equal
deleted
inserted
replaced
677 if (PHP_INT_SIZE === 4) { |
677 if (PHP_INT_SIZE === 4) { |
678 return self::verify_core32($sig, $filePath, $publicKey); |
678 return self::verify_core32($sig, $filePath, $publicKey); |
679 } |
679 } |
680 |
680 |
681 /* Security checks */ |
681 /* Security checks */ |
682 if (ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) { |
682 if ( |
|
683 (ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240) |
|
684 && |
|
685 ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32)) |
|
686 ) { |
683 throw new SodiumException('S < L - Invalid signature'); |
687 throw new SodiumException('S < L - Invalid signature'); |
684 } |
688 } |
685 if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) { |
689 if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) { |
686 throw new SodiumException('Signature is on too small of an order'); |
690 throw new SodiumException('Signature is on too small of an order'); |
687 } |
691 } |
839 |
843 |
840 $plaintext = fread($ifp, 32); |
844 $plaintext = fread($ifp, 32); |
841 if (!is_string($plaintext)) { |
845 if (!is_string($plaintext)) { |
842 throw new SodiumException('Could not read input file'); |
846 throw new SodiumException('Could not read input file'); |
843 } |
847 } |
844 $first32 = ftell($ifp); |
848 $first32 = self::ftell($ifp); |
845 |
849 |
846 /** @var string $subkey */ |
850 /** @var string $subkey */ |
847 $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); |
851 $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); |
848 |
852 |
849 /** @var string $realNonce */ |
853 /** @var string $realNonce */ |
873 ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES |
877 ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES |
874 ) |
878 ) |
875 ); |
879 ); |
876 |
880 |
877 // Pre-write 16 blank bytes for the Poly1305 tag |
881 // Pre-write 16 blank bytes for the Poly1305 tag |
878 $start = ftell($ofp); |
882 $start = self::ftell($ofp); |
879 fwrite($ofp, str_repeat("\x00", 16)); |
883 fwrite($ofp, str_repeat("\x00", 16)); |
880 |
884 |
881 /** @var string $c */ |
885 /** @var string $c */ |
882 $cBlock = ParagonIE_Sodium_Core_Util::substr( |
886 $cBlock = ParagonIE_Sodium_Core_Util::substr( |
883 $block0, |
887 $block0, |
924 ParagonIE_Sodium_Compat::memzero($subkey); |
928 ParagonIE_Sodium_Compat::memzero($subkey); |
925 } catch (SodiumException $ex) { |
929 } catch (SodiumException $ex) { |
926 $block0 = null; |
930 $block0 = null; |
927 $subkey = null; |
931 $subkey = null; |
928 } |
932 } |
929 $end = ftell($ofp); |
933 $end = self::ftell($ofp); |
930 |
934 |
931 /* |
935 /* |
932 * Write the Poly1305 authentication tag that provides integrity |
936 * Write the Poly1305 authentication tag that provides integrity |
933 * over the ciphertext (encrypt-then-MAC) |
937 * over the ciphertext (encrypt-then-MAC) |
934 */ |
938 */ |
1041 $ifp, |
1045 $ifp, |
1042 $tag = '', |
1046 $tag = '', |
1043 $mlen = 0 |
1047 $mlen = 0 |
1044 ) { |
1048 ) { |
1045 /** @var int $pos */ |
1049 /** @var int $pos */ |
1046 $pos = ftell($ifp); |
1050 $pos = self::ftell($ifp); |
1047 |
1051 |
1048 /** @var int $iter */ |
1052 /** @var int $iter */ |
1049 $iter = 1; |
1053 $iter = 1; |
1050 |
1054 |
1051 /** @var int $incr */ |
1055 /** @var int $incr */ |
1104 if (!is_int($size)) { |
1108 if (!is_int($size)) { |
1105 throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.'); |
1109 throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.'); |
1106 } |
1110 } |
1107 |
1111 |
1108 /** @var int $originalPosition */ |
