Edit File by line

* @throws TypeError

[1000] Fix | Delete

[1001] Fix | Delete

protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)

[1002] Fix | Delete

{

[1003] Fix | Delete

if (PHP_INT_SIZE === 4) {

[1004] Fix | Delete

return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);

[1005] Fix | Delete

}

[1006] Fix | Delete

$tag = fread($ifp, 16);

[1007] Fix | Delete

if (!is_string($tag)) {

[1008] Fix | Delete

throw new SodiumException('Could not read input file');

[1009] Fix | Delete

}

[1010] Fix | Delete

[1011] Fix | Delete

/** @var string $subkey */

[1012] Fix | Delete

$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);

[1013] Fix | Delete

[1014] Fix | Delete

/** @var string $realNonce */

[1015] Fix | Delete

$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);

[1016] Fix | Delete

[1017] Fix | Delete

/** @var string $block0 */

[1018] Fix | Delete

$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(

[1019] Fix | Delete

64,

[1020] Fix | Delete

ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),

[1021] Fix | Delete

$subkey

[1022] Fix | Delete

);

[1023] Fix | Delete

[1024] Fix | Delete

/* Verify the Poly1305 MAC -before- attempting to decrypt! */

[1025] Fix | Delete

$state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));

[1026] Fix | Delete

if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {

[1027] Fix | Delete

throw new SodiumException('Invalid MAC');

[1028] Fix | Delete

}

[1029] Fix | Delete

[1030] Fix | Delete

[1031] Fix | Delete

* Set the cursor to the end of the first half-block. All future bytes will

[1032] Fix | Delete

* generated from salsa20_xor_ic, starting from 1 (second block).

[1033] Fix | Delete

[1034] Fix | Delete

$first32 = fread($ifp, 32);

[1035] Fix | Delete

if (!is_string($first32)) {

[1036] Fix | Delete

throw new SodiumException('Could not read input file');

[1037] Fix | Delete

}

[1038] Fix | Delete

$first32len = self::strlen($first32);

[1039] Fix | Delete

fwrite(

[1040] Fix | Delete

$ofp,

[1041] Fix | Delete

self::xorStrings(

[1042] Fix | Delete

self::substr($block0, 32, $first32len),

[1043] Fix | Delete

self::substr($first32, 0, $first32len)

[1044] Fix | Delete

)

[1045] Fix | Delete

);

[1046] Fix | Delete

$mlen -= 32;

[1047] Fix | Delete

[1048] Fix | Delete

/** @var int $iter */

[1049] Fix | Delete

$iter = 1;

[1050] Fix | Delete

[1051] Fix | Delete

/** @var int $incr */

[1052] Fix | Delete

$incr = self::BUFFER_SIZE >> 6;

[1053] Fix | Delete

[1054] Fix | Delete

/* Decrypts ciphertext, writes to output file. */

[1055] Fix | Delete

while ($mlen > 0) {

[1056] Fix | Delete

$blockSize = $mlen > self::BUFFER_SIZE

[1057] Fix | Delete

? self::BUFFER_SIZE

[1058] Fix | Delete

: $mlen;

[1059] Fix | Delete

$ciphertext = fread($ifp, $blockSize);

[1060] Fix | Delete

if (!is_string($ciphertext)) {

[1061] Fix | Delete

throw new SodiumException('Could not read input file');

[1062] Fix | Delete

}

[1063] Fix | Delete

$pBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(

[1064] Fix | Delete

$ciphertext,

[1065] Fix | Delete

$realNonce,

[1066] Fix | Delete

$iter,

[1067] Fix | Delete

$subkey

[1068] Fix | Delete

);

[1069] Fix | Delete

fwrite($ofp, $pBlock, $blockSize);

[1070] Fix | Delete

$mlen -= $blockSize;

[1071] Fix | Delete

$iter += $incr;

[1072] Fix | Delete

}

[1073] Fix | Delete

return true;

