over the ciphertext (encrypt-then-MAC)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	944	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	945	fseek($ofp, $start, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	946	fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	947	fseek($ofp, $end, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	948	unset($state);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	949
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	950	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	951	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	952
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	953	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	954	* Decrypt a file
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	955	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	956	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	957	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	958	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	959	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	960	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	961	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	962	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	963	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	964	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	965	protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	966	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	967	if (PHP_INT_SIZE === 4) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	968	return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	969	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	970	$tag = fread($ifp, 16);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	971	if (!is_string($tag)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	972	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	973	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	974
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	975	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	976	$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	977
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	978	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	979	$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	980
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	981	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	982	$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	983	64,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	984	ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	985	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	986	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	987
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	988	/* Verify the Poly1305 MAC -before- attempting to decrypt! */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	989	$state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	990	if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	991	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	992	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	993
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	994	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	995	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	996	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	997	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	998	$first32 = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	999	if (!is_string($first32)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1000	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1001	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1002	$first32len = self::strlen($first32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1003	fwrite(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1004	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1005	self::xorStrings(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1006	self::substr($block0, 32, $first32len),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1007	self::substr($first32, 0, $first32len)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1008	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1009	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1010	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1011
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1012	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1013	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1014
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1015	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1016	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1017
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1018	/* Decrypts ciphertext, writes to output file. */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1019	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1020	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1021	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1022	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1023	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1024	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1025	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1026	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1027	$pBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1028	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1029	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1030	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1031	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1032	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1033	fwrite($ofp, $pBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1034	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1035	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1036	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1037	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1038	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1039
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1040	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1041	* @param ParagonIE_Sodium_Core_Poly1305_State $state
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1042	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1043	* @param string $tag
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1044	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1045	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1046	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1047	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1048	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1049	protected static function onetimeauth_verify(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1050	ParagonIE_Sodium_Core_Poly1305_State $state,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1051	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1052	$tag = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1053	$mlen = 0
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1054	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1055	/** @var int $pos */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1056	$pos = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1057
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1058	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1059	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1060
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1061	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1062	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1063
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1064	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1065	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1066	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1067	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1068	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1069	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1070	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1071	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1072	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1073	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1074	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1075	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1076	$res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish());
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1077
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1078	fseek($ifp, $pos, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1079	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1080	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1081
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1082	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1083	* Update a hash context with the contents of a file, without
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1084	* loading the entire file into memory.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1085	*
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1086	* @param resource\|HashContext $hash
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1087	* @param resource $fp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1088	* @param int $size
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1089	* @return resource\|object Resource on PHP < 7.2, HashContext object on PHP >= 7.2
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1090	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1091	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1092	* @psalm-suppress PossiblyInvalidArgument
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1093	* PHP 7.2 changes from a resource to an object,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1094	* which causes Psalm to complain about an error.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1095	* @psalm-suppress TypeCoercion
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1096	* Ditto.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1097	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1098	public static function updateHashWithFile($hash, $fp, $size = 0)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1099	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1100	/* Type checks: */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1101	if (PHP_VERSION_ID < 70200) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1102	if (!is_resource($hash)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1103	throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1104	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1105	} else {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1106	if (!is_object($hash)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1107	throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1108	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1109	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1110
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1111	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1112	throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1113	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1114	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1115	throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1116	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1117
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1118	/** @var int $originalPosition */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1119	$originalPosition = self::ftell($fp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1120
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1121	// Move file pointer to beginning of file
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1122	fseek($fp, 0, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1123	for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1124	/** @var string\|bool $message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1125	$message = fread(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1126	$fp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1127	($size - $i) > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1128	? $size - $i
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1129	: self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1130	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1131	if (!is_string($message)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1132	throw new SodiumException('Unexpected error reading from file.');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1133	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1134	/** @var string $message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1135	/** @psalm-suppress InvalidArgument */
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1136	self::hash_update($hash, $message);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1137	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1138	// Reset file pointer's position
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1139	fseek($fp, $originalPosition, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1140	return $hash;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1141	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1142
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1143	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1144	* Sign a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1145	* ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1146	* the same result. (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1147	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1148	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1149	* @param string $secretKey Secret signing key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1150	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1151	* @return string Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1152	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1153	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1154	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1155	private static function sign_core32($filePath, $secretKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1156	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1157	/** @var int\|bool $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1158	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1159	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1160	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1161	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1162	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1163
