public static function ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt in Automatic Updates 8
Same name and namespace in other branches
- 7 vendor/paragonie/sodium_compat/src/Compat.php \ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt()
Authenticated Encryption with Associated Data: Decryption
Algorithm: AES-256-GCM
This mode uses a 64-bit random nonce with a 64-bit counter. IETF mode uses a 96-bit random nonce with a 32-bit counter.
@psalm-suppress MixedArgument @psalm-suppress MixedInferredReturnType @psalm-suppress MixedReturnStatement
Parameters
string $ciphertext Encrypted message (with Poly1305 MAC appended):
string $assocData Authenticated Associated Data (unencrypted):
string $nonce Number to be used only Once; must be 8 bytes:
string $key Encryption key:
Return value
string|bool The original plaintext message
Throws
SodiumException
TypeError
2 calls to ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_decrypt()
- php72compat.php in vendor/
paragonie/ sodium_compat/ lib/ php72compat.php - sodium_compat.php in vendor/
paragonie/ sodium_compat/ lib/ sodium_compat.php
File
- vendor/
paragonie/ sodium_compat/ src/ Compat.php, line 342
Class
Code
public static function crypto_aead_aes256gcm_decrypt($ciphertext = '', $assocData = '', $nonce = '', $key = '') {
if (!self::crypto_aead_aes256gcm_is_available()) {
throw new SodiumException('AES-256-GCM is not available');
}
ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1);
ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2);
ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3);
ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);
/* Input validation: */
if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AES256GCM_NPUBBYTES) {
throw new SodiumException('Nonce must be CRYPTO_AEAD_AES256GCM_NPUBBYTES long');
}
if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_AES256GCM_KEYBYTES) {
throw new SodiumException('Key must be CRYPTO_AEAD_AES256GCM_KEYBYTES long');
}
if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_AES256GCM_ABYTES) {
throw new SodiumException('Message must be at least CRYPTO_AEAD_AES256GCM_ABYTES long');
}
if (!is_callable('openssl_decrypt')) {
throw new SodiumException('The OpenSSL extension is not installed, or openssl_decrypt() is not available');
}
/** @var string $ctext */
$ctext = ParagonIE_Sodium_Core_Util::substr($ciphertext, 0, -self::CRYPTO_AEAD_AES256GCM_ABYTES);
/** @var string $authTag */
$authTag = ParagonIE_Sodium_Core_Util::substr($ciphertext, -self::CRYPTO_AEAD_AES256GCM_ABYTES, 16);
return openssl_decrypt($ctext, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $nonce, $authTag, $assocData);
}