ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt

Advertisement

Summery Summery

Authenticated Encryption with Associated Data: Encryption

Syntax Syntax

ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt( string $plaintext = '', string $assocData = '', string $nonce = '', string $key = '' )

Description Description

Algorithm: AES-256-GCM

Parameters Parameters

$plaintext

(string) (Optional) Message to be encrypted

Default value: ''

$assocData

(string) (Optional) Authenticated Associated Data (unencrypted)

Default value: ''

$nonce

(string) (Optional) Number to be used only Once; must be 8 bytes

Default value: ''

$key

(string) (Optional) Encryption key

Default value: ''

Return Return

(string) Ciphertext with a 16-byte GCM message authentication code appended

Source Source

File: wp-includes/sodium_compat/src/Compat.php

    public static function crypto_aead_aes256gcm_encrypt(
        $plaintext = '',
        $assocData = '',
        $nonce = '',
        $key = ''
    ) {
        if (!self::crypto_aead_aes256gcm_is_available()) {
            throw new SodiumException('AES-256-GCM is not available');
        }
        ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1);
        ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2);
        ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3);
        ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);

        /* Input validation: */
        if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AES256GCM_NPUBBYTES) {
            throw new SodiumException('Nonce must be CRYPTO_AEAD_AES256GCM_NPUBBYTES long');
        }
        if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_AES256GCM_KEYBYTES) {
            throw new SodiumException('Key must be CRYPTO_AEAD_AES256GCM_KEYBYTES long');
        }

        if (!is_callable('openssl_encrypt')) {
            throw new SodiumException('The OpenSSL extension is not installed, or openssl_encrypt() is not available');
        }

        $authTag = '';
        $ciphertext = openssl_encrypt(
            $plaintext,
            'aes-256-gcm',
            $key,
            OPENSSL_RAW_DATA,
            $nonce,
            $authTag,
            $assocData
        );
        return $ciphertext . $authTag;
    }

Advertisement

Advertisement

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.