php-internal-docs 8.4.8
Unofficial docs for php/php-src
Loading...
Searching...
No Matches
libsodium.c
Go to the documentation of this file.
1/*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Frank Denis <jedisct1@php.net> |
14 +----------------------------------------------------------------------+
15*/
16
17#ifdef HAVE_CONFIG_H
18# include "config.h"
19#endif
20
21#include "php.h"
22#include "ext/standard/info.h"
23#include "php_libsodium.h"
24#include "zend_attributes.h"
25#include "zend_exceptions.h"
26
27#include <sodium.h>
28#include <stdint.h>
29#include <string.h>
30
31#define PHP_SODIUM_ZSTR_TRUNCATE(zs, len) do { ZSTR_LEN(zs) = (len); } while(0)
32
33static zend_class_entry *sodium_exception_ce;
34
35#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64__) || defined(__i386__) || \
36 defined(_M_AMD64) || defined(_M_IX86) || defined(__aarch64__) || defined(_M_ARM64))
37# define HAVE_AESGCM 1
38#endif
39
40static zend_always_inline zend_string *zend_string_checked_alloc(size_t len, int persistent)
41{
42 zend_string *zs;
43
44 if (ZEND_MM_ALIGNED_SIZE(_ZSTR_STRUCT_SIZE(len)) < len) {
45 zend_error_noreturn(E_ERROR, "Memory allocation too large (%zu bytes)", len);
46 }
47 zs = zend_string_alloc(len, persistent);
48 ZSTR_VAL(zs)[len] = 0;
49
50 return zs;
51}
52
53#ifndef crypto_kdf_BYTES_MIN
54# define crypto_kdf_BYTES_MIN 16
55# define crypto_kdf_BYTES_MAX 64
56# define crypto_kdf_CONTEXTBYTES 8
57# define crypto_kdf_KEYBYTES 32
58#endif
59
60#ifndef crypto_kx_SEEDBYTES
61# define crypto_kx_SEEDBYTES 32
62# define crypto_kx_SESSIONKEYBYTES 32
63# define crypto_kx_PUBLICKEYBYTES 32
64# define crypto_kx_SECRETKEYBYTES 32
65#endif
66
67#include "libsodium_arginfo.h"
68
69#ifndef crypto_aead_chacha20poly1305_IETF_KEYBYTES
70# define crypto_aead_chacha20poly1305_IETF_KEYBYTES crypto_aead_chacha20poly1305_KEYBYTES
71#endif
72#ifndef crypto_aead_chacha20poly1305_IETF_NSECBYTES
73# define crypto_aead_chacha20poly1305_IETF_NSECBYTES crypto_aead_chacha20poly1305_NSECBYTES
74#endif
75#ifndef crypto_aead_chacha20poly1305_IETF_ABYTES
76# define crypto_aead_chacha20poly1305_IETF_ABYTES crypto_aead_chacha20poly1305_ABYTES
77#endif
78
79#if defined(crypto_secretstream_xchacha20poly1305_ABYTES) && SODIUM_LIBRARY_VERSION_MAJOR < 10
80# undef crypto_secretstream_xchacha20poly1305_ABYTES
81#endif
82
83#ifndef crypto_pwhash_OPSLIMIT_MIN
84# define crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE
85#endif
86#ifndef crypto_pwhash_MEMLIMIT_MIN
87# define crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE
88#endif
89#ifndef crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN
90# define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE
91#endif
92#ifndef crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN
93# define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
94#endif
95
96/* Load after the "standard" module in order to give it
97 * priority in registering argon2i/argon2id password hashers.
98 */
99static const zend_module_dep sodium_deps[] = {
100 ZEND_MOD_REQUIRED("standard")
101 ZEND_MOD_END
102};
103
104zend_module_entry sodium_module_entry = {
105 STANDARD_MODULE_HEADER_EX,
106 NULL,
107 sodium_deps,
108 "sodium",
109 ext_functions,
110 PHP_MINIT(sodium),
111 PHP_MSHUTDOWN(sodium),
112 NULL,
113 NULL,
114 PHP_MINFO(sodium),
115 PHP_SODIUM_VERSION,
116 STANDARD_MODULE_PROPERTIES
117};
118/* }}} */
119
120#ifdef COMPILE_DL_SODIUM
121ZEND_GET_MODULE(sodium)
122#endif
123
124/* Remove argument information from backtrace to prevent information leaks */
125static void sodium_remove_param_values_from_backtrace(zend_object *obj) {
126 zval rv;
127 zval *trace = zend_read_property_ex(zend_get_exception_base(obj), obj, ZSTR_KNOWN(ZEND_STR_TRACE), /* silent */ false, &rv);
128 if (trace && Z_TYPE_P(trace) == IS_ARRAY) {
129 zval *frame;
130 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(trace), frame) {
131 if (Z_TYPE_P(frame) == IS_ARRAY) {
132 zval *args = zend_hash_find(Z_ARRVAL_P(frame), ZSTR_KNOWN(ZEND_STR_ARGS));
133 if (args) {
134 zval_ptr_dtor(args);
135 ZVAL_EMPTY_ARRAY(args);
136 }
137 }
138 } ZEND_HASH_FOREACH_END();
139 }
140}
141
142static zend_object *sodium_exception_create_object(zend_class_entry *ce) {
143 zend_object *obj = zend_ce_exception->create_object(ce);
144 sodium_remove_param_values_from_backtrace(obj);
145 return obj;
146}
147
148static void sodium_separate_string(zval *zv) {
149 ZEND_ASSERT(Z_TYPE_P(zv) == IS_STRING);
150 if (!Z_REFCOUNTED_P(zv) || Z_REFCOUNT_P(zv) > 1) {
151 zend_string *copy = zend_string_init(Z_STRVAL_P(zv), Z_STRLEN_P(zv), 0);
152 Z_TRY_DELREF_P(zv);
153 ZVAL_STR(zv, copy);
154 }
155}
156
157PHP_MINIT_FUNCTION(sodium)
158{
159 if (sodium_init() < 0) {
160 zend_error_noreturn(E_ERROR, "sodium_init()");
161 }
162
163 sodium_exception_ce = register_class_SodiumException(zend_ce_exception);
164 sodium_exception_ce->create_object = sodium_exception_create_object;
165
166#if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
167 if (FAILURE == PHP_MINIT(sodium_password_hash)(INIT_FUNC_ARGS_PASSTHRU)) {
168 return FAILURE;
169 }
170#endif
171
172 register_libsodium_symbols(module_number);
173
174 return SUCCESS;
175}
176
177PHP_MSHUTDOWN_FUNCTION(sodium)
178{
179 randombytes_close();
180 return SUCCESS;
181}
182
183PHP_MINFO_FUNCTION(sodium)
184{
185 php_info_print_table_start();
186 php_info_print_table_row(2, "sodium support", "enabled");
187 php_info_print_table_row(2, "libsodium headers version", SODIUM_VERSION_STRING);
188 php_info_print_table_row(2, "libsodium library version", sodium_version_string());
189 php_info_print_table_end();
190}
191
192PHP_FUNCTION(sodium_memzero)
193{
194 zval *buf_zv;
195
196 if (zend_parse_parameters(ZEND_NUM_ARGS(),
197 "z", &buf_zv) == FAILURE) {
198 sodium_remove_param_values_from_backtrace(EG(exception));
199 RETURN_THROWS();
200 }
201 ZVAL_DEREF(buf_zv);
202 if (Z_TYPE_P(buf_zv) != IS_STRING) {
203 zend_throw_exception(sodium_exception_ce, "a PHP string is required", 0);
204 RETURN_THROWS();
205 }
206 if (Z_REFCOUNTED_P(buf_zv) && Z_REFCOUNT_P(buf_zv) == 1) {
207 char *buf = Z_STRVAL(*buf_zv);
208 size_t buf_len = Z_STRLEN(*buf_zv);
209 if (buf_len > 0) {
210 sodium_memzero(buf, (size_t) buf_len);
211 }
212 }
213 convert_to_null(buf_zv);
214}
215
216PHP_FUNCTION(sodium_increment)
217{
218 zval *val_zv;
219 unsigned char *val;
220 size_t val_len;
221
222 if (zend_parse_parameters(ZEND_NUM_ARGS(),
223 "z", &val_zv) == FAILURE) {
224 sodium_remove_param_values_from_backtrace(EG(exception));
225 RETURN_THROWS();
226 }
227 ZVAL_DEREF(val_zv);
228 if (Z_TYPE_P(val_zv) != IS_STRING) {
229 zend_throw_exception(sodium_exception_ce, "a PHP string is required", 0);
230 RETURN_THROWS();
231 }
232
233 sodium_separate_string(val_zv);
234 val = (unsigned char *) Z_STRVAL(*val_zv);
235 val_len = Z_STRLEN(*val_zv);
236 sodium_increment(val, val_len);
237}
238
239PHP_FUNCTION(sodium_add)
240{
241 zval *val_zv;
242 unsigned char *val;
243 unsigned char *addv;
244 size_t val_len;
245 size_t addv_len;
246
247 if (zend_parse_parameters(ZEND_NUM_ARGS(),
248 "zs", &val_zv, &addv, &addv_len) == FAILURE) {
249 sodium_remove_param_values_from_backtrace(EG(exception));
250 RETURN_THROWS();
251 }
252 ZVAL_DEREF(val_zv);
253 if (Z_TYPE_P(val_zv) != IS_STRING) {
254 zend_throw_exception(sodium_exception_ce, "PHP strings are required", 0);
255 RETURN_THROWS();
256 }
257
258 sodium_separate_string(val_zv);
259 val = (unsigned char *) Z_STRVAL(*val_zv);
260 val_len = Z_STRLEN(*val_zv);
261 if (val_len != addv_len) {
262 zend_argument_error(sodium_exception_ce, 1, "and argument #2 ($string_2) must have the same length");
263 RETURN_THROWS();
264 }
265 sodium_add(val, addv, val_len);
266}
267
268PHP_FUNCTION(sodium_memcmp)
269{
270 char *buf1;
271 char *buf2;
272 size_t len1;
273 size_t len2;
274
275 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
276 &buf1, &len1,
277 &buf2, &len2) == FAILURE) {
278 sodium_remove_param_values_from_backtrace(EG(exception));
279 RETURN_THROWS();
280 }
281 if (len1 != len2) {
282 zend_argument_error(sodium_exception_ce, 1, "and argument #2 ($string_2) must have the same length");
283 RETURN_THROWS();
284 }
285 RETURN_LONG(sodium_memcmp(buf1, buf2, len1));
286}
287
288PHP_FUNCTION(sodium_crypto_shorthash)
289{
290 zend_string *hash;
291 unsigned char *key;
292 unsigned char *msg;
293 size_t key_len;
294 size_t msg_len;
295
296 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
297 &msg, &msg_len,
298 &key, &key_len) == FAILURE) {
299 sodium_remove_param_values_from_backtrace(EG(exception));
300 RETURN_THROWS();
301 }
302 if (key_len != crypto_shorthash_KEYBYTES) {
303 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SHORTHASH_KEYBYTES bytes long");
304 RETURN_THROWS();
305 }
306 hash = zend_string_alloc(crypto_shorthash_BYTES, 0);
307 if (crypto_shorthash((unsigned char *) ZSTR_VAL(hash), msg,
308 (unsigned long long) msg_len, key) != 0) {
309 zend_string_efree(hash);
310 zend_throw_exception(sodium_exception_ce, "internal error", 0);
311 RETURN_THROWS();
312 }
313 ZSTR_VAL(hash)[crypto_shorthash_BYTES] = 0;
314
315 RETURN_NEW_STR(hash);
316}
317
318PHP_FUNCTION(sodium_crypto_secretbox)
319{
320 zend_string *ciphertext;
321 unsigned char *key;
322 unsigned char *msg;
323 unsigned char *nonce;
324 size_t key_len;
325 size_t msg_len;
326 size_t nonce_len;
327
328 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
329 &msg, &msg_len,
330 &nonce, &nonce_len,
331 &key, &key_len) == FAILURE) {
332 sodium_remove_param_values_from_backtrace(EG(exception));
333 RETURN_THROWS();
334 }
335 if (nonce_len != crypto_secretbox_NONCEBYTES) {
336 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SECRETBOX_NONCEBYTES bytes long");
337 RETURN_THROWS();
338 }
339 if (key_len != crypto_secretbox_KEYBYTES) {
340 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes long");
341 RETURN_THROWS();
342 }
343 if (SIZE_MAX - msg_len <= crypto_secretbox_MACBYTES) {
344 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
345 RETURN_THROWS();
346 }
347 ciphertext = zend_string_alloc((size_t) msg_len + crypto_secretbox_MACBYTES, 0);
348 if (crypto_secretbox_easy((unsigned char *) ZSTR_VAL(ciphertext),
349 msg, (unsigned long long) msg_len,
350 nonce, key) != 0) {
351 zend_string_efree(ciphertext);
352 zend_throw_exception(sodium_exception_ce, "internal error", 0);
353 RETURN_THROWS();
354 }
355 ZSTR_VAL(ciphertext)[msg_len + crypto_secretbox_MACBYTES] = 0;
356
357 RETURN_NEW_STR(ciphertext);
358}
359
360PHP_FUNCTION(sodium_crypto_secretbox_open)
361{
362 zend_string *msg;
363 unsigned char *key;
364 unsigned char *ciphertext;
365 unsigned char *nonce;
366 size_t key_len;
367 size_t ciphertext_len;
368 size_t nonce_len;
369
370 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
371 &ciphertext, &ciphertext_len,
372 &nonce, &nonce_len,
373 &key, &key_len) == FAILURE) {
374 sodium_remove_param_values_from_backtrace(EG(exception));
375 RETURN_THROWS();
376 }
377 if (nonce_len != crypto_secretbox_NONCEBYTES) {
378 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SECRETBOX_NONCEBYTES bytes long");
379 RETURN_THROWS();
380 }
381 if (key_len != crypto_secretbox_KEYBYTES) {
382 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes long");
383 RETURN_THROWS();
384 }
385 if (ciphertext_len < crypto_secretbox_MACBYTES) {
386 RETURN_FALSE;
387 }
388 msg = zend_string_alloc
389 ((size_t) ciphertext_len - crypto_secretbox_MACBYTES, 0);
390 if (crypto_secretbox_open_easy((unsigned char *) ZSTR_VAL(msg), ciphertext,
391 (unsigned long long) ciphertext_len,
392 nonce, key) != 0) {
393 zend_string_efree(msg);
394 RETURN_FALSE;
395 } else {
396 ZSTR_VAL(msg)[ciphertext_len - crypto_secretbox_MACBYTES] = 0;
397 RETURN_NEW_STR(msg);
398 }
399}
400
401PHP_FUNCTION(sodium_crypto_generichash)
402{
403 zend_string *hash;
404 unsigned char *key = NULL;
405 unsigned char *msg;
406 zend_long hash_len = crypto_generichash_BYTES;
407 size_t key_len = 0;
408 size_t msg_len;
409
410 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|sl",
411 &msg, &msg_len,
412 &key, &key_len,
413 &hash_len) == FAILURE) {
414 sodium_remove_param_values_from_backtrace(EG(exception));
415 RETURN_THROWS();
416 }
417 if (hash_len < crypto_generichash_BYTES_MIN ||
418 hash_len > crypto_generichash_BYTES_MAX) {
419 zend_throw_exception(sodium_exception_ce, "unsupported output length", 0);
420 RETURN_THROWS();
421 }
422 if (key_len != 0 &&
423 (key_len < crypto_generichash_KEYBYTES_MIN ||
424 key_len > crypto_generichash_KEYBYTES_MAX)) {
425 zend_throw_exception(sodium_exception_ce, "unsupported key length", 0);
426 RETURN_THROWS();
427 }
428 hash = zend_string_alloc(hash_len, 0);
429 if (crypto_generichash((unsigned char *) ZSTR_VAL(hash), (size_t) hash_len,
430 msg, (unsigned long long) msg_len,
431 key, (size_t) key_len) != 0) {
432 zend_string_efree(hash);
433 zend_throw_exception(sodium_exception_ce, "internal error", 0);
434 RETURN_THROWS();
435 }
436 ZSTR_VAL(hash)[hash_len] = 0;
437
438 RETURN_NEW_STR(hash);
439}
440
441PHP_FUNCTION(sodium_crypto_generichash_init)
442{
443 crypto_generichash_state state_tmp;
444 zend_string *state;
445 unsigned char *key = NULL;
446 size_t state_len = sizeof (crypto_generichash_state);
447 zend_long hash_len = crypto_generichash_BYTES;
448 size_t key_len = 0;
449
450 if (zend_parse_parameters(ZEND_NUM_ARGS(), "|sl",
451 &key, &key_len,
452 &hash_len) == FAILURE) {
453 sodium_remove_param_values_from_backtrace(EG(exception));
454 RETURN_THROWS();
455 }
456 if (hash_len < crypto_generichash_BYTES_MIN ||
457 hash_len > crypto_generichash_BYTES_MAX) {
458 zend_throw_exception(sodium_exception_ce, "unsupported output length", 0);
459 RETURN_THROWS();
460 }
461 if (key_len != 0 &&
462 (key_len < crypto_generichash_KEYBYTES_MIN ||
463 key_len > crypto_generichash_KEYBYTES_MAX)) {
464 zend_throw_exception(sodium_exception_ce, "unsupported key length", 0);
465 RETURN_THROWS();
466 }
467 memset(&state_tmp, 0, sizeof state_tmp);
468 if (crypto_generichash_init((void *) &state_tmp, key, (size_t) key_len,
469 (size_t) hash_len) != 0) {
470 zend_throw_exception(sodium_exception_ce, "internal error", 0);
471 RETURN_THROWS();
472 }
473 state = zend_string_alloc(state_len, 0);
474 memcpy(ZSTR_VAL(state), &state_tmp, state_len);
475 sodium_memzero(&state_tmp, sizeof state_tmp);
476 ZSTR_VAL(state)[state_len] = 0;
477
478 RETURN_STR(state);
479}
480
481PHP_FUNCTION(sodium_crypto_generichash_update)
482{
483 crypto_generichash_state state_tmp;
484 zval *state_zv;
485 unsigned char *msg;
486 unsigned char *state;
487 size_t msg_len;
488 size_t state_len;
489
490 if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs",
491 &state_zv, &msg, &msg_len) == FAILURE) {
492 sodium_remove_param_values_from_backtrace(EG(exception));
493 RETURN_THROWS();
494 }
495 ZVAL_DEREF(state_zv);
496 if (Z_TYPE_P(state_zv) != IS_STRING) {
497 zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state");
498 RETURN_THROWS();
499 }
500 sodium_separate_string(state_zv);
501 state = (unsigned char *) Z_STRVAL(*state_zv);
502 state_len = Z_STRLEN(*state_zv);
503 if (state_len != sizeof (crypto_generichash_state)) {
504 zend_throw_exception(sodium_exception_ce, "incorrect state length", 0);
505 RETURN_THROWS();
506 }
507 memcpy(&state_tmp, state, sizeof state_tmp);
508 if (crypto_generichash_update((void *) &state_tmp, msg,
509 (unsigned long long) msg_len) != 0) {
510 sodium_memzero(&state_tmp, sizeof state_tmp);
511 zend_throw_exception(sodium_exception_ce, "internal error", 0);
512 RETURN_THROWS();
513 }
514 memcpy(state, &state_tmp, state_len);
515 sodium_memzero(&state_tmp, sizeof state_tmp);
516
517 RETURN_TRUE;
518}
519
520PHP_FUNCTION(sodium_crypto_generichash_final)
521{
522 crypto_generichash_state state_tmp;
523 zend_string *hash;
524 zval *state_zv;
525 unsigned char *state;
526 size_t state_len;
527 zend_long hash_len = crypto_generichash_BYTES;
528
529 if (zend_parse_parameters(ZEND_NUM_ARGS(), "z|l",
530 &state_zv, &hash_len) == FAILURE) {
531 sodium_remove_param_values_from_backtrace(EG(exception));
532 RETURN_THROWS();
533 }
534 ZVAL_DEREF(state_zv);
535 if (Z_TYPE_P(state_zv) != IS_STRING) {
536 zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state");
537 RETURN_THROWS();
538 }
539 sodium_separate_string(state_zv);
540 state = (unsigned char *) Z_STRVAL(*state_zv);
541 state_len = Z_STRLEN(*state_zv);
542 if (state_len != sizeof (crypto_generichash_state)) {
543 zend_throw_exception(sodium_exception_ce, "incorrect state length", 0);
544 RETURN_THROWS();
545 }
546 if (hash_len < crypto_generichash_BYTES_MIN ||
547 hash_len > crypto_generichash_BYTES_MAX) {
548 zend_throw_exception(sodium_exception_ce, "unsupported output length", 0);
549 RETURN_THROWS();
550 }
551 hash = zend_string_alloc(hash_len, 0);
552 memcpy(&state_tmp, state, sizeof state_tmp);
553 if (crypto_generichash_final((void *) &state_tmp,
554 (unsigned char *) ZSTR_VAL(hash),
555 (size_t) hash_len) != 0) {
556 sodium_memzero(&state_tmp, sizeof state_tmp);
557 zend_string_efree(hash);
558 zend_throw_exception(sodium_exception_ce, "internal error", 0);
559 RETURN_THROWS();
560 }
561 sodium_memzero(&state_tmp, sizeof state_tmp);
562 sodium_memzero(state, state_len);
563 convert_to_null(state_zv);
564 ZSTR_VAL(hash)[hash_len] = 0;
565
566 RETURN_NEW_STR(hash);
567}
568
569PHP_FUNCTION(sodium_crypto_box_keypair)
570{
571 zend_string *keypair;
572 size_t keypair_len;
573
574 if (zend_parse_parameters_none() == FAILURE) {
575 RETURN_THROWS();
576 }
577 keypair_len = crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES;
578 keypair = zend_string_alloc(keypair_len, 0);
579 if (crypto_box_keypair((unsigned char *) ZSTR_VAL(keypair) +
580 crypto_box_SECRETKEYBYTES,
581 (unsigned char *) ZSTR_VAL(keypair)) != 0) {
582 zend_string_efree(keypair);
583 zend_throw_exception(sodium_exception_ce, "internal error", 0);
584 RETURN_THROWS();
585 }
586 ZSTR_VAL(keypair)[keypair_len] = 0;
587
588 RETURN_NEW_STR(keypair);
589}
590
591PHP_FUNCTION(sodium_crypto_box_seed_keypair)
592{
593 zend_string *keypair;
594 unsigned char *seed;
595 size_t keypair_len;
596 size_t seed_len;
597
598 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
599 &seed, &seed_len) == FAILURE) {
600 sodium_remove_param_values_from_backtrace(EG(exception));
601 RETURN_THROWS();
602 }
603 if (seed_len != crypto_box_SEEDBYTES) {
604 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_BOX_SEEDBYTES bytes long");
605 RETURN_THROWS();
606 }
607 keypair_len = crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES;
608 keypair = zend_string_alloc(keypair_len, 0);
609 if (crypto_box_seed_keypair((unsigned char *) ZSTR_VAL(keypair) +
610 crypto_box_SECRETKEYBYTES,
611 (unsigned char *) ZSTR_VAL(keypair),
612 seed) != 0) {
613 zend_string_efree(keypair);
614 zend_throw_exception(sodium_exception_ce, "internal error", 0);
615 RETURN_THROWS();
616 }
617 ZSTR_VAL(keypair)[keypair_len] = 0;
618
619 RETURN_NEW_STR(keypair);
620}
621
622PHP_FUNCTION(sodium_crypto_box_keypair_from_secretkey_and_publickey)
623{
624 zend_string *keypair;
625 char *publickey;
626 char *secretkey;
627 size_t keypair_len;
628 size_t publickey_len;
629 size_t secretkey_len;
630
631 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
632 &secretkey, &secretkey_len,
633 &publickey, &publickey_len) == FAILURE) {
