WordPoints /
wordpoints
@@ -240,7 +240,7 @@ discard block |
||
| 240 | 240 | * @param string $message |
| 241 | 241 | * @param string $nonce |
| 242 | 242 | * @param string $kp |
| 243 | - * @return string|bool |
|
| 243 | + * @return string|false |
|
| 244 | 244 | */ |
| 245 | 245 | function sodium_crypto_box_open($message, $nonce, $kp) |
| 246 | 246 | { |
@@ -288,7 +288,7 @@ discard block |
||
| 288 | 288 | /** |
| 289 | 289 | * @param string $message |
| 290 | 290 | * @param string $kp |
| 291 | - * @return string|bool |
|
| 291 | + * @return string|false |
|
| 292 | 292 | */ |
| 293 | 293 | function sodium_crypto_box_seal_open($message, $kp) |
| 294 | 294 | { |
@@ -496,7 +496,7 @@ discard block |
||
| 496 | 496 | * @param string $message |
| 497 | 497 | * @param string $nonce |
| 498 | 498 | * @param string $key |
| 499 | - * @return string|bool |
|
| 499 | + * @return string|false |
|
| 500 | 500 | */ |
| 501 | 501 | function sodium_crypto_secretbox_open($message, $nonce, $key) |
| 502 | 502 | { |
@@ -555,7 +555,7 @@ discard block |
||
| 555 | 555 | /** |
| 556 | 556 | * @param string $signedMessage |
| 557 | 557 | * @param string $pk |
| 558 | - * @return string|bool |
|
| 558 | + * @return string|false |
|
| 559 | 559 | */ |
| 560 | 560 | function sodium_crypto_sign_open($signedMessage, $pk) |
| 561 | 561 | { |
@@ -8,738 +8,738 @@ |
||
| 8 | 8 | * ParagonIE_Sodium_Compat method or class constant, respectively. |
| 9 | 9 | */ |
| 10 | 10 | foreach (array( |
| 11 | - 'CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES', |
|
| 12 | - 'CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES', |
|
| 13 | - 'CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES', |
|
| 14 | - 'CRYPTO_AEAD_CHACHA20POLY1305_ABYTES', |
|
| 15 | - 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES', |
|
| 16 | - 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES', |
|
| 17 | - 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES', |
|
| 18 | - 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES', |
|
| 19 | - 'CRYPTO_AUTH_BYTES', |
|
| 20 | - 'CRYPTO_AUTH_KEYBYTES', |
|
| 21 | - 'CRYPTO_BOX_SEALBYTES', |
|
| 22 | - 'CRYPTO_BOX_SECRETKEYBYTES', |
|
| 23 | - 'CRYPTO_BOX_PUBLICKEYBYTES', |
|
| 24 | - 'CRYPTO_BOX_KEYPAIRBYTES', |
|
| 25 | - 'CRYPTO_BOX_MACBYTES', |
|
| 26 | - 'CRYPTO_BOX_NONCEBYTES', |
|
| 27 | - 'CRYPTO_BOX_SEEDBYTES', |
|
| 28 | - 'CRYPTO_KX_BYTES', |
|
| 29 | - 'CRYPTO_KX_PUBLICKEYBYTES', |
|
| 30 | - 'CRYPTO_KX_SECRETKEYBYTES', |
|
| 31 | - 'CRYPTO_GENERICHASH_BYTES', |
|
| 32 | - 'CRYPTO_GENERICHASH_BYTES_MIN', |
|
| 33 | - 'CRYPTO_GENERICHASH_BYTES_MAX', |
|
| 34 | - 'CRYPTO_GENERICHASH_KEYBYTES', |
|
| 35 | - 'CRYPTO_GENERICHASH_KEYBYTES_MIN', |
|
| 36 | - 'CRYPTO_GENERICHASH_KEYBYTES_MAX', |
|
| 37 | - 'CRYPTO_PWHASH_SALTBYTES', |
|
| 38 | - 'CRYPTO_PWHASH_STRPREFIX', |
|
| 39 | - 'CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE', |
|
| 40 | - 'CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE', |
|
| 41 | - 'CRYPTO_PWHASH_MEMLIMIT_MODERATE', |
|
| 42 | - 'CRYPTO_PWHASH_OPSLIMIT_MODERATE', |
|
| 43 | - 'CRYPTO_PWHASH_MEMLIMIT_SENSITIVE', |
|
| 44 | - 'CRYPTO_PWHASH_OPSLIMIT_SENSITIVE', |
|
| 45 | - 'CRYPTO_SCALARMULT_BYTES', |
|
| 46 | - 'CRYPTO_SCALARMULT_SCALARBYTES', |
|
| 47 | - 'CRYPTO_SHORTHASH_BYTES', |
|
| 48 | - 'CRYPTO_SHORTHASH_KEYBYTES', |
|
| 49 | - 'CRYPTO_SECRETBOX_KEYBYTES', |
|
| 50 | - 'CRYPTO_SECRETBOX_MACBYTES', |
|
| 51 | - 'CRYPTO_SECRETBOX_NONCEBYTES', |
|
| 52 | - 'CRYPTO_SIGN_BYTES', |
|
| 53 | - 'CRYPTO_SIGN_SEEDBYTES', |
|
| 54 | - 'CRYPTO_SIGN_PUBLICKEYBYTES', |
|
| 55 | - 'CRYPTO_SIGN_SECRETKEYBYTES', |
|
| 56 | - 'CRYPTO_SIGN_KEYPAIRBYTES', |
|
| 57 | - 'CRYPTO_STREAM_KEYBYTES', |
|
| 58 | - 'CRYPTO_STREAM_NONCEBYTES', |
|
| 59 | - ) as $constant |
|
| 11 | + 'CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES', |
|
| 12 | + 'CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES', |
|
| 13 | + 'CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES', |
|
| 14 | + 'CRYPTO_AEAD_CHACHA20POLY1305_ABYTES', |
|
| 15 | + 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES', |
|
| 16 | + 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES', |
|
| 17 | + 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES', |
|
| 18 | + 'CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES', |
|
| 19 | + 'CRYPTO_AUTH_BYTES', |
|
| 20 | + 'CRYPTO_AUTH_KEYBYTES', |
|
| 21 | + 'CRYPTO_BOX_SEALBYTES', |
|
| 22 | + 'CRYPTO_BOX_SECRETKEYBYTES', |
|
| 23 | + 'CRYPTO_BOX_PUBLICKEYBYTES', |
|
| 24 | + 'CRYPTO_BOX_KEYPAIRBYTES', |
|
| 25 | + 'CRYPTO_BOX_MACBYTES', |
|
| 26 | + 'CRYPTO_BOX_NONCEBYTES', |
|
| 27 | + 'CRYPTO_BOX_SEEDBYTES', |
|
| 28 | + 'CRYPTO_KX_BYTES', |
|
| 29 | + 'CRYPTO_KX_PUBLICKEYBYTES', |
|
| 30 | + 'CRYPTO_KX_SECRETKEYBYTES', |
|
| 31 | + 'CRYPTO_GENERICHASH_BYTES', |
|
| 32 | + 'CRYPTO_GENERICHASH_BYTES_MIN', |
|
| 33 | + 'CRYPTO_GENERICHASH_BYTES_MAX', |
|
| 34 | + 'CRYPTO_GENERICHASH_KEYBYTES', |
|
| 35 | + 'CRYPTO_GENERICHASH_KEYBYTES_MIN', |
|
| 36 | + 'CRYPTO_GENERICHASH_KEYBYTES_MAX', |
|
| 37 | + 'CRYPTO_PWHASH_SALTBYTES', |
|
| 38 | + 'CRYPTO_PWHASH_STRPREFIX', |
|
| 39 | + 'CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE', |
|
| 40 | + 'CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE', |
|
| 41 | + 'CRYPTO_PWHASH_MEMLIMIT_MODERATE', |
|
| 42 | + 'CRYPTO_PWHASH_OPSLIMIT_MODERATE', |
|
| 43 | + 'CRYPTO_PWHASH_MEMLIMIT_SENSITIVE', |
|
| 44 | + 'CRYPTO_PWHASH_OPSLIMIT_SENSITIVE', |
|
| 45 | + 'CRYPTO_SCALARMULT_BYTES', |
|
| 46 | + 'CRYPTO_SCALARMULT_SCALARBYTES', |
|
| 47 | + 'CRYPTO_SHORTHASH_BYTES', |
|
| 48 | + 'CRYPTO_SHORTHASH_KEYBYTES', |
|
| 49 | + 'CRYPTO_SECRETBOX_KEYBYTES', |
|
| 50 | + 'CRYPTO_SECRETBOX_MACBYTES', |
|
| 51 | + 'CRYPTO_SECRETBOX_NONCEBYTES', |
|
| 52 | + 'CRYPTO_SIGN_BYTES', |
|
| 53 | + 'CRYPTO_SIGN_SEEDBYTES', |
|
| 54 | + 'CRYPTO_SIGN_PUBLICKEYBYTES', |
|
| 55 | + 'CRYPTO_SIGN_SECRETKEYBYTES', |
|
| 56 | + 'CRYPTO_SIGN_KEYPAIRBYTES', |
|
| 57 | + 'CRYPTO_STREAM_KEYBYTES', |
|
| 58 | + 'CRYPTO_STREAM_NONCEBYTES', |
|
| 59 | + ) as $constant |
|
| 60 | 60 | ) { |
| 61 | - if (!defined("SODIUM_$constant")) { |
|
| 62 | - define("SODIUM_$constant", constant("ParagonIE_Sodium_Compat::$constant")); |
|
| 63 | - } |
|
| 61 | + if (!defined("SODIUM_$constant")) { |
|
| 62 | + define("SODIUM_$constant", constant("ParagonIE_Sodium_Compat::$constant")); |
|
| 63 | + } |
|
| 64 | 64 | } |
| 65 | 65 | |
| 66 | 66 | if (!is_callable('sodium_bin2hex')) { |
| 67 | - /** |
|
| 68 | - * @param string $string |
|
| 69 | - * @return string |
|
| 70 | - */ |
|
| 71 | - function sodium_bin2hex($string) |
|
| 72 | - { |
|
| 73 | - return ParagonIE_Sodium_Compat::bin2hex($string); |
|
| 74 | - } |
|
| 67 | + /** |
|
| 68 | + * @param string $string |
|
| 69 | + * @return string |
|
| 70 | + */ |
|
| 71 | + function sodium_bin2hex($string) |
|
| 72 | + { |
|
| 73 | + return ParagonIE_Sodium_Compat::bin2hex($string); |
|
| 74 | + } |
|
| 75 | 75 | } |
| 76 | 76 | if (!is_callable('sodium_compare')) { |
| 77 | - /** |
|
| 78 | - * @param string $a |
|
| 79 | - * @param string $b |
|
| 80 | - * @return int |
|
| 81 | - */ |
|
| 82 | - function sodium_compare($a, $b) |
|
| 83 | - { |
|
| 84 | - return ParagonIE_Sodium_Compat::compare($a, $b); |
|
| 85 | - } |
|
| 77 | + /** |
|
| 78 | + * @param string $a |
|
| 79 | + * @param string $b |
|
| 80 | + * @return int |
|
| 81 | + */ |
|
| 82 | + function sodium_compare($a, $b) |
|
| 83 | + { |
|
| 84 | + return ParagonIE_Sodium_Compat::compare($a, $b); |
|
| 85 | + } |
|
| 86 | 86 | } |
| 87 | 87 | if (!is_callable('sodium_crypto_aead_chacha20poly1305_decrypt')) { |
| 88 | - /** |
|
| 89 | - * @param string $message |
|
| 90 | - * @param string $assocData |
|
| 91 | - * @param string $nonce |
|
| 92 | - * @param string $key |
|
| 93 | - * @return string |
|
| 94 | - */ |
|
| 95 | - function sodium_crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 96 | - { |
|
| 97 | - try { |
|
| 98 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
|
| 99 | - } catch (Error $ex) { |
|
| 100 | - return false; |
|
| 101 | - } catch (Exception $ex) { |
|
| 102 | - return false; |
|
| 103 | - } |
|
| 104 | - } |
|
| 88 | + /** |
|
| 89 | + * @param string $message |
|
| 90 | + * @param string $assocData |
|
| 91 | + * @param string $nonce |
|
| 92 | + * @param string $key |
|
| 93 | + * @return string |
|
| 94 | + */ |
|
| 95 | + function sodium_crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 96 | + { |
|
| 97 | + try { |
|
| 98 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
|
| 99 | + } catch (Error $ex) { |
|
| 100 | + return false; |
|
| 101 | + } catch (Exception $ex) { |
|
| 102 | + return false; |
|
| 103 | + } |
|
| 104 | + } |
|
| 105 | 105 | } |
| 106 | 106 | if (!is_callable('sodium_crypto_aead_chacha20poly1305_encrypt')) { |
| 107 | - /** |
|
| 108 | - * @param string $message |
|
| 109 | - * @param string $assocData |
|
| 110 | - * @param string $nonce |
|
| 111 | - * @param string $key |
|
| 112 | - * @return string |
|
| 113 | - */ |
|
| 114 | - function sodium_crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 115 | - { |
|
| 116 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
|
| 117 | - } |
|
| 107 | + /** |
|
| 108 | + * @param string $message |
|
| 109 | + * @param string $assocData |
|
| 110 | + * @param string $nonce |
|
| 111 | + * @param string $key |
|
| 112 | + * @return string |
|
| 113 | + */ |
|
| 114 | + function sodium_crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 115 | + { |
|
| 116 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
|
| 117 | + } |
|
| 118 | 118 | } |
| 119 | 119 | if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_decrypt')) { |
| 120 | - /** |
|
| 121 | - * @param string $message |
|
| 122 | - * @param string $assocData |
|
| 123 | - * @param string $nonce |
|
| 124 | - * @param string $key |
|
| 125 | - * @return string |
|
| 126 | - */ |
|
| 127 | - function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 128 | - { |
|
| 129 | - try { |
|
| 130 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 131 | - } catch (Error $ex) { |
|
| 132 | - return false; |
|
| 133 | - } catch (Exception $ex) { |
|
| 134 | - return false; |
|
| 135 | - } |
|
| 136 | - } |
|
| 120 | + /** |
|
| 121 | + * @param string $message |
|
| 122 | + * @param string $assocData |
|
| 123 | + * @param string $nonce |
|
| 124 | + * @param string $key |
|
| 125 | + * @return string |
|
| 126 | + */ |
|
| 127 | + function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 128 | + { |
|
| 129 | + try { |
|
| 130 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 131 | + } catch (Error $ex) { |
|
| 132 | + return false; |
|
| 133 | + } catch (Exception $ex) { |
|
| 134 | + return false; |
|
| 135 | + } |
|
| 136 | + } |
|
| 137 | 137 | } |
| 138 | 138 | if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_encrypt')) { |
| 139 | - /** |
|
| 140 | - * @param string $message |
|
| 141 | - * @param string $assocData |
|
| 142 | - * @param string $nonce |
|
| 143 | - * @param string $key |
|
| 144 | - * @return string |
|
| 145 | - */ |
|
| 146 | - function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 147 | - { |
|
| 148 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 149 | - } |
|
| 139 | + /** |
|
| 140 | + * @param string $message |
|
| 141 | + * @param string $assocData |
|
| 142 | + * @param string $nonce |
|
| 143 | + * @param string $key |
|
| 144 | + * @return string |
|
| 145 | + */ |
|
| 146 | + function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 147 | + { |
|
| 148 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 149 | + } |
|
| 150 | 150 | } |
| 151 | 151 | if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_decrypt')) { |
| 152 | - /** |
|
| 153 | - * @param string $message |
|
| 154 | - * @param string $assocData |
|
| 155 | - * @param string $nonce |
|
| 156 | - * @param string $key |
|
| 157 | - * @return string |
|
| 158 | - */ |
|
| 159 | - function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 160 | - { |
|
| 161 | - try { |
|
| 162 | - return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 163 | - } catch (Error $ex) { |
|
| 164 | - return false; |
|
| 165 | - } catch (Exception $ex) { |
|
| 166 | - return false; |
|
| 167 | - } |
|
| 168 | - } |
|
| 152 | + /** |
|
| 153 | + * @param string $message |
|
| 154 | + * @param string $assocData |
|
| 155 | + * @param string $nonce |
|
| 156 | + * @param string $key |
|
| 157 | + * @return string |
|
| 158 | + */ |
|
| 159 | + function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 160 | + { |
|
| 161 | + try { |
|
| 162 | + return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 163 | + } catch (Error $ex) { |
|
| 164 | + return false; |
|
| 165 | + } catch (Exception $ex) { |
|
| 166 | + return false; |
|
| 167 | + } |
|
| 168 | + } |
|
| 169 | 169 | } |
| 170 | 170 | if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_encrypt')) { |
| 171 | - /** |
|
| 172 | - * @param string $message |
|
| 173 | - * @param string $assocData |
|
| 174 | - * @param string $nonce |
|
| 175 | - * @param string $key |
|
| 176 | - * @return string |
|
| 177 | - */ |
|
| 178 | - function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 179 | - { |
|
| 180 | - return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 181 | - } |
|
| 171 | + /** |
|
| 172 | + * @param string $message |
|
| 173 | + * @param string $assocData |
|
| 174 | + * @param string $nonce |
|
| 175 | + * @param string $key |
|
| 176 | + * @return string |
|
| 177 | + */ |
|
| 178 | + function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 179 | + { |
|
| 180 | + return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 181 | + } |
|
| 182 | 182 | } |
| 183 | 183 | if (!is_callable('sodium_crypto_auth')) { |
| 184 | - /** |
|
| 185 | - * @param string $message |
|
| 186 | - * @param string $key |
|
| 187 | - * @return string |
|
| 188 | - */ |
|
| 189 | - function sodium_crypto_auth($message, $key) |
|
| 190 | - { |
|
| 191 | - return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
|
| 192 | - } |
|
| 184 | + /** |
|
| 185 | + * @param string $message |
|
| 186 | + * @param string $key |
|
| 187 | + * @return string |
|
| 188 | + */ |
|
| 189 | + function sodium_crypto_auth($message, $key) |
|
| 190 | + { |
|
| 191 | + return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
|
| 192 | + } |
|
| 193 | 193 | } |
| 194 | 194 | if (!is_callable('sodium_crypto_auth_verify')) { |
| 195 | - /** |
|
| 196 | - * @param string $mac |
|
| 197 | - * @param string $message |
|
| 198 | - * @param string $key |
|
| 199 | - * @return bool |
|
| 200 | - */ |
|
| 201 | - function sodium_crypto_auth_verify($mac, $message, $key) |
|
| 202 | - { |
|
| 203 | - return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
|
| 204 | - } |
|
| 195 | + /** |
|
| 196 | + * @param string $mac |
|
| 197 | + * @param string $message |
|
| 198 | + * @param string $key |
|
| 199 | + * @return bool |
|
| 200 | + */ |
|
| 201 | + function sodium_crypto_auth_verify($mac, $message, $key) |
|
| 202 | + { |
|
| 203 | + return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
|
| 204 | + } |
|
| 205 | 205 | } |
| 206 | 206 | if (!is_callable('sodium_crypto_box')) { |
| 207 | - /** |
|
| 208 | - * @param string $message |
|
| 209 | - * @param string $nonce |
|
| 210 | - * @param string $kp |
|
| 211 | - * @return string |
|
| 212 | - */ |
|
| 213 | - function sodium_crypto_box($message, $nonce, $kp) |
|
| 214 | - { |
|
| 215 | - return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
|
| 216 | - } |
|
| 207 | + /** |
|
| 208 | + * @param string $message |
|
| 209 | + * @param string $nonce |
|
| 210 | + * @param string $kp |
|
| 211 | + * @return string |
|
| 212 | + */ |
|
| 213 | + function sodium_crypto_box($message, $nonce, $kp) |
|
| 214 | + { |
|
| 215 | + return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
|
| 216 | + } |
|
| 217 | 217 | } |
| 218 | 218 | if (!is_callable('sodium_crypto_box_keypair')) { |
| 219 | - /** |
|
| 220 | - * @return string |
|
| 221 | - */ |
|
| 222 | - function sodium_crypto_box_keypair() |
|
| 223 | - { |
|
| 224 | - return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
|
| 225 | - } |
|
| 219 | + /** |
|
| 220 | + * @return string |
|
| 221 | + */ |
|
| 222 | + function sodium_crypto_box_keypair() |
|
| 223 | + { |
|
| 224 | + return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
|
| 225 | + } |
|
| 226 | 226 | } |
| 227 | 227 | if (!is_callable('sodium_crypto_box_keypair_from_secretkey_and_publickey')) { |
| 228 | - /** |
|
| 229 | - * @param string $sk |
|
| 230 | - * @param string $pk |
|
| 231 | - * @return string |
|
| 232 | - */ |
|
| 233 | - function sodium_crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 234 | - { |
|
| 235 | - return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
|
| 236 | - } |
|
| 228 | + /** |
|
| 229 | + * @param string $sk |
|
| 230 | + * @param string $pk |
|
| 231 | + * @return string |
|
| 232 | + */ |
|
| 233 | + function sodium_crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 234 | + { |
|
| 235 | + return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
|
| 236 | + } |
|
| 237 | 237 | } |
| 238 | 238 | if (!is_callable('sodium_crypto_box_open')) { |
| 239 | - /** |
|
| 240 | - * @param string $message |
|
| 241 | - * @param string $nonce |
|
| 242 | - * @param string $kp |
|
| 243 | - * @return string|bool |
|
| 244 | - */ |
|
| 245 | - function sodium_crypto_box_open($message, $nonce, $kp) |
|
| 246 | - { |
|
| 247 | - try { |
|
| 248 | - return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
|
| 249 | - } catch (Error $ex) { |
|
| 250 | - return false; |
|
| 251 | - } catch (Exception $ex) { |
|
| 252 | - return false; |
|
| 253 | - } |
|
| 254 | - } |
|
| 239 | + /** |
|
| 240 | + * @param string $message |
|
| 241 | + * @param string $nonce |
|
| 242 | + * @param string $kp |
|
| 243 | + * @return string|bool |
|
| 244 | + */ |
|
| 245 | + function sodium_crypto_box_open($message, $nonce, $kp) |
|
| 246 | + { |
|
| 247 | + try { |
|
| 248 | + return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
|
| 249 | + } catch (Error $ex) { |
|
| 250 | + return false; |
|
| 251 | + } catch (Exception $ex) { |
|
| 252 | + return false; |
|
| 253 | + } |
|
| 254 | + } |
|
| 255 | 255 | } |
| 256 | 256 | if (!is_callable('sodium_crypto_box_publickey')) { |
| 257 | - /** |
|
| 258 | - * @param string $keypair |
|
| 259 | - * @return string |
|
| 260 | - */ |
|
| 261 | - function sodium_crypto_box_publickey($keypair) |
|
| 262 | - { |
|
| 263 | - return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
|
| 264 | - } |
|
| 257 | + /** |
|
| 258 | + * @param string $keypair |
|
| 259 | + * @return string |
|
| 260 | + */ |
|
| 261 | + function sodium_crypto_box_publickey($keypair) |
|
| 262 | + { |
|
| 263 | + return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
|
| 264 | + } |
|
| 265 | 265 | } |
| 266 | 266 | if (!is_callable('sodium_crypto_box_publickey_from_secretkey')) { |
| 267 | - /** |
|
| 268 | - * @param string $sk |
|
| 269 | - * @return string |
|
| 270 | - */ |
|
| 271 | - function sodium_crypto_box_publickey_from_secretkey($sk) |
|
| 272 | - { |
|
| 273 | - return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
|
| 274 | - } |
|
| 267 | + /** |
|
| 268 | + * @param string $sk |
|
| 269 | + * @return string |
|
| 270 | + */ |
|
| 271 | + function sodium_crypto_box_publickey_from_secretkey($sk) |
|
| 272 | + { |
|
| 273 | + return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
|
| 274 | + } |
|
| 275 | 275 | } |
| 276 | 276 | if (!is_callable('sodium_crypto_box_seal')) { |
| 277 | - /** |
|
| 278 | - * @param string $message |
|
| 279 | - * @param string $publicKey |
|
| 280 | - * @return string |
|
| 281 | - */ |
|
| 282 | - function sodium_crypto_box_seal($message, $publicKey) |
|
| 283 | - { |
|
| 284 | - return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
|
| 285 | - } |
|
| 277 | + /** |
|
| 278 | + * @param string $message |
|
| 279 | + * @param string $publicKey |
|
| 280 | + * @return string |
|
| 281 | + */ |
|
| 282 | + function sodium_crypto_box_seal($message, $publicKey) |
|
| 283 | + { |
|
| 284 | + return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
|
| 285 | + } |
|
| 286 | 286 | } |
| 287 | 287 | if (!is_callable('sodium_crypto_box_seal_open')) { |
| 288 | - /** |
|
| 289 | - * @param string $message |
|
| 290 | - * @param string $kp |
|
| 291 | - * @return string|bool |
|
| 292 | - */ |
|
| 293 | - function sodium_crypto_box_seal_open($message, $kp) |
|
| 294 | - { |
|
| 295 | - try { |
|
| 296 | - return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
|
| 297 | - } catch (Error $ex) { |
|
| 298 | - return false; |
|
| 299 | - } catch (Exception $ex) { |
|
| 300 | - return false; |
|
| 301 | - } |
|
| 302 | - } |
|
| 288 | + /** |
|
| 289 | + * @param string $message |
|
| 290 | + * @param string $kp |
|
| 291 | + * @return string|bool |
|
| 292 | + */ |
|
| 293 | + function sodium_crypto_box_seal_open($message, $kp) |
|
| 294 | + { |
|
| 295 | + try { |
|
| 296 | + return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
|
| 297 | + } catch (Error $ex) { |
|
| 298 | + return false; |
|
| 299 | + } catch (Exception $ex) { |
|
| 300 | + return false; |
|
| 301 | + } |
|
| 302 | + } |
|
| 303 | 303 | } |
| 304 | 304 | if (!is_callable('sodium_crypto_box_secretkey')) { |
| 305 | - /** |
|
| 306 | - * @param string $keypair |
|
| 307 | - * @return string |
|
| 308 | - */ |
|
| 309 | - function sodium_crypto_box_secretkey($keypair) |
|
| 310 | - { |
|
| 311 | - return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
|
| 312 | - } |
|
| 305 | + /** |
|
| 306 | + * @param string $keypair |
|
| 307 | + * @return string |
|
| 308 | + */ |
|
| 309 | + function sodium_crypto_box_secretkey($keypair) |
|
| 310 | + { |
|
| 311 | + return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
|
| 312 | + } |
|
| 313 | 313 | } |
| 314 | 314 | if (!is_callable('sodium_crypto_box_seed_keypair')) { |
| 315 | - /** |
|
| 316 | - * @param string $seed |
|
| 317 | - * @return string |
|
| 318 | - */ |
|
| 319 | - function sodium_crypto_box_seed_keypair($seed) |
|
| 320 | - { |
|
| 321 | - return ParagonIE_Sodium_Compat::crypto_box_seed_keypair($seed); |
|
| 322 | - } |
|
| 315 | + /** |
|
| 316 | + * @param string $seed |
|
| 317 | + * @return string |
