ParagonIE_Sodium_File::sign() – Sign a file (rather than a string). Uses less memory than ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces the same result.

You appear to be a bot. Output may be restricted

Description

Sign a file (rather than a string). Uses less memory than ParagonIE_Sodium_Compat::crypto_sign_detached(), but produces the same result.

Usage

$string = ParagonIE_Sodium_File::sign( $filePath, $secretKey );

Parameters

$filePath
( string ) required – Absolute path to a file on the filesystem
$secretKey
( string ) required – Secret signing key

Returns

string Ed25519 signature

Source

File name: wordpress/wp-includes/sodium_compat/src/File.php
Lines:

1 to 81 of 81
    public static function sign($filePath, $secretKey)
    {
        /* Type checks: */
        if (!is_string($filePath)) {
            throw new TypeError('Argument 1 must be a string, ' . gettype($filePath) . ' given.');
        }
        if (!is_string($secretKey)) {
            throw new TypeError('Argument 2 must be a string, ' . gettype($secretKey) . ' given.');
        }

        /* Input validation: */
        if (self::strlen($secretKey) !== ParagonIE_Sodium_Compat::CRYPTO_SIGN_SECRETKEYBYTES) {
            throw new TypeError('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES bytes');
        }
        if (PHP_INT_SIZE === 4) {
            return self::sign_core32($filePath, $secretKey);
        }

        
/** @var int $size */
        $size = filesize($filePath);
        if (!is_int($size)) {
            throw new SodiumException('Could not obtain the file size');
        }

        
/** @var resource $fp */
        $fp = fopen($filePath, 'rb');
        if (!is_resource($fp)) {
            throw new SodiumException('Could not open input file for reading');
        }

        
/** @var string $az */
        $az = hash('sha512', self::substr($secretKey, 0, 32), true);

        $az[0] = self::intToChr(self::chrToInt($az[0]) & 248);
        $az[31] = self::intToChr((self::chrToInt($az[31]) & 63) | 64);

        $hs = hash_init('sha512');
        self::hash_update($hs, self::substr($az, 32, 32));
        
/** @var resource $hs */
        $hs = self::updateHashWithFile($hs, $fp, $size);

        
/** @var string $nonceHash */
        $nonceHash = hash_final($hs, true);

        
/** @var string $pk */
        $pk = self::substr($secretKey, 32, 32);

        
/** @var string $nonce */
        $nonce = ParagonIE_Sodium_Core_Ed25519::sc_reduce($nonceHash) . self::substr($nonceHash, 32);

        
/** @var string $sig */
        $sig = ParagonIE_Sodium_Core_Ed25519::ge_p3_tobytes(
            ParagonIE_Sodium_Core_Ed25519::ge_scalarmult_base($nonce)
        );

        $hs = hash_init('sha512');
        self::hash_update($hs, self::substr($sig, 0, 32));
        self::hash_update($hs, self::substr($pk, 0, 32));
        
/** @var resource $hs */
        $hs = self::updateHashWithFile($hs, $fp, $size);

        
/** @var string $hramHash */
        $hramHash = hash_final($hs, true);

        
/** @var string $hram */
        $hram = ParagonIE_Sodium_Core_Ed25519::sc_reduce($hramHash);

        
/** @var string $sigAfter */
        $sigAfter = ParagonIE_Sodium_Core_Ed25519::sc_muladd($hram, $az, $nonce);

        
/** @var string $sig */
        $sig = self::substr($sig, 0, 32) . self::substr($sigAfter, 0, 32);

        try {
            ParagonIE_Sodium_Compat::ParagonIE_Sodium_Compat::memzero($az);
        } catch (SodiumException $ex) {
            $az = null;
        }
        fclose($fp);
        return $sig;
    }
 

 View on GitHub View on Trac