update lock clucknut
All checks were successful
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 14s
Build, Push and Deploy / build-and-push (push) Successful in 3m14s
Build, Push and Deploy / deploy-staging (push) Successful in 25s
Build, Push and Deploy / deploy-production (push) Has been skipped

This commit is contained in:
2026-04-18 20:32:18 +07:00
parent 4554035227
commit dcaf267458
3359 changed files with 153185 additions and 205489 deletions

View File

@@ -5,8 +5,6 @@
use Safe\Exceptions\SodiumException;
/**
*
*
* @param string $ciphertext
* @param string $additional_data
* @param string $nonce
@@ -27,8 +25,6 @@ function sodium_crypto_aead_aegis128l_decrypt(string $ciphertext, string $additi
/**
*
*
* @param string $ciphertext
* @param string $additional_data
* @param string $nonce
@@ -49,16 +45,11 @@ function sodium_crypto_aead_aegis256_decrypt(string $ciphertext, string $additio
/**
* Verify then decrypt with AES-256-GCM.
* Only available if sodium_crypto_aead_aes256gcm_is_available returns TRUE.
*
* @param string $ciphertext Must be in the format provided by sodium_crypto_aead_aes256gcm_encrypt
* (ciphertext and tag, concatenated).
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 12 bytes long.
* @param string $key Encryption key (256-bit).
* @return string Returns the plaintext on success.
* @param string $ciphertext
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -74,15 +65,11 @@ function sodium_crypto_aead_aes256gcm_decrypt(string $ciphertext, string $additi
/**
* Verify then decrypt with ChaCha20-Poly1305.
*
* @param string $ciphertext Must be in the format provided by sodium_crypto_aead_chacha20poly1305_encrypt
* (ciphertext and tag, concatenated).
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 8 bytes long.
* @param string $key Encryption key (256-bit).
* @return string Returns the plaintext on success.
* @param string $ciphertext
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -98,14 +85,11 @@ function sodium_crypto_aead_chacha20poly1305_decrypt(string $ciphertext, string
/**
* Encrypt then authenticate with ChaCha20-Poly1305.
*
* @param string $message The plaintext message to encrypt.
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 8 bytes long.
* @param string $key Encryption key (256-bit).
* @return string Returns the ciphertext and tag on success.
* @param string $message
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -121,17 +105,11 @@ function sodium_crypto_aead_chacha20poly1305_encrypt(string $message, string $ad
/**
* Verify then decrypt with ChaCha20-Poly1305 (IETF variant).
*
* The IETF variant uses 96-bit nonces and 32-bit internal counters, instead of 64-bit for both.
*
* @param string $ciphertext Must be in the format provided by sodium_crypto_aead_chacha20poly1305_ietf_encrypt
* (ciphertext and tag, concatenated).
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 12 bytes long.
* @param string $key Encryption key (256-bit).
* @return string Returns the plaintext on success.
* @param string $ciphertext
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -147,16 +125,11 @@ function sodium_crypto_aead_chacha20poly1305_ietf_decrypt(string $ciphertext, st
/**
* Encrypt then authenticate with ChaCha20-Poly1305 (IETF variant).
*
* The IETF variant uses 96-bit nonces and 32-bit internal counters, instead of 64-bit for both.
*
* @param string $message The plaintext message to encrypt.
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 12 bytes long.
* @param string $key Encryption key (256-bit).
* @return string Returns the ciphertext and tag on success.
* @param string $message
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -172,18 +145,11 @@ function sodium_crypto_aead_chacha20poly1305_ietf_encrypt(string $message, strin
/**
* Verify then decrypt with ChaCha20-Poly1305 (eXtended-nonce variant).
*
* Generally, XChaCha20-Poly1305 is the best of the provided AEAD modes to use.
*
* @param string $ciphertext Must be in the format provided by sodium_crypto_aead_chacha20poly1305_ietf_encrypt
* (ciphertext and tag, concatenated).
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 24 bytes long.
* This is a large enough bound to generate randomly (i.e. random_bytes).
* @param string $key Encryption key (256-bit).
* @return string Returns the plaintext on success.
* @param string $ciphertext
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -199,17 +165,11 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt(string $ciphertext, s
/**
* Encrypt then authenticate with XChaCha20-Poly1305 (eXtended-nonce variant).
*
* Generally, XChaCha20-Poly1305 is the best of the provided AEAD modes to use.
*
* @param string $message The plaintext message to encrypt.
* @param string $additional_data Additional, authenticated data. This is used in the verification of the authentication tag
* appended to the ciphertext, but it is not encrypted or stored in the ciphertext.
* @param string $nonce A number that must be only used once, per message. 24 bytes long.
