WordPoints /
wordpoints
| @@ 847-908 (lines=62) @@ | ||
| 844 | * @param string $key |
|
| 845 | * @return string |
|
| 846 | */ |
|
| 847 | public static function secretbox($plaintext, $nonce, $key) |
|
| 848 | { |
|
| 849 | /** @var string $subkey */ |
|
| 850 | $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key); |
|
| 851 | ||
| 852 | /** @var string $block0 */ |
|
| 853 | $block0 = str_repeat("\x00", 32); |
|
| 854 | ||
| 855 | /** @var int $mlen - Length of the plaintext message */ |
|
| 856 | $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext); |
|
| 857 | $mlen0 = $mlen; |
|
| 858 | if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) { |
|
| 859 | $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES; |
|
| 860 | } |
|
| 861 | $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0); |
|
| 862 | ||
| 863 | /** @var string $block0 */ |
|
| 864 | $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor( |
|
| 865 | $block0, |
|
| 866 | ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), |
|
| 867 | $subkey |
|
| 868 | ); |
|
| 869 | ||
| 870 | /** @var string $c */ |
|
| 871 | $c = ParagonIE_Sodium_Core_Util::substr( |
|
| 872 | $block0, |
|
| 873 | self::secretbox_xsalsa20poly1305_ZEROBYTES |
|
| 874 | ); |
|
| 875 | if ($mlen > $mlen0) { |
|
| 876 | $c .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic( |
|
| 877 | ParagonIE_Sodium_Core_Util::substr( |
|
| 878 | $plaintext, |
|
| 879 | self::secretbox_xsalsa20poly1305_ZEROBYTES |
|
| 880 | ), |
|
| 881 | ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), |
|
| 882 | 1, |
|
| 883 | $subkey |
|
| 884 | ); |
|
| 885 | } |
|
| 886 | $state = new ParagonIE_Sodium_Core_Poly1305_State( |
|
| 887 | ParagonIE_Sodium_Core_Util::substr( |
|
| 888 | $block0, |
|
| 889 | 0, |
|
| 890 | self::onetimeauth_poly1305_KEYBYTES |
|
| 891 | ) |
|
| 892 | ); |
|
| 893 | try { |
|
| 894 | ParagonIE_Sodium_Compat::memzero($block0); |
|
| 895 | ParagonIE_Sodium_Compat::memzero($subkey); |
|
| 896 | } catch (Error $ex) { |
|
| 897 | $block0 = null; |
|
| 898 | $subkey = null; |
|
| 899 | } |
|
| 900 | ||
| 901 | $state->update($c); |
|
| 902 | ||
| 903 | /** @var string $c - MAC || ciphertext */ |
|
| 904 | $c = $state->finish() . $c; |
|
| 905 | unset($state); |
|
| 906 | ||
| 907 | return $c; |
|
| 908 | } |
|
| 909 | ||
| 910 | /** |
|
| 911 | * Decrypt a ciphertext generated via secretbox(). |
|
| @@ 992-1057 (lines=66) @@ | ||
| 989 | * @param string $key |
|
| 990 | * @return string |
|
| 991 | */ |
|
| 992 | public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) |
|
| 993 | { |
|
| 994 | /** @var string $subkey */ |
|
| 995 | $subkey = ParagonIE_Sodium_Core_HChaCha20::hChaCha20( |
|
| 996 | ParagonIE_Sodium_Core_Util::substr($nonce, 0, 16), |
|
| 997 | $key |
|
| 998 | ); |
|
| 999 | $nonceLast = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8); |
|
| 1000 | ||
| 1001 | /** @var string $block0 */ |
|
| 1002 | $block0 = str_repeat("\x00", 32); |
|
| 1003 | ||
| 1004 | /** @var int $mlen - Length of the plaintext message */ |
|
| 1005 | $mlen = ParagonIE_Sodium_Core_Util::strlen($plaintext); |
|
| 1006 | $mlen0 = $mlen; |
|
| 1007 | if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) { |
|
| 1008 | $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES; |
|
| 1009 | } |
|