[1074] Fix | Delete

}

[1075] Fix | Delete

[1076] Fix | Delete

/**

[1077] Fix | Delete

* @param ParagonIE_Sodium_Core_Poly1305_State $state

[1078] Fix | Delete

* @param resource $ifp

[1079] Fix | Delete

* @param string $tag

[1080] Fix | Delete

* @param int $mlen

[1081] Fix | Delete

* @return bool

[1082] Fix | Delete

* @throws SodiumException

[1083] Fix | Delete

* @throws TypeError

[1084] Fix | Delete

[1085] Fix | Delete

protected static function onetimeauth_verify(

[1086] Fix | Delete

ParagonIE_Sodium_Core_Poly1305_State $state,

[1087] Fix | Delete

$ifp,

[1088] Fix | Delete

$tag = '',

[1089] Fix | Delete

$mlen = 0

[1090] Fix | Delete

) {

[1091] Fix | Delete

/** @var int $pos */

[1092] Fix | Delete

$pos = self::ftell($ifp);

[1093] Fix | Delete

[1094] Fix | Delete

/** @var int $iter */

[1095] Fix | Delete

$iter = 1;

[1096] Fix | Delete

[1097] Fix | Delete

/** @var int $incr */

[1098] Fix | Delete

$incr = self::BUFFER_SIZE >> 6;

[1099] Fix | Delete

[1100] Fix | Delete

while ($mlen > 0) {

[1101] Fix | Delete

$blockSize = $mlen > self::BUFFER_SIZE

[1102] Fix | Delete

? self::BUFFER_SIZE

[1103] Fix | Delete

: $mlen;

[1104] Fix | Delete

$ciphertext = fread($ifp, $blockSize);

[1105] Fix | Delete

if (!is_string($ciphertext)) {

[1106] Fix | Delete

throw new SodiumException('Could not read input file');

[1107] Fix | Delete

}

[1108] Fix | Delete

$state->update($ciphertext);

[1109] Fix | Delete

$mlen -= $blockSize;

[1110] Fix | Delete

$iter += $incr;

[1111] Fix | Delete

}

[1112] Fix | Delete

$res = ParagonIE_Sodium_Core_Util::verify_16($tag, $state->finish());

[1113] Fix | Delete

[1114] Fix | Delete

fseek($ifp, $pos, SEEK_SET);

[1115] Fix | Delete

return $res;

[1116] Fix | Delete

}

[1117] Fix | Delete

[1118] Fix | Delete

/**

[1119] Fix | Delete

* Update a hash context with the contents of a file, without

[1120] Fix | Delete

* loading the entire file into memory.

[1121] Fix | Delete

[1122] Fix | Delete

* @param resource|HashContext $hash

[1123] Fix | Delete

* @param resource $fp

[1124] Fix | Delete

* @param int $size

[1125] Fix | Delete

* @return resource|object Resource on PHP < 7.2, HashContext object on PHP >= 7.2

[1126] Fix | Delete

* @throws SodiumException

[1127] Fix | Delete

* @throws TypeError

[1128] Fix | Delete

* @psalm-suppress PossiblyInvalidArgument

[1129] Fix | Delete

* PHP 7.2 changes from a resource to an object,

[1130] Fix | Delete

* which causes Psalm to complain about an error.

[1131] Fix | Delete

* @psalm-suppress TypeCoercion

[1132] Fix | Delete

* Ditto.

[1133] Fix | Delete

[1134] Fix | Delete

public static function updateHashWithFile($hash, $fp, $size = 0)

[1135] Fix | Delete

{

[1136] Fix | Delete

/* Type checks: */

[1137] Fix | Delete

if (PHP_VERSION_ID < 70200) {

[1138] Fix | Delete

if (!is_resource($hash)) {

[1139] Fix | Delete

throw new TypeError('Argument 1 must be a resource, ' . gettype($hash) . ' given.');

[1140] Fix | Delete

}

[1141] Fix | Delete

} else {

[1142] Fix | Delete

if (!is_object($hash)) {

[1143] Fix | Delete

throw new TypeError('Argument 1 must be an object (PHP 7.2+), ' . gettype($hash) . ' given.');