634 sodium_remove_param_values_from_backtrace(EG(exception));
635 RETURN_THROWS();
636 }
637 if (secretkey_len != crypto_box_SECRETKEYBYTES) {
638 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_BOX_SECRETKEYBYTES bytes long");
639 RETURN_THROWS();
640 }
641 if (publickey_len != crypto_box_PUBLICKEYBYTES) {
642 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_BOX_PUBLICKEYBYTES bytes long");
643 RETURN_THROWS();
644 }
645 keypair_len = crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES;
646 keypair = zend_string_alloc(keypair_len, 0);
647 memcpy(ZSTR_VAL(keypair), secretkey, crypto_box_SECRETKEYBYTES);
648 memcpy(ZSTR_VAL(keypair) + crypto_box_SECRETKEYBYTES, publickey,
649 crypto_box_PUBLICKEYBYTES);
650 ZSTR_VAL(keypair)[keypair_len] = 0;
651
652 RETURN_STR(keypair);
653}
654
655PHP_FUNCTION(sodium_crypto_box_secretkey)
656{
657 zend_string *secretkey;
658 unsigned char *keypair;
659 size_t keypair_len;
660
661 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
662 &keypair, &keypair_len) == FAILURE) {
663 sodium_remove_param_values_from_backtrace(EG(exception));
664 RETURN_THROWS();
665 }
666 if (keypair_len !=
667 crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES) {
668 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_BOX_KEYPAIRBYTES bytes long");
669 RETURN_THROWS();
670 }
671 secretkey = zend_string_alloc(crypto_box_SECRETKEYBYTES, 0);
672 memcpy(ZSTR_VAL(secretkey), keypair, crypto_box_SECRETKEYBYTES);
673 ZSTR_VAL(secretkey)[crypto_box_SECRETKEYBYTES] = 0;
674
675 RETURN_STR(secretkey);
676}
677
678PHP_FUNCTION(sodium_crypto_box_publickey)
679{
680 zend_string *publickey;
681 unsigned char *keypair;
682 size_t keypair_len;
683
684 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
685 &keypair, &keypair_len) == FAILURE) {
686 sodium_remove_param_values_from_backtrace(EG(exception));
687 RETURN_THROWS();
688 }
689 if (keypair_len !=
690 crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES) {
691 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_BOX_KEYPAIRBYTES bytes long");
692 RETURN_THROWS();
693 }
694 publickey = zend_string_alloc(crypto_box_PUBLICKEYBYTES, 0);
695 memcpy(ZSTR_VAL(publickey), keypair + crypto_box_SECRETKEYBYTES,
696 crypto_box_PUBLICKEYBYTES);
697 ZSTR_VAL(publickey)[crypto_box_PUBLICKEYBYTES] = 0;
698
699 RETURN_STR(publickey);
700}
701
702PHP_FUNCTION(sodium_crypto_box_publickey_from_secretkey)
703{
704 zend_string *publickey;
705 unsigned char *secretkey;
706 size_t secretkey_len;
707
708 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
709 &secretkey, &secretkey_len) == FAILURE) {
710 sodium_remove_param_values_from_backtrace(EG(exception));
711 RETURN_THROWS();
712 }
713 if (secretkey_len != crypto_box_SECRETKEYBYTES) {
714 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_BOX_SECRETKEYBYTES bytes long");
715 RETURN_THROWS();
716 }
717 publickey = zend_string_alloc(crypto_box_PUBLICKEYBYTES, 0);
718 (void) sizeof(int[crypto_scalarmult_BYTES ==
719 crypto_box_PUBLICKEYBYTES ? 1 : -1]);
720 (void) sizeof(int[crypto_scalarmult_SCALARBYTES ==
721 crypto_box_SECRETKEYBYTES ? 1 : -1]);
722 crypto_scalarmult_base((unsigned char *) ZSTR_VAL(publickey), secretkey);
723 ZSTR_VAL(publickey)[crypto_box_PUBLICKEYBYTES] = 0;
724
725 RETURN_STR(publickey);
726}
727
728PHP_FUNCTION(sodium_crypto_box)
729{
730 zend_string *ciphertext;
731 unsigned char *keypair;
732 unsigned char *msg;
733 unsigned char *nonce;
734 unsigned char *publickey;
735 unsigned char *secretkey;
736 size_t keypair_len;
737 size_t msg_len;
738 size_t nonce_len;
739
740 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
741 &msg, &msg_len,
742 &nonce, &nonce_len,
743 &keypair, &keypair_len) == FAILURE) {
744 sodium_remove_param_values_from_backtrace(EG(exception));
745 RETURN_THROWS();
746 }
747 if (nonce_len != crypto_box_NONCEBYTES) {
748 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_BOX_NONCEBYTES bytes long");
749 RETURN_THROWS();
750 }
751 if (keypair_len != crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES) {
752 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_BOX_KEYPAIRBYTES bytes long");
753 RETURN_THROWS();
754 }
755 secretkey = keypair;
756 publickey = keypair + crypto_box_SECRETKEYBYTES;
757 if (SIZE_MAX - msg_len <= crypto_box_MACBYTES) {
758 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
759 RETURN_THROWS();
760 }
761 ciphertext = zend_string_alloc((size_t) msg_len + crypto_box_MACBYTES, 0);
762 if (crypto_box_easy((unsigned char *) ZSTR_VAL(ciphertext), msg,
763 (unsigned long long) msg_len,
764 nonce, publickey, secretkey) != 0) {
765 zend_string_efree(ciphertext);
766 zend_throw_exception(sodium_exception_ce, "internal error", 0);
767 RETURN_THROWS();
768 }
769 ZSTR_VAL(ciphertext)[msg_len + crypto_box_MACBYTES] = 0;
770
771 RETURN_NEW_STR(ciphertext);
772}
773
774PHP_FUNCTION(sodium_crypto_box_open)
775{
776 zend_string *msg;
777 unsigned char *ciphertext;
778 unsigned char *keypair;
779 unsigned char *nonce;
780 unsigned char *publickey;
781 unsigned char *secretkey;
782 size_t ciphertext_len;
783 size_t keypair_len;
784 size_t nonce_len;
785
786 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
787 &ciphertext, &ciphertext_len,
788 &nonce, &nonce_len,
789 &keypair, &keypair_len) == FAILURE) {
790 sodium_remove_param_values_from_backtrace(EG(exception));
791 RETURN_THROWS();
792 }
793 if (nonce_len != crypto_box_NONCEBYTES) {
794 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_BOX_NONCEBYTES bytes long");
795 RETURN_THROWS();
796 }
797 if (keypair_len != crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES) {
798 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_BOX_KEYPAIRBYTES bytes long");
799 RETURN_THROWS();
800 }
801 secretkey = keypair;
802 publickey = keypair + crypto_box_SECRETKEYBYTES;
803 if (ciphertext_len < crypto_box_MACBYTES) {
804 RETURN_FALSE;
805 }
806 msg = zend_string_alloc((size_t) ciphertext_len - crypto_box_MACBYTES, 0);
807 if (crypto_box_open_easy((unsigned char *) ZSTR_VAL(msg), ciphertext,
808 (unsigned long long) ciphertext_len,
809 nonce, publickey, secretkey) != 0) {
810 zend_string_efree(msg);
811 RETURN_FALSE;
812 } else {
813 ZSTR_VAL(msg)[ciphertext_len - crypto_box_MACBYTES] = 0;
814 RETURN_NEW_STR(msg);
815 }
816}
817
818PHP_FUNCTION(sodium_crypto_box_seal)
819{
820 zend_string *ciphertext;
821 unsigned char *msg;
822 unsigned char *publickey;
823 size_t msg_len;
824 size_t publickey_len;
825
826 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
827 &msg, &msg_len,
828 &publickey, &publickey_len) == FAILURE) {
829 sodium_remove_param_values_from_backtrace(EG(exception));
830 RETURN_THROWS();
831 }
832 if (publickey_len != crypto_box_PUBLICKEYBYTES) {
833 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_BOX_PUBLICKEYBYTES bytes long");
834 RETURN_THROWS();
835 }
836 if (SIZE_MAX - msg_len <= crypto_box_SEALBYTES) {
837 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
838 RETURN_THROWS();
839 }
840 ciphertext = zend_string_alloc((size_t) msg_len + crypto_box_SEALBYTES, 0);
841 if (crypto_box_seal((unsigned char *) ZSTR_VAL(ciphertext), msg,
842 (unsigned long long) msg_len, publickey) != 0) {
843 zend_string_efree(ciphertext);
844 zend_throw_exception(sodium_exception_ce, "internal error", 0);
845 RETURN_THROWS();
846 }
847 ZSTR_VAL(ciphertext)[msg_len + crypto_box_SEALBYTES] = 0;
848
849 RETURN_NEW_STR(ciphertext);
850}
851
852PHP_FUNCTION(sodium_crypto_box_seal_open)
853{
854 zend_string *msg;
855 unsigned char *ciphertext;
856 unsigned char *keypair;
857 unsigned char *publickey;
858 unsigned char *secretkey;
859 size_t ciphertext_len;
860 size_t keypair_len;
861
862 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
863 &ciphertext, &ciphertext_len,
864 &keypair, &keypair_len) == FAILURE) {
865 sodium_remove_param_values_from_backtrace(EG(exception));
866 RETURN_THROWS();
867 }
868 if (keypair_len != crypto_box_SECRETKEYBYTES + crypto_box_PUBLICKEYBYTES) {
869 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_BOX_KEYPAIRBYTES bytes long");
870 RETURN_THROWS();
871 }
872 secretkey = keypair;
873 publickey = keypair + crypto_box_SECRETKEYBYTES;
874 if (ciphertext_len < crypto_box_SEALBYTES) {
875 RETURN_FALSE;
876 }
877 msg = zend_string_alloc((size_t) ciphertext_len - crypto_box_SEALBYTES, 0);
878 if (crypto_box_seal_open((unsigned char *) ZSTR_VAL(msg), ciphertext,
879 (unsigned long long) ciphertext_len,
880 publickey, secretkey) != 0) {
881 zend_string_efree(msg);
882 RETURN_FALSE;
883 } else {
884 ZSTR_VAL(msg)[ciphertext_len - crypto_box_SEALBYTES] = 0;
885 RETURN_NEW_STR(msg);
886 }
887}
888
889PHP_FUNCTION(sodium_crypto_sign_keypair)
890{
891 zend_string *keypair;
892 size_t keypair_len;
893
894 if (zend_parse_parameters_none() == FAILURE) {
895 RETURN_THROWS();
896 }
897 keypair_len = crypto_sign_SECRETKEYBYTES + crypto_sign_PUBLICKEYBYTES;
898 keypair = zend_string_alloc(keypair_len, 0);
899 if (crypto_sign_keypair((unsigned char *) ZSTR_VAL(keypair) +
900 crypto_sign_SECRETKEYBYTES,
901 (unsigned char *) ZSTR_VAL(keypair)) != 0) {
902 zend_string_efree(keypair);
903 zend_throw_exception(sodium_exception_ce, "internal error", 0);
904 RETURN_THROWS();
905 }
906 ZSTR_VAL(keypair)[keypair_len] = 0;
907
908 RETURN_NEW_STR(keypair);
909}
910
911PHP_FUNCTION(sodium_crypto_sign_seed_keypair)
912{
913 zend_string *keypair;
914 unsigned char *seed;
915 size_t keypair_len;
916 size_t seed_len;
917
918 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
919 &seed, &seed_len) == FAILURE) {
920 sodium_remove_param_values_from_backtrace(EG(exception));
921 RETURN_THROWS();
922 }
923 if (seed_len != crypto_sign_SEEDBYTES) {
924 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_SEEDBYTES bytes long");
925 RETURN_THROWS();
926 }
927 keypair_len = crypto_sign_SECRETKEYBYTES + crypto_sign_PUBLICKEYBYTES;
928 keypair = zend_string_alloc(keypair_len, 0);
929 if (crypto_sign_seed_keypair((unsigned char *) ZSTR_VAL(keypair) +
930 crypto_sign_SECRETKEYBYTES,
931 (unsigned char *) ZSTR_VAL(keypair),
932 seed) != 0) {
933 zend_string_efree(keypair);
934 zend_throw_exception(sodium_exception_ce, "internal error", 0);
935 RETURN_THROWS();
936 }
937 ZSTR_VAL(keypair)[keypair_len] = 0;
938
939 RETURN_NEW_STR(keypair);
940}
941
942PHP_FUNCTION(sodium_crypto_sign_keypair_from_secretkey_and_publickey)
943{
944 zend_string *keypair;
945 char *publickey;
946 char *secretkey;
947 size_t keypair_len;
948 size_t publickey_len;
949 size_t secretkey_len;
950
951 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
952 &secretkey, &secretkey_len,
953 &publickey, &publickey_len) == FAILURE) {
954 sodium_remove_param_values_from_backtrace(EG(exception));
955 RETURN_THROWS();
956 }
957 if (secretkey_len != crypto_sign_SECRETKEYBYTES) {
958 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes long");
959 RETURN_THROWS();
960 }
961 if (publickey_len != crypto_sign_PUBLICKEYBYTES) {
962 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES bytes long");
963 RETURN_THROWS();
964 }
965 keypair_len = crypto_sign_SECRETKEYBYTES + crypto_sign_PUBLICKEYBYTES;
966 keypair = zend_string_alloc(keypair_len, 0);
967 memcpy(ZSTR_VAL(keypair), secretkey, crypto_sign_SECRETKEYBYTES);
968 memcpy(ZSTR_VAL(keypair) + crypto_sign_SECRETKEYBYTES, publickey,
969 crypto_sign_PUBLICKEYBYTES);
970 ZSTR_VAL(keypair)[keypair_len] = 0;
971
972 RETURN_STR(keypair);
973}
974
975PHP_FUNCTION(sodium_crypto_sign_publickey_from_secretkey)
976{
977 zend_string *publickey;
978 char *secretkey;
979 size_t secretkey_len;
980
981 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
982 &secretkey, &secretkey_len) == FAILURE) {
983 sodium_remove_param_values_from_backtrace(EG(exception));
984 RETURN_THROWS();
985 }
986 if (secretkey_len != crypto_sign_SECRETKEYBYTES) {
987 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes long");
988 RETURN_THROWS();
989 }
990 publickey = zend_string_alloc(crypto_sign_PUBLICKEYBYTES, 0);
991
992 if (crypto_sign_ed25519_sk_to_pk((unsigned char *) ZSTR_VAL(publickey),
993 (const unsigned char *) secretkey) != 0) {
994 zend_string_efree(publickey);
995 zend_throw_exception(sodium_exception_ce,
996 "internal error", 0);
997 RETURN_THROWS();
998 }
999 ZSTR_VAL(publickey)[crypto_sign_PUBLICKEYBYTES] = 0;
1000
1001 RETURN_STR(publickey);
1002}
1003
1004PHP_FUNCTION(sodium_crypto_sign_secretkey)
1005{
1006 zend_string *secretkey;
1007 unsigned char *keypair;
1008 size_t keypair_len;
1009
1010 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
1011 &keypair, &keypair_len) == FAILURE) {
1012 sodium_remove_param_values_from_backtrace(EG(exception));
1013 RETURN_THROWS();
1014 }
1015 if (keypair_len !=
1016 crypto_sign_SECRETKEYBYTES + crypto_sign_PUBLICKEYBYTES) {
1017 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_KEYPAIRBYTES bytes long");
1018 RETURN_THROWS();
1019 }
1020 secretkey = zend_string_alloc(crypto_sign_SECRETKEYBYTES, 0);
1021 memcpy(ZSTR_VAL(secretkey), keypair, crypto_sign_SECRETKEYBYTES);
1022 ZSTR_VAL(secretkey)[crypto_sign_SECRETKEYBYTES] = 0;
1023
1024 RETURN_STR(secretkey);
1025}
1026
1027PHP_FUNCTION(sodium_crypto_sign_publickey)
1028{
1029 zend_string *publickey;
1030 unsigned char *keypair;
1031 size_t keypair_len;
1032
1033 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
1034 &keypair, &keypair_len) == FAILURE) {
1035 sodium_remove_param_values_from_backtrace(EG(exception));
1036 RETURN_THROWS();
1037 }
1038 if (keypair_len !=
1039 crypto_sign_SECRETKEYBYTES + crypto_sign_PUBLICKEYBYTES) {
1040 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_KEYPAIRBYTES bytes long");
1041 RETURN_THROWS();
1042 }
1043 publickey = zend_string_alloc(crypto_sign_PUBLICKEYBYTES, 0);
1044 memcpy(ZSTR_VAL(publickey), keypair + crypto_sign_SECRETKEYBYTES,
1045 crypto_sign_PUBLICKEYBYTES);
1046 ZSTR_VAL(publickey)[crypto_sign_PUBLICKEYBYTES] = 0;
1047
1048 RETURN_STR(publickey);
1049}
1050
1051PHP_FUNCTION(sodium_crypto_sign)
1052{
1053 zend_string *msg_signed;
1054 unsigned char *msg;
1055 unsigned char *secretkey;
1056 unsigned long long msg_signed_real_len;
1057 size_t msg_len;
1058 size_t msg_signed_len;
1059 size_t secretkey_len;
1060
1061 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1062 &msg, &msg_len,
1063 &secretkey, &secretkey_len) == FAILURE) {
1064 sodium_remove_param_values_from_backtrace(EG(exception));
1065 RETURN_THROWS();
1066 }
1067 if (secretkey_len != crypto_sign_SECRETKEYBYTES) {
1068 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes long");
1069 RETURN_THROWS();
1070 }
1071 if (SIZE_MAX - msg_len <= crypto_sign_BYTES) {
1072 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1073 RETURN_THROWS();
1074 }
1075 msg_signed_len = msg_len + crypto_sign_BYTES;
1076 msg_signed = zend_string_alloc((size_t) msg_signed_len, 0);
1077 if (crypto_sign((unsigned char *) ZSTR_VAL(msg_signed),
1078 &msg_signed_real_len, msg,
1079 (unsigned long long) msg_len, secretkey) != 0) {
1080 zend_string_efree(msg_signed);
1081 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1082 RETURN_THROWS();
1083 }
1084 if (msg_signed_real_len >= SIZE_MAX || msg_signed_real_len > msg_signed_len) {
1085 zend_string_efree(msg_signed);
1086 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1087 RETURN_THROWS();
1088 }
1089 PHP_SODIUM_ZSTR_TRUNCATE(msg_signed, (size_t) msg_signed_real_len);
1090 ZSTR_VAL(msg_signed)[msg_signed_real_len] = 0;
1091
1092 RETURN_NEW_STR(msg_signed);
1093}
1094
1095PHP_FUNCTION(sodium_crypto_sign_open)
1096{
1097 zend_string *msg;
1098 unsigned char *msg_signed;
1099 unsigned char *publickey;
1100 unsigned long long msg_real_len;
1101 size_t msg_len;
1102 size_t msg_signed_len;
1103 size_t publickey_len;
1104
1105 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1106 &msg_signed, &msg_signed_len,
1107 &publickey, &publickey_len) == FAILURE) {
1108 sodium_remove_param_values_from_backtrace(EG(exception));
1109 RETURN_THROWS();
1110 }
1111 if (publickey_len != crypto_sign_PUBLICKEYBYTES) {
1112 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES bytes long");
1113 RETURN_THROWS();
1114 }
1115 msg_len = msg_signed_len;
1116 if (msg_len >= SIZE_MAX) {
1117 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1118 RETURN_THROWS();
1119 }
1120 msg = zend_string_alloc((size_t) msg_len, 0);
1121 if (crypto_sign_open((unsigned char *) ZSTR_VAL(msg), &msg_real_len,
1122 msg_signed, (unsigned long long) msg_signed_len,
1123 publickey) != 0) {
1124 zend_string_efree(msg);
1125 RETURN_FALSE;
1126 }
1127 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_signed_len) {
1128 zend_string_efree(msg);
1129 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1130 RETURN_THROWS();
1131 }
1132 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
1133 ZSTR_VAL(msg)[msg_real_len] = 0;
1134
1135 RETURN_NEW_STR(msg);
1136}
1137
1138PHP_FUNCTION(sodium_crypto_sign_detached)
1139{
1140 zend_string *signature;
1141 unsigned char *msg;
1142 unsigned char *secretkey;
1143 unsigned long long signature_real_len;
1144 size_t msg_len;
1145 size_t secretkey_len;
1146
1147 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1148 &msg, &msg_len,
1149 &secretkey, &secretkey_len) == FAILURE) {
1150 sodium_remove_param_values_from_backtrace(EG(exception));
1151 RETURN_THROWS();
1152 }
1153 if (secretkey_len != crypto_sign_SECRETKEYBYTES) {
1154 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes long");
1155 RETURN_THROWS();
1156 }
1157 signature = zend_string_alloc((size_t) crypto_sign_BYTES, 0);
1158 memset(ZSTR_VAL(signature), 0, (size_t) crypto_sign_BYTES);
1159 if (crypto_sign_detached((unsigned char *) ZSTR_VAL(signature),
1160 &signature_real_len, msg,
1161 (unsigned long long) msg_len, secretkey) != 0) {
1162 zend_string_efree(signature);
1163 zend_throw_exception(sodium_exception_ce, "signature creation failed", 0);
1164 RETURN_THROWS();
1165 }
1166 if (signature_real_len <= 0U || signature_real_len > crypto_sign_BYTES) {
1167 zend_string_efree(signature);
1168 zend_throw_exception(sodium_exception_ce, "signature has a bogus size", 0);
1169 RETURN_THROWS();
1170 }
1171 PHP_SODIUM_ZSTR_TRUNCATE(signature, (size_t) signature_real_len);
1172 ZSTR_VAL(signature)[signature_real_len] = 0;
1173
1174 RETURN_NEW_STR(signature);
1175}
1176
1177PHP_FUNCTION(sodium_crypto_sign_verify_detached)
1178{
1179 unsigned char *msg;
1180 unsigned char *publickey;
1181 unsigned char *signature;
1182 size_t msg_len;
1183 size_t publickey_len;
1184 size_t signature_len;
1185
1186 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
1187 &signature, &signature_len,
1188 &msg, &msg_len,
1189 &publickey, &publickey_len) == FAILURE) {
1190 sodium_remove_param_values_from_backtrace(EG(exception));
1191 RETURN_THROWS();
1192 }
1193 if (signature_len != crypto_sign_BYTES) {
1194 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_BYTES bytes long");
1195 RETURN_THROWS();
1196 }
1197 if (publickey_len != crypto_sign_PUBLICKEYBYTES) {
1198 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES bytes long");
1199 RETURN_THROWS();
1200 }
1201 if (crypto_sign_verify_detached(signature,
1202 msg, (unsigned long long) msg_len,
1203 publickey) != 0) {
1204 RETURN_FALSE;
1205 }
1206 RETURN_TRUE;
1207}
1208
1209PHP_FUNCTION(sodium_crypto_stream)
1210{
1211 zend_string *ciphertext;
1212 unsigned char *key;
1213 unsigned char *nonce;
1214 zend_long ciphertext_len;
1215 size_t key_len;