| 1010 | $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0); |
|
| 1011 | ||
| 1012 | /** @var string $block0 */ |
|
| 1013 | $block0 = ParagonIE_Sodium_Core_ChaCha20::streamXorIc( |
|
| 1014 | $block0, |
|
| 1015 | $nonceLast, |
|
| 1016 | $subkey |
|
| 1017 | ); |
|
| 1018 | ||
| 1019 | /** @var string $c */ |
|
| 1020 | $c = ParagonIE_Sodium_Core_Util::substr( |
|
| 1021 | $block0, |
|
| 1022 | self::secretbox_xchacha20poly1305_ZEROBYTES |
|
| 1023 | ); |
|
| 1024 | if ($mlen > $mlen0) { |
|
| 1025 | $c .= ParagonIE_Sodium_Core_ChaCha20::streamXorIc( |
|
| 1026 | ParagonIE_Sodium_Core_Util::substr( |
|
| 1027 | $plaintext, |
|
| 1028 | self::secretbox_xchacha20poly1305_ZEROBYTES |
|
| 1029 | ), |
|
| 1030 | $nonceLast, |
|
| 1031 | $subkey, |
|
| 1032 | ParagonIE_Sodium_Core_Util::store64_le(1) |
|
| 1033 | ); |
|
| 1034 | } |
|
| 1035 | $state = new ParagonIE_Sodium_Core_Poly1305_State( |
|
| 1036 | ParagonIE_Sodium_Core_Util::substr( |
|
| 1037 | $block0, |
|
| 1038 | 0, |
|
| 1039 | self::onetimeauth_poly1305_KEYBYTES |
|
| 1040 | ) |
|
| 1041 | ); |
|
| 1042 | try { |
|
| 1043 | ParagonIE_Sodium_Compat::memzero($block0); |
|
| 1044 | ParagonIE_Sodium_Compat::memzero($subkey); |
|
| 1045 | } catch (Error $ex) { |
|
| 1046 | $block0 = null; |
|
| 1047 | $subkey = null; |
|
| 1048 | } |
|
| 1049 | ||
| 1050 | $state->update($c); |
|
| 1051 | ||
| 1052 | /** @var string $c - MAC || ciphertext */ |
|
| 1053 | $c = $state->finish() . $c; |
|
| 1054 | unset($state); |
|
| 1055 | ||
| 1056 | return $c; |
|
| 1057 | } |
|
| 1058 | ||
| 1059 | /** |
|
| 1060 | * Decrypt a ciphertext generated via secretbox_xchacha20poly1305(). |
|
| @@ 832-893 (lines=62) @@ | ||
| 829 | * @param string $key |
|
| 830 | * @return string |
|
| 831 | */ |
|
| 832 | public static function secretbox($plaintext, $nonce, $key) |
|
| 833 | { |
|
| 834 | /** @var string $subkey */ |
|
| 835 | $subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key); |
|
| 836 | ||
| 837 | /** @var string $block0 */ |
|
| 838 | $block0 = str_repeat("\x00", 32); |
|
| 839 | ||
| 840 | /** @var int $mlen - Length of the plaintext message */ |
|
| 841 | $mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext); |
|
| 842 | $mlen0 = $mlen; |
|
| 843 | if ($mlen0 > 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES) { |
|
| 844 | $mlen0 = 64 - self::secretbox_xsalsa20poly1305_ZEROBYTES; |
|
| 845 | } |
|
| 846 | $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0); |
|
| 847 | ||
| 848 | /** @var string $block0 */ |
|
| 849 | $block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor( |
|
| 850 | $block0, |
|
| 851 | ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), |
|
| 852 | $subkey |
|
| 853 | ); |
|
| 854 | ||
| 855 | /** @var string $c */ |
|
| 856 | $c = ParagonIE_Sodium_Core32_Util::substr( |
|
| 857 | $block0, |
|
| 858 | self::secretbox_xsalsa20poly1305_ZEROBYTES |
|
| 859 | ); |
|
| 860 | if ($mlen > $mlen0) { |
|
| 861 | $c .= ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic( |
|
| 862 | ParagonIE_Sodium_Core32_Util::substr( |
|
| 863 | $plaintext, |
|
| 864 | self::secretbox_xsalsa20poly1305_ZEROBYTES |
|
| 865 | ), |
|
| 866 | ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8), |
|
| 867 | 1, |
|
| 868 | $subkey |
|
| 869 | ); |
|
| 870 | } |
|
| 871 | $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