[1144] Fix | Delete

}

[1145] Fix | Delete

}

[1146] Fix | Delete

[1147] Fix | Delete

if (!is_resource($fp)) {

[1148] Fix | Delete

throw new TypeError('Argument 2 must be a resource, ' . gettype($fp) . ' given.');

[1149] Fix | Delete

}

[1150] Fix | Delete

if (!is_int($size)) {

[1151] Fix | Delete

throw new TypeError('Argument 3 must be an integer, ' . gettype($size) . ' given.');

[1152] Fix | Delete

}

[1153] Fix | Delete

[1154] Fix | Delete

/** @var int $originalPosition */

[1155] Fix | Delete

$originalPosition = self::ftell($fp);

[1156] Fix | Delete

[1157] Fix | Delete

// Move file pointer to beginning of file

[1158] Fix | Delete

fseek($fp, 0, SEEK_SET);

[1159] Fix | Delete

for ($i = 0; $i < $size; $i += self::BUFFER_SIZE) {

[1160] Fix | Delete

/** @var string|bool $message */

[1161] Fix | Delete

$message = fread(

[1162] Fix | Delete

$fp,

[1163] Fix | Delete

($size - $i) > self::BUFFER_SIZE

[1164] Fix | Delete

? $size - $i

[1165] Fix | Delete

: self::BUFFER_SIZE

[1166] Fix | Delete

);

[1167] Fix | Delete

if (!is_string($message)) {

[1168] Fix | Delete

throw new SodiumException('Unexpected error reading from file.');

[1169] Fix | Delete

}

[1170] Fix | Delete

/** @var string $message */

[1171] Fix | Delete

/** @psalm-suppress InvalidArgument */

[1172] Fix | Delete

self::hash_update($hash, $message);

[1173] Fix | Delete

}

[1174] Fix | Delete

// Reset file pointer's position

[1175] Fix | Delete

fseek($fp, $originalPosition, SEEK_SET);

[1176] Fix | Delete

return $hash;

[1177] Fix | Delete

}

[1178] Fix | Delete

[1179] Fix | Delete

/**

[1180] Fix | Delete

* Sign a file (rather than a string). Uses less memory than

[1181] Fix | Delete

* ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces

[1182] Fix | Delete

* the same result. (32-bit)

[1183] Fix | Delete

[1184] Fix | Delete

* @param string $filePath Absolute path to a file on the filesystem

[1185] Fix | Delete

* @param string $secretKey Secret signing key

[1186] Fix | Delete

[1187] Fix | Delete

* @return string Ed25519 signature

[1188] Fix | Delete

* @throws SodiumException

[1189] Fix | Delete

* @throws TypeError

[1190] Fix | Delete

[1191] Fix | Delete

private static function sign_core32($filePath, $secretKey)

[1192] Fix | Delete

{

[1193] Fix | Delete

$size = filesize($filePath);

[1194] Fix | Delete

if (!is_int($size)) {

[1195] Fix | Delete

throw new SodiumException('Could not obtain the file size');

[1196] Fix | Delete

}

[1197] Fix | Delete

[1198] Fix | Delete

$fp = fopen($filePath, 'rb');

[1199] Fix | Delete

if (!is_resource($fp)) {

[1200] Fix | Delete

throw new SodiumException('Could not open input file for reading');

[1201] Fix | Delete

}

[1202] Fix | Delete

[1203] Fix | Delete

/** @var string $az */

[1204] Fix | Delete

$az = hash('sha512', self::substr($secretKey, 0, 32), true);

[1205] Fix | Delete

[1206] Fix | Delete

$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);

[1207] Fix | Delete

$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);

[1208] Fix | Delete

[1209] Fix | Delete

$hs = hash_init('sha512');

[1210] Fix | Delete

self::hash_update($hs, self::substr($az, 32, 32));

[1211] Fix | Delete

/** @var resource $hs */

[1212] Fix | Delete

$hs = self::updateHashWithFile($hs, $fp, $size);

[1213] Fix | Delete

[1214] Fix | Delete

$nonceHash = hash_final($hs, true);

