Index: wp-includes/sodium_compat/lib/php72compat.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- wp-includes/sodium_compat/lib/php72compat.php (date 1557425095000) +++ wp-includes/sodium_compat/lib/php72compat.php (date 1551892403918) @@ -250,7 +250,7 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) { try { - return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); + return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key, true); } catch (Error $ex) { return false; } catch (Exception $ex) { @@ -271,7 +271,7 @@ */ function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) { - return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); + return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key, true); } } if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_keygen')) { Index: wp-includes/sodium_compat/src/Crypto.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- wp-includes/sodium_compat/src/Crypto.php (date 1557425095000) +++ wp-includes/sodium_compat/src/Crypto.php (date 1553102303732) @@ -819,8 +819,8 @@ */ public static function keyExchange($my_sk, $their_pk, $client_pk, $server_pk) { - return self::generichash( - self::scalarmult($my_sk, $their_pk) . + return ParagonIE_Sodium_Compat::crypto_generichash( + ParagonIE_Sodium_Compat::crypto_scalarmult($my_sk, $their_pk) . $client_pk . $server_pk ); Index: wp-includes/sodium_compat/src/Core32/Int64.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- wp-includes/sodium_compat/src/Core32/Int64.php (date 1557425095000) +++ wp-includes/sodium_compat/src/Core32/Int64.php (date 1557428845578) @@ -205,6 +205,9 @@ */ public function mulInt($int = 0, $size = 0) { + if (ParagonIE_Sodium_Compat::$fastMult) { + return $this->mulIntFast($int); + } ParagonIE_Sodium_Core32_Util::declareScalarType($int, 'int', 1); ParagonIE_Sodium_Core32_Util::declareScalarType($size, 'int', 2); /** @var int $int */ @@ -268,11 +271,11 @@ $a3 &= 0xffff; $int >>= 1; - $return->limbs[0] = $ret0; - $return->limbs[1] = $ret1; - $return->limbs[2] = $ret2; - $return->limbs[3] = $ret3; - } + } + $return->limbs[0] = $ret0; + $return->limbs[1] = $ret1; + $return->limbs[2] = $ret2; + $return->limbs[3] = $ret3; return $return; } @@ -317,6 +320,141 @@ ); } + /** + * @param array $a + * @param array $b + * @param int $baseLog2 + * @return array + */ + public function multiplyLong(array $a, array $b, $baseLog2 = 16) + { + $a_l = count($a); + $b_l = count($b); + $r = array_fill(0, $a_l + $b_l + 1, 0); + $base = 1 << $baseLog2; + for ($i = 0; $i < $a_l; ++$i) { + $a_i = $a[$i]; + for ($j = 0; $j < $a_l; ++$j) { + $b_j = $b[$j]; + $product = ($a_i * $b_j) + $r[$i + $j]; + $carry = ($product >> $baseLog2 & 0xffff); + $r[$i + $j] = ($product - (int) ($carry * $base)) & 0xffff; + $r[$i + $j + 1] += $carry; + } + } + return array_slice($r, 0, 5); + } + + /** + * @param int $int + * @return ParagonIE_Sodium_Core32_Int64 + */ + public function mulIntFast($int) + { + // Handle negative numbers + $aNeg = ($this->limbs[0] >> 15) & 1; + $bNeg = ($int >> 31) & 1; + $a = array_reverse($this->limbs); + $b = array( + $int & 0xffff, + ($int >> 16) & 0xffff, + -$bNeg & 0xffff, + -$bNeg & 0xffff + ); + if ($aNeg) { + for ($i = 0; $i < 4; ++$i) { + $a[$i] = ($a[$i] ^ 0xffff) & 0xffff; + } + ++$a[0]; + } + if ($bNeg) { + for ($i = 0; $i < 4; ++$i) { + $b[$i] = ($b[$i] ^ 0xffff) & 0xffff; + } + ++$b[0]; + } + // Multiply + $res = $this->multiplyLong($a, $b); + + // Re-apply negation to results + if ($aNeg !== $bNeg) { + for ($i = 0; $i < 4; ++$i) { + $res[$i] = (0xffff ^ $res[$i]) & 0xffff; + } + // Handle integer overflow + $c = 1; + for ($i = 0; $i < 4; ++$i) { + $res[$i] += $c; + $c = $res[$i] >> 16; + $res[$i] &= 0xffff; + } + } + + // Return our values + $return = new ParagonIE_Sodium_Core32_Int64(); + $return->limbs = array( + $res[3] & 0xffff, + $res[2] & 0xffff, + $res[1] & 0xffff, + $res[0] & 0xffff + ); + if (count($res) > 4) { + $return->overflow = $res[4] & 0xffff; + } + $return->unsignedInt = $this->unsignedInt; + return $return; + } + + /** + * @param ParagonIE_Sodium_Core32_Int64 $right + * @return ParagonIE_Sodium_Core32_Int64 + */ + public function mulInt64Fast(ParagonIE_Sodium_Core32_Int64 $right) + { + $aNeg = ($this->limbs[0] >> 15) & 1; + $bNeg = ($right->limbs[0] >> 15) & 1; + + $a = array_reverse($this->limbs); + $b = array_reverse($right->limbs); + if ($aNeg) { + for ($i = 0; $i < 4; ++$i) { + $a[$i] = ($a[$i] ^ 0xffff) & 0xffff; + } + ++$a[0]; + } + if ($bNeg) { + for ($i = 0; $i < 4; ++$i) { + $b[$i] = ($b[$i] ^ 0xffff) & 0xffff; + } + ++$b[0]; + } + $res = $this->multiplyLong($a, $b); + if ($aNeg !