Edit File by line

}

[500] Fix | Delete

if (!is_string($outputFile)) {

[501] Fix | Delete

throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');

[502] Fix | Delete

}

[503] Fix | Delete

if (!is_string($nonce)) {

[504] Fix | Delete

throw new TypeError('Argument 3 must be a string, ' . gettype($nonce) . ' given.');

[505] Fix | Delete

}

[506] Fix | Delete

if (!is_string($key)) {

[507] Fix | Delete

throw new TypeError('Argument 4 must be a string, ' . gettype($key) . ' given.');

[508] Fix | Delete

}

[509] Fix | Delete

[510] Fix | Delete

/* Input validation: */

[511] Fix | Delete

if (self::strlen($nonce) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_NONCEBYTES) {

[512] Fix | Delete

throw new TypeError('Argument 4 must be CRYPTO_SECRETBOX_NONCEBYTES bytes');

[513] Fix | Delete

}

[514] Fix | Delete

if (self::strlen($key) !== ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_KEYBYTES) {

[515] Fix | Delete

throw new TypeError('Argument 4 must be CRYPTO_SECRETBOXBOX_KEYBYTES bytes');

[516] Fix | Delete

}

[517] Fix | Delete

[518] Fix | Delete

/** @var int $size */

[519] Fix | Delete

$size = filesize($inputFile);

[520] Fix | Delete

if (!is_int($size)) {

[521] Fix | Delete

throw new SodiumException('Could not obtain the file size');

[522] Fix | Delete

}

[523] Fix | Delete

[524] Fix | Delete

/** @var resource $ifp */

[525] Fix | Delete

$ifp = fopen($inputFile, 'rb');

[526] Fix | Delete

if (!is_resource($ifp)) {

[527] Fix | Delete

throw new SodiumException('Could not open input file for reading');

[528] Fix | Delete

}

[529] Fix | Delete

[530] Fix | Delete

/** @var resource $ofp */

[531] Fix | Delete

$ofp = fopen($outputFile, 'wb');

[532] Fix | Delete

if (!is_resource($ofp)) {

[533] Fix | Delete

fclose($ifp);

[534] Fix | Delete

throw new SodiumException('Could not open output file for writing');

[535] Fix | Delete

}

[536] Fix | Delete

[537] Fix | Delete

$res = self::secretbox_decrypt($ifp, $ofp, $size, $nonce, $key);

[538] Fix | Delete

fclose($ifp);

[539] Fix | Delete

fclose($ofp);

[540] Fix | Delete

try {

[541] Fix | Delete

ParagonIE_Sodium_Compat::memzero($key);

[542] Fix | Delete

} catch (SodiumException $ex) {

[543] Fix | Delete

/** @psalm-suppress PossiblyUndefinedVariable */

[544] Fix | Delete

unset($key);

[545] Fix | Delete

}

[546] Fix | Delete

return $res;

[547] Fix | Delete

}

[548] Fix | Delete

[549] Fix | Delete

/**

[550] Fix | Delete

* Sign a file (rather than a string). Uses less memory than

[551] Fix | Delete

* ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces

[552] Fix | Delete

* the same result.

[553] Fix | Delete

[554] Fix | Delete

* @param string $filePath Absolute path to a file on the filesystem

[555] Fix | Delete

* @param string $secretKey Secret signing key

[556] Fix | Delete

[557] Fix | Delete

* @return string Ed25519 signature

[558] Fix | Delete

* @throws SodiumException

[559] Fix | Delete

* @throws TypeError

[560] Fix | Delete

[561] Fix | Delete

public static function sign($filePath, $secretKey)

[562] Fix | Delete

{

[563] Fix | Delete

/* Type checks: */

[564] Fix | Delete

if (!is_string($filePath)) {

[565] Fix | Delete

throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');

[566] Fix | Delete

}

[567] Fix | Delete

if (!is_string($secretKey)) {

[568] Fix | Delete

throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');