1216 size_t nonce_len;
1217
1218 if (zend_parse_parameters(ZEND_NUM_ARGS(), "lss",
1219 &ciphertext_len,
1220 &nonce, &nonce_len,
1221 &key, &key_len) == FAILURE) {
1222 sodium_remove_param_values_from_backtrace(EG(exception));
1223 RETURN_THROWS();
1224 }
1225 if (ciphertext_len <= 0 || ciphertext_len >= SIZE_MAX) {
1226 zend_argument_error(sodium_exception_ce, 1, "must be greater than 0");
1227 RETURN_THROWS();
1228 }
1229 if (nonce_len != crypto_stream_NONCEBYTES) {
1230 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_STREAM_NONCEBYTES bytes long");
1231 RETURN_THROWS();
1232 }
1233 if (key_len != crypto_stream_KEYBYTES) {
1234 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_STREAM_KEYBYTES bytes long");
1235 RETURN_THROWS();
1236 }
1237 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
1238 if (crypto_stream((unsigned char *) ZSTR_VAL(ciphertext),
1239 (unsigned long long) ciphertext_len, nonce, key) != 0) {
1240 zend_string_efree(ciphertext);
1241 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1242 RETURN_THROWS();
1243 }
1244 ZSTR_VAL(ciphertext)[ciphertext_len] = 0;
1245
1246 RETURN_NEW_STR(ciphertext);
1247}
1248
1249PHP_FUNCTION(sodium_crypto_stream_xor)
1250{
1251 zend_string *ciphertext;
1252 unsigned char *key;
1253 unsigned char *msg;
1254 unsigned char *nonce;
1255 size_t ciphertext_len;
1256 size_t key_len;
1257 size_t msg_len;
1258 size_t nonce_len;
1259
1260 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
1261 &msg, &msg_len,
1262 &nonce, &nonce_len,
1263 &key, &key_len) == FAILURE) {
1264 sodium_remove_param_values_from_backtrace(EG(exception));
1265 RETURN_THROWS();
1266 }
1267 if (nonce_len != crypto_stream_NONCEBYTES) {
1268 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_STREAM_NONCEBYTES bytes long");
1269 RETURN_THROWS();
1270 }
1271 if (key_len != crypto_stream_KEYBYTES) {
1272 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_STREAM_KEYBYTES bytes long");
1273 RETURN_THROWS();
1274 }
1275 ciphertext_len = msg_len;
1276 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
1277 if (crypto_stream_xor((unsigned char *) ZSTR_VAL(ciphertext), msg,
1278 (unsigned long long) msg_len, nonce, key) != 0) {
1279 zend_string_efree(ciphertext);
1280 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1281 RETURN_THROWS();
1282 }
1283 ZSTR_VAL(ciphertext)[ciphertext_len] = 0;
1284
1285 RETURN_NEW_STR(ciphertext);
1286}
1287
1288#ifdef crypto_stream_xchacha20_KEYBYTES
1289PHP_FUNCTION(sodium_crypto_stream_xchacha20)
1290{
1291 zend_string *ciphertext;
1292 unsigned char *key;
1293 unsigned char *nonce;
1294 zend_long ciphertext_len;
1295 size_t key_len;
1296 size_t nonce_len;
1297
1298 if (zend_parse_parameters(ZEND_NUM_ARGS(), "lss",
1299 &ciphertext_len,
1300 &nonce, &nonce_len,
1301 &key, &key_len) == FAILURE) {
1302 sodium_remove_param_values_from_backtrace(EG(exception));
1303 RETURN_THROWS();
1304 }
1305 if (ciphertext_len <= 0 || ciphertext_len >= SIZE_MAX) {
1306 zend_argument_error(sodium_exception_ce, 1, "must be greater than 0");
1307 RETURN_THROWS();
1308 }
1309 if (nonce_len != crypto_stream_xchacha20_NONCEBYTES) {
1310 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_STREAM_XCHACHA20_NONCEBYTES bytes long");
1311 RETURN_THROWS();
1312 }
1313 if (key_len != crypto_stream_xchacha20_KEYBYTES) {
1314 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_STREAM_XCHACHA20_KEYBYTES bytes long");
1315 RETURN_THROWS();
1316 }
1317 ciphertext = zend_string_checked_alloc((size_t) ciphertext_len, 0);
1318 if (crypto_stream_xchacha20((unsigned char *) ZSTR_VAL(ciphertext),
1319 (unsigned long long) ciphertext_len, nonce, key) != 0) {
1320 zend_string_free(ciphertext);
1321 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1322 RETURN_THROWS();
1323 }
1324 ZSTR_VAL(ciphertext)[ciphertext_len] = 0;
1325
1326 RETURN_NEW_STR(ciphertext);
1327}
1328
1329PHP_FUNCTION(sodium_crypto_stream_xchacha20_xor)
1330{
1331 zend_string *ciphertext;
1332 unsigned char *key;
1333 unsigned char *msg;
1334 unsigned char *nonce;
1335 size_t ciphertext_len;
1336 size_t key_len;
1337 size_t msg_len;
1338 size_t nonce_len;
1339
1340 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
1341 &msg, &msg_len,
1342 &nonce, &nonce_len,
1343 &key, &key_len) == FAILURE) {
1344 sodium_remove_param_values_from_backtrace(EG(exception));
1345 RETURN_THROWS();
1346 }
1347 if (nonce_len != crypto_stream_xchacha20_NONCEBYTES) {
1348 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_STREAM_XCHACHA20_NONCEBYTES bytes long");
1349 RETURN_THROWS();
1350 }
1351 if (key_len != crypto_stream_xchacha20_KEYBYTES) {
1352 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_STREAM_XCHACHA20_KEYBYTES bytes long");
1353 RETURN_THROWS();
1354 }
1355 ciphertext_len = msg_len;
1356 ciphertext = zend_string_checked_alloc((size_t) ciphertext_len, 0);
1357 if (crypto_stream_xchacha20_xor((unsigned char *) ZSTR_VAL(ciphertext), msg,
1358 (unsigned long long) msg_len, nonce, key) != 0) {
1359 zend_string_free(ciphertext);
1360 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1361 RETURN_THROWS();
1362 }
1363 ZSTR_VAL(ciphertext)[ciphertext_len] = 0;
1364
1365 RETURN_NEW_STR(ciphertext);
1366}
1367
1368PHP_FUNCTION(sodium_crypto_stream_xchacha20_xor_ic)
1369{
1370 zend_string *ciphertext;
1371 unsigned char *key;
1372 unsigned char *msg;
1373 unsigned char *nonce;
1374 zend_long ic;
1375
1376 size_t ciphertext_len;
1377 size_t key_len;
1378 size_t msg_len;
1379 size_t nonce_len;
1380
1381 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssls",
1382 &msg, &msg_len,
1383 &nonce, &nonce_len,
1384 &ic,
1385 &key, &key_len) == FAILURE) {
1386 sodium_remove_param_values_from_backtrace(EG(exception));
1387 RETURN_THROWS();
1388 }
1389 if (nonce_len != crypto_stream_xchacha20_NONCEBYTES) {
1390 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_STREAM_XCHACHA20_NONCEBYTES bytes long");
1391 RETURN_THROWS();
1392 }
1393 if (key_len != crypto_stream_xchacha20_KEYBYTES) {
1394 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_STREAM_XCHACHA20_KEYBYTES bytes long");
1395 RETURN_THROWS();
1396 }
1397 ciphertext_len = msg_len;
1398 ciphertext = zend_string_checked_alloc((size_t) ciphertext_len, 0);
1399 if (crypto_stream_xchacha20_xor_ic((unsigned char *) ZSTR_VAL(ciphertext), msg,
1400 (unsigned long long) msg_len, nonce,
1401 (uint64_t) ic, key) != 0) {
1402 zend_string_free(ciphertext);
1403 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1404 RETURN_THROWS();
1405 }
1406 ZSTR_VAL(ciphertext)[ciphertext_len] = 0;
1407
1408 RETURN_NEW_STR(ciphertext);
1409}
1410#endif
1411
1412#ifdef crypto_pwhash_SALTBYTES
1413PHP_FUNCTION(sodium_crypto_pwhash)
1414{
1415 zend_string *hash;
1416 unsigned char *salt;
1417 char *passwd;
1418 zend_long hash_len;
1419 zend_long memlimit;
1420 zend_long opslimit;
1421 zend_long alg;
1422 size_t passwd_len;
1423 size_t salt_len;
1424 int ret;
1425
1426 alg = (zend_long) crypto_pwhash_ALG_DEFAULT;
1427 if (zend_parse_parameters(ZEND_NUM_ARGS(), "lssll|l",
1428 &hash_len,
1429 &passwd, &passwd_len,
1430 &salt, &salt_len,
1431 &opslimit, &memlimit, &alg) == FAILURE) {
1432 sodium_remove_param_values_from_backtrace(EG(exception));
1433 RETURN_THROWS();
1434 }
1435 if (hash_len <= 0) {
1436 zend_argument_error(sodium_exception_ce, 1, "must be greater than 0");
1437 RETURN_THROWS();
1438 }
1439 if (hash_len >= 0xffffffff) {
1440 zend_argument_error(sodium_exception_ce, 1, "is too large");
1441 RETURN_THROWS();
1442 }
1443 if (passwd_len >= 0xffffffff) {
1444 zend_argument_error(sodium_exception_ce, 2, "is too long");
1445 RETURN_THROWS();
1446 }
1447 if (opslimit <= 0) {
1448 zend_argument_error(sodium_exception_ce, 4, "must be greater than 0");
1449 RETURN_THROWS();
1450 }
1451 if (memlimit <= 0 || memlimit > SIZE_MAX) {
1452 zend_argument_error(sodium_exception_ce, 5, "must be greater than 0");
1453 RETURN_THROWS();
1454 }
1455 if (alg != crypto_pwhash_ALG_ARGON2I13
1456# ifdef crypto_pwhash_ALG_ARGON2ID13
1457 && alg != crypto_pwhash_ALG_ARGON2ID13
1458# endif
1459 && alg != crypto_pwhash_ALG_DEFAULT) {
1460 zend_throw_exception(sodium_exception_ce, "unsupported password hashing algorithm", 0);
1461 RETURN_THROWS();
1462 }
1463 if (passwd_len <= 0) {
1464 zend_error(E_WARNING, "empty password");
1465 }
1466 if (salt_len != crypto_pwhash_SALTBYTES) {
1467 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_PWHASH_SALTBYTES bytes long");
1468 RETURN_THROWS();
1469 }
1470 if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
1471 zend_argument_error(sodium_exception_ce, 4, "must be greater than or equal to %d", crypto_pwhash_OPSLIMIT_MIN);
1472 RETURN_THROWS();
1473 }
1474 if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
1475 zend_argument_error(sodium_exception_ce, 5, "must be greater than or equal to %d", crypto_pwhash_MEMLIMIT_MIN);
1476 }
1477 hash = zend_string_alloc((size_t) hash_len, 0);
1478 ret = -1;
1479# ifdef crypto_pwhash_ALG_ARGON2ID13
1480 if (alg == crypto_pwhash_ALG_ARGON2ID13) {
1481 ret = crypto_pwhash_argon2id
1482 ((unsigned char *) ZSTR_VAL(hash), (unsigned long long) hash_len,
1483 passwd, (unsigned long long) passwd_len, salt,
1484 (unsigned long long) opslimit, (size_t) memlimit, (int) alg);
1485 }
1486# endif
1487 if (ret == -1) {
1488 ret = crypto_pwhash
1489 ((unsigned char *) ZSTR_VAL(hash), (unsigned long long) hash_len,
1490 passwd, (unsigned long long) passwd_len, salt,
1491 (unsigned long long) opslimit, (size_t) memlimit, (int) alg);
1492 }
1493 if (ret != 0) {
1494 zend_string_efree(hash);
1495 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1496 RETURN_THROWS();
1497 }
1498 ZSTR_VAL(hash)[hash_len] = 0;
1499
1500 RETURN_NEW_STR(hash);
1501}
1502
1503PHP_FUNCTION(sodium_crypto_pwhash_str)
1504{
1505 zend_string *hash_str;
1506 char *passwd;
1507 zend_long memlimit;
1508 zend_long opslimit;
1509 size_t passwd_len;
1510 size_t len;
1511
1512 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sll",
1513 &passwd, &passwd_len,
1514 &opslimit, &memlimit) == FAILURE) {
1515 sodium_remove_param_values_from_backtrace(EG(exception));
1516 RETURN_THROWS();
1517 }
1518 if (opslimit <= 0) {
1519 zend_argument_error(sodium_exception_ce, 2, "must be greater than 0");
1520 RETURN_THROWS();
1521 }
1522 if (memlimit <= 0 || memlimit > SIZE_MAX) {
1523 zend_argument_error(sodium_exception_ce, 3, "must be greater than 0");
1524 RETURN_THROWS();
1525 }
1526 if (passwd_len >= 0xffffffff) {
1527 zend_argument_error(sodium_exception_ce, 1, "is too long");
1528 RETURN_THROWS();
1529 }
1530 if (passwd_len <= 0) {
1531 zend_error(E_WARNING, "empty password");
1532 }
1533 if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
1534 zend_argument_error(sodium_exception_ce, 2, "must be greater than or equal to %d", crypto_pwhash_OPSLIMIT_MIN);
1535 }
1536 if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
1537 zend_argument_error(sodium_exception_ce, 3, "must be greater than or equal to %d", crypto_pwhash_MEMLIMIT_MIN);
1538 }
1539 hash_str = zend_string_alloc(crypto_pwhash_STRBYTES - 1, 0);
1540 if (crypto_pwhash_str
1541 (ZSTR_VAL(hash_str), passwd, (unsigned long long) passwd_len,
1542 (unsigned long long) opslimit, (size_t) memlimit) != 0) {
1543 zend_string_efree(hash_str);
1544 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1545 RETURN_THROWS();
1546 }
1547 ZSTR_VAL(hash_str)[crypto_pwhash_STRBYTES - 1] = 0;
1548
1549 len = strlen(ZSTR_VAL(hash_str));
1550 PHP_SODIUM_ZSTR_TRUNCATE(hash_str, len);
1551
1552 RETURN_NEW_STR(hash_str);
1553}
1554
1555#if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
1556PHP_FUNCTION(sodium_crypto_pwhash_str_needs_rehash)
1557{
1558 char *hash_str;
1559 zend_long memlimit;
1560 zend_long opslimit;
1561 size_t hash_str_len;
1562
1563 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sll",
1564 &hash_str, &hash_str_len, &opslimit, &memlimit) == FAILURE) {
1565 RETURN_THROWS();
1566 }
1567 if (crypto_pwhash_str_needs_rehash(hash_str, opslimit, memlimit) == 0) {
1568 RETURN_FALSE;
1569 }
1570 RETURN_TRUE;
1571}
1572#endif
1573
1574PHP_FUNCTION(sodium_crypto_pwhash_str_verify)
1575{
1576 char *hash_str;
1577 char *passwd;
1578 size_t hash_str_len;
1579 size_t passwd_len;
1580
1581 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1582 &hash_str, &hash_str_len,
1583 &passwd, &passwd_len) == FAILURE) {
1584 sodium_remove_param_values_from_backtrace(EG(exception));
1585 RETURN_THROWS();
1586 }
1587 if (passwd_len >= 0xffffffff) {
1588 zend_argument_error(sodium_exception_ce, 2, "is too long");
1589 RETURN_THROWS();
1590 }
1591 if (passwd_len <= 0) {
1592 zend_error(E_WARNING, "empty password");
1593 }
1594 if (crypto_pwhash_str_verify
1595 (hash_str, passwd, (unsigned long long) passwd_len) == 0) {
1596 RETURN_TRUE;
1597 }
1598 RETURN_FALSE;
1599}
1600#endif
1601
1602#ifdef crypto_pwhash_scryptsalsa208sha256_SALTBYTES
1603PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
1604{
1605 zend_string *hash;
1606 unsigned char *salt;
1607 char *passwd;
1608 zend_long hash_len;
1609 zend_long memlimit;
1610 zend_long opslimit;
1611 size_t passwd_len;
1612 size_t salt_len;
1613
1614 if (zend_parse_parameters(ZEND_NUM_ARGS(), "lssll",
1615 &hash_len,
1616 &passwd, &passwd_len,
1617 &salt, &salt_len,
1618 &opslimit, &memlimit) == FAILURE) {
1619 sodium_remove_param_values_from_backtrace(EG(exception));
1620 RETURN_THROWS();
1621 }
1622 if (hash_len <= 0 || hash_len >= SIZE_MAX || hash_len > 0x1fffffffe0ULL) {
1623 zend_argument_error(sodium_exception_ce, 1, "must be greater than 0");
1624 RETURN_THROWS();
1625 }
1626 if (opslimit <= 0) {
1627 zend_argument_error(sodium_exception_ce, 4, "must be greater than 0");
1628 RETURN_THROWS();
1629 }
1630 if (memlimit <= 0 || memlimit > SIZE_MAX) {
1631 zend_argument_error(sodium_exception_ce, 5, "must be greater than 0");
1632 RETURN_THROWS();
1633 }
1634 if (passwd_len <= 0) {
1635 zend_error(E_WARNING, "empty password");
1636 }
1637 if (salt_len != crypto_pwhash_scryptsalsa208sha256_SALTBYTES) {
1638 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES bytes long");
1639 RETURN_THROWS();
1640 }
1641 if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
1642 zend_argument_error(sodium_exception_ce, 4, "must be greater than or equal to %d", crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE);
1643 }
1644 if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
1645 zend_argument_error(sodium_exception_ce, 5, "must be greater than or equal to %d", crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE);
1646 }
1647 hash = zend_string_alloc((size_t) hash_len, 0);
1648 if (crypto_pwhash_scryptsalsa208sha256
1649 ((unsigned char *) ZSTR_VAL(hash), (unsigned long long) hash_len,
1650 passwd, (unsigned long long) passwd_len, salt,
1651 (unsigned long long) opslimit, (size_t) memlimit) != 0) {
1652 zend_string_efree(hash);
1653 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1654 RETURN_THROWS();
1655 }
1656 ZSTR_VAL(hash)[hash_len] = 0;
1657
1658 RETURN_NEW_STR(hash);
1659}
1660
1661PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str)
1662{
1663 zend_string *hash_str;
1664 char *passwd;
1665 zend_long memlimit;
1666 zend_long opslimit;
1667 size_t passwd_len;
1668
1669 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sll",
1670 &passwd, &passwd_len,
1671 &opslimit, &memlimit) == FAILURE) {
1672 sodium_remove_param_values_from_backtrace(EG(exception));
1673 RETURN_THROWS();
1674 }
1675 if (opslimit <= 0) {
1676 zend_argument_error(sodium_exception_ce, 2, "must be greater than 0");
1677 RETURN_THROWS();
1678 }
1679 if (memlimit <= 0 || memlimit > SIZE_MAX) {
1680 zend_argument_error(sodium_exception_ce, 3, "must be greater than 0");
1681 RETURN_THROWS();
1682 }
1683 if (passwd_len <= 0) {
1684 zend_error(E_WARNING, "empty password");
1685 }
1686 if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
1687 zend_argument_error(sodium_exception_ce, 2, "must be greater than or equal to %d", crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE);
1688 }
1689 if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
1690 zend_argument_error(sodium_exception_ce, 3, "must be greater than or equal to %d", crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE);
1691 }
1692 hash_str = zend_string_alloc
1693 (crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1, 0);
1694 if (crypto_pwhash_scryptsalsa208sha256_str
1695 (ZSTR_VAL(hash_str), passwd, (unsigned long long) passwd_len,
1696 (unsigned long long) opslimit, (size_t) memlimit) != 0) {
1697 zend_string_efree(hash_str);
1698 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1699 RETURN_THROWS();
1700 }
1701 ZSTR_VAL(hash_str)[crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1] = 0;
1702
1703 RETURN_NEW_STR(hash_str);
1704}
1705
1706PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str_verify)
1707{
1708 char *hash_str;
1709 char *passwd;
1710 size_t hash_str_len;
1711 size_t passwd_len;
1712
1713 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1714 &hash_str, &hash_str_len,
1715 &passwd, &passwd_len) == FAILURE) {
1716 sodium_remove_param_values_from_backtrace(EG(exception));
1717 RETURN_THROWS();
1718 }
1719 if (passwd_len <= 0) {
1720 zend_error(E_WARNING, "empty password");
1721 }
1722 if (hash_str_len != crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1) {
1723 zend_error(E_WARNING, "wrong size for the hashed password");
1724 RETURN_FALSE;
1725 }
1726 if (crypto_pwhash_scryptsalsa208sha256_str_verify
1727 (hash_str, passwd, (unsigned long long) passwd_len) == 0) {
1728 RETURN_TRUE;
1729 }
1730 RETURN_FALSE;
1731}
1732#endif
1733
1734PHP_FUNCTION(sodium_crypto_aead_aes256gcm_is_available)
1735{
1736 if (zend_parse_parameters_none() == FAILURE) {
1737 RETURN_THROWS();
1738 }
1739#ifdef HAVE_AESGCM
1740 RETURN_BOOL(crypto_aead_aes256gcm_is_available());
1741#else
1742 RETURN_FALSE;
1743#endif
1744}
1745
1746#ifdef HAVE_AESGCM
1747PHP_FUNCTION(sodium_crypto_aead_aes256gcm_encrypt)
1748{
1749 zend_string *ciphertext;
1750 unsigned char *ad;
1751 unsigned char *msg;
1752 unsigned char *npub;
1753 unsigned char *secretkey;
1754 unsigned long long ciphertext_real_len;
1755 size_t ad_len;
1756 size_t ciphertext_len;
1757 size_t msg_len;
1758 size_t npub_len;
1759 size_t secretkey_len;
1760
1761 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
1762 &msg, &msg_len,
1763 &ad, &ad_len,
1764 &npub, &npub_len,
1765 &secretkey, &secretkey_len) == FAILURE) {
1766 sodium_remove_param_values_from_backtrace(EG(exception));
1767 RETURN_THROWS();
1768 }
1769 if (npub_len != crypto_aead_aes256gcm_NPUBBYTES) {
1770 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES bytes long");
1771 RETURN_THROWS();
1772 }
1773 if (secretkey_len != crypto_aead_aes256gcm_KEYBYTES) {
1774 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_AES256GCM_KEYBYTES bytes long");
1775 RETURN_THROWS();
1776 }
1777 if (SIZE_MAX - msg_len <= crypto_aead_aes256gcm_ABYTES) {
1778 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1779 RETURN_THROWS();
1780 }
1781 if ((unsigned long long) msg_len > (16ULL * ((1ULL << 32) - 2ULL)) - crypto_aead_aes256gcm_ABYTES) {
1782 zend_throw_exception(sodium_exception_ce, "message too long for a single key", 0);
1783 RETURN_THROWS();
1784 }
1785 ciphertext_len = msg_len + crypto_aead_aes256gcm_ABYTES;
1786 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
