ParagonIE_Sodium_File::secretbox_encrypt() protected WP 1.0

Encrypt a file

Это метод класса: ParagonIE_Sodium_File{}

Хуков нет.

Возвращает

true/false.

Использование

$result = ParagonIE_Sodium_File::secretbox_encrypt( $ifp, $ofp, $mlen, $nonce, $key );

$ifp(resource) (обязательный)

$ofp(resource) (обязательный)

$mlen(число) (обязательный)

$nonce(строка) (обязательный)

$key(строка) (обязательный)

Код ParagonIE_Sodium_File::secretbox_encrypt() ParagonIE Sodium File::secretbox encrypt ^{WP 5.5.1}

<?php
protected static function secretbox_encrypt($ifp, $ofp, $mlen, $nonce, $key)
{
    if (PHP_INT_SIZE === 4) {
        return self::secretbox_encrypt_core32($ifp, $ofp, $mlen, $nonce, $key);
    }

    $plaintext = fread($ifp, 32);
    if (!is_string($plaintext)) {
        throw new SodiumException('Could not read input file');
    }
    $first32 = self::ftell($ifp);

    /** @var string $subkey */
    $subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);

    /** @var string $realNonce */
    $realNonce = ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8);

    /** @var string $block0 */
    $block0 = str_repeat("\x00", 32);

    /** @var int $mlen - Length of the plaintext message */
    $mlen0 = $mlen;
    if ($mlen0 > 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES) {
        $mlen0 = 64 - ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES;
    }
    $block0 .= ParagonIE_Sodium_Core_Util::substr($plaintext, 0, $mlen0);

    /** @var string $block0 */
    $block0 = ParagonIE_Sodium_Core_Salsa20::salsa20_xor(
        $block0,
        $realNonce,
        $subkey
    );

    $state = new ParagonIE_Sodium_Core_Poly1305_State(
        ParagonIE_Sodium_Core_Util::substr(
            $block0,
            0,
            ParagonIE_Sodium_Crypto::onetimeauth_poly1305_KEYBYTES
        )
    );

    // Pre-write 16 blank bytes for the Poly1305 tag
    $start = self::ftell($ofp);
    fwrite($ofp, str_repeat("\x00", 16));

    /** @var string $c */
    $cBlock = ParagonIE_Sodium_Core_Util::substr(
        $block0,
        ParagonIE_Sodium_Crypto::secretbox_xsalsa20poly1305_ZEROBYTES
    );
    $state->update($cBlock);
    fwrite($ofp, $cBlock);
    $mlen -= 32;

    /** @var int $iter */
    $iter = 1;

    /** @var int $incr */
    $incr = self::BUFFER_SIZE >> 6;

    /*
     * Set the cursor to the end of the first half-block. All future bytes will
     * generated from salsa20_xor_ic, starting from 1 (second block).
     */
    fseek($ifp, $first32, SEEK_SET);

    while ($mlen > 0) {
        $blockSize = $mlen > self::BUFFER_SIZE
            ? self::BUFFER_SIZE
            : $mlen;
        $plaintext = fread($ifp, $blockSize);
        if (!is_string($plaintext)) {
            throw new SodiumException('Could not read input file');
        }
        $cBlock = ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(
            $plaintext,
            $realNonce,
            $iter,
            $subkey
        );
        fwrite($ofp, $cBlock, $blockSize);
        $state->update($cBlock);

        $mlen -= $blockSize;
        $iter += $incr;
    }
    try {
        ParagonIE_Sodium_Compat::memzero($block0);
        ParagonIE_Sodium_Compat::memzero($subkey);
    } catch (SodiumException $ex) {
        $block0 = null;
        $subkey = null;
    }
    $end = self::ftell($ofp);

    /*
     * Write the Poly1305 authentication tag that provides integrity
     * over the ciphertext (encrypt-then-MAC)
     */
    fseek($ofp, $start, SEEK_SET);
    fwrite($ofp, $state->finish(), ParagonIE_Sodium_Compat::CRYPTO_SECRETBOX_MACBYTES);
    fseek($ofp, $end, SEEK_SET);
    unset($state);

    return true;
}