xref: /php-src/ext/sodium/tests/crypto_aead.phpt (revision 1816403d) 
1--TEST--
2Check for libsodium AEAD
3--EXTENSIONS--
4sodium
5--SKIPIF--
6<?php
7if (!defined('SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES')) print "skip libsodium without AESGCM";
8if (!defined('SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES')) print "skip libsodium without AEGIS-128L";
9if (!defined('SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES')) print "skip libsodium without AEGIS-256";
10?>
11--FILE--
12<?php
13echo "aead_chacha20poly1305:\n";
14
15$msg = random_bytes(random_int(1, 1000));
16$nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES);
17$key = sodium_crypto_aead_chacha20poly1305_keygen();
18$ad = random_bytes(random_int(1, 1000));
19
20$ciphertext = sodium_crypto_aead_chacha20poly1305_encrypt($msg, $ad, $nonce, $key);
21$msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $nonce, $key);
22var_dump($ciphertext !== $msg);
23var_dump($msg === $msg2);
24var_dump(sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
25try {
26    // Switched order
27    $msg2 = sodium_crypto_aead_chacha20poly1305_decrypt($ciphertext, $ad, $key, $nonce);
28    var_dump(false);
29} catch (SodiumException $ex) {
30    var_dump(true);
31}
32
33echo "aead_chacha20poly1305_ietf:\n";
34
35if (SODIUM_LIBRARY_MAJOR_VERSION > 7 ||
36    (SODIUM_LIBRARY_MAJOR_VERSION == 7 &&
37     SODIUM_LIBRARY_MINOR_VERSION >= 6)) {
38    $msg = random_bytes(random_int(1, 1000));
39    $nonce = random_bytes(SODIUM_CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES);
40    $key = sodium_crypto_aead_chacha20poly1305_ietf_keygen();
41    $ad = random_bytes(random_int(1, 1000));
42
43    $ciphertext = sodium_crypto_aead_chacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key);
44    $msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key);
45    var_dump($ciphertext !== $msg);
46    var_dump($msg === $msg2);
47    var_dump(sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
48    try {
49        // Switched order
50        $msg2 = sodium_crypto_aead_chacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce);
51        var_dump(false);
52    } catch (SodiumException $ex) {
53        var_dump(true);
54    }
55} else {
56    var_dump(true);
57    var_dump(true);
58    var_dump(false);
59    var_dump(true);
60}
61
62echo "aead_xchacha20poly1305_ietf:\n";
63
64if (SODIUM_LIBRARY_MAJOR_VERSION > 9 ||
65    (SODIUM_LIBRARY_MAJOR_VERSION == 9 &&
66     SODIUM_LIBRARY_MINOR_VERSION >= 4)) {
67    $msg = random_bytes(random_int(1, 1000));
68    $nonce = random_bytes(SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES);
69    $key = sodium_crypto_aead_xchacha20poly1305_ietf_keygen();
70    $ad = random_bytes(random_int(1, 1000));
71
72    $ciphertext = sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($msg, $ad, $nonce, $key);
73    $msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $nonce, $key);
74    var_dump($ciphertext !== $msg);
75    var_dump($msg === $msg2);
76    var_dump(sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
77    try {
78        // Switched order
79        $msg2 = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($ciphertext, $ad, $key, $nonce);
80        var_dump(false);
81    } catch (SodiumException $ex) {
82        var_dump(true);
83    }
84} else {
85    var_dump(true);
86    var_dump(true);
87    var_dump(false);
88    var_dump(true);
89}
90
91echo "aead_aes256gcm:\n";
92
93if (sodium_crypto_aead_aes256gcm_is_available()) {
94    $msg = random_bytes(random_int(1, 1000));
95    $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AES256GCM_NPUBBYTES);
96    $ad = random_bytes(random_int(1, 1000));
97    $key = sodium_crypto_aead_aes256gcm_keygen();
98    $ciphertext = sodium_crypto_aead_aes256gcm_encrypt($msg, $ad, $nonce, $key);
99    $msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $nonce, $key);
100    var_dump($ciphertext !== $msg);
101    var_dump($msg === $msg2);
102    var_dump(sodium_crypto_aead_aes256gcm_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
103    try {
104        // Switched order
105        $msg2 = sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $ad, $key, $nonce);
106        var_dump(false);
107    } catch (SodiumException $ex) {
108        var_dump(true);
109    }
110} else {
111    var_dump(true);
112    var_dump(true);
113    var_dump(false);
114    var_dump(true);
115}
116
117echo "aead_aegis128l:\n";
118
119if (defined('SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES')) {
120    $msg = random_bytes(random_int(1, 1000));
121    $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AEGIS128L_NPUBBYTES);
122    $ad = random_bytes(random_int(1, 1000));
123    $key = sodium_crypto_aead_aegis128l_keygen();
124    $ciphertext = sodium_crypto_aead_aegis128l_encrypt($msg, $ad, $nonce, $key);
125    $msg2 = sodium_crypto_aead_aegis128l_decrypt($ciphertext, $ad, $nonce, $key);
126    var_dump($ciphertext !== $msg);
127    var_dump($msg === $msg2);
128    var_dump(sodium_crypto_aead_aegis128l_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
129    try {
130        // Switched order
131        $msg2 = sodium_crypto_aead_aegis128l_decrypt($ciphertext, $ad, $key, $nonce);
132        var_dump(false);
133    } catch (SodiumException $ex) {
134        var_dump(true);
135    }
136} else {
137    var_dump(true);
138    var_dump(true);
139    var_dump(false);
140    var_dump(false);
141}
142
143echo "aead_aegis256:\n";
144
145if (defined('SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES')) {
146    $msg = random_bytes(random_int(1, 1000));
147    $nonce = random_bytes(SODIUM_CRYPTO_AEAD_AEGIS256_NPUBBYTES);
148    $ad = random_bytes(random_int(1, 1000));
149    $key = sodium_crypto_aead_aegis256_keygen();
150    $ciphertext = sodium_crypto_aead_aegis256_encrypt($msg, $ad, $nonce, $key);
151    $msg2 = sodium_crypto_aead_aegis256_decrypt($ciphertext, $ad, $nonce, $key);
152    var_dump($ciphertext !== $msg);
153    var_dump($msg === $msg2);
154    var_dump(sodium_crypto_aead_aegis256_decrypt($ciphertext, 'x' . $ad, $nonce, $key));
155    try {
156        // Switched order
157        $msg2 = sodium_crypto_aead_aegis256_decrypt($ciphertext, $ad, $key, $nonce);
158        var_dump(false);
159    } catch (SodiumException $ex) {
160        var_dump(true);
161    }
162} else {
163    var_dump(true);
164    var_dump(true);
165    var_dump(false);
166    var_dump(false);
167}
168?>
169--EXPECT--
170aead_chacha20poly1305:
171bool(true)
172bool(true)
173bool(false)
174bool(true)
175aead_chacha20poly1305_ietf:
176bool(true)
177bool(true)
178bool(false)
179bool(true)
180aead_xchacha20poly1305_ietf:
181bool(true)
182bool(true)
183bool(false)
184bool(true)
185aead_aes256gcm:
186bool(true)
187bool(true)
188bool(false)
189bool(true)
190aead_aegis128l:
191bool(true)
192bool(true)
193bool(false)
194bool(false)
195aead_aegis256:
196bool(true)
197bool(true)
198bool(false)
199bool(false)
200