[569] Fix | Delete

}

[570] Fix | Delete

[571] Fix | Delete

/* Input validation: */

[572] Fix | Delete

if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {

[573] Fix | Delete

throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');

[574] Fix | Delete

}

[575] Fix | Delete

if (PHP_INT_SIZE === 4) {

[576] Fix | Delete

return self::sign_core32($filePath, $secretKey);

[577] Fix | Delete

}

[578] Fix | Delete

[579] Fix | Delete

/** @var int $size */

[580] Fix | Delete

$size = filesize($filePath);

[581] Fix | Delete

if (!is_int($size)) {

[582] Fix | Delete

throw new SodiumException('Could not obtain the file size');

[583] Fix | Delete

}

[584] Fix | Delete

[585] Fix | Delete

/** @var resource $fp */

[586] Fix | Delete

$fp = fopen($filePath, 'rb');

[587] Fix | Delete

if (!is_resource($fp)) {

[588] Fix | Delete

throw new SodiumException('Could not open input file for reading');

[589] Fix | Delete

}

[590] Fix | Delete

[591] Fix | Delete

/** @var string $az */

[592] Fix | Delete

$az = hash('sha512', self::substr($secretKey, 0, 32), true);

[593] Fix | Delete

[594] Fix | Delete

$az[0] = self::intToChr(self::chrToInt($az[0]) & 248);

[595] Fix | Delete

$az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);

[596] Fix | Delete

[597] Fix | Delete

$hs = hash_init('sha512');

[598] Fix | Delete

self::hash_update($hs, self::substr($az, 32, 32));

[599] Fix | Delete

/** @var resource $hs */

[600] Fix | Delete

$hs = self::updateHashWithFile($hs, $fp, $size);

[601] Fix | Delete

[602] Fix | Delete

/** @var string $nonceHash */

[603] Fix | Delete

$nonceHash = hash_final($hs, true);

[604] Fix | Delete

[605] Fix | Delete

/** @var string $pk */

[606] Fix | Delete

$pk = self::substr($secretKey, 32, 32);

[607] Fix | Delete

[608] Fix | Delete

/** @var string $nonce */

[609] Fix | Delete

$nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);

[610] Fix | Delete

[611] Fix | Delete

/** @var string $sig */

[612] Fix | Delete

$sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(

[613] Fix | Delete

ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)

[614] Fix | Delete

);

[615] Fix | Delete

[616] Fix | Delete

$hs = hash_init('sha512');

[617] Fix | Delete

self::hash_update($hs, self::substr($sig, 0, 32));

[618] Fix | Delete

self::hash_update($hs, self::substr($pk, 0, 32));

[619] Fix | Delete

/** @var resource $hs */

[620] Fix | Delete

$hs = self::updateHashWithFile($hs, $fp, $size);

[621] Fix | Delete

[622] Fix | Delete

/** @var string $hramHash */

[623] Fix | Delete

$hramHash = hash_final($hs, true);

[624] Fix | Delete

[625] Fix | Delete

/** @var string $hram */

[626] Fix | Delete

$hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);

[627] Fix | Delete

[628] Fix | Delete

/** @var string $sigAfter */

[629] Fix | Delete

$sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);

[630] Fix | Delete

[631] Fix | Delete

/** @var string $sig */

[632] Fix | Delete

$sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);

[633] Fix | Delete

[634] Fix | Delete

try {

[635] Fix | Delete

ParagonIE_Sodium_Compat::memzero($az);

[636] Fix | Delete

} catch (SodiumException $ex) {

[637] Fix | Delete

$az = null;

[638] Fix | Delete

}

[639] Fix | Delete

fclose($fp);

[640] Fix | Delete

return $sig;

[641] Fix | Delete

}

[642] Fix | Delete

[643] Fix | Delete

/**

[644] Fix | Delete

* Verify a file (rather than a string). Uses less memory than

[645] Fix | Delete

* ParagonIE_Sodium_Compat::crypto_sign_verify_detached(), but

[646] Fix | Delete

* produces the same result.