1787 if (crypto_aead_aes256gcm_encrypt
1788 ((unsigned char *) ZSTR_VAL(ciphertext), &ciphertext_real_len, msg,
1789 (unsigned long long) msg_len,
1790 ad, (unsigned long long) ad_len, NULL, npub, secretkey) != 0) {
1791 zend_string_efree(ciphertext);
1792 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1793 RETURN_THROWS();
1794 }
1795 if (ciphertext_real_len <= 0U || ciphertext_real_len >= SIZE_MAX ||
1796 ciphertext_real_len > ciphertext_len) {
1797 zend_string_efree(ciphertext);
1798 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1799 RETURN_THROWS();
1800 }
1801 PHP_SODIUM_ZSTR_TRUNCATE(ciphertext, (size_t) ciphertext_real_len);
1802 ZSTR_VAL(ciphertext)[ciphertext_real_len] = 0;
1803
1804 RETURN_NEW_STR(ciphertext);
1805}
1806
1807PHP_FUNCTION(sodium_crypto_aead_aes256gcm_decrypt)
1808{
1809 zend_string *msg;
1810 unsigned char *ad;
1811 unsigned char *ciphertext;
1812 unsigned char *npub;
1813 unsigned char *secretkey;
1814 unsigned long long msg_real_len;
1815 size_t ad_len;
1816 size_t ciphertext_len;
1817 size_t msg_len;
1818 size_t npub_len;
1819 size_t secretkey_len;
1820
1821 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
1822 &ciphertext, &ciphertext_len,
1823 &ad, &ad_len,
1824 &npub, &npub_len,
1825 &secretkey, &secretkey_len) == FAILURE) {
1826 sodium_remove_param_values_from_backtrace(EG(exception));
1827 RETURN_THROWS();
1828 }
1829 if (npub_len != crypto_aead_aes256gcm_NPUBBYTES) {
1830 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES bytes long");
1831 RETURN_THROWS();
1832 }
1833 if (secretkey_len != crypto_aead_aes256gcm_KEYBYTES) {
1834 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_AES256GCM_KEYBYTES bytes long");
1835 RETURN_THROWS();
1836 }
1837 if (ciphertext_len < crypto_aead_aes256gcm_ABYTES) {
1838 RETURN_FALSE;
1839 }
1840 if (ciphertext_len - crypto_aead_aes256gcm_ABYTES > 16ULL * ((1ULL << 32) - 2ULL)) {
1841 zend_argument_error(sodium_exception_ce, 1, "is too long");
1842 RETURN_THROWS();
1843 }
1844 msg_len = ciphertext_len;
1845 if (msg_len >= SIZE_MAX) {
1846 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1847 RETURN_THROWS();
1848 }
1849 msg = zend_string_alloc((size_t) msg_len, 0);
1850 if (crypto_aead_aes256gcm_decrypt
1851 ((unsigned char *) ZSTR_VAL(msg), &msg_real_len, NULL,
1852 ciphertext, (unsigned long long) ciphertext_len,
1853 ad, (unsigned long long) ad_len, npub, secretkey) != 0) {
1854 zend_string_efree(msg);
1855 RETURN_FALSE;
1856 }
1857 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
1858 zend_string_efree(msg);
1859 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1860 RETURN_THROWS();
1861 }
1862 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
1863 ZSTR_VAL(msg)[msg_real_len] = 0;
1864
1865 RETURN_NEW_STR(msg);
1866}
1867#endif
1868
1869#ifdef crypto_aead_aegis128l_KEYBYTES
1870PHP_FUNCTION(sodium_crypto_aead_aegis128l_encrypt)
1871{
1872 zend_string *ciphertext;
1873 unsigned char *ad;
1874 unsigned char *msg;
1875 unsigned char *npub;
1876 unsigned char *secretkey;
1877 unsigned long long ciphertext_real_len;
1878 size_t ad_len;
1879 size_t ciphertext_len;
1880 size_t msg_len;
1881 size_t npub_len;
1882 size_t secretkey_len;
1883
1884 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
1885 &msg, &msg_len,
1886 &ad, &ad_len,
1887 &npub, &npub_len,
1888 &secretkey, &secretkey_len) == FAILURE) {
1889 sodium_remove_param_values_from_backtrace(EG(exception));
1890 RETURN_THROWS();
1891 }
1892 if (npub_len != crypto_aead_aegis128l_NPUBBYTES) {
1893 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES bytes long");
1894 RETURN_THROWS();
1895 }
1896 if (secretkey_len != crypto_aead_aegis128l_KEYBYTES) {
1897 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES bytes long");
1898 RETURN_THROWS();
1899 }
1900 if (SIZE_MAX - msg_len <= crypto_aead_aegis128l_ABYTES) {
1901 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1902 RETURN_THROWS();
1903 }
1904 ciphertext_len = msg_len + crypto_aead_aegis128l_ABYTES;
1905 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
1906 if (crypto_aead_aegis128l_encrypt
1907 ((unsigned char *) ZSTR_VAL(ciphertext), &ciphertext_real_len, msg,
1908 (unsigned long long) msg_len,
1909 ad, (unsigned long long) ad_len, NULL, npub, secretkey) != 0) {
1910 zend_string_efree(ciphertext);
1911 zend_throw_exception(sodium_exception_ce, "internal error", 0);
1912 RETURN_THROWS();
1913 }
1914 if (ciphertext_real_len <= 0U || ciphertext_real_len >= SIZE_MAX ||
1915 ciphertext_real_len > ciphertext_len) {
1916 zend_string_efree(ciphertext);
1917 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1918 RETURN_THROWS();
1919 }
1920 PHP_SODIUM_ZSTR_TRUNCATE(ciphertext, (size_t) ciphertext_real_len);
1921 ZSTR_VAL(ciphertext)[ciphertext_real_len] = 0;
1922
1923 RETURN_NEW_STR(ciphertext);
1924}
1925
1926PHP_FUNCTION(sodium_crypto_aead_aegis128l_decrypt)
1927{
1928 zend_string *msg;
1929 unsigned char *ad;
1930 unsigned char *ciphertext;
1931 unsigned char *npub;
1932 unsigned char *secretkey;
1933 unsigned long long msg_real_len;
1934 size_t ad_len;
1935 size_t ciphertext_len;
1936 size_t msg_len;
1937 size_t npub_len;
1938 size_t secretkey_len;
1939
1940 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
1941 &ciphertext, &ciphertext_len,
1942 &ad, &ad_len,
1943 &npub, &npub_len,
1944 &secretkey, &secretkey_len) == FAILURE) {
1945 sodium_remove_param_values_from_backtrace(EG(exception));
1946 RETURN_THROWS();
1947 }
1948 if (npub_len != crypto_aead_aegis128l_NPUBBYTES) {
1949 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES bytes long");
1950 RETURN_THROWS();
1951 }
1952 if (secretkey_len != crypto_aead_aegis128l_KEYBYTES) {
1953 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_AEGIS128L_KEYBYTES bytes long");
1954 RETURN_THROWS();
1955 }
1956 if (ciphertext_len < crypto_aead_aegis128l_ABYTES) {
1957 RETURN_FALSE;
1958 }
1959 msg_len = ciphertext_len;
1960 if (msg_len >= SIZE_MAX) {
1961 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1962 RETURN_THROWS();
1963 }
1964 msg = zend_string_alloc((size_t) msg_len, 0);
1965 if (crypto_aead_aegis128l_decrypt
1966 ((unsigned char *) ZSTR_VAL(msg), &msg_real_len, NULL,
1967 ciphertext, (unsigned long long) ciphertext_len,
1968 ad, (unsigned long long) ad_len, npub, secretkey) != 0) {
1969 zend_string_efree(msg);
1970 RETURN_FALSE;
1971 }
1972 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
1973 zend_string_efree(msg);
1974 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
1975 RETURN_THROWS();
1976 }
1977 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
1978 ZSTR_VAL(msg)[msg_real_len] = 0;
1979
1980 RETURN_NEW_STR(msg);
1981}
1982#endif
1983
1984#ifdef crypto_aead_aegis256_KEYBYTES
1985PHP_FUNCTION(sodium_crypto_aead_aegis256_encrypt)
1986{
1987 zend_string *ciphertext;
1988 unsigned char *ad;
1989 unsigned char *msg;
1990 unsigned char *npub;
1991 unsigned char *secretkey;
1992 unsigned long long ciphertext_real_len;
1993 size_t ad_len;
1994 size_t ciphertext_len;
1995 size_t msg_len;
1996 size_t npub_len;
1997 size_t secretkey_len;
1998
1999 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2000 &msg, &msg_len,
2001 &ad, &ad_len,
2002 &npub, &npub_len,
2003 &secretkey, &secretkey_len) == FAILURE) {
2004 sodium_remove_param_values_from_backtrace(EG(exception));
2005 RETURN_THROWS();
2006 }
2007 if (npub_len != crypto_aead_aegis256_NPUBBYTES) {
2008 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES bytes long");
2009 RETURN_THROWS();
2010 }
2011 if (secretkey_len != crypto_aead_aegis256_KEYBYTES) {
2012 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_AEGIS256_KEYBYTES bytes long");
2013 RETURN_THROWS();
2014 }
2015 if (SIZE_MAX - msg_len <= crypto_aead_aegis256_ABYTES) {
2016 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2017 RETURN_THROWS();
2018 }
2019 ciphertext_len = msg_len + crypto_aead_aegis256_ABYTES;
2020 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
2021 if (crypto_aead_aegis256_encrypt
2022 ((unsigned char *) ZSTR_VAL(ciphertext), &ciphertext_real_len, msg,
2023 (unsigned long long) msg_len,
2024 ad, (unsigned long long) ad_len, NULL, npub, secretkey) != 0) {
2025 zend_string_efree(ciphertext);
2026 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2027 RETURN_THROWS();
2028 }
2029 if (ciphertext_real_len <= 0U || ciphertext_real_len >= SIZE_MAX ||
2030 ciphertext_real_len > ciphertext_len) {
2031 zend_string_efree(ciphertext);
2032 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2033 RETURN_THROWS();
2034 }
2035 PHP_SODIUM_ZSTR_TRUNCATE(ciphertext, (size_t) ciphertext_real_len);
2036 ZSTR_VAL(ciphertext)[ciphertext_real_len] = 0;
2037
2038 RETURN_NEW_STR(ciphertext);
2039}
2040
2041PHP_FUNCTION(sodium_crypto_aead_aegis256_decrypt)
2042{
2043 zend_string *msg;
2044 unsigned char *ad;
2045 unsigned char *ciphertext;
2046 unsigned char *npub;
2047 unsigned char *secretkey;
2048 unsigned long long msg_real_len;
2049 size_t ad_len;
2050 size_t ciphertext_len;
2051 size_t msg_len;
2052 size_t npub_len;
2053 size_t secretkey_len;
2054
2055 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2056 &ciphertext, &ciphertext_len,
2057 &ad, &ad_len,
2058 &npub, &npub_len,
2059 &secretkey, &secretkey_len) == FAILURE) {
2060 sodium_remove_param_values_from_backtrace(EG(exception));
2061 RETURN_THROWS();
2062 }
2063 if (npub_len != crypto_aead_aegis256_NPUBBYTES) {
2064 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES bytes long");
2065 RETURN_THROWS();
2066 }
2067 if (secretkey_len != crypto_aead_aegis256_KEYBYTES) {
2068 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_AEGIS256_KEYBYTES bytes long");
2069 RETURN_THROWS();
2070 }
2071 if (ciphertext_len < crypto_aead_aegis256_ABYTES) {
2072 RETURN_FALSE;
2073 }
2074 msg_len = ciphertext_len;
2075 if (msg_len >= SIZE_MAX) {
2076 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2077 RETURN_THROWS();
2078 }
2079 msg = zend_string_alloc((size_t) msg_len, 0);
2080 if (crypto_aead_aegis256_decrypt
2081 ((unsigned char *) ZSTR_VAL(msg), &msg_real_len, NULL,
2082 ciphertext, (unsigned long long) ciphertext_len,
2083 ad, (unsigned long long) ad_len, npub, secretkey) != 0) {
2084 zend_string_efree(msg);
2085 RETURN_FALSE;
2086 }
2087 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
2088 zend_string_efree(msg);
2089 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2090 RETURN_THROWS();
2091 }
2092 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
2093 ZSTR_VAL(msg)[msg_real_len] = 0;
2094
2095 RETURN_NEW_STR(msg);
2096}
2097#endif
2098
2099PHP_FUNCTION(sodium_crypto_aead_chacha20poly1305_encrypt)
2100{
2101 zend_string *ciphertext;
2102 unsigned char *ad;
2103 unsigned char *msg;
2104 unsigned char *npub;
2105 unsigned char *secretkey;
2106 unsigned long long ciphertext_real_len;
2107 size_t ad_len;
2108 size_t ciphertext_len;
2109 size_t msg_len;
2110 size_t npub_len;
2111 size_t secretkey_len;
2112
2113 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2114 &msg, &msg_len,
2115 &ad, &ad_len,
2116 &npub, &npub_len,
2117 &secretkey, &secretkey_len) == FAILURE) {
2118 sodium_remove_param_values_from_backtrace(EG(exception));
2119 RETURN_THROWS();
2120 }
2121 if (npub_len != crypto_aead_chacha20poly1305_NPUBBYTES) {
2122 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES bytes long");
2123 RETURN_THROWS();
2124 }
2125 if (secretkey_len != crypto_aead_chacha20poly1305_KEYBYTES) {
2126 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES bytes long");
2127 RETURN_THROWS();
2128 }
2129 if (SIZE_MAX - msg_len <= crypto_aead_chacha20poly1305_ABYTES) {
2130 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2131 RETURN_THROWS();
2132 }
2133 ciphertext_len = msg_len + crypto_aead_chacha20poly1305_ABYTES;
2134 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
2135 if (crypto_aead_chacha20poly1305_encrypt
2136 ((unsigned char *) ZSTR_VAL(ciphertext), &ciphertext_real_len, msg,
2137 (unsigned long long) msg_len,
2138 ad, (unsigned long long) ad_len, NULL, npub, secretkey) != 0) {
2139 zend_string_efree(ciphertext);
2140 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2141 RETURN_THROWS();
2142 }
2143 if (ciphertext_real_len <= 0U || ciphertext_real_len >= SIZE_MAX ||
2144 ciphertext_real_len > ciphertext_len) {
2145 zend_string_efree(ciphertext);
2146 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2147 RETURN_THROWS();
2148 }
2149 PHP_SODIUM_ZSTR_TRUNCATE(ciphertext, (size_t) ciphertext_real_len);
2150 ZSTR_VAL(ciphertext)[ciphertext_real_len] = 0;
2151
2152 RETURN_NEW_STR(ciphertext);
2153}
2154
2155PHP_FUNCTION(sodium_crypto_aead_chacha20poly1305_decrypt)
2156{
2157 zend_string *msg;
2158 unsigned char *ad;
2159 unsigned char *ciphertext;
2160 unsigned char *npub;
2161 unsigned char *secretkey;
2162 unsigned long long msg_real_len;
2163 size_t ad_len;
2164 size_t ciphertext_len;
2165 size_t msg_len;
2166 size_t npub_len;
2167 size_t secretkey_len;
2168
2169 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2170 &ciphertext, &ciphertext_len,
2171 &ad, &ad_len,
2172 &npub, &npub_len,
2173 &secretkey, &secretkey_len) == FAILURE) {
2174 sodium_remove_param_values_from_backtrace(EG(exception));
2175 RETURN_THROWS();
2176 }
2177 if (npub_len != crypto_aead_chacha20poly1305_NPUBBYTES) {
2178 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES bytes long");
2179 RETURN_THROWS();
2180 }
2181 if (secretkey_len != crypto_aead_chacha20poly1305_KEYBYTES) {
2182 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES bytes long");
2183 RETURN_THROWS();
2184 }
2185 if (ciphertext_len < crypto_aead_chacha20poly1305_ABYTES) {
2186 RETURN_FALSE;
2187 }
2188 msg_len = ciphertext_len;
2189 if (msg_len >= SIZE_MAX) {
2190 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2191 RETURN_THROWS();
2192 }
2193 msg = zend_string_alloc((size_t) msg_len, 0);
2194 if (crypto_aead_chacha20poly1305_decrypt
2195 ((unsigned char *) ZSTR_VAL(msg), &msg_real_len, NULL,
2196 ciphertext, (unsigned long long) ciphertext_len,
2197 ad, (unsigned long long) ad_len, npub, secretkey) != 0) {
2198 zend_string_efree(msg);
2199 RETURN_FALSE;
2200 }
2201 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
2202 zend_string_efree(msg);
2203 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2204 RETURN_THROWS();
2205 }
2206 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
2207 ZSTR_VAL(msg)[msg_real_len] = 0;
2208
2209 RETURN_NEW_STR(msg);
2210}
2211
2212PHP_FUNCTION(sodium_crypto_aead_chacha20poly1305_ietf_encrypt)
2213{
2214 zend_string *ciphertext;
2215 unsigned char *ad;
2216 unsigned char *msg;
2217 unsigned char *npub;
2218 unsigned char *secretkey;
2219 unsigned long long ciphertext_real_len;
2220 size_t ad_len;
2221 size_t ciphertext_len;
2222 size_t msg_len;
2223 size_t npub_len;
2224 size_t secretkey_len;
2225
2226 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2227 &msg, &msg_len,
2228 &ad, &ad_len,
2229 &npub, &npub_len,
2230 &secretkey, &secretkey_len) == FAILURE) {
2231 sodium_remove_param_values_from_backtrace(EG(exception));
2232 RETURN_THROWS();
2233 }
2234 if (npub_len != crypto_aead_chacha20poly1305_IETF_NPUBBYTES) {
2235 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES bytes long");
2236 RETURN_THROWS();
2237 }
2238 if (secretkey_len != crypto_aead_chacha20poly1305_IETF_KEYBYTES) {
2239 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES bytes long");
2240 RETURN_THROWS();
2241 }
2242 if (SIZE_MAX - msg_len <= crypto_aead_chacha20poly1305_IETF_ABYTES) {
2243 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2244 RETURN_THROWS();
2245 }
2246 if ((unsigned long long) msg_len > 64ULL * (1ULL << 32) - 64ULL) {
2247 zend_throw_exception(sodium_exception_ce, "message too long for a single key", 0);
2248 RETURN_THROWS();
2249 }
2250 ciphertext_len = msg_len + crypto_aead_chacha20poly1305_IETF_ABYTES;
2251 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
2252 if (crypto_aead_chacha20poly1305_ietf_encrypt
2253 ((unsigned char *) ZSTR_VAL(ciphertext), &ciphertext_real_len, msg,
2254 (unsigned long long) msg_len,
2255 ad, (unsigned long long) ad_len, NULL, npub, secretkey) != 0) {
2256 zend_string_efree(ciphertext);
2257 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2258 RETURN_THROWS();
2259 }
2260 if (ciphertext_real_len <= 0U || ciphertext_real_len >= SIZE_MAX ||
2261 ciphertext_real_len > ciphertext_len) {
2262 zend_string_efree(ciphertext);
2263 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2264 RETURN_THROWS();
2265 }
2266 PHP_SODIUM_ZSTR_TRUNCATE(ciphertext, (size_t) ciphertext_real_len);
2267 ZSTR_VAL(ciphertext)[ciphertext_real_len] = 0;
2268
2269 RETURN_NEW_STR(ciphertext);
2270}
2271
2272PHP_FUNCTION(sodium_crypto_aead_chacha20poly1305_ietf_decrypt)
2273{
2274 zend_string *msg;
2275 unsigned char *ad;
2276 unsigned char *ciphertext;
2277 unsigned char *npub;
2278 unsigned char *secretkey;
2279 unsigned long long msg_real_len;
2280 size_t ad_len;
2281 size_t ciphertext_len;
2282 size_t msg_len;
2283 size_t npub_len;
2284 size_t secretkey_len;
2285
2286 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2287 &ciphertext, &ciphertext_len,
2288 &ad, &ad_len,
2289 &npub, &npub_len,
2290 &secretkey, &secretkey_len) == FAILURE) {
2291 sodium_remove_param_values_from_backtrace(EG(exception));
2292 RETURN_THROWS();
2293 }
2294 if (npub_len != crypto_aead_chacha20poly1305_IETF_NPUBBYTES) {
2295 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES bytes long");
2296 RETURN_THROWS();
2297 }
2298 if (secretkey_len != crypto_aead_chacha20poly1305_IETF_KEYBYTES) {
2299 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES bytes long");
2300 RETURN_THROWS();
2301 }
2302 msg_len = ciphertext_len;
2303 if (msg_len >= SIZE_MAX) {
2304 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2305 RETURN_THROWS();
2306 }
2307 if (ciphertext_len < crypto_aead_chacha20poly1305_IETF_ABYTES) {
2308 RETURN_FALSE;
2309 }
2310 if ((unsigned long long) ciphertext_len -
2311 crypto_aead_chacha20poly1305_IETF_ABYTES > 64ULL * (1ULL << 32) - 64ULL) {
2312 zend_throw_exception(sodium_exception_ce, "message too long for a single key", 0);
2313 RETURN_THROWS();
2314 }
2315 msg = zend_string_alloc((size_t) msg_len, 0);
2316 if (crypto_aead_chacha20poly1305_ietf_decrypt
2317 ((unsigned char *) ZSTR_VAL(msg), &msg_real_len, NULL,
2318 ciphertext, (unsigned long long) ciphertext_len,
2319 ad, (unsigned long long) ad_len, npub, secretkey) != 0) {
2320 zend_string_efree(msg);
2321 RETURN_FALSE;
2322 }
2323 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
2324 zend_string_efree(msg);
2325 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2326 RETURN_THROWS();
2327 }
2328 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
2329 ZSTR_VAL(msg)[msg_real_len] = 0;
2330
2331 RETURN_NEW_STR(msg);
2332}
2333
2334#ifdef crypto_aead_xchacha20poly1305_IETF_NPUBBYTES
2335PHP_FUNCTION(sodium_crypto_aead_xchacha20poly1305_ietf_encrypt)
2336{
2337 zend_string *ciphertext;
2338 unsigned char *ad;
2339 unsigned char *msg;
2340 unsigned char *npub;
2341 unsigned char *secretkey;
2342 unsigned long long ciphertext_real_len;
2343 size_t ad_len;
2344 size_t ciphertext_len;
2345 size_t msg_len;
2346 size_t npub_len;
2347 size_t secretkey_len;
2348
2349 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2350 &msg, &msg_len,
2351 &ad, &ad_len,
2352 &npub, &npub_len,
2353 &secretkey, &secretkey_len) == FAILURE) {
