sodium_crypto_stream_xchacha20_xor_ic
Encrypts a message using a nonce and a secret key (no authentication)
Description
string sodium_crypto_stream_xchacha20_xor_ic(
#[\SensitiveParameter]string $message,
string $nonce,
int $counter,
#[\SensitiveParameter]string $key
)
The function is similar to sodium_crypto_stream_xchacha20_xor
but adds the ability to set the initial value of the block counter to a non-zero value.
This permits direct access to any block without having to compute the previous ones.
Caution
This encryption is unauthenticated, and does not prevent chosen-ciphertext attacks.
Make sure to combine the ciphertext with a Message Authentication Code,
for example with sodium_crypto_aead_xchacha20poly1305_ietf_encrypt function,
or sodium_crypto_auth.
Parameters
-
message
-
The message to encrypt.
-
nonce
-
24-byte nonce.
-
counter
-
The initial value of the block counter.
-
key
-
Key, possibly generated from sodium_crypto_stream_xchacha20_keygen.
Return Values
Encrypted message, or false on failure.
Examples
Example #1 sodium_crypto_stream_xchacha20_xor_ic example
<?php
$n2 = random_bytes(SODIUM_CRYPTO_STREAM_XCHACHA20_NONCEBYTES);
$left = str_repeat("\x01", 64);
$right = str_repeat("\xfe", 64);
// All at once:
$stream7_unified = sodium_crypto_stream_xchacha20_xor($left . $right, $n2, $key);
// Piecewise, with initial counter:
$stream7_left = sodium_crypto_stream_xchacha20_xor_ic($left, $n2, 0, $key);
$stream7_right = sodium_crypto_stream_xchacha20_xor_ic($right, $n2, 1, $key);
$stream7_concat = $stream7_left . $stream7_right;
var_dump(strlen($stream7_concat));
var_dump($stream7_unified === $stream7_concat);
?>
The above example will output
something similar to:
See Also
- sodium_crypto_stream_xchacha20_xor