|
| 318 | + */ |
|
| 319 | + function sodium_crypto_box_seed_keypair($seed) |
|
| 320 | + { |
|
| 321 | + return ParagonIE_Sodium_Compat::crypto_box_seed_keypair($seed); |
|
| 322 | + } |
|
| 323 | 323 | } |
| 324 | 324 | if (!is_callable('sodium_crypto_generichash')) { |
| 325 | - /** |
|
| 326 | - * @param string $message |
|
| 327 | - * @param string|null $key |
|
| 328 | - * @param int $outLen |
|
| 329 | - * @return string |
|
| 330 | - */ |
|
| 331 | - function sodium_crypto_generichash($message, $key = null, $outLen = 32) |
|
| 332 | - { |
|
| 333 | - return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
|
| 334 | - } |
|
| 325 | + /** |
|
| 326 | + * @param string $message |
|
| 327 | + * @param string|null $key |
|
| 328 | + * @param int $outLen |
|
| 329 | + * @return string |
|
| 330 | + */ |
|
| 331 | + function sodium_crypto_generichash($message, $key = null, $outLen = 32) |
|
| 332 | + { |
|
| 333 | + return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
|
| 334 | + } |
|
| 335 | 335 | } |
| 336 | 336 | if (!is_callable('sodium_crypto_generichash_final')) { |
| 337 | - /** |
|
| 338 | - * @param string|null $ctx |
|
| 339 | - * @param int $outputLength |
|
| 340 | - * @return string |
|
| 341 | - */ |
|
| 342 | - function sodium_crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 343 | - { |
|
| 344 | - return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
|
| 345 | - } |
|
| 337 | + /** |
|
| 338 | + * @param string|null $ctx |
|
| 339 | + * @param int $outputLength |
|
| 340 | + * @return string |
|
| 341 | + */ |
|
| 342 | + function sodium_crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 343 | + { |
|
| 344 | + return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
|
| 345 | + } |
|
| 346 | 346 | } |
| 347 | 347 | if (!is_callable('sodium_crypto_generichash_init')) { |
| 348 | - /** |
|
| 349 | - * @param string|null $key |
|
| 350 | - * @param int $outLen |
|
| 351 | - * @return string |
|
| 352 | - */ |
|
| 353 | - function sodium_crypto_generichash_init($key = null, $outLen = 32) |
|
| 354 | - { |
|
| 355 | - return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
|
| 356 | - } |
|
| 348 | + /** |
|
| 349 | + * @param string|null $key |
|
| 350 | + * @param int $outLen |
|
| 351 | + * @return string |
|
| 352 | + */ |
|
| 353 | + function sodium_crypto_generichash_init($key = null, $outLen = 32) |
|
| 354 | + { |
|
| 355 | + return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
|
| 356 | + } |
|
| 357 | 357 | } |
| 358 | 358 | if (!is_callable('sodium_crypto_generichash_update')) { |
| 359 | - /** |
|
| 360 | - * @param string|null $ctx |
|
| 361 | - * @param string $message |
|
| 362 | - * @return void |
|
| 363 | - */ |
|
| 364 | - function sodium_crypto_generichash_update(&$ctx, $message = '') |
|
| 365 | - { |
|
| 366 | - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
|
| 367 | - } |
|
| 359 | + /** |
|
| 360 | + * @param string|null $ctx |
|
| 361 | + * @param string $message |
|
| 362 | + * @return void |
|
| 363 | + */ |
|
| 364 | + function sodium_crypto_generichash_update(&$ctx, $message = '') |
|
| 365 | + { |
|
| 366 | + ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
|
| 367 | + } |
|
| 368 | 368 | } |
| 369 | 369 | if (!is_callable('sodium_crypto_kx')) { |
| 370 | - /** |
|
| 371 | - * @param string $my_secret |
|
| 372 | - * @param string $their_public |
|
| 373 | - * @param string $client_public |
|
| 374 | - * @param string $server_public |
|
| 375 | - * @return string |
|
| 376 | - */ |
|
| 377 | - function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 378 | - { |
|
| 379 | - return ParagonIE_Sodium_Compat::crypto_kx( |
|
| 380 | - $my_secret, |
|
| 381 | - $their_public, |
|
| 382 | - $client_public, |
|
| 383 | - $server_public |
|
| 384 | - ); |
|
| 385 | - } |
|
| 370 | + /** |
|
| 371 | + * @param string $my_secret |
|
| 372 | + * @param string $their_public |
|
| 373 | + * @param string $client_public |
|
| 374 | + * @param string $server_public |
|
| 375 | + * @return string |
|
| 376 | + */ |
|
| 377 | + function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 378 | + { |
|
| 379 | + return ParagonIE_Sodium_Compat::crypto_kx( |
|
| 380 | + $my_secret, |
|
| 381 | + $their_public, |
|
| 382 | + $client_public, |
|
| 383 | + $server_public |
|
| 384 | + ); |
|
| 385 | + } |
|
| 386 | 386 | } |
| 387 | 387 | if (!is_callable('sodium_crypto_pwhash')) { |
| 388 | - /** |
|
| 389 | - * @param int $outlen |
|
| 390 | - * @param string $passwd |
|
| 391 | - * @param string $salt |
|
| 392 | - * @param int $opslimit |
|
| 393 | - * @param int $memlimit |
|
| 394 | - * @return string |
|
| 395 | - */ |
|
| 396 | - function sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 397 | - { |
|
| 398 | - return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 399 | - } |
|
| 388 | + /** |
|
| 389 | + * @param int $outlen |
|
| 390 | + * @param string $passwd |
|
| 391 | + * @param string $salt |
|
| 392 | + * @param int $opslimit |
|
| 393 | + * @param int $memlimit |
|
| 394 | + * @return string |
|
| 395 | + */ |
|
| 396 | + function sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 397 | + { |
|
| 398 | + return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 399 | + } |
|
| 400 | 400 | } |
| 401 | 401 | if (!is_callable('sodium_crypto_pwhash_str')) { |
| 402 | - /** |
|
| 403 | - * @param string $passwd |
|
| 404 | - * @param int $opslimit |
|
| 405 | - * @param int $memlimit |
|
| 406 | - * @return string |
|
| 407 | - */ |
|
| 408 | - function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 409 | - { |
|
| 410 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 411 | - } |
|
| 402 | + /** |
|
| 403 | + * @param string $passwd |
|
| 404 | + * @param int $opslimit |
|
| 405 | + * @param int $memlimit |
|
| 406 | + * @return string |
|
| 407 | + */ |
|
| 408 | + function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 409 | + { |
|
| 410 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 411 | + } |
|
| 412 | 412 | } |
| 413 | 413 | if (!is_callable('sodium_crypto_pwhash_str_verify')) { |
| 414 | - /** |
|
| 415 | - * @param string $passwd |
|
| 416 | - * @param string $hash |
|
| 417 | - * @return bool |
|
| 418 | - */ |
|
| 419 | - function sodium_crypto_pwhash_str_verify($passwd, $hash) |
|
| 420 | - { |
|
| 421 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
|
| 422 | - } |
|
| 414 | + /** |
|
| 415 | + * @param string $passwd |
|
| 416 | + * @param string $hash |
|
| 417 | + * @return bool |
|
| 418 | + */ |
|
| 419 | + function sodium_crypto_pwhash_str_verify($passwd, $hash) |
|
| 420 | + { |
|
| 421 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
|
| 422 | + } |
|
| 423 | 423 | } |
| 424 | 424 | if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256')) { |
| 425 | - /** |
|
| 426 | - * @param int $outlen |
|
| 427 | - * @param string $passwd |
|
| 428 | - * @param string $salt |
|
| 429 | - * @param int $opslimit |
|
| 430 | - * @param int $memlimit |
|
| 431 | - * @return string |
|
| 432 | - */ |
|
| 433 | - function sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 434 | - { |
|
| 435 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 436 | - } |
|
| 425 | + /** |
|
| 426 | + * @param int $outlen |
|
| 427 | + * @param string $passwd |
|
| 428 | + * @param string $salt |
|
| 429 | + * @param int $opslimit |
|
| 430 | + * @param int $memlimit |
|
| 431 | + * @return string |
|
| 432 | + */ |
|
| 433 | + function sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 434 | + { |
|
| 435 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 436 | + } |
|
| 437 | 437 | } |
| 438 | 438 | if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256_str')) { |
| 439 | - /** |
|
| 440 | - * @param string $passwd |
|
| 441 | - * @param int $opslimit |
|
| 442 | - * @param int $memlimit |
|
| 443 | - * @return string |
|
| 444 | - */ |
|
| 445 | - function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 446 | - { |
|
| 447 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 448 | - } |
|
| 439 | + /** |
|
| 440 | + * @param string $passwd |
|
| 441 | + * @param int $opslimit |
|
| 442 | + * @param int $memlimit |
|
| 443 | + * @return string |
|
| 444 | + */ |
|
| 445 | + function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 446 | + { |
|
| 447 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 448 | + } |
|
| 449 | 449 | } |
| 450 | 450 | if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
| 451 | - /** |
|
| 452 | - * @param string $passwd |
|
| 453 | - * @param string $hash |
|
| 454 | - * @return bool |
|
| 455 | - */ |
|
| 456 | - function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 457 | - { |
|
| 458 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 459 | - } |
|
| 451 | + /** |
|
| 452 | + * @param string $passwd |
|
| 453 | + * @param string $hash |
|
| 454 | + * @return bool |
|
| 455 | + */ |
|
| 456 | + function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 457 | + { |
|
| 458 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 459 | + } |
|
| 460 | 460 | } |
| 461 | 461 | if (!is_callable('sodium_crypto_scalarmult')) { |
| 462 | - /** |
|
| 463 | - * @param string $n |
|
| 464 | - * @param string $p |
|
| 465 | - * @return string |
|
| 466 | - */ |
|
| 467 | - function sodium_crypto_scalarmult($n, $p) |
|
| 468 | - { |
|
| 469 | - return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
|
| 470 | - } |
|
| 462 | + /** |
|
| 463 | + * @param string $n |
|
| 464 | + * @param string $p |
|
| 465 | + * @return string |
|
| 466 | + */ |
|
| 467 | + function sodium_crypto_scalarmult($n, $p) |
|
| 468 | + { |
|
| 469 | + return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
|
| 470 | + } |
|
| 471 | 471 | } |
| 472 | 472 | if (!is_callable('sodium_crypto_scalarmult_base')) { |
| 473 | - /** |
|
| 474 | - * @param string $n |
|
| 475 | - * @return string |
|
| 476 | - */ |
|
| 477 | - function sodium_crypto_scalarmult_base($n) |
|
| 478 | - { |
|
| 479 | - return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
|
| 480 | - } |
|
| 473 | + /** |
|
| 474 | + * @param string $n |
|
| 475 | + * @return string |
|
| 476 | + */ |
|
| 477 | + function sodium_crypto_scalarmult_base($n) |
|
| 478 | + { |
|
| 479 | + return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
|
| 480 | + } |
|
| 481 | 481 | } |
| 482 | 482 | if (!is_callable('sodium_crypto_secretbox')) { |
| 483 | - /** |
|
| 484 | - * @param string $message |
|
| 485 | - * @param string $nonce |
|
| 486 | - * @param string $key |
|
| 487 | - * @return string |
|
| 488 | - */ |
|
| 489 | - function sodium_crypto_secretbox($message, $nonce, $key) |
|
| 490 | - { |
|
| 491 | - return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
|
| 492 | - } |
|
| 483 | + /** |
|
| 484 | + * @param string $message |
|
| 485 | + * @param string $nonce |
|
| 486 | + * @param string $key |
|
| 487 | + * @return string |
|
| 488 | + */ |
|
| 489 | + function sodium_crypto_secretbox($message, $nonce, $key) |
|
| 490 | + { |
|
| 491 | + return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
|
| 492 | + } |
|
| 493 | 493 | } |
| 494 | 494 | if (!is_callable('sodium_crypto_secretbox_open')) { |
| 495 | - /** |
|
| 496 | - * @param string $message |
|
| 497 | - * @param string $nonce |
|
| 498 | - * @param string $key |
|
| 499 | - * @return string|bool |
|
| 500 | - */ |
|
| 501 | - function sodium_crypto_secretbox_open($message, $nonce, $key) |
|
| 502 | - { |
|
| 503 | - try { |
|
| 504 | - return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
|
| 505 | - } catch (Error $ex) { |
|
| 506 | - return false; |
|
| 507 | - } catch (Exception $ex) { |
|
| 508 | - return false; |
|
| 509 | - } |
|
| 510 | - } |
|
| 495 | + /** |
|
| 496 | + * @param string $message |
|
| 497 | + * @param string $nonce |
|
| 498 | + * @param string $key |
|
| 499 | + * @return string|bool |
|
| 500 | + */ |
|
| 501 | + function sodium_crypto_secretbox_open($message, $nonce, $key) |
|
| 502 | + { |
|
| 503 | + try { |
|
| 504 | + return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
|
| 505 | + } catch (Error $ex) { |
|
| 506 | + return false; |
|
| 507 | + } catch (Exception $ex) { |
|
| 508 | + return false; |
|
| 509 | + } |
|
| 510 | + } |
|
| 511 | 511 | } |
| 512 | 512 | if (!is_callable('sodium_crypto_shorthash')) { |
| 513 | - /** |
|
| 514 | - * @param string $message |
|
| 515 | - * @param string $key |
|
| 516 | - * @return string |
|
| 517 | - */ |
|
| 518 | - function sodium_crypto_shorthash($message, $key = '') |
|
| 519 | - { |
|
| 520 | - return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
|
| 521 | - } |
|
| 513 | + /** |
|
| 514 | + * @param string $message |
|
| 515 | + * @param string $key |
|
| 516 | + * @return string |
|
| 517 | + */ |
|
| 518 | + function sodium_crypto_shorthash($message, $key = '') |
|
| 519 | + { |
|
| 520 | + return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
|
| 521 | + } |
|
| 522 | 522 | } |
| 523 | 523 | if (!is_callable('sodium_crypto_sign')) { |
| 524 | - /** |
|
| 525 | - * @param string $message |
|
| 526 | - * @param string $sk |
|
| 527 | - * @return string |
|
| 528 | - */ |
|
| 529 | - function sodium_crypto_sign($message, $sk) |
|
| 530 | - { |
|
| 531 | - return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
|
| 532 | - } |
|
| 524 | + /** |
|
| 525 | + * @param string $message |
|
| 526 | + * @param string $sk |
|
| 527 | + * @return string |
|
| 528 | + */ |
|
| 529 | + function sodium_crypto_sign($message, $sk) |
|
| 530 | + { |
|
| 531 | + return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
|
| 532 | + } |
|
| 533 | 533 | } |
| 534 | 534 | if (!is_callable('sodium_crypto_sign_detached')) { |
| 535 | - /** |
|
| 536 | - * @param string $message |
|
| 537 | - * @param string $sk |
|
| 538 | - * @return string |
|
| 539 | - */ |
|
| 540 | - function sodium_crypto_sign_detached($message, $sk) |
|
| 541 | - { |
|
| 542 | - return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
|
| 543 | - } |
|
| 535 | + /** |
|
| 536 | + * @param string $message |
|
| 537 | + * @param string $sk |
|
| 538 | + * @return string |
|
| 539 | + */ |
|
| 540 | + function sodium_crypto_sign_detached($message, $sk) |
|
| 541 | + { |
|
| 542 | + return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
|
| 543 | + } |
|
| 544 | 544 | } |
| 545 | 545 | if (!is_callable('sodium_crypto_sign_keypair')) { |
| 546 | - /** |
|
| 547 | - * @return string |
|
| 548 | - */ |
|
| 549 | - function sodium_crypto_sign_keypair() |
|
| 550 | - { |
|
| 551 | - return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
|
| 552 | - } |
|
| 546 | + /** |
|
| 547 | + * @return string |
|
| 548 | + */ |
|
| 549 | + function sodium_crypto_sign_keypair() |
|
| 550 | + { |
|
| 551 | + return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
|
| 552 | + } |
|
| 553 | 553 | } |
| 554 | 554 | if (!is_callable('sodium_crypto_sign_open')) { |
| 555 | - /** |
|
| 556 | - * @param string $signedMessage |
|
| 557 | - * @param string $pk |
|
| 558 | - * @return string|bool |
|
| 559 | - */ |
|
| 560 | - function sodium_crypto_sign_open($signedMessage, $pk) |
|
| 561 | - { |
|
| 562 | - try { |
|
| 563 | - return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
|
| 564 | - } catch (Error $ex) { |
|
| 565 | - return false; |
|
| 566 | - } catch (Exception $ex) { |
|
| 567 | - return false; |
|
| 568 | - } |
|
| 569 | - } |
|
| 555 | + /** |
|
| 556 | + * @param string $signedMessage |
|
| 557 | + * @param string $pk |
|
| 558 | + * @return string|bool |
|
| 559 | + */ |
|
| 560 | + function sodium_crypto_sign_open($signedMessage, $pk) |
|
| 561 | + { |
|
| 562 | + try { |
|
| 563 | + return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
|
| 564 | + } catch (Error $ex) { |
|
| 565 | + return false; |
|
| 566 | + } catch (Exception $ex) { |
|
| 567 | + return false; |
|
| 568 | + } |
|
| 569 | + } |
|
| 570 | 570 | } |
| 571 | 571 | if (!is_callable('sodium_crypto_sign_publickey')) { |
| 572 | - /** |
|
| 573 | - * @param string $keypair |
|
| 574 | - * @return string |
|
| 575 | - */ |
|
| 576 | - function sodium_crypto_sign_publickey($keypair) |
|
| 577 | - { |
|
| 578 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
|
| 579 | - } |
|
| 572 | + /** |
|
| 573 | + * @param string $keypair |
|
| 574 | + * @return string |
|
| 575 | + */ |
|
| 576 | + function sodium_crypto_sign_publickey($keypair) |
|
| 577 | + { |
|
| 578 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
|
| 579 | + } |
|
| 580 | 580 | } |
| 581 | 581 | if (!is_callable('sodium_crypto_sign_publickey_from_secretkey')) { |
| 582 | - /** |
|
| 583 | - * @param string $sk |
|
| 584 | - * @return string |
|
| 585 | - */ |
|
| 586 | - function sodium_crypto_sign_publickey_from_secretkey($sk) |
|
| 587 | - { |
|
| 588 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
|
| 589 | - } |
|
| 582 | + /** |
|
| 583 | + * @param string $sk |
|
| 584 | + * @return string |
|
| 585 | + */ |
|
| 586 | + function sodium_crypto_sign_publickey_from_secretkey($sk) |
|
| 587 | + { |
|
| 588 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
|
| 589 | + } |
|
| 590 | 590 | } |
| 591 | 591 | if (!is_callable('sodium_crypto_sign_secretkey')) { |
| 592 | - /** |
|
| 593 | - * @param string $keypair |
|
| 594 | - * @return string |
|
| 595 | - */ |
|
| 596 | - function sodium_crypto_sign_secretkey($keypair) |
|
| 597 | - { |
|
| 598 | - return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
|
| 599 | - } |
|
| 592 | + /** |
|
| 593 | + * @param string $keypair |
|
| 594 | + * @return string |
|
| 595 | + */ |
|
| 596 | + function sodium_crypto_sign_secretkey($keypair) |
|
| 597 | + { |
|
| 598 | + return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
|
| 599 | + } |
|
| 600 | 600 | } |
| 601 | 601 | if (!is_callable('sodium_crypto_sign_seed_keypair')) { |
| 602 | - /** |
|
| 603 | - * @param string $seed |
|
| 604 | - * @return string |
|
| 605 | - */ |
|
| 606 | - function sodium_crypto_sign_seed_keypair($seed) |
|
| 607 | - { |
|
| 608 | - return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
|
| 609 | - } |
|
| 602 | + /** |
|
| 603 | + * @param string $seed |
|
| 604 | + * @return string |
|
| 605 | + */ |
|
| 606 | + function sodium_crypto_sign_seed_keypair($seed) |
|
| 607 | + { |
|
| 608 | + return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
|
| 609 | + } |
|
| 610 | 610 | } |
| 611 | 611 | if (!is_callable('sodium_crypto_sign_verify_detached')) { |
| 612 | - /** |
|
| 613 | - * @param string $signature |
|
| 614 | - * @param string $message |
|
| 615 | - * @param string $pk |
|
| 616 | - * @return bool |
|
| 617 | - */ |
|
| 618 | - function sodium_crypto_sign_verify_detached($signature, $message, $pk) |
|
| 619 | - { |
|
| 620 | - return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
|
| 621 | - } |
|
| 612 | + /** |
|
| 613 | + * @param string $signature |
|
| 614 | + * @param string $message |
|
| 615 | + * @param string $pk |
|
| 616 | + * @return bool |
|
| 617 | + */ |
|
| 618 | + function sodium_crypto_sign_verify_detached($signature, $message, $pk) |
|
| 619 | + { |
|
| 620 | + return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
|
| 621 | + } |
|
| 622 | 622 | } |
| 623 | 623 | if (!is_callable('sodium_crypto_stream')) { |
| 624 | - /** |
|
| 625 | - * @param int $len |
|
| 626 | - * @param string $nonce |
|
| 627 | - * @param string $key |
|
| 628 | - * @return string |
|
| 629 | - */ |
|
| 630 | - function sodium_crypto_stream($len, $nonce, $key) |
|
| 631 | - { |
|
| 632 | - return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
|
| 633 | - } |
|
| 624 | + /** |
|
| 625 | + * @param int $len |
|
| 626 | + * @param string $nonce |
|
| 627 | + * @param string $key |
|
| 628 | + * @return string |
|
| 629 | + */ |
|
| 630 | + function sodium_crypto_stream($len, $nonce, $key) |
|
| 631 | + { |
|
| 632 | + return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
|
| 633 | + } |
|
| 634 | 634 | } |
| 635 | 635 | if (!is_callable('sodium_crypto_stream_xor')) { |
| 636 | - /** |
|
| 637 | - * @param string $message |
|
| 638 | - * @param string $nonce |
|
| 639 | - * @param string $key |
|
| 640 | - * @return string |
|
| 641 | - */ |
|
| 642 | - function sodium_crypto_stream_xor($message, $nonce, $key) |
|
| 643 | - { |
|
| 644 | - return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
|
| 645 | - } |
|
| 636 | + /** |
|
| 637 | + * @param string $message |
|
| 638 | + * @param string $nonce |
|
| 639 | + * @param string $key |
|
| 640 | + * @return string |
|
| 641 | + */ |
|
| 642 | + function sodium_crypto_stream_xor($message, $nonce, $key) |
|
| 643 | + { |
|
| 644 | + return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
|
| 645 | + } |
|
| 646 | 646 | } |
| 647 | 647 | if (!is_callable('sodium_hex2bin')) { |
| 648 | - /** |
|
| 649 | - * @param string $string |
|
| 650 | - * @return string |
|
| 651 | - */ |
|
| 652 | - function sodium_hex2bin($string) |
|
| 653 | - { |
|
| 654 | - return ParagonIE_Sodium_Compat::hex2bin($string); |
|
| 655 | - } |
|
| 648 | + /** |
|
| 649 | + * @param string $string |
|
| 650 | + * @return string |
|
| 651 | + */ |
|
| 652 | + function sodium_hex2bin($string) |
|
| 653 | + { |
|
| 654 | + return ParagonIE_Sodium_Compat::hex2bin($string); |
|
| 655 | + } |
|
| 656 | 656 | } |
| 657 | 657 | if (!is_callable('sodium_increment')) { |
| 658 | - /** |
|
| 659 | - * @param &string $string |
|
| 660 | - * @return void |
|
| 661 | - */ |
|
| 662 | - function sodium_increment(&$string) |
|
| 663 | - { |
|
| 664 | - ParagonIE_Sodium_Compat::increment($string); |
|
| 665 | - } |
|
| 658 | + /** |
|
| 659 | + * @param &string $string |
|
| 660 | + * @return void |
|
| 661 | + */ |
|
| 662 | + function sodium_increment(&$string) |
|
| 663 | + { |
|
| 664 | + ParagonIE_Sodium_Compat::increment($string); |
|
| 665 | + } |
|
| 666 | 666 | } |
| 667 | 667 | if (!is_callable('sodium_library_version_major')) { |
| 668 | - /** |
|
| 669 | - * @return int |
|
| 670 | - */ |
|
| 671 | - function sodium_library_version_major() |
|
| 672 | - { |
|
| 673 | - return ParagonIE_Sodium_Compat::library_version_major(); |
|
| 674 | - } |
|
| 668 | + /** |
|
| 669 | + * @return int |
|
| 670 | + */ |
|
| 671 | + function sodium_library_version_major() |
|
| 672 | + { |
|
| 673 | + return ParagonIE_Sodium_Compat::library_version_major(); |
|
| 674 | + } |
