Make WordPress Core


Ignore:
Timestamp:
05/17/2019 05:19:21 PM (6 years ago)
Author:
desrosj
Message:

Upgrade/Install: Update sodium_compat to v1.10.0.

This adds a runtime_speed_test() method for estimating if the 32-bit implementation is fast enough for expensive computations.

Merges [45344] to the 5.2 branch.

Props paragoninitiativeenterprises, tellyworth.
See #47186.

Location:
branches/5.2
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/5.2

  • branches/5.2/src/wp-includes/sodium_compat/src/Compat.php

    r44953 r45355  
    145145     * @param string $left  The left operand; must be a string
    146146     * @param string $right The right operand; must be a string
    147      * @return int          < 0 if the left operand is less than the right
    148      *                      = 0 if both strings are equal
    149      *                      > 0 if the right operand is less than the left
     147     * @return int          If < 0 if the left operand is less than the right
     148     *                      If = 0 if both strings are equal
     149     *                      If > 0 if the right operand is less than the left
    150150     * @throws SodiumException
    151151     * @throws TypeError
     
    670670     * IETF mode uses a 96-bit random nonce with a 32-bit counter.
    671671     *
    672      * @param string $ciphertext Encrypted message (with Poly1305 MAC appended)
    673      * @param string $assocData Authenticated Associated Data (unencrypted)
    674      * @param string $nonce Number to be used only Once; must be 8 bytes
    675      * @param string $key Encryption key
    676      *
    677      * @return string            The original plaintext message
     672     * @param string $ciphertext   Encrypted message (with Poly1305 MAC appended)
     673     * @param string $assocData    Authenticated Associated Data (unencrypted)
     674     * @param string $nonce        Number to be used only Once; must be 8 bytes
     675     * @param string $key          Encryption key
     676     * @param bool   $dontFallback Don't fallback to ext/sodium
     677     *
     678     * @return string|bool         The original plaintext message
    678679     * @throws SodiumException
    679680     * @throws TypeError
     
    684685        $assocData = '',
    685686        $nonce = '',
    686         $key = ''
     687        $key = '',
     688        $dontFallback = false
    687689    ) {
    688690        /* Type checks: */
     
    701703        if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES) {
    702704            throw new SodiumException('Message must be at least CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES long');
     705        }
     706        if (self::useNewSodiumAPI() && !$dontFallback) {
     707            if (is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_decrypt')) {
     708                return sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(
     709                    $ciphertext,
     710                    $assocData,
     711                    $nonce,
     712                    $key
     713                );
     714            }
    703715        }
    704716
     
    728740     * IETF mode uses a 96-bit random nonce with a 32-bit counter.
    729741     *
    730      * @param string $plaintext Message to be encrypted
    731      * @param string $assocData Authenticated Associated Data (unencrypted)
    732      * @param string $nonce Number to be used only Once; must be 8 bytes
    733      * @param string $key Encryption key
     742     * @param string $plaintext    Message to be encrypted
     743     * @param string $assocData    Authenticated Associated Data (unencrypted)
     744     * @param string $nonce        Number to be used only Once; must be 8 bytes
     745     * @param string $key          Encryption key
     746     * @param bool   $dontFallback Don't fallback to ext/sodium
    734747     *
    735748     * @return string           Ciphertext with a 16-byte Poly1305 message
     
    743756        $assocData = '',
    744757        $nonce = '',
    745         $key = ''
     758        $key = '',
     759        $dontFallback = false
    746760    ) {
    747761        /* Type checks: */
     
    757771        if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) {
    758772            throw new SodiumException('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_KEYBYTES long');
     773        }
     774        if (self::useNewSodiumAPI() && !$dontFallback) {
     775            if (is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_encrypt')) {
     776                return sodium_crypto_aead_xchacha20poly1305_ietf_encrypt(
     777                    $plaintext,
     778                    $assocData,
     779                    $nonce,
     780                    $key
     781                );
     782            }
    759783        }
    760784
     