2354 sodium_remove_param_values_from_backtrace(EG(exception));
2355 RETURN_THROWS();
2356 }
2357 if (npub_len != crypto_aead_xchacha20poly1305_IETF_NPUBBYTES) {
2358 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES bytes long");
2359 RETURN_THROWS();
2360 }
2361 if (secretkey_len != crypto_aead_xchacha20poly1305_IETF_KEYBYTES) {
2362 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES bytes long");
2363 RETURN_THROWS();
2364 }
2365 if (SIZE_MAX - msg_len <= crypto_aead_xchacha20poly1305_IETF_ABYTES) {
2366 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2367 RETURN_THROWS();
2368 }
2369 ciphertext_len = msg_len + crypto_aead_xchacha20poly1305_IETF_ABYTES;
2370 ciphertext = zend_string_alloc((size_t) ciphertext_len, 0);
2371 if (crypto_aead_xchacha20poly1305_ietf_encrypt
2372 ((unsigned char *) ZSTR_VAL(ciphertext), &ciphertext_real_len, msg,
2373 (unsigned long long) msg_len,
2374 ad, (unsigned long long) ad_len, NULL, npub, secretkey) != 0) {
2375 zend_string_efree(ciphertext);
2376 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2377 RETURN_THROWS();
2378 }
2379 if (ciphertext_real_len <= 0U || ciphertext_real_len >= SIZE_MAX ||
2380 ciphertext_real_len > ciphertext_len) {
2381 zend_string_efree(ciphertext);
2382 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2383 RETURN_THROWS();
2384 }
2385 PHP_SODIUM_ZSTR_TRUNCATE(ciphertext, (size_t) ciphertext_real_len);
2386 ZSTR_VAL(ciphertext)[ciphertext_real_len] = 0;
2387
2388 RETURN_NEW_STR(ciphertext);
2389}
2390
2391PHP_FUNCTION(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt)
2392{
2393 zend_string *msg;
2394 unsigned char *ad;
2395 unsigned char *ciphertext;
2396 unsigned char *npub;
2397 unsigned char *secretkey;
2398 unsigned long long msg_real_len;
2399 size_t ad_len;
2400 size_t ciphertext_len;
2401 size_t msg_len;
2402 size_t npub_len;
2403 size_t secretkey_len;
2404
2405 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss",
2406 &ciphertext, &ciphertext_len,
2407 &ad, &ad_len,
2408 &npub, &npub_len,
2409 &secretkey, &secretkey_len) == FAILURE) {
2410 sodium_remove_param_values_from_backtrace(EG(exception));
2411 RETURN_THROWS();
2412 }
2413 if (npub_len != crypto_aead_xchacha20poly1305_IETF_NPUBBYTES) {
2414 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES bytes long");
2415 RETURN_THROWS();
2416 }
2417 if (secretkey_len != crypto_aead_xchacha20poly1305_IETF_KEYBYTES) {
2418 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES bytes long");
2419 RETURN_THROWS();
2420 }
2421 if (ciphertext_len < crypto_aead_xchacha20poly1305_IETF_ABYTES) {
2422 RETURN_FALSE;
2423 }
2424 msg_len = ciphertext_len;
2425 if (msg_len - crypto_aead_xchacha20poly1305_IETF_ABYTES >= SIZE_MAX) {
2426 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2427 RETURN_THROWS();
2428 }
2429 if ((unsigned long long) ciphertext_len -
2430 crypto_aead_xchacha20poly1305_IETF_ABYTES > 64ULL * (1ULL << 32) - 64ULL) {
2431 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2432 RETURN_THROWS();
2433 }
2434 msg = zend_string_alloc((size_t) msg_len, 0);
2435 if (crypto_aead_xchacha20poly1305_ietf_decrypt
2436 ((unsigned char *) ZSTR_VAL(msg), &msg_real_len, NULL,
2437 ciphertext, (unsigned long long) ciphertext_len,
2438 ad, (unsigned long long) ad_len, npub, secretkey) != 0) {
2439 zend_string_efree(msg);
2440 RETURN_FALSE;
2441 }
2442 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
2443 zend_string_efree(msg);
2444 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2445 RETURN_THROWS();
2446 }
2447 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
2448 ZSTR_VAL(msg)[msg_real_len] = 0;
2449
2450 RETURN_NEW_STR(msg);
2451}
2452#endif
2453
2454PHP_FUNCTION(sodium_bin2hex)
2455{
2456 zend_string *hex;
2457 unsigned char *bin;
2458 size_t bin_len;
2459 size_t hex_len;
2460
2461 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2462 &bin, &bin_len) == FAILURE) {
2463 sodium_remove_param_values_from_backtrace(EG(exception));
2464 RETURN_THROWS();
2465 }
2466 if (bin_len >= SIZE_MAX / 2U) {
2467 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2468 RETURN_THROWS();
2469 }
2470 hex_len = bin_len * 2U;
2471 hex = zend_string_alloc((size_t) hex_len, 0);
2472 sodium_bin2hex(ZSTR_VAL(hex), hex_len + 1U, bin, bin_len);
2473 ZSTR_VAL(hex)[hex_len] = 0;
2474
2475 RETURN_STR(hex);
2476}
2477
2478PHP_FUNCTION(sodium_hex2bin)
2479{
2480 zend_string *bin;
2481 const char *end;
2482 char *hex;
2483 char *ignore = NULL;
2484 size_t bin_real_len;
2485 size_t bin_len;
2486 size_t hex_len;
2487 size_t ignore_len = 0;
2488
2489 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s",
2490 &hex, &hex_len,
2491 &ignore, &ignore_len) == FAILURE) {
2492 sodium_remove_param_values_from_backtrace(EG(exception));
2493 RETURN_THROWS();
2494 }
2495 bin_len = hex_len / 2;
2496 bin = zend_string_alloc(bin_len, 0);
2497 if (sodium_hex2bin((unsigned char *) ZSTR_VAL(bin), bin_len, hex, hex_len,
2498 ignore, &bin_real_len, &end) != 0 ||
2499 end != hex + hex_len) {
2500 zend_string_efree(bin);
2501 zend_argument_error(sodium_exception_ce, 1, "must be a valid hexadecimal string");
2502 RETURN_THROWS();
2503 }
2504 if (bin_real_len >= SIZE_MAX || bin_real_len > bin_len) {
2505 zend_string_efree(bin);
2506 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2507 RETURN_THROWS();
2508 }
2509 PHP_SODIUM_ZSTR_TRUNCATE(bin, (size_t) bin_real_len);
2510 ZSTR_VAL(bin)[bin_real_len] = 0;
2511
2512 RETURN_NEW_STR(bin);
2513}
2514
2515#ifdef sodium_base64_VARIANT_ORIGINAL
2516PHP_FUNCTION(sodium_bin2base64)
2517{
2518 zend_string *b64;
2519 unsigned char *bin;
2520 zend_long variant;
2521 size_t bin_len;
2522 size_t b64_len;
2523
2524 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl",
2525 &bin, &bin_len, &variant) == FAILURE) {
2526 sodium_remove_param_values_from_backtrace(EG(exception));
2527 RETURN_THROWS();
2528 }
2529 if ((((unsigned int) variant) & ~ 0x6U) != 0x1U) {
2530 zend_argument_error(sodium_exception_ce, 2, "must be a valid base64 variant identifier");
2531 RETURN_THROWS();
2532 }
2533 if (bin_len >= SIZE_MAX / 4U * 3U - 3U - 1U) {
2534 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2535 RETURN_THROWS();
2536 }
2537 b64_len = sodium_base64_ENCODED_LEN(bin_len, variant);
2538 b64 = zend_string_alloc((size_t) b64_len - 1U, 0);
2539 sodium_bin2base64(ZSTR_VAL(b64), b64_len, bin, bin_len, (int) variant);
2540
2541 RETURN_STR(b64);
2542}
2543
2544PHP_FUNCTION(sodium_base642bin)
2545{
2546 zend_string *bin;
2547 char *b64;
2548 const char *end;
2549 char *ignore = NULL;
2550 zend_long variant;
2551 size_t bin_real_len;
2552 size_t bin_len;
2553 size_t b64_len;
2554 size_t ignore_len = 0;
2555
2556 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl|s",
2557 &b64, &b64_len, &variant,
2558 &ignore, &ignore_len) == FAILURE) {
2559 sodium_remove_param_values_from_backtrace(EG(exception));
2560 RETURN_THROWS();
2561 }
2562 if ((((unsigned int) variant) & ~ 0x6U) != 0x1U) {
2563 zend_argument_error(sodium_exception_ce, 2, "must be a valid base64 variant identifier");
2564 RETURN_THROWS();
2565 }
2566 bin_len = b64_len / 4U * 3U + 2U;
2567 bin = zend_string_alloc(bin_len, 0);
2568 if (sodium_base642bin((unsigned char *) ZSTR_VAL(bin), bin_len,
2569 b64, b64_len,
2570 ignore, &bin_real_len, &end, (int) variant) != 0 ||
2571 end != b64 + b64_len) {
2572 zend_string_efree(bin);
2573 zend_argument_error(sodium_exception_ce, 1, "must be a valid base64 string");
2574 RETURN_THROWS();
2575 }
2576 if (bin_real_len >= SIZE_MAX || bin_real_len > bin_len) {
2577 zend_string_efree(bin);
2578 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
2579 RETURN_THROWS();
2580 }
2581 PHP_SODIUM_ZSTR_TRUNCATE(bin, (size_t) bin_real_len);
2582 ZSTR_VAL(bin)[bin_real_len] = 0;
2583
2584 RETURN_NEW_STR(bin);
2585}
2586#endif
2587
2588PHP_FUNCTION(sodium_crypto_scalarmult)
2589{
2590 zend_string *q;
2591 unsigned char *n;
2592 unsigned char *p;
2593 size_t n_len;
2594 size_t p_len;
2595
2596 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
2597 &n, &n_len, &p, &p_len) == FAILURE) {
2598 sodium_remove_param_values_from_backtrace(EG(exception));
2599 RETURN_THROWS();
2600 }
2601 if (n_len != crypto_scalarmult_SCALARBYTES) {
2602 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SCALARMULT_SCALARBYTES bytes long");
2603 RETURN_THROWS();
2604 }
2605 if (p_len != crypto_scalarmult_BYTES) {
2606 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SCALARMULT_SCALARBYTES bytes long");
2607 RETURN_THROWS();
2608 }
2609 q = zend_string_alloc(crypto_scalarmult_BYTES, 0);
2610 if (crypto_scalarmult((unsigned char *) ZSTR_VAL(q), n, p) != 0) {
2611 zend_string_efree(q);
2612 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2613 RETURN_THROWS();
2614 }
2615 ZSTR_VAL(q)[crypto_scalarmult_BYTES] = 0;
2616
2617 RETURN_NEW_STR(q);
2618}
2619
2620#ifdef crypto_core_ristretto255_HASHBYTES
2621PHP_FUNCTION(sodium_crypto_scalarmult_ristretto255)
2622{
2623 zend_string *q;
2624 unsigned char *n;
2625 unsigned char *p;
2626 size_t n_len;
2627 size_t p_len;
2628
2629 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
2630 &n, &n_len, &p, &p_len) == FAILURE) {
2631 sodium_remove_param_values_from_backtrace(EG(exception));
2632 RETURN_THROWS();
2633 }
2634 if (n_len != crypto_scalarmult_ristretto255_SCALARBYTES) {
2635 zend_argument_error(sodium_exception_ce, 1,
2636 "must be SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_SCALARBYTES bytes long");
2637 RETURN_THROWS();
2638 }
2639 if (p_len != crypto_scalarmult_ristretto255_BYTES) {
2640 zend_argument_error(sodium_exception_ce, 2,
2641 "must be SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_BYTES bytes long");
2642 RETURN_THROWS();
2643 }
2644 q = zend_string_alloc(crypto_scalarmult_ristretto255_BYTES, 0);
2645 if (crypto_scalarmult_ristretto255((unsigned char *) ZSTR_VAL(q), n, p) != 0) {
2646 zend_string_efree(q);
2647 zend_throw_exception(sodium_exception_ce, "Result is identity element", 0);
2648 RETURN_THROWS();
2649 }
2650 ZSTR_VAL(q)[crypto_scalarmult_ristretto255_BYTES] = 0;
2651
2652 RETURN_NEW_STR(q);
2653}
2654
2655PHP_FUNCTION(sodium_crypto_scalarmult_ristretto255_base)
2656{
2657 zend_string *q;
2658 unsigned char *n;
2659 size_t n_len;
2660
2661 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2662 &n, &n_len) == FAILURE) {
2663 sodium_remove_param_values_from_backtrace(EG(exception));
2664 RETURN_THROWS();
2665 }
2666 if (n_len != crypto_scalarmult_ristretto255_SCALARBYTES) {
2667 zend_argument_error(sodium_exception_ce, 1,
2668 "must be SODIUM_CRYPTO_SCALARMULT_RISTRETTO255_SCALARBYTES bytes long");
2669 RETURN_THROWS();
2670 }
2671 q = zend_string_alloc(crypto_scalarmult_ristretto255_BYTES, 0);
2672 if (crypto_scalarmult_ristretto255_base((unsigned char *) ZSTR_VAL(q), n) != 0) {
2673 zend_string_efree(q);
2674 zend_argument_error(sodium_exception_ce, 1, "must not be zero", 0);
2675 RETURN_THROWS();
2676 }
2677 ZSTR_VAL(q)[crypto_scalarmult_BYTES] = 0;
2678
2679 RETURN_NEW_STR(q);
2680}
2681#endif
2682
2683PHP_FUNCTION(sodium_crypto_kx_seed_keypair)
2684{
2685 unsigned char *sk;
2686 unsigned char *pk;
2687 unsigned char *seed;
2688 size_t seed_len;
2689 zend_string *keypair;
2690
2691 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2692 &seed, &seed_len) == FAILURE) {
2693 sodium_remove_param_values_from_backtrace(EG(exception));
2694 RETURN_THROWS();
2695 }
2696 if (seed_len != crypto_kx_SEEDBYTES) {
2697 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_KX_SEEDBYTES bytes long");
2698 RETURN_THROWS();
2699 }
2700 (void) sizeof(int[crypto_scalarmult_SCALARBYTES == crypto_kx_PUBLICKEYBYTES ? 1 : -1]);
2701 (void) sizeof(int[crypto_scalarmult_SCALARBYTES == crypto_kx_SECRETKEYBYTES ? 1 : -1]);
2702 keypair = zend_string_alloc(crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES, 0);
2703 sk = (unsigned char *) ZSTR_VAL(keypair);
2704 pk = sk + crypto_kx_SECRETKEYBYTES;
2705 crypto_generichash(sk, crypto_kx_SECRETKEYBYTES,
2706 seed, crypto_kx_SEEDBYTES, NULL, 0);
2707 if (crypto_scalarmult_base(pk, sk) != 0) {
2708 zend_string_efree(keypair);
2709 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2710 RETURN_THROWS();
2711 }
2712 ZSTR_VAL(keypair)[crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES] = 0;
2713 RETURN_STR(keypair);
2714}
2715
2716PHP_FUNCTION(sodium_crypto_kx_keypair)
2717{
2718 unsigned char *sk;
2719 unsigned char *pk;
2720 zend_string *keypair;
2721
2722 if (zend_parse_parameters_none() == FAILURE) {
2723 RETURN_THROWS();
2724 }
2725 keypair = zend_string_alloc(crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES, 0);
2726 sk = (unsigned char *) ZSTR_VAL(keypair);
2727 pk = sk + crypto_kx_SECRETKEYBYTES;
2728 randombytes_buf(sk, crypto_kx_SECRETKEYBYTES);
2729 if (crypto_scalarmult_base(pk, sk) != 0) {
2730 zend_string_efree(keypair);
2731 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2732 RETURN_THROWS();
2733 }
2734 ZSTR_VAL(keypair)[crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES] = 0;
2735 RETURN_STR(keypair);
2736}
2737
2738PHP_FUNCTION(sodium_crypto_kx_secretkey)
2739{
2740 zend_string *secretkey;
2741 unsigned char *keypair;
2742 size_t keypair_len;
2743
2744 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2745 &keypair, &keypair_len) == FAILURE) {
2746 sodium_remove_param_values_from_backtrace(EG(exception));
2747 RETURN_THROWS();
2748 }
2749 if (keypair_len !=
2750 crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES) {
2751 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_KX_KEYPAIRBYTES bytes long");
2752 RETURN_THROWS();
2753 }
2754 secretkey = zend_string_alloc(crypto_kx_SECRETKEYBYTES, 0);
2755 memcpy(ZSTR_VAL(secretkey), keypair, crypto_kx_SECRETKEYBYTES);
2756 ZSTR_VAL(secretkey)[crypto_kx_SECRETKEYBYTES] = 0;
2757
2758 RETURN_STR(secretkey);
2759}
2760
2761PHP_FUNCTION(sodium_crypto_kx_publickey)
2762{
2763 zend_string *publickey;
2764 unsigned char *keypair;
2765 size_t keypair_len;
2766
2767 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2768 &keypair, &keypair_len) == FAILURE) {
2769 sodium_remove_param_values_from_backtrace(EG(exception));
2770 RETURN_THROWS();
2771 }
2772 if (keypair_len !=
2773 crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES) {
2774 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_KX_KEYPAIRBYTES bytes long");
2775 RETURN_THROWS();
2776 }
2777 publickey = zend_string_alloc(crypto_kx_PUBLICKEYBYTES, 0);
2778 memcpy(ZSTR_VAL(publickey), keypair + crypto_kx_SECRETKEYBYTES,
2779 crypto_kx_PUBLICKEYBYTES);
2780 ZSTR_VAL(publickey)[crypto_kx_PUBLICKEYBYTES] = 0;
2781
2782 RETURN_STR(publickey);
2783}
2784
2785PHP_FUNCTION(sodium_crypto_kx_client_session_keys)
2786{
2787 crypto_generichash_state h;
2788 unsigned char q[crypto_scalarmult_BYTES];
2789 unsigned char *keypair;
2790 unsigned char *client_sk;
2791 unsigned char *client_pk;
2792 unsigned char *server_pk;
2793 unsigned char session_keys[2 * crypto_kx_SESSIONKEYBYTES];
2794 size_t keypair_len;
2795 size_t server_pk_len;
2796
2797 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
2798 &keypair, &keypair_len,
2799 &server_pk, &server_pk_len) == FAILURE) {
2800 sodium_remove_param_values_from_backtrace(EG(exception));
2801 RETURN_THROWS();
2802 }
2803 if (keypair_len != crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES) {
2804 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_KX_KEYPAIRBYTES bytes long");
2805 RETURN_THROWS();
2806 }
2807 if (server_pk_len != crypto_kx_PUBLICKEYBYTES) {
2808 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_KX_PUBLICKEYBYTES bytes long");
2809 RETURN_THROWS();
2810 }
2811 client_sk = &keypair[0];
2812 client_pk = &keypair[crypto_kx_SECRETKEYBYTES];
2813 (void) sizeof(int[crypto_scalarmult_SCALARBYTES == crypto_kx_PUBLICKEYBYTES ? 1 : -1]);
2814 (void) sizeof(int[crypto_scalarmult_SCALARBYTES == crypto_kx_SECRETKEYBYTES ? 1 : -1]);
2815 if (crypto_scalarmult(q, client_sk, server_pk) != 0) {
2816 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2817 RETURN_THROWS();
2818 }
2819 crypto_generichash_init(&h, NULL, 0U, 2 * crypto_kx_SESSIONKEYBYTES);
2820 crypto_generichash_update(&h, q, sizeof q);
2821 sodium_memzero(q, sizeof q);
2822 crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES);
2823 crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES);
2824 crypto_generichash_final(&h, session_keys, 2 * crypto_kx_SESSIONKEYBYTES);
2825 sodium_memzero(&h, sizeof h);
2826 array_init(return_value);
2827 add_next_index_stringl(return_value,
2828 (const char *) session_keys,
2829 crypto_kx_SESSIONKEYBYTES);
2830 add_next_index_stringl(return_value,
2831 (const char *) session_keys + crypto_kx_SESSIONKEYBYTES,
2832 crypto_kx_SESSIONKEYBYTES);
2833}
2834
2835PHP_FUNCTION(sodium_crypto_kx_server_session_keys)
2836{
2837 crypto_generichash_state h;
2838 unsigned char q[crypto_scalarmult_BYTES];
2839 unsigned char *keypair;
2840 unsigned char *server_sk;
2841 unsigned char *server_pk;
2842 unsigned char *client_pk;
2843 unsigned char session_keys[2 * crypto_kx_SESSIONKEYBYTES];
2844 size_t keypair_len;
2845 size_t client_pk_len;
2846
2847 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
2848 &keypair, &keypair_len,
2849 &client_pk, &client_pk_len) == FAILURE) {
2850 sodium_remove_param_values_from_backtrace(EG(exception));
2851 RETURN_THROWS();
2852 }
2853 if (keypair_len != crypto_kx_SECRETKEYBYTES + crypto_kx_PUBLICKEYBYTES) {
2854 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_KX_KEYPAIRBYTES bytes long");
2855 RETURN_THROWS();
2856 }
2857 if (client_pk_len != crypto_kx_PUBLICKEYBYTES) {
2858 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_KX_PUBLICKEYBYTES bytes long");
2859 RETURN_THROWS();
2860 }
2861 server_sk = &keypair[0];
2862 server_pk = &keypair[crypto_kx_SECRETKEYBYTES];
2863 (void) sizeof(int[crypto_scalarmult_SCALARBYTES == crypto_kx_PUBLICKEYBYTES ? 1 : -1]);
2864 (void) sizeof(int[crypto_scalarmult_SCALARBYTES == crypto_kx_SECRETKEYBYTES ? 1 : -1]);
2865 if (crypto_scalarmult(q, server_sk, client_pk) != 0) {
2866 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2867 RETURN_THROWS();
2868 }
2869 crypto_generichash_init(&h, NULL, 0U, 2 * crypto_kx_SESSIONKEYBYTES);
2870 crypto_generichash_update(&h, q, sizeof q);
2871 sodium_memzero(q, sizeof q);
2872 crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES);
2873 crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES);
2874 crypto_generichash_final(&h, session_keys, 2 * crypto_kx_SESSIONKEYBYTES);
2875 sodium_memzero(&h, sizeof h);
2876 array_init(return_value);
2877 add_next_index_stringl(return_value,
2878 (const char *) session_keys + crypto_kx_SESSIONKEYBYTES,
2879 crypto_kx_SESSIONKEYBYTES);
2880 add_next_index_stringl(return_value,
2881 (const char *) session_keys,
2882 crypto_kx_SESSIONKEYBYTES);
2883}
2884
2885PHP_FUNCTION(sodium_crypto_auth)
2886{
2887 zend_string *mac;
2888 char *key;
2889 char *msg;
2890 size_t msg_len;
2891 size_t key_len;
2892
2893 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
2894 &msg, &msg_len,
2895 &key, &key_len) == FAILURE) {
2896 sodium_remove_param_values_from_backtrace(EG(exception));
2897 RETURN_THROWS();
2898 }
2899 if (key_len != crypto_auth_KEYBYTES) {
2900 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_AUTH_KEYBYTES bytes long");
2901 RETURN_THROWS();
2902 }
2903 mac = zend_string_alloc(crypto_auth_BYTES, 0);