[647] Fix | Delete

[648] Fix | Delete

* @param string $sig Ed25519 signature

[649] Fix | Delete

* @param string $filePath Absolute path to a file on the filesystem

[650] Fix | Delete

* @param string $publicKey Signing public key

[651] Fix | Delete

[652] Fix | Delete

* @return bool

[653] Fix | Delete

* @throws SodiumException

[654] Fix | Delete

* @throws TypeError

[655] Fix | Delete

* @throws Exception

[656] Fix | Delete

[657] Fix | Delete

public static function verify($sig, $filePath, $publicKey)

[658] Fix | Delete

{

[659] Fix | Delete

/* Type checks: */

[660] Fix | Delete

if (!is_string($sig)) {

[661] Fix | Delete

throw new TypeError('Argument 1 must be a string, ' . gettype($sig) . ' given.');

[662] Fix | Delete

}

[663] Fix | Delete

if (!is_string($filePath)) {

[664] Fix | Delete

throw new TypeError('Argument 2 must be a string, ' . gettype($filePath) . ' given.');

[665] Fix | Delete

}

[666] Fix | Delete

if (!is_string($publicKey)) {

[667] Fix | Delete

throw new TypeError('Argument 3 must be a string, ' . gettype($publicKey) . ' given.');

[668] Fix | Delete

}

[669] Fix | Delete

[670] Fix | Delete

/* Input validation: */

[671] Fix | Delete

if (self::strlen($sig) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_BYTES) {

[672] Fix | Delete

throw new TypeError('Argument 1 must be CRYPTO_SIGN_BYTES bytes');

[673] Fix | Delete

}

[674] Fix | Delete

if (self::strlen($publicKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_PUBLICKEYBYTES) {

[675] Fix | Delete

throw new TypeError('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES bytes');

[676] Fix | Delete

}

[677] Fix | Delete

if (self::strlen($sig) < 64) {

[678] Fix | Delete

throw new SodiumException('Signature is too short');

[679] Fix | Delete

}

[680] Fix | Delete

[681] Fix | Delete

if (PHP_INT_SIZE === 4) {

[682] Fix | Delete

return self::verify_core32($sig, $filePath, $publicKey);

[683] Fix | Delete

}

[684] Fix | Delete

[685] Fix | Delete

/* Security checks */

[686] Fix | Delete

if (

[687] Fix | Delete

(ParagonIE_Sodium_Core_Ed25519::chrToInt($sig[63]) & 240)

[688] Fix | Delete

[689] Fix | Delete

ParagonIE_Sodium_Core_Ed25519::check_S_lt_L(self::substr($sig, 32, 32))

[690] Fix | Delete

) {

[691] Fix | Delete

throw new SodiumException('S < L - Invalid signature');

[692] Fix | Delete

}

[693] Fix | Delete

if (ParagonIE_Sodium_Core_Ed25519::small_order($sig)) {

[694] Fix | Delete

throw new SodiumException('Signature is on too small of an order');

[695] Fix | Delete

}

[696] Fix | Delete

if ((self::chrToInt($sig[63]) & 224) !== 0) {

[697] Fix | Delete

throw new SodiumException('Invalid signature');

[698] Fix | Delete

}

[699] Fix | Delete

$d = 0;

[700] Fix | Delete

for ($i = 0; $i < 32; ++$i) {

[701] Fix | Delete

$d |= self::chrToInt($publicKey[$i]);

[702] Fix | Delete

}

[703] Fix | Delete

if ($d === 0) {

[704] Fix | Delete

throw new SodiumException('All zero public key');

[705] Fix | Delete

}

[706] Fix | Delete

[707] Fix | Delete

/** @var int $size */

[708] Fix | Delete

$size = filesize($filePath);