|
| 675 | 675 | } |
| 676 | 676 | if (!is_callable('sodium_library_version_minor')) { |
| 677 | - /** |
|
| 678 | - * @return int |
|
| 679 | - */ |
|
| 680 | - function sodium_library_version_minor() |
|
| 681 | - { |
|
| 682 | - return ParagonIE_Sodium_Compat::library_version_minor(); |
|
| 683 | - } |
|
| 677 | + /** |
|
| 678 | + * @return int |
|
| 679 | + */ |
|
| 680 | + function sodium_library_version_minor() |
|
| 681 | + { |
|
| 682 | + return ParagonIE_Sodium_Compat::library_version_minor(); |
|
| 683 | + } |
|
| 684 | 684 | } |
| 685 | 685 | if (!is_callable('sodium_version_string')) { |
| 686 | - /** |
|
| 687 | - * @return string |
|
| 688 | - */ |
|
| 689 | - function sodium_version_string() |
|
| 690 | - { |
|
| 691 | - return ParagonIE_Sodium_Compat::version_string(); |
|
| 692 | - } |
|
| 686 | + /** |
|
| 687 | + * @return string |
|
| 688 | + */ |
|
| 689 | + function sodium_version_string() |
|
| 690 | + { |
|
| 691 | + return ParagonIE_Sodium_Compat::version_string(); |
|
| 692 | + } |
|
| 693 | 693 | } |
| 694 | 694 | if (!is_callable('sodium_memcmp')) { |
| 695 | - /** |
|
| 696 | - * @param string $a |
|
| 697 | - * @param string $b |
|
| 698 | - * @return int |
|
| 699 | - */ |
|
| 700 | - function sodium_memcmp($a, $b) |
|
| 701 | - { |
|
| 702 | - return ParagonIE_Sodium_Compat::memcmp($a, $b); |
|
| 703 | - } |
|
| 695 | + /** |
|
| 696 | + * @param string $a |
|
| 697 | + * @param string $b |
|
| 698 | + * @return int |
|
| 699 | + */ |
|
| 700 | + function sodium_memcmp($a, $b) |
|
| 701 | + { |
|
| 702 | + return ParagonIE_Sodium_Compat::memcmp($a, $b); |
|
| 703 | + } |
|
| 704 | 704 | } |
| 705 | 705 | if (!is_callable('sodium_memzero')) { |
| 706 | - /** |
|
| 707 | - * @param string &$str |
|
| 708 | - * @return void |
|
| 709 | - */ |
|
| 710 | - function sodium_memzero(&$str) |
|
| 711 | - { |
|
| 712 | - ParagonIE_Sodium_Compat::memzero($str); |
|
| 713 | - } |
|
| 706 | + /** |
|
| 707 | + * @param string &$str |
|
| 708 | + * @return void |
|
| 709 | + */ |
|
| 710 | + function sodium_memzero(&$str) |
|
| 711 | + { |
|
| 712 | + ParagonIE_Sodium_Compat::memzero($str); |
|
| 713 | + } |
|
| 714 | 714 | } |
| 715 | 715 | if (!is_callable('sodium_randombytes_buf')) { |
| 716 | - /** |
|
| 717 | - * @param int $amount |
|
| 718 | - * @return string |
|
| 719 | - */ |
|
| 720 | - function sodium_randombytes_buf($amount) |
|
| 721 | - { |
|
| 722 | - return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
|
| 723 | - } |
|
| 716 | + /** |
|
| 717 | + * @param int $amount |
|
| 718 | + * @return string |
|
| 719 | + */ |
|
| 720 | + function sodium_randombytes_buf($amount) |
|
| 721 | + { |
|
| 722 | + return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
|
| 723 | + } |
|
| 724 | 724 | } |
| 725 | 725 | |
| 726 | 726 | if (!is_callable('sodium_randombytes_uniform')) { |
| 727 | - /** |
|
| 728 | - * @param int $upperLimit |
|
| 729 | - * @return int |
|
| 730 | - */ |
|
| 731 | - function sodium_randombytes_uniform($upperLimit) |
|
| 732 | - { |
|
| 733 | - return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
|
| 734 | - } |
|
| 727 | + /** |
|
| 728 | + * @param int $upperLimit |
|
| 729 | + * @return int |
|
| 730 | + */ |
|
| 731 | + function sodium_randombytes_uniform($upperLimit) |
|
| 732 | + { |
|
| 733 | + return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
|
| 734 | + } |
|
| 735 | 735 | } |
| 736 | 736 | |
| 737 | 737 | if (!is_callable('sodium_randombytes_random16')) { |
| 738 | - /** |
|
| 739 | - * @return int |
|
| 740 | - */ |
|
| 741 | - function sodium_randombytes_random16() |
|
| 742 | - { |
|
| 743 | - return ParagonIE_Sodium_Compat::randombytes_random16(); |
|
| 744 | - } |
|
| 738 | + /** |
|
| 739 | + * @return int |
|
| 740 | + */ |
|
| 741 | + function sodium_randombytes_random16() |
|
| 742 | + { |
|
| 743 | + return ParagonIE_Sodium_Compat::randombytes_random16(); |
|
| 744 | + } |
|
| 745 | 745 | } |
@@ -7,7 +7,7 @@ discard block |
||
| 7 | 7 | * Thus, the functions or constants just proxy to the appropriate |
| 8 | 8 | * ParagonIE_Sodium_Compat method or class constant, respectively. |
| 9 | 9 | */ |
| 10 | -foreach (array( |
|
| 10 | +foreach ( array( |
|
| 11 | 11 | 'CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES', |
| 12 | 12 | 'CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES', |
| 13 | 13 | 'CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES', |
@@ -58,33 +58,33 @@ discard block |
||
| 58 | 58 | 'CRYPTO_STREAM_NONCEBYTES', |
| 59 | 59 | ) as $constant |
| 60 | 60 | ) { |
| 61 | - if (!defined("SODIUM_$constant")) { |
|
| 62 | - define("SODIUM_$constant", constant("ParagonIE_Sodium_Compat::$constant")); |
|
| 61 | + if ( ! defined( "SODIUM_$constant" ) ) { |
|
| 62 | + define( "SODIUM_$constant", constant( "ParagonIE_Sodium_Compat::$constant" ) ); |
|
| 63 | 63 | } |
| 64 | 64 | } |
| 65 | 65 | |
| 66 | -if (!is_callable('sodium_bin2hex')) { |
|
| 66 | +if ( ! is_callable( 'sodium_bin2hex' ) ) { |
|
| 67 | 67 | /** |
| 68 | 68 | * @param string $string |
| 69 | 69 | * @return string |
| 70 | 70 | */ |
| 71 | - function sodium_bin2hex($string) |
|
| 71 | + function sodium_bin2hex( $string ) |
|
| 72 | 72 | { |
| 73 | - return ParagonIE_Sodium_Compat::bin2hex($string); |
|
| 73 | + return ParagonIE_Sodium_Compat::bin2hex( $string ); |
|
| 74 | 74 | } |
| 75 | 75 | } |
| 76 | -if (!is_callable('sodium_compare')) { |
|
| 76 | +if ( ! is_callable( 'sodium_compare' ) ) { |
|
| 77 | 77 | /** |
| 78 | 78 | * @param string $a |
| 79 | 79 | * @param string $b |
| 80 | 80 | * @return int |
| 81 | 81 | */ |
| 82 | - function sodium_compare($a, $b) |
|
| 82 | + function sodium_compare( $a, $b ) |
|
| 83 | 83 | { |
| 84 | - return ParagonIE_Sodium_Compat::compare($a, $b); |
|
| 84 | + return ParagonIE_Sodium_Compat::compare( $a, $b ); |
|
| 85 | 85 | } |
| 86 | 86 | } |
| 87 | -if (!is_callable('sodium_crypto_aead_chacha20poly1305_decrypt')) { |
|
| 87 | +if ( ! is_callable( 'sodium_crypto_aead_chacha20poly1305_decrypt' ) ) { |
|
| 88 | 88 | /** |
| 89 | 89 | * @param string $message |
| 90 | 90 | * @param string $assocData |
@@ -92,18 +92,18 @@ discard block |
||
| 92 | 92 | * @param string $key |
| 93 | 93 | * @return string |
| 94 | 94 | */ |
| 95 | - function sodium_crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 95 | + function sodium_crypto_aead_chacha20poly1305_decrypt( $message, $assocData, $nonce, $key ) |
|
| 96 | 96 | { |
| 97 | 97 | try { |
| 98 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
|
| 99 | - } catch (Error $ex) { |
|
| 98 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt( $message, $assocData, $nonce, $key ); |
|
| 99 | + } catch ( Error $ex ) { |
|
| 100 | 100 | return false; |
| 101 | - } catch (Exception $ex) { |
|
| 101 | + } catch ( Exception $ex ) { |
|
| 102 | 102 | return false; |
| 103 | 103 | } |
| 104 | 104 | } |
| 105 | 105 | } |
| 106 | -if (!is_callable('sodium_crypto_aead_chacha20poly1305_encrypt')) { |
|
| 106 | +if ( ! is_callable( 'sodium_crypto_aead_chacha20poly1305_encrypt' ) ) { |
|
| 107 | 107 | /** |
| 108 | 108 | * @param string $message |
| 109 | 109 | * @param string $assocData |
@@ -111,12 +111,12 @@ discard block |
||
| 111 | 111 | * @param string $key |
| 112 | 112 | * @return string |
| 113 | 113 | */ |
| 114 | - function sodium_crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 114 | + function sodium_crypto_aead_chacha20poly1305_encrypt( $message, $assocData, $nonce, $key ) |
|
| 115 | 115 | { |
| 116 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
|
| 116 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt( $message, $assocData, $nonce, $key ); |
|
| 117 | 117 | } |
| 118 | 118 | } |
| 119 | -if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_decrypt')) { |
|
| 119 | +if ( ! is_callable( 'sodium_crypto_aead_chacha20poly1305_ietf_decrypt' ) ) { |
|
| 120 | 120 | /** |
| 121 | 121 | * @param string $message |
| 122 | 122 | * @param string $assocData |
@@ -124,18 +124,18 @@ discard block |
||
| 124 | 124 | * @param string $key |
| 125 | 125 | * @return string |
| 126 | 126 | */ |
| 127 | - function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 127 | + function sodium_crypto_aead_chacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, $key ) |
|
| 128 | 128 | { |
| 129 | 129 | try { |
| 130 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 131 | - } catch (Error $ex) { |
|
| 130 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, $key ); |
|
| 131 | + } catch ( Error $ex ) { |
|
| 132 | 132 | return false; |
| 133 | - } catch (Exception $ex) { |
|
| 133 | + } catch ( Exception $ex ) { |
|
| 134 | 134 | return false; |
| 135 | 135 | } |
| 136 | 136 | } |
| 137 | 137 | } |
| 138 | -if (!is_callable('sodium_crypto_aead_chacha20poly1305_ietf_encrypt')) { |
|
| 138 | +if ( ! is_callable( 'sodium_crypto_aead_chacha20poly1305_ietf_encrypt' ) ) { |
|
| 139 | 139 | /** |
| 140 | 140 | * @param string $message |
| 141 | 141 | * @param string $assocData |
@@ -143,12 +143,12 @@ discard block |
||
| 143 | 143 | * @param string $key |
| 144 | 144 | * @return string |
| 145 | 145 | */ |
| 146 | - function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 146 | + function sodium_crypto_aead_chacha20poly1305_ietf_encrypt( $message, $assocData, $nonce, $key ) |
|
| 147 | 147 | { |
| 148 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 148 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt( $message, $assocData, $nonce, $key ); |
|
| 149 | 149 | } |
| 150 | 150 | } |
| 151 | -if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_decrypt')) { |
|
| 151 | +if ( ! is_callable( 'sodium_crypto_aead_xchacha20poly1305_ietf_decrypt' ) ) { |
|
| 152 | 152 | /** |
| 153 | 153 | * @param string $message |
| 154 | 154 | * @param string $assocData |
@@ -156,18 +156,18 @@ discard block |
||
| 156 | 156 | * @param string $key |
| 157 | 157 | * @return string |
| 158 | 158 | */ |
| 159 | - function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 159 | + function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, $key ) |
|
| 160 | 160 | { |
| 161 | 161 | try { |
| 162 | - return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 163 | - } catch (Error $ex) { |
|
| 162 | + return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, $key ); |
|
| 163 | + } catch ( Error $ex ) { |
|
| 164 | 164 | return false; |
| 165 | - } catch (Exception $ex) { |
|
| 165 | + } catch ( Exception $ex ) { |
|
| 166 | 166 | return false; |
| 167 | 167 | } |
| 168 | 168 | } |
| 169 | 169 | } |
| 170 | -if (!is_callable('sodium_crypto_aead_xchacha20poly1305_ietf_encrypt')) { |
|
| 170 | +if ( ! is_callable( 'sodium_crypto_aead_xchacha20poly1305_ietf_encrypt' ) ) { |
|
| 171 | 171 | /** |
| 172 | 172 | * @param string $message |
| 173 | 173 | * @param string $assocData |
@@ -175,47 +175,47 @@ discard block |
||
| 175 | 175 | * @param string $key |
| 176 | 176 | * @return string |
| 177 | 177 | */ |
| 178 | - function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 178 | + function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt( $message, $assocData, $nonce, $key ) |
|
| 179 | 179 | { |
| 180 | - return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 180 | + return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt( $message, $assocData, $nonce, $key ); |
|
| 181 | 181 | } |
| 182 | 182 | } |
| 183 | -if (!is_callable('sodium_crypto_auth')) { |
|
| 183 | +if ( ! is_callable( 'sodium_crypto_auth' ) ) { |
|
| 184 | 184 | /** |
| 185 | 185 | * @param string $message |
| 186 | 186 | * @param string $key |
| 187 | 187 | * @return string |
| 188 | 188 | */ |
| 189 | - function sodium_crypto_auth($message, $key) |
|
| 189 | + function sodium_crypto_auth( $message, $key ) |
|
| 190 | 190 | { |
| 191 | - return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
|
| 191 | + return ParagonIE_Sodium_Compat::crypto_auth( $message, $key ); |
|
| 192 | 192 | } |
| 193 | 193 | } |
| 194 | -if (!is_callable('sodium_crypto_auth_verify')) { |
|
| 194 | +if ( ! is_callable( 'sodium_crypto_auth_verify' ) ) { |
|
| 195 | 195 | /** |
| 196 | 196 | * @param string $mac |
| 197 | 197 | * @param string $message |
| 198 | 198 | * @param string $key |
| 199 | 199 | * @return bool |
| 200 | 200 | */ |
| 201 | - function sodium_crypto_auth_verify($mac, $message, $key) |
|
| 201 | + function sodium_crypto_auth_verify( $mac, $message, $key ) |
|
| 202 | 202 | { |
| 203 | - return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
|
| 203 | + return ParagonIE_Sodium_Compat::crypto_auth_verify( $mac, $message, $key ); |
|
| 204 | 204 | } |
| 205 | 205 | } |
| 206 | -if (!is_callable('sodium_crypto_box')) { |
|
| 206 | +if ( ! is_callable( 'sodium_crypto_box' ) ) { |
|
| 207 | 207 | /** |
| 208 | 208 | * @param string $message |
| 209 | 209 | * @param string $nonce |
| 210 | 210 | * @param string $kp |
| 211 | 211 | * @return string |
| 212 | 212 | */ |
| 213 | - function sodium_crypto_box($message, $nonce, $kp) |
|
| 213 | + function sodium_crypto_box( $message, $nonce, $kp ) |
|
| 214 | 214 | { |
| 215 | - return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
|
| 215 | + return ParagonIE_Sodium_Compat::crypto_box( $message, $nonce, $kp ); |
|
| 216 | 216 | } |
| 217 | 217 | } |
| 218 | -if (!is_callable('sodium_crypto_box_keypair')) { |
|
| 218 | +if ( ! is_callable( 'sodium_crypto_box_keypair' ) ) { |
|
| 219 | 219 | /** |
| 220 | 220 | * @return string |
| 221 | 221 | */ |
@@ -224,149 +224,149 @@ discard block |
||
| 224 | 224 | return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
| 225 | 225 | } |
| 226 | 226 | } |
| 227 | -if (!is_callable('sodium_crypto_box_keypair_from_secretkey_and_publickey')) { |
|
| 227 | +if ( ! is_callable( 'sodium_crypto_box_keypair_from_secretkey_and_publickey' ) ) { |
|
| 228 | 228 | /** |
| 229 | 229 | * @param string $sk |
| 230 | 230 | * @param string $pk |
| 231 | 231 | * @return string |
| 232 | 232 | */ |
| 233 | - function sodium_crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 233 | + function sodium_crypto_box_keypair_from_secretkey_and_publickey( $sk, $pk ) |
|
| 234 | 234 | { |
| 235 | - return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
|
| 235 | + return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey( $sk, $pk ); |
|
| 236 | 236 | } |
| 237 | 237 | } |
| 238 | -if (!is_callable('sodium_crypto_box_open')) { |
|
| 238 | +if ( ! is_callable( 'sodium_crypto_box_open' ) ) { |
|
| 239 | 239 | /** |
| 240 | 240 | * @param string $message |
| 241 | 241 | * @param string $nonce |
| 242 | 242 | * @param string $kp |
| 243 | 243 | * @return string|bool |
| 244 | 244 | */ |
| 245 | - function sodium_crypto_box_open($message, $nonce, $kp) |
|
| 245 | + function sodium_crypto_box_open( $message, $nonce, $kp ) |
|
| 246 | 246 | { |
| 247 | 247 | try { |
| 248 | - return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
|
| 249 | - } catch (Error $ex) { |
|
| 248 | + return ParagonIE_Sodium_Compat::crypto_box_open( $message, $nonce, $kp ); |
|
| 249 | + } catch ( Error $ex ) { |
|
| 250 | 250 | return false; |
| 251 | - } catch (Exception $ex) { |
|
| 251 | + } catch ( Exception $ex ) { |
|
| 252 | 252 | return false; |
| 253 | 253 | } |
| 254 | 254 | } |
| 255 | 255 | } |
| 256 | -if (!is_callable('sodium_crypto_box_publickey')) { |
|
| 256 | +if ( ! is_callable( 'sodium_crypto_box_publickey' ) ) { |
|
| 257 | 257 | /** |
| 258 | 258 | * @param string $keypair |
| 259 | 259 | * @return string |
| 260 | 260 | */ |
| 261 | - function sodium_crypto_box_publickey($keypair) |
|
| 261 | + function sodium_crypto_box_publickey( $keypair ) |
|
| 262 | 262 | { |
| 263 | - return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
|
| 263 | + return ParagonIE_Sodium_Compat::crypto_box_publickey( $keypair ); |
|
| 264 | 264 | } |
| 265 | 265 | } |
| 266 | -if (!is_callable('sodium_crypto_box_publickey_from_secretkey')) { |
|
| 266 | +if ( ! is_callable( 'sodium_crypto_box_publickey_from_secretkey' ) ) { |
|
| 267 | 267 | /** |
| 268 | 268 | * @param string $sk |
| 269 | 269 | * @return string |
| 270 | 270 | */ |
| 271 | - function sodium_crypto_box_publickey_from_secretkey($sk) |
|
| 271 | + function sodium_crypto_box_publickey_from_secretkey( $sk ) |
|
| 272 | 272 | { |
| 273 | - return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
|
| 273 | + return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey( $sk ); |
|
| 274 | 274 | } |
| 275 | 275 | } |
| 276 | -if (!is_callable('sodium_crypto_box_seal')) { |
|
| 276 | +if ( ! is_callable( 'sodium_crypto_box_seal' ) ) { |
|
| 277 | 277 | /** |
| 278 | 278 | * @param string $message |
| 279 | 279 | * @param string $publicKey |
| 280 | 280 | * @return string |
| 281 | 281 | */ |
| 282 | - function sodium_crypto_box_seal($message, $publicKey) |
|
| 282 | + function sodium_crypto_box_seal( $message, $publicKey ) |
|
| 283 | 283 | { |
| 284 | - return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
|
| 284 | + return ParagonIE_Sodium_Compat::crypto_box_seal( $message, $publicKey ); |
|
| 285 | 285 | } |
| 286 | 286 | } |
| 287 | -if (!is_callable('sodium_crypto_box_seal_open')) { |
|
| 287 | +if ( ! is_callable( 'sodium_crypto_box_seal_open' ) ) { |
|
| 288 | 288 | /** |
| 289 | 289 | * @param string $message |
| 290 | 290 | * @param string $kp |
| 291 | 291 | * @return string|bool |
| 292 | 292 | */ |
| 293 | - function sodium_crypto_box_seal_open($message, $kp) |
|
| 293 | + function sodium_crypto_box_seal_open( $message, $kp ) |
|
| 294 | 294 | { |
| 295 | 295 | try { |
| 296 | - return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
|
| 297 | - } catch (Error $ex) { |
|
| 296 | + return ParagonIE_Sodium_Compat::crypto_box_seal_open( $message, $kp ); |
|
| 297 | + } catch ( Error $ex ) { |
|
| 298 | 298 | return false; |
| 299 | - } catch (Exception $ex) { |
|
| 299 | + } catch ( Exception $ex ) { |
|
| 300 | 300 | return false; |
| 301 | 301 | } |
| 302 | 302 | } |
| 303 | 303 | } |
| 304 | -if (!is_callable('sodium_crypto_box_secretkey')) { |
|
| 304 | +if ( ! is_callable( 'sodium_crypto_box_secretkey' ) ) { |
|
| 305 | 305 | /** |
| 306 | 306 | * @param string $keypair |
| 307 | 307 | * @return string |
| 308 | 308 | */ |
| 309 | - function sodium_crypto_box_secretkey($keypair) |
|
| 309 | + function sodium_crypto_box_secretkey( $keypair ) |
|
| 310 | 310 | { |
| 311 | - return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
|
| 311 | + return ParagonIE_Sodium_Compat::crypto_box_secretkey( $keypair ); |
|
| 312 | 312 | } |
| 313 | 313 | } |
| 314 | -if (!is_callable('sodium_crypto_box_seed_keypair')) { |
|
| 314 | +if ( ! is_callable( 'sodium_crypto_box_seed_keypair' ) ) { |
|
| 315 | 315 | /** |
| 316 | 316 | * @param string $seed |
| 317 | 317 | * @return string |
| 318 | 318 | */ |
| 319 | - function sodium_crypto_box_seed_keypair($seed) |
|
| 319 | + function sodium_crypto_box_seed_keypair( $seed ) |
|
| 320 | 320 | { |
| 321 | - return ParagonIE_Sodium_Compat::crypto_box_seed_keypair($seed); |
|
| 321 | + return ParagonIE_Sodium_Compat::crypto_box_seed_keypair( $seed ); |
|
| 322 | 322 | } |
| 323 | 323 | } |
| 324 | -if (!is_callable('sodium_crypto_generichash')) { |
|
| 324 | +if ( ! is_callable( 'sodium_crypto_generichash' ) ) { |
|
| 325 | 325 | /** |
| 326 | 326 | * @param string $message |
| 327 | 327 | * @param string|null $key |
| 328 | 328 | * @param int $outLen |
| 329 | 329 | * @return string |
| 330 | 330 | */ |
| 331 | - function sodium_crypto_generichash($message, $key = null, $outLen = 32) |
|
| 331 | + function sodium_crypto_generichash( $message, $key = null, $outLen = 32 ) |
|
| 332 | 332 | { |
| 333 | - return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
|
| 333 | + return ParagonIE_Sodium_Compat::crypto_generichash( $message, $key, $outLen ); |
|
| 334 | 334 | } |
| 335 | 335 | } |
| 336 | -if (!is_callable('sodium_crypto_generichash_final')) { |
|
| 336 | +if ( ! is_callable( 'sodium_crypto_generichash_final' ) ) { |
|
| 337 | 337 | /** |
| 338 | 338 | * @param string|null $ctx |
| 339 | 339 | * @param int $outputLength |
| 340 | 340 | * @return string |
| 341 | 341 | */ |
| 342 | - function sodium_crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 342 | + function sodium_crypto_generichash_final( &$ctx, $outputLength = 32 ) |
|
| 343 | 343 | { |
| 344 | - return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
|
| 344 | + return ParagonIE_Sodium_Compat::crypto_generichash_final( $ctx, $outputLength ); |
|
| 345 | 345 | } |
| 346 | 346 | } |
| 347 | -if (!is_callable('sodium_crypto_generichash_init')) { |
|
| 347 | +if ( ! is_callable( 'sodium_crypto_generichash_init' ) ) { |
|
| 348 | 348 | /** |
| 349 | 349 | * @param string|null $key |
| 350 | 350 | * @param int $outLen |
| 351 | 351 | * @return string |
| 352 | 352 | */ |
| 353 | - function sodium_crypto_generichash_init($key = null, $outLen = 32) |
|
| 353 | + function sodium_crypto_generichash_init( $key = null, $outLen = 32 ) |
|
| 354 | 354 | { |
| 355 | - return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
|
| 355 | + return ParagonIE_Sodium_Compat::crypto_generichash_init( $key, $outLen ); |
|
| 356 | 356 | } |
| 357 | 357 | } |
| 358 | -if (!is_callable('sodium_crypto_generichash_update')) { |
|
| 358 | +if ( ! is_callable( 'sodium_crypto_generichash_update' ) ) { |
|
| 359 | 359 | /** |
| 360 | 360 | * @param string|null $ctx |
| 361 | 361 | * @param string $message |
| 362 | 362 | * @return void |
| 363 | 363 | */ |
| 364 | - function sodium_crypto_generichash_update(&$ctx, $message = '') |
|
| 364 | + function sodium_crypto_generichash_update( &$ctx, $message = '' ) |
|
| 365 | 365 | { |
| 366 | - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
|
| 366 | + ParagonIE_Sodium_Compat::crypto_generichash_update( $ctx, $message ); |
|
| 367 | 367 | } |
| 368 | 368 | } |
| 369 | -if (!is_callable('sodium_crypto_kx')) { |
|
| 369 | +if ( ! is_callable( 'sodium_crypto_kx' ) ) { |
|
| 370 | 370 | /** |
| 371 | 371 | * @param string $my_secret |
| 372 | 372 | * @param string $their_public |
@@ -374,7 +374,7 @@ discard block |
||
| 374 | 374 | * @param string $server_public |
| 375 | 375 | * @return string |
| 376 | 376 | */ |
| 377 | - function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 377 | + function sodium_crypto_kx( $my_secret, $their_public, $client_public, $server_public ) |
|
| 378 | 378 | { |
| 379 | 379 | return ParagonIE_Sodium_Compat::crypto_kx( |