2904 if (crypto_auth((unsigned char *) ZSTR_VAL(mac),
2905 (const unsigned char *) msg, msg_len,
2906 (const unsigned char *) key) != 0) {
2907 zend_string_efree(mac);
2908 zend_throw_exception(sodium_exception_ce, "internal error", 0);
2909 RETURN_THROWS();
2910 }
2911 ZSTR_VAL(mac)[crypto_auth_BYTES] = 0;
2912
2913 RETURN_STR(mac);
2914}
2915
2916PHP_FUNCTION(sodium_crypto_auth_verify)
2917{
2918 char *mac;
2919 char *key;
2920 char *msg;
2921 size_t mac_len;
2922 size_t msg_len;
2923 size_t key_len;
2924
2925 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sss",
2926 &mac, &mac_len,
2927 &msg, &msg_len,
2928 &key, &key_len) == FAILURE) {
2929 sodium_remove_param_values_from_backtrace(EG(exception));
2930 RETURN_THROWS();
2931 }
2932 if (key_len != crypto_auth_KEYBYTES) {
2933 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_AUTH_KEYBYTES bytes long");
2934 RETURN_THROWS();
2935 }
2936 if (mac_len != crypto_auth_BYTES) {
2937 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_AUTH_BYTES bytes long");
2938 RETURN_THROWS();
2939 }
2940 if (crypto_auth_verify((const unsigned char *) mac,
2941 (const unsigned char *) msg, msg_len,
2942 (const unsigned char *) key) != 0) {
2943 RETURN_FALSE;
2944 }
2945 RETURN_TRUE;
2946}
2947
2948PHP_FUNCTION(sodium_crypto_sign_ed25519_sk_to_curve25519)
2949{
2950 zend_string *ecdhkey;
2951 char *eddsakey;
2952 size_t eddsakey_len;
2953
2954 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2955 &eddsakey, &eddsakey_len) == FAILURE) {
2956 sodium_remove_param_values_from_backtrace(EG(exception));
2957 RETURN_THROWS();
2958 }
2959 if (eddsakey_len != crypto_sign_SECRETKEYBYTES) {
2960 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_SECRETKEYBYTES bytes long");
2961 RETURN_THROWS();
2962 }
2963 ecdhkey = zend_string_alloc(crypto_box_SECRETKEYBYTES, 0);
2964
2965 if (crypto_sign_ed25519_sk_to_curve25519((unsigned char *) ZSTR_VAL(ecdhkey),
2966 (const unsigned char *) eddsakey) != 0) {
2967 zend_string_efree(ecdhkey);
2968 zend_throw_exception(sodium_exception_ce, "conversion failed", 0);
2969 RETURN_THROWS();
2970 }
2971 ZSTR_VAL(ecdhkey)[crypto_box_SECRETKEYBYTES] = 0;
2972
2973 RETURN_STR(ecdhkey);
2974}
2975
2976PHP_FUNCTION(sodium_crypto_sign_ed25519_pk_to_curve25519)
2977{
2978 zend_string *ecdhkey;
2979 char *eddsakey;
2980 size_t eddsakey_len;
2981
2982 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
2983 &eddsakey, &eddsakey_len) == FAILURE) {
2984 sodium_remove_param_values_from_backtrace(EG(exception));
2985 RETURN_THROWS();
2986 }
2987 if (eddsakey_len != crypto_sign_PUBLICKEYBYTES) {
2988 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES bytes long");
2989 RETURN_THROWS();
2990 }
2991 ecdhkey = zend_string_alloc(crypto_sign_PUBLICKEYBYTES, 0);
2992
2993 if (crypto_sign_ed25519_pk_to_curve25519((unsigned char *) ZSTR_VAL(ecdhkey),
2994 (const unsigned char *) eddsakey) != 0) {
2995 zend_string_efree(ecdhkey);
2996 zend_throw_exception(sodium_exception_ce, "conversion failed", 0);
2997 RETURN_THROWS();
2998 }
2999 ZSTR_VAL(ecdhkey)[crypto_box_PUBLICKEYBYTES] = 0;
3000
3001 RETURN_STR(ecdhkey);
3002}
3003
3004PHP_FUNCTION(sodium_compare)
3005{
3006 char *buf1;
3007 char *buf2;
3008 size_t len1;
3009 size_t len2;
3010
3011 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3012 &buf1, &len1,
3013 &buf2, &len2) == FAILURE) {
3014 sodium_remove_param_values_from_backtrace(EG(exception));
3015 RETURN_THROWS();
3016 }
3017 if (len1 != len2) {
3018 zend_argument_error(sodium_exception_ce, 1, "and argument #2 ($string_2) must have the same length");
3019 RETURN_THROWS();
3020 } else {
3021 RETURN_LONG(sodium_compare((const unsigned char *) buf1,
3022 (const unsigned char *) buf2, (size_t) len1));
3023 }
3024}
3025
3026#ifdef HAVE_AESGCM
3027PHP_FUNCTION(sodium_crypto_aead_aes256gcm_keygen)
3028{
3029 unsigned char key[crypto_aead_aes256gcm_KEYBYTES];
3030
3031 if (zend_parse_parameters_none() == FAILURE) {
3032 RETURN_THROWS();
3033 }
3034 randombytes_buf(key, sizeof key);
3035 RETURN_STRINGL((const char *) key, sizeof key);
3036}
3037#endif
3038
3039#ifdef crypto_aead_aegis128l_KEYBYTES
3040PHP_FUNCTION(sodium_crypto_aead_aegis128l_keygen)
3041{
3042 unsigned char key[crypto_aead_aegis128l_KEYBYTES];
3043
3044 if (zend_parse_parameters_none() == FAILURE) {
3045 RETURN_THROWS();
3046 }
3047 crypto_aead_aegis128l_keygen(key);
3048 RETURN_STRINGL((const char *) key, sizeof key);
3049}
3050#endif
3051
3052#ifdef crypto_aead_aegis256_KEYBYTES
3053PHP_FUNCTION(sodium_crypto_aead_aegis256_keygen)
3054{
3055 unsigned char key[crypto_aead_aegis256_KEYBYTES];
3056
3057 if (zend_parse_parameters_none() == FAILURE) {
3058 RETURN_THROWS();
3059 }
3060 crypto_aead_aegis256_keygen(key);
3061 RETURN_STRINGL((const char *) key, sizeof key);
3062}
3063#endif
3064
3065PHP_FUNCTION(sodium_crypto_aead_chacha20poly1305_keygen)
3066{
3067 unsigned char key[crypto_aead_chacha20poly1305_KEYBYTES];
3068
3069 if (zend_parse_parameters_none() == FAILURE) {
3070 RETURN_THROWS();
3071 }
3072 randombytes_buf(key, sizeof key);
3073 RETURN_STRINGL((const char *) key, sizeof key);
3074}
3075
3076PHP_FUNCTION(sodium_crypto_aead_chacha20poly1305_ietf_keygen)
3077{
3078 unsigned char key[crypto_aead_chacha20poly1305_IETF_KEYBYTES];
3079
3080 if (zend_parse_parameters_none() == FAILURE) {
3081 RETURN_THROWS();
3082 }
3083 randombytes_buf(key, sizeof key);
3084 RETURN_STRINGL((const char *) key, sizeof key);
3085}
3086
3087#ifdef crypto_aead_xchacha20poly1305_IETF_NPUBBYTES
3088PHP_FUNCTION(sodium_crypto_aead_xchacha20poly1305_ietf_keygen)
3089{
3090 unsigned char key[crypto_aead_xchacha20poly1305_IETF_KEYBYTES];
3091
3092 if (zend_parse_parameters_none() == FAILURE) {
3093 RETURN_THROWS();
3094 }
3095 randombytes_buf(key, sizeof key);
3096 RETURN_STRINGL((const char *) key, sizeof key);
3097}
3098#endif
3099
3100PHP_FUNCTION(sodium_crypto_auth_keygen)
3101{
3102 unsigned char key[crypto_auth_KEYBYTES];
3103
3104 if (zend_parse_parameters_none() == FAILURE) {
3105 RETURN_THROWS();
3106 }
3107 randombytes_buf(key, sizeof key);
3108 RETURN_STRINGL((const char *) key, sizeof key);
3109}
3110
3111PHP_FUNCTION(sodium_crypto_generichash_keygen)
3112{
3113 unsigned char key[crypto_generichash_KEYBYTES];
3114
3115 if (zend_parse_parameters_none() == FAILURE) {
3116 RETURN_THROWS();
3117 }
3118 randombytes_buf(key, sizeof key);
3119 RETURN_STRINGL((const char *) key, sizeof key);
3120}
3121
3122PHP_FUNCTION(sodium_crypto_kdf_keygen)
3123{
3124 unsigned char key[crypto_kdf_KEYBYTES];
3125
3126 if (zend_parse_parameters_none() == FAILURE) {
3127 RETURN_THROWS();
3128 }
3129 randombytes_buf(key, sizeof key);
3130 RETURN_STRINGL((const char *) key, sizeof key);
3131}
3132
3133PHP_FUNCTION(sodium_crypto_secretbox_keygen)
3134{
3135 unsigned char key[crypto_secretbox_KEYBYTES];
3136
3137 if (zend_parse_parameters_none() == FAILURE) {
3138 RETURN_THROWS();
3139 }
3140 randombytes_buf(key, sizeof key);
3141 RETURN_STRINGL((const char *) key, sizeof key);
3142}
3143
3144PHP_FUNCTION(sodium_crypto_shorthash_keygen)
3145{
3146 unsigned char key[crypto_shorthash_KEYBYTES];
3147
3148 if (zend_parse_parameters_none() == FAILURE) {
3149 RETURN_THROWS();
3150 }
3151 randombytes_buf(key, sizeof key);
3152 RETURN_STRINGL((const char *) key, sizeof key);
3153}
3154
3155PHP_FUNCTION(sodium_crypto_stream_keygen)
3156{
3157 unsigned char key[crypto_stream_KEYBYTES];
3158
3159 if (zend_parse_parameters_none() == FAILURE) {
3160 RETURN_THROWS();
3161 }
3162 randombytes_buf(key, sizeof key);
3163 RETURN_STRINGL((const char *) key, sizeof key);
3164}
3165#ifdef crypto_stream_xchacha20_KEYBYTES
3166PHP_FUNCTION(sodium_crypto_stream_xchacha20_keygen)
3167{
3168 unsigned char key[crypto_stream_xchacha20_KEYBYTES];
3169
3170 if (zend_parse_parameters_none() == FAILURE) {
3171 return;
3172 }
3173 randombytes_buf(key, sizeof key);
3174 RETURN_STRINGL((const char *) key, sizeof key);
3175}
3176#endif
3177
3178PHP_FUNCTION(sodium_crypto_kdf_derive_from_key)
3179{
3180 unsigned char ctx_padded[crypto_generichash_blake2b_PERSONALBYTES];
3181#ifndef crypto_kdf_PRIMITIVE
3182 unsigned char salt[crypto_generichash_blake2b_SALTBYTES];
3183#endif
3184 char *ctx;
3185 char *key;
3186 zend_string *subkey;
3187 zend_long subkey_id;
3188 zend_long subkey_len;
3189 size_t ctx_len;
3190 size_t key_len;
3191
3192 if (zend_parse_parameters(ZEND_NUM_ARGS(), "llss",
3193 &subkey_len,
3194 &subkey_id,
3195 &ctx, &ctx_len,
3196 &key, &key_len) == FAILURE) {
3197 sodium_remove_param_values_from_backtrace(EG(exception));
3198 RETURN_THROWS();
3199 }
3200 if (subkey_len < crypto_kdf_BYTES_MIN) {
3201 zend_argument_error(sodium_exception_ce, 1, "must be greater than or equal to SODIUM_CRYPTO_KDF_BYTES_MIN");
3202 RETURN_THROWS();
3203 }
3204 if (subkey_len > crypto_kdf_BYTES_MAX || subkey_len > SIZE_MAX) {
3205 zend_argument_error(sodium_exception_ce, 1, "must be less than or equal to SODIUM_CRYPTO_KDF_BYTES_MAX");
3206 RETURN_THROWS();
3207 }
3208 if (subkey_id < 0) {
3209 zend_argument_error(sodium_exception_ce, 2, "must be greater than or equal to 0");
3210 RETURN_THROWS();
3211 }
3212 if (ctx_len != crypto_kdf_CONTEXTBYTES) {
3213 zend_argument_error(sodium_exception_ce, 3, "must be SODIUM_CRYPTO_KDF_CONTEXTBYTES bytes long");
3214 RETURN_THROWS();
3215 }
3216 if (key_len != crypto_kdf_KEYBYTES) {
3217 zend_argument_error(sodium_exception_ce, 4, "must be SODIUM_CRYPTO_KDF_BYTES_MIN bytes long");
3218 RETURN_THROWS();
3219 }
3220 memcpy(ctx_padded, ctx, crypto_kdf_CONTEXTBYTES);
3221 memset(ctx_padded + crypto_kdf_CONTEXTBYTES, 0, sizeof ctx_padded - crypto_kdf_CONTEXTBYTES);
3222 subkey = zend_string_alloc((size_t) subkey_len, 0);
3223#ifdef crypto_kdf_PRIMITIVE
3224 crypto_kdf_derive_from_key((unsigned char *) ZSTR_VAL(subkey),
3225 (size_t) subkey_len, (uint64_t) subkey_id,
3226 ctx, (const unsigned char *) key);
3227#else
3228 salt[0] = (unsigned char) (((uint64_t) subkey_id) );
3229 salt[1] = (unsigned char) (((uint64_t) subkey_id) >> 8);
3230 salt[2] = (unsigned char) (((uint64_t) subkey_id) >> 16);
3231 salt[3] = (unsigned char) (((uint64_t) subkey_id) >> 24);
3232 salt[4] = (unsigned char) (((uint64_t) subkey_id) >> 32);
3233 salt[5] = (unsigned char) (((uint64_t) subkey_id) >> 40);
3234 salt[6] = (unsigned char) (((uint64_t) subkey_id) >> 48);
3235 salt[7] = (unsigned char) (((uint64_t) subkey_id) >> 56);
3236 memset(salt + 8, 0, (sizeof salt) - 8);
3237 crypto_generichash_blake2b_salt_personal((unsigned char *) ZSTR_VAL(subkey),
3238 (size_t) subkey_len,
3239 NULL, 0,
3240 (const unsigned char *) key,
3241 crypto_kdf_KEYBYTES,
3242 salt, ctx_padded);
3243#endif
3244 ZSTR_VAL(subkey)[subkey_len] = 0;
3245
3246 RETURN_STR(subkey);
3247}
3248
3249PHP_FUNCTION(sodium_pad)
3250{
3251 zend_string *padded;
3252 char *unpadded;
3253 zend_long blocksize;
3254 volatile size_t st;
3255 size_t i, j, k;
3256 size_t unpadded_len;
3257 size_t xpadlen;
3258 size_t xpadded_len;
3259
3260 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl",
3261 &unpadded, &unpadded_len, &blocksize) == FAILURE) {
3262 sodium_remove_param_values_from_backtrace(EG(exception));
3263 RETURN_THROWS();
3264 }
3265 if (blocksize <= 0) {
3266 zend_argument_error(sodium_exception_ce, 2, "must be greater than 0");
3267 RETURN_THROWS();
3268 }
3269 if (blocksize > SIZE_MAX) {
3270 zend_argument_error(sodium_exception_ce, 2, "is too large");
3271 RETURN_THROWS();
3272 }
3273 xpadlen = blocksize - 1U;
3274 if ((blocksize & (blocksize - 1U)) == 0U) {
3275 xpadlen -= unpadded_len & ((size_t) blocksize - 1U);
3276 } else {
3277 xpadlen -= unpadded_len % (size_t) blocksize;
3278 }
3279 if ((size_t) SIZE_MAX - unpadded_len <= xpadlen) {
3280 zend_throw_exception(sodium_exception_ce, "input is too large", 0);
3281 RETURN_THROWS();
3282 }
3283 xpadded_len = unpadded_len + xpadlen;
3284 padded = zend_string_alloc(xpadded_len + 1U, 0);
3285 if (unpadded_len > 0) {
3286 st = 1U;
3287 i = 0U;
3288 k = unpadded_len;
3289 for (j = 0U; j <= xpadded_len; j++) {
3290 ZSTR_VAL(padded)[j] = unpadded[i];
3291 k -= st;
3292 st = (size_t) (~(((( (((uint64_t) k) >> 48) | (((uint64_t) k) >> 32) |
3293 (k >> 16) | k) & 0xffff) - 1U) >> 16)) & 1U;
3294 i += st;
3295 }
3296 }
3297#if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
3298 if (sodium_pad(NULL, (unsigned char *) ZSTR_VAL(padded), unpadded_len,
3299 (size_t) blocksize, xpadded_len + 1U) != 0) {
3300 zend_string_efree(padded);
3301 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3302 RETURN_THROWS();
3303 }
3304#else
3305 {
3306 char *tail;
3307 volatile unsigned char mask;
3308 unsigned char barrier_mask;
3309
3310 tail = &ZSTR_VAL(padded)[xpadded_len];
3311 mask = 0U;
3312 for (i = 0; i < blocksize; i++) {
3313 barrier_mask = (unsigned char)
3314 (((i ^ xpadlen) - 1U) >> ((sizeof(size_t) - 1U) * CHAR_BIT));
3315 tail[-i] = (tail[-i] & mask) | (0x80 & barrier_mask);
3316 mask |= barrier_mask;
3317 }
3318 }
3319#endif
3320 ZSTR_VAL(padded)[xpadded_len + 1U] = 0;
3321
3322 RETURN_STR(padded);
3323}
3324
3325PHP_FUNCTION(sodium_unpad)
3326{
3327 zend_string *unpadded;
3328 char *padded;
3329 size_t padded_len;
3330 size_t unpadded_len;
3331 zend_long blocksize;
3332 int ret;
3333
3334 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sl",
3335 &padded, &padded_len, &blocksize) == FAILURE) {
3336 sodium_remove_param_values_from_backtrace(EG(exception));
3337 RETURN_THROWS();
3338 }
3339 if (blocksize <= 0) {
3340 zend_argument_error(sodium_exception_ce, 2, "must be greater than 0");
3341 RETURN_THROWS();
3342 }
3343 if (blocksize > SIZE_MAX) {
3344 zend_argument_error(sodium_exception_ce, 2, "is too large");
3345 RETURN_THROWS();
3346 }
3347 if (padded_len < blocksize) {
3348 zend_argument_error(sodium_exception_ce, 1, "must be at least as long as the block size");
3349 RETURN_THROWS();
3350 }
3351
3352#if SODIUM_LIBRARY_VERSION_MAJOR > 9 || (SODIUM_LIBRARY_VERSION_MAJOR == 9 && SODIUM_LIBRARY_VERSION_MINOR >= 6)
3353 ret = sodium_unpad(&unpadded_len, (const unsigned char *) padded,
3354 padded_len, (size_t) blocksize);
3355#else
3356 {
3357 const char *tail;
3358 unsigned char acc = 0U;
3359 unsigned char c;
3360 unsigned char valid = 0U;
3361 volatile size_t pad_len = 0U;
3362 size_t i;
3363 size_t is_barrier;
3364
3365 tail = &padded[padded_len - 1U];
3366
3367 for (i = 0U; i < (size_t) blocksize; i++) {
3368 c = tail[-i];
3369 is_barrier =
3370 (( (acc - 1U) & (pad_len - 1U) & ((c ^ 0x80) - 1U) ) >> 8) & 1U;
3371 acc |= c;
3372 pad_len |= i & (1U + ~is_barrier);
3373 valid |= (unsigned char) is_barrier;
3374 }
3375 unpadded_len = padded_len - 1U - pad_len;
3376 ret = (int) (valid - 1U);
3377 }
3378#endif
3379 if (ret != 0 || unpadded_len > LONG_MAX) {
3380 zend_throw_exception(sodium_exception_ce, "invalid padding", 0);
3381 RETURN_THROWS();
3382 }
3383 unpadded = zend_string_init(padded, padded_len, 0);
3384 PHP_SODIUM_ZSTR_TRUNCATE(unpadded, unpadded_len);
3385 ZSTR_VAL(unpadded)[unpadded_len] = 0;
3386 RETURN_STR(unpadded);
3387}
3388
3389#ifdef crypto_secretstream_xchacha20poly1305_ABYTES
3390PHP_FUNCTION(sodium_crypto_secretstream_xchacha20poly1305_keygen)
3391{
3392 unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES];
3393
3394 if (zend_parse_parameters_none() == FAILURE) {
3395 RETURN_THROWS();
3396 }
3397 randombytes_buf(key, sizeof key);
3398 RETURN_STRINGL((const char *) key, sizeof key);
3399}
3400
3401PHP_FUNCTION(sodium_crypto_secretstream_xchacha20poly1305_init_push)
3402{
3403 crypto_secretstream_xchacha20poly1305_state state;
3404 unsigned char header[crypto_secretstream_xchacha20poly1305_HEADERBYTES];
3405 unsigned char *key;
3406 size_t key_len;
3407
3408 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3409 &key, &key_len) == FAILURE) {
3410 sodium_remove_param_values_from_backtrace(EG(exception));
3411 RETURN_THROWS();
3412 }
3413 if (key_len != crypto_secretstream_xchacha20poly1305_KEYBYTES) {
3414 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_KEYBYTES bytes long");
3415 RETURN_THROWS();
3416 }
3417 if (crypto_secretstream_xchacha20poly1305_init_push(&state,
3418 header, key) != 0) {
3419 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3420 RETURN_THROWS();
3421 }
3422 array_init(return_value);
3423 add_next_index_stringl(return_value, (const char *) &state, sizeof state);
3424 add_next_index_stringl(return_value, (const char *) header, sizeof header);
3425}
3426
3427PHP_FUNCTION(sodium_crypto_secretstream_xchacha20poly1305_push)
3428{
3429 zval *state_zv;
3430 zend_string *c;
3431 unsigned char *ad = NULL;
3432 unsigned char *msg;
3433 unsigned char *state;
3434 unsigned long long c_real_len;
3435 zend_long tag = crypto_secretstream_xchacha20poly1305_TAG_MESSAGE;
3436 size_t ad_len = (size_t) 0U;
3437 size_t c_len;
3438 size_t msg_len;
3439 size_t state_len;
3440
3441 if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs|sl",
3442 &state_zv,
3443 &msg, &msg_len, &ad, &ad_len, &tag) == FAILURE) {
3444 sodium_remove_param_values_from_backtrace(EG(exception));
3445 RETURN_THROWS();
3446 }
3447 ZVAL_DEREF(state_zv);
3448 if (Z_TYPE_P(state_zv) != IS_STRING) {
3449 zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state");
3450 RETURN_THROWS();
3451 }
3452 sodium_separate_string(state_zv);
3453 state = (unsigned char *) Z_STRVAL(*state_zv);
3454 state_len = Z_STRLEN(*state_zv);
3455 if (state_len != sizeof (crypto_secretstream_xchacha20poly1305_state)) {
3456 zend_argument_error(sodium_exception_ce, 1, "must have a correct length");
3457 RETURN_THROWS();
3458 }
3459 if (msg_len > crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX ||
3460 msg_len > SIZE_MAX - crypto_secretstream_xchacha20poly1305_ABYTES) {
3461 zend_argument_error(sodium_exception_ce, 2, "must be at most SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_MESSAGEBYTES_MAX bytes long");
3462 RETURN_THROWS();
3463 }
3464 if (tag < 0 || tag > 255) {
3465 zend_argument_error(sodium_exception_ce, 4, "must be in the range of 0-255");
3466 RETURN_THROWS();
3467 }
3468 c_len = msg_len + crypto_secretstream_xchacha20poly1305_ABYTES;
3469 c = zend_string_alloc((size_t) c_len, 0);
3470 if (crypto_secretstream_xchacha20poly1305_push
3471 ((void *) state, (unsigned char *) ZSTR_VAL(c), &c_real_len,
3472 msg, (unsigned long long) msg_len, ad, (unsigned long long) ad_len,
3473 (unsigned char) tag) != 0) {
3474 zend_string_efree(c);
3475 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3476 RETURN_THROWS();
3477 }
3478 if (c_real_len <= 0U || c_real_len >= SIZE_MAX || c_real_len > c_len) {
3479 zend_string_efree(c);
3480 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
3481 RETURN_THROWS();
3482 }
3483 PHP_SODIUM_ZSTR_TRUNCATE(c, (size_t) c_real_len);
3484 ZSTR_VAL(c)[c_real_len] = 0;
3485
3486 RETURN_NEW_STR(c);
3487}
3488
3489PHP_FUNCTION(sodium_crypto_secretstream_xchacha20poly1305_init_pull)
3490{
3491 crypto_secretstream_xchacha20poly1305_state state;
3492 unsigned char *header;
3493 unsigned char *key;
3494 size_t header_len;
3495 size_t key_len;
3496
3497 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3498 &header, &header_len,
3499 &key, &key_len) == FAILURE) {
3500 sodium_remove_param_values_from_backtrace(EG(exception));
3501 RETURN_THROWS();
3502 }
3503 if (header_len != crypto_secretstream_xchacha20poly1305_HEADERBYTES) {
