You are here

public static function ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt in Automatic Updates 8

Same name and namespace in other branches
  1. 7 vendor/paragonie/sodium_compat/src/Compat.php \ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt()

Authenticated Encryption with Associated Data: Encryption

Algorithm: AES-256-GCM

@psalm-suppress MixedArgument

Parameters

string $plaintext Message to be encrypted:

string $assocData Authenticated Associated Data (unencrypted):

string $nonce Number to be used only Once; must be 8 bytes:

string $key Encryption key:

Return value

string Ciphertext with a 16-byte GCM message authentication code appended

Throws

SodiumException

TypeError

2 calls to ParagonIE_Sodium_Compat::crypto_aead_aes256gcm_encrypt()
php72compat.php in vendor/paragonie/sodium_compat/lib/php72compat.php
sodium_compat.php in vendor/paragonie/sodium_compat/lib/sodium_compat.php

File

vendor/paragonie/sodium_compat/src/Compat.php, line 402

Class

ParagonIE_Sodium_Compat

Code

public static function crypto_aead_aes256gcm_encrypt($plaintext = '', $assocData = '', $nonce = '', $key = '') {
  if (!self::crypto_aead_aes256gcm_is_available()) {
    throw new SodiumException('AES-256-GCM is not available');
  }
  ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1);
  ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2);
  ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3);
  ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);

  /* Input validation: */
  if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_AES256GCM_NPUBBYTES) {
    throw new SodiumException('Nonce must be CRYPTO_AEAD_AES256GCM_NPUBBYTES long');
  }
  if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_AES256GCM_KEYBYTES) {
    throw new SodiumException('Key must be CRYPTO_AEAD_AES256GCM_KEYBYTES long');
  }
  if (!is_callable('openssl_encrypt')) {
    throw new SodiumException('The OpenSSL extension is not installed, or openssl_encrypt() is not available');
  }
  $authTag = '';
  $ciphertext = openssl_encrypt($plaintext, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $nonce, $authTag, $assocData);
  return $ciphertext . $authTag;
}