diff -r 48c4eec2b7e6 -r 8c2e4d02f4ef wp/wp-includes/sodium_compat/lib/sodium_compat.php --- a/wp/wp-includes/sodium_compat/lib/sodium_compat.php Fri Sep 05 18:40:08 2025 +0200 +++ b/wp/wp-includes/sodium_compat/lib/sodium_compat.php Fri Sep 05 18:52:52 2025 +0200 @@ -20,8 +20,10 @@ * @throws \SodiumException * @throws \TypeError */ - function bin2hex($string) - { + function bin2hex( + #[\SensitiveParameter] + $string + ) { return ParagonIE_Sodium_Compat::bin2hex($string); } } @@ -34,8 +36,12 @@ * @throws \SodiumException * @throws \TypeError */ - function compare($a, $b) - { + function compare( + #[\SensitiveParameter] + $a, + #[\SensitiveParameter] + $b + ) { return ParagonIE_Sodium_Compat::compare($a, $b); } } @@ -48,8 +54,13 @@ * @param string $key * @return string|bool */ - function crypto_aead_aes256gcm_decrypt($message, $assocData, $nonce, $key) - { + function crypto_aead_aes256gcm_decrypt( + $message, + $assocData, + $nonce, + #[\SensitiveParameter] + $key + ) { try { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt($message, $assocData, $nonce, $key); } catch (\TypeError $ex) { @@ -70,8 +81,14 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_aead_aes256gcm_encrypt($message, $assocData, $nonce, $key) - { + function crypto_aead_aes256gcm_encrypt( + #[\SensitiveParameter] + $message, + $assocData, + $nonce, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt($message, $assocData, $nonce, $key); } } @@ -94,8 +111,13 @@ * @param string $key * @return string|bool */ - function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) - { + function crypto_aead_chacha20poly1305_decrypt( + $message, + $assocData, + $nonce, + #[\SensitiveParameter] + $key + ) { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); } catch (\TypeError $ex) { @@ -116,8 +138,14 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) - { + function crypto_aead_chacha20poly1305_encrypt( + #[\SensitiveParameter] + $message, + $assocData, + $nonce, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); } } @@ -130,8 +158,13 @@ * @param string $key * @return string|bool */ - function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) - { + function crypto_aead_chacha20poly1305_ietf_decrypt( + $message, + $assocData, + $nonce, + #[\SensitiveParameter] + $key + ) { try { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); } catch (\TypeError $ex) { @@ -152,8 +185,14 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) - { + function crypto_aead_chacha20poly1305_ietf_encrypt( + #[\SensitiveParameter] + $message, + $assocData, + $nonce, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); } } @@ -166,8 +205,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_auth($message, $key) - { + function crypto_auth( + $message, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_auth($message, $key); } } @@ -181,8 +223,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_auth_verify($mac, $message, $key) - { + function crypto_auth_verify( + $mac, + $message, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); } } @@ -196,8 +242,13 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_box($message, $nonce, $kp) - { + function crypto_box( + #[\SensitiveParameter] + $message, + $nonce, + #[\SensitiveParameter] + $kp + ) { return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); } } @@ -222,8 +273,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) - { + function crypto_box_keypair_from_secretkey_and_publickey( + #[\SensitiveParameter] + $sk, + $pk + ) { return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); } } @@ -235,8 +289,13 @@ * @param string $kp * @return string|bool */ - function crypto_box_open($message, $nonce, $kp) - { + function crypto_box_open( + #[\SensitiveParameter] + $message, + $nonce, + #[\SensitiveParameter] + $kp + ) { try { return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); } catch (\TypeError $ex) { @@ -254,8 +313,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_box_publickey($keypair) - { + function crypto_box_publickey( + #[\SensitiveParameter] + $keypair + ) { return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); } } @@ -267,8 +328,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_box_publickey_from_secretkey($sk) - { + function crypto_box_publickey_from_secretkey( + #[\SensitiveParameter] + $sk + ) { return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); } } @@ -281,8 +344,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_box_seal($message, $publicKey) - { + function crypto_box_seal( + #[\SensitiveParameter] + $message, + $publicKey + ) { return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); } } @@ -293,8 +359,11 @@ * @param string $kp * @return string|bool */ - function crypto_box_seal_open($message, $kp) - { + function crypto_box_seal_open( + $message, + #[\SensitiveParameter] + $kp + ) { try { return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); } catch (\TypeError $ex) { @@ -312,8 +381,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_box_secretkey($keypair) - { + function crypto_box_secretkey( + #[\SensitiveParameter] + $keypair + ) { return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); } } @@ -327,8 +398,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash($message, $key = null, $outLen = 32) - { + function crypto_generichash( + $message, + #[\SensitiveParameter] + $key = null, + $outLen = 32 + ) { return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); } } @@ -341,8 +416,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash_final(&$ctx, $outputLength = 32) - { + function crypto_generichash_final( + #[\SensitiveParameter] + &$ctx, + $outputLength = 32 + ) { return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); } } @@ -355,8 +433,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash_init($key = null, $outLen = 32) - { + function crypto_generichash_init( + #[\SensitiveParameter] + $key = null, + $outLen = 32 + ) { return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); } } @@ -369,8 +450,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_generichash_update(&$ctx, $message = '') - { + function crypto_generichash_update( + #[\SensitiveParameter] + &$ctx, + $message = '' + ) { ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); } } @@ -385,8 +469,13 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_kx($my_secret, $their_public, $client_public, $server_public) - { + function crypto_kx( + #[\SensitiveParameter] + $my_secret, + $their_public, + $client_public, + $server_public + ) { return ParagonIE_Sodium_Compat::crypto_kx( $my_secret, $their_public, @@ -408,8 +497,14 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) - { + function crypto_pwhash( + $outlen, + #[\SensitiveParameter] + $passwd, + $salt, + $opslimit, + $memlimit + ) { return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); } } @@ -423,8 +518,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_str($passwd, $opslimit, $memlimit) - { + function crypto_pwhash_str( + #[\SensitiveParameter] + $passwd, + $opslimit, + $memlimit + ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); } } @@ -437,8 +536,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_str_verify($passwd, $hash) - { + function crypto_pwhash_str_verify( + #[\SensitiveParameter] + $passwd, + #[\SensitiveParameter] + $hash + ) { return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); } } @@ -454,8 +557,15 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) - { + function crypto_pwhash_scryptsalsa208sha256( + $outlen, + #[\SensitiveParameter] + $passwd, + #[\SensitiveParameter] + $salt, + $opslimit, + $memlimit + ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); } } @@ -469,8 +579,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) - { + function crypto_pwhash_scryptsalsa208sha256_str( + #[\SensitiveParameter] + $passwd, + $opslimit, + $memlimit + ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); } } @@ -483,8 +597,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) - { + function crypto_pwhash_scryptsalsa208sha256_str_verify( + #[\SensitiveParameter] + $passwd, + #[\SensitiveParameter] + $hash + ) { return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); } } @@ -497,8 +615,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_scalarmult($n, $p) - { + function crypto_scalarmult( + #[\SensitiveParameter] + $n, + $p + ) { return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); } } @@ -510,8 +631,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_scalarmult_base($n) - { + function crypto_scalarmult_base( + #[\SensitiveParameter] + $n + ) { return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); } } @@ -525,8 +648,13 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_secretbox($message, $nonce, $key) - { + function crypto_secretbox( + #[\SensitiveParameter] + $message, + $nonce, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); } } @@ -538,8 +666,12 @@ * @param string $key * @return string|bool */ - function crypto_secretbox_open($message, $nonce, $key) - { + function crypto_secretbox_open( + $message, + $nonce, + #[\SensitiveParameter] + $key + ) { try { return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); } catch (\TypeError $ex) { @@ -558,8 +690,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_shorthash($message, $key = '') - { + function crypto_shorthash( + $message, + #[\SensitiveParameter] + $key = '' + ) { return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); } } @@ -572,8 +707,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign($message, $sk) - { + function crypto_sign( + $message, + #[\SensitiveParameter] + $sk + ) { return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); } } @@ -586,8 +724,11 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_detached($message, $sk) - { + function crypto_sign_detached( + $message, + #[\SensitiveParameter] + $sk + ) { return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); } } @@ -629,8 +770,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_publickey($keypair) - { + function crypto_sign_publickey( + #[\SensitiveParameter] + $keypair + ) { return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); } } @@ -642,8 +785,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_publickey_from_secretkey($sk) - { + function crypto_sign_publickey_from_secretkey( + #[\SensitiveParameter] + $sk + ) { return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); } } @@ -655,8 +800,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_secretkey($keypair) - { + function crypto_sign_secretkey( + #[\SensitiveParameter] + $keypair + ) { return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); } } @@ -668,8 +815,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_seed_keypair($seed) - { + function crypto_sign_seed_keypair( + #[\SensitiveParameter] + $seed + ) { return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); } } @@ -709,8 +858,10 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_sign_ed25519_sk_to_curve25519($sk) - { + function crypto_sign_ed25519_sk_to_curve25519( + #[\SensitiveParameter] + $sk + ) { return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); } } @@ -724,8 +875,12 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_stream($len, $nonce, $key) - { + function crypto_stream( + $len, + $nonce, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); } } @@ -739,8 +894,13 @@ * @throws \SodiumException * @throws \TypeError */ - function crypto_stream_xor($message, $nonce, $key) - { + function crypto_stream_xor( + #[\SensitiveParameter] + $message, + $nonce, + #[\SensitiveParameter] + $key + ) { return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); } } @@ -752,8 +912,10 @@ * @throws \SodiumException * @throws \TypeError */ - function hex2bin($string) - { + function hex2bin( + #[\SensitiveParameter] + $string + ) { return ParagonIE_Sodium_Compat::hex2bin($string); } } @@ -766,8 +928,12 @@ * @throws \SodiumException * @throws \TypeError */ - function memcmp($a, $b) - { + function memcmp( + #[\SensitiveParameter] + $a, + #[\SensitiveParameter] + $b + ) { return ParagonIE_Sodium_Compat::memcmp($a, $b); } } @@ -783,8 +949,10 @@ * @psalm-suppress MissingReturnType * @psalm-suppress ReferenceConstraintViolation */ - function memzero(&$str) - { + function memzero( + #[\SensitiveParameter] + &$str + ) { ParagonIE_Sodium_Compat::memzero($str); } }