[1215] Fix | Delete

$pk = self::substr($secretKey, 32, 32);

[1216] Fix | Delete

$nonce = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);

[1217] Fix | Delete

$sig = ParagonIE_Sodium_Core32_Ed25519::ge_p3_tobytes(

[1218] Fix | Delete

ParagonIE_Sodium_Core32_Ed25519::ge_scalarmult_base($nonce)

[1219] Fix | Delete

);

[1220] Fix | Delete

[1221] Fix | Delete

$hs = hash_init('sha512');

[1222] Fix | Delete

self::hash_update($hs, self::substr($sig, 0, 32));

[1223] Fix | Delete

self::hash_update($hs, self::substr($pk, 0, 32));

[1224] Fix | Delete

/** @var resource $hs */

[1225] Fix | Delete

$hs = self::updateHashWithFile($hs, $fp, $size);

[1226] Fix | Delete

[1227] Fix | Delete

$hramHash = hash_final($hs, true);

[1228] Fix | Delete

[1229] Fix | Delete

$hram = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hramHash);

[1230] Fix | Delete

[1231] Fix | Delete

$sigAfter = ParagonIE_Sodium_Core32_Ed25519::sc_muladd($hram, $az, $nonce);

[1232] Fix | Delete

[1233] Fix | Delete

/** @var string $sig */

[1234] Fix | Delete

$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);

[1235] Fix | Delete

[1236] Fix | Delete

try {

[1237] Fix | Delete

ParagonIE_Sodium_Compat::memzero($az);

[1238] Fix | Delete

} catch (SodiumException $ex) {

[1239] Fix | Delete

$az = null;

[1240] Fix | Delete

}

[1241] Fix | Delete

fclose($fp);

[1242] Fix | Delete

return $sig;

[1243] Fix | Delete

}

[1244] Fix | Delete

[1245] Fix | Delete

/**

[1246] Fix | Delete

[1247] Fix | Delete

* Verify a file (rather than a string). Uses less memory than

[1248] Fix | Delete

* ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but

[1249] Fix | Delete

* produces the same result. (32-bit)

[1250] Fix | Delete

[1251] Fix | Delete

* @param string $sig Ed25519 signature

[1252] Fix | Delete

* @param string $filePath Absolute path to a file on the filesystem

[1253] Fix | Delete

* @param string $publicKey Signing public key

[1254] Fix | Delete

[1255] Fix | Delete

* @return bool

[1256] Fix | Delete

* @throws SodiumException

[1257] Fix | Delete

* @throws Exception

[1258] Fix | Delete

[1259] Fix | Delete

public static function verify_core32($sig, $filePath, $publicKey)

[1260] Fix | Delete

{

[1261] Fix | Delete

/* Security checks */

[1262] Fix | Delete

if (ParagonIE_Sodium_Core32_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))) {

[1263] Fix | Delete

throw new SodiumException('S < L - Invalid signature');

[1264] Fix | Delete

}

[1265] Fix | Delete

if (ParagonIE_Sodium_Core32_Ed25519::small_order($sig)) {

[1266] Fix | Delete

throw new SodiumException('Signature is on too small of an order');

[1267] Fix | Delete

}

[1268] Fix | Delete

[1269] Fix | Delete

if ((self::chrToInt($sig[63]) & 224) !== 0) {

[1270] Fix | Delete

throw new SodiumException('Invalid signature');

[1271] Fix | Delete

}

[1272] Fix | Delete

$d = 0;

[1273] Fix | Delete

for ($i = 0; $i < 32; ++$i) {

[1274] Fix | Delete

$d |= self::chrToInt($publicKey[$i]);

[1275] Fix | Delete

}

[1276] Fix | Delete

if ($d === 0) {

[1277] Fix | Delete

throw new SodiumException('All zero public key');

[1278] Fix | Delete

}

[1279] Fix | Delete

[1280] Fix | Delete

/** @var int|bool $size */

[1281] Fix | Delete

$size = filesize($filePath);

[1282] Fix | Delete

if (!is_int($size)) {

[1283] Fix | Delete

throw new SodiumException('Could not obtain the file size');