|
| 872 | ParagonIE_Sodium_Core32_Util::substr( |
|
| 873 | $block0, |
|
| 874 | 0, |
|
| 875 | self::onetimeauth_poly1305_KEYBYTES |
|
| 876 | ) |
|
| 877 | ); |
|
| 878 | try { |
|
| 879 | ParagonIE_Sodium_Compat::memzero($block0); |
|
| 880 | ParagonIE_Sodium_Compat::memzero($subkey); |
|
| 881 | } catch (Error $ex) { |
|
| 882 | $block0 = null; |
|
| 883 | $subkey = null; |
|
| 884 | } |
|
| 885 | ||
| 886 | $state->update($c); |
|
| 887 | ||
| 888 | /** @var string $c - MAC || ciphertext */ |
|
| 889 | $c = $state->finish() . $c; |
|
| 890 | unset($state); |
|
| 891 | ||
| 892 | return $c; |
|
| 893 | } |
|
| 894 | ||
| 895 | /** |
|
| 896 | * Decrypt a ciphertext generated via secretbox(). |
|
| @@ 977-1042 (lines=66) @@ | ||
| 974 | * @param string $key |
|
| 975 | * @return string |
|
| 976 | */ |
|
| 977 | public static function secretbox_xchacha20poly1305($plaintext, $nonce, $key) |
|
| 978 | { |
|
| 979 | /** @var string $subkey */ |
|
| 980 | $subkey = ParagonIE_Sodium_Core32_HChaCha20::hChaCha20( |
|
| 981 | ParagonIE_Sodium_Core32_Util::substr($nonce, 0, 16), |
|
| 982 | $key |
|
| 983 | ); |
|
| 984 | $nonceLast = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8); |
|
| 985 | ||
| 986 | /** @var string $block0 */ |
|
| 987 | $block0 = str_repeat("\x00", 32); |
|
| 988 | ||
| 989 | /** @var int $mlen - Length of the plaintext message */ |
|
| 990 | $mlen = ParagonIE_Sodium_Core32_Util::strlen($plaintext); |
|
| 991 | $mlen0 = $mlen; |
|
| 992 | if ($mlen0 > 64 - self::secretbox_xchacha20poly1305_ZEROBYTES) { |
|
| 993 | $mlen0 = 64 - self::secretbox_xchacha20poly1305_ZEROBYTES; |
|
| 994 | } |
|
| 995 | $block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0); |
|
| 996 | ||
| 997 | /** @var string $block0 */ |
|
| 998 | $block0 = ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( |
|
| 999 | $block0, |
|
| 1000 | $nonceLast, |
|
| 1001 | $subkey |
|
| 1002 | ); |
|
| 1003 | ||
| 1004 | /** @var string $c */ |
|
| 1005 | $c = ParagonIE_Sodium_Core32_Util::substr( |
|
| 1006 | $block0, |
|
| 1007 | self::secretbox_xchacha20poly1305_ZEROBYTES |
|
| 1008 | ); |
|
| 1009 | if ($mlen > $mlen0) { |
|
| 1010 | $c .= ParagonIE_Sodium_Core32_ChaCha20::streamXorIc( |
|
| 1011 | ParagonIE_Sodium_Core32_Util::substr( |
|
| 1012 | $plaintext, |
|
| 1013 | self::secretbox_xchacha20poly1305_ZEROBYTES |
|
| 1014 | ), |
|
| 1015 | $nonceLast, |
|
| 1016 | $subkey, |
|
| 1017 | ParagonIE_Sodium_Core32_Util::store64_le(1) |
|
| 1018 | ); |
|
| 1019 | } |
|
| 1020 | $state = new ParagonIE_Sodium_Core32_Poly1305_State( |
|
| 1021 | ParagonIE_Sodium_Core32_Util::substr( |
|
| 1022 | $block0, |
|
| 1023 | 0, |
|
| 1024 | self::onetimeauth_poly1305_KEYBYTES |
|
| 1025 | ) |
|
| 1026 | ); |
|
| 1027 | try { |
|
| 1028 | ParagonIE_Sodium_Compat::memzero($block0); |
|
| 1029 | ParagonIE_Sodium_Compat::memzero($subkey); |
|
| 1030 | } catch (Error $ex) { |
|
| 1031 | $block0 = null; |
|
| 1032 | $subkey = null; |
|
| 1033 | } |
|
| 1034 | ||
| 1035 | $state->update($c); |
|
| 1036 | ||
| 1037 | /** @var string $c - MAC || ciphertext */ |
|
| 1038 | $c = $state->finish() . $c; |
|
| 1039 | unset($state); |
|
| 1040 | ||
| 1041 | return $c; |
|
| 1042 | } |
|
| 1043 | ||
| 1044 | /** |
|
| 1045 | * Decrypt a ciphertext generated via secretbox_xchacha20poly1305(). |
|