    12801304     * Get the final BLAKE2b hash output for a given context.
    12811305     *
    1282      * @param string &$ctx BLAKE2 hashing context. Generated by crypto_generichash_init().
    1283      * @param int $length  Hash output size.
    1284      * @return string      Final BLAKE2b hash.
    1285      * @throws SodiumException
    1286      * @throws TypeError
    1287      * @psalm-suppress MixedArgument
     1306     * @param string $ctx BLAKE2 hashing context. Generated by crypto_generichash_init().
     1307     * @param int $length Hash output size.
     1308     * @return string     Final BLAKE2b hash.
     1309     * @throws SodiumException
     1310     * @throws TypeError
     1311     * @psalm-suppress MixedArgument
     1312     * @psalm-suppress ReferenceConstraintViolation
    12881313     */
    12891314    public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GENERICHASH_BYTES)
     
    13581383     * Update a BLAKE2b hashing context with additional data.
    13591384     *
    1360      * @param string &$ctx    BLAKE2 hashing context. Generated by crypto_generichash_init().
    1361      *                        $ctx is passed by reference and gets updated in-place.
     1385     * @param string $ctx    BLAKE2 hashing context. Generated by crypto_generichash_init().
     1386     *                       $ctx is passed by reference and gets updated in-place.
     1387     * @param-out string $ctx
    13621388     * @param string $message The message to append to the existing hash state.
    13631389     * @return void
     
    13651391     * @throws TypeError
    13661392     * @psalm-suppress MixedArgument
     1393     * @psalm-suppress ReferenceConstraintViolation
    13671394     */
    13681395    public static function crypto_generichash_update(&$ctx, $message)
     
    26112638     *
    26122639     * @param string|null $var
     2640     * @param-out string|null $var
    26132641     *
    26142642     * @return void
     
    26232651
    26242652        if (self::useNewSodiumAPI()) {
     2653            /** @psalm-suppress MixedArgument */
    26252654            sodium_memzero($var);
    26262655            return;
     
    27272756
    27282757    /**
     2758     * Runtime testing method for 32-bit platforms.
     2759     *
     2760     * Usage: If runtime_speed_test() returns FALSE, then our 32-bit
     2761     *        implementation is to slow to use safely without risking timeouts.
     2762     *        If this happens, install sodium from PECL to get acceptable
     2763     *        performance.
     2764     *
     2765     * @param int $iterations Number of multiplications to attempt
     2766     * @param int $maxTimeout Milliseconds
     2767     * @return bool           TRUE if we're fast enough, FALSE is not
     2768     * @throws SodiumException
     2769     */
     2770    public static function runtime_speed_test($iterations, $maxTimeout)
     2771    {
     2772        if (self::polyfill_is_fast()) {
     2773            return true;
     2774        }
     2775        /** @var float $end */
     2776        $end = 0.0;
     2777        /** @var float $start */
     2778        $start = microtime(true);
     2779        /** @var ParagonIE_Sodium_Core32_Int64 $a */
     2780        $a = ParagonIE_Sodium_Core32_Int64::fromInt(random_int(3, 1 << 16));
     2781        for ($i = 0; $i < $iterations; ++$i) {
     2782            /** @var ParagonIE_Sodium_Core32_Int64 $b */
     2783            $b = ParagonIE_Sodium_Core32_Int64::fromInt(random_int(3, 1 << 16));
     2784            $a->mulInt64($b);
     2785        }
     2786        /** @var float $end */
     2787        $end = microtime(true);
     2788        /** @var int $diff */
     2789        $diff = (int) ceil(($end - $start) * 1000);
     2790        return $diff < $maxTimeout;
     2791    }
     2792
     2793    /**
    27292794     * This emulates libsodium's version_string() function, except ours is
    27302795     * prefixed with 'polyfill-'.
Note: See TracChangeset for help on using the changeset viewer.