[1284] Fix | Delete

}

[1285] Fix | Delete

/** @var int $size */

[1286] Fix | Delete

[1287] Fix | Delete

/** @var resource|bool $fp */

[1288] Fix | Delete

$fp = fopen($filePath, 'rb');

[1289] Fix | Delete

if (!is_resource($fp)) {

[1290] Fix | Delete

throw new SodiumException('Could not open input file for reading');

[1291] Fix | Delete

}

[1292] Fix | Delete

/** @var resource $fp */

[1293] Fix | Delete

[1294] Fix | Delete

/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */

[1295] Fix | Delete

$orig = ParagonIE_Sodium_Compat::$fastMult;

[1296] Fix | Delete

[1297] Fix | Delete

// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.

[1298] Fix | Delete

ParagonIE_Sodium_Compat::$fastMult = true;

[1299] Fix | Delete

[1300] Fix | Delete

/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A */

[1301] Fix | Delete

$A = ParagonIE_Sodium_Core32_Ed25519::ge_frombytes_negate_vartime($publicKey);

[1302] Fix | Delete

[1303] Fix | Delete

$hs = hash_init('sha512');

[1304] Fix | Delete

self::hash_update($hs, self::substr($sig, 0, 32));

[1305] Fix | Delete

self::hash_update($hs, self::substr($publicKey, 0, 32));

[1306] Fix | Delete

/** @var resource $hs */

[1307] Fix | Delete

$hs = self::updateHashWithFile($hs, $fp, $size);

[1308] Fix | Delete

/** @var string $hDigest */

[1309] Fix | Delete

$hDigest = hash_final($hs, true);

[1310] Fix | Delete

[1311] Fix | Delete

/** @var string $h */

[1312] Fix | Delete

$h = ParagonIE_Sodium_Core32_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);

[1313] Fix | Delete

[1314] Fix | Delete

/** @var ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $R */

[1315] Fix | Delete

$R = ParagonIE_Sodium_Core32_Ed25519::ge_double_scalarmult_vartime(

[1316] Fix | Delete

$h,

[1317] Fix | Delete

$A,

[1318] Fix | Delete

self::substr($sig, 32)

[1319] Fix | Delete

);

[1320] Fix | Delete

[1321] Fix | Delete

/** @var string $rcheck */

[1322] Fix | Delete

$rcheck = ParagonIE_Sodium_Core32_Ed25519::ge_tobytes($R);

[1323] Fix | Delete

[1324] Fix | Delete

// Close the file handle

[1325] Fix | Delete

fclose($fp);

[1326] Fix | Delete

[1327] Fix | Delete

// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.

[1328] Fix | Delete

ParagonIE_Sodium_Compat::$fastMult = $orig;

[1329] Fix | Delete

return self::verify_32($rcheck, self::substr($sig, 0, 32));

[1330] Fix | Delete

}

[1331] Fix | Delete

[1332] Fix | Delete

/**

[1333] Fix | Delete

* Encrypt a file (32-bit)

[1334] Fix | Delete

[1335] Fix | Delete

* @param resource $ifp

[1336] Fix | Delete

* @param resource $ofp

[1337] Fix | Delete

* @param int $mlen

[1338] Fix | Delete

* @param string $nonce

[1339] Fix | Delete

* @param string $key

[1340] Fix | Delete

* @return bool

[1341] Fix | Delete

* @throws SodiumException

[1342] Fix | Delete

* @throws TypeError

[1343] Fix | Delete

[1344] Fix | Delete

protected static function secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key)

[1345] Fix | Delete

{

[1346] Fix | Delete

$plaintext = fread($ifp, 32);

[1347] Fix | Delete

if (!is_string($plaintext)) {

[1348] Fix | Delete

throw new SodiumException('Could not read input file');

[1349] Fix | Delete

}

[1350] Fix | Delete

$first32 = self::ftell($ifp);

[1351] Fix | Delete

[1352] Fix | Delete

/** @var string $subkey */

[1353] Fix | Delete

$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);

