From d6d02dfa3814fcd08c43b999a1bc442f6d96be63 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sat, 17 Jan 2026 14:49:53 +0100 Subject: [PATCH] ext/sodium: Add support for libsodium 1.0.21 APIs Add support for new functions present in recent libsodium versions: - Functions for IP address encryption: - sodium_crypto_ipcrypt_* - sodium_bin2ip/sodium_ip2bin helpers - Extendable output functions: - SHAKE128/SHAKE256 - TurboSHAKE128/TurboSHAKE256 --- NEWS | 3 + ext/sodium/libsodium.c | 903 +++++++++++++++++++++++++++++++++ ext/sodium/libsodium.stub.php | 164 ++++++ ext/sodium/libsodium_arginfo.h | 197 ++++++- 4 files changed, 1266 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 74816c94a2906..d5f0c2e9a4ec6 100644 --- a/NEWS +++ b/NEWS @@ -87,6 +87,9 @@ PHP NEWS . Added AF_UNSPEC support for sock_addrinfo_lookup() as a sole umbrella for AF_INET* family only. (David Carlier) +- Sodium: + . Added support for libsodium 1.0.21 IPcrypt and XOF APIs. (jedisct1) + - SPL: . DirectoryIterator key can now work better with filesystem supporting larger directory indexing. (David Carlier) diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c index 7d36fbb892884..094b9d41605d9 100644 --- a/ext/sodium/libsodium.c +++ b/ext/sodium/libsodium.c @@ -3913,3 +3913,906 @@ PHP_FUNCTION(sodium_crypto_core_ristretto255_sub) RETURN_NEW_STR(r); } #endif + +#ifdef crypto_ipcrypt_KEYBYTES +PHP_FUNCTION(sodium_crypto_ipcrypt_keygen) +{ + unsigned char key[crypto_ipcrypt_KEYBYTES]; + + if (zend_parse_parameters_none() == FAILURE) { + RETURN_THROWS(); + } + crypto_ipcrypt_keygen(key); + RETURN_STRINGL((const char *) key, sizeof key); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_encrypt) +{ + char *ip; + size_t ip_len; + unsigned char *key; + size_t key_len; + unsigned char bin[crypto_ipcrypt_BYTES]; + unsigned char encrypted[crypto_ipcrypt_BYTES]; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &ip, &ip_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, ip, ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + crypto_ipcrypt_encrypt(encrypted, bin, key); + if (sodium_bin2ip(ip_out, sizeof ip_out, encrypted) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_decrypt) +{ + char *encrypted_ip; + size_t encrypted_ip_len; + unsigned char *key; + size_t key_len; + unsigned char bin[crypto_ipcrypt_BYTES]; + unsigned char decrypted[crypto_ipcrypt_BYTES]; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &encrypted_ip, &encrypted_ip_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, encrypted_ip, encrypted_ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + crypto_ipcrypt_decrypt(decrypted, bin, key); + if (sodium_bin2ip(ip_out, sizeof ip_out, decrypted) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_nd_encrypt) +{ + char *ip; + size_t ip_len; + unsigned char *key; + size_t key_len; + unsigned char bin[crypto_ipcrypt_ND_INPUTBYTES]; + unsigned char tweak[crypto_ipcrypt_ND_TWEAKBYTES]; + unsigned char encrypted[crypto_ipcrypt_ND_OUTPUTBYTES]; + char hex_out[crypto_ipcrypt_ND_OUTPUTBYTES * 2 + 1]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &ip, &ip_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_ND_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_ND_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, ip, ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + randombytes_buf(tweak, sizeof tweak); + crypto_ipcrypt_nd_encrypt(encrypted, bin, tweak, key); + sodium_bin2hex(hex_out, sizeof hex_out, encrypted, sizeof encrypted); + RETURN_STRINGL(hex_out, crypto_ipcrypt_ND_OUTPUTBYTES * 2); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_nd_decrypt) +{ + char *ciphertext_hex; + size_t ciphertext_hex_len; + unsigned char *key; + size_t key_len; + unsigned char encrypted[crypto_ipcrypt_ND_OUTPUTBYTES]; + unsigned char decrypted[crypto_ipcrypt_ND_INPUTBYTES]; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &ciphertext_hex, &ciphertext_hex_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_ND_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_ND_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (ciphertext_hex_len != crypto_ipcrypt_ND_OUTPUTBYTES * 2) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid hex-encoded ciphertext"); + RETURN_THROWS(); + } + if (sodium_hex2bin(encrypted, sizeof encrypted, ciphertext_hex, ciphertext_hex_len, + NULL, NULL, NULL) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid hex-encoded ciphertext"); + RETURN_THROWS(); + } + crypto_ipcrypt_nd_decrypt(decrypted, encrypted, key); + if (sodium_bin2ip(ip_out, sizeof ip_out, decrypted) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_ndx_keygen) +{ + unsigned char key[crypto_ipcrypt_NDX_KEYBYTES]; + + if (zend_parse_parameters_none() == FAILURE) { + RETURN_THROWS(); + } + crypto_ipcrypt_ndx_keygen(key); + RETURN_STRINGL((const char *) key, sizeof key); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_ndx_encrypt) +{ + char *ip; + size_t ip_len; + unsigned char *key; + size_t key_len; + unsigned char bin[crypto_ipcrypt_NDX_INPUTBYTES]; + unsigned char tweak[crypto_ipcrypt_NDX_TWEAKBYTES]; + unsigned char encrypted[crypto_ipcrypt_NDX_OUTPUTBYTES]; + char hex_out[crypto_ipcrypt_NDX_OUTPUTBYTES * 2 + 1]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &ip, &ip_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_NDX_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_NDX_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, ip, ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + randombytes_buf(tweak, sizeof tweak); + crypto_ipcrypt_ndx_encrypt(encrypted, bin, tweak, key); + sodium_bin2hex(hex_out, sizeof hex_out, encrypted, sizeof encrypted); + RETURN_STRINGL(hex_out, crypto_ipcrypt_NDX_OUTPUTBYTES * 2); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_ndx_decrypt) +{ + char *ciphertext_hex; + size_t ciphertext_hex_len; + unsigned char *key; + size_t key_len; + unsigned char encrypted[crypto_ipcrypt_NDX_OUTPUTBYTES]; + unsigned char decrypted[crypto_ipcrypt_NDX_INPUTBYTES]; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &ciphertext_hex, &ciphertext_hex_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_NDX_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_NDX_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (ciphertext_hex_len != crypto_ipcrypt_NDX_OUTPUTBYTES * 2) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid hex-encoded ciphertext"); + RETURN_THROWS(); + } + if (sodium_hex2bin(encrypted, sizeof encrypted, ciphertext_hex, ciphertext_hex_len, + NULL, NULL, NULL) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid hex-encoded ciphertext"); + RETURN_THROWS(); + } + crypto_ipcrypt_ndx_decrypt(decrypted, encrypted, key); + if (sodium_bin2ip(ip_out, sizeof ip_out, decrypted) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_pfx_keygen) +{ + unsigned char key[crypto_ipcrypt_PFX_KEYBYTES]; + + if (zend_parse_parameters_none() == FAILURE) { + RETURN_THROWS(); + } + crypto_ipcrypt_pfx_keygen(key); + RETURN_STRINGL((const char *) key, sizeof key); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_pfx_encrypt) +{ + char *ip; + size_t ip_len; + unsigned char *key; + size_t key_len; + unsigned char bin[crypto_ipcrypt_PFX_BYTES]; + unsigned char encrypted[crypto_ipcrypt_PFX_BYTES]; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &ip, &ip_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_PFX_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_PFX_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, ip, ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + crypto_ipcrypt_pfx_encrypt(encrypted, bin, key); + if (sodium_bin2ip(ip_out, sizeof ip_out, encrypted) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_crypto_ipcrypt_pfx_decrypt) +{ + char *encrypted_ip; + size_t encrypted_ip_len; + unsigned char *key; + size_t key_len; + unsigned char bin[crypto_ipcrypt_PFX_BYTES]; + unsigned char decrypted[crypto_ipcrypt_PFX_BYTES]; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss", + &encrypted_ip, &encrypted_ip_len, &key, &key_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (key_len != crypto_ipcrypt_PFX_KEYBYTES) { + zend_argument_error(sodium_exception_ce, 2, "must be SODIUM_CRYPTO_IPCRYPT_PFX_KEYBYTES bytes long"); + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, encrypted_ip, encrypted_ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + crypto_ipcrypt_pfx_decrypt(decrypted, bin, key); + if (sodium_bin2ip(ip_out, sizeof ip_out, decrypted) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_bin2ip) +{ + unsigned char *bin; + size_t bin_len; + char ip_out[46]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", + &bin, &bin_len) == FAILURE) { + RETURN_THROWS(); + } + if (bin_len != 16) { + zend_argument_error(sodium_exception_ce, 1, "must be 16 bytes long"); + RETURN_THROWS(); + } + if (sodium_bin2ip(ip_out, sizeof ip_out, bin) == NULL) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + RETURN_STRING(ip_out); +} + +PHP_FUNCTION(sodium_ip2bin) +{ + char *ip; + size_t ip_len; + unsigned char bin[16]; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", + &ip, &ip_len) == FAILURE) { + RETURN_THROWS(); + } + if (sodium_ip2bin(bin, ip, ip_len) != 0) { + zend_argument_error(sodium_exception_ce, 1, "must be a valid IP address"); + RETURN_THROWS(); + } + RETURN_STRINGL((const char *) bin, sizeof bin); +} +#endif + +#ifdef crypto_xof_shake128_STATEBYTES +PHP_FUNCTION(sodium_crypto_xof_shake128) +{ + zend_string *out; + unsigned char *msg; + zend_long out_len; + size_t msg_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ls", + &out_len, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 1, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + if (crypto_xof_shake128((unsigned char *) ZSTR_VAL(out), (size_t) out_len, + msg, (unsigned long long) msg_len) != 0) { + zend_string_efree(out); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_shake128_init) +{ + crypto_xof_shake128_state state_tmp; + zend_string *state; + zend_long domain = -1; + bool domain_is_null = 1; + + ZEND_PARSE_PARAMETERS_START(0, 1) + Z_PARAM_OPTIONAL + Z_PARAM_LONG_OR_NULL(domain, domain_is_null) + ZEND_PARSE_PARAMETERS_END(); + + memset(&state_tmp, 0, sizeof state_tmp); + if (domain_is_null) { + if (crypto_xof_shake128_init(&state_tmp) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } else { + if (domain < 0x01 || domain > 0x7f) { + zend_argument_error(sodium_exception_ce, 1, "must be between 0x01 and 0x7f"); + RETURN_THROWS(); + } + if (crypto_xof_shake128_init_with_domain(&state_tmp, (unsigned char) domain) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } + state = zend_string_alloc(sizeof state_tmp, 0); + memcpy(ZSTR_VAL(state), &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(state)[sizeof state_tmp] = 0; + RETURN_STR(state); +} + +PHP_FUNCTION(sodium_crypto_xof_shake128_update) +{ + crypto_xof_shake128_state state_tmp; + zval *state_zv; + unsigned char *msg; + unsigned char *state; + size_t msg_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs", + &state_zv, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_shake128_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_shake128_update(&state_tmp, msg, (unsigned long long) msg_len) != 0) { + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + RETURN_TRUE; +} + +PHP_FUNCTION(sodium_crypto_xof_shake128_squeeze) +{ + crypto_xof_shake128_state state_tmp; + zval *state_zv; + zend_string *out; + unsigned char *state; + zend_long out_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zl", + &state_zv, &out_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_shake128_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 2, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_shake128_squeeze(&state_tmp, (unsigned char *) ZSTR_VAL(out), (size_t) out_len) != 0) { + zend_string_efree(out); + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_shake256) +{ + zend_string *out; + unsigned char *msg; + zend_long out_len; + size_t msg_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ls", + &out_len, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 1, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + if (crypto_xof_shake256((unsigned char *) ZSTR_VAL(out), (size_t) out_len, + msg, (unsigned long long) msg_len) != 0) { + zend_string_efree(out); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_shake256_init) +{ + crypto_xof_shake256_state state_tmp; + zend_string *state; + zend_long domain = -1; + bool domain_is_null = 1; + + ZEND_PARSE_PARAMETERS_START(0, 1) + Z_PARAM_OPTIONAL + Z_PARAM_LONG_OR_NULL(domain, domain_is_null) + ZEND_PARSE_PARAMETERS_END(); + + memset(&state_tmp, 0, sizeof state_tmp); + if (domain_is_null) { + if (crypto_xof_shake256_init(&state_tmp) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } else { + if (domain < 0x01 || domain > 0x7f) { + zend_argument_error(sodium_exception_ce, 1, "must be between 0x01 and 0x7f"); + RETURN_THROWS(); + } + if (crypto_xof_shake256_init_with_domain(&state_tmp, (unsigned char) domain) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } + state = zend_string_alloc(sizeof state_tmp, 0); + memcpy(ZSTR_VAL(state), &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(state)[sizeof state_tmp] = 0; + RETURN_STR(state); +} + +PHP_FUNCTION(sodium_crypto_xof_shake256_update) +{ + crypto_xof_shake256_state state_tmp; + zval *state_zv; + unsigned char *msg; + unsigned char *state; + size_t msg_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs", + &state_zv, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_shake256_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_shake256_update(&state_tmp, msg, (unsigned long long) msg_len) != 0) { + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + RETURN_TRUE; +} + +PHP_FUNCTION(sodium_crypto_xof_shake256_squeeze) +{ + crypto_xof_shake256_state state_tmp; + zval *state_zv; + zend_string *out; + unsigned char *state; + zend_long out_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zl", + &state_zv, &out_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_shake256_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 2, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_shake256_squeeze(&state_tmp, (unsigned char *) ZSTR_VAL(out), (size_t) out_len) != 0) { + zend_string_efree(out); + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake128) +{ + zend_string *out; + unsigned char *msg; + zend_long out_len; + size_t msg_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ls", + &out_len, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 1, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + if (crypto_xof_turboshake128((unsigned char *) ZSTR_VAL(out), (size_t) out_len, + msg, (unsigned long long) msg_len) != 0) { + zend_string_efree(out); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake128_init) +{ + crypto_xof_turboshake128_state state_tmp; + zend_string *state; + zend_long domain = -1; + bool domain_is_null = 1; + + ZEND_PARSE_PARAMETERS_START(0, 1) + Z_PARAM_OPTIONAL + Z_PARAM_LONG_OR_NULL(domain, domain_is_null) + ZEND_PARSE_PARAMETERS_END(); + + memset(&state_tmp, 0, sizeof state_tmp); + if (domain_is_null) { + if (crypto_xof_turboshake128_init(&state_tmp) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } else { + if (domain < 0x01 || domain > 0x7f) { + zend_argument_error(sodium_exception_ce, 1, "must be between 0x01 and 0x7f"); + RETURN_THROWS(); + } + if (crypto_xof_turboshake128_init_with_domain(&state_tmp, (unsigned char) domain) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } + state = zend_string_alloc(sizeof state_tmp, 0); + memcpy(ZSTR_VAL(state), &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(state)[sizeof state_tmp] = 0; + RETURN_STR(state); +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake128_update) +{ + crypto_xof_turboshake128_state state_tmp; + zval *state_zv; + unsigned char *msg; + unsigned char *state; + size_t msg_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs", + &state_zv, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_turboshake128_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_turboshake128_update(&state_tmp, msg, (unsigned long long) msg_len) != 0) { + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + RETURN_TRUE; +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake128_squeeze) +{ + crypto_xof_turboshake128_state state_tmp; + zval *state_zv; + zend_string *out; + unsigned char *state; + zend_long out_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zl", + &state_zv, &out_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_turboshake128_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 2, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_turboshake128_squeeze(&state_tmp, (unsigned char *) ZSTR_VAL(out), (size_t) out_len) != 0) { + zend_string_efree(out); + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake256) +{ + zend_string *out; + unsigned char *msg; + zend_long out_len; + size_t msg_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "ls", + &out_len, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 1, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + if (crypto_xof_turboshake256((unsigned char *) ZSTR_VAL(out), (size_t) out_len, + msg, (unsigned long long) msg_len) != 0) { + zend_string_efree(out); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake256_init) +{ + crypto_xof_turboshake256_state state_tmp; + zend_string *state; + zend_long domain = -1; + bool domain_is_null = 1; + + ZEND_PARSE_PARAMETERS_START(0, 1) + Z_PARAM_OPTIONAL + Z_PARAM_LONG_OR_NULL(domain, domain_is_null) + ZEND_PARSE_PARAMETERS_END(); + + memset(&state_tmp, 0, sizeof state_tmp); + if (domain_is_null) { + if (crypto_xof_turboshake256_init(&state_tmp) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } else { + if (domain < 0x01 || domain > 0x7f) { + zend_argument_error(sodium_exception_ce, 1, "must be between 0x01 and 0x7f"); + RETURN_THROWS(); + } + if (crypto_xof_turboshake256_init_with_domain(&state_tmp, (unsigned char) domain) != 0) { + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + } + state = zend_string_alloc(sizeof state_tmp, 0); + memcpy(ZSTR_VAL(state), &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(state)[sizeof state_tmp] = 0; + RETURN_STR(state); +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake256_update) +{ + crypto_xof_turboshake256_state state_tmp; + zval *state_zv; + unsigned char *msg; + unsigned char *state; + size_t msg_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zs", + &state_zv, &msg, &msg_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_turboshake256_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_turboshake256_update(&state_tmp, msg, (unsigned long long) msg_len) != 0) { + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + RETURN_TRUE; +} + +PHP_FUNCTION(sodium_crypto_xof_turboshake256_squeeze) +{ + crypto_xof_turboshake256_state state_tmp; + zval *state_zv; + zend_string *out; + unsigned char *state; + zend_long out_len; + size_t state_len; + + if (zend_parse_parameters(ZEND_NUM_ARGS(), "zl", + &state_zv, &out_len) == FAILURE) { + sodium_remove_param_values_from_backtrace(EG(exception)); + RETURN_THROWS(); + } + ZVAL_DEREF(state_zv); + if (Z_TYPE_P(state_zv) != IS_STRING) { + zend_argument_error(sodium_exception_ce, 1, "must be a reference to a state"); + RETURN_THROWS(); + } + sodium_separate_string(state_zv); + state = (unsigned char *) Z_STRVAL(*state_zv); + state_len = Z_STRLEN(*state_zv); + if (state_len != sizeof (crypto_xof_turboshake256_state)) { + zend_argument_error(sodium_exception_ce, 1, "must have a correct state length"); + RETURN_THROWS(); + } + if (out_len <= 0 || out_len > ZSTR_MAX_LEN) { + zend_argument_error(sodium_exception_ce, 2, "must be a positive integer"); + RETURN_THROWS(); + } + out = zend_string_alloc((size_t) out_len, 0); + memcpy(&state_tmp, state, sizeof state_tmp); + if (crypto_xof_turboshake256_squeeze(&state_tmp, (unsigned char *) ZSTR_VAL(out), (size_t) out_len) != 0) { + zend_string_efree(out); + sodium_memzero(&state_tmp, sizeof state_tmp); + zend_throw_exception(sodium_exception_ce, "internal error", 0); + RETURN_THROWS(); + } + memcpy(state, &state_tmp, sizeof state_tmp); + sodium_memzero(&state_tmp, sizeof state_tmp); + ZSTR_VAL(out)[out_len] = 0; + RETURN_NEW_STR(out); +} +#endif diff --git a/ext/sodium/libsodium.stub.php b/ext/sodium/libsodium.stub.php index 4bf6fade9136f..86298739cdcc0 100644 --- a/ext/sodium/libsodium.stub.php +++ b/ext/sodium/libsodium.stub.php @@ -801,4 +801,168 @@ function sodium_base642bin(#[\SensitiveParameter] string $string, int $id, strin */ function sodium_crypto_scalarmult_base(#[\SensitiveParameter] string $secret_key): string {} +#ifdef crypto_ipcrypt_KEYBYTES +/** + * @var int + * @cvalue crypto_ipcrypt_BYTES + */ +const SODIUM_CRYPTO_IPCRYPT_BYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_KEYBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_KEYBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_ND_KEYBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_ND_KEYBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_ND_TWEAKBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_ND_TWEAKBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_ND_INPUTBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_ND_INPUTBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_ND_OUTPUTBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_ND_OUTPUTBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_NDX_KEYBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_NDX_KEYBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_NDX_TWEAKBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_NDX_TWEAKBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_NDX_INPUTBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_NDX_INPUTBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_NDX_OUTPUTBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_NDX_OUTPUTBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_PFX_KEYBYTES + */ +const SODIUM_CRYPTO_IPCRYPT_PFX_KEYBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_ipcrypt_PFX_BYTES + */ +const SODIUM_CRYPTO_IPCRYPT_PFX_BYTES = UNKNOWN; + +function sodium_crypto_ipcrypt_keygen(): string {} + +function sodium_crypto_ipcrypt_encrypt(string $ip, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_decrypt(string $encrypted_ip, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_nd_encrypt(string $ip, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_nd_decrypt(string $ciphertext_hex, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_ndx_keygen(): string {} + +function sodium_crypto_ipcrypt_ndx_encrypt(string $ip, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_ndx_decrypt(string $ciphertext_hex, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_pfx_keygen(): string {} + +function sodium_crypto_ipcrypt_pfx_encrypt(string $ip, #[\SensitiveParameter] string $key): string {} + +function sodium_crypto_ipcrypt_pfx_decrypt(string $encrypted_ip, #[\SensitiveParameter] string $key): string {} + +function sodium_bin2ip(string $bin): string {} + +function sodium_ip2bin(string $ip): string {} +#endif + +#ifdef crypto_xof_shake128_STATEBYTES +/** + * @var int + * @cvalue crypto_xof_shake128_BLOCKBYTES + */ +const SODIUM_CRYPTO_XOF_SHAKE128_BLOCKBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_shake128_STATEBYTES + */ +const SODIUM_CRYPTO_XOF_SHAKE128_STATEBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_shake256_BLOCKBYTES + */ +const SODIUM_CRYPTO_XOF_SHAKE256_BLOCKBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_shake256_STATEBYTES + */ +const SODIUM_CRYPTO_XOF_SHAKE256_STATEBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_turboshake128_BLOCKBYTES + */ +const SODIUM_CRYPTO_XOF_TURBOSHAKE128_BLOCKBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_turboshake128_STATEBYTES + */ +const SODIUM_CRYPTO_XOF_TURBOSHAKE128_STATEBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_turboshake256_BLOCKBYTES + */ +const SODIUM_CRYPTO_XOF_TURBOSHAKE256_BLOCKBYTES = UNKNOWN; +/** + * @var int + * @cvalue crypto_xof_turboshake256_STATEBYTES + */ +const SODIUM_CRYPTO_XOF_TURBOSHAKE256_STATEBYTES = UNKNOWN; + +function sodium_crypto_xof_shake128(int $length, string $message): string {} + +function sodium_crypto_xof_shake128_init(?int $domain = null): string {} + +function sodium_crypto_xof_shake128_update(string &$state, string $message): true {} + +function sodium_crypto_xof_shake128_squeeze(string &$state, int $length): string {} + +function sodium_crypto_xof_shake256(int $length, string $message): string {} + +function sodium_crypto_xof_shake256_init(?int $domain = null): string {} + +function sodium_crypto_xof_shake256_update(string &$state, string $message): true {} + +function sodium_crypto_xof_shake256_squeeze(string &$state, int $length): string {} + +function sodium_crypto_xof_turboshake128(int $length, string $message): string {} + +function sodium_crypto_xof_turboshake128_init(?int $domain = null): string {} + +function sodium_crypto_xof_turboshake128_update(string &$state, string $message): true {} + +function sodium_crypto_xof_turboshake128_squeeze(string &$state, int $length): string {} + +function sodium_crypto_xof_turboshake256(int $length, string $message): string {} + +function sodium_crypto_xof_turboshake256_init(?int $domain = null): string {} + +function sodium_crypto_xof_turboshake256_update(string &$state, string $message): true {} + +function sodium_crypto_xof_turboshake256_squeeze(string &$state, int $length): string {} +#endif + class SodiumException extends Exception {} diff --git a/ext/sodium/libsodium_arginfo.h b/ext/sodium/libsodium_arginfo.h index 5fbd831c22e4a..b6e20cb2fa306 100644 --- a/ext/sodium/libsodium_arginfo.h +++ b/ext/sodium/libsodium_arginfo.h @@ -1,5 +1,5 @@ /* This is a generated file, edit the .stub.php file instead. - * Stub hash: 89cbb449ee6146dc8d50ba4bb1e76f83444a2db2 */ + * Stub hash: c8a524f5017f01ddba0504dd1c33735c8138df09 */ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_aead_aes256gcm_is_available, 0, 0, _IS_BOOL, 0) ZEND_END_ARG_INFO() @@ -483,6 +483,93 @@ ZEND_END_ARG_INFO() #define arginfo_sodium_crypto_scalarmult_base arginfo_sodium_crypto_box_publickey_from_secretkey +#if defined(crypto_ipcrypt_KEYBYTES) +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_ipcrypt_keygen, 0, 0, IS_STRING, 0) +ZEND_END_ARG_INFO() + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_ipcrypt_encrypt, 0, 2, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, ip, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, key, IS_STRING, 0) +ZEND_END_ARG_INFO() + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_ipcrypt_decrypt, 0, 2, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, encrypted_ip, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, key, IS_STRING, 0) +ZEND_END_ARG_INFO() + +#define arginfo_sodium_crypto_ipcrypt_nd_encrypt arginfo_sodium_crypto_ipcrypt_encrypt + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_ipcrypt_nd_decrypt, 0, 2, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, ciphertext_hex, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, key, IS_STRING, 0) +ZEND_END_ARG_INFO() + +#define arginfo_sodium_crypto_ipcrypt_ndx_keygen arginfo_sodium_crypto_ipcrypt_keygen + +#define arginfo_sodium_crypto_ipcrypt_ndx_encrypt arginfo_sodium_crypto_ipcrypt_encrypt + +#define arginfo_sodium_crypto_ipcrypt_ndx_decrypt arginfo_sodium_crypto_ipcrypt_nd_decrypt + +#define arginfo_sodium_crypto_ipcrypt_pfx_keygen arginfo_sodium_crypto_ipcrypt_keygen + +#define arginfo_sodium_crypto_ipcrypt_pfx_encrypt arginfo_sodium_crypto_ipcrypt_encrypt + +#define arginfo_sodium_crypto_ipcrypt_pfx_decrypt arginfo_sodium_crypto_ipcrypt_decrypt + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_bin2ip, 0, 1, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, bin, IS_STRING, 0) +ZEND_END_ARG_INFO() + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_ip2bin, 0, 1, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, ip, IS_STRING, 0) +ZEND_END_ARG_INFO() +#endif + +#if defined(crypto_xof_shake128_STATEBYTES) +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_xof_shake128, 0, 2, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, length, IS_LONG, 0) + ZEND_ARG_TYPE_INFO(0, message, IS_STRING, 0) +ZEND_END_ARG_INFO() + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_xof_shake128_init, 0, 0, IS_STRING, 0) + ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, domain, IS_LONG, 1, "null") +ZEND_END_ARG_INFO() + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_xof_shake128_update, 0, 2, IS_TRUE, 0) + ZEND_ARG_TYPE_INFO(1, state, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, message, IS_STRING, 0) +ZEND_END_ARG_INFO() + +ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_sodium_crypto_xof_shake128_squeeze, 0, 2, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(1, state, IS_STRING, 0) + ZEND_ARG_TYPE_INFO(0, length, IS_LONG, 0) +ZEND_END_ARG_INFO() + +#define arginfo_sodium_crypto_xof_shake256 arginfo_sodium_crypto_xof_shake128 + +#define arginfo_sodium_crypto_xof_shake256_init arginfo_sodium_crypto_xof_shake128_init + +#define arginfo_sodium_crypto_xof_shake256_update