Skip to content

Commit

Permalink
Upgrade/Install: Update sodium_compat to v1.18.0.
Browse files Browse the repository at this point in the history
The latest version of sodium_compat includes some improvements, as well as a new feature which will also be included in PHP 8.2.

* Fixed issues with the PHP autoloader:
 * [paragonie/sodium_compat#145 #145]: For WordPress, this ensures when Ed25519 is included, so too is the class it inherits from.
 * [paragonie/sodium_compat#148 #148], [paragonie/sodium_compat#149 #149]: For PHP 7.4+ with opcache preloading, this ensures the include guards don't fail.
* [paragonie/sodium_compat#144 #144]: Added `sodium_crypto_stream_xchacha20_xor_ic()`
 * See [php/php-src#8276 pull request for php-src] (merged in PHP 8.2)
 * For motivation: [paragonie/halite#178 paragonie/halite#178]

Release notes:
https://github.com/paragonie/sodium_compat/releases/tag/v1.18.0

A full list of changes in this update can be found on GitHub:
paragonie/sodium_compat@v1.17.1...v1.18.0

Follow-up to [49741], [51002], [51591], [52988].

Props jrf, paragoninitiativeenterprises.
Fixes #56564.

git-svn-id: https://develop.svn.wordpress.org/trunk@54150 602fd350-edb4-49c9-b593-d223f7449a82
  • Loading branch information
SergeyBiryukov committed Sep 14, 2022
1 parent a338319 commit 1116041
Show file tree
Hide file tree
Showing 5 changed files with 75 additions and 1 deletion.
5 changes: 4 additions & 1 deletion src/wp-includes/sodium_compat/autoload.php
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,9 @@ function sodiumCompatAutoloader($class)
}

/* Explicitly, always load the Compat class: */
require_once dirname(__FILE__) . '/src/Compat.php';
if (!class_exists('ParagonIE_Sodium_Compat', false)) {
require_once dirname(__FILE__) . '/src/Compat.php';
}

if (!class_exists('SodiumException', false)) {
require_once dirname(__FILE__) . '/src/SodiumException.php';
Expand All @@ -69,4 +71,5 @@ function sodiumCompatAutoloader($class)
// Older versions of {PHP, ext/sodium} will not define these
require_once(dirname(__FILE__) . '/lib/php72compat.php');
}
require_once(dirname(__FILE__) . '/lib/stream-xchacha20.php');
require_once(dirname(__FILE__) . '/lib/ristretto255.php');
16 changes: 16 additions & 0 deletions src/wp-includes/sodium_compat/lib/stream-xchacha20.php
Original file line number Diff line number Diff line change
Expand Up @@ -41,3 +41,19 @@ function sodium_crypto_stream_xchacha20_xor($message, $nonce, $key)
return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor($message, $nonce, $key, true);
}
}
if (!is_callable('sodium_crypto_stream_xchacha20_xor_ic')) {
/**
* @see ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor_ic()
* @param string $message
* @param string $nonce
* @param int $counter
* @param string $key
* @return string
* @throws SodiumException
* @throws TypeError
*/
function sodium_crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key)
{
return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, true);
}
}
49 changes: 49 additions & 0 deletions src/wp-includes/sodium_compat/src/Compat.php
Original file line number Diff line number Diff line change
Expand Up @@ -3154,6 +3154,55 @@ public static function crypto_stream_xchacha20_xor($message, $nonce, $key, $dont
return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key);
}

/**
* DANGER! UNAUTHENTICATED ENCRYPTION!
*
* Unless you are following expert advice, do not use this feature.
*
* Algorithm: XChaCha20
*
* This DOES NOT provide ciphertext integrity.
*
* @param string $message Plaintext message
* @param string $nonce Number to be used Once; must be 24 bytes
* @param int $counter
* @param string $key Encryption key
* @return string Encrypted text which is vulnerable to chosen-
* ciphertext attacks unless you implement some
* other mitigation to the ciphertext (i.e.
* Encrypt then MAC)
* @param bool $dontFallback
* @throws SodiumException
* @throws TypeError
* @psalm-suppress MixedArgument
*/
public static function crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, $dontFallback = false)
{
/* Type checks: */
ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1);
ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2);
ParagonIE_Sodium_Core_Util::declareScalarType($counter, 'int', 3);
ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);

/* Input validation: */
if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_XCHACHA20_NONCEBYTES) {
throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_XCHACHA20_NONCEBYTES long.');
}
if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_XCHACHA20_KEYBYTES) {
throw new SodiumException('Argument 3 must be CRYPTO_SECRETBOX_XCHACHA20_KEYBYTES long.');
}

if (is_callable('sodium_crypto_stream_xchacha20_xor_ic') && !$dontFallback) {
return sodium_crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key);
}

$ic = ParagonIE_Sodium_Core_Util::store64_le($counter);
if (PHP_INT_SIZE === 4) {
return ParagonIE_Sodium_Core32_XChaCha20::streamXorIc($message, $nonce, $key, $ic);
}
return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key, $ic);
}

/**
* Return a secure random key for use with crypto_stream_xchacha20
*
Expand Down
3 changes: 3 additions & 0 deletions src/wp-includes/sodium_compat/src/Core/Ed25519.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
if (class_exists('ParagonIE_Sodium_Core_Ed25519', false)) {
return;
}
if (!class_exists('ParagonIE_Sodium_Core_Curve25519', false)) {
require_once dirname(__FILE__) . '/Curve25519.php';
}

/**
* Class ParagonIE_Sodium_Core_Ed25519
Expand Down
3 changes: 3 additions & 0 deletions src/wp-includes/sodium_compat/src/Core32/Ed25519.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
if (class_exists('ParagonIE_Sodium_Core32_Ed25519', false)) {
return;
}
if (!class_exists('ParagonIE_Sodium_Core32_Curve25519')) {
require_once dirname(__FILE__) . '/Curve25519.php';
}

/**
* Class ParagonIE_Sodium_Core32_Ed25519
Expand Down

0 comments on commit 1116041

Please sign in to comment.