1112 /** @var int $originalPosition */ |
1109 $originalPosition = ftell($fp); |
1113 $originalPosition = self::ftell($fp); |
1110 |
1114 |
1111 // Move file pointer to beginning of file |
1115 // Move file pointer to beginning of file |
1112 fseek($fp, 0, SEEK_SET); |
1116 fseek($fp, 0, SEEK_SET); |
1113 for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) { |
1117 for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) { |
1114 /** @var string|bool $message */ |
1118 /** @var string|bool $message */ |
1312 { |
1316 { |
1313 $plaintext = fread($ifp, 32); |
1317 $plaintext = fread($ifp, 32); |
1314 if (!is_string($plaintext)) { |
1318 if (!is_string($plaintext)) { |
1315 throw new SodiumException('Could not read input file'); |
1319 throw new SodiumException('Could not read input file'); |
1316 } |
1320 } |
1317 $first32 = ftell($ifp); |
1321 $first32 = self::ftell($ifp); |
1318 |
1322 |
1319 /** @var string $subkey */ |
1323 /** @var string $subkey */ |
1320 $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); |
1324 $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); |
1321 |
1325 |
1322 /** @var string $realNonce */ |
1326 /** @var string $realNonce */ |
1346 ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES |
1350 ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES |
1347 ) |
1351 ) |
1348 ); |
1352 ); |
1349 |
1353 |
1350 // Pre-write 16 blank bytes for the Poly1305 tag |
1354 // Pre-write 16 blank bytes for the Poly1305 tag |
1351 $start = ftell($ofp); |
1355 $start = self::ftell($ofp); |
1352 fwrite($ofp, str_repeat("\x00", 16)); |
1356 fwrite($ofp, str_repeat("\x00", 16)); |
1353 |
1357 |
1354 /** @var string $c */ |
1358 /** @var string $c */ |
1355 $cBlock = ParagonIE_Sodium_Core32_Util::substr( |
1359 $cBlock = ParagonIE_Sodium_Core32_Util::substr( |
1356 $block0, |
1360 $block0, |
1397 ParagonIE_Sodium_Compat::memzero($subkey); |
1401 ParagonIE_Sodium_Compat::memzero($subkey); |
1398 } catch (SodiumException $ex) { |
1402 } catch (SodiumException $ex) { |
1399 $block0 = null; |
1403 $block0 = null; |
1400 $subkey = null; |
1404 $subkey = null; |
1401 } |
1405 } |
1402 $end = ftell($ofp); |
1406 $end = self::ftell($ofp); |
1403 |
1407 |
1404 /* |
1408 /* |
1405 * Write the Poly1305 authentication tag that provides integrity |
1409 * Write the Poly1305 authentication tag that provides integrity |
1406 * over the ciphertext (encrypt-then-MAC) |
1410 * over the ciphertext (encrypt-then-MAC) |
1407 */ |
1411 */ |
1513 $ifp, |
1517 $ifp, |
1514 $tag = '', |
1518 $tag = '', |
1515 $mlen = 0 |
1519 $mlen = 0 |
1516 ) { |
1520 ) { |
1517 /** @var int $pos */ |
1521 /** @var int $pos */ |
1518 $pos = ftell($ifp); |
1522 $pos = self::ftell($ifp); |
1519 |
1523 |
1520 /** @var int $iter */ |
1524 /** @var int $iter */ |
1521 $iter = 1; |
1525 $iter = 1; |
1522 |
1526 |
1523 /** @var int $incr */ |
1527 /** @var int $incr */ |
1538 $res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish()); |
1542 $res = ParagonIE_Sodium_Core32_Util::verify_16($tag, $state->finish()); |
1539 |
1543 |
1540 fseek($ifp, $pos, SEEK_SET); |
1544 fseek($ifp, $pos, SEEK_SET); |
1541 return $res; |
1545 return $res; |
1542 } |
1546 } |
|
1547 |
|
1548 /** |
|
1549 * @param resource $resource |
|
1550 * @return int |
|
1551 * @throws SodiumException |
|
1552 */ |
|
1553 private static function ftell($resource) |
|
1554 { |
|
1555 $return = ftell($resource); |
|
1556 if (!is_int($return)) { |
|
1557 throw new SodiumException('ftell() returned false'); |
|
1558 } |
|
1559 return (int) $return; |
|
1560 } |
1543 } |
1561 } |