public static function ParagonIE_Sodium_Crypto::secretbox_open in Automatic Updates 8
Same name and namespace in other branches
- 7 vendor/paragonie/sodium_compat/src/Crypto.php \ParagonIE_Sodium_Crypto::secretbox_open()
Decrypt a ciphertext generated via secretbox().
@internal Do not use this directly. Use ParagonIE_Sodium_Compat.
Parameters
string $ciphertext:
string $nonce:
string $key:
Return value
string
Throws
SodiumException
TypeError
2 calls to ParagonIE_Sodium_Crypto::secretbox_open()
- ParagonIE_Sodium_Compat::crypto_secretbox_open in vendor/
paragonie/ sodium_compat/ src/ Compat.php - Decrypts a message previously encrypted with crypto_secretbox().
- ParagonIE_Sodium_Crypto::box_open in vendor/
paragonie/ sodium_compat/ src/ Crypto.php - Decrypt a message encrypted with box().
File
- vendor/
paragonie/ sodium_compat/ src/ Crypto.php, line 1020
Class
- ParagonIE_Sodium_Crypto
- Class ParagonIE_Sodium_Crypto
Code
public static function secretbox_open($ciphertext, $nonce, $key) {
/** @var string $mac */
$mac = ParagonIE_Sodium_Core_Util::substr($ciphertext, 0, self::secretbox_xsalsa20poly1305_MACBYTES);
/** @var string $c */
$c = ParagonIE_Sodium_Core_Util::substr($ciphertext, self::secretbox_xsalsa20poly1305_MACBYTES);
/** @var int $clen */
$clen = ParagonIE_Sodium_Core_Util::strlen($c);
/** @var string $subkey */
$subkey = ParagonIE_Sodium_Core_HSalsa20::hsalsa20($nonce, $key);
/** @var string $block0 */
$block0 = ParagonIE_Sodium_Core_Salsa20::salsa20(64, ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), $subkey);
$verified = ParagonIE_Sodium_Core_Poly1305::onetimeauth_verify($mac, $c, ParagonIE_Sodium_Core_Util::substr($block0, 0, 32));
if (!$verified) {
try {
ParagonIE_Sodium_Compat::memzero($subkey);
} catch (SodiumException $ex) {
$subkey = null;
}
throw new SodiumException('Invalid MAC');
}
/** @var string $m - Decrypted message */
$m = ParagonIE_Sodium_Core_Util::xorStrings(ParagonIE_Sodium_Core_Util::substr($block0, self::secretbox_xsalsa20poly1305_ZEROBYTES), ParagonIE_Sodium_Core_Util::substr($c, 0, self::secretbox_xsalsa20poly1305_ZEROBYTES));
if ($clen > self::secretbox_xsalsa20poly1305_ZEROBYTES) {
// We had more than 1 block, so let's continue to decrypt the rest.
$m .= ParagonIE_Sodium_Core_Salsa20::salsa20_xor_ic(ParagonIE_Sodium_Core_Util::substr($c, self::secretbox_xsalsa20poly1305_ZEROBYTES), ParagonIE_Sodium_Core_Util::substr($nonce, 16, 8), 1, (string) $subkey);
}
return $m;
}