ParagonIE_Sodium_Compat::crypto_stream_xor

Advertisement

Summery Summery

DANGER! UNAUTHENTICATED ENCRYPTION!

Syntax Syntax

ParagonIE_Sodium_Compat::crypto_stream_xor( string $message, string $nonce, string $key )

Description Description

Unless you are following expert advice, do not used this feature.

Algorithm: XSalsa20

This DOES NOT provide ciphertext integrity.

Parameters Parameters

$message

(string) (Required) Plaintext message

$nonce

(string) (Required) Number to be used Once; must be 24 bytes

$key

(string) (Required) Encryption key

Return Return

(string) Encrypted text which is vulnerable to chosen- ciphertext attacks unless you implement some other mitigation to the ciphertext (i.e. Encrypt then MAC)

Source Source

File: wp-includes/sodium_compat/src/Compat.php

    public static function crypto_stream_xor($message, $nonce, $key)
    {
        /* Type checks: */
        ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1);
        ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2);
        ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3);

        /* Input validation: */
        if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) {
            throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.');
        }
        if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) {
            throw new SodiumException('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.');
        }

        if (self::useNewSodiumAPI()) {
            return sodium_crypto_stream_xor($message, $nonce, $key);
        }
        if (self::use_fallback('crypto_stream_xor')) {
            return (string) call_user_func('\\Sodium\\crypto_stream_xor', $message, $nonce, $key);
        }
        if (PHP_INT_SIZE === 4) {
            return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20_xor($message, $nonce, $key);
        }
        return ParagonIE_Sodium_Core_XSalsa20::xsalsa20_xor($message, $nonce, $key);
    }

Advertisement

Advertisement

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.