* This is a large enough bound to generate randomly (i.e. random_bytes).
* @param string $key Encryption key (256-bit).
* @return string Returns the ciphertext and tag on success.
* @param string $message
* @param string $additional_data
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -225,15 +185,9 @@ function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt(string $message, stri
/**
* Verify the authentication tag is valid for a given message and key.
*
* Unlike with digital signatures (e.g. sodium_crypto_sign_verify_detached),
* any party capable of verifying a message is also capable of authenticating
* their own messages. (Hence, symmetric authentication.)
*
* @param string $mac Authentication tag produced by sodium_crypto_auth
* @param string $message Message
* @param string $key Authentication key
* @param string $mac
* @param string $message
* @param string $key
* @throws SodiumException
*
*/
@@ -248,14 +202,10 @@ function sodium_crypto_auth_verify(string $mac, string $message, string $key): v
/**
* Decrypt a message using asymmetric (public key) cryptography.
*
* @param string $ciphertext The encrypted message to attempt to decrypt.
* @param string $nonce A number that must be only used once, per message. 24 bytes long.
* This is a large enough bound to generate randomly (i.e. random_bytes).
* @param string $key_pair See sodium_crypto_box_keypair_from_secretkey_and_publickey.
* This should include the sender's public key and the recipient's secret key.
* @return string Returns the plaintext message on success.
* @param string $ciphertext
* @param string $nonce
* @param string $key_pair
* @return string
* @throws SodiumException
*
*/
@@ -271,11 +221,9 @@ function sodium_crypto_box_open(string $ciphertext, string $nonce, string $key_p
/**
* Decrypt a message that was encrypted with sodium_crypto_box_seal
*
* @param string $ciphertext The encrypted message
* @param string $key_pair The keypair of the recipient. Must include the secret key.
* @return string The plaintext on success.
* @param string $ciphertext
* @param string $key_pair
* @return string
* @throws SodiumException
*
*/
@@ -291,11 +239,9 @@ function sodium_crypto_box_seal_open(string $ciphertext, string $key_pair): stri
/**
* Appends a message to the internal hash state.
*
* @param non-empty-string $state The return value of sodium_crypto_generichash_init.
* @param string $message Data to append to the hashing state.
* @return bool Always returns TRUE.
* @param non-empty-string $state
* @param string $message
* @return bool
*
*/
function sodium_crypto_generichash_update(string &$state, string $message): bool
@@ -307,14 +253,10 @@ function sodium_crypto_generichash_update(string &$state, string $message): bool
/**
* Decrypt an encrypted message with a symmetric (shared) key.
*
* @param string $ciphertext Must be in the format provided by sodium_crypto_secretbox
* (ciphertext and tag, concatenated).
* @param string $nonce A number that must be only used once, per message. 24 bytes long.
* This is a large enough bound to generate randomly (i.e. random_bytes).
* @param string $key Encryption key (256-bit).
* @return string The decrypted string on success.
* @param string $ciphertext
* @param string $nonce
* @param string $key
* @return string
* @throws SodiumException
*
*/
@@ -330,11 +272,9 @@ function sodium_crypto_secretbox_open(string $ciphertext, string $nonce, string
/**
* Verify the signature attached to a message and return the message
*
* @param string $signed_message A message signed with sodium_crypto_sign
* @param non-empty-string $public_key An Ed25519 public key
* @return string Returns the original signed message on success.
* @param string $signed_message
* @param non-empty-string $public_key
* @return string
* @throws SodiumException
*
*/
@@ -350,11 +290,9 @@ function sodium_crypto_sign_open(string $signed_message, string $public_key): st
/**
* Verify signature for the message
*
* @param non-empty-string $signature The cryptographic signature obtained from sodium_crypto_sign_detached
* @param string $message The message being verified
* @param non-empty-string $public_key Ed25519 public key
* @param non-empty-string $signature
* @param string $message
* @param non-empty-string $public_key
* @throws SodiumException
*
*/
@@ -369,15 +307,11 @@ function sodium_crypto_sign_verify_detached(string $signature, string $message,
/**
* The function is similar to sodium_crypto_stream_xchacha20_xor
* but adds the ability to set the initial value of the block counter to a non-zero value.
* This permits direct access to any block without having to compute the previous ones.
*
* @param string $message The message to encrypt.
* @param string $nonce 24-byte nonce.
* @param int $counter The initial value of the block counter.
* @param string $key Key, possibly generated from sodium_crypto_stream_xchacha20_keygen.
* @return string Encrypted message.
* @param string $message
* @param string $nonce
* @param int $counter
* @param string $key
* @return string
* @throws SodiumException
*
*/