| 380 | 380 | $my_secret, |
@@ -384,7 +384,7 @@ discard block |
||
| 384 | 384 | ); |
| 385 | 385 | } |
| 386 | 386 | } |
| 387 | -if (!is_callable('sodium_crypto_pwhash')) { |
|
| 387 | +if ( ! is_callable( 'sodium_crypto_pwhash' ) ) { |
|
| 388 | 388 | /** |
| 389 | 389 | * @param int $outlen |
| 390 | 390 | * @param string $passwd |
@@ -393,35 +393,35 @@ discard block |
||
| 393 | 393 | * @param int $memlimit |
| 394 | 394 | * @return string |
| 395 | 395 | */ |
| 396 | - function sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 396 | + function sodium_crypto_pwhash( $outlen, $passwd, $salt, $opslimit, $memlimit ) |
|
| 397 | 397 | { |
| 398 | - return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 398 | + return ParagonIE_Sodium_Compat::crypto_pwhash( $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 399 | 399 | } |
| 400 | 400 | } |
| 401 | -if (!is_callable('sodium_crypto_pwhash_str')) { |
|
| 401 | +if ( ! is_callable( 'sodium_crypto_pwhash_str' ) ) { |
|
| 402 | 402 | /** |
| 403 | 403 | * @param string $passwd |
| 404 | 404 | * @param int $opslimit |
| 405 | 405 | * @param int $memlimit |
| 406 | 406 | * @return string |
| 407 | 407 | */ |
| 408 | - function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 408 | + function sodium_crypto_pwhash_str( $passwd, $opslimit, $memlimit ) |
|
| 409 | 409 | { |
| 410 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 410 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str( $passwd, $opslimit, $memlimit ); |
|
| 411 | 411 | } |
| 412 | 412 | } |
| 413 | -if (!is_callable('sodium_crypto_pwhash_str_verify')) { |
|
| 413 | +if ( ! is_callable( 'sodium_crypto_pwhash_str_verify' ) ) { |
|
| 414 | 414 | /** |
| 415 | 415 | * @param string $passwd |
| 416 | 416 | * @param string $hash |
| 417 | 417 | * @return bool |
| 418 | 418 | */ |
| 419 | - function sodium_crypto_pwhash_str_verify($passwd, $hash) |
|
| 419 | + function sodium_crypto_pwhash_str_verify( $passwd, $hash ) |
|
| 420 | 420 | { |
| 421 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
|
| 421 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify( $passwd, $hash ); |
|
| 422 | 422 | } |
| 423 | 423 | } |
| 424 | -if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256')) { |
|
| 424 | +if ( ! is_callable( 'sodium_crypto_pwhash_scryptsalsa208sha256' ) ) { |
|
| 425 | 425 | /** |
| 426 | 426 | * @param int $outlen |
| 427 | 427 | * @param string $passwd |
@@ -430,119 +430,119 @@ discard block |
||
| 430 | 430 | * @param int $memlimit |
| 431 | 431 | * @return string |
| 432 | 432 | */ |
| 433 | - function sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 433 | + function sodium_crypto_pwhash_scryptsalsa208sha256( $outlen, $passwd, $salt, $opslimit, $memlimit ) |
|
| 434 | 434 | { |
| 435 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 435 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256( $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 436 | 436 | } |
| 437 | 437 | } |
| 438 | -if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256_str')) { |
|
| 438 | +if ( ! is_callable( 'sodium_crypto_pwhash_scryptsalsa208sha256_str' ) ) { |
|
| 439 | 439 | /** |
| 440 | 440 | * @param string $passwd |
| 441 | 441 | * @param int $opslimit |
| 442 | 442 | * @param int $memlimit |
| 443 | 443 | * @return string |
| 444 | 444 | */ |
| 445 | - function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 445 | + function sodium_crypto_pwhash_scryptsalsa208sha256_str( $passwd, $opslimit, $memlimit ) |
|
| 446 | 446 | { |
| 447 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 447 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str( $passwd, $opslimit, $memlimit ); |
|
| 448 | 448 | } |
| 449 | 449 | } |
| 450 | -if (!is_callable('sodium_crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
|
| 450 | +if ( ! is_callable( 'sodium_crypto_pwhash_scryptsalsa208sha256_str_verify' ) ) { |
|
| 451 | 451 | /** |
| 452 | 452 | * @param string $passwd |
| 453 | 453 | * @param string $hash |
| 454 | 454 | * @return bool |
| 455 | 455 | */ |
| 456 | - function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 456 | + function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify( $passwd, $hash ) |
|
| 457 | 457 | { |
| 458 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 458 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify( $passwd, $hash ); |
|
| 459 | 459 | } |
| 460 | 460 | } |
| 461 | -if (!is_callable('sodium_crypto_scalarmult')) { |
|
| 461 | +if ( ! is_callable( 'sodium_crypto_scalarmult' ) ) { |
|
| 462 | 462 | /** |
| 463 | 463 | * @param string $n |
| 464 | 464 | * @param string $p |
| 465 | 465 | * @return string |
| 466 | 466 | */ |
| 467 | - function sodium_crypto_scalarmult($n, $p) |
|
| 467 | + function sodium_crypto_scalarmult( $n, $p ) |
|
| 468 | 468 | { |
| 469 | - return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
|
| 469 | + return ParagonIE_Sodium_Compat::crypto_scalarmult( $n, $p ); |
|
| 470 | 470 | } |
| 471 | 471 | } |
| 472 | -if (!is_callable('sodium_crypto_scalarmult_base')) { |
|
| 472 | +if ( ! is_callable( 'sodium_crypto_scalarmult_base' ) ) { |
|
| 473 | 473 | /** |
| 474 | 474 | * @param string $n |
| 475 | 475 | * @return string |
| 476 | 476 | */ |
| 477 | - function sodium_crypto_scalarmult_base($n) |
|
| 477 | + function sodium_crypto_scalarmult_base( $n ) |
|
| 478 | 478 | { |
| 479 | - return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
|
| 479 | + return ParagonIE_Sodium_Compat::crypto_scalarmult_base( $n ); |
|
| 480 | 480 | } |
| 481 | 481 | } |
| 482 | -if (!is_callable('sodium_crypto_secretbox')) { |
|
| 482 | +if ( ! is_callable( 'sodium_crypto_secretbox' ) ) { |
|
| 483 | 483 | /** |
| 484 | 484 | * @param string $message |
| 485 | 485 | * @param string $nonce |
| 486 | 486 | * @param string $key |
| 487 | 487 | * @return string |
| 488 | 488 | */ |
| 489 | - function sodium_crypto_secretbox($message, $nonce, $key) |
|
| 489 | + function sodium_crypto_secretbox( $message, $nonce, $key ) |
|
| 490 | 490 | { |
| 491 | - return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
|
| 491 | + return ParagonIE_Sodium_Compat::crypto_secretbox( $message, $nonce, $key ); |
|
| 492 | 492 | } |
| 493 | 493 | } |
| 494 | -if (!is_callable('sodium_crypto_secretbox_open')) { |
|
| 494 | +if ( ! is_callable( 'sodium_crypto_secretbox_open' ) ) { |
|
| 495 | 495 | /** |
| 496 | 496 | * @param string $message |
| 497 | 497 | * @param string $nonce |
| 498 | 498 | * @param string $key |
| 499 | 499 | * @return string|bool |
| 500 | 500 | */ |
| 501 | - function sodium_crypto_secretbox_open($message, $nonce, $key) |
|
| 501 | + function sodium_crypto_secretbox_open( $message, $nonce, $key ) |
|
| 502 | 502 | { |
| 503 | 503 | try { |
| 504 | - return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
|
| 505 | - } catch (Error $ex) { |
|
| 504 | + return ParagonIE_Sodium_Compat::crypto_secretbox_open( $message, $nonce, $key ); |
|
| 505 | + } catch ( Error $ex ) { |
|
| 506 | 506 | return false; |
| 507 | - } catch (Exception $ex) { |
|
| 507 | + } catch ( Exception $ex ) { |
|
| 508 | 508 | return false; |
| 509 | 509 | } |
| 510 | 510 | } |
| 511 | 511 | } |
| 512 | -if (!is_callable('sodium_crypto_shorthash')) { |
|
| 512 | +if ( ! is_callable( 'sodium_crypto_shorthash' ) ) { |
|
| 513 | 513 | /** |
| 514 | 514 | * @param string $message |
| 515 | 515 | * @param string $key |
| 516 | 516 | * @return string |
| 517 | 517 | */ |
| 518 | - function sodium_crypto_shorthash($message, $key = '') |
|
| 518 | + function sodium_crypto_shorthash( $message, $key = '' ) |
|
| 519 | 519 | { |
| 520 | - return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
|
| 520 | + return ParagonIE_Sodium_Compat::crypto_shorthash( $message, $key ); |
|
| 521 | 521 | } |
| 522 | 522 | } |
| 523 | -if (!is_callable('sodium_crypto_sign')) { |
|
| 523 | +if ( ! is_callable( 'sodium_crypto_sign' ) ) { |
|
| 524 | 524 | /** |
| 525 | 525 | * @param string $message |
| 526 | 526 | * @param string $sk |
| 527 | 527 | * @return string |
| 528 | 528 | */ |
| 529 | - function sodium_crypto_sign($message, $sk) |
|
| 529 | + function sodium_crypto_sign( $message, $sk ) |
|
| 530 | 530 | { |
| 531 | - return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
|
| 531 | + return ParagonIE_Sodium_Compat::crypto_sign( $message, $sk ); |
|
| 532 | 532 | } |
| 533 | 533 | } |
| 534 | -if (!is_callable('sodium_crypto_sign_detached')) { |
|
| 534 | +if ( ! is_callable( 'sodium_crypto_sign_detached' ) ) { |
|
| 535 | 535 | /** |
| 536 | 536 | * @param string $message |
| 537 | 537 | * @param string $sk |
| 538 | 538 | * @return string |
| 539 | 539 | */ |
| 540 | - function sodium_crypto_sign_detached($message, $sk) |
|
| 540 | + function sodium_crypto_sign_detached( $message, $sk ) |
|
| 541 | 541 | { |
| 542 | - return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
|
| 542 | + return ParagonIE_Sodium_Compat::crypto_sign_detached( $message, $sk ); |
|
| 543 | 543 | } |
| 544 | 544 | } |
| 545 | -if (!is_callable('sodium_crypto_sign_keypair')) { |
|
| 545 | +if ( ! is_callable( 'sodium_crypto_sign_keypair' ) ) { |
|
| 546 | 546 | /** |
| 547 | 547 | * @return string |
| 548 | 548 | */ |
@@ -551,120 +551,120 @@ discard block |
||
| 551 | 551 | return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
| 552 | 552 | } |
| 553 | 553 | } |
| 554 | -if (!is_callable('sodium_crypto_sign_open')) { |
|
| 554 | +if ( ! is_callable( 'sodium_crypto_sign_open' ) ) { |
|
| 555 | 555 | /** |
| 556 | 556 | * @param string $signedMessage |
| 557 | 557 | * @param string $pk |
| 558 | 558 | * @return string|bool |
| 559 | 559 | */ |
| 560 | - function sodium_crypto_sign_open($signedMessage, $pk) |
|
| 560 | + function sodium_crypto_sign_open( $signedMessage, $pk ) |
|
| 561 | 561 | { |
| 562 | 562 | try { |
| 563 | - return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
|
| 564 | - } catch (Error $ex) { |
|
| 563 | + return ParagonIE_Sodium_Compat::crypto_sign_open( $signedMessage, $pk ); |
|
| 564 | + } catch ( Error $ex ) { |
|
| 565 | 565 | return false; |
| 566 | - } catch (Exception $ex) { |
|
| 566 | + } catch ( Exception $ex ) { |
|
| 567 | 567 | return false; |
| 568 | 568 | } |
| 569 | 569 | } |
| 570 | 570 | } |
| 571 | -if (!is_callable('sodium_crypto_sign_publickey')) { |
|
| 571 | +if ( ! is_callable( 'sodium_crypto_sign_publickey' ) ) { |
|
| 572 | 572 | /** |
| 573 | 573 | * @param string $keypair |
| 574 | 574 | * @return string |
| 575 | 575 | */ |
| 576 | - function sodium_crypto_sign_publickey($keypair) |
|
| 576 | + function sodium_crypto_sign_publickey( $keypair ) |
|
| 577 | 577 | { |
| 578 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
|
| 578 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey( $keypair ); |
|
| 579 | 579 | } |
| 580 | 580 | } |
| 581 | -if (!is_callable('sodium_crypto_sign_publickey_from_secretkey')) { |
|
| 581 | +if ( ! is_callable( 'sodium_crypto_sign_publickey_from_secretkey' ) ) { |
|
| 582 | 582 | /** |
| 583 | 583 | * @param string $sk |
| 584 | 584 | * @return string |
| 585 | 585 | */ |
| 586 | - function sodium_crypto_sign_publickey_from_secretkey($sk) |
|
| 586 | + function sodium_crypto_sign_publickey_from_secretkey( $sk ) |
|
| 587 | 587 | { |
| 588 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
|
| 588 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey( $sk ); |
|
| 589 | 589 | } |
| 590 | 590 | } |
| 591 | -if (!is_callable('sodium_crypto_sign_secretkey')) { |
|
| 591 | +if ( ! is_callable( 'sodium_crypto_sign_secretkey' ) ) { |
|
| 592 | 592 | /** |
| 593 | 593 | * @param string $keypair |
| 594 | 594 | * @return string |
| 595 | 595 | */ |
| 596 | - function sodium_crypto_sign_secretkey($keypair) |
|
| 596 | + function sodium_crypto_sign_secretkey( $keypair ) |
|
| 597 | 597 | { |
| 598 | - return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
|
| 598 | + return ParagonIE_Sodium_Compat::crypto_sign_secretkey( $keypair ); |
|
| 599 | 599 | } |
| 600 | 600 | } |
| 601 | -if (!is_callable('sodium_crypto_sign_seed_keypair')) { |
|
| 601 | +if ( ! is_callable( 'sodium_crypto_sign_seed_keypair' ) ) { |
|
| 602 | 602 | /** |
| 603 | 603 | * @param string $seed |
| 604 | 604 | * @return string |
| 605 | 605 | */ |
| 606 | - function sodium_crypto_sign_seed_keypair($seed) |
|
| 606 | + function sodium_crypto_sign_seed_keypair( $seed ) |
|
| 607 | 607 | { |
| 608 | - return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
|
| 608 | + return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair( $seed ); |
|
| 609 | 609 | } |
| 610 | 610 | } |
| 611 | -if (!is_callable('sodium_crypto_sign_verify_detached')) { |
|
| 611 | +if ( ! is_callable( 'sodium_crypto_sign_verify_detached' ) ) { |
|
| 612 | 612 | /** |
| 613 | 613 | * @param string $signature |
| 614 | 614 | * @param string $message |
| 615 | 615 | * @param string $pk |
| 616 | 616 | * @return bool |
| 617 | 617 | */ |
| 618 | - function sodium_crypto_sign_verify_detached($signature, $message, $pk) |
|
| 618 | + function sodium_crypto_sign_verify_detached( $signature, $message, $pk ) |
|
| 619 | 619 | { |
| 620 | - return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
|
| 620 | + return ParagonIE_Sodium_Compat::crypto_sign_verify_detached( $signature, $message, $pk ); |
|
| 621 | 621 | } |
| 622 | 622 | } |
| 623 | -if (!is_callable('sodium_crypto_stream')) { |
|
| 623 | +if ( ! is_callable( 'sodium_crypto_stream' ) ) { |
|
| 624 | 624 | /** |
| 625 | 625 | * @param int $len |
| 626 | 626 | * @param string $nonce |
| 627 | 627 | * @param string $key |
| 628 | 628 | * @return string |
| 629 | 629 | */ |
| 630 | - function sodium_crypto_stream($len, $nonce, $key) |
|
| 630 | + function sodium_crypto_stream( $len, $nonce, $key ) |
|
| 631 | 631 | { |
| 632 | - return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
|
| 632 | + return ParagonIE_Sodium_Compat::crypto_stream( $len, $nonce, $key ); |
|
| 633 | 633 | } |
| 634 | 634 | } |
| 635 | -if (!is_callable('sodium_crypto_stream_xor')) { |
|
| 635 | +if ( ! is_callable( 'sodium_crypto_stream_xor' ) ) { |
|
| 636 | 636 | /** |
| 637 | 637 | * @param string $message |
| 638 | 638 | * @param string $nonce |
| 639 | 639 | * @param string $key |
| 640 | 640 | * @return string |
| 641 | 641 | */ |
| 642 | - function sodium_crypto_stream_xor($message, $nonce, $key) |
|
| 642 | + function sodium_crypto_stream_xor( $message, $nonce, $key ) |
|
| 643 | 643 | { |
| 644 | - return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
|
| 644 | + return ParagonIE_Sodium_Compat::crypto_stream_xor( $message, $nonce, $key ); |
|
| 645 | 645 | } |
| 646 | 646 | } |
| 647 | -if (!is_callable('sodium_hex2bin')) { |
|
| 647 | +if ( ! is_callable( 'sodium_hex2bin' ) ) { |
|
| 648 | 648 | /** |
| 649 | 649 | * @param string $string |
| 650 | 650 | * @return string |
| 651 | 651 | */ |
| 652 | - function sodium_hex2bin($string) |
|
| 652 | + function sodium_hex2bin( $string ) |
|
| 653 | 653 | { |
| 654 | - return ParagonIE_Sodium_Compat::hex2bin($string); |
|
| 654 | + return ParagonIE_Sodium_Compat::hex2bin( $string ); |
|
| 655 | 655 | } |
| 656 | 656 | } |
| 657 | -if (!is_callable('sodium_increment')) { |
|
| 657 | +if ( ! is_callable( 'sodium_increment' ) ) { |
|
| 658 | 658 | /** |
| 659 | 659 | * @param &string $string |
| 660 | 660 | * @return void |
| 661 | 661 | */ |
| 662 | - function sodium_increment(&$string) |
|
| 662 | + function sodium_increment( &$string ) |
|
| 663 | 663 | { |
| 664 | - ParagonIE_Sodium_Compat::increment($string); |
|
| 664 | + ParagonIE_Sodium_Compat::increment( $string ); |
|
| 665 | 665 | } |
| 666 | 666 | } |
| 667 | -if (!is_callable('sodium_library_version_major')) { |
|
| 667 | +if ( ! is_callable( 'sodium_library_version_major' ) ) { |
|
| 668 | 668 | /** |
| 669 | 669 | * @return int |
| 670 | 670 | */ |
@@ -673,7 +673,7 @@ discard block |
||
| 673 | 673 | return ParagonIE_Sodium_Compat::library_version_major(); |
| 674 | 674 | } |
| 675 | 675 | } |
| 676 | -if (!is_callable('sodium_library_version_minor')) { |
|
| 676 | +if ( ! is_callable( 'sodium_library_version_minor' ) ) { |
|
| 677 | 677 | /** |
| 678 | 678 | * @return int |
| 679 | 679 | */ |
@@ -682,7 +682,7 @@ discard block |
||
| 682 | 682 | return ParagonIE_Sodium_Compat::library_version_minor(); |
| 683 | 683 | } |
| 684 | 684 | } |
| 685 | -if (!is_callable('sodium_version_string')) { |
|
| 685 | +if ( ! is_callable( 'sodium_version_string' ) ) { |
|
| 686 | 686 | /** |
| 687 | 687 | * @return string |
| 688 | 688 | */ |
@@ -691,50 +691,50 @@ discard block |
||
| 691 | 691 | return ParagonIE_Sodium_Compat::version_string(); |
| 692 | 692 | } |
| 693 | 693 | } |
| 694 | -if (!is_callable('sodium_memcmp')) { |
|
| 694 | +if ( ! is_callable( 'sodium_memcmp' ) ) { |
|
| 695 | 695 | /** |
| 696 | 696 | * @param string $a |
| 697 | 697 | * @param string $b |
| 698 | 698 | * @return int |
| 699 | 699 | */ |
| 700 | - function sodium_memcmp($a, $b) |
|
| 700 | + function sodium_memcmp( $a, $b ) |
|
| 701 | 701 | { |
| 702 | - return ParagonIE_Sodium_Compat::memcmp($a, $b); |
|
| 702 | + return ParagonIE_Sodium_Compat::memcmp( $a, $b ); |
|
| 703 | 703 | } |
| 704 | 704 | } |
| 705 | -if (!is_callable('sodium_memzero')) { |
|
| 705 | +if ( ! is_callable( 'sodium_memzero' ) ) { |
|
| 706 | 706 | /** |
| 707 | 707 | * @param string &$str |
| 708 | 708 | * @return void |
| 709 | 709 | */ |
| 710 | - function sodium_memzero(&$str) |
|
| 710 | + function sodium_memzero( &$str ) |
|
| 711 | 711 | { |
| 712 | - ParagonIE_Sodium_Compat::memzero($str); |
|
| 712 | + ParagonIE_Sodium_Compat::memzero( $str ); |
|
| 713 | 713 | } |
| 714 | 714 | } |
| 715 | -if (!is_callable('sodium_randombytes_buf')) { |
|
| 715 | +if ( ! is_callable( 'sodium_randombytes_buf' ) ) { |
|
| 716 | 716 | /** |
| 717 | 717 | * @param int $amount |
| 718 | 718 | * @return string |
| 719 | 719 | */ |
| 720 | - function sodium_randombytes_buf($amount) |
|
| 720 | + function sodium_randombytes_buf( $amount ) |
|
| 721 | 721 | { |
| 722 | - return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
|
| 722 | + return ParagonIE_Sodium_Compat::randombytes_buf( $amount ); |
|
| 723 | 723 | } |
| 724 | 724 | } |
| 725 | 725 | |
| 726 | -if (!is_callable('sodium_randombytes_uniform')) { |
|
| 726 | +if ( ! is_callable( 'sodium_randombytes_uniform' ) ) { |
|
| 727 | 727 | /** |
| 728 | 728 | * @param int $upperLimit |
| 729 | 729 | * @return int |
| 730 | 730 | */ |
| 731 | - function sodium_randombytes_uniform($upperLimit) |
|
| 731 | + function sodium_randombytes_uniform( $upperLimit ) |
|
| 732 | 732 | { |
| 733 | - return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
|
| 733 | + return ParagonIE_Sodium_Compat::randombytes_uniform( $upperLimit ); |
|
| 734 | 734 | } |
| 735 | 735 | } |
| 736 | 736 | |
| 737 | -if (!is_callable('sodium_randombytes_random16')) { |
|
| 737 | +if ( ! is_callable( 'sodium_randombytes_random16' ) ) { |
|
| 738 | 738 | /** |
| 739 | 739 | * @return int |
| 740 | 740 | */ |
@@ -68,8 +68,7 @@ discard block |
||
| 68 | 68 | * @param string $string |
| 69 | 69 | * @return string |
| 70 | 70 | */ |
| 71 | - function sodium_bin2hex($string) |
|
| 72 | - { |
|
| 71 | + function sodium_bin2hex($string) { |
|
| 73 | 72 | return ParagonIE_Sodium_Compat::bin2hex($string); |
| 74 | 73 | } |
| 75 | 74 | } |
@@ -79,8 +78,7 @@ discard block |
||
| 79 | 78 | * @param string $b |
| 80 | 79 | * @return int |
| 81 | 80 | */ |
| 82 | - function sodium_compare($a, $b) |
|
| 83 | - { |
|
| 81 | + function sodium_compare($a, $b) { |
|
| 84 | 82 | return ParagonIE_Sodium_Compat::compare($a, $b); |
| 85 | 83 | } |
| 86 | 84 | } |
@@ -92,8 +90,7 @@ discard block |
||
| 92 | 90 | * @param string $key |
| 93 | 91 | * @return string |
| 94 | 92 | */ |
| 95 | - function sodium_crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 96 | - { |
|
| 93 | + function sodium_crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) { |
|
| 97 | 94 | try { |
| 98 | 95 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
| 99 | 96 | } catch (Error $ex) { |
@@ -111,8 +108,7 @@ discard block |
||
| 111 | 108 | * @param string $key |
| 112 | 109 | * @return string |
| 113 | 110 | */ |
| 114 | - function sodium_crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 115 | - { |
|
| 111 | + function sodium_crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) { |
|
| 116 | 112 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
| 117 | 113 | } |
| 118 | 114 | } |
@@ -124,8 +120,7 @@ discard block |
||
| 124 | 120 | * @param string $key |
| 125 | 121 | * @return string |
| 126 | 122 | */ |
| 127 | - function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 128 | - { |
|
| 123 | + function sodium_crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) { |
|
| 129 | 124 | try { |
| 130 | 125 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
| 131 | 126 | } catch (Error $ex) { |
@@ -143,8 +138,7 @@ discard block |
||
| 143 | 138 | * @param string $key |
| 144 | 139 | * @return string |
| 145 | 140 | */ |
| 146 | - function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 147 | - { |
|
| 141 | + function sodium_crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) { |
|
| 148 | 142 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
| 149 | 143 | } |
| 150 | 144 | } |
@@ -156,8 +150,7 @@ discard block |
||
| 156 | 150 | * @param string $key |
| 157 | 151 | * @return string |
| 158 | 152 | */ |
| 159 | - function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 160 | - { |
|
| 153 | + function sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) { |
|
| 161 | 154 | try { |
| 162 | 155 | return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
| 163 | 156 | } catch (Error $ex) { |
@@ -175,8 +168,7 @@ discard block |
||
| 175 | 168 | * @param string $key |
| 176 | 169 | * @return string |
| 177 | 170 | */ |
| 178 | - function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 179 | - { |
|
| 171 | + function sodium_crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) { |
|
| 180 | 172 | return ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
| 181 | 173 | } |
| 182 | 174 | } |
@@ -186,8 +178,7 @@ discard block |
||
| 186 | 178 | * @param string $key |
| 187 | 179 | * @return string |
| 188 | 180 | */ |
| 189 | - function sodium_crypto_auth($message, $key) |
|
| 190 | - { |
|
| 181 | + function sodium_crypto_auth($message, $key) { |
|
