Sodium - Stream Counter API

  115923
September 2, 2021 20:25 security@paragonie.com (Paragon Initiative Enterprises Security Team)
The ext-sodium API exposes the following functions:

* sodium_crypto_stream(int $len, string $nonce, string $key): string
* sodium_crypto_stream_keygen(): string
* sodium_crypto_stream_xor(string $message,  string $nonce, string $key):
string

(And the new XChaCha variant landing in PHP 8.1, of course.)

This is good for, like, 99% of the use cases for the crypto_stream API.
However, there is a missed opportunity: Being able to seek arbitrary
starting points in the XSalsa20 or XChaCha20 keystream when
encrypting/decrypting data.

The underlying libsodium API has a distinct feature for this: Functions
with the _ic suffix
<https://github.com/jedisct1/libsodium/blob/6d566070b48efd2fa099bbe9822914455150aba9/src/libsodium/crypto_stream/salsa20/ref/salsa20_ref.c#L64-L66>
..

Let's add an optional integer argument to the following PHP functions:

- sodium_crypto_stream_xor
- sodium_crypto_stream_xchacha20_xor
The only question I have is: Should this land in 8.1 (it's small and
self-contained) or 8.2?
  115924
September 2, 2021 20:33 tekiela246@gmail.com (Kamil Tekiela)
Development for 8.1 is already closed. You can only target this for 8.2
  115945
September 4, 2021 16:01 ramsey@php.net (Ben Ramsey)
--GTM6K6x37UsxE2HZhQSt027k5rOhZ6txp
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

Paragon Initiative Enterprises Security Team wrote on 9/2/21 15:25:> The
only question I have is: Should this land in 8.1 (it's small and
> self-contained) or 8.2? >=20
8.1 is in feature freeze. Since this is adding functionality, it needs to target 8.2. Cheers, Ben --GTM6K6x37UsxE2HZhQSt027k5rOhZ6txp--