[709] Fix | Delete

if (!is_int($size)) {

[710] Fix | Delete

throw new SodiumException('Could not obtain the file size');

[711] Fix | Delete

}

[712] Fix | Delete

[713] Fix | Delete

/** @var resource $fp */

[714] Fix | Delete

$fp = fopen($filePath, 'rb');

[715] Fix | Delete

if (!is_resource($fp)) {

[716] Fix | Delete

throw new SodiumException('Could not open input file for reading');

[717] Fix | Delete

}

[718] Fix | Delete

[719] Fix | Delete

/** @var bool The original value of ParagonIE_Sodium_Compat::$fastMult */

[720] Fix | Delete

$orig = ParagonIE_Sodium_Compat::$fastMult;

[721] Fix | Delete

[722] Fix | Delete

// Set ParagonIE_Sodium_Compat::$fastMult to true to speed up verification.

[723] Fix | Delete

ParagonIE_Sodium_Compat::$fastMult = true;

[724] Fix | Delete

[725] Fix | Delete

/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A */

[726] Fix | Delete

$A = ParagonIE_Sodium_Core_Ed25519::ge_frombytes_negate_vartime($publicKey);

[727] Fix | Delete

[728] Fix | Delete

$hs = hash_init('sha512');

[729] Fix | Delete

self::hash_update($hs, self::substr($sig, 0, 32));

[730] Fix | Delete

self::hash_update($hs, self::substr($publicKey, 0, 32));

[731] Fix | Delete

/** @var resource $hs */

[732] Fix | Delete

$hs = self::updateHashWithFile($hs, $fp, $size);

[733] Fix | Delete

/** @var string $hDigest */

[734] Fix | Delete

$hDigest = hash_final($hs, true);

[735] Fix | Delete

[736] Fix | Delete

/** @var string $h */

[737] Fix | Delete

$h = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hDigest) . self::substr($hDigest, 32);

[738] Fix | Delete

[739] Fix | Delete

/** @var ParagonIE_Sodium_Core_Curve25519_Ge_P2 $R */

[740] Fix | Delete

$R = ParagonIE_Sodium_Core_Ed25519::ge_double_scalarmult_vartime(

[741] Fix | Delete

$h,

[742] Fix | Delete

$A,

[743] Fix | Delete

self::substr($sig, 32)

[744] Fix | Delete

);

[745] Fix | Delete

[746] Fix | Delete

/** @var string $rcheck */

[747] Fix | Delete

$rcheck = ParagonIE_Sodium_Core_Ed25519::ge_tobytes($R);

[748] Fix | Delete

[749] Fix | Delete

// Close the file handle

[750] Fix | Delete

fclose($fp);

[751] Fix | Delete

[752] Fix | Delete

// Reset ParagonIE_Sodium_Compat::$fastMult to what it was before.

[753] Fix | Delete

ParagonIE_Sodium_Compat::$fastMult = $orig;

[754] Fix | Delete

return self::verify_32($rcheck, self::substr($sig, 0, 32));

[755] Fix | Delete

}

[756] Fix | Delete

[757] Fix | Delete

/**

[758] Fix | Delete

* @param resource $ifp

[759] Fix | Delete

* @param resource $ofp

[760] Fix | Delete

* @param int $mlen

[761] Fix | Delete

* @param string $nonce

[762] Fix | Delete

* @param string $boxKeypair

[763] Fix | Delete

* @return bool

[764] Fix | Delete

* @throws SodiumException

[765] Fix | Delete

* @throws TypeError

[766] Fix | Delete

[767] Fix | Delete

protected static function box_encrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)