| 191 | 182 | return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
| 192 | 183 | } |
| 193 | 184 | } |
@@ -198,8 +189,7 @@ discard block |
||
| 198 | 189 | * @param string $key |
| 199 | 190 | * @return bool |
| 200 | 191 | */ |
| 201 | - function sodium_crypto_auth_verify($mac, $message, $key) |
|
| 202 | - { |
|
| 192 | + function sodium_crypto_auth_verify($mac, $message, $key) { |
|
| 203 | 193 | return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
| 204 | 194 | } |
| 205 | 195 | } |
@@ -210,8 +200,7 @@ discard block |
||
| 210 | 200 | * @param string $kp |
| 211 | 201 | * @return string |
| 212 | 202 | */ |
| 213 | - function sodium_crypto_box($message, $nonce, $kp) |
|
| 214 | - { |
|
| 203 | + function sodium_crypto_box($message, $nonce, $kp) { |
|
| 215 | 204 | return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
| 216 | 205 | } |
| 217 | 206 | } |
@@ -219,8 +208,7 @@ discard block |
||
| 219 | 208 | /** |
| 220 | 209 | * @return string |
| 221 | 210 | */ |
| 222 | - function sodium_crypto_box_keypair() |
|
| 223 | - { |
|
| 211 | + function sodium_crypto_box_keypair() { |
|
| 224 | 212 | return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
| 225 | 213 | } |
| 226 | 214 | } |
@@ -230,8 +218,7 @@ discard block |
||
| 230 | 218 | * @param string $pk |
| 231 | 219 | * @return string |
| 232 | 220 | */ |
| 233 | - function sodium_crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 234 | - { |
|
| 221 | + function sodium_crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) { |
|
| 235 | 222 | return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
| 236 | 223 | } |
| 237 | 224 | } |
@@ -242,8 +229,7 @@ discard block |
||
| 242 | 229 | * @param string $kp |
| 243 | 230 | * @return string|bool |
| 244 | 231 | */ |
| 245 | - function sodium_crypto_box_open($message, $nonce, $kp) |
|
| 246 | - { |
|
| 232 | + function sodium_crypto_box_open($message, $nonce, $kp) { |
|
| 247 | 233 | try { |
| 248 | 234 | return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
| 249 | 235 | } catch (Error $ex) { |
@@ -258,8 +244,7 @@ discard block |
||
| 258 | 244 | * @param string $keypair |
| 259 | 245 | * @return string |
| 260 | 246 | */ |
| 261 | - function sodium_crypto_box_publickey($keypair) |
|
| 262 | - { |
|
| 247 | + function sodium_crypto_box_publickey($keypair) { |
|
| 263 | 248 | return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
| 264 | 249 | } |
| 265 | 250 | } |
@@ -268,8 +253,7 @@ discard block |
||
| 268 | 253 | * @param string $sk |
| 269 | 254 | * @return string |
| 270 | 255 | */ |
| 271 | - function sodium_crypto_box_publickey_from_secretkey($sk) |
|
| 272 | - { |
|
| 256 | + function sodium_crypto_box_publickey_from_secretkey($sk) { |
|
| 273 | 257 | return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
| 274 | 258 | } |
| 275 | 259 | } |
@@ -279,8 +263,7 @@ discard block |
||
| 279 | 263 | * @param string $publicKey |
| 280 | 264 | * @return string |
| 281 | 265 | */ |
| 282 | - function sodium_crypto_box_seal($message, $publicKey) |
|
| 283 | - { |
|
| 266 | + function sodium_crypto_box_seal($message, $publicKey) { |
|
| 284 | 267 | return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
| 285 | 268 | } |
| 286 | 269 | } |
@@ -290,8 +273,7 @@ discard block |
||
| 290 | 273 | * @param string $kp |
| 291 | 274 | * @return string|bool |
| 292 | 275 | */ |
| 293 | - function sodium_crypto_box_seal_open($message, $kp) |
|
| 294 | - { |
|
| 276 | + function sodium_crypto_box_seal_open($message, $kp) { |
|
| 295 | 277 | try { |
| 296 | 278 | return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
| 297 | 279 | } catch (Error $ex) { |
@@ -306,8 +288,7 @@ discard block |
||
| 306 | 288 | * @param string $keypair |
| 307 | 289 | * @return string |
| 308 | 290 | */ |
| 309 | - function sodium_crypto_box_secretkey($keypair) |
|
| 310 | - { |
|
| 291 | + function sodium_crypto_box_secretkey($keypair) { |
|
| 311 | 292 | return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
| 312 | 293 | } |
| 313 | 294 | } |
@@ -316,8 +297,7 @@ discard block |
||
| 316 | 297 | * @param string $seed |
| 317 | 298 | * @return string |
| 318 | 299 | */ |
| 319 | - function sodium_crypto_box_seed_keypair($seed) |
|
| 320 | - { |
|
| 300 | + function sodium_crypto_box_seed_keypair($seed) { |
|
| 321 | 301 | return ParagonIE_Sodium_Compat::crypto_box_seed_keypair($seed); |
| 322 | 302 | } |
| 323 | 303 | } |
@@ -328,8 +308,7 @@ discard block |
||
| 328 | 308 | * @param int $outLen |
| 329 | 309 | * @return string |
| 330 | 310 | */ |
| 331 | - function sodium_crypto_generichash($message, $key = null, $outLen = 32) |
|
| 332 | - { |
|
| 311 | + function sodium_crypto_generichash($message, $key = null, $outLen = 32) { |
|
| 333 | 312 | return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
| 334 | 313 | } |
| 335 | 314 | } |
@@ -339,8 +318,7 @@ discard block |
||
| 339 | 318 | * @param int $outputLength |
| 340 | 319 | * @return string |
| 341 | 320 | */ |
| 342 | - function sodium_crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 343 | - { |
|
| 321 | + function sodium_crypto_generichash_final(&$ctx, $outputLength = 32) { |
|
| 344 | 322 | return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
| 345 | 323 | } |
| 346 | 324 | } |
@@ -350,8 +328,7 @@ discard block |
||
| 350 | 328 | * @param int $outLen |
| 351 | 329 | * @return string |
| 352 | 330 | */ |
| 353 | - function sodium_crypto_generichash_init($key = null, $outLen = 32) |
|
| 354 | - { |
|
| 331 | + function sodium_crypto_generichash_init($key = null, $outLen = 32) { |
|
| 355 | 332 | return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
| 356 | 333 | } |
| 357 | 334 | } |
@@ -361,8 +338,7 @@ discard block |
||
| 361 | 338 | * @param string $message |
| 362 | 339 | * @return void |
| 363 | 340 | */ |
| 364 | - function sodium_crypto_generichash_update(&$ctx, $message = '') |
|
| 365 | - { |
|
| 341 | + function sodium_crypto_generichash_update(&$ctx, $message = '') { |
|
| 366 | 342 | ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
| 367 | 343 | } |
| 368 | 344 | } |
@@ -374,8 +350,7 @@ discard block |
||
| 374 | 350 | * @param string $server_public |
| 375 | 351 | * @return string |
| 376 | 352 | */ |
| 377 | - function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 378 | - { |
|
| 353 | + function sodium_crypto_kx($my_secret, $their_public, $client_public, $server_public) { |
|
| 379 | 354 | return ParagonIE_Sodium_Compat::crypto_kx( |
| 380 | 355 | $my_secret, |
| 381 | 356 | $their_public, |
@@ -393,8 +368,7 @@ discard block |
||
| 393 | 368 | * @param int $memlimit |
| 394 | 369 | * @return string |
| 395 | 370 | */ |
| 396 | - function sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 397 | - { |
|
| 371 | + function sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) { |
|
| 398 | 372 | return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
| 399 | 373 | } |
| 400 | 374 | } |
@@ -405,8 +379,7 @@ discard block |
||
| 405 | 379 | * @param int $memlimit |
| 406 | 380 | * @return string |
| 407 | 381 | */ |
| 408 | - function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 409 | - { |
|
| 382 | + function sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit) { |
|
| 410 | 383 | return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
| 411 | 384 | } |
| 412 | 385 | } |
@@ -416,8 +389,7 @@ discard block |
||
| 416 | 389 | * @param string $hash |
| 417 | 390 | * @return bool |
| 418 | 391 | */ |
| 419 | - function sodium_crypto_pwhash_str_verify($passwd, $hash) |
|
| 420 | - { |
|
| 392 | + function sodium_crypto_pwhash_str_verify($passwd, $hash) { |
|
| 421 | 393 | return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
| 422 | 394 | } |
| 423 | 395 | } |
@@ -430,8 +402,7 @@ discard block |
||
| 430 | 402 | * @param int $memlimit |
| 431 | 403 | * @return string |
| 432 | 404 | */ |
| 433 | - function sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 434 | - { |
|
| 405 | + function sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) { |
|
| 435 | 406 | return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
| 436 | 407 | } |
| 437 | 408 | } |
@@ -442,8 +413,7 @@ discard block |
||
| 442 | 413 | * @param int $memlimit |
| 443 | 414 | * @return string |
| 444 | 415 | */ |
| 445 | - function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 446 | - { |
|
| 416 | + function sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) { |
|
| 447 | 417 | return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
| 448 | 418 | } |
| 449 | 419 | } |
@@ -453,8 +423,7 @@ discard block |
||
| 453 | 423 | * @param string $hash |
| 454 | 424 | * @return bool |
| 455 | 425 | */ |
| 456 | - function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 457 | - { |
|
| 426 | + function sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) { |
|
| 458 | 427 | return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
| 459 | 428 | } |
| 460 | 429 | } |
@@ -464,8 +433,7 @@ discard block |
||
| 464 | 433 | * @param string $p |
| 465 | 434 | * @return string |
| 466 | 435 | */ |
| 467 | - function sodium_crypto_scalarmult($n, $p) |
|
| 468 | - { |
|
| 436 | + function sodium_crypto_scalarmult($n, $p) { |
|
| 469 | 437 | return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
| 470 | 438 | } |
| 471 | 439 | } |
@@ -474,8 +442,7 @@ discard block |
||
| 474 | 442 | * @param string $n |
| 475 | 443 | * @return string |
| 476 | 444 | */ |
| 477 | - function sodium_crypto_scalarmult_base($n) |
|
| 478 | - { |
|
| 445 | + function sodium_crypto_scalarmult_base($n) { |
|
| 479 | 446 | return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
| 480 | 447 | } |
| 481 | 448 | } |
@@ -486,8 +453,7 @@ discard block |
||
| 486 | 453 | * @param string $key |
| 487 | 454 | * @return string |
| 488 | 455 | */ |
| 489 | - function sodium_crypto_secretbox($message, $nonce, $key) |
|
| 490 | - { |
|
| 456 | + function sodium_crypto_secretbox($message, $nonce, $key) { |
|
| 491 | 457 | return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
| 492 | 458 | } |
| 493 | 459 | } |
@@ -498,8 +464,7 @@ discard block |
||
| 498 | 464 | * @param string $key |
| 499 | 465 | * @return string|bool |
| 500 | 466 | */ |
| 501 | - function sodium_crypto_secretbox_open($message, $nonce, $key) |
|
| 502 | - { |
|
| 467 | + function sodium_crypto_secretbox_open($message, $nonce, $key) { |
|
| 503 | 468 | try { |
| 504 | 469 | return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
| 505 | 470 | } catch (Error $ex) { |
@@ -515,8 +480,7 @@ discard block |
||
| 515 | 480 | * @param string $key |
| 516 | 481 | * @return string |
| 517 | 482 | */ |
| 518 | - function sodium_crypto_shorthash($message, $key = '') |
|
| 519 | - { |
|
| 483 | + function sodium_crypto_shorthash($message, $key = '') { |
|
| 520 | 484 | return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
| 521 | 485 | } |
| 522 | 486 | } |
@@ -526,8 +490,7 @@ discard block |
||
| 526 | 490 | * @param string $sk |
| 527 | 491 | * @return string |
| 528 | 492 | */ |
| 529 | - function sodium_crypto_sign($message, $sk) |
|
| 530 | - { |
|
| 493 | + function sodium_crypto_sign($message, $sk) { |
|
| 531 | 494 | return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
| 532 | 495 | } |
| 533 | 496 | } |
@@ -537,8 +500,7 @@ discard block |
||
| 537 | 500 | * @param string $sk |
| 538 | 501 | * @return string |
| 539 | 502 | */ |
| 540 | - function sodium_crypto_sign_detached($message, $sk) |
|
| 541 | - { |
|
| 503 | + function sodium_crypto_sign_detached($message, $sk) { |
|
| 542 | 504 | return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
| 543 | 505 | } |
| 544 | 506 | } |
@@ -546,8 +508,7 @@ discard block |
||
| 546 | 508 | /** |
| 547 | 509 | * @return string |
| 548 | 510 | */ |
| 549 | - function sodium_crypto_sign_keypair() |
|
| 550 | - { |
|
| 511 | + function sodium_crypto_sign_keypair() { |
|
| 551 | 512 | return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
| 552 | 513 | } |
| 553 | 514 | } |
@@ -557,8 +518,7 @@ discard block |
||
| 557 | 518 | * @param string $pk |
| 558 | 519 | * @return string|bool |
| 559 | 520 | */ |
| 560 | - function sodium_crypto_sign_open($signedMessage, $pk) |
|
| 561 | - { |
|
| 521 | + function sodium_crypto_sign_open($signedMessage, $pk) { |
|
| 562 | 522 | try { |
| 563 | 523 | return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
| 564 | 524 | } catch (Error $ex) { |
@@ -573,8 +533,7 @@ discard block |
||
| 573 | 533 | * @param string $keypair |
| 574 | 534 | * @return string |
| 575 | 535 | */ |
| 576 | - function sodium_crypto_sign_publickey($keypair) |
|
| 577 | - { |
|
| 536 | + function sodium_crypto_sign_publickey($keypair) { |
|
| 578 | 537 | return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
| 579 | 538 | } |
| 580 | 539 | } |
@@ -583,8 +542,7 @@ discard block |
||
| 583 | 542 | * @param string $sk |
| 584 | 543 | * @return string |
| 585 | 544 | */ |
| 586 | - function sodium_crypto_sign_publickey_from_secretkey($sk) |
|
| 587 | - { |
|
| 545 | + function sodium_crypto_sign_publickey_from_secretkey($sk) { |
|
| 588 | 546 | return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
| 589 | 547 | } |
| 590 | 548 | } |
@@ -593,8 +551,7 @@ discard block |
||
| 593 | 551 | * @param string $keypair |
| 594 | 552 | * @return string |
| 595 | 553 | */ |
| 596 | - function sodium_crypto_sign_secretkey($keypair) |
|
| 597 | - { |
|
| 554 | + function sodium_crypto_sign_secretkey($keypair) { |
|
| 598 | 555 | return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
| 599 | 556 | } |
| 600 | 557 | } |
@@ -603,8 +560,7 @@ discard block |
||
| 603 | 560 | * @param string $seed |
| 604 | 561 | * @return string |
| 605 | 562 | */ |
| 606 | - function sodium_crypto_sign_seed_keypair($seed) |
|
| 607 | - { |
|
| 563 | + function sodium_crypto_sign_seed_keypair($seed) { |
|
| 608 | 564 | return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
| 609 | 565 | } |
| 610 | 566 | } |
@@ -615,8 +571,7 @@ discard block |
||
| 615 | 571 | * @param string $pk |
| 616 | 572 | * @return bool |
| 617 | 573 | */ |
| 618 | - function sodium_crypto_sign_verify_detached($signature, $message, $pk) |
|
| 619 | - { |
|
| 574 | + function sodium_crypto_sign_verify_detached($signature, $message, $pk) { |
|
| 620 | 575 | return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
| 621 | 576 | } |
| 622 | 577 | } |
@@ -627,8 +582,7 @@ discard block |
||
| 627 | 582 | * @param string $key |
| 628 | 583 | * @return string |
| 629 | 584 | */ |
| 630 | - function sodium_crypto_stream($len, $nonce, $key) |
|
| 631 | - { |
|
| 585 | + function sodium_crypto_stream($len, $nonce, $key) { |
|
| 632 | 586 | return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
| 633 | 587 | } |
| 634 | 588 | } |
@@ -639,8 +593,7 @@ discard block |
||
| 639 | 593 | * @param string $key |
| 640 | 594 | * @return string |
| 641 | 595 | */ |
| 642 | - function sodium_crypto_stream_xor($message, $nonce, $key) |
|
| 643 | - { |
|
| 596 | + function sodium_crypto_stream_xor($message, $nonce, $key) { |
|
| 644 | 597 | return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
| 645 | 598 | } |
| 646 | 599 | } |
@@ -649,8 +602,7 @@ discard block |
||
| 649 | 602 | * @param string $string |
| 650 | 603 | * @return string |
| 651 | 604 | */ |
| 652 | - function sodium_hex2bin($string) |
|
| 653 | - { |
|
| 605 | + function sodium_hex2bin($string) { |
|
| 654 | 606 | return ParagonIE_Sodium_Compat::hex2bin($string); |
| 655 | 607 | } |
| 656 | 608 | } |
@@ -659,8 +611,7 @@ discard block |
||
| 659 | 611 | * @param &string $string |
| 660 | 612 | * @return void |
| 661 | 613 | */ |
| 662 | - function sodium_increment(&$string) |
|
| 663 | - { |
|
| 614 | + function sodium_increment(&$string) { |
|
| 664 | 615 | ParagonIE_Sodium_Compat::increment($string); |
| 665 | 616 | } |
| 666 | 617 | } |
@@ -668,8 +619,7 @@ discard block |
||
| 668 | 619 | /** |
| 669 | 620 | * @return int |
| 670 | 621 | */ |
| 671 | - function sodium_library_version_major() |
|
| 672 | - { |
|
| 622 | + function sodium_library_version_major() { |
|
| 673 | 623 | return ParagonIE_Sodium_Compat::library_version_major(); |
| 674 | 624 | } |
| 675 | 625 | } |
@@ -677,8 +627,7 @@ discard block |
||
| 677 | 627 | /** |
| 678 | 628 | * @return int |
| 679 | 629 | */ |
| 680 | - function sodium_library_version_minor() |
|
| 681 | - { |
|
| 630 | + function sodium_library_version_minor() { |
|
| 682 | 631 | return ParagonIE_Sodium_Compat::library_version_minor(); |
| 683 | 632 | } |
| 684 | 633 | } |
@@ -686,8 +635,7 @@ discard block |
||
| 686 | 635 | /** |
| 687 | 636 | * @return string |
| 688 | 637 | */ |
| 689 | - function sodium_version_string() |
|
| 690 | - { |
|
| 638 | + function sodium_version_string() { |
|
| 691 | 639 | return ParagonIE_Sodium_Compat::version_string(); |
| 692 | 640 | } |
| 693 | 641 | } |
@@ -697,8 +645,7 @@ discard block |
||
| 697 | 645 | * @param string $b |
| 698 | 646 | * @return int |
| 699 | 647 | */ |
| 700 | - function sodium_memcmp($a, $b) |
|
| 701 | - { |
|
| 648 | + function sodium_memcmp($a, $b) { |
|
| 702 | 649 | return ParagonIE_Sodium_Compat::memcmp($a, $b); |
| 703 | 650 | } |
| 704 | 651 | } |
@@ -707,8 +654,7 @@ discard block |
||
| 707 | 654 | * @param string &$str |
| 708 | 655 | * @return void |
| 709 | 656 | */ |
| 710 | - function sodium_memzero(&$str) |
|
| 711 | - { |
|
| 657 | + function sodium_memzero(&$str) { |
|
| 712 | 658 | ParagonIE_Sodium_Compat::memzero($str); |
| 713 | 659 | } |
| 714 | 660 | } |
@@ -717,8 +663,7 @@ discard block |
||
| 717 | 663 | * @param int $amount |
| 718 | 664 | * @return string |
| 719 | 665 | */ |
| 720 | - function sodium_randombytes_buf($amount) |
|
| 721 | - { |
|
| 666 | + function sodium_randombytes_buf($amount) { |
|
| 722 | 667 | return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
| 723 | 668 | } |
| 724 | 669 | } |
@@ -728,8 +673,7 @@ discard block |
||
| 728 | 673 | * @param int $upperLimit |
| 729 | 674 | * @return int |
| 730 | 675 | */ |
| 731 | - function sodium_randombytes_uniform($upperLimit) |
|
| 732 | - { |
|
| 676 | + function sodium_randombytes_uniform($upperLimit) { |
|
| 733 | 677 | return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
| 734 | 678 | } |
| 735 | 679 | } |
@@ -738,8 +682,7 @@ discard block |
||
| 738 | 682 | /** |
| 739 | 683 | * @return int |
| 740 | 684 | */ |
| 741 | - function sodium_randombytes_random16() |
|
| 742 | - { |
|
| 685 | + function sodium_randombytes_random16() { |
|
| 743 | 686 | return ParagonIE_Sodium_Compat::randombytes_random16(); |
| 744 | 687 | } |
| 745 | 688 | } |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | * @param string $assocData |
| 38 | 38 | * @param string $nonce |
| 39 | 39 | * @param string $key |
| 40 | - * @return string|bool |
|
| 40 | + * @return string|false |
|
| 41 | 41 | */ |
| 42 | 42 | function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
| 43 | 43 | { |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | * @param string $assocData |
| 70 | 70 | * @param string $nonce |
| 71 | 71 | * @param string $key |
| 72 | - * @return string|bool |
|
| 72 | + * @return string|false |
|
| 73 | 73 | */ |
| 74 | 74 | function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
| 75 | 75 | { |
@@ -155,7 +155,7 @@ discard block |
||
| 155 | 155 | * @param string $message |
| 156 | 156 | * @param string $nonce |
| 157 | 157 | * @param string $kp |
| 158 | - * @return string|bool |
|
| 158 | + * @return string|false |
|
| 159 | 159 | */ |
| 160 | 160 | function crypto_box_open($message, $nonce, $kp) |
| 161 | 161 | { |
@@ -203,7 +203,7 @@ discard block |
||
| 203 | 203 | /** |
| 204 | 204 | * @param string $message |
| 205 | 205 | * @param string $kp |
| 206 | - * @return string|bool |
|
| 206 | + * @return string|false |
|
| 207 | 207 | */ |
| 208 | 208 | function crypto_box_seal_open($message, $kp) |
| 209 | 209 | { |
@@ -401,7 +401,7 @@ discard block |
||
| 401 | 401 | * @param string $message |
| 402 | 402 | * @param string $nonce |
| 403 | 403 | * @param string $key |
| 404 | - * @return string|bool |
|
| 404 | + * @return string|false |
|
| 405 | 405 | */ |
| 406 | 406 | function crypto_secretbox_open($message, $nonce, $key) |
| 407 | 407 | { |
@@ -460,7 +460,7 @@ discard block |
||
| 460 | 460 | /** |
| 461 | 461 | * @param string $signedMessage |
| 462 | 462 | * @param string $pk |
| 463 | - * @return string|bool |
|
| 463 | + * @return string|false |
|
| 464 | 464 | */ |
| 465 | 465 | function crypto_sign_open($signedMessage, $pk) |
| 466 | 466 | { |
@@ -11,617 +11,617 @@ |
||
| 11 | 11 | * method. |
| 12 | 12 | */ |
| 13 | 13 | if (!is_callable('\\Sodium\\bin2hex')) { |
| 14 | - /** |
|
| 15 | - * @param string $string |
|
| 16 | - * @return string |
|
| 17 | - */ |
|
| 18 | - function bin2hex($string) |
|
| 19 | - { |
|
| 20 | - return ParagonIE_Sodium_Compat::bin2hex($string); |
|
| 21 | - } |
|
| 14 | + /** |
|
| 15 | + * @param string $string |
|
| 16 | + * @return string |
|
| 17 | + */ |
|
| 18 | + function bin2hex($string) |
|
| 19 | + { |
|
| 20 | + return ParagonIE_Sodium_Compat::bin2hex($string); |
|
| 21 | + } |
|
| 22 | 22 | } |
| 23 | 23 | if (!is_callable('\\Sodium\\compare')) { |
| 24 | - /** |
|
| 25 | - * @param string $a |
|
| 26 | - * @param string $b |
|
| 27 | - * @return int |
|
| 28 | - */ |
|
| 29 | - function compare($a, $b) |
|
| 30 | - { |
|
| 31 | - return ParagonIE_Sodium_Compat::compare($a, $b); |
|
| 32 | - } |
|
| 24 | + /** |
|
| 25 | + * @param string $a |
|
| 26 | + * @param string $b |
|
| 27 | + * @return int |
|
| 28 | + */ |
|
| 29 | + function compare($a, $b) |
|
| 30 | + { |
|
| 31 | + return ParagonIE_Sodium_Compat::compare($a, $b); |
|
| 32 | + } |
|
| 33 | 33 | } |
| 34 | 34 | if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_decrypt')) { |
| 35 | - /** |
|
| 36 | - * @param string $message |
|
| 37 | - * @param string $assocData |
|
| 38 | - * @param string $nonce |
|
| 39 | - * @param string $key |
|
| 40 | - * @return string|bool |
|
| 41 | - */ |
|
| 42 | - function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 43 | - { |
|
| 44 | - try { |
|
| 45 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
|
| 46 | - } catch (Error $ex) { |
|
| 47 | - return false; |
|
| 48 | - } catch (Exception $ex) { |
|
| 49 | - return false; |
|
| 50 | - } |
|
| 51 | - } |
|
| 35 | + /** |
|
| 36 | + * @param string $message |
|
| 37 | + * @param string $assocData |
|
| 38 | + * @param string $nonce |
