1--TEST-- 2Check for libsodium AEAD 3--EXTENSIONS-- 4sodium 5--SKIPIF-- 6<?php 7if (!defined('SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES')) print "skip libsodium without AESGCM"; 8if (!defined('SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES')) print "skip libsodium without AEGIS-128L"; 9if (!defined('SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES')) print "skip libsodium without AEGIS-256"; 10?> 11--FILE-- 12<?php 13echo "aead_chacha20poly1305:\n"; 14 15$msg = random_bytes(random_int(1, 1000)); 16$nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES); 17$key = sodium_crypto_aead_chacha20poly1305_keygen(); 18$ad = random_bytes(random_int(1, 1000)); 19 20$ciphertext = sodium_crypto_aead_chacha20poly1305_encrypt($msg, $ad, $nonce, $key); 21$msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $nonce, $key); 22var_dump($ciphertext !== $msg); 23var_dump($msg === $msg2); 24var_dump(sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 25try { 26 // Switched order 27 $msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $key, $nonce); 28 var_dump(false); 29} catch (SodiumException $ex) { 30 var_dump(true); 31} 32 33echo "aead_chacha20poly1305_ietf:\n"; 34 35if (SODIUM_LIBRARY_MAJOR_VERSION > 7 || 36 (SODIUM_LIBRARY_MAJOR_VERSION == 7 && 37 SODIUM_LIBRARY_MINOR_VERSION >= 6)) { 38 $msg = random_bytes(random_int(1, 1000)); 39 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES); 40 $key = sodium_crypto_aead_chacha20poly1305_ietf_keygen(); 41 $ad = random_bytes(random_int(1, 1000)); 42 43 $ciphertext = sodium_crypto_aead_chacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key); 44 $msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key); 45 var_dump($ciphertext !== $msg); 46 var_dump($msg === $msg2); 47 var_dump(sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 48 try { 49 // Switched order 50 $msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce); 51 var_dump(false); 52 } catch (SodiumException $ex) { 53 var_dump(true); 54 } 55} else { 56 var_dump(true); 57 var_dump(true); 58 var_dump(false); 59 var_dump(true); 60} 61 62echo "aead_xchacha20poly1305_ietf:\n"; 63 64if (SODIUM_LIBRARY_MAJOR_VERSION > 9 || 65 (SODIUM_LIBRARY_MAJOR_VERSION == 9 && 66 SODIUM_LIBRARY_MINOR_VERSION >= 4)) { 67 $msg = random_bytes(random_int(1, 1000)); 68 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES); 69 $key = sodium_crypto_aead_xchacha20poly1305_ietf_keygen(); 70 $ad = random_bytes(random_int(1, 1000)); 71 72 $ciphertext = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key); 73 $msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key); 74 var_dump($ciphertext !== $msg); 75 var_dump($msg === $msg2); 76 var_dump(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 77 try { 78 // Switched order 79 $msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce); 80 var_dump(false); 81 } catch (SodiumException $ex) { 82 var_dump(true); 83 } 84} else { 85 var_dump(true); 86 var_dump(true); 87 var_dump(false); 88 var_dump(true); 89} 90 91echo "aead_aes256gcm:\n"; 92 93if (sodium_crypto_aead_aes256gcm_is_available()) { 94 $msg = random_bytes(random_int(1, 1000)); 95 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES); 96 $ad = random_bytes(random_int(1, 1000)); 97 $key = sodium_crypto_aead_aes256gcm_keygen(); 98 $ciphertext = sodium_crypto_aead_aes256gcm_encrypt($msg, $ad, $nonce, $key); 99 $msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $nonce, $key); 100 var_dump($ciphertext !== $msg); 101 var_dump($msg === $msg2); 102 var_dump(sodium_crypto_aead_aes256gcm_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 103 try { 104 // Switched order 105 $msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $key, $nonce); 106 var_dump(false); 107 } catch (SodiumException $ex) { 108 var_dump(true); 109 } 110} else { 111 var_dump(true); 112 var_dump(true); 113 var_dump(false); 114 var_dump(true); 115} 116 117echo "aead_aegis128l:\n"; 118 119if (defined('SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES')) { 120 $msg = random_bytes(random_int(1, 1000)); 121 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES); 122 $ad = random_bytes(random_int(1, 1000)); 123 $key = sodium_crypto_aead_aegis128l_keygen(); 124 $ciphertext = sodium_crypto_aead_aegis128l_encrypt($msg, $ad, $nonce, $key); 125 $msg2 = sodium_crypto_aead_aegis128l_decrypt($ciphertext, $ad, $nonce, $key); 126 var_dump($ciphertext !== $msg); 127 var_dump($msg === $msg2); 128 var_dump(sodium_crypto_aead_aegis128l_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 129 try { 130 // Switched order 131 $msg2 = sodium_crypto_aead_aegis128l_decrypt($ciphertext, $ad, $key, $nonce); 132 var_dump(false); 133 } catch (SodiumException $ex) { 134 var_dump(true); 135 } 136} else { 137 var_dump(true); 138 var_dump(true); 139 var_dump(false); 140 var_dump(false); 141} 142 143echo "aead_aegis256:\n"; 144 145if (defined('SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES')) { 146 $msg = random_bytes(random_int(1, 1000)); 147 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES); 148 $ad = random_bytes(random_int(1, 1000)); 149 $key = sodium_crypto_aead_aegis256_keygen(); 150 $ciphertext = sodium_crypto_aead_aegis256_encrypt($msg, $ad, $nonce, $key); 151 $msg2 = sodium_crypto_aead_aegis256_decrypt($ciphertext, $ad, $nonce, $key); 152 var_dump($ciphertext !== $msg); 153 var_dump($msg === $msg2); 154 var_dump(sodium_crypto_aead_aegis256_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 155 try { 156 // Switched order 157 $msg2 = sodium_crypto_aead_aegis256_decrypt($ciphertext, $ad, $key, $nonce); 158 var_dump(false); 159 } catch (SodiumException $ex) { 160 var_dump(true); 161 } 162} else { 163 var_dump(true); 164 var_dump(true); 165 var_dump(false); 166 var_dump(false); 167} 168?> 169--EXPECT-- 170aead_chacha20poly1305: 171bool(true) 172bool(true) 173bool(false) 174bool(true) 175aead_chacha20poly1305_ietf: 176bool(true) 177bool(true) 178bool(false) 179bool(true) 180aead_xchacha20poly1305_ietf: 181bool(true) 182bool(true) 183bool(false) 184bool(true) 185aead_aes256gcm: 186bool(true) 187bool(true) 188bool(false) 189bool(true) 190aead_aegis128l: 191bool(true) 192bool(true) 193bool(false) 194bool(false) 195aead_aegis256: 196bool(true) 197bool(true) 198bool(false) 199bool(false) 200