arginfo_sodium_crypto_xof_shake128_update + +#define arginfo_sodium_crypto_xof_shake256_squeeze arginfo_sodium_crypto_xof_shake128_squeeze + +#define arginfo_sodium_crypto_xof_turboshake128 arginfo_sodium_crypto_xof_shake128 + +#define arginfo_sodium_crypto_xof_turboshake128_init arginfo_sodium_crypto_xof_shake128_init + +#define arginfo_sodium_crypto_xof_turboshake128_update arginfo_sodium_crypto_xof_shake128_update + +#define arginfo_sodium_crypto_xof_turboshake128_squeeze arginfo_sodium_crypto_xof_shake128_squeeze + +#define arginfo_sodium_crypto_xof_turboshake256 arginfo_sodium_crypto_xof_shake128 + +#define arginfo_sodium_crypto_xof_turboshake256_init arginfo_sodium_crypto_xof_shake128_init + +#define arginfo_sodium_crypto_xof_turboshake256_update arginfo_sodium_crypto_xof_shake128_update + +#define arginfo_sodium_crypto_xof_turboshake256_squeeze arginfo_sodium_crypto_xof_shake128_squeeze +#endif + ZEND_FUNCTION(sodium_crypto_aead_aes256gcm_is_available); #if defined(HAVE_AESGCM) ZEND_FUNCTION(sodium_crypto_aead_aes256gcm_decrypt); @@ -616,6 +703,39 @@ ZEND_FUNCTION(sodium_hex2bin); ZEND_FUNCTION(sodium_bin2base64); ZEND_FUNCTION(sodium_base642bin); #endif +#if defined(crypto_ipcrypt_KEYBYTES) +ZEND_FUNCTION(sodium_crypto_ipcrypt_keygen); +ZEND_FUNCTION(sodium_crypto_ipcrypt_encrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_decrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_nd_encrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_nd_decrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_ndx_keygen); +ZEND_FUNCTION(sodium_crypto_ipcrypt_ndx_encrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_ndx_decrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_pfx_keygen); +ZEND_FUNCTION(sodium_crypto_ipcrypt_pfx_encrypt); +ZEND_FUNCTION(sodium_crypto_ipcrypt_pfx_decrypt); +ZEND_FUNCTION(sodium_bin2ip); +ZEND_FUNCTION(sodium_ip2bin); +#endif +#if defined(crypto_xof_shake128_STATEBYTES) +ZEND_FUNCTION(sodium_crypto_xof_shake128); +ZEND_FUNCTION(sodium_crypto_xof_shake128_init); +ZEND_FUNCTION(sodium_crypto_xof_shake128_update); +ZEND_FUNCTION(sodium_crypto_xof_shake128_squeeze); +ZEND_FUNCTION(sodium_crypto_xof_shake256); +ZEND_FUNCTION(sodium_crypto_xof_shake256_init); +ZEND_FUNCTION(sodium_crypto_xof_shake256_update); +ZEND_FUNCTION(sodium_crypto_xof_shake256_squeeze); +ZEND_FUNCTION(sodium_crypto_xof_turboshake128); +ZEND_FUNCTION(sodium_crypto_xof_turboshake128_init); +ZEND_FUNCTION(sodium_crypto_xof_turboshake128_update); +ZEND_FUNCTION(sodium_crypto_xof_turboshake128_squeeze); +ZEND_FUNCTION(sodium_crypto_xof_turboshake256); +ZEND_FUNCTION(sodium_crypto_xof_turboshake256_init); +ZEND_FUNCTION(sodium_crypto_xof_turboshake256_update); +ZEND_FUNCTION(sodium_crypto_xof_turboshake256_squeeze); +#endif static const zend_function_entry ext_functions[] = { ZEND_FE(sodium_crypto_aead_aes256gcm_is_available, arginfo_sodium_crypto_aead_aes256gcm_is_available) @@ -752,6 +872,39 @@ static const zend_function_entry ext_functions[] = { ZEND_FE(sodium_base642bin, arginfo_sodium_base642bin) #endif ZEND_RAW_FENTRY("sodium_crypto_scalarmult_base", zif_sodium_crypto_box_publickey_from_secretkey, arginfo_sodium_crypto_scalarmult_base, 0, NULL, NULL) +#if defined(crypto_ipcrypt_KEYBYTES) + ZEND_FE(sodium_crypto_ipcrypt_keygen, arginfo_sodium_crypto_ipcrypt_keygen) + ZEND_FE(sodium_crypto_ipcrypt_encrypt, arginfo_sodium_crypto_ipcrypt_encrypt) + ZEND_FE(sodium_crypto_ipcrypt_decrypt, arginfo_sodium_crypto_ipcrypt_decrypt) + ZEND_FE(sodium_crypto_ipcrypt_nd_encrypt, arginfo_sodium_crypto_ipcrypt_nd_encrypt) + ZEND_FE(sodium_crypto_ipcrypt_nd_decrypt, arginfo_sodium_crypto_ipcrypt_nd_decrypt) + ZEND_FE(sodium_crypto_ipcrypt_ndx_keygen, arginfo_sodium_crypto_ipcrypt_ndx_keygen) + ZEND_FE(sodium_crypto_ipcrypt_ndx_encrypt, arginfo_sodium_crypto_ipcrypt_ndx_encrypt) + ZEND_FE(sodium_crypto_ipcrypt_ndx_decrypt, arginfo_sodium_crypto_ipcrypt_ndx_decrypt) + ZEND_FE(sodium_crypto_ipcrypt_pfx_keygen, arginfo_sodium_crypto_ipcrypt_pfx_keygen) + ZEND_FE(sodium_crypto_ipcrypt_pfx_encrypt, arginfo_sodium_crypto_ipcrypt_pfx_encrypt) + ZEND_FE(sodium_crypto_ipcrypt_pfx_decrypt, arginfo_sodium_crypto_ipcrypt_pfx_decrypt) + ZEND_FE(sodium_bin2ip, arginfo_sodium_bin2ip) + ZEND_FE(sodium_ip2bin, arginfo_sodium_ip2bin) +#endif +#if