|
| 39 | + * @param string $key |
|
| 40 | + * @return string|bool |
|
| 41 | + */ |
|
| 42 | + function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 43 | + { |
|
| 44 | + try { |
|
| 45 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
|
| 46 | + } catch (Error $ex) { |
|
| 47 | + return false; |
|
| 48 | + } catch (Exception $ex) { |
|
| 49 | + return false; |
|
| 50 | + } |
|
| 51 | + } |
|
| 52 | 52 | } |
| 53 | 53 | if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_encrypt')) { |
| 54 | - /** |
|
| 55 | - * @param string $message |
|
| 56 | - * @param string $assocData |
|
| 57 | - * @param string $nonce |
|
| 58 | - * @param string $key |
|
| 59 | - * @return string |
|
| 60 | - */ |
|
| 61 | - function crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 62 | - { |
|
| 63 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
|
| 64 | - } |
|
| 54 | + /** |
|
| 55 | + * @param string $message |
|
| 56 | + * @param string $assocData |
|
| 57 | + * @param string $nonce |
|
| 58 | + * @param string $key |
|
| 59 | + * @return string |
|
| 60 | + */ |
|
| 61 | + function crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 62 | + { |
|
| 63 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
|
| 64 | + } |
|
| 65 | 65 | } |
| 66 | 66 | if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt')) { |
| 67 | - /** |
|
| 68 | - * @param string $message |
|
| 69 | - * @param string $assocData |
|
| 70 | - * @param string $nonce |
|
| 71 | - * @param string $key |
|
| 72 | - * @return string|bool |
|
| 73 | - */ |
|
| 74 | - function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 75 | - { |
|
| 76 | - try { |
|
| 77 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 78 | - } catch (Error $ex) { |
|
| 79 | - return false; |
|
| 80 | - } catch (Exception $ex) { |
|
| 81 | - return false; |
|
| 82 | - } |
|
| 83 | - } |
|
| 67 | + /** |
|
| 68 | + * @param string $message |
|
| 69 | + * @param string $assocData |
|
| 70 | + * @param string $nonce |
|
| 71 | + * @param string $key |
|
| 72 | + * @return string|bool |
|
| 73 | + */ |
|
| 74 | + function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 75 | + { |
|
| 76 | + try { |
|
| 77 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 78 | + } catch (Error $ex) { |
|
| 79 | + return false; |
|
| 80 | + } catch (Exception $ex) { |
|
| 81 | + return false; |
|
| 82 | + } |
|
| 83 | + } |
|
| 84 | 84 | } |
| 85 | 85 | if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt')) { |
| 86 | - /** |
|
| 87 | - * @param string $message |
|
| 88 | - * @param string $assocData |
|
| 89 | - * @param string $nonce |
|
| 90 | - * @param string $key |
|
| 91 | - * @return string |
|
| 92 | - */ |
|
| 93 | - function crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 94 | - { |
|
| 95 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 96 | - } |
|
| 86 | + /** |
|
| 87 | + * @param string $message |
|
| 88 | + * @param string $assocData |
|
| 89 | + * @param string $nonce |
|
| 90 | + * @param string $key |
|
| 91 | + * @return string |
|
| 92 | + */ |
|
| 93 | + function crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 94 | + { |
|
| 95 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 96 | + } |
|
| 97 | 97 | } |
| 98 | 98 | if (!is_callable('\\Sodium\\crypto_auth')) { |
| 99 | - /** |
|
| 100 | - * @param string $message |
|
| 101 | - * @param string $key |
|
| 102 | - * @return string |
|
| 103 | - */ |
|
| 104 | - function crypto_auth($message, $key) |
|
| 105 | - { |
|
| 106 | - return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
|
| 107 | - } |
|
| 99 | + /** |
|
| 100 | + * @param string $message |
|
| 101 | + * @param string $key |
|
| 102 | + * @return string |
|
| 103 | + */ |
|
| 104 | + function crypto_auth($message, $key) |
|
| 105 | + { |
|
| 106 | + return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
|
| 107 | + } |
|
| 108 | 108 | } |
| 109 | 109 | if (!is_callable('\\Sodium\\crypto_auth_verify')) { |
| 110 | - /** |
|
| 111 | - * @param string $mac |
|
| 112 | - * @param string $message |
|
| 113 | - * @param string $key |
|
| 114 | - * @return bool |
|
| 115 | - */ |
|
| 116 | - function crypto_auth_verify($mac, $message, $key) |
|
| 117 | - { |
|
| 118 | - return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
|
| 119 | - } |
|
| 110 | + /** |
|
| 111 | + * @param string $mac |
|
| 112 | + * @param string $message |
|
| 113 | + * @param string $key |
|
| 114 | + * @return bool |
|
| 115 | + */ |
|
| 116 | + function crypto_auth_verify($mac, $message, $key) |
|
| 117 | + { |
|
| 118 | + return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
|
| 119 | + } |
|
| 120 | 120 | } |
| 121 | 121 | if (!is_callable('\\Sodium\\crypto_box')) { |
| 122 | - /** |
|
| 123 | - * @param string $message |
|
| 124 | - * @param string $nonce |
|
| 125 | - * @param string $kp |
|
| 126 | - * @return string |
|
| 127 | - */ |
|
| 128 | - function crypto_box($message, $nonce, $kp) |
|
| 129 | - { |
|
| 130 | - return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
|
| 131 | - } |
|
| 122 | + /** |
|
| 123 | + * @param string $message |
|
| 124 | + * @param string $nonce |
|
| 125 | + * @param string $kp |
|
| 126 | + * @return string |
|
| 127 | + */ |
|
| 128 | + function crypto_box($message, $nonce, $kp) |
|
| 129 | + { |
|
| 130 | + return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
|
| 131 | + } |
|
| 132 | 132 | } |
| 133 | 133 | if (!is_callable('\\Sodium\\crypto_box_keypair')) { |
| 134 | - /** |
|
| 135 | - * @return string |
|
| 136 | - */ |
|
| 137 | - function crypto_box_keypair() |
|
| 138 | - { |
|
| 139 | - return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
|
| 140 | - } |
|
| 134 | + /** |
|
| 135 | + * @return string |
|
| 136 | + */ |
|
| 137 | + function crypto_box_keypair() |
|
| 138 | + { |
|
| 139 | + return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
|
| 140 | + } |
|
| 141 | 141 | } |
| 142 | 142 | if (!is_callable('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey')) { |
| 143 | - /** |
|
| 144 | - * @param string $sk |
|
| 145 | - * @param string $pk |
|
| 146 | - * @return string |
|
| 147 | - */ |
|
| 148 | - function crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 149 | - { |
|
| 150 | - return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
|
| 151 | - } |
|
| 143 | + /** |
|
| 144 | + * @param string $sk |
|
| 145 | + * @param string $pk |
|
| 146 | + * @return string |
|
| 147 | + */ |
|
| 148 | + function crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 149 | + { |
|
| 150 | + return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
|
| 151 | + } |
|
| 152 | 152 | } |
| 153 | 153 | if (!is_callable('\\Sodium\\crypto_box_open')) { |
| 154 | - /** |
|
| 155 | - * @param string $message |
|
| 156 | - * @param string $nonce |
|
| 157 | - * @param string $kp |
|
| 158 | - * @return string|bool |
|
| 159 | - */ |
|
| 160 | - function crypto_box_open($message, $nonce, $kp) |
|
| 161 | - { |
|
| 162 | - try { |
|
| 163 | - return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
|
| 164 | - } catch (Error $ex) { |
|
| 165 | - return false; |
|
| 166 | - } catch (Exception $ex) { |
|
| 167 | - return false; |
|
| 168 | - } |
|
| 169 | - } |
|
| 154 | + /** |
|
| 155 | + * @param string $message |
|
| 156 | + * @param string $nonce |
|
| 157 | + * @param string $kp |
|
| 158 | + * @return string|bool |
|
| 159 | + */ |
|
| 160 | + function crypto_box_open($message, $nonce, $kp) |
|
| 161 | + { |
|
| 162 | + try { |
|
| 163 | + return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
|
| 164 | + } catch (Error $ex) { |
|
| 165 | + return false; |
|
| 166 | + } catch (Exception $ex) { |
|
| 167 | + return false; |
|
| 168 | + } |
|
| 169 | + } |
|
| 170 | 170 | } |
| 171 | 171 | if (!is_callable('\\Sodium\\crypto_box_publickey')) { |
| 172 | - /** |
|
| 173 | - * @param string $keypair |
|
| 174 | - * @return string |
|
| 175 | - */ |
|
| 176 | - function crypto_box_publickey($keypair) |
|
| 177 | - { |
|
| 178 | - return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
|
| 179 | - } |
|
| 172 | + /** |
|
| 173 | + * @param string $keypair |
|
| 174 | + * @return string |
|
| 175 | + */ |
|
| 176 | + function crypto_box_publickey($keypair) |
|
| 177 | + { |
|
| 178 | + return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
|
| 179 | + } |
|
| 180 | 180 | } |
| 181 | 181 | if (!is_callable('\\Sodium\\crypto_box_publickey_from_secretkey')) { |
| 182 | - /** |
|
| 183 | - * @param string $sk |
|
| 184 | - * @return string |
|
| 185 | - */ |
|
| 186 | - function crypto_box_publickey_from_secretkey($sk) |
|
| 187 | - { |
|
| 188 | - return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
|
| 189 | - } |
|
| 182 | + /** |
|
| 183 | + * @param string $sk |
|
| 184 | + * @return string |
|
| 185 | + */ |
|
| 186 | + function crypto_box_publickey_from_secretkey($sk) |
|
| 187 | + { |
|
| 188 | + return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
|
| 189 | + } |
|
| 190 | 190 | } |
| 191 | 191 | if (!is_callable('\\Sodium\\crypto_box_seal')) { |
| 192 | - /** |
|
| 193 | - * @param string $message |
|
| 194 | - * @param string $publicKey |
|
| 195 | - * @return string |
|
| 196 | - */ |
|
| 197 | - function crypto_box_seal($message, $publicKey) |
|
| 198 | - { |
|
| 199 | - return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
|
| 200 | - } |
|
| 192 | + /** |
|
| 193 | + * @param string $message |
|
| 194 | + * @param string $publicKey |
|
| 195 | + * @return string |
|
| 196 | + */ |
|
| 197 | + function crypto_box_seal($message, $publicKey) |
|
| 198 | + { |
|
| 199 | + return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
|
| 200 | + } |
|
| 201 | 201 | } |
| 202 | 202 | if (!is_callable('\\Sodium\\crypto_box_seal_open')) { |
| 203 | - /** |
|
| 204 | - * @param string $message |
|
| 205 | - * @param string $kp |
|
| 206 | - * @return string|bool |
|
| 207 | - */ |
|
| 208 | - function crypto_box_seal_open($message, $kp) |
|
| 209 | - { |
|
| 210 | - try { |
|
| 211 | - return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
|
| 212 | - } catch (\Error $ex) { |
|
| 213 | - return false; |
|
| 214 | - } catch (\Exception $ex) { |
|
| 215 | - return false; |
|
| 216 | - } |
|
| 217 | - } |
|
| 203 | + /** |
|
| 204 | + * @param string $message |
|
| 205 | + * @param string $kp |
|
| 206 | + * @return string|bool |
|
| 207 | + */ |
|
| 208 | + function crypto_box_seal_open($message, $kp) |
|
| 209 | + { |
|
| 210 | + try { |
|
| 211 | + return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
|
| 212 | + } catch (\Error $ex) { |
|
| 213 | + return false; |
|
| 214 | + } catch (\Exception $ex) { |
|
| 215 | + return false; |
|
| 216 | + } |
|
| 217 | + } |
|
| 218 | 218 | } |
| 219 | 219 | if (!is_callable('\\Sodium\\crypto_box_secretkey')) { |
| 220 | - /** |
|
| 221 | - * @param string $keypair |
|
| 222 | - * @return string |
|
| 223 | - */ |
|
| 224 | - function crypto_box_secretkey($keypair) |
|
| 225 | - { |
|
| 226 | - return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
|
| 227 | - } |
|
| 220 | + /** |
|
| 221 | + * @param string $keypair |
|
| 222 | + * @return string |
|
| 223 | + */ |
|
| 224 | + function crypto_box_secretkey($keypair) |
|
| 225 | + { |
|
| 226 | + return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
|
| 227 | + } |
|
| 228 | 228 | } |
| 229 | 229 | if (!is_callable('\\Sodium\\crypto_generichash')) { |
| 230 | - /** |
|
| 231 | - * @param string $message |
|
| 232 | - * @param string|null $key |
|
| 233 | - * @param int $outLen |
|
| 234 | - * @return string |
|
| 235 | - */ |
|
| 236 | - function crypto_generichash($message, $key = null, $outLen = 32) |
|
| 237 | - { |
|
| 238 | - return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
|
| 239 | - } |
|
| 230 | + /** |
|
| 231 | + * @param string $message |
|
| 232 | + * @param string|null $key |
|
| 233 | + * @param int $outLen |
|
| 234 | + * @return string |
|
| 235 | + */ |
|
| 236 | + function crypto_generichash($message, $key = null, $outLen = 32) |
|
| 237 | + { |
|
| 238 | + return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
|
| 239 | + } |
|
| 240 | 240 | } |
| 241 | 241 | if (!is_callable('\\Sodium\\crypto_generichash_final')) { |
| 242 | - /** |
|
| 243 | - * @param string|null $ctx |
|
| 244 | - * @param int $outputLength |
|
| 245 | - * @return string |
|
| 246 | - */ |
|
| 247 | - function crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 248 | - { |
|
| 249 | - return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
|
| 250 | - } |
|
| 242 | + /** |
|
| 243 | + * @param string|null $ctx |
|
| 244 | + * @param int $outputLength |
|
| 245 | + * @return string |
|
| 246 | + */ |
|
| 247 | + function crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 248 | + { |
|
| 249 | + return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
|
| 250 | + } |
|
| 251 | 251 | } |
| 252 | 252 | if (!is_callable('\\Sodium\\crypto_generichash_init')) { |
| 253 | - /** |
|
| 254 | - * @param string|null $key |
|
| 255 | - * @param int $outLen |
|
| 256 | - * @return string |
|
| 257 | - */ |
|
| 258 | - function crypto_generichash_init($key = null, $outLen = 32) |
|
| 259 | - { |
|
| 260 | - return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
|
| 261 | - } |
|
| 253 | + /** |
|
| 254 | + * @param string|null $key |
|
| 255 | + * @param int $outLen |
|
| 256 | + * @return string |
|
| 257 | + */ |
|
| 258 | + function crypto_generichash_init($key = null, $outLen = 32) |
|
| 259 | + { |
|
| 260 | + return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
|
| 261 | + } |
|
| 262 | 262 | } |
| 263 | 263 | if (!is_callable('\\Sodium\\crypto_generichash_update')) { |
| 264 | - /** |
|
| 265 | - * @param string|null $ctx |
|
| 266 | - * @param string $message |
|
| 267 | - * @return void |
|
| 268 | - */ |
|
| 269 | - function crypto_generichash_update(&$ctx, $message = '') |
|
| 270 | - { |
|
| 271 | - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
|
| 272 | - } |
|
| 264 | + /** |
|
| 265 | + * @param string|null $ctx |
|
| 266 | + * @param string $message |
|
| 267 | + * @return void |
|
| 268 | + */ |
|
| 269 | + function crypto_generichash_update(&$ctx, $message = '') |
|
| 270 | + { |
|
| 271 | + ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
|
| 272 | + } |
|
| 273 | 273 | } |
| 274 | 274 | if (!is_callable('\\Sodium\\crypto_kx')) { |
| 275 | - /** |
|
| 276 | - * @param string $my_secret |
|
| 277 | - * @param string $their_public |
|
| 278 | - * @param string $client_public |
|
| 279 | - * @param string $server_public |
|
| 280 | - * @return string |
|
| 281 | - */ |
|
| 282 | - function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 283 | - { |
|
| 284 | - return ParagonIE_Sodium_Compat::crypto_kx( |
|
| 285 | - $my_secret, |
|
| 286 | - $their_public, |
|
| 287 | - $client_public, |
|
| 288 | - $server_public |
|
| 289 | - ); |
|
| 290 | - } |
|
| 275 | + /** |
|
| 276 | + * @param string $my_secret |
|
| 277 | + * @param string $their_public |
|
| 278 | + * @param string $client_public |
|
| 279 | + * @param string $server_public |
|
| 280 | + * @return string |
|
| 281 | + */ |
|
| 282 | + function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 283 | + { |
|
| 284 | + return ParagonIE_Sodium_Compat::crypto_kx( |
|
| 285 | + $my_secret, |
|
| 286 | + $their_public, |
|
| 287 | + $client_public, |
|
| 288 | + $server_public |
|
| 289 | + ); |
|
| 290 | + } |
|
| 291 | 291 | } |
| 292 | 292 | if (!is_callable('\\Sodium\\crypto_pwhash')) { |
| 293 | - /** |
|
| 294 | - * @param int $outlen |
|
| 295 | - * @param string $passwd |
|
| 296 | - * @param string $salt |
|
| 297 | - * @param int $opslimit |
|
| 298 | - * @param int $memlimit |
|
| 299 | - * @return string |
|
| 300 | - */ |
|
| 301 | - function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 302 | - { |
|
| 303 | - return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 304 | - } |
|
| 293 | + /** |
|
| 294 | + * @param int $outlen |
|
| 295 | + * @param string $passwd |
|
| 296 | + * @param string $salt |
|
| 297 | + * @param int $opslimit |
|
| 298 | + * @param int $memlimit |
|
| 299 | + * @return string |
|
| 300 | + */ |
|
| 301 | + function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 302 | + { |
|
| 303 | + return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 304 | + } |
|
| 305 | 305 | } |
| 306 | 306 | if (!is_callable('\\Sodium\\crypto_pwhash_str')) { |
| 307 | - /** |
|
| 308 | - * @param string $passwd |
|
| 309 | - * @param int $opslimit |
|
| 310 | - * @param int $memlimit |
|
| 311 | - * @return string |
|
| 312 | - */ |
|
| 313 | - function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 314 | - { |
|
| 315 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 316 | - } |
|
| 307 | + /** |
|
| 308 | + * @param string $passwd |
|
| 309 | + * @param int $opslimit |
|
| 310 | + * @param int $memlimit |
|
| 311 | + * @return string |
|
| 312 | + */ |
|
| 313 | + function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 314 | + { |
|
| 315 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 316 | + } |
|
| 317 | 317 | } |
| 318 | 318 | if (!is_callable('\\Sodium\\crypto_pwhash_str_verify')) { |
| 319 | - /** |
|
| 320 | - * @param string $passwd |
|
| 321 | - * @param string $hash |
|
| 322 | - * @return bool |
|
| 323 | - */ |
|
| 324 | - function crypto_pwhash_str_verify($passwd, $hash) |
|
| 325 | - { |
|
| 326 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
|
| 327 | - } |
|
| 319 | + /** |
|
| 320 | + * @param string $passwd |
|
| 321 | + * @param string $hash |
|
| 322 | + * @return bool |
|
| 323 | + */ |
|
| 324 | + function crypto_pwhash_str_verify($passwd, $hash) |
|
| 325 | + { |
|
| 326 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
|
| 327 | + } |
|
| 328 | 328 | } |
| 329 | 329 | if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256')) { |
| 330 | - /** |
|
| 331 | - * @param int $outlen |
|
| 332 | - * @param string $passwd |
|
| 333 | - * @param string $salt |
|
| 334 | - * @param int $opslimit |
|
| 335 | - * @param int $memlimit |
|
| 336 | - * @return string |
|
| 337 | - */ |
|
| 338 | - function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 339 | - { |
|
| 340 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 341 | - } |
|
| 330 | + /** |
|
| 331 | + * @param int $outlen |
|
| 332 | + * @param string $passwd |
|
| 333 | + * @param string $salt |
|
| 334 | + * @param int $opslimit |
|
| 335 | + * @param int $memlimit |
|
| 336 | + * @return string |
|
| 337 | + */ |
|
| 338 | + function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 339 | + { |
|
| 340 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 341 | + } |
|
| 342 | 342 | } |
| 343 | 343 | if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str')) { |
| 344 | - /** |
|
| 345 | - * @param string $passwd |
|
| 346 | - * @param int $opslimit |
|
| 347 | - * @param int $memlimit |
|
| 348 | - * @return string |
|
| 349 | - */ |
|
| 350 | - function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 351 | - { |
|
| 352 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 353 | - } |
|
| 344 | + /** |
|
| 345 | + * @param string $passwd |
|
| 346 | + * @param int $opslimit |
|
| 347 | + * @param int $memlimit |
|
| 348 | + * @return string |
|
| 349 | + */ |
|
| 350 | + function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 351 | + { |
|
| 352 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 353 | + } |
|
| 354 | 354 | } |
| 355 | 355 | if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
| 356 | - /** |
|
| 357 | - * @param string $passwd |
|
| 358 | - * @param string $hash |
|
| 359 | - * @return bool |
|
| 360 | - */ |
|
| 361 | - function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 362 | - { |
|
| 363 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 364 | - } |
|
| 356 | + /** |
|
| 357 | + * @param string $passwd |
|
| 358 | + * @param string $hash |
|
| 359 | + * @return bool |
|
| 360 | + */ |
|
| 361 | + function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 362 | + { |
|
| 363 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 364 | + } |
|
| 365 | 365 | } |
| 366 | 366 | if (!is_callable('\\Sodium\\crypto_scalarmult')) { |
| 367 | - /** |
|
| 368 | - * @param string $n |
|
| 369 | - * @param string $p |
|
| 370 | - * @return string |
|
| 371 | - */ |
|
| 372 | - function crypto_scalarmult($n, $p) |
|
| 373 | - { |
|
| 374 | - return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
|
| 375 | - } |
|
| 367 | + /** |
|
| 368 | + * @param string $n |
|
| 369 | + * @param string $p |
|
| 370 | + * @return string |
|
| 371 | + */ |
|
| 372 | + function crypto_scalarmult($n, $p) |
|
| 373 | + { |
|
| 374 | + return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
|
| 375 | + } |
|
| 376 | 376 | } |
| 377 | 377 | if (!is_callable('\\Sodium\\crypto_scalarmult_base')) { |
| 378 | - /** |
|
| 379 | - * @param string $n |
|
| 380 | - * @return string |
|
| 381 | - */ |
|
| 382 | - function crypto_scalarmult_base($n) |
|
| 383 | - { |
|
| 384 | - return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
|
| 385 | - } |
|
| 378 | + /** |
|
| 379 | + * @param string $n |
|
| 380 | + * @return string |
|
| 381 | + */ |
|
| 382 | + function crypto_scalarmult_base($n) |
|
| 383 | + { |
|
| 384 | + return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
|
| 385 | + } |
|
| 386 | 386 | } |
| 387 | 387 | if (!is_callable('\\Sodium\\crypto_secretbox')) { |
| 388 | - /** |
|
| 389 | - * @param string $message |
|
| 390 | - * @param string $nonce |
|
| 391 | - * @param string $key |
|
| 392 | - * @return string |
|
| 393 | - */ |
|
| 394 | - function crypto_secretbox($message, $nonce, $key) |
|
| 395 | - { |
|
| 396 | - return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
|
| 397 | - } |
|
| 388 | + /** |
|
| 389 | + * @param string $message |
|
| 390 | + * @param string $nonce |
|
| 391 | + * @param string $key |
|
| 392 | + * @return string |
|
| 393 | + */ |
|
| 394 | + function crypto_secretbox($message, $nonce, $key) |
|
| 395 | + { |
|
| 396 | + return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
|
| 397 | + } |
|
| 398 | 398 | } |
| 399 | 399 | if (!is_callable('\\Sodium\\crypto_secretbox_open')) { |
| 400 | - /** |
|
| 401 | - * @param string $message |
|
| 402 | - * @param string $nonce |
|
| 403 | - * @param string $key |
