You are here

Home » API reference » Automatic Updates 8 » File.php » ParagonIE_Sodium_File

public static function ParagonIE_Sodium_File::box_seal_open in Automatic Updates 8

Same name and namespace in other branches
  1. 7 vendor/paragonie/sodium_compat/src/File.php \ParagonIE_Sodium_File::box_seal_open()

Open a sealed file (rather than a string). Uses less memory than ParagonIE_Sodium_Compat::crypto_box_seal_open(), but produces the same result.

Warning: Does not protect against TOCTOU attacks. You should just load the file into memory and use crypto_box_seal_open() if you are worried about those.

Parameters

string $inputFile:

string $outputFile:

string $ecdhKeypair:

Return value

bool

Throws

SodiumException

TypeError

File

vendor/paragonie/sodium_compat/src/File.php, line 267

Class

ParagonIE_Sodium_File
Class ParagonIE_Sodium_File

Code

public static function box_seal_open($inputFile, $outputFile, $ecdhKeypair) {

  /* Type checks: */
  if (!is_string($inputFile)) {
    throw new TypeError('Argument 1 must be a string, ' . gettype($inputFile) . ' given.');
  }
  if (!is_string($outputFile)) {
    throw new TypeError('Argument 2 must be a string, ' . gettype($outputFile) . ' given.');
  }
  if (!is_string($ecdhKeypair)) {
    throw new TypeError('Argument 3 must be a string, ' . gettype($ecdhKeypair) . ' given.');
  }

  /* Input validation: */
  if (self::strlen($ecdhKeypair) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_KEYPAIRBYTES) {
    throw new TypeError('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES bytes');
  }
  $publicKey = ParagonIE_Sodium_Compat::crypto_box_publickey($ecdhKeypair);

  /** @var int $size */
  $size = filesize($inputFile);
  if (!is_int($size)) {
    throw new SodiumException('Could not obtain the file size');
  }

  /** @var resource $ifp */
  $ifp = fopen($inputFile, 'rb');
  if (!is_resource($ifp)) {
    throw new SodiumException('Could not open input file for reading');
  }

  /** @var resource $ofp */
  $ofp = fopen($outputFile, 'wb');
  if (!is_resource($ofp)) {
    fclose($ifp);
    throw new SodiumException('Could not open output file for writing');
  }
  $ephemeralPK = fread($ifp, ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES);
  if (!is_string($ephemeralPK)) {
    throw new SodiumException('Could not read input file');
  }
  if (self::strlen($ephemeralPK) !== ParagonIE_Sodium_Compat::CRYPTO_BOX_PUBLICKEYBYTES) {
    fclose($ifp);
    fclose($ofp);
    throw new SodiumException('Could not read public key from sealed file');
  }
  $nonce = ParagonIE_Sodium_Compat::crypto_generichash($ephemeralPK . $publicKey, '', 24);
  $msgKeypair = ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey(ParagonIE_Sodium_Compat::crypto_box_secretkey($ecdhKeypair), $ephemeralPK);
  $res = self::box_decrypt($ifp, $ofp, $size, $nonce, $msgKeypair);
  fclose($ifp);
  fclose($ofp);
  try {
    ParagonIE_Sodium_Compat::memzero($nonce);
    ParagonIE_Sodium_Compat::memzero($ephKeypair);
  } catch (SodiumException $ex) {
    if (isset($ephKeypair)) {
      unset($ephKeypair);
    }
  }
  return $res;
}