1--TEST-- 2Check for libsodium AEAD 3--EXTENSIONS-- 4sodium 5--SKIPIF-- 6<?php 7if (!defined('SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES')) print "skip libsodium without AESGCM"; 8?> 9--FILE-- 10<?php 11echo "aead_chacha20poly1305:\n"; 12 13$msg = random_bytes(random_int(1, 1000)); 14$nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES); 15$key = sodium_crypto_aead_chacha20poly1305_keygen(); 16$ad = random_bytes(random_int(1, 1000)); 17 18$ciphertext = sodium_crypto_aead_chacha20poly1305_encrypt($msg, $ad, $nonce, $key); 19$msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $nonce, $key); 20var_dump($ciphertext !== $msg); 21var_dump($msg === $msg2); 22var_dump(sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 23try { 24 // Switched order 25 $msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $key, $nonce); 26 var_dump(false); 27} catch (SodiumException $ex) { 28 var_dump(true); 29} 30 31echo "aead_chacha20poly1305_ietf:\n"; 32 33if (SODIUM_LIBRARY_MAJOR_VERSION > 7 || 34 (SODIUM_LIBRARY_MAJOR_VERSION == 7 && 35 SODIUM_LIBRARY_MINOR_VERSION >= 6)) { 36 $msg = random_bytes(random_int(1, 1000)); 37 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES); 38 $key = sodium_crypto_aead_chacha20poly1305_ietf_keygen(); 39 $ad = random_bytes(random_int(1, 1000)); 40 41 $ciphertext = sodium_crypto_aead_chacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key); 42 $msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key); 43 var_dump($ciphertext !== $msg); 44 var_dump($msg === $msg2); 45 var_dump(sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 46 try { 47 // Switched order 48 $msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce); 49 var_dump(false); 50 } catch (SodiumException $ex) { 51 var_dump(true); 52 } 53} else { 54 var_dump(true); 55 var_dump(true); 56 var_dump(false); 57 var_dump(true); 58} 59 60echo "aead_xchacha20poly1305_ietf:\n"; 61 62if (SODIUM_LIBRARY_MAJOR_VERSION > 9 || 63 (SODIUM_LIBRARY_MAJOR_VERSION == 9 && 64 SODIUM_LIBRARY_MINOR_VERSION >= 4)) { 65 $msg = random_bytes(random_int(1, 1000)); 66 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES); 67 $key = sodium_crypto_aead_xchacha20poly1305_ietf_keygen(); 68 $ad = random_bytes(random_int(1, 1000)); 69 70 $ciphertext = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key); 71 $msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key); 72 var_dump($ciphertext !== $msg); 73 var_dump($msg === $msg2); 74 var_dump(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 75 try { 76 // Switched order 77 $msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce); 78 var_dump(false); 79 } catch (SodiumException $ex) { 80 var_dump(true); 81 } 82} else { 83 var_dump(true); 84 var_dump(true); 85 var_dump(false); 86 var_dump(true); 87} 88 89echo "aead_aes256gcm:\n"; 90 91if (sodium_crypto_aead_aes256gcm_is_available()) { 92 $msg = random_bytes(random_int(1, 1000)); 93 $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES); 94 $ad = random_bytes(random_int(1, 1000)); 95 $key = sodium_crypto_aead_aes256gcm_keygen(); 96 $ciphertext = sodium_crypto_aead_aes256gcm_encrypt($msg, $ad, $nonce, $key); 97 $msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $nonce, $key); 98 var_dump($ciphertext !== $msg); 99 var_dump($msg === $msg2); 100 var_dump(sodium_crypto_aead_aes256gcm_decrypt($ciphertext, 'x' . $ad, $nonce, $key)); 101 try { 102 // Switched order 103 $msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $key, $nonce); 104 var_dump(false); 105 } catch (SodiumException $ex) { 106 var_dump(true); 107 } 108} else { 109 var_dump(true); 110 var_dump(true); 111 var_dump(false); 112 var_dump(true); 113} 114?> 115--EXPECT-- 116aead_chacha20poly1305: 117bool(true) 118bool(true) 119bool(false) 120bool(true) 121aead_chacha20poly1305_ietf: 122bool(true) 123bool(true) 124bool(false) 125bool(true) 126aead_xchacha20poly1305_ietf: 127bool(true) 128bool(true) 129bool(false) 130bool(true) 131aead_aes256gcm: 132bool(true) 133bool(true) 134bool(false) 135bool(true) 136