|
| 404 | - * @return string|bool |
|
| 405 | - */ |
|
| 406 | - function crypto_secretbox_open($message, $nonce, $key) |
|
| 407 | - { |
|
| 408 | - try { |
|
| 409 | - return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
|
| 410 | - } catch (Error $ex) { |
|
| 411 | - return false; |
|
| 412 | - } catch (Exception $ex) { |
|
| 413 | - return false; |
|
| 414 | - } |
|
| 415 | - } |
|
| 400 | + /** |
|
| 401 | + * @param string $message |
|
| 402 | + * @param string $nonce |
|
| 403 | + * @param string $key |
|
| 404 | + * @return string|bool |
|
| 405 | + */ |
|
| 406 | + function crypto_secretbox_open($message, $nonce, $key) |
|
| 407 | + { |
|
| 408 | + try { |
|
| 409 | + return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
|
| 410 | + } catch (Error $ex) { |
|
| 411 | + return false; |
|
| 412 | + } catch (Exception $ex) { |
|
| 413 | + return false; |
|
| 414 | + } |
|
| 415 | + } |
|
| 416 | 416 | } |
| 417 | 417 | if (!is_callable('\\Sodium\\crypto_shorthash')) { |
| 418 | - /** |
|
| 419 | - * @param string $message |
|
| 420 | - * @param string $key |
|
| 421 | - * @return string |
|
| 422 | - */ |
|
| 423 | - function crypto_shorthash($message, $key = '') |
|
| 424 | - { |
|
| 425 | - return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
|
| 426 | - } |
|
| 418 | + /** |
|
| 419 | + * @param string $message |
|
| 420 | + * @param string $key |
|
| 421 | + * @return string |
|
| 422 | + */ |
|
| 423 | + function crypto_shorthash($message, $key = '') |
|
| 424 | + { |
|
| 425 | + return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
|
| 426 | + } |
|
| 427 | 427 | } |
| 428 | 428 | if (!is_callable('\\Sodium\\crypto_sign')) { |
| 429 | - /** |
|
| 430 | - * @param string $message |
|
| 431 | - * @param string $sk |
|
| 432 | - * @return string |
|
| 433 | - */ |
|
| 434 | - function crypto_sign($message, $sk) |
|
| 435 | - { |
|
| 436 | - return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
|
| 437 | - } |
|
| 429 | + /** |
|
| 430 | + * @param string $message |
|
| 431 | + * @param string $sk |
|
| 432 | + * @return string |
|
| 433 | + */ |
|
| 434 | + function crypto_sign($message, $sk) |
|
| 435 | + { |
|
| 436 | + return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
|
| 437 | + } |
|
| 438 | 438 | } |
| 439 | 439 | if (!is_callable('\\Sodium\\crypto_sign_detached')) { |
| 440 | - /** |
|
| 441 | - * @param string $message |
|
| 442 | - * @param string $sk |
|
| 443 | - * @return string |
|
| 444 | - */ |
|
| 445 | - function crypto_sign_detached($message, $sk) |
|
| 446 | - { |
|
| 447 | - return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
|
| 448 | - } |
|
| 440 | + /** |
|
| 441 | + * @param string $message |
|
| 442 | + * @param string $sk |
|
| 443 | + * @return string |
|
| 444 | + */ |
|
| 445 | + function crypto_sign_detached($message, $sk) |
|
| 446 | + { |
|
| 447 | + return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
|
| 448 | + } |
|
| 449 | 449 | } |
| 450 | 450 | if (!is_callable('\\Sodium\\crypto_sign_keypair')) { |
| 451 | - /** |
|
| 452 | - * @return string |
|
| 453 | - */ |
|
| 454 | - function crypto_sign_keypair() |
|
| 455 | - { |
|
| 456 | - return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
|
| 457 | - } |
|
| 451 | + /** |
|
| 452 | + * @return string |
|
| 453 | + */ |
|
| 454 | + function crypto_sign_keypair() |
|
| 455 | + { |
|
| 456 | + return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
|
| 457 | + } |
|
| 458 | 458 | } |
| 459 | 459 | if (!is_callable('\\Sodium\\crypto_sign_open')) { |
| 460 | - /** |
|
| 461 | - * @param string $signedMessage |
|
| 462 | - * @param string $pk |
|
| 463 | - * @return string|bool |
|
| 464 | - */ |
|
| 465 | - function crypto_sign_open($signedMessage, $pk) |
|
| 466 | - { |
|
| 467 | - try { |
|
| 468 | - return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
|
| 469 | - } catch (\Error $ex) { |
|
| 470 | - return false; |
|
| 471 | - } catch (\Exception $ex) { |
|
| 472 | - return false; |
|
| 473 | - } |
|
| 474 | - } |
|
| 460 | + /** |
|
| 461 | + * @param string $signedMessage |
|
| 462 | + * @param string $pk |
|
| 463 | + * @return string|bool |
|
| 464 | + */ |
|
| 465 | + function crypto_sign_open($signedMessage, $pk) |
|
| 466 | + { |
|
| 467 | + try { |
|
| 468 | + return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
|
| 469 | + } catch (\Error $ex) { |
|
| 470 | + return false; |
|
| 471 | + } catch (\Exception $ex) { |
|
| 472 | + return false; |
|
| 473 | + } |
|
| 474 | + } |
|
| 475 | 475 | } |
| 476 | 476 | if (!is_callable('\\Sodium\\crypto_sign_publickey')) { |
| 477 | - /** |
|
| 478 | - * @param string $keypair |
|
| 479 | - * @return string |
|
| 480 | - */ |
|
| 481 | - function crypto_sign_publickey($keypair) |
|
| 482 | - { |
|
| 483 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
|
| 484 | - } |
|
| 477 | + /** |
|
| 478 | + * @param string $keypair |
|
| 479 | + * @return string |
|
| 480 | + */ |
|
| 481 | + function crypto_sign_publickey($keypair) |
|
| 482 | + { |
|
| 483 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
|
| 484 | + } |
|
| 485 | 485 | } |
| 486 | 486 | if (!is_callable('\\Sodium\\crypto_sign_publickey_from_secretkey')) { |
| 487 | - /** |
|
| 488 | - * @param string $sk |
|
| 489 | - * @return string |
|
| 490 | - */ |
|
| 491 | - function crypto_sign_publickey_from_secretkey($sk) |
|
| 492 | - { |
|
| 493 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
|
| 494 | - } |
|
| 487 | + /** |
|
| 488 | + * @param string $sk |
|
| 489 | + * @return string |
|
| 490 | + */ |
|
| 491 | + function crypto_sign_publickey_from_secretkey($sk) |
|
| 492 | + { |
|
| 493 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
|
| 494 | + } |
|
| 495 | 495 | } |
| 496 | 496 | if (!is_callable('\\Sodium\\crypto_sign_secretkey')) { |
| 497 | - /** |
|
| 498 | - * @param string $keypair |
|
| 499 | - * @return string |
|
| 500 | - */ |
|
| 501 | - function crypto_sign_secretkey($keypair) |
|
| 502 | - { |
|
| 503 | - return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
|
| 504 | - } |
|
| 497 | + /** |
|
| 498 | + * @param string $keypair |
|
| 499 | + * @return string |
|
| 500 | + */ |
|
| 501 | + function crypto_sign_secretkey($keypair) |
|
| 502 | + { |
|
| 503 | + return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
|
| 504 | + } |
|
| 505 | 505 | } |
| 506 | 506 | if (!is_callable('\\Sodium\\crypto_sign_seed_keypair')) { |
| 507 | - /** |
|
| 508 | - * @param string $seed |
|
| 509 | - * @return string |
|
| 510 | - */ |
|
| 511 | - function crypto_sign_seed_keypair($seed) |
|
| 512 | - { |
|
| 513 | - return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
|
| 514 | - } |
|
| 507 | + /** |
|
| 508 | + * @param string $seed |
|
| 509 | + * @return string |
|
| 510 | + */ |
|
| 511 | + function crypto_sign_seed_keypair($seed) |
|
| 512 | + { |
|
| 513 | + return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
|
| 514 | + } |
|
| 515 | 515 | } |
| 516 | 516 | if (!is_callable('\\Sodium\\crypto_sign_verify_detached')) { |
| 517 | - /** |
|
| 518 | - * @param string $signature |
|
| 519 | - * @param string $message |
|
| 520 | - * @param string $pk |
|
| 521 | - * @return bool |
|
| 522 | - */ |
|
| 523 | - function crypto_sign_verify_detached($signature, $message, $pk) |
|
| 524 | - { |
|
| 525 | - return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
|
| 526 | - } |
|
| 517 | + /** |
|
| 518 | + * @param string $signature |
|
| 519 | + * @param string $message |
|
| 520 | + * @param string $pk |
|
| 521 | + * @return bool |
|
| 522 | + */ |
|
| 523 | + function crypto_sign_verify_detached($signature, $message, $pk) |
|
| 524 | + { |
|
| 525 | + return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
|
| 526 | + } |
|
| 527 | 527 | } |
| 528 | 528 | if (!is_callable('\\Sodium\\crypto_sign_ed25519_sk_to_curve25519')) { |
| 529 | - /** |
|
| 530 | - * @param string $sk |
|
| 531 | - * @return string |
|
| 532 | - */ |
|
| 533 | - function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 534 | - { |
|
| 535 | - return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); |
|
| 536 | - } |
|
| 529 | + /** |
|
| 530 | + * @param string $sk |
|
| 531 | + * @return string |
|
| 532 | + */ |
|
| 533 | + function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 534 | + { |
|
| 535 | + return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); |
|
| 536 | + } |
|
| 537 | 537 | } |
| 538 | 538 | if (!is_callable('\\Sodium\\crypto_stream')) { |
| 539 | - /** |
|
| 540 | - * @param int $len |
|
| 541 | - * @param string $nonce |
|
| 542 | - * @param string $key |
|
| 543 | - * @return string |
|
| 544 | - */ |
|
| 545 | - function crypto_stream($len, $nonce, $key) |
|
| 546 | - { |
|
| 547 | - return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
|
| 548 | - } |
|
| 539 | + /** |
|
| 540 | + * @param int $len |
|
| 541 | + * @param string $nonce |
|
| 542 | + * @param string $key |
|
| 543 | + * @return string |
|
| 544 | + */ |
|
| 545 | + function crypto_stream($len, $nonce, $key) |
|
| 546 | + { |
|
| 547 | + return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
|
| 548 | + } |
|
| 549 | 549 | } |
| 550 | 550 | if (!is_callable('\\Sodium\\crypto_stream_xor')) { |
| 551 | - /** |
|
| 552 | - * @param string $message |
|
| 553 | - * @param string $nonce |
|
| 554 | - * @param string $key |
|
| 555 | - * @return string |
|
| 556 | - */ |
|
| 557 | - function crypto_stream_xor($message, $nonce, $key) |
|
| 558 | - { |
|
| 559 | - return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
|
| 560 | - } |
|
| 551 | + /** |
|
| 552 | + * @param string $message |
|
| 553 | + * @param string $nonce |
|
| 554 | + * @param string $key |
|
| 555 | + * @return string |
|
| 556 | + */ |
|
| 557 | + function crypto_stream_xor($message, $nonce, $key) |
|
| 558 | + { |
|
| 559 | + return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
|
| 560 | + } |
|
| 561 | 561 | } |
| 562 | 562 | if (!is_callable('\\Sodium\\hex2bin')) { |
| 563 | - /** |
|
| 564 | - * @param string $string |
|
| 565 | - * @return string |
|
| 566 | - */ |
|
| 567 | - function hex2bin($string) |
|
| 568 | - { |
|
| 569 | - return ParagonIE_Sodium_Compat::hex2bin($string); |
|
| 570 | - } |
|
| 563 | + /** |
|
| 564 | + * @param string $string |
|
| 565 | + * @return string |
|
| 566 | + */ |
|
| 567 | + function hex2bin($string) |
|
| 568 | + { |
|
| 569 | + return ParagonIE_Sodium_Compat::hex2bin($string); |
|
| 570 | + } |
|
| 571 | 571 | } |
| 572 | 572 | if (!is_callable('\\Sodium\\memcmp')) { |
| 573 | - /** |
|
| 574 | - * @param string $a |
|
| 575 | - * @param string $b |
|
| 576 | - * @return int |
|
| 577 | - */ |
|
| 578 | - function memcmp($a, $b) |
|
| 579 | - { |
|
| 580 | - return ParagonIE_Sodium_Compat::memcmp($a, $b); |
|
| 581 | - } |
|
| 573 | + /** |
|
| 574 | + * @param string $a |
|
| 575 | + * @param string $b |
|
| 576 | + * @return int |
|
| 577 | + */ |
|
| 578 | + function memcmp($a, $b) |
|
| 579 | + { |
|
| 580 | + return ParagonIE_Sodium_Compat::memcmp($a, $b); |
|
| 581 | + } |
|
| 582 | 582 | } |
| 583 | 583 | if (!is_callable('\\Sodium\\memzero')) { |
| 584 | - /** |
|
| 585 | - * @param string $str |
|
| 586 | - * @return void |
|
| 587 | - */ |
|
| 588 | - function memzero(&$str) |
|
| 589 | - { |
|
| 590 | - ParagonIE_Sodium_Compat::memzero($str); |
|
| 591 | - } |
|
| 584 | + /** |
|
| 585 | + * @param string $str |
|
| 586 | + * @return void |
|
| 587 | + */ |
|
| 588 | + function memzero(&$str) |
|
| 589 | + { |
|
| 590 | + ParagonIE_Sodium_Compat::memzero($str); |
|
| 591 | + } |
|
| 592 | 592 | } |
| 593 | 593 | if (!is_callable('\\Sodium\\randombytes_buf')) { |
| 594 | - /** |
|
| 595 | - * @param int $amount |
|
| 596 | - * @return string |
|
| 597 | - */ |
|
| 598 | - function randombytes_buf($amount) |
|
| 599 | - { |
|
| 600 | - return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
|
| 601 | - } |
|
| 594 | + /** |
|
| 595 | + * @param int $amount |
|
| 596 | + * @return string |
|
| 597 | + */ |
|
| 598 | + function randombytes_buf($amount) |
|
| 599 | + { |
|
| 600 | + return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
|
| 601 | + } |
|
| 602 | 602 | } |
| 603 | 603 | |
| 604 | 604 | if (!is_callable('\\Sodium\\randombytes_uniform')) { |
| 605 | - /** |
|
| 606 | - * @param int $upperLimit |
|
| 607 | - * @return int |
|
| 608 | - */ |
|
| 609 | - function randombytes_uniform($upperLimit) |
|
| 610 | - { |
|
| 611 | - return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
|
| 612 | - } |
|
| 605 | + /** |
|
| 606 | + * @param int $upperLimit |
|
| 607 | + * @return int |
|
| 608 | + */ |
|
| 609 | + function randombytes_uniform($upperLimit) |
|
| 610 | + { |
|
| 611 | + return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
|
| 612 | + } |
|
| 613 | 613 | } |
| 614 | 614 | |
| 615 | 615 | if (!is_callable('\\Sodium\\randombytes_random16')) { |
| 616 | - /** |
|
| 617 | - * @return int |
|
| 618 | - */ |
|
| 619 | - function randombytes_random16() |
|
| 620 | - { |
|
| 621 | - return ParagonIE_Sodium_Compat::randombytes_random16(); |
|
| 622 | - } |
|
| 616 | + /** |
|
| 617 | + * @return int |
|
| 618 | + */ |
|
| 619 | + function randombytes_random16() |
|
| 620 | + { |
|
| 621 | + return ParagonIE_Sodium_Compat::randombytes_random16(); |
|
| 622 | + } |
|
| 623 | 623 | } |
| 624 | 624 | |
| 625 | 625 | if (!defined('\\Sodium\\CRYPTO_AUTH_BYTES')) { |
| 626 | - require_once dirname(__FILE__) . '/constants.php'; |
|
| 626 | + require_once dirname(__FILE__) . '/constants.php'; |
|
| 627 | 627 | } |
@@ -10,28 +10,28 @@ discard block |
||
| 10 | 10 | * Thus, the functions just proxy to the appropriate ParagonIE_Sodium_Compat |
| 11 | 11 | * method. |
| 12 | 12 | */ |
| 13 | -if (!is_callable('\\Sodium\\bin2hex')) { |
|
| 13 | +if ( ! is_callable( '\\Sodium\\bin2hex' ) ) { |
|
| 14 | 14 | /** |
| 15 | 15 | * @param string $string |
| 16 | 16 | * @return string |
| 17 | 17 | */ |
| 18 | - function bin2hex($string) |
|
| 18 | + function bin2hex( $string ) |
|
| 19 | 19 | { |
| 20 | - return ParagonIE_Sodium_Compat::bin2hex($string); |
|
| 20 | + return ParagonIE_Sodium_Compat::bin2hex( $string ); |
|
| 21 | 21 | } |
| 22 | 22 | } |
| 23 | -if (!is_callable('\\Sodium\\compare')) { |
|
| 23 | +if ( ! is_callable( '\\Sodium\\compare' ) ) { |
|
| 24 | 24 | /** |
| 25 | 25 | * @param string $a |
| 26 | 26 | * @param string $b |
| 27 | 27 | * @return int |
| 28 | 28 | */ |
| 29 | - function compare($a, $b) |
|
| 29 | + function compare( $a, $b ) |
|
| 30 | 30 | { |
| 31 | - return ParagonIE_Sodium_Compat::compare($a, $b); |
|
| 31 | + return ParagonIE_Sodium_Compat::compare( $a, $b ); |
|
| 32 | 32 | } |
| 33 | 33 | } |
| 34 | -if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_decrypt')) { |
|
| 34 | +if ( ! is_callable( '\\Sodium\\crypto_aead_chacha20poly1305_decrypt' ) ) { |
|
| 35 | 35 | /** |
| 36 | 36 | * @param string $message |
| 37 | 37 | * @param string $assocData |
@@ -39,18 +39,18 @@ discard block |
||
| 39 | 39 | * @param string $key |
| 40 | 40 | * @return string|bool |
| 41 | 41 | */ |
| 42 | - function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 42 | + function crypto_aead_chacha20poly1305_decrypt( $message, $assocData, $nonce, $key ) |
|
| 43 | 43 | { |
| 44 | 44 | try { |
| 45 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
|
| 46 | - } catch (Error $ex) { |
|
| 45 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt( $message, $assocData, $nonce, $key ); |
|
| 46 | + } catch ( Error $ex ) { |
|
| 47 | 47 | return false; |
| 48 | - } catch (Exception $ex) { |
|
| 48 | + } catch ( Exception $ex ) { |
|
| 49 | 49 | return false; |
| 50 | 50 | } |
| 51 | 51 | } |
| 52 | 52 | } |
| 53 | -if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_encrypt')) { |
|
| 53 | +if ( ! is_callable( '\\Sodium\\crypto_aead_chacha20poly1305_encrypt' ) ) { |
|
| 54 | 54 | /** |
| 55 | 55 | * @param string $message |
| 56 | 56 | * @param string $assocData |
@@ -58,12 +58,12 @@ discard block |
||
| 58 | 58 | * @param string $key |
| 59 | 59 | * @return string |
| 60 | 60 | */ |
| 61 | - function crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 61 | + function crypto_aead_chacha20poly1305_encrypt( $message, $assocData, $nonce, $key ) |
|
| 62 | 62 | { |
| 63 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
|
| 63 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt( $message, $assocData, $nonce, $key ); |
|
| 64 | 64 | } |
| 65 | 65 | } |
| 66 | -if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt')) { |
|
| 66 | +if ( ! is_callable( '\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt' ) ) { |
|
| 67 | 67 | /** |
| 68 | 68 | * @param string $message |
| 69 | 69 | * @param string $assocData |
@@ -71,18 +71,18 @@ discard block |
||
| 71 | 71 | * @param string $key |
| 72 | 72 | * @return string|bool |
| 73 | 73 | */ |
| 74 | - function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 74 | + function crypto_aead_chacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, $key ) |
|
| 75 | 75 | { |
| 76 | 76 | try { |
| 77 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
|
| 78 | - } catch (Error $ex) { |
|
| 77 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt( $message, $assocData, $nonce, $key ); |
|
| 78 | + } catch ( Error $ex ) { |
|
| 79 | 79 | return false; |
| 80 | - } catch (Exception $ex) { |
|
| 80 | + } catch ( Exception $ex ) { |
|
| 81 | 81 | return false; |
| 82 | 82 | } |
| 83 | 83 | } |
| 84 | 84 | } |
| 85 | -if (!is_callable('\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt')) { |
|
| 85 | +if ( ! is_callable( '\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt' ) ) { |
|
| 86 | 86 | /** |
| 87 | 87 | * @param string $message |
| 88 | 88 | * @param string $assocData |
@@ -90,47 +90,47 @@ discard block |
||
| 90 | 90 | * @param string $key |
| 91 | 91 | * @return string |
| 92 | 92 | */ |
| 93 | - function crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 93 | + function crypto_aead_chacha20poly1305_ietf_encrypt( $message, $assocData, $nonce, $key ) |
|
| 94 | 94 | { |
| 95 | - return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
|
| 95 | + return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt( $message, $assocData, $nonce, $key ); |
|
| 96 | 96 | } |
| 97 | 97 | } |
| 98 | -if (!is_callable('\\Sodium\\crypto_auth')) { |
|
| 98 | +if ( ! is_callable( '\\Sodium\\crypto_auth' ) ) { |
|
| 99 | 99 | /** |
| 100 | 100 | * @param string $message |
| 101 | 101 | * @param string $key |
| 102 | 102 | * @return string |
| 103 | 103 | */ |
| 104 | - function crypto_auth($message, $key) |
|
| 104 | + function crypto_auth( $message, $key ) |
|
| 105 | 105 | { |
| 106 | - return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
|
| 106 | + return ParagonIE_Sodium_Compat::crypto_auth( $message, $key ); |
|
| 107 | 107 | } |
| 108 | 108 | } |
| 109 | -if (!is_callable('\\Sodium\\crypto_auth_verify')) { |
|
| 109 | +if ( ! is_callable( '\\Sodium\\crypto_auth_verify' ) ) { |
|
| 110 | 110 | /** |
| 111 | 111 | * @param string $mac |
| 112 | 112 | * @param string $message |
| 113 | 113 | * @param string $key |
| 114 | 114 | * @return bool |
| 115 | 115 | */ |
| 116 | - function crypto_auth_verify($mac, $message, $key) |
|
| 116 | + function crypto_auth_verify( $mac, $message, $key ) |
|
| 117 | 117 | { |
| 118 | - return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
|
| 118 | + return ParagonIE_Sodium_Compat::crypto_auth_verify( $mac, $message, $key ); |
|
| 119 | 119 | } |
| 120 | 120 | } |
| 121 | -if (!is_callable('\\Sodium\\crypto_box')) { |
|
| 121 | +if ( ! is_callable( '\\Sodium\\crypto_box' ) ) { |
|
| 122 | 122 | /** |
| 123 | 123 | * @param string $message |
| 124 | 124 | * @param string $nonce |
| 125 | 125 | * @param string $kp |
| 126 | 126 | * @return string |
| 127 | 127 | */ |
| 128 | - function crypto_box($message, $nonce, $kp) |
|
| 128 | + function crypto_box( $message, $nonce, $kp ) |
|
| 129 | 129 | { |
| 130 | - return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
|
| 130 | + return ParagonIE_Sodium_Compat::crypto_box( $message, $nonce, $kp ); |
|
| 131 | 131 | } |
| 132 | 132 | } |
| 133 | -if (!is_callable('\\Sodium\\crypto_box_keypair')) { |
|
| 133 | +if ( ! is_callable( '\\Sodium\\crypto_box_keypair' ) ) { |
|
| 134 | 134 | /** |
| 135 | 135 | * @return string |
| 136 | 136 | */ |
@@ -139,139 +139,139 @@ discard block |
||
| 139 | 139 | return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
| 140 | 140 | } |
| 141 | 141 | } |
| 142 | -if (!is_callable('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey')) { |
|
| 142 | +if ( ! is_callable( '\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey' ) ) { |
|
| 143 | 143 | /** |
| 144 | 144 | * @param string $sk |
| 145 | 145 | * @param string $pk |
| 146 | 146 | * @return string |
| 147 | 147 | */ |
| 148 | - function crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 148 | + function crypto_box_keypair_from_secretkey_and_publickey( $sk, $pk ) |
|
| 149 | 149 | { |
| 150 | - return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
|
| 150 | + return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey( $sk, $pk ); |
|
| 151 | 151 | } |
| 152 | 152 | } |
| 153 | -if (!is_callable('\\Sodium\\crypto_box_open')) { |
|
| 153 | +if ( ! is_callable( '\\Sodium\\crypto_box_open' ) ) { |
|
| 154 | 154 | /** |
| 155 | 155 | * @param string $message |
| 156 | 156 | * @param string $nonce |
| 157 | 157 | * @param string $kp |
| 158 | 158 | * @return string|bool |
| 159 | 159 | */ |
| 160 | - function crypto_box_open($message, $nonce, $kp) |
|
| 160 | + function crypto_box_open( $message, $nonce, $kp ) |
|
| 161 | 161 | { |
| 162 | 162 | try { |
| 163 | - return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
|
| 164 | - } catch (Error $ex) { |
|
| 163 | + return ParagonIE_Sodium_Compat::crypto_box_open( $message, $nonce, $kp ); |
|
| 164 | + } catch ( Error $ex ) { |
|
| 165 | 165 | return false; |
| 166 | - } catch (Exception $ex) { |
|
| 166 | + } catch ( Exception $ex ) { |
|
| 167 | 167 | return false; |
| 168 | 168 | } |
| 169 | 169 | } |
| 170 | 170 | } |
| 171 | -if (!is_callable('\\Sodium\\crypto_box_publickey')) { |
|
| 171 | +if ( ! is_callable( '\\Sodium\\crypto_box_publickey' ) ) { |
|
| 172 | 172 | /** |
| 173 | 173 | * @param string $keypair |
| 174 | 174 | * @return string |
| 175 | 175 | */ |