== $bNeg) { + if ($aNeg !== $bNeg) { + for ($i = 0; $i < 4; ++$i) { + $res[$i] = ($res[$i] ^ 0xffff) & 0xffff; + } + $c = 1; + for ($i = 0; $i < 4; ++$i) { + $res[$i] += $c; + $c = $res[$i] >> 16; + $res[$i] &= 0xffff; + } + } + } + $return = new ParagonIE_Sodium_Core32_Int64(); + $return->limbs = array( + $res[3] & 0xffff, + $res[2] & 0xffff, + $res[1] & 0xffff, + $res[0] & 0xffff + ); + if (count($res) > 4) { + $return->overflow = $res[4]; + } + return $return; + } + /** * @param ParagonIE_Sodium_Core32_Int64 $int * @param int $size @@ -327,6 +465,9 @@ */ public function mulInt64(ParagonIE_Sodium_Core32_Int64 $int, $size = 0) { + if (ParagonIE_Sodium_Compat::$fastMult) { + return $this->mulInt64Fast($int); + } ParagonIE_Sodium_Core32_Util::declareScalarType($size, 'int', 2); if (!$size) { $size = 63; Index: wp-includes/sodium_compat/src/Compat.php IDEA additional info: Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP <+>UTF-8 =================================================================== --- wp-includes/sodium_compat/src/Compat.php (date 1557425095000) +++ wp-includes/sodium_compat/src/Compat.php (date 1551892403919) @@ -669,10 +669,11 @@ * This mode uses a 64-bit random nonce with a 64-bit counter. * IETF mode uses a 96-bit random nonce with a 32-bit counter. * - * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) - * @param string $assocData Authenticated Associated Data (unencrypted) - * @param string $nonce Number to be used only Once; must be 8 bytes - * @param string $key Encryption key + * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) + * @param string $assocData Authenticated Associated Data (unencrypted) + * @param string $nonce Number to be used only Once; must be 8 bytes + * @param string $key Encryption key + * @param bool $dontFallback Don't fallback to ext/sodium * * @return string The original plaintext message * @throws SodiumException @@ -683,7 +684,8 @@ $ciphertext = '', $assocData = '', $nonce = '', - $key = '' + $key = '', + $dontFallback = false ) { /* Type checks: */ ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); @@ -701,6 +703,16 @@ if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES) { throw new SodiumException('Message must be at least CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES long'); } + if (self::useNewSodiumAPI() && !$dontFallback) { + if (is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_decrypt')) { + return sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( + $ciphertext, + $assocData, + $nonce, + $key + ); + } + } if (PHP_INT_SIZE === 4) { return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_decrypt( @@ -727,10 +739,11 @@ * This mode uses a 64-bit random nonce with a 64-bit counter. * IETF mode uses a 96-bit random nonce with a 32-bit counter. * - * @param string $plaintext Message to be encrypted - * @param string $assocData Authenticated Associated Data (unencrypted) - * @param string $nonce Number to be used only Once; must be 8 bytes - * @param string $key Encryption key + * @param string $plaintext Message to be encrypted + * @param string $assocData Authenticated Associated Data (unencrypted) + * @param string $nonce Number to be used only Once; must be 8 bytes + * @param string $key Encryption key + * @param bool $dontFallback Don't fallback to ext/sodium * * @return string Ciphertext with a 16-byte Poly1305 message * authentication code appended @@ -742,7 +755,8 @@ $plaintext = '', $assocData = '', $nonce = '', - $key = '' + $key = '', + $dontFallback = false ) { /* Type checks: */ ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); @@ -757,6 +771,16 @@ if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { throw new SodiumException('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_KEYBYTES long'); } + if (self::useNewSodiumAPI() && !$dontFallback) { + if (is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_encrypt')) { + return sodium_crypto_aead_xchacha20poly1305_ietf_encrypt( + $plaintext, + $assocData, + $nonce, + $key + ); + } + } if (PHP_INT_SIZE === 4) { return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_encrypt(