[768] Fix | Delete

{

[769] Fix | Delete

if (PHP_INT_SIZE === 4) {

[770] Fix | Delete

return self::secretbox_encrypt(

[771] Fix | Delete

$ifp,

[772] Fix | Delete

$ofp,

[773] Fix | Delete

$mlen,

[774] Fix | Delete

$nonce,

[775] Fix | Delete

ParagonIE_Sodium_Crypto32::box_beforenm(

[776] Fix | Delete

ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),

[777] Fix | Delete

ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)

[778] Fix | Delete

)

[779] Fix | Delete

);

[780] Fix | Delete

}

[781] Fix | Delete

return self::secretbox_encrypt(

[782] Fix | Delete

$ifp,

[783] Fix | Delete

$ofp,

[784] Fix | Delete

$mlen,

[785] Fix | Delete

$nonce,

[786] Fix | Delete

ParagonIE_Sodium_Crypto::box_beforenm(

[787] Fix | Delete

ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),

[788] Fix | Delete

ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)

[789] Fix | Delete

)

[790] Fix | Delete

);

[791] Fix | Delete

}

[792] Fix | Delete

[793] Fix | Delete

[794] Fix | Delete

/**

[795] Fix | Delete

* @param resource $ifp

[796] Fix | Delete

* @param resource $ofp

[797] Fix | Delete

* @param int $mlen

[798] Fix | Delete

* @param string $nonce

[799] Fix | Delete

* @param string $boxKeypair

[800] Fix | Delete

* @return bool

[801] Fix | Delete

* @throws SodiumException

[802] Fix | Delete

* @throws TypeError

[803] Fix | Delete

[804] Fix | Delete

protected static function box_decrypt($ifp, $ofp, $mlen, $nonce, $boxKeypair)

[805] Fix | Delete

{

[806] Fix | Delete

if (PHP_INT_SIZE === 4) {

[807] Fix | Delete

return self::secretbox_decrypt(

[808] Fix | Delete

$ifp,

[809] Fix | Delete

$ofp,

[810] Fix | Delete

$mlen,

[811] Fix | Delete

$nonce,

[812] Fix | Delete

ParagonIE_Sodium_Crypto32::box_beforenm(

[813] Fix | Delete

ParagonIE_Sodium_Crypto32::box_secretkey($boxKeypair),

[814] Fix | Delete

ParagonIE_Sodium_Crypto32::box_publickey($boxKeypair)

[815] Fix | Delete

)

[816] Fix | Delete

);

[817] Fix | Delete

}

[818] Fix | Delete

return self::secretbox_decrypt(

[819] Fix | Delete

$ifp,

[820] Fix | Delete

$ofp,

[821] Fix | Delete

$mlen,

[822] Fix | Delete

$nonce,

[823] Fix | Delete

ParagonIE_Sodium_Crypto::box_beforenm(

[824] Fix | Delete

ParagonIE_Sodium_Crypto::box_secretkey($boxKeypair),

[825] Fix | Delete

ParagonIE_Sodium_Crypto::box_publickey($boxKeypair)

[826] Fix | Delete

)

[827] Fix | Delete

);

[828] Fix | Delete

}

[829] Fix | Delete

[830] Fix | Delete

/**

[831] Fix | Delete

* Encrypt a file

[832] Fix | Delete

[833] Fix | Delete

* @param resource $ifp

[834] Fix | Delete

* @param resource $ofp

[835] Fix | Delete

* @param int $mlen

[836] Fix | Delete

* @param string $nonce

[837] Fix | Delete

* @param string $key

[838] Fix | Delete

* @return bool

[839] Fix | Delete

* @throws SodiumException

[840] Fix | Delete

* @throws TypeError

[841] Fix | Delete

[842] Fix | Delete

protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)

[843] Fix | Delete

{

[844] Fix | Delete

if (PHP_INT_SIZE === 4) {

[845] Fix | Delete

return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);

[846] Fix | Delete

}

[847] Fix | Delete

[848] Fix | Delete

$plaintext = fread($ifp, 32);