defined(crypto_xof_shake128_STATEBYTES) + ZEND_FE(sodium_crypto_xof_shake128, arginfo_sodium_crypto_xof_shake128) + ZEND_FE(sodium_crypto_xof_shake128_init, arginfo_sodium_crypto_xof_shake128_init) + ZEND_FE(sodium_crypto_xof_shake128_update, arginfo_sodium_crypto_xof_shake128_update) + ZEND_FE(sodium_crypto_xof_shake128_squeeze, arginfo_sodium_crypto_xof_shake128_squeeze) + ZEND_FE(sodium_crypto_xof_shake256, arginfo_sodium_crypto_xof_shake256) + ZEND_FE(sodium_crypto_xof_shake256_init, arginfo_sodium_crypto_xof_shake256_init) + ZEND_FE(sodium_crypto_xof_shake256_update, arginfo_sodium_crypto_xof_shake256_update) + ZEND_FE(sodium_crypto_xof_shake256_squeeze, arginfo_sodium_crypto_xof_shake256_squeeze) + ZEND_FE(sodium_crypto_xof_turboshake128, arginfo_sodium_crypto_xof_turboshake128) + ZEND_FE(sodium_crypto_xof_turboshake128_init, arginfo_sodium_crypto_xof_turboshake128_init) + ZEND_FE(sodium_crypto_xof_turboshake128_update, arginfo_sodium_crypto_xof_turboshake128_update) + ZEND_FE(sodium_crypto_xof_turboshake128_squeeze, arginfo_sodium_crypto_xof_turboshake128_squeeze) + ZEND_FE(sodium_crypto_xof_turboshake256, arginfo_sodium_crypto_xof_turboshake256) + ZEND_FE(sodium_crypto_xof_turboshake256_init, arginfo_sodium_crypto_xof_turboshake256_init) + ZEND_FE(sodium_crypto_xof_turboshake256_update, arginfo_sodium_crypto_xof_turboshake256_update) + ZEND_FE(sodium_crypto_xof_turboshake256_squeeze, arginfo_sodium_crypto_xof_turboshake256_squeeze) +#endif ZEND_FE_END }; @@ -883,6 +1036,30 @@ static void register_libsodium_symbols(int module_number) REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_CORE_RISTRETTO255_SCALARBYTES", crypto_core_ristretto255_SCALARBYTES, CONST_PERSISTENT); REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_CORE_RISTRETTO255_NONREDUCEDSCALARBYTES", crypto_core_ristretto255_NONREDUCEDSCALARBYTES, CONST_PERSISTENT); #endif +#if defined(crypto_ipcrypt_KEYBYTES) + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_BYTES", crypto_ipcrypt_BYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_KEYBYTES", crypto_ipcrypt_KEYBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_ND_KEYBYTES", crypto_ipcrypt_ND_KEYBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_ND_TWEAKBYTES", crypto_ipcrypt_ND_TWEAKBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_ND_INPUTBYTES", crypto_ipcrypt_ND_INPUTBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_ND_OUTPUTBYTES", crypto_ipcrypt_ND_OUTPUTBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_NDX_KEYBYTES", crypto_ipcrypt_NDX_KEYBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_NDX_TWEAKBYTES", crypto_ipcrypt_NDX_TWEAKBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_NDX_INPUTBYTES", crypto_ipcrypt_NDX_INPUTBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_NDX_OUTPUTBYTES", crypto_ipcrypt_NDX_OUTPUTBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_PFX_KEYBYTES", crypto_ipcrypt_PFX_KEYBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_IPCRYPT_PFX_BYTES", crypto_ipcrypt_PFX_BYTES, CONST_PERSISTENT); +#endif +#if defined(crypto_xof_shake128_STATEBYTES) + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_SHAKE128_BLOCKBYTES", crypto_xof_shake128_BLOCKBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_SHAKE128_STATEBYTES", crypto_xof_shake128_STATEBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_SHAKE256_BLOCKBYTES", crypto_xof_shake256_BLOCKBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_SHAKE256_STATEBYTES", crypto_xof_shake256_STATEBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_TURBOSHAKE128_BLOCKBYTES", crypto_xof_turboshake128_BLOCKBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_TURBOSHAKE128_STATEBYTES", crypto_xof_turboshake128_STATEBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_TURBOSHAKE256_BLOCKBYTES", crypto_xof_turboshake256_BLOCKBYTES, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SODIUM_CRYPTO_XOF_TURBOSHAKE256_STATEBYTES", crypto_xof_turboshake256_STATEBYTES, CONST_PERSISTENT); +#endif #if defined(HAVE_AESGCM) @@ -1060,6 +1237,24 @@ static void register_libsodium_symbols(int module_number) #endif zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_scalarmult_base", sizeof("sodium_crypto_scalarmult_base") - 1), 0, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); +#if defined(crypto_ipcrypt_KEYBYTES) + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_encrypt", sizeof("sodium_crypto_ipcrypt_encrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_decrypt", sizeof("sodium_crypto_ipcrypt_decrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_nd_encrypt", sizeof("sodium_crypto_ipcrypt_nd_encrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_nd_decrypt", sizeof("sodium_crypto_ipcrypt_nd_decrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_ndx_encrypt", sizeof("sodium_crypto_ipcrypt_ndx_encrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_ndx_decrypt", sizeof("sodium_crypto_ipcrypt_ndx_decrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_pfx_encrypt", sizeof("sodium_crypto_ipcrypt_pfx_encrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); + + zend_add_parameter_attribute(zend_hash_str_find_ptr(CG(function_table), "sodium_crypto_ipcrypt_pfx_decrypt", sizeof("sodium_crypto_ipcrypt_pfx_decrypt") - 1), 1, ZSTR_KNOWN(ZEND_STR_SENSITIVEPARAMETER), 0); +#endif } static zend_class_entry *register_class_SodiumException(zend_class_entry *class_entry_Exception)