3504 zend_argument_error(sodium_exception_ce, 1, "must be SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES bytes long");
3505 RETURN_THROWS();
3506 }
3507 if (key_len != crypto_secretstream_xchacha20poly1305_KEYBYTES) {
3508 zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_KEYBYTES bytes long");
3509 RETURN_THROWS();
3510 }
3511 if (crypto_secretstream_xchacha20poly1305_init_pull(&state,
3512 header, key) != 0) {
3513 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3514 RETURN_THROWS();
3515 }
3516 RETURN_STRINGL((const char *) &state, sizeof state);
3517}
3518
3519PHP_FUNCTION(sodium_crypto_secretstream_xchacha20poly1305_pull)
3520{
3521 zval *state_zv;
3522 zend_string *msg;
3523 unsigned char *ad = NULL;
3524 unsigned char *c;
3525 unsigned char *state;
3526 unsigned long long msg_real_len;
3527 size_t ad_len = (size_t) 0U;
3528 size_t msg_len;
3529 size_t c_len;
3530 size_t state_len;
3531 unsigned char tag;
3532
3533 if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs|s",
3534 &state_zv,
3535 &c, &c_len, &ad, &ad_len) == FAILURE) {
3536 sodium_remove_param_values_from_backtrace(EG(exception));
3537 RETURN_THROWS();
3538 }
3539 ZVAL_DEREF(state_zv);
3540 if (Z_TYPE_P(state_zv) != IS_STRING) {
3541 zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state");
3542 RETURN_THROWS();
3543 }
3544 sodium_separate_string(state_zv);
3545 state = (unsigned char *) Z_STRVAL(*state_zv);
3546 state_len = Z_STRLEN(*state_zv);
3547 if (state_len != sizeof (crypto_secretstream_xchacha20poly1305_state)) {
3548 zend_throw_exception(sodium_exception_ce, "incorrect state length", 0);
3549 RETURN_THROWS();
3550 }
3551 if (c_len < crypto_secretstream_xchacha20poly1305_ABYTES) {
3552 RETURN_FALSE;
3553 }
3554 msg_len = c_len - crypto_secretstream_xchacha20poly1305_ABYTES;
3555 msg = zend_string_alloc((size_t) msg_len, 0);
3556 if (crypto_secretstream_xchacha20poly1305_pull
3557 ((void *) state, (unsigned char *) ZSTR_VAL(msg), &msg_real_len, &tag,
3558 c, (unsigned long long) c_len, ad, (unsigned long long) ad_len) != 0) {
3559 zend_string_efree(msg);
3560 RETURN_FALSE;
3561 }
3562 if (msg_real_len >= SIZE_MAX || msg_real_len > msg_len) {
3563 zend_string_efree(msg);
3564 zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
3565 RETURN_THROWS();
3566 }
3567 PHP_SODIUM_ZSTR_TRUNCATE(msg, (size_t) msg_real_len);
3568 ZSTR_VAL(msg)[msg_real_len] = 0;
3569 array_init(return_value);
3570 add_next_index_str(return_value, msg);
3571 add_next_index_long(return_value, (long) tag);
3572}
3573
3574PHP_FUNCTION(sodium_crypto_secretstream_xchacha20poly1305_rekey)
3575{
3576 zval *state_zv;
3577 unsigned char *state;
3578 size_t state_len;
3579
3580 if (zend_parse_parameters(ZEND_NUM_ARGS(), "z", &state_zv) == FAILURE) {
3581 sodium_remove_param_values_from_backtrace(EG(exception));
3582 RETURN_THROWS();
3583 }
3584 ZVAL_DEREF(state_zv);
3585 if (Z_TYPE_P(state_zv) != IS_STRING) {
3586 zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state");
3587 RETURN_THROWS();
3588 }
3589 sodium_separate_string(state_zv);
3590 state = (unsigned char *) Z_STRVAL(*state_zv);
3591 state_len = Z_STRLEN(*state_zv);
3592 if (state_len != sizeof (crypto_secretstream_xchacha20poly1305_state)) {
3593 zend_throw_exception(sodium_exception_ce, "incorrect state length", 0);
3594 RETURN_THROWS();
3595 }
3596 crypto_secretstream_xchacha20poly1305_rekey((void *) state);
3597}
3598#endif
3599
3600#ifdef crypto_core_ristretto255_HASHBYTES
3601PHP_FUNCTION(sodium_crypto_core_ristretto255_add)
3602{
3603 zend_string *r;
3604 unsigned char *p;
3605 unsigned char *q;
3606 size_t p_len;
3607 size_t q_len;
3608
3609 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3610 &p, &p_len, &q, &q_len) == FAILURE) {
3611 sodium_remove_param_values_from_backtrace(EG(exception));
3612 RETURN_THROWS();
3613 }
3614 if (p_len != crypto_core_ristretto255_BYTES) {
3615 zend_argument_error(sodium_exception_ce, 1,
3616 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES bytes long");
3617 RETURN_THROWS();
3618 }
3619 if (q_len != crypto_core_ristretto255_BYTES) {
3620 zend_argument_error(sodium_exception_ce, 2,
3621 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES bytes long");
3622 RETURN_THROWS();
3623 }
3624 r = zend_string_alloc(crypto_core_ristretto255_BYTES, 0);
3625 if (crypto_core_ristretto255_add((unsigned char *) ZSTR_VAL(r), p, q) != 0) {
3626 zend_string_efree(r);
3627 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3628 RETURN_THROWS();
3629 }
3630 ZSTR_VAL(r)[crypto_core_ristretto255_BYTES] = 0;
3631 RETURN_NEW_STR(r);
3632}
3633
3634PHP_FUNCTION(sodium_crypto_core_ristretto255_from_hash)
3635{
3636 zend_string *r;
3637 unsigned char *s;
3638 size_t s_len;
3639
3640 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3641 &s, &s_len) == FAILURE) {
3642 sodium_remove_param_values_from_backtrace(EG(exception));
3643 RETURN_THROWS();
3644 }
3645 if (s_len != crypto_core_ristretto255_HASHBYTES) {
3646 zend_argument_error(sodium_exception_ce, 1,
3647 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_HASHBYTES bytes long");
3648 RETURN_THROWS();
3649 }
3650 r = zend_string_alloc(crypto_core_ristretto255_SCALARBYTES, 0);
3651 if (crypto_core_ristretto255_from_hash((unsigned char *) ZSTR_VAL(r), s) != 0) {
3652 zend_string_efree(r);
3653 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3654 RETURN_THROWS();
3655 }
3656 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3657 RETURN_NEW_STR(r);
3658}
3659
3660PHP_FUNCTION(sodium_crypto_core_ristretto255_is_valid_point)
3661{
3662 unsigned char *s;
3663 size_t s_len;
3664
3665 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3666 &s, &s_len) == FAILURE) {
3667 sodium_remove_param_values_from_backtrace(EG(exception));
3668 RETURN_THROWS();
3669 }
3670 if (s_len != crypto_core_ristretto255_BYTES) {
3671 zend_argument_error(sodium_exception_ce, 1,
3672 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES bytes long");
3673 RETURN_THROWS();
3674 }
3675 RETURN_BOOL(crypto_core_ristretto255_is_valid_point(s));
3676}
3677
3678PHP_FUNCTION(sodium_crypto_core_ristretto255_random)
3679{
3680 zend_string *r;
3681
3682 if (zend_parse_parameters_none() == FAILURE) {
3683 RETURN_THROWS();
3684 }
3685 r = zend_string_alloc(crypto_core_ristretto255_BYTES, 0);
3686 crypto_core_ristretto255_random((unsigned char *) ZSTR_VAL(r));
3687 ZSTR_VAL(r)[crypto_core_ristretto255_BYTES] = 0;
3688 RETURN_NEW_STR(r);
3689}
3690
3691PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_add)
3692{
3693 zend_string *r;
3694 unsigned char *p;
3695 unsigned char *q;
3696 size_t p_len;
3697 size_t q_len;
3698
3699 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3700 &p, &p_len, &q, &q_len) == FAILURE) {
3701 sodium_remove_param_values_from_backtrace(EG(exception));
3702 RETURN_THROWS();
3703 }
3704 if (p_len != crypto_core_ristretto255_SCALARBYTES) {
3705 zend_argument_error(sodium_exception_ce, 1,
3706 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3707 RETURN_THROWS();
3708 }
3709 if (q_len != crypto_core_ristretto255_SCALARBYTES) {
3710 zend_argument_error(sodium_exception_ce, 2,
3711 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3712 RETURN_THROWS();
3713 }
3714 r = zend_string_alloc(crypto_core_ristretto255_BYTES, 0);
3715 crypto_core_ristretto255_scalar_add((unsigned char *) ZSTR_VAL(r), p, q);
3716 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3717 RETURN_NEW_STR(r);
3718}
3719
3720PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_complement)
3721{
3722 zend_string *r;
3723 unsigned char *s;
3724 size_t s_len;
3725
3726 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3727 &s, &s_len) == FAILURE) {
3728 sodium_remove_param_values_from_backtrace(EG(exception));
3729 RETURN_THROWS();
3730 }
3731 if (s_len != crypto_core_ristretto255_SCALARBYTES) {
3732 zend_argument_error(sodium_exception_ce, 1,
3733 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3734 RETURN_THROWS();
3735 }
3736 r = zend_string_alloc(crypto_core_ristretto255_SCALARBYTES, 0);
3737 crypto_core_ristretto255_scalar_complement((unsigned char *) ZSTR_VAL(r), s);
3738 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3739 RETURN_NEW_STR(r);
3740}
3741
3742PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_invert)
3743{
3744 zend_string *r;
3745 unsigned char *s;
3746 size_t s_len;
3747
3748 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3749 &s, &s_len) == FAILURE) {
3750 sodium_remove_param_values_from_backtrace(EG(exception));
3751 RETURN_THROWS();
3752 }
3753 if (s_len != crypto_core_ristretto255_SCALARBYTES) {
3754 zend_argument_error(sodium_exception_ce, 1,
3755 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3756 RETURN_THROWS();
3757 }
3758 r = zend_string_alloc(crypto_core_ristretto255_SCALARBYTES, 0);
3759 if (crypto_core_ristretto255_scalar_invert((unsigned char *) ZSTR_VAL(r), s) != 0) {
3760 zend_string_efree(r);
3761 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3762 RETURN_THROWS();
3763 }
3764 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3765 RETURN_NEW_STR(r);
3766}
3767
3768PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_mul)
3769{
3770 zend_string *r;
3771 unsigned char *x;
3772 unsigned char *y;
3773 size_t x_len;
3774 size_t y_len;
3775
3776 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3777 &x, &x_len, &y, &y_len) == FAILURE) {
3778 sodium_remove_param_values_from_backtrace(EG(exception));
3779 RETURN_THROWS();
3780 }
3781 if (x_len != crypto_core_ristretto255_SCALARBYTES) {
3782 zend_argument_error(sodium_exception_ce, 1,
3783 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3784 RETURN_THROWS();
3785 }
3786 if (y_len != crypto_core_ristretto255_SCALARBYTES) {
3787 zend_argument_error(sodium_exception_ce, 2,
3788 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3789 RETURN_THROWS();
3790 }
3791 r = zend_string_alloc(crypto_core_ristretto255_BYTES, 0);
3792 crypto_core_ristretto255_scalar_mul((unsigned char *) ZSTR_VAL(r), x, y);
3793 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3794 RETURN_NEW_STR(r);
3795}
3796
3797PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_negate)
3798{
3799 zend_string *r;
3800 unsigned char *s;
3801 size_t s_len;
3802
3803 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3804 &s, &s_len) == FAILURE) {
3805 sodium_remove_param_values_from_backtrace(EG(exception));
3806 RETURN_THROWS();
3807 }
3808 if (s_len != crypto_core_ristretto255_SCALARBYTES) {
3809 zend_argument_error(sodium_exception_ce, 1,
3810 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3811 RETURN_THROWS();
3812 }
3813 r = zend_string_alloc(crypto_core_ristretto255_SCALARBYTES, 0);
3814 crypto_core_ristretto255_scalar_negate((unsigned char *) ZSTR_VAL(r), s);
3815 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3816 RETURN_NEW_STR(r);
3817}
3818
3819PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_random)
3820{
3821 zend_string *r;
3822
3823 if (zend_parse_parameters_none() == FAILURE) {
3824 RETURN_THROWS();
3825 };
3826 r = zend_string_alloc(crypto_core_ristretto255_SCALARBYTES, 0);
3827 crypto_core_ristretto255_scalar_random((unsigned char *) ZSTR_VAL(r));
3828 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3829 RETURN_NEW_STR(r);
3830}
3831
3832PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_reduce)
3833{
3834 zend_string *r;
3835 unsigned char *s;
3836 size_t s_len;
3837
3838 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
3839 &s, &s_len) == FAILURE) {
3840 sodium_remove_param_values_from_backtrace(EG(exception));
3841 RETURN_THROWS();
3842 }
3843 if (s_len != crypto_core_ristretto255_NONREDUCEDSCALARBYTES) {
3844 zend_argument_error(sodium_exception_ce, 1,
3845 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_NONREDUCEDSCALARBYTES bytes long");
3846 RETURN_THROWS();
3847 }
3848 r = zend_string_alloc(crypto_core_ristretto255_SCALARBYTES, 0);
3849 crypto_core_ristretto255_scalar_reduce((unsigned char *) ZSTR_VAL(r), s);
3850 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3851 RETURN_NEW_STR(r);
3852}
3853
3854PHP_FUNCTION(sodium_crypto_core_ristretto255_scalar_sub)
3855{
3856 zend_string *r;
3857 unsigned char *p;
3858 unsigned char *q;
3859 size_t p_len;
3860 size_t q_len;
3861
3862 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3863 &p, &p_len, &q, &q_len) == FAILURE) {
3864 sodium_remove_param_values_from_backtrace(EG(exception));
3865 RETURN_THROWS();
3866 }
3867 if (p_len != crypto_core_ristretto255_SCALARBYTES) {
3868 zend_argument_error(sodium_exception_ce, 1,
3869 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3870 RETURN_THROWS();
3871 }
3872 if (q_len != crypto_core_ristretto255_SCALARBYTES) {
3873 zend_argument_error(sodium_exception_ce, 2,
3874 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES bytes long");
3875 RETURN_THROWS();
3876 }
3877 r = zend_string_alloc(crypto_core_ristretto255_BYTES, 0);
3878 crypto_core_ristretto255_scalar_sub((unsigned char *) ZSTR_VAL(r), p, q);
3879 ZSTR_VAL(r)[crypto_core_ristretto255_SCALARBYTES] = 0;
3880 RETURN_NEW_STR(r);
3881}
3882
3883PHP_FUNCTION(sodium_crypto_core_ristretto255_sub)
3884{
3885 zend_string *r;
3886 unsigned char *p;
3887 unsigned char *q;
3888 size_t p_len;
3889 size_t q_len;
3890
3891 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
3892 &p, &p_len, &q, &q_len) == FAILURE) {
3893 sodium_remove_param_values_from_backtrace(EG(exception));
3894 RETURN_THROWS();
3895 }
3896 if (p_len != crypto_core_ristretto255_BYTES) {
3897 zend_argument_error(sodium_exception_ce, 1,
3898 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES bytes long");
3899 RETURN_THROWS();
3900 }
3901 if (q_len != crypto_core_ristretto255_BYTES) {
3902 zend_argument_error(sodium_exception_ce, 2,
3903 "must be SODIUM_CRYPTO_CORE_RISTRETTO255_BYTES bytes long");
3904 RETURN_THROWS();
3905 }
3906 r = zend_string_alloc(crypto_core_ristretto255_BYTES, 0);
3907 if (crypto_core_ristretto255_sub((unsigned char *) ZSTR_VAL(r), p, q) != 0) {
3908 zend_string_efree(r);
3909 zend_throw_exception(sodium_exception_ce, "internal error", 0);
3910 RETURN_THROWS();
3911 }
3912 ZSTR_VAL(r)[crypto_core_ristretto255_BYTES] = 0;
3913 RETURN_NEW_STR(r);
3914}
3915#endif
len
size_t len
Definition apprentice.c:174
exception
bool exception
Definition assert.c:30
copy
copy(string $from, string $to, $context=null)
Definition basic_functions.stub.php:2843
header
header(string $header, bool $replace=true, int $response_code=0)
Definition basic_functions.stub.php:2238
s
char s[4]
Definition cdf.c:77
zv
zval * zv
Definition ffi.c:3975
n
zend_long n
Definition ffi.c:4979
memcpy
memcpy(ptr1, ptr2, size)
memset
memset(ptr, 0, type->size)
val
zval * val
Definition ffi.c:4262
persistent
ffi persistent
Definition ffi.c:3633
buf
zend_ffi_ctype_name_buf buf
Definition ffi.c:4685
SIZE_MAX
#define SIZE_MAX
Definition funcs.c:51
NULL
#define NULL
Definition gdcache.h:45
hash
hash(string $algo, string $data, bool $binary=false, array $options=[])
Definition hash.stub.php:12
SUCCESS
#define SUCCESS
Definition hash_sha3.c:261
j
again j
Definition html_table_gen.php:365
crypto_kx_PUBLICKEYBYTES
#define crypto_kx_PUBLICKEYBYTES
Definition libsodium.c:63
crypto_pwhash_OPSLIMIT_MIN
#define crypto_pwhash_OPSLIMIT_MIN
Definition libsodium.c:84
crypto_kdf_CONTEXTBYTES
#define crypto_kdf_CONTEXTBYTES
Definition libsodium.c:56
crypto_kdf_BYTES_MAX
#define crypto_kdf_BYTES_MAX
Definition libsodium.c:55
crypto_kdf_KEYBYTES
#define crypto_kdf_KEYBYTES
Definition libsodium.c:57
crypto_kx_SESSIONKEYBYTES
#define crypto_kx_SESSIONKEYBYTES
Definition libsodium.c:62
crypto_pwhash_MEMLIMIT_MIN
#define crypto_pwhash_MEMLIMIT_MIN
Definition libsodium.c:87
sodium_module_entry
zend_module_entry sodium_module_entry
Definition libsodium.c:104
crypto_kx_SEEDBYTES
#define crypto_kx_SEEDBYTES
Definition libsodium.c:61
crypto_kdf_BYTES_MIN
#define crypto_kdf_BYTES_MIN
Definition libsodium.c:54
PHP_SODIUM_ZSTR_TRUNCATE
#define PHP_SODIUM_ZSTR_TRUNCATE(zs, len)
Definition libsodium.c:31
crypto_aead_chacha20poly1305_IETF_KEYBYTES
#define crypto_aead_chacha20poly1305_IETF_KEYBYTES
Definition libsodium.c:70
crypto_aead_chacha20poly1305_IETF_ABYTES
#define crypto_aead_chacha20poly1305_IETF_ABYTES
Definition libsodium.c:76
crypto_kx_SECRETKEYBYTES
#define crypto_kx_SECRETKEYBYTES
Definition libsodium.c:64
sodium_base642bin
sodium_base642bin(#[\SensitiveParameter] string $string, int $id, string $ignore="")
Definition libsodium.stub.php:796
sodium_crypto_sign_publickey
sodium_crypto_sign_publickey(#[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:749
sodium_crypto_box_keypair
sodium_crypto_box_keypair()
Definition libsodium.stub.php:600
sodium_crypto_core_ristretto255_scalar_complement
sodium_crypto_core_ristretto255_scalar_complement(string $s)
Definition libsodium.stub.php:629
sodium_crypto_aead_chacha20poly1305_ietf_decrypt
sodium_crypto_aead_chacha20poly1305_ietf_decrypt(string $ciphertext, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:578
sodium_crypto_sign_secretkey
sodium_crypto_sign_secretkey(#[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:751
sodium_crypto_auth_keygen
sodium_crypto_auth_keygen()
Definition libsodium.stub.php:594
sodium_crypto_aead_chacha20poly1305_ietf_keygen
sodium_crypto_aead_chacha20poly1305_ietf_keygen()
Definition libsodium.stub.php:582
sodium_crypto_stream_keygen
sodium_crypto_stream_keygen()
Definition libsodium.stub.php:761
sodium_crypto_aead_aes256gcm_encrypt
sodium_crypto_aead_aes256gcm_encrypt(#[\SensitiveParameter] string $message, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:551
sodium_increment
sodium_increment(string &$string)
Definition libsodium.stub.php:779
sodium_crypto_core_ristretto255_is_valid_point
sodium_crypto_core_ristretto255_is_valid_point(string $s)
Definition libsodium.stub.php:623
sodium_crypto_sign_keypair
sodium_crypto_sign_keypair()
Definition libsodium.stub.php:743
sodium_crypto_aead_chacha20poly1305_decrypt
sodium_crypto_aead_chacha20poly1305_decrypt(string $ciphertext, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:572
sodium_crypto_generichash_keygen
sodium_crypto_generichash_keygen()
Definition libsodium.stub.php:667
sodium_crypto_core_ristretto255_scalar_random
sodium_crypto_core_ristretto255_scalar_random()
Definition libsodium.stub.php:637
sodium_crypto_sign_publickey_from_secretkey
sodium_crypto_sign_publickey_from_secretkey(#[\SensitiveParameter] string $secret_key)
Definition libsodium.stub.php:753
sodium_add
sodium_add(string &$string1, string $string2)
Definition libsodium.stub.php:775
sodium_crypto_core_ristretto255_from_hash
sodium_crypto_core_ristretto255_from_hash(string $s)
Definition libsodium.stub.php:621
sodium_crypto_auth_verify
sodium_crypto_auth_verify(string $mac, string $message, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:596
sodium_crypto_generichash
sodium_crypto_generichash(string $message, #[\SensitiveParameter] string $key="", int $length=SODIUM_CRYPTO_GENERICHASH_BYTES)
Definition libsodium.stub.php:665
sodium_crypto_core_ristretto255_scalar_sub
sodium_crypto_core_ristretto255_scalar_sub(string $x, string $y)
Definition libsodium.stub.php:641
sodium_crypto_pwhash_str_verify
sodium_crypto_pwhash_str_verify(string $hash, #[\SensitiveParameter] string $password)
Definition libsodium.stub.php:684
sodium_crypto_kx_secretkey
sodium_crypto_kx_secretkey(#[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:650