[849] Fix | Delete

if (!is_string($plaintext)) {

[850] Fix | Delete

throw new SodiumException('Could not read input file');

[851] Fix | Delete

}

[852] Fix | Delete

$first32 = self::ftell($ifp);

[853] Fix | Delete

[854] Fix | Delete

/** @var string $subkey */

[855] Fix | Delete

$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);

[856] Fix | Delete

[857] Fix | Delete

/** @var string $realNonce */

[858] Fix | Delete

$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);

[859] Fix | Delete

[860] Fix | Delete

/** @var string $block0 */

[861] Fix | Delete

$block0 = str_repeat("\x00", 32);

[862] Fix | Delete

[863] Fix | Delete

/** @var int $mlen - Length of the plaintext message */

[864] Fix | Delete

$mlen0 = $mlen;

[865] Fix | Delete

if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {

[866] Fix | Delete

$mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;

[867] Fix | Delete

}

[868] Fix | Delete

$block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);

[869] Fix | Delete

[870] Fix | Delete

/** @var string $block0 */

[871] Fix | Delete

$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(

[872] Fix | Delete

$block0,

[873] Fix | Delete

$realNonce,

[874] Fix | Delete

$subkey

[875] Fix | Delete

);

[876] Fix | Delete

[877] Fix | Delete

$state = new ParagonIE_Sodium_Core_Poly1305_State(

[878] Fix | Delete

ParagonIE_Sodium_Core_Util::substr(

[879] Fix | Delete

$block0,

[880] Fix | Delete

[881] Fix | Delete

ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES

[882] Fix | Delete

)

[883] Fix | Delete

);

[884] Fix | Delete

[885] Fix | Delete

// Pre-write 16 blank bytes for the Poly1305 tag

[886] Fix | Delete

$start = self::ftell($ofp);

[887] Fix | Delete

fwrite($ofp, str_repeat("\x00", 16));

[888] Fix | Delete

[889] Fix | Delete

/** @var string $c */

[890] Fix | Delete

$cBlock = ParagonIE_Sodium_Core_Util::substr(

[891] Fix | Delete

$block0,

[892] Fix | Delete

ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES

[893] Fix | Delete

);

[894] Fix | Delete

$state->update($cBlock);

[895] Fix | Delete

fwrite($ofp, $cBlock);

[896] Fix | Delete

$mlen -= 32;

[897] Fix | Delete

[898] Fix | Delete

/** @var int $iter */

[899] Fix | Delete

$iter = 1;

[900] Fix | Delete

[901] Fix | Delete

/** @var int $incr */

[902] Fix | Delete

$incr = self::BUFFER_SIZE >> 6;

[903] Fix | Delete

[904] Fix | Delete

[905] Fix | Delete

* Set the cursor to the end of the first half-block. All future bytes will

[906] Fix | Delete

* generated from salsa20_xor_ic, starting from 1 (second block).

[907] Fix | Delete

[908] Fix | Delete

fseek($ifp, $first32, SEEK_SET);

[909] Fix | Delete

[910] Fix | Delete

while ($mlen > 0) {

[911] Fix | Delete

$blockSize = $mlen > self::BUFFER_SIZE

[912] Fix | Delete

? self::BUFFER_SIZE

[913] Fix | Delete

: $mlen;

[914] Fix | Delete

$plaintext = fread($ifp, $blockSize);

[915] Fix | Delete

if (!is_string($plaintext)) {

[916] Fix | Delete

throw new SodiumException('Could not read input file');

[917] Fix | Delete

}

[918] Fix | Delete

$cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(

[919] Fix | Delete

$plaintext,

[920] Fix | Delete

$realNonce,

[921] Fix | Delete

$iter,

[922] Fix | Delete

$subkey

[923] Fix | Delete

);

[924] Fix | Delete

fwrite($ofp, $cBlock, $blockSize);

[925] Fix | Delete

$state->update($cBlock);

