/**
* Is Libsodium set up correctly? Use this to verify that you can use the
* newer versions of Halite correctly.
*
* @param bool $echo
* @return bool
*/
public static function isLibsodiumSetupCorrectly(bool $echo = false) : bool
{
// Require libsodium 1.0.9
$major = \Sodium\library_version_major();
$minor = \Sodium\library_version_minor();
if ($major < 9 || $major === 9 && $minor < 2) {
if ($echo) {
echo 'Halite needs libsodium 1.0.9 or higher. You have: ', \Sodium\version_string(), "\n";
}
return false;
}
// Added in version 1.0.3 of the PHP extension
if (!\is_callable('\\Sodium\\crypto_pwhash_str')) {
if ($echo) {
echo 'Halite needs version 1.0.6 or higher of the PHP extension installed.', "\n";
}
return false;
}
if (!\is_callable('\\Sodium\\crypto_box_seal')) {
if ($echo) {
echo 'crypto_box_seal() is not available.', "\n";
}
return false;
}
return true;
}
public function testSealFail()
{
if (\Sodium\library_version_major() < 7 || \Sodium\library_version_major() == 7 && \Sodium\library_version_minor() < 5) {
$this->markTestSkipped("Your version of libsodium is too old");
}
$alice = KeyFactory::generateEncryptionKeyPair();
$message = 'This is for your eyes only';
$sealed = Asymmetric::seal($message, $alice->getPublicKey(), true);
// Let's flip one bit, randomly:
$r = \Sodium\randombytes_uniform(\mb_strlen($sealed, '8bit'));
$amt = 1 << \Sodium\randombytes_uniform(8);
$sealed[$r] = \chr(\ord($sealed[$r]) ^ $amt);
// This should throw an exception
try {
$opened = Asymmetric::unseal($sealed, $alice->getSecretKey(), true);
$this->assertEquals($opened, $message);
$this->fail('This should have thrown an InvalidMessage exception!');
} catch (CryptoException\InvalidKey $e) {
$this->assertTrue($e instanceof CryptoException\InvalidKey);
} catch (CryptoException\InvalidMessage $e) {
$this->assertTrue($e instanceof CryptoException\InvalidMessage);
}
}
/**
* @route help
*/
public function helpPage()
{
if ($this->isLoggedIn()) {
$this->storeLensVar('showmenu', true);
//
$cabins = $this->getCabinNamespaces();
// Get debug information.
$helpInfo = ['cabins' => [], 'cabin_names' => \array_values($cabins), 'gears' => [], 'universal' => []];
/**
* This might reveal "sensitive" information. By default, it's
* locked out of non-administrator users. You can grant access to
* other users/groups via the Permissions menu.
*/
if ($this->can('read')) {
$state = State::instance();
if (\is_readable(ROOT . '/config/gadgets.json')) {
$helpInfo['universal']['gadgets'] = \Airship\loadJSON(ROOT . '/config/gadgets.json');
}
if (\is_readable(ROOT . '/config/content_security_policy.json')) {
$helpInfo['universal']['content_security_policy'] = \Airship\loadJSON(ROOT . '/config/content_security_policy.json');
}
foreach ($cabins as $cabin) {
$cabinData = ['config' => \Airship\loadJSON(ROOT . '/Cabin/' . $cabin . '/manifest.json'), 'content_security_policy' => [], 'gadgets' => [], 'motifs' => [], 'user_motifs' => \Airship\LensFunctions\user_motif($this->getActiveUserId(), $cabin)];
$prefix = ROOT . '/Cabin/' . $cabin . '/config/';
if (\is_readable($prefix . 'gadgets.json')) {
$cabinData['gadgets'] = \Airship\loadJSON($prefix . 'gadgets.json');
}
if (\is_readable($prefix . 'motifs.json')) {
$cabinData['motifs'] = \Airship\loadJSON($prefix . 'motifs.json');
}
if (\is_readable($prefix . 'content_security_policy.json')) {
$cabinData['content_security_policy'] = \Airship\loadJSON($prefix . 'content_security_policy.json');
}
$helpInfo['cabins'][$cabin] = $cabinData;
}
$helpInfo['gears'] = [];
foreach ($state->gears as $gear => $latestGear) {
$helpInfo['gears'][$gear] = \Airship\get_ancestors($latestGear);
}
// Only grab data likely to be pertinent to common issues:
$keys = ['airship', 'auto-update', 'debug', 'guzzle', 'notary', 'rate-limiting', 'session_config', 'tor-only', 'twig_cache'];
$helpInfo['universal']['config'] = \Airship\keySlice($state->universal, $keys);
$helpInfo['php'] = ['halite' => Halite::VERSION, 'libsodium' => ['major' => \Sodium\library_version_major(), 'minor' => \Sodium\library_version_minor(), 'version' => \Sodium\version_string()], 'version' => \PHP_VERSION, 'versionid' => \PHP_VERSION_ID];
}
$this->lens('help', ['active_link' => 'bridge-link-help', 'airship' => \AIRSHIP_VERSION, 'helpInfo' => $helpInfo]);
} else {
// Not a registered user? Go read the docs. No info leaks for you!
\Airship\redirect('https://github.com/paragonie/airship-docs');
}
}
<?php // Libsodium PECL test echo "\nlibsodium major and minor version: "; var_dump([\Sodium\library_version_major(), \Sodium\library_version_minor(), \Sodium\version_string()]); echo "\ncurrent version of the sodium library: "; var_dump([\Sodium\version_string()]); // Libsodium password hashing tests: // https://download.libsodium.org/doc/password_hashing/index.html // https://paragonie.com/book/pecl-libsodium/read/07-password-hashing.md echo "\nCurrent hash keybytes: " . \Sodium\CRYPTO_GENERICHASH_KEYBYTES; echo "\nCurrent salt keybytes: " . \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES; echo "\nOPSLIMIT: " . \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE; echo "\nMEMLIMIT (bytes): " . \Sodium\CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE; // Predis. A PHP binding for Redis database. echo "\n";