ParagonIE_Sodium_Compat::crypto_kx

Advertisement

Summery Summery

Perform a key exchange, between a designated client and a server.

Syntax Syntax

ParagonIE_Sodium_Compat::crypto_kx( string $my_secret, string $their_public, string $client_public, string $server_public )

Description Description

Typically, you would designate one machine to be the client and the other to be the server. The first two keys are what you’d expect for scalarmult() below, but the latter two public keys don’t swap places.

ALICE BOB Client Server
shared = crypto_kx( shared = crypto_kx(
alice_sk, bob_sk, <- contextual
bob_pk, alice_pk, <- contextual
alice_pk, alice_pk, <—– static
bob_pk bob_pk <—– static
) )

They are used along with the scalarmult product to generate a 256-bit BLAKE2b hash unique to the client and server keys.

Parameters Parameters

$my_secret

(string) (Required)

$their_public

(string) (Required)

$client_public

(string) (Required)

$server_public

(string) (Required)

Return Return

(string)

Source Source

File: wp-includes/sodium_compat/src/Compat.php

    public static function crypto_kx($my_secret, $their_public, $client_public, $server_public)
    {
        /* Type checks: */
        ParagonIE_Sodium_Core_Util::declareScalarType($my_secret, 'string', 1);
        ParagonIE_Sodium_Core_Util::declareScalarType($their_public, 'string', 2);
        ParagonIE_Sodium_Core_Util::declareScalarType($client_public, 'string', 3);
        ParagonIE_Sodium_Core_Util::declareScalarType($server_public, 'string', 4);

        /* Input validation: */
        if (ParagonIE_Sodium_Core_Util::strlen($my_secret) !== self::CRYPTO_BOX_SECRETKEYBYTES) {
            throw new SodiumException('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.');
        }
        if (ParagonIE_Sodium_Core_Util::strlen($their_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) {
            throw new SodiumException('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.');
        }
        if (ParagonIE_Sodium_Core_Util::strlen($client_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) {
            throw new SodiumException('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES long.');
        }
        if (ParagonIE_Sodium_Core_Util::strlen($server_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) {
            throw new SodiumException('Argument 4 must be CRYPTO_BOX_PUBLICKEYBYTES long.');
        }

        if (self::useNewSodiumAPI()) {
            if (is_callable('sodium_crypto_kx')) {
                return (string) sodium_crypto_kx(
                    $my_secret,
                    $their_public,
                    $client_public,
                    $server_public
                );
            }
        }
        if (self::use_fallback('crypto_kx')) {
            return (string) call_user_func(
                '\\Sodium\\crypto_kx',
                $my_secret,
                $their_public,
                $client_public,
                $server_public
            );
        }
        if (PHP_INT_SIZE === 4) {
            return ParagonIE_Sodium_Crypto32::keyExchange(
                $my_secret,
                $their_public,
                $client_public,
                $server_public
            );
        }
        return ParagonIE_Sodium_Crypto::keyExchange(
            $my_secret,
            $their_public,
            $client_public,
            $server_public
        );
    }

Advertisement

Advertisement

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.