[1354] Fix | Delete

[1355] Fix | Delete

/** @var string $realNonce */

[1356] Fix | Delete

$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);

[1357] Fix | Delete

[1358] Fix | Delete

/** @var string $block0 */

[1359] Fix | Delete

$block0 = str_repeat("\x00", 32);

[1360] Fix | Delete

[1361] Fix | Delete

/** @var int $mlen - Length of the plaintext message */

[1362] Fix | Delete

$mlen0 = $mlen;

[1363] Fix | Delete

if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {

[1364] Fix | Delete

$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;

[1365] Fix | Delete

}

[1366] Fix | Delete

$block0 .= ParagonIE_Sodium_Core32_Util::substr($plaintext, 0, $mlen0);

[1367] Fix | Delete

[1368] Fix | Delete

/** @var string $block0 */

[1369] Fix | Delete

$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor(

[1370] Fix | Delete

$block0,

[1371] Fix | Delete

$realNonce,

[1372] Fix | Delete

$subkey

[1373] Fix | Delete

);

[1374] Fix | Delete

[1375] Fix | Delete

$state = new ParagonIE_Sodium_Core32_Poly1305_State(

[1376] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr(

[1377] Fix | Delete

$block0,

[1378] Fix | Delete

[1379] Fix | Delete

ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES

[1380] Fix | Delete

)

[1381] Fix | Delete

);

[1382] Fix | Delete

[1383] Fix | Delete

// Pre-write 16 blank bytes for the Poly1305 tag

[1384] Fix | Delete

$start = self::ftell($ofp);

[1385] Fix | Delete

fwrite($ofp, str_repeat("\x00", 16));

[1386] Fix | Delete

[1387] Fix | Delete

/** @var string $c */

[1388] Fix | Delete

$cBlock = ParagonIE_Sodium_Core32_Util::substr(

[1389] Fix | Delete

$block0,

[1390] Fix | Delete

ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES

[1391] Fix | Delete

);

[1392] Fix | Delete

$state->update($cBlock);

[1393] Fix | Delete

fwrite($ofp, $cBlock);

[1394] Fix | Delete

$mlen -= 32;

[1395] Fix | Delete

[1396] Fix | Delete

/** @var int $iter */

[1397] Fix | Delete

$iter = 1;

[1398] Fix | Delete

[1399] Fix | Delete

/** @var int $incr */

[1400] Fix | Delete

$incr = self::BUFFER_SIZE >> 6;

[1401] Fix | Delete

[1402] Fix | Delete

[1403] Fix | Delete

* Set the cursor to the end of the first half-block. All future bytes will

[1404] Fix | Delete

* generated from salsa20_xor_ic, starting from 1 (second block).

[1405] Fix | Delete

[1406] Fix | Delete

fseek($ifp, $first32, SEEK_SET);

[1407] Fix | Delete

[1408] Fix | Delete

while ($mlen > 0) {

[1409] Fix | Delete

$blockSize = $mlen > self::BUFFER_SIZE

[1410] Fix | Delete

? self::BUFFER_SIZE

[1411] Fix | Delete

: $mlen;

[1412] Fix | Delete

$plaintext = fread($ifp, $blockSize);

[1413] Fix | Delete

if (!is_string($plaintext)) {

[1414] Fix | Delete

throw new SodiumException('Could not read input file');

[1415] Fix | Delete

}

[1416] Fix | Delete

$cBlock = ParagonIE_Sodium_Core32_Salsa20::salsa20_xor_ic(

[1417] Fix | Delete

$plaintext,

[1418] Fix | Delete

$realNonce,

[1419] Fix | Delete

$iter,

[1420] Fix | Delete

$subkey

[1421] Fix | Delete

);

[1422] Fix | Delete

fwrite($ofp, $cBlock, $blockSize);

[1423] Fix | Delete

$state->update($cBlock);

[1424] Fix | Delete

[1425] Fix | Delete

$mlen -= $blockSize;

[1426] Fix | Delete

$iter += $incr;

[1427] Fix | Delete

}

[1428] Fix | Delete

try {

[1429] Fix | Delete

ParagonIE_Sodium_Compat::memzero($block0);

