WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Upgrade/Install: Update sodium_compat to v1.18.0. 

The latest version of sodium_compat includes some improvements, as well as a new feature which will also be included in PHP 8.2.

* Fixed issues with the PHP autoloader:
 * [https://github.com/paragonie/sodium_compat/pull/145 #145]: For WordPress, this ensures when Ed25519 is included, so too is the class it inherits from.
 * [https://github.com/paragonie/sodium_compat/issues/148 #148], [https://github.com/paragonie/sodium_compat/issues/149 #149]: For PHP 7.4+ with opcache preloading, this ensures the include guards don't fail.
* [https://github.com/paragonie/sodium_compat/pull/144 #144]: Added `sodium_crypto_stream_xchacha20_xor_ic()`
 * See [https://github.com/php/php-src/pull/8276 pull request for php-src] (merged in PHP 8.2)
 * For motivation: [https://github.com/paragonie/halite/issues/178 paragonie/halite#178]

Release notes:
https://github.com/paragonie/sodium_compat/releases/tag/v1.18.0

A full list of changes in this update can be found on GitHub:
https://github.com/paragonie/sodium_compat/compare/v1.17.1...v1.18.0

Follow-up to [49741], [51002], [51591], [52988].

Props jrf, paragoninitiativeenterprises.
Fixes #56564.
Built from https://develop.svn.wordpress.org/trunk@54150


git-svn-id: http://core.svn.wordpress.org/trunk@53709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2022-09-14 00:13:14 +00:00
parent 7c01b0a340
commit aa22aba0ba
6 changed files with 76 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wp-includes/sodium_compat/autoload.php
View File

@ -42,7 +42,9 @@ if (PHP_VERSION_ID < 70000) {
} }
/* Explicitly, always load the Compat class: */ /* Explicitly, always load the Compat class: */
require_once dirname(__FILE__) . '/src/Compat.php'; if (!class_exists('ParagonIE_Sodium_Compat', false)) {
require_once dirname(__FILE__) . '/src/Compat.php';
}
if (!class_exists('SodiumException', false)) { if (!class_exists('SodiumException', false)) {
require_once dirname(__FILE__) . '/src/SodiumException.php'; require_once dirname(__FILE__) . '/src/SodiumException.php';
@ -69,4 +71,5 @@ if (PHP_VERSION_ID < 70200 || !extension_loaded('sodium')) {
// Older versions of {PHP, ext/sodium} will not define these // Older versions of {PHP, ext/sodium} will not define these
require_once(dirname(__FILE__) . '/lib/php72compat.php'); require_once(dirname(__FILE__) . '/lib/php72compat.php');
} }
require_once(dirname(__FILE__) . '/lib/stream-xchacha20.php');
require_once(dirname(__FILE__) . '/lib/ristretto255.php'); require_once(dirname(__FILE__) . '/lib/ristretto255.php');

16
wp-includes/sodium_compat/lib/stream-xchacha20.php
View File

@ -41,3 +41,19 @@ if (!is_callable('sodium_crypto_stream_xchacha20_xor')) {
return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor($message, $nonce, $key, true); return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor($message, $nonce, $key, true);
} }
} }
if (!is_callable('sodium_crypto_stream_xchacha20_xor_ic')) {
/**
* @see ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor_ic()
* @param string $message
* @param string $nonce
* @param int $counter
* @param string $key
* @return string
* @throws SodiumException
* @throws TypeError
*/
function sodium_crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key)
{
return ParagonIE_Sodium_Compat::crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, true);
}
}

49
wp-includes/sodium_compat/src/Compat.php
View File

@ -3154,6 +3154,55 @@ class ParagonIE_Sodium_Compat
return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key); return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key);
} }
/**
* DANGER! UNAUTHENTICATED ENCRYPTION!
*
* Unless you are following expert advice, do not use this feature.
*
* Algorithm: XChaCha20
*
* This DOES NOT provide ciphertext integrity.
*
* @param string $message Plaintext message
* @param string $nonce Number to be used Once; must be 24 bytes
* @param int $counter
* @param string $key Encryption key
* @return string Encrypted text which is vulnerable to chosen-
* ciphertext attacks unless you implement some
* other mitigation to the ciphertext (i.e.
* Encrypt then MAC)
* @param bool $dontFallback
* @throws SodiumException
* @throws TypeError
* @psalm-suppress MixedArgument
*/
public static function crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key, $dontFallback = false)
{
/* Type checks: */
ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1);
ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2);
ParagonIE_Sodium_Core_Util::declareScalarType($counter, 'int', 3);
ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4);
/* Input validation: */
if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_XCHACHA20_NONCEBYTES) {
throw new SodiumException('Argument 2 must be CRYPTO_SECRETBOX_XCHACHA20_NONCEBYTES long.');
}
if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_XCHACHA20_KEYBYTES) {
throw new SodiumException('Argument 3 must be CRYPTO_SECRETBOX_XCHACHA20_KEYBYTES long.');
}
if (is_callable('sodium_crypto_stream_xchacha20_xor_ic') && !$dontFallback) {
return sodium_crypto_stream_xchacha20_xor_ic($message, $nonce, $counter, $key);
}
$ic = ParagonIE_Sodium_Core_Util::store64_le($counter);
if (PHP_INT_SIZE === 4) {
return ParagonIE_Sodium_Core32_XChaCha20::streamXorIc($message, $nonce, $key, $ic);
}
return ParagonIE_Sodium_Core_XChaCha20::streamXorIc($message, $nonce, $key, $ic);
}
/** /**
* Return a secure random key for use with crypto_stream_xchacha20 * Return a secure random key for use with crypto_stream_xchacha20
* *

3
wp-includes/sodium_compat/src/Core/Ed25519.php
View File

@ -3,6 +3,9 @@
if (class_exists('ParagonIE_Sodium_Core_Ed25519', false)) { if (class_exists('ParagonIE_Sodium_Core_Ed25519', false)) {
return; return;
} }
if (!class_exists('ParagonIE_Sodium_Core_Curve25519', false)) {
require_once dirname(__FILE__) . '/Curve25519.php';
}
/** /**
* Class ParagonIE_Sodium_Core_Ed25519 * Class ParagonIE_Sodium_Core_Ed25519

3
wp-includes/sodium_compat/src/Core32/Ed25519.php
View File

@ -3,6 +3,9 @@
if (class_exists('ParagonIE_Sodium_Core32_Ed25519', false)) { if (class_exists('ParagonIE_Sodium_Core32_Ed25519', false)) {
return; return;
} }
if (!class_exists('ParagonIE_Sodium_Core32_Curve25519')) {
require_once dirname(__FILE__) . '/Curve25519.php';
}
/** /**
* Class ParagonIE_Sodium_Core32_Ed25519 * Class ParagonIE_Sodium_Core32_Ed25519

2
wp-includes/version.php
View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.1-alpha-54149'; $wp_version = '6.1-alpha-54150';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.