1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
--TEST--
Check for libsodium AEAD
--SKIPIF--
<?php
if (!extension_loaded("sodium")) print "skip extension not loaded";
if (!defined('SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES')) print "skip libsodium without AESGCM";
?>
--FILE--
<?php
echo "aead_chacha20poly1305:\n";
$msg = random_bytes(random_int(1, 1000));
$nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES);
$key = sodium_crypto_aead_chacha20poly1305_keygen();
$ad = random_bytes(random_int(1, 1000));
$ciphertext = sodium_crypto_aead_chacha20poly1305_encrypt($msg, $ad, $nonce, $key);
$msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $nonce, $key);
var_dump($ciphertext !== $msg);
var_dump($msg === $msg2);
var_dump(sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
try {
// Switched order
$msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $key, $nonce);
var_dump(false);
} catch (SodiumException $ex) {
var_dump(true);
}
echo "aead_chacha20poly1305_ietf:\n";
if (SODIUM_LIBRARY_MAJOR_VERSION > 7 ||
(SODIUM_LIBRARY_MAJOR_VERSION == 7 &&
SODIUM_LIBRARY_MINOR_VERSION >= 6)) {
$msg = random_bytes(random_int(1, 1000));
$nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES);
$key = sodium_crypto_aead_chacha20poly1305_ietf_keygen();
$ad = random_bytes(random_int(1, 1000));
$ciphertext = sodium_crypto_aead_chacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key);
$msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key);
var_dump($ciphertext !== $msg);
var_dump($msg === $msg2);
var_dump(sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
try {
// Switched order
$msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce);
var_dump(false);
} catch (SodiumException $ex) {
var_dump(true);
}
} else {
var_dump(true);
var_dump(true);
var_dump(false);
var_dump(true);
}
echo "aead_xchacha20poly1305_ietf:\n";
if (SODIUM_LIBRARY_MAJOR_VERSION > 9 ||
(SODIUM_LIBRARY_MAJOR_VERSION == 9 &&
SODIUM_LIBRARY_MINOR_VERSION >= 4)) {
$msg = random_bytes(random_int(1, 1000));
$nonce = random_bytes(SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES);
$key = sodium_crypto_aead_xchacha20poly1305_ietf_keygen();
$ad = random_bytes(random_int(1, 1000));
$ciphertext = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key);
$msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key);
var_dump($ciphertext !== $msg);
var_dump($msg === $msg2);
var_dump(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
try {
// Switched order
$msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce);
var_dump(false);
} catch (SodiumException $ex) {
var_dump(true);
}
} else {
var_dump(true);
var_dump(true);
var_dump(false);
var_dump(true);
}
echo "aead_aes256gcm:\n";
if (sodium_crypto_aead_aes256gcm_is_available()) {
$msg = random_bytes(random_int(1, 1000));
$nonce = random_bytes(SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES);
$ad = random_bytes(random_int(1, 1000));
$key = sodium_crypto_aead_aes256gcm_keygen();
$ciphertext = sodium_crypto_aead_aes256gcm_encrypt($msg, $ad, $nonce, $key);
$msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $nonce, $key);
var_dump($ciphertext !== $msg);
var_dump($msg === $msg2);
var_dump(sodium_crypto_aead_aes256gcm_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
try {
// Switched order
$msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $key, $nonce);
var_dump(false);
} catch (SodiumException $ex) {
var_dump(true);
}
} else {
var_dump(true);
var_dump(true);
var_dump(false);
var_dump(true);
}
?>
--EXPECT--
aead_chacha20poly1305:
bool(true)
bool(true)
bool(false)
bool(true)
aead_chacha20poly1305_ietf:
bool(true)
bool(true)
bool(false)
bool(true)
aead_xchacha20poly1305_ietf:
bool(true)
bool(true)
bool(false)
bool(true)
aead_aes256gcm:
bool(true)
bool(true)
bool(false)
bool(true)
|