Diff: STRATO-apps/wordpress_03/app/wp-includes/sodium_compat/src/Core/AEGIS256.php

Keine Baseline-Datei – Diff nur gegen leer.
Baseline Vorherige Version
Zur Liste
1 -
1 + <?php
2 +
3 + if (!defined('SODIUM_COMPAT_AEGIS_C0')) {
4 + define('SODIUM_COMPAT_AEGIS_C0', "\x00\x01\x01\x02\x03\x05\x08\x0d\x15\x22\x37\x59\x90\xe9\x79\x62");
5 + }
6 + if (!defined('SODIUM_COMPAT_AEGIS_C1')) {
7 + define('SODIUM_COMPAT_AEGIS_C1', "\xdb\x3d\x18\x55\x6d\xc2\x2f\xf1\x20\x11\x31\x42\x73\xb5\x28\xdd");
8 + }
9 +
10 + class ParagonIE_Sodium_Core_AEGIS256 extends ParagonIE_Sodium_Core_AES
11 + {
12 + /**
13 + * @param string $ct
14 + * @param string $tag
15 + * @param string $ad
16 + * @param string $key
17 + * @param string $nonce
18 + * @return string
19 + * @throws SodiumException
20 + */
21 + public static function decrypt($ct, $tag, $ad, $key, $nonce)
22 + {
23 + $state = self::init($key, $nonce);
24 +
25 + // ad_blocks = Split(ZeroPad(ad, 128), 128)
26 + $ad_blocks = (self::strlen($ad) + 15) >> 4;
27 + // for ai in ad_blocks:
28 + // Absorb(ai)
29 + for ($i = 0; $i < $ad_blocks; ++$i) {
30 + $ai = self::substr($ad, $i << 4, 16);
31 + if (self::strlen($ai) < 16) {
32 + $ai = str_pad($ai, 16, "\0", STR_PAD_RIGHT);
33 + }
34 + $state->absorb($ai);
35 + }
36 +
37 + $msg = '';
38 + $cn = self::strlen($ct) & 15;
39 + $ct_blocks = self::strlen($ct) >> 4;
40 + // ct_blocks = Split(ZeroPad(ct, 128), 128)
41 + // cn = Tail(ct, |ct| mod 128)
42 + for ($i = 0; $i < $ct_blocks; ++$i) {
43 + $msg .= $state->dec(self::substr($ct, $i << 4, 16));
44 + }
45 + // if cn is not empty:
46 + // msg = msg || DecPartial(cn)
47 + if ($cn) {
48 + $start = $ct_blocks << 4;
49 + $msg .= $state->decPartial(self::substr($ct, $start, $cn));
50 + }
51 + $expected_tag = $state->finalize(
52 + self::strlen($ad) << 3,
53 + self::strlen($msg) << 3
54 + );
55 + if (!self::hashEquals($expected_tag, $tag)) {
56 + try {
57 + // The RFC says to erase msg, so we shall try:
58 + ParagonIE_Sodium_Compat::memzero($msg);
59 + } catch (SodiumException $ex) {
60 + // Do nothing if we cannot memzero
61 + }
62 + throw new SodiumException('verification failed');
63 + }
64 + return $msg;
65 + }
66 +
67 + /**
68 + * @param string $msg
69 + * @param string $ad
70 + * @param string $key
71 + * @param string $nonce
72 + * @return array
73 + * @throws SodiumException
74 + */
75 + public static function encrypt($msg, $ad, $key, $nonce)
76 + {
77 + $state = self::init($key, $nonce);
78 + $ad_len = self::strlen($ad);
79 + $msg_len = self::strlen($msg);
80 + $ad_blocks = ($ad_len + 15) >> 4;
81 + for ($i = 0; $i < $ad_blocks; ++$i) {
82 + $ai = self::substr($ad, $i << 4, 16);
83 + if (self::strlen($ai) < 16) {
84 + $ai = str_pad($ai, 16, "\0", STR_PAD_RIGHT);
85 + }
86 + $state->absorb($ai);
87 + }
88 +
89 + $ct = '';
90 + $msg_blocks = ($msg_len + 15) >> 4;
91 + for ($i = 0; $i < $msg_blocks; ++$i) {
92 + $xi = self::substr($msg, $i << 4, 16);
93 + if (self::strlen($xi) < 16) {
94 + $xi = str_pad($xi, 16, "\0", STR_PAD_RIGHT);
95 + }
96 + $ct .= $state->enc($xi);
97 + }
98 + $tag = $state->finalize(
99 + $ad_len << 3,
100 + $msg_len << 3
101 + );
102 + return array(
103 + self::substr($ct, 0, $msg_len),
104 + $tag
105 + );
106 +
107 + }
108 +
109 + /**
110 + * @param string $key
111 + * @param string $nonce
112 + * @return ParagonIE_Sodium_Core_AEGIS_State256
113 + */
114 + public static function init($key, $nonce)
115 + {
116 + return ParagonIE_Sodium_Core_AEGIS_State256::init($key, $nonce);
117 + }
118 + }
119 +