[1430] Fix | Delete

ParagonIE_Sodium_Compat::memzero($subkey);

[1431] Fix | Delete

} catch (SodiumException $ex) {

[1432] Fix | Delete

$block0 = null;

[1433] Fix | Delete

$subkey = null;

[1434] Fix | Delete

}

[1435] Fix | Delete

$end = self::ftell($ofp);

[1436] Fix | Delete

[1437] Fix | Delete

[1438] Fix | Delete

* Write the Poly1305 authentication tag that provides integrity

[1439] Fix | Delete

* over the ciphertext (encrypt-then-MAC)

[1440] Fix | Delete

[1441] Fix | Delete

fseek($ofp, $start, SEEK_SET);

[1442] Fix | Delete

fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);

[1443] Fix | Delete

fseek($ofp, $end, SEEK_SET);

[1444] Fix | Delete

unset($state);

[1445] Fix | Delete

[1446] Fix | Delete

return true;

[1447] Fix | Delete

}

[1448] Fix | Delete

[1449] Fix | Delete

/**

[1450] Fix | Delete

* Decrypt a file (32-bit)

[1451] Fix | Delete

[1452] Fix | Delete

* @param resource $ifp

[1453] Fix | Delete

* @param resource $ofp

[1454] Fix | Delete

* @param int $mlen

[1455] Fix | Delete

* @param string $nonce

[1456] Fix | Delete

* @param string $key

[1457] Fix | Delete

* @return bool

[1458] Fix | Delete

* @throws SodiumException

[1459] Fix | Delete

* @throws TypeError

[1460] Fix | Delete

[1461] Fix | Delete

protected static function secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key)

[1462] Fix | Delete

{

[1463] Fix | Delete

$tag = fread($ifp, 16);

[1464] Fix | Delete

if (!is_string($tag)) {

[1465] Fix | Delete

throw new SodiumException('Could not read input file');

[1466] Fix | Delete

}

[1467] Fix | Delete

[1468] Fix | Delete

/** @var string $subkey */

[1469] Fix | Delete

$subkey = ParagonIE_Sodium_Core32_HSalsa20::hsalsa20($nonce, $key);

[1470] Fix | Delete

[1471] Fix | Delete

/** @var string $realNonce */

[1472] Fix | Delete

$realNonce = ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8);

[1473] Fix | Delete

[1474] Fix | Delete

/** @var string $block0 */

[1475] Fix | Delete

$block0 = ParagonIE_Sodium_Core32_Salsa20::salsa20(

[1476] Fix | Delete

64,

[1477] Fix | Delete

ParagonIE_Sodium_Core32_Util::substr($nonce, 16, 8),

[1478] Fix | Delete

$subkey

[1479] Fix | Delete

);

[1480] Fix | Delete

[1481] Fix | Delete

/* Verify the Poly1305 MAC -before- attempting to decrypt! */

[1482] Fix | Delete

$state = new ParagonIE_Sodium_Core32_Poly1305_State(self::substr($block0, 0, 32));

[1483] Fix | Delete

if (!self::onetimeauth_verify_core32($state, $ifp, $tag, $mlen)) {

[1484] Fix | Delete

throw new SodiumException('Invalid MAC');

[1485] Fix | Delete

}

[1486] Fix | Delete

[1487] Fix | Delete

[1488] Fix | Delete

* Set the cursor to the end of the first half-block. All future bytes will

[1489] Fix | Delete

* generated from salsa20_xor_ic, starting from 1 (second block).

[1490] Fix | Delete

[1491] Fix | Delete

$first32 = fread($ifp, 32);

[1492] Fix | Delete

if (!is_string($first32)) {

[1493] Fix | Delete

throw new SodiumException('Could not read input file');

[1494] Fix | Delete

}

[1495] Fix | Delete

$first32len = self::strlen($first32);

[1496] Fix | Delete

fwrite(

[1497] Fix | Delete

$ofp,

[1498] Fix | Delete

self::xorStrings(

[1499] Fix | Delete

1 234