sodium_crypto_generichash_update
sodium_crypto_generichash_update(string &$state, string $message)
Definition libsodium.stub.php:671
sodium_crypto_aead_aes256gcm_decrypt
sodium_crypto_aead_aes256gcm_decrypt(string $ciphertext, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:549
sodium_crypto_secretstream_xchacha20poly1305_init_push
sodium_crypto_secretstream_xchacha20poly1305_init_push(#[\SensitiveParameter] string $key)
Definition libsodium.stub.php:719
sodium_bin2hex
sodium_bin2hex(#[\SensitiveParameter] string $string)
Definition libsodium.stub.php:789
sodium_crypto_generichash_init
sodium_crypto_generichash_init(#[\SensitiveParameter] string $key="", int $length=SODIUM_CRYPTO_GENERICHASH_BYTES)
Definition libsodium.stub.php:669
sodium_crypto_secretbox_keygen
sodium_crypto_secretbox_keygen()
Definition libsodium.stub.php:709
sodium_crypto_box_publickey
sodium_crypto_box_publickey(#[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:608
sodium_crypto_sign_ed25519_sk_to_curve25519
sodium_crypto_sign_ed25519_sk_to_curve25519(#[\SensitiveParameter] string $secret_key)
Definition libsodium.stub.php:741
sodium_crypto_core_ristretto255_random
sodium_crypto_core_ristretto255_random()
Definition libsodium.stub.php:625
sodium_crypto_sign_detached
sodium_crypto_sign_detached(string $message, #[\SensitiveParameter] string $secret_key)
Definition libsodium.stub.php:737
sodium_crypto_aead_aegis256_encrypt
sodium_crypto_aead_aegis256_encrypt(#[\SensitiveParameter] string $message, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:567
sodium_crypto_aead_aegis256_decrypt
sodium_crypto_aead_aegis256_decrypt(string $ciphertext, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:565
sodium_crypto_secretstream_xchacha20poly1305_pull
sodium_crypto_secretstream_xchacha20poly1305_pull(string &$state, string $ciphertext, string $additional_data="")
Definition libsodium.stub.php:726
sodium_crypto_sign_open
sodium_crypto_sign_open(string $signed_message, string $public_key)
Definition libsodium.stub.php:747
sodium_crypto_aead_chacha20poly1305_encrypt
sodium_crypto_aead_chacha20poly1305_encrypt(#[\SensitiveParameter] string $message, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:574
sodium_crypto_kx_seed_keypair
sodium_crypto_kx_seed_keypair(#[\SensitiveParameter] string $seed)
Definition libsodium.stub.php:652
sodium_hex2bin
sodium_hex2bin(#[\SensitiveParameter] string $string, string $ignore="")
Definition libsodium.stub.php:791
sodium_crypto_scalarmult_ristretto255
sodium_crypto_scalarmult_ristretto255(string $n, string $p)
Definition libsodium.stub.php:702
sodium_crypto_pwhash
sodium_crypto_pwhash(int $length, #[\SensitiveParameter] string $password, string $salt, int $opslimit, int $memlimit, int $algo=SODIUM_CRYPTO_PWHASH_ALG_DEFAULT)
Definition libsodium.stub.php:680
sodium_compare
sodium_compare(#[\SensitiveParameter] string $string1, #[\SensitiveParameter] string $string2)
Definition libsodium.stub.php:777
sodium_crypto_kx_client_session_keys
sodium_crypto_kx_client_session_keys(#[\SensitiveParameter] string $client_key_pair, string $server_key)
Definition libsodium.stub.php:657
sodium_crypto_aead_aegis128l_decrypt
sodium_crypto_aead_aegis128l_decrypt(string $ciphertext, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:557
sodium_crypto_kx_server_session_keys
sodium_crypto_kx_server_session_keys(#[\SensitiveParameter] string $server_key_pair, string $client_key)
Definition libsodium.stub.php:663
sodium_crypto_secretbox
sodium_crypto_secretbox(#[\SensitiveParameter] string $message, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:707
sodium_crypto_aead_chacha20poly1305_ietf_encrypt
sodium_crypto_aead_chacha20poly1305_ietf_encrypt(#[\SensitiveParameter] string $message, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:580
sodium_crypto_stream_xor
sodium_crypto_stream_xor(#[\SensitiveParameter] string $message, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:763
sodium_crypto_secretstream_xchacha20poly1305_push
sodium_crypto_secretstream_xchacha20poly1305_push(string &$state, #[\SensitiveParameter] string $message, string $additional_data="", int $tag=SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_MESSAGE)
Definition libsodium.stub.php:721
sodium_crypto_core_ristretto255_scalar_mul
sodium_crypto_core_ristretto255_scalar_mul(string $x, string $y)
Definition libsodium.stub.php:633
sodium_crypto_box_secretkey
sodium_crypto_box_secretkey(#[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:616
sodium_crypto_aead_xchacha20poly1305_ietf_encrypt
sodium_crypto_aead_xchacha20poly1305_ietf_encrypt(#[\SensitiveParameter] string $message, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:589
sodium_crypto_core_ristretto255_add
sodium_crypto_core_ristretto255_add(string $p, string $q)
Definition libsodium.stub.php:619
sodium_crypto_aead_aes256gcm_is_available
sodium_crypto_aead_aes256gcm_is_available()
Definition libsodium.stub.php:546
sodium_crypto_aead_aes256gcm_keygen
sodium_crypto_aead_aes256gcm_keygen()
Definition libsodium.stub.php:553
sodium_crypto_box_publickey_from_secretkey
sodium_crypto_box_publickey_from_secretkey(#[\SensitiveParameter] string $secret_key)
Definition libsodium.stub.php:610
sodium_crypto_aead_aegis256_keygen
sodium_crypto_aead_aegis256_keygen()
Definition libsodium.stub.php:569
sodium_crypto_pwhash_str
sodium_crypto_pwhash_str(#[\SensitiveParameter] string $password, int $opslimit, int $memlimit)
Definition libsodium.stub.php:682
sodium_unpad
sodium_unpad(#[\SensitiveParameter] string $string, int $block_size)
Definition libsodium.stub.php:787
sodium_crypto_core_ristretto255_scalar_add
sodium_crypto_core_ristretto255_scalar_add(string $x, string $y)
Definition libsodium.stub.php:627
sodium_crypto_stream
sodium_crypto_stream(int $length, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:759
sodium_crypto_kx_keypair
sodium_crypto_kx_keypair()
Definition libsodium.stub.php:646
sodium_crypto_core_ristretto255_scalar_negate
sodium_crypto_core_ristretto255_scalar_negate(string $s)
Definition libsodium.stub.php:635
sodium_crypto_box_keypair_from_secretkey_and_publickey
sodium_crypto_box_keypair_from_secretkey_and_publickey(#[\SensitiveParameter] string $secret_key, string $public_key)
Definition libsodium.stub.php:604
sodium_bin2base64
sodium_bin2base64(#[\SensitiveParameter] string $string, int $id)
Definition libsodium.stub.php:794
sodium_crypto_box_open
sodium_crypto_box_open(string $ciphertext, string $nonce, #[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:606
sodium_crypto_aead_xchacha20poly1305_ietf_keygen
sodium_crypto_aead_xchacha20poly1305_ietf_keygen()
Definition libsodium.stub.php:587
sodium_crypto_core_ristretto255_scalar_reduce
sodium_crypto_core_ristretto255_scalar_reduce(string $s)
Definition libsodium.stub.php:639
sodium_crypto_sign_keypair_from_secretkey_and_publickey
sodium_crypto_sign_keypair_from_secretkey_and_publickey(#[\SensitiveParameter] string $secret_key, string $public_key)
Definition libsodium.stub.php:745
sodium_crypto_aead_aegis128l_encrypt
sodium_crypto_aead_aegis128l_encrypt(#[\SensitiveParameter] string $message, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:559
sodium_crypto_shorthash_keygen
sodium_crypto_shorthash_keygen()
Definition libsodium.stub.php:733
sodium_pad
sodium_pad(#[\SensitiveParameter] string $string, int $block_size)
Definition libsodium.stub.php:785
sodium_crypto_scalarmult_ristretto255_base
sodium_crypto_scalarmult_ristretto255_base(string $n)
Definition libsodium.stub.php:704
sodium_crypto_aead_aegis128l_keygen
sodium_crypto_aead_aegis128l_keygen()
Definition libsodium.stub.php:561
sodium_crypto_box_seal
sodium_crypto_box_seal(#[\SensitiveParameter] string $message, string $public_key)
Definition libsodium.stub.php:612
sodium_crypto_kx_publickey
sodium_crypto_kx_publickey(#[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:648
sodium_crypto_kdf_keygen
sodium_crypto_kdf_keygen()
Definition libsodium.stub.php:677
sodium_crypto_stream_xchacha20_keygen
sodium_crypto_stream_xchacha20_keygen()
Definition libsodium.stub.php:768
sodium_crypto_core_ristretto255_sub
sodium_crypto_core_ristretto255_sub(string $p, string $q)
Definition libsodium.stub.php:643
sodium_crypto_sign_verify_detached
sodium_crypto_sign_verify_detached(string $signature, string $message, string $public_key)
Definition libsodium.stub.php:757
sodium_crypto_sign
sodium_crypto_sign(string $message, #[\SensitiveParameter] string $secret_key)
Definition libsodium.stub.php:735
sodium_crypto_aead_chacha20poly1305_keygen
sodium_crypto_aead_chacha20poly1305_keygen()
Definition libsodium.stub.php:576
sodium_crypto_sign_ed25519_pk_to_curve25519
sodium_crypto_sign_ed25519_pk_to_curve25519(string $public_key)
Definition libsodium.stub.php:739
sodium_crypto_box_seal_open
sodium_crypto_box_seal_open(string $ciphertext, #[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:614
sodium_crypto_pwhash_str_needs_rehash
sodium_crypto_pwhash_str_needs_rehash(string $password, int $opslimit, int $memlimit)
Definition libsodium.stub.php:688
sodium_crypto_box
sodium_crypto_box(#[\SensitiveParameter] string $message, string $nonce, #[\SensitiveParameter] string $key_pair)
Definition libsodium.stub.php:598
sodium_crypto_pwhash_scryptsalsa208sha256
sodium_crypto_pwhash_scryptsalsa208sha256(int $length, #[\SensitiveParameter] string $password, string $salt, int $opslimit, int $memlimit)
Definition libsodium.stub.php:692
sodium_crypto_shorthash
sodium_crypto_shorthash(string $message, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:731
sodium_crypto_stream_xchacha20_xor_ic
sodium_crypto_stream_xchacha20_xor_ic(#[\SensitiveParameter] string $message, string $nonce, int $counter,#[\SensitiveParameter] string $key)
Definition libsodium.stub.php:772
sodium_crypto_stream_xchacha20_xor
sodium_crypto_stream_xchacha20_xor(#[\SensitiveParameter] string $message, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:770
sodium_crypto_aead_xchacha20poly1305_ietf_decrypt
sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(string $ciphertext, string $additional_data, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:585
sodium_memzero
sodium_memzero(#[\SensitiveParameter] string &$string)
Definition libsodium.stub.php:783
sodium_crypto_secretbox_open
sodium_crypto_secretbox_open(string $ciphertext, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:711
sodium_memcmp
sodium_memcmp(#[\SensitiveParameter] string $string1, #[\SensitiveParameter] string $string2)
Definition libsodium.stub.php:781
sodium_crypto_auth
sodium_crypto_auth(string $message, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:592
sodium_crypto_kdf_derive_from_key
sodium_crypto_kdf_derive_from_key(int $subkey_length, int $subkey_id, string $context, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:675
sodium_crypto_stream_xchacha20
sodium_crypto_stream_xchacha20(int $length, string $nonce, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:766
sodium_crypto_core_ristretto255_scalar_invert
sodium_crypto_core_ristretto255_scalar_invert(string $s)
Definition libsodium.stub.php:631
sodium_crypto_box_seed_keypair
sodium_crypto_box_seed_keypair(#[\SensitiveParameter] string $seed)
Definition libsodium.stub.php:602
sodium_crypto_scalarmult
sodium_crypto_scalarmult(string $n, string $p)
Definition libsodium.stub.php:699
sodium_crypto_generichash_final
sodium_crypto_generichash_final(string &$state, int $length=SODIUM_CRYPTO_GENERICHASH_BYTES)
Definition libsodium.stub.php:673
sodium_crypto_secretstream_xchacha20poly1305_keygen
sodium_crypto_secretstream_xchacha20poly1305_keygen()
Definition libsodium.stub.php:714
sodium_crypto_pwhash_scryptsalsa208sha256_str_verify
sodium_crypto_pwhash_scryptsalsa208sha256_str_verify(string $hash, #[\SensitiveParameter] string $password)
Definition libsodium.stub.php:696
sodium_crypto_secretstream_xchacha20poly1305_init_pull
sodium_crypto_secretstream_xchacha20poly1305_init_pull(string $header, #[\SensitiveParameter] string $key)
Definition libsodium.stub.php:723
sodium_crypto_sign_seed_keypair
sodium_crypto_sign_seed_keypair(#[\SensitiveParameter] string $seed)
Definition libsodium.stub.php:755
sodium_crypto_secretstream_xchacha20poly1305_rekey
sodium_crypto_secretstream_xchacha20poly1305_rekey(string &$state)
Definition libsodium.stub.php:728
sodium_crypto_pwhash_scryptsalsa208sha256_str
sodium_crypto_pwhash_scryptsalsa208sha256_str(#[\SensitiveParameter] string $password, int $opslimit, int $memlimit)
Definition libsodium.stub.php:694
libsodium_arginfo.h
php_info_print_table_start
php_info_print_table_start()
Definition info.c:1064
php_info_print_table_row
php_info_print_table_row(2, "PDO Driver for Firebird", "enabled")
php_info_print_table_end
php_info_print_table_end()
Definition info.c:1074
PHP_FUNCTION
#define PHP_FUNCTION
Definition php.h:364
PHP_MSHUTDOWN_FUNCTION
#define PHP_MSHUTDOWN_FUNCTION
Definition php.h:401
PHP_MINFO
#define PHP_MINFO
Definition php.h:396
PHP_MINIT_FUNCTION
#define PHP_MINIT_FUNCTION
Definition php.h:400
PHP_MSHUTDOWN
#define PHP_MSHUTDOWN
Definition php.h:393
PHP_MINFO_FUNCTION
#define PHP_MINFO_FUNCTION
Definition php.h:404
PHP_MINIT
#define PHP_MINIT
Definition php.h:392
end
unsigned const char * end
Definition php_ffi.h:51
state
state
Definition php_http_parser.h:114
php_libsodium.h
PHP_SODIUM_VERSION
#define PHP_SODIUM_VERSION
Definition php_libsodium.h:23
tail
struct php_pcntl_pending_signal * tail
Definition php_pcntl.h:47
key
unsigned char key[REFLECTION_KEY_LEN]
Definition php_reflection.c:63
msg
char * msg
Definition phpdbg.h:289
frame
phpdbg_frame_t frame
Definition phpdbg.h:236
rv
zval rv
Definition session.c:1024
p
p
Definition session.c:1105
zend_error_noreturn
ZEND_API ZEND_COLD ZEND_NORETURN void zend_error_noreturn(int type, const char *format,...)
Definition zend.c:1703
zend_error
ZEND_API ZEND_COLD void zend_error(int type, const char *format,...)
Definition zend.c:1666
zend_read_property_ex
ZEND_API zval * zend_read_property_ex(zend_class_entry *scope, zend_object *object, zend_string *name, bool silent, zval *rv)
Definition zend_API.c:5187
add_next_index_stringl
ZEND_API zend_result add_next_index_stringl(zval *arg, const char *str, size_t length)
Definition zend_API.c:2195
add_next_index_long
ZEND_API zend_result add_next_index_long(zval *arg, zend_long n)
Definition zend_API.c:2132
zend_argument_error
ZEND_API ZEND_COLD void zend_argument_error(zend_class_entry *error_ce, uint32_t arg_num, const char *format,...)
Definition zend_API.c:413
zend_parse_parameters
ZEND_API zend_result zend_parse_parameters(uint32_t num_args, const char *type_spec,...)
Definition zend_API.c:1300
add_next_index_str
ZEND_API zend_result add_next_index_str(zval *arg, zend_string *str)
Definition zend_API.c:2177
ZEND_NUM_ARGS
#define ZEND_NUM_ARGS()
Definition zend_API.h:530
RETURN_STRINGL
#define RETURN_STRINGL(s, l)
Definition zend_API.h:1044
RETURN_FALSE
#define RETURN_FALSE
Definition zend_API.h:1058
ZEND_GET_MODULE
#define ZEND_GET_MODULE(name)
Definition zend_API.h:241
zend_parse_parameters_none
#define zend_parse_parameters_none()
Definition zend_API.h:353
RETURN_LONG
#define RETURN_LONG(l)
Definition zend_API.h:1037
RETURN_BOOL
#define RETURN_BOOL(b)
Definition zend_API.h:1035
RETURN_NEW_STR
#define RETURN_NEW_STR(s)
Definition zend_API.h:1041
RETURN_THROWS
#define RETURN_THROWS()
Definition zend_API.h:1060
RETURN_STR
#define RETURN_STR(s)
Definition zend_API.h:1039
RETURN_TRUE
#define RETURN_TRUE
Definition zend_API.h:1059
array_init
#define array_init(arg)
Definition zend_API.h:537
ZEND_MM_ALIGNED_SIZE
#define ZEND_MM_ALIGNED_SIZE(size)
Definition zend_alloc.h:35
zend_attributes.h
zval
struct _zval_struct zval
Definition zend_builtin_functions.h:25
strlen
strlen(string $string)
Definition zend_builtin_functions.stub.php:25
args
zval * args
Definition zend_closures.c:46
E_ERROR
#define E_ERROR
Definition zend_errors.h:23
E_WARNING
#define E_WARNING
Definition zend_errors.h:24
zend_ce_exception
ZEND_API zend_class_entry * zend_ce_exception
Definition zend_exceptions.c:34
zend_throw_exception
ZEND_API ZEND_COLD zend_object * zend_throw_exception(zend_class_entry *exception_ce, const char *message, zend_long code)
Definition zend_exceptions.c:847
zend_get_exception_base
ZEND_API zend_class_entry * zend_get_exception_base(zend_object *object)
Definition zend_exceptions.c:90
zend_exceptions.h
void
ZEND_API void(ZEND_FASTCALL *zend_touch_vm_stack_data)(void *vm_stack_data)
EG
#define EG(v)
Definition zend_globals_macros.h:46
zend_hash_find
ZEND_API zval *ZEND_FASTCALL zend_hash_find(const HashTable *ht, zend_string *key)
Definition zend_hash.c:2668
ZEND_HASH_FOREACH_END
#define ZEND_HASH_FOREACH_END()
Definition zend_hash.h:1086
ZVAL_EMPTY_ARRAY
#define ZVAL_EMPTY_ARRAY(z)
Definition zend_hash.h:87
ZEND_HASH_FOREACH_VAL
#define ZEND_HASH_FOREACH_VAL(ht, _val)
Definition zend_hash.h:1102
zend_long
int32_t zend_long
Definition zend_long.h:42
zend_string
struct _zend_string zend_string
Definition zend_map_ptr.h:24
INIT_FUNC_ARGS_PASSTHRU
#define INIT_FUNC_ARGS_PASSTHRU
Definition zend_modules.h:28
ZEND_MOD_END
#define ZEND_MOD_END
Definition zend_modules.h:114
zend_module_dep
struct _zend_module_dep zend_module_dep
Definition zend_modules.h:69
zend_module_entry
struct _zend_module_entry zend_module_entry
Definition zend_modules.h:68
STANDARD_MODULE_PROPERTIES
#define STANDARD_MODULE_PROPERTIES
Definition zend_modules.h:59
ZEND_MOD_REQUIRED
#define ZEND_MOD_REQUIRED(name)
Definition zend_modules.h:110
STANDARD_MODULE_HEADER_EX
#define STANDARD_MODULE_HEADER_EX
Definition zend_modules.h:41
convert_to_null
ZEND_API void ZEND_FASTCALL convert_to_null(zval *op)
Definition zend_operators.c:656
LONG_MAX
#define LONG_MAX
Definition zend_portability.h:448
zend_always_inline
#define zend_always_inline
Definition zend_portability.h:375
ZEND_ASSERT
#define ZEND_ASSERT(c)
Definition zend_portability.h:106
zend_class_entry
struct _zend_class_entry zend_class_entry
Definition zend_property_hooks.h:27
zend_object
struct _zend_object zend_object
Definition zend_property_hooks.h:28
_ZSTR_STRUCT_SIZE
#define _ZSTR_STRUCT_SIZE(len)
Definition zend_string.h:114
ZSTR_VAL
#define ZSTR_VAL(zstr)
Definition zend_string.h:68
ZSTR_KNOWN
#define ZSTR_KNOWN(idx)
Definition zend_string.h:110
Z_TYPE_P
#define Z_TYPE_P(zval_p)
Definition zend_types.h:660
ZVAL_STR
#define ZVAL_STR(z, s)
Definition zend_types.h:1078
Z_STRVAL_P
#define Z_STRVAL_P(zval_p)
Definition zend_types.h:975
Z_ARRVAL_P
#define Z_ARRVAL_P(zval_p)
Definition zend_types.h:987
ZVAL_DEREF
#define ZVAL_DEREF(z)
Definition zend_types.h:1462
IS_STRING
#define IS_STRING
Definition zend_types.h:606
Z_REFCOUNTED_P
#define Z_REFCOUNTED_P(zval_p)
Definition zend_types.h:921
IS_ARRAY
#define IS_ARRAY
Definition zend_types.h:607
Z_STRLEN_P
#define Z_STRLEN_P(zval_p)
Definition zend_types.h:978
Z_STRVAL
#define Z_STRVAL(zval)
Definition zend_types.h:974
FAILURE
@ FAILURE
Definition zend_types.h:61
Z_STRLEN
#define Z_STRLEN(zval)
Definition zend_types.h:977
Z_REFCOUNT_P
#define Z_REFCOUNT_P(pz)
Definition zend_types.h:1265
Z_TRY_DELREF_P
#define Z_TRY_DELREF_P(pz)
Definition zend_types.h:1281
zval_ptr_dtor
ZEND_API void zval_ptr_dtor(zval *zval_ptr)
Definition zend_variables.c:82
return_value
zval * return_value
Definition zend_vm_def.h:4441
ret
zval * ret
Definition zend_vm_def.h:4054