Make WordPress Core


Ignore:
Timestamp:
09/14/2022 12:11:11 AM (2 years ago)
Author:
SergeyBiryukov
Message:

Upgrade/Install: Update sodium_compat to v1.18.0.

The latest version of sodium_compat includes some improvements, as well as a new feature which will also be included in PHP 8.2.

Release notes:
https://github.com/paragonie/sodium_compat/releases/tag/v1.18.0

A full list of changes in this update can be found on GitHub:
https://github.com/paragonie/sodium_compat/compare/v1.17.1...v1.18.0

Follow-up to [49741], [51002], [51591], [52988].

Props jrf, paragoninitiativeenterprises.
Fixes #56564.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/sodium_compat/src/Compat.php

    r52988 r54150  
    31563156
    31573157    /**
     3158     * DANGER! UNAUTHENTICATED ENCRYPTION!
     3159     *
     3160     * Unless you are following expert advice, do not use this feature.
     3161     *
     3162     * Algorithm: XChaCha20
     3163     *
     3164     * This DOES NOT provide ciphertext integrity.
     3165     *
     3166     * @param string $message Plaintext message
     3167     * @param string $nonce Number to be used Once; must be 24 bytes
     3168     * @param int $counter
     3169     * @param string $key Encryption key
     3170     * @return string         Encrypted text which is vulnerable to chosen-
     3171     *                        ciphertext attacks unless you implement some
     3172     *                        other mitigation to the ciphertext (i.e.
     3173     *                        Encrypt then MAC)
     3174     * @param bool $dontFallback
     3175     * @throws SodiumException
     3176     * @throws TypeError
     3177     * @psalm-suppress MixedArgument
     3178     */
     3179    public static function crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, $dontFallback = false)
     3180    {
     3181        /* Type checks: */
     3182        ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1);
     3183        ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2);
     3184        ParagonIE_Sodium_Core_Util::declareScalarType($counter, 'int', 3);
     3185        ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);
     3186
     3187        /* Input validation: */
     3188        if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_XCHACHA20_NONCEBYTES) {
     3189            throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_XCHACHA20_NONCEBYTES long.');
     3190        }
     3191        if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_XCHACHA20_KEYBYTES) {
     3192            throw new SodiumException('Argument 3 must be CRYPTO_SECRETBOX_XCHACHA20_KEYBYTES long.');
     3193        }
     3194
     3195        if (is_callable('sodium_crypto_stream_xchacha20_xor_ic') && !$dontFallback) {
     3196            return sodium_crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key);
     3197        }
     3198
     3199        $ic = ParagonIE_Sodium_Core_Util::store64_le($counter);
     3200        if (PHP_INT_SIZE === 4) {
     3201            return ParagonIE_Sodium_Core32_XChaCha20::streamXorIc($message, $nonce, $key, $ic);
     3202        }
     3203        return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key, $ic);
     3204    }
     3205
     3206    /**
    31583207     * Return a secure random key for use with crypto_stream_xchacha20
    31593208     *
Note: See TracChangeset for help on using the changeset viewer.