[926] Fix | Delete

[927] Fix | Delete

$mlen -= $blockSize;

[928] Fix | Delete

$iter += $incr;

[929] Fix | Delete

}

[930] Fix | Delete

try {

[931] Fix | Delete

ParagonIE_Sodium_Compat::memzero($block0);

[932] Fix | Delete

ParagonIE_Sodium_Compat::memzero($subkey);

[933] Fix | Delete

} catch (SodiumException $ex) {

[934] Fix | Delete

$block0 = null;

[935] Fix | Delete

$subkey = null;

[936] Fix | Delete

}

[937] Fix | Delete

$end = self::ftell($ofp);

[938] Fix | Delete

[939] Fix | Delete

[940] Fix | Delete

* Write the Poly1305 authentication tag that provides integrity

[941] Fix | Delete

* over the ciphertext (encrypt-then-MAC)

[942] Fix | Delete

[943] Fix | Delete

fseek($ofp, $start, SEEK_SET);

[944] Fix | Delete

fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);

[945] Fix | Delete

fseek($ofp, $end, SEEK_SET);

[946] Fix | Delete

unset($state);

[947] Fix | Delete

[948] Fix | Delete

return true;

[949] Fix | Delete

}

[950] Fix | Delete

[951] Fix | Delete

/**

[952] Fix | Delete

* Decrypt a file

[953] Fix | Delete

[954] Fix | Delete

* @param resource $ifp

[955] Fix | Delete

* @param resource $ofp

[956] Fix | Delete

* @param int $mlen

[957] Fix | Delete

* @param string $nonce

[958] Fix | Delete

* @param string $key

[959] Fix | Delete

* @return bool

[960] Fix | Delete

* @throws SodiumException

[961] Fix | Delete

* @throws TypeError

[962] Fix | Delete

[963] Fix | Delete

protected static function secretbox_decrypt($ifp, $ofp, $mlen, $nonce, $key)

[964] Fix | Delete

{

[965] Fix | Delete

if (PHP_INT_SIZE === 4) {

[966] Fix | Delete

return self::secretbox_decrypt_core32($ifp, $ofp, $mlen, $nonce, $key);

[967] Fix | Delete

}

[968] Fix | Delete

$tag = fread($ifp, 16);

[969] Fix | Delete

if (!is_string($tag)) {

[970] Fix | Delete

throw new SodiumException('Could not read input file');

[971] Fix | Delete

}

[972] Fix | Delete

[973] Fix | Delete

/** @var string $subkey */

[974] Fix | Delete

$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);

[975] Fix | Delete

[976] Fix | Delete

/** @var string $realNonce */

[977] Fix | Delete

$realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);

[978] Fix | Delete

[979] Fix | Delete

/** @var string $block0 */

[980] Fix | Delete

$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(

[981] Fix | Delete

64,

[982] Fix | Delete

ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8),

[983] Fix | Delete

$subkey

[984] Fix | Delete

);

[985] Fix | Delete

[986] Fix | Delete

/* Verify the Poly1305 MAC -before- attempting to decrypt! */

[987] Fix | Delete

$state = new ParagonIE_Sodium_Core_Poly1305_State(self::substr($block0, 0, 32));

[988] Fix | Delete

if (!self::onetimeauth_verify($state, $ifp, $tag, $mlen)) {

[989] Fix | Delete

throw new SodiumException('Invalid MAC');

[990] Fix | Delete

}

[991] Fix | Delete

[992] Fix | Delete

[993] Fix | Delete

* Set the cursor to the end of the first half-block. All future bytes will

[994] Fix | Delete

* generated from salsa20_xor_ic, starting from 1 (second block).

[995] Fix | Delete

[996] Fix | Delete

$first32 = fread($ifp, 32);

[997] Fix | Delete

if (!is_string($first32)) {

[998] Fix | Delete

throw new SodiumException('Could not read input file');

[999] Fix | Delete

123 4