[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-includes/sodium_compat/src/Core/ -> AEGIS256.php (source)

   1  <?php
   2  
   3  if (!defined('SODIUM_COMPAT_AEGIS_C0')) {
   4      define('SODIUM_COMPAT_AEGIS_C0', "\x00\x01\x01\x02\x03\x05\x08\x0d\x15\x22\x37\x59\x90\xe9\x79\x62");
   5  }
   6  if (!defined('SODIUM_COMPAT_AEGIS_C1')) {
   7      define('SODIUM_COMPAT_AEGIS_C1', "\xdb\x3d\x18\x55\x6d\xc2\x2f\xf1\x20\x11\x31\x42\x73\xb5\x28\xdd");
   8  }
   9  
  10  class ParagonIE_Sodium_Core_AEGIS256 extends ParagonIE_Sodium_Core_AES
  11  {
  12      /**
  13       * @param string $ct
  14       * @param string $tag
  15       * @param string $ad
  16       * @param string $key
  17       * @param string $nonce
  18       * @return string
  19       * @throws SodiumException
  20       */
  21      public static function decrypt($ct, $tag, $ad, $key, $nonce)
  22      {
  23          $state = self::init($key, $nonce);
  24  
  25          // ad_blocks = Split(ZeroPad(ad, 128), 128)
  26          $ad_blocks = (self::strlen($ad) + 15) >> 4;
  27          // for ai in ad_blocks:
  28          //     Absorb(ai)
  29          for ($i = 0; $i < $ad_blocks; ++$i) {
  30              $ai = self::substr($ad, $i << 4, 16);
  31              if (self::strlen($ai) < 16) {
  32                  $ai = str_pad($ai, 16, "\0", STR_PAD_RIGHT);
  33              }
  34              $state->absorb($ai);
  35          }
  36  
  37          $msg = '';
  38          $cn = self::strlen($ct) & 15;
  39          $ct_blocks = self::strlen($ct) >> 4;
  40          // ct_blocks = Split(ZeroPad(ct, 128), 128)
  41          // cn = Tail(ct, |ct| mod 128)
  42          for ($i = 0; $i < $ct_blocks; ++$i) {
  43              $msg .= $state->dec(self::substr($ct, $i << 4, 16));
  44          }
  45          // if cn is not empty:
  46          //   msg = msg || DecPartial(cn)
  47          if ($cn) {
  48              $start = $ct_blocks << 4;
  49              $msg .= $state->decPartial(self::substr($ct, $start, $cn));
  50          }
  51          $expected_tag = $state->finalize(
  52              self::strlen($ad) << 3,
  53              self::strlen($msg) << 3
  54          );
  55          if (!self::hashEquals($expected_tag, $tag)) {
  56              try {
  57                  // The RFC says to erase msg, so we shall try:
  58                  ParagonIE_Sodium_Compat::memzero($msg);
  59              } catch (SodiumException $ex) {
  60                  // Do nothing if we cannot memzero
  61              }
  62              throw new SodiumException('verification failed');
  63          }
  64          return $msg;
  65      }
  66  
  67      /**
  68       * @param string $msg
  69       * @param string $ad
  70       * @param string $key
  71       * @param string $nonce
  72       * @return array
  73       * @throws SodiumException
  74       */
  75      public static function encrypt($msg, $ad, $key, $nonce)
  76      {
  77          $state = self::init($key, $nonce);
  78          $ad_len = self::strlen($ad);
  79          $msg_len = self::strlen($msg);
  80          $ad_blocks = ($ad_len + 15) >> 4;
  81          for ($i = 0; $i < $ad_blocks; ++$i) {
  82              $ai = self::substr($ad, $i << 4, 16);
  83              if (self::strlen($ai) < 16) {
  84                  $ai = str_pad($ai, 16, "\0", STR_PAD_RIGHT);
  85              }
  86              $state->absorb($ai);
  87          }
  88  
  89          $ct = '';
  90          $msg_blocks = ($msg_len + 15) >> 4;
  91          for ($i = 0; $i < $msg_blocks; ++$i) {
  92              $xi = self::substr($msg, $i << 4, 16);
  93              if (self::strlen($xi) < 16) {
  94                  $xi = str_pad($xi, 16, "\0", STR_PAD_RIGHT);
  95              }
  96              $ct .= $state->enc($xi);
  97          }
  98          $tag = $state->finalize(
  99              $ad_len << 3,
 100              $msg_len << 3
 101          );
 102          return array(
 103              self::substr($ct, 0, $msg_len),
 104              $tag
 105          );
 106  
 107      }
 108  
 109      /**
 110       * @param string $key
 111       * @param string $nonce
 112       * @return ParagonIE_Sodium_Core_AEGIS_State256
 113       */
 114      public static function init($key, $nonce)
 115      {
 116          return ParagonIE_Sodium_Core_AEGIS_State256::init($key, $nonce);
 117      }
 118  }


Generated : Wed Dec 4 08:20:01 2024 Cross-referenced by PHPXref