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1164	/** @var resource\|bool $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1165	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1166	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1167	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1168	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1169	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1170
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1171	/** @var string $az */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1172	$az = hash('sha512', self::substr($secretKey, 0, 32), true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1173
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1174	$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1175	$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) \| 64);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1176
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1177	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1178	self::hash_update($hs, self::substr($az, 32, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1179	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1180	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1181
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1182	/** @var string $nonceHash */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1183	$nonceHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1184
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1185	/** @var string $pk */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1186	$pk = self::substr($secretKey, 32, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1187
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1188	/** @var string $nonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1189	$nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1190
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1191	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1192	$sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1193	ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1194	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1195
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1196	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1197	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1198	self::hash_update($hs, self::substr($pk, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1199	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1200	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1201
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1202	/** @var string $hramHash */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1203	$hramHash = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1204
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1205	/** @var string $hram */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1206	$hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1207
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1208	/** @var string $sigAfter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1209	$sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1210
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1211	/** @var string $sig */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1212	$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1213
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1214	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1215	ParagonIE_Sodium_Compat::memzero($az);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1216	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1217	$az = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1218	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1219	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1220	return $sig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1221	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1222
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1223	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1224	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1225	* Verify a file (rather than a string). Uses less memory than
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1226	* ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1227	* produces the same result. (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1228	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1229	* @param string $sig Ed25519 signature
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1230	* @param string $filePath Absolute path to a file on the filesystem
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1231	* @param string $publicKey Signing public key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1232	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1233	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1234	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1235	* @throws Exception
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1236	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1237	public static function verify_core32($sig, $filePath, $publicKey)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1238	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1239	/* Security checks */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1240	if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1241	throw new SodiumException('S < L - Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1242	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1243	if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1244	throw new SodiumException('Signature is on too small of an order');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1245	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1246	if ((self::chrToInt($sig[63]) & 224) !== 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1247	throw new SodiumException('Invalid signature');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1248	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1249	$d = 0;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1250	for ($i = 0; $i < 32; ++$i) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1251	$d \|= self::chrToInt($publicKey[$i]);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1252	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1253	if ($d === 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1254	throw new SodiumException('All zero public key');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1255	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1256
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1257	/** @var int\|bool $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1258	$size = filesize($filePath);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1259	if (!is_int($size)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1260	throw new SodiumException('Could not obtain the file size');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1261	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1262	/** @var int $size */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1263
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1264	/** @var resource\|bool $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1265	$fp = fopen($filePath, 'rb');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1266	if (!is_resource($fp)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1267	throw new SodiumException('Could not open input file for reading');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1268	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1269	/** @var resource $fp */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1270
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1271	/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1272	$orig = ParagonIE_Sodium_Compat::$fastMult;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1273
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1274	// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1275	ParagonIE_Sodium_Compat::$fastMult = true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1276
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1277	/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1278	$A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1279
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1280	$hs = hash_init('sha512');
18 be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1281	self::hash_update($hs, self::substr($sig, 0, 32));
be944660c56a Site enmi version 09/2022 ymh <ymh.work@gmail.com> parents: 16 diff changeset	1282	self::hash_update($hs, self::substr($publicKey, 0, 32));
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1283	/** @var resource $hs */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1284	$hs = self::updateHashWithFile($hs, $fp, $size);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1285	/** @var string $hDigest */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1286	$hDigest = hash_final($hs, true);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1287
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1288	/** @var string $h */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1289	$h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1290
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1291	/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1292	$R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1293	$h,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1294	$A,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1295	self::substr($sig, 32)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1296	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1297
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1298	/** @var string $rcheck */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1299	$rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1300
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1301	// Close the file handle
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1302	fclose($fp);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1303
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1304	// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1305	ParagonIE_Sodium_Compat::$fastMult = $orig;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1306	return self::verify_32($rcheck, self::substr($sig, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1307	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1308
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1309	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1310	* Encrypt a file (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1311	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1312	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1313	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1314	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1315	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1316	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1317	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1318	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1319	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1320	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1321	protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1322	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1323	$plaintext = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1324	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1325	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1326	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1327	$first32 = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1328
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1329	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1330	$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1331
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1332	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1333	$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1334
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1335	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1336	$block0 = str_repeat("\x00", 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1337
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1338	/** @var int $mlen - Length of the plaintext message */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1339	$mlen0 = $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1340	if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1341	$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1342	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1343	$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1344
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1345	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1346	$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1347	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1348	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1349	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1350	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1351
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1352	$state = new ParagonIE_Sodium_Core32_Poly1305_State(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1353	ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1354	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1355	0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1356	ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1357	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1358	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1359
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1360	// Pre-write 16 blank bytes for the Poly1305 tag
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1361	$start = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1362	fwrite($ofp, str_repeat("\x00", 16));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1363
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1364	/** @var string $c */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1365	$cBlock = ParagonIE_Sodium_Core32_Util::substr(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1366	$block0,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1367	ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1368	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1369	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1370	fwrite($ofp, $cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1371	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1372
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1373	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1374	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1375
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1376	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1377	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1378
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1379	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1380	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1381	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1382	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1383	fseek($ifp, $first32, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1384
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1385	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1386	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1387	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1388	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1389	$plaintext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1390	if (!is_string($plaintext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1391	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1392	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1393	$cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1394	$plaintext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1395	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1396	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1397	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1398	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1399	fwrite($ofp, $cBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1400	$state->update($cBlock);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1401
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1402	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1403	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1404	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1405	try {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1406	ParagonIE_Sodium_Compat::memzero($block0);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1407	ParagonIE_Sodium_Compat::memzero($subkey);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1408	} catch (SodiumException $ex) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1409	$block0 = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1410	$subkey = null;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1411	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1412	$end = self::ftell($ofp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1413
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1414	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1415	* Write the Poly1305 authentication tag that provides integrity
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1416	* over the ciphertext (encrypt-then-MAC)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1417	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1418	fseek($ofp, $start, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1419	fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1420	fseek($ofp, $end, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1421	unset($state);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1422
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1423	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1424	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1425
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1426	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1427	* Decrypt a file (32-bit)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1428	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1429	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1430	* @param resource $ofp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1431	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1432	* @param string $nonce
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1433	* @param string $key
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1434	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1435	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1436	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1437	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1438	protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1439	{
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1440	$tag = fread($ifp, 16);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1441	if (!is_string($tag)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1442	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1443	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1444
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1445	/** @var string $subkey */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1446	$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1447
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1448	/** @var string $realNonce */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1449	$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1450
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1451	/** @var string $block0 */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1452	$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1453	64,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1454	ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1455	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1456	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1457
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1458	/* Verify the Poly1305 MAC -before- attempting to decrypt! */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1459	$state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32));
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1460	if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1461	throw new SodiumException('Invalid MAC');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1462	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1463
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1464	/*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1465	* Set the cursor to the end of the first half-block. All future bytes will
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1466	* generated from salsa20_xor_ic, starting from 1 (second block).
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1467	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1468	$first32 = fread($ifp, 32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1469	if (!is_string($first32)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1470	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1471	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1472	$first32len = self::strlen($first32);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1473	fwrite(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1474	$ofp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1475	self::xorStrings(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1476	self::substr($block0, 32, $first32len),
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1477	self::substr($first32, 0, $first32len)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1478	)
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1479	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1480	$mlen -= 32;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1481
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1482	/** @var int $iter */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1483	$iter = 1;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1484
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1485	/** @var int $incr */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1486	$incr = self::BUFFER_SIZE >> 6;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1487
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1488	/* Decrypts ciphertext, writes to output file. */
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1489	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1490	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1491	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1492	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1493	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1494	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1495	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1496	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1497	$pBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1498	$ciphertext,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1499	$realNonce,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1500	$iter,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1501	$subkey
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1502	);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1503	fwrite($ofp, $pBlock, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1504	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1505	$iter += $incr;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1506	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1507	return true;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1508	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1509
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1510	/**
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1511	* One-time message authentication for 32-bit systems
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1512	*
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1513	* @param ParagonIE_Sodium_Core32_Poly1305_State $state
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1514	* @param resource $ifp
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1515	* @param string $tag
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1516	* @param int $mlen
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1517	* @return bool
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1518	* @throws SodiumException
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1519	* @throws TypeError
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1520	*/
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1521	protected static function onetimeauth_verify_core32(
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1522	ParagonIE_Sodium_Core32_Poly1305_State $state,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1523	$ifp,
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1524	$tag = '',
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1525	$mlen = 0
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1526	) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1527	/** @var int $pos */
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1528	$pos = self::ftell($ifp);
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1529
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1530	while ($mlen > 0) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1531	$blockSize = $mlen > self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1532	? self::BUFFER_SIZE
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1533	: $mlen;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1534	$ciphertext = fread($ifp, $blockSize);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1535	if (!is_string($ciphertext)) {
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1536	throw new SodiumException('Could not read input file');
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1537	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1538	$state->update($ciphertext);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1539	$mlen -= $blockSize;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1540	}
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1541	$res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish());
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1542
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1543	fseek($ifp, $pos, SEEK_SET);
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1544	return $res;
177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1545	}
16 a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1546
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1547	/**
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1548	* @param resource $resource
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1549	* @return int
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1550	* @throws SodiumException
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1551	*/
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1552	private static function ftell($resource)
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1553	{
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1554	$return = ftell($resource);
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1555	if (!is_int($return)) {
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1556	throw new SodiumException('ftell() returned false');
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1557	}
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1558	return (int) $return;
a86126ab1dd4 update enmi-conf ymh <ymh.work@gmail.com> parents: 9 diff changeset	1559	}
9 177826044cd9 upgrade wordpress to 5.2.3 ymh <ymh.work@gmail.com> parents: diff changeset	1560	}

author	ymh <ymh.work@gmail.com>
	Wed, 21 Sep 2022 18:19:35 +0200
changeset 18	be944660c56a
parent 16	a86126ab1dd4
child 19	3d72ae0968f4
permissions	-rw-r--r--