| 176 | - function crypto_box_publickey($keypair) |
|
| 176 | + function crypto_box_publickey( $keypair ) |
|
| 177 | 177 | { |
| 178 | - return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
|
| 178 | + return ParagonIE_Sodium_Compat::crypto_box_publickey( $keypair ); |
|
| 179 | 179 | } |
| 180 | 180 | } |
| 181 | -if (!is_callable('\\Sodium\\crypto_box_publickey_from_secretkey')) { |
|
| 181 | +if ( ! is_callable( '\\Sodium\\crypto_box_publickey_from_secretkey' ) ) { |
|
| 182 | 182 | /** |
| 183 | 183 | * @param string $sk |
| 184 | 184 | * @return string |
| 185 | 185 | */ |
| 186 | - function crypto_box_publickey_from_secretkey($sk) |
|
| 186 | + function crypto_box_publickey_from_secretkey( $sk ) |
|
| 187 | 187 | { |
| 188 | - return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
|
| 188 | + return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey( $sk ); |
|
| 189 | 189 | } |
| 190 | 190 | } |
| 191 | -if (!is_callable('\\Sodium\\crypto_box_seal')) { |
|
| 191 | +if ( ! is_callable( '\\Sodium\\crypto_box_seal' ) ) { |
|
| 192 | 192 | /** |
| 193 | 193 | * @param string $message |
| 194 | 194 | * @param string $publicKey |
| 195 | 195 | * @return string |
| 196 | 196 | */ |
| 197 | - function crypto_box_seal($message, $publicKey) |
|
| 197 | + function crypto_box_seal( $message, $publicKey ) |
|
| 198 | 198 | { |
| 199 | - return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
|
| 199 | + return ParagonIE_Sodium_Compat::crypto_box_seal( $message, $publicKey ); |
|
| 200 | 200 | } |
| 201 | 201 | } |
| 202 | -if (!is_callable('\\Sodium\\crypto_box_seal_open')) { |
|
| 202 | +if ( ! is_callable( '\\Sodium\\crypto_box_seal_open' ) ) { |
|
| 203 | 203 | /** |
| 204 | 204 | * @param string $message |
| 205 | 205 | * @param string $kp |
| 206 | 206 | * @return string|bool |
| 207 | 207 | */ |
| 208 | - function crypto_box_seal_open($message, $kp) |
|
| 208 | + function crypto_box_seal_open( $message, $kp ) |
|
| 209 | 209 | { |
| 210 | 210 | try { |
| 211 | - return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
|
| 212 | - } catch (\Error $ex) { |
|
| 211 | + return ParagonIE_Sodium_Compat::crypto_box_seal_open( $message, $kp ); |
|
| 212 | + } catch ( \Error $ex ) { |
|
| 213 | 213 | return false; |
| 214 | - } catch (\Exception $ex) { |
|
| 214 | + } catch ( \Exception $ex ) { |
|
| 215 | 215 | return false; |
| 216 | 216 | } |
| 217 | 217 | } |
| 218 | 218 | } |
| 219 | -if (!is_callable('\\Sodium\\crypto_box_secretkey')) { |
|
| 219 | +if ( ! is_callable( '\\Sodium\\crypto_box_secretkey' ) ) { |
|
| 220 | 220 | /** |
| 221 | 221 | * @param string $keypair |
| 222 | 222 | * @return string |
| 223 | 223 | */ |
| 224 | - function crypto_box_secretkey($keypair) |
|
| 224 | + function crypto_box_secretkey( $keypair ) |
|
| 225 | 225 | { |
| 226 | - return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
|
| 226 | + return ParagonIE_Sodium_Compat::crypto_box_secretkey( $keypair ); |
|
| 227 | 227 | } |
| 228 | 228 | } |
| 229 | -if (!is_callable('\\Sodium\\crypto_generichash')) { |
|
| 229 | +if ( ! is_callable( '\\Sodium\\crypto_generichash' ) ) { |
|
| 230 | 230 | /** |
| 231 | 231 | * @param string $message |
| 232 | 232 | * @param string|null $key |
| 233 | 233 | * @param int $outLen |
| 234 | 234 | * @return string |
| 235 | 235 | */ |
| 236 | - function crypto_generichash($message, $key = null, $outLen = 32) |
|
| 236 | + function crypto_generichash( $message, $key = null, $outLen = 32 ) |
|
| 237 | 237 | { |
| 238 | - return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
|
| 238 | + return ParagonIE_Sodium_Compat::crypto_generichash( $message, $key, $outLen ); |
|
| 239 | 239 | } |
| 240 | 240 | } |
| 241 | -if (!is_callable('\\Sodium\\crypto_generichash_final')) { |
|
| 241 | +if ( ! is_callable( '\\Sodium\\crypto_generichash_final' ) ) { |
|
| 242 | 242 | /** |
| 243 | 243 | * @param string|null $ctx |
| 244 | 244 | * @param int $outputLength |
| 245 | 245 | * @return string |
| 246 | 246 | */ |
| 247 | - function crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 247 | + function crypto_generichash_final( &$ctx, $outputLength = 32 ) |
|
| 248 | 248 | { |
| 249 | - return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
|
| 249 | + return ParagonIE_Sodium_Compat::crypto_generichash_final( $ctx, $outputLength ); |
|
| 250 | 250 | } |
| 251 | 251 | } |
| 252 | -if (!is_callable('\\Sodium\\crypto_generichash_init')) { |
|
| 252 | +if ( ! is_callable( '\\Sodium\\crypto_generichash_init' ) ) { |
|
| 253 | 253 | /** |
| 254 | 254 | * @param string|null $key |
| 255 | 255 | * @param int $outLen |
| 256 | 256 | * @return string |
| 257 | 257 | */ |
| 258 | - function crypto_generichash_init($key = null, $outLen = 32) |
|
| 258 | + function crypto_generichash_init( $key = null, $outLen = 32 ) |
|
| 259 | 259 | { |
| 260 | - return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
|
| 260 | + return ParagonIE_Sodium_Compat::crypto_generichash_init( $key, $outLen ); |
|
| 261 | 261 | } |
| 262 | 262 | } |
| 263 | -if (!is_callable('\\Sodium\\crypto_generichash_update')) { |
|
| 263 | +if ( ! is_callable( '\\Sodium\\crypto_generichash_update' ) ) { |
|
| 264 | 264 | /** |
| 265 | 265 | * @param string|null $ctx |
| 266 | 266 | * @param string $message |
| 267 | 267 | * @return void |
| 268 | 268 | */ |
| 269 | - function crypto_generichash_update(&$ctx, $message = '') |
|
| 269 | + function crypto_generichash_update( &$ctx, $message = '' ) |
|
| 270 | 270 | { |
| 271 | - ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
|
| 271 | + ParagonIE_Sodium_Compat::crypto_generichash_update( $ctx, $message ); |
|
| 272 | 272 | } |
| 273 | 273 | } |
| 274 | -if (!is_callable('\\Sodium\\crypto_kx')) { |
|
| 274 | +if ( ! is_callable( '\\Sodium\\crypto_kx' ) ) { |
|
| 275 | 275 | /** |
| 276 | 276 | * @param string $my_secret |
| 277 | 277 | * @param string $their_public |
@@ -279,7 +279,7 @@ discard block |
||
| 279 | 279 | * @param string $server_public |
| 280 | 280 | * @return string |
| 281 | 281 | */ |
| 282 | - function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 282 | + function crypto_kx( $my_secret, $their_public, $client_public, $server_public ) |
|
| 283 | 283 | { |
| 284 | 284 | return ParagonIE_Sodium_Compat::crypto_kx( |
| 285 | 285 | $my_secret, |
@@ -289,7 +289,7 @@ discard block |
||
| 289 | 289 | ); |
| 290 | 290 | } |
| 291 | 291 | } |
| 292 | -if (!is_callable('\\Sodium\\crypto_pwhash')) { |
|
| 292 | +if ( ! is_callable( '\\Sodium\\crypto_pwhash' ) ) { |
|
| 293 | 293 | /** |
| 294 | 294 | * @param int $outlen |
| 295 | 295 | * @param string $passwd |
@@ -298,35 +298,35 @@ discard block |
||
| 298 | 298 | * @param int $memlimit |
| 299 | 299 | * @return string |
| 300 | 300 | */ |
| 301 | - function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 301 | + function crypto_pwhash( $outlen, $passwd, $salt, $opslimit, $memlimit ) |
|
| 302 | 302 | { |
| 303 | - return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 303 | + return ParagonIE_Sodium_Compat::crypto_pwhash( $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 304 | 304 | } |
| 305 | 305 | } |
| 306 | -if (!is_callable('\\Sodium\\crypto_pwhash_str')) { |
|
| 306 | +if ( ! is_callable( '\\Sodium\\crypto_pwhash_str' ) ) { |
|
| 307 | 307 | /** |
| 308 | 308 | * @param string $passwd |
| 309 | 309 | * @param int $opslimit |
| 310 | 310 | * @param int $memlimit |
| 311 | 311 | * @return string |
| 312 | 312 | */ |
| 313 | - function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 313 | + function crypto_pwhash_str( $passwd, $opslimit, $memlimit ) |
|
| 314 | 314 | { |
| 315 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 315 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str( $passwd, $opslimit, $memlimit ); |
|
| 316 | 316 | } |
| 317 | 317 | } |
| 318 | -if (!is_callable('\\Sodium\\crypto_pwhash_str_verify')) { |
|
| 318 | +if ( ! is_callable( '\\Sodium\\crypto_pwhash_str_verify' ) ) { |
|
| 319 | 319 | /** |
| 320 | 320 | * @param string $passwd |
| 321 | 321 | * @param string $hash |
| 322 | 322 | * @return bool |
| 323 | 323 | */ |
| 324 | - function crypto_pwhash_str_verify($passwd, $hash) |
|
| 324 | + function crypto_pwhash_str_verify( $passwd, $hash ) |
|
| 325 | 325 | { |
| 326 | - return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
|
| 326 | + return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify( $passwd, $hash ); |
|
| 327 | 327 | } |
| 328 | 328 | } |
| 329 | -if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256')) { |
|
| 329 | +if ( ! is_callable( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256' ) ) { |
|
| 330 | 330 | /** |
| 331 | 331 | * @param int $outlen |
| 332 | 332 | * @param string $passwd |
@@ -335,119 +335,119 @@ discard block |
||
| 335 | 335 | * @param int $memlimit |
| 336 | 336 | * @return string |
| 337 | 337 | */ |
| 338 | - function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 338 | + function crypto_pwhash_scryptsalsa208sha256( $outlen, $passwd, $salt, $opslimit, $memlimit ) |
|
| 339 | 339 | { |
| 340 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 340 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256( $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 341 | 341 | } |
| 342 | 342 | } |
| 343 | -if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str')) { |
|
| 343 | +if ( ! is_callable( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str' ) ) { |
|
| 344 | 344 | /** |
| 345 | 345 | * @param string $passwd |
| 346 | 346 | * @param int $opslimit |
| 347 | 347 | * @param int $memlimit |
| 348 | 348 | * @return string |
| 349 | 349 | */ |
| 350 | - function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 350 | + function crypto_pwhash_scryptsalsa208sha256_str( $passwd, $opslimit, $memlimit ) |
|
| 351 | 351 | { |
| 352 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 352 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str( $passwd, $opslimit, $memlimit ); |
|
| 353 | 353 | } |
| 354 | 354 | } |
| 355 | -if (!is_callable('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
|
| 355 | +if ( ! is_callable( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify' ) ) { |
|
| 356 | 356 | /** |
| 357 | 357 | * @param string $passwd |
| 358 | 358 | * @param string $hash |
| 359 | 359 | * @return bool |
| 360 | 360 | */ |
| 361 | - function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 361 | + function crypto_pwhash_scryptsalsa208sha256_str_verify( $passwd, $hash ) |
|
| 362 | 362 | { |
| 363 | - return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 363 | + return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify( $passwd, $hash ); |
|
| 364 | 364 | } |
| 365 | 365 | } |
| 366 | -if (!is_callable('\\Sodium\\crypto_scalarmult')) { |
|
| 366 | +if ( ! is_callable( '\\Sodium\\crypto_scalarmult' ) ) { |
|
| 367 | 367 | /** |
| 368 | 368 | * @param string $n |
| 369 | 369 | * @param string $p |
| 370 | 370 | * @return string |
| 371 | 371 | */ |
| 372 | - function crypto_scalarmult($n, $p) |
|
| 372 | + function crypto_scalarmult( $n, $p ) |
|
| 373 | 373 | { |
| 374 | - return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
|
| 374 | + return ParagonIE_Sodium_Compat::crypto_scalarmult( $n, $p ); |
|
| 375 | 375 | } |
| 376 | 376 | } |
| 377 | -if (!is_callable('\\Sodium\\crypto_scalarmult_base')) { |
|
| 377 | +if ( ! is_callable( '\\Sodium\\crypto_scalarmult_base' ) ) { |
|
| 378 | 378 | /** |
| 379 | 379 | * @param string $n |
| 380 | 380 | * @return string |
| 381 | 381 | */ |
| 382 | - function crypto_scalarmult_base($n) |
|
| 382 | + function crypto_scalarmult_base( $n ) |
|
| 383 | 383 | { |
| 384 | - return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
|
| 384 | + return ParagonIE_Sodium_Compat::crypto_scalarmult_base( $n ); |
|
| 385 | 385 | } |
| 386 | 386 | } |
| 387 | -if (!is_callable('\\Sodium\\crypto_secretbox')) { |
|
| 387 | +if ( ! is_callable( '\\Sodium\\crypto_secretbox' ) ) { |
|
| 388 | 388 | /** |
| 389 | 389 | * @param string $message |
| 390 | 390 | * @param string $nonce |
| 391 | 391 | * @param string $key |
| 392 | 392 | * @return string |
| 393 | 393 | */ |
| 394 | - function crypto_secretbox($message, $nonce, $key) |
|
| 394 | + function crypto_secretbox( $message, $nonce, $key ) |
|
| 395 | 395 | { |
| 396 | - return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
|
| 396 | + return ParagonIE_Sodium_Compat::crypto_secretbox( $message, $nonce, $key ); |
|
| 397 | 397 | } |
| 398 | 398 | } |
| 399 | -if (!is_callable('\\Sodium\\crypto_secretbox_open')) { |
|
| 399 | +if ( ! is_callable( '\\Sodium\\crypto_secretbox_open' ) ) { |
|
| 400 | 400 | /** |
| 401 | 401 | * @param string $message |
| 402 | 402 | * @param string $nonce |
| 403 | 403 | * @param string $key |
| 404 | 404 | * @return string|bool |
| 405 | 405 | */ |
| 406 | - function crypto_secretbox_open($message, $nonce, $key) |
|
| 406 | + function crypto_secretbox_open( $message, $nonce, $key ) |
|
| 407 | 407 | { |
| 408 | 408 | try { |
| 409 | - return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
|
| 410 | - } catch (Error $ex) { |
|
| 409 | + return ParagonIE_Sodium_Compat::crypto_secretbox_open( $message, $nonce, $key ); |
|
| 410 | + } catch ( Error $ex ) { |
|
| 411 | 411 | return false; |
| 412 | - } catch (Exception $ex) { |
|
| 412 | + } catch ( Exception $ex ) { |
|
| 413 | 413 | return false; |
| 414 | 414 | } |
| 415 | 415 | } |
| 416 | 416 | } |
| 417 | -if (!is_callable('\\Sodium\\crypto_shorthash')) { |
|
| 417 | +if ( ! is_callable( '\\Sodium\\crypto_shorthash' ) ) { |
|
| 418 | 418 | /** |
| 419 | 419 | * @param string $message |
| 420 | 420 | * @param string $key |
| 421 | 421 | * @return string |
| 422 | 422 | */ |
| 423 | - function crypto_shorthash($message, $key = '') |
|
| 423 | + function crypto_shorthash( $message, $key = '' ) |
|
| 424 | 424 | { |
| 425 | - return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
|
| 425 | + return ParagonIE_Sodium_Compat::crypto_shorthash( $message, $key ); |
|
| 426 | 426 | } |
| 427 | 427 | } |
| 428 | -if (!is_callable('\\Sodium\\crypto_sign')) { |
|
| 428 | +if ( ! is_callable( '\\Sodium\\crypto_sign' ) ) { |
|
| 429 | 429 | /** |
| 430 | 430 | * @param string $message |
| 431 | 431 | * @param string $sk |
| 432 | 432 | * @return string |
| 433 | 433 | */ |
| 434 | - function crypto_sign($message, $sk) |
|
| 434 | + function crypto_sign( $message, $sk ) |
|
| 435 | 435 | { |
| 436 | - return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
|
| 436 | + return ParagonIE_Sodium_Compat::crypto_sign( $message, $sk ); |
|
| 437 | 437 | } |
| 438 | 438 | } |
| 439 | -if (!is_callable('\\Sodium\\crypto_sign_detached')) { |
|
| 439 | +if ( ! is_callable( '\\Sodium\\crypto_sign_detached' ) ) { |
|
| 440 | 440 | /** |
| 441 | 441 | * @param string $message |
| 442 | 442 | * @param string $sk |
| 443 | 443 | * @return string |
| 444 | 444 | */ |
| 445 | - function crypto_sign_detached($message, $sk) |
|
| 445 | + function crypto_sign_detached( $message, $sk ) |
|
| 446 | 446 | { |
| 447 | - return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
|
| 447 | + return ParagonIE_Sodium_Compat::crypto_sign_detached( $message, $sk ); |
|
| 448 | 448 | } |
| 449 | 449 | } |
| 450 | -if (!is_callable('\\Sodium\\crypto_sign_keypair')) { |
|
| 450 | +if ( ! is_callable( '\\Sodium\\crypto_sign_keypair' ) ) { |
|
| 451 | 451 | /** |
| 452 | 452 | * @return string |
| 453 | 453 | */ |
@@ -456,163 +456,163 @@ discard block |
||
| 456 | 456 | return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
| 457 | 457 | } |
| 458 | 458 | } |
| 459 | -if (!is_callable('\\Sodium\\crypto_sign_open')) { |
|
| 459 | +if ( ! is_callable( '\\Sodium\\crypto_sign_open' ) ) { |
|
| 460 | 460 | /** |
| 461 | 461 | * @param string $signedMessage |
| 462 | 462 | * @param string $pk |
| 463 | 463 | * @return string|bool |
| 464 | 464 | */ |
| 465 | - function crypto_sign_open($signedMessage, $pk) |
|
| 465 | + function crypto_sign_open( $signedMessage, $pk ) |
|
| 466 | 466 | { |
| 467 | 467 | try { |
| 468 | - return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
|
| 469 | - } catch (\Error $ex) { |
|
| 468 | + return ParagonIE_Sodium_Compat::crypto_sign_open( $signedMessage, $pk ); |
|
| 469 | + } catch ( \Error $ex ) { |
|
| 470 | 470 | return false; |
| 471 | - } catch (\Exception $ex) { |
|
| 471 | + } catch ( \Exception $ex ) { |
|
| 472 | 472 | return false; |
| 473 | 473 | } |
| 474 | 474 | } |
| 475 | 475 | } |
| 476 | -if (!is_callable('\\Sodium\\crypto_sign_publickey')) { |
|
| 476 | +if ( ! is_callable( '\\Sodium\\crypto_sign_publickey' ) ) { |
|
| 477 | 477 | /** |
| 478 | 478 | * @param string $keypair |
| 479 | 479 | * @return string |
| 480 | 480 | */ |
| 481 | - function crypto_sign_publickey($keypair) |
|
| 481 | + function crypto_sign_publickey( $keypair ) |
|
| 482 | 482 | { |
| 483 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
|
| 483 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey( $keypair ); |
|
| 484 | 484 | } |
| 485 | 485 | } |
| 486 | -if (!is_callable('\\Sodium\\crypto_sign_publickey_from_secretkey')) { |
|
| 486 | +if ( ! is_callable( '\\Sodium\\crypto_sign_publickey_from_secretkey' ) ) { |
|
| 487 | 487 | /** |
| 488 | 488 | * @param string $sk |
| 489 | 489 | * @return string |
| 490 | 490 | */ |
| 491 | - function crypto_sign_publickey_from_secretkey($sk) |
|
| 491 | + function crypto_sign_publickey_from_secretkey( $sk ) |
|
| 492 | 492 | { |
| 493 | - return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
|
| 493 | + return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey( $sk ); |
|
| 494 | 494 | } |
| 495 | 495 | } |
| 496 | -if (!is_callable('\\Sodium\\crypto_sign_secretkey')) { |
|
| 496 | +if ( ! is_callable( '\\Sodium\\crypto_sign_secretkey' ) ) { |
|
| 497 | 497 | /** |
| 498 | 498 | * @param string $keypair |
| 499 | 499 | * @return string |
| 500 | 500 | */ |
| 501 | - function crypto_sign_secretkey($keypair) |
|
| 501 | + function crypto_sign_secretkey( $keypair ) |
|
| 502 | 502 | { |
| 503 | - return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
|
| 503 | + return ParagonIE_Sodium_Compat::crypto_sign_secretkey( $keypair ); |
|
| 504 | 504 | } |
| 505 | 505 | } |
| 506 | -if (!is_callable('\\Sodium\\crypto_sign_seed_keypair')) { |
|
| 506 | +if ( ! is_callable( '\\Sodium\\crypto_sign_seed_keypair' ) ) { |
|
| 507 | 507 | /** |
| 508 | 508 | * @param string $seed |
| 509 | 509 | * @return string |
| 510 | 510 | */ |
| 511 | - function crypto_sign_seed_keypair($seed) |
|
| 511 | + function crypto_sign_seed_keypair( $seed ) |
|
| 512 | 512 | { |
| 513 | - return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
|
| 513 | + return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair( $seed ); |
|
| 514 | 514 | } |
| 515 | 515 | } |
| 516 | -if (!is_callable('\\Sodium\\crypto_sign_verify_detached')) { |
|
| 516 | +if ( ! is_callable( '\\Sodium\\crypto_sign_verify_detached' ) ) { |
|
| 517 | 517 | /** |
| 518 | 518 | * @param string $signature |
| 519 | 519 | * @param string $message |
| 520 | 520 | * @param string $pk |
| 521 | 521 | * @return bool |
| 522 | 522 | */ |
| 523 | - function crypto_sign_verify_detached($signature, $message, $pk) |
|
| 523 | + function crypto_sign_verify_detached( $signature, $message, $pk ) |
|
| 524 | 524 | { |
| 525 | - return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
|
| 525 | + return ParagonIE_Sodium_Compat::crypto_sign_verify_detached( $signature, $message, $pk ); |
|
| 526 | 526 | } |
| 527 | 527 | } |
| 528 | -if (!is_callable('\\Sodium\\crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 528 | +if ( ! is_callable( '\\Sodium\\crypto_sign_ed25519_sk_to_curve25519' ) ) { |
|
| 529 | 529 | /** |
| 530 | 530 | * @param string $sk |
| 531 | 531 | * @return string |
| 532 | 532 | */ |
| 533 | - function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 533 | + function crypto_sign_ed25519_sk_to_curve25519( $sk ) |
|
| 534 | 534 | { |
| 535 | - return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); |
|
| 535 | + return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519( $sk ); |
|
| 536 | 536 | } |
| 537 | 537 | } |
| 538 | -if (!is_callable('\\Sodium\\crypto_stream')) { |
|
| 538 | +if ( ! is_callable( '\\Sodium\\crypto_stream' ) ) { |
|
| 539 | 539 | /** |
| 540 | 540 | * @param int $len |
| 541 | 541 | * @param string $nonce |
| 542 | 542 | * @param string $key |
| 543 | 543 | * @return string |
| 544 | 544 | */ |
| 545 | - function crypto_stream($len, $nonce, $key) |
|
| 545 | + function crypto_stream( $len, $nonce, $key ) |
|
| 546 | 546 | { |
| 547 | - return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
|
| 547 | + return ParagonIE_Sodium_Compat::crypto_stream( $len, $nonce, $key ); |
|
| 548 | 548 | } |
| 549 | 549 | } |
| 550 | -if (!is_callable('\\Sodium\\crypto_stream_xor')) { |
|
| 550 | +if ( ! is_callable( '\\Sodium\\crypto_stream_xor' ) ) { |
|
| 551 | 551 | /** |
| 552 | 552 | * @param string $message |
| 553 | 553 | * @param string $nonce |
| 554 | 554 | * @param string $key |
| 555 | 555 | * @return string |
| 556 | 556 | */ |
| 557 | - function crypto_stream_xor($message, $nonce, $key) |
|
| 557 | + function crypto_stream_xor( $message, $nonce, $key ) |
|
| 558 | 558 | { |
| 559 | - return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
|
| 559 | + return ParagonIE_Sodium_Compat::crypto_stream_xor( $message, $nonce, $key ); |
|
| 560 | 560 | } |
| 561 | 561 | } |
| 562 | -if (!is_callable('\\Sodium\\hex2bin')) { |
|
| 562 | +if ( ! is_callable( '\\Sodium\\hex2bin' ) ) { |
|
| 563 | 563 | /** |
| 564 | 564 | * @param string $string |
| 565 | 565 | * @return string |
| 566 | 566 | */ |
| 567 | - function hex2bin($string) |
|
| 567 | + function hex2bin( $string ) |
|
| 568 | 568 | { |
| 569 | - return ParagonIE_Sodium_Compat::hex2bin($string); |
|
| 569 | + return ParagonIE_Sodium_Compat::hex2bin( $string ); |
|
| 570 | 570 | } |
| 571 | 571 | } |
| 572 | -if (!is_callable('\\Sodium\\memcmp')) { |
|
| 572 | +if ( ! is_callable( '\\Sodium\\memcmp' ) ) { |
|
| 573 | 573 | /** |
| 574 | 574 | * @param string $a |
| 575 | 575 | * @param string $b |
| 576 | 576 | * @return int |
| 577 | 577 | */ |
| 578 | - function memcmp($a, $b) |
|
| 578 | + function memcmp( $a, $b ) |
|
| 579 | 579 | { |
| 580 | - return ParagonIE_Sodium_Compat::memcmp($a, $b); |
|
| 580 | + return ParagonIE_Sodium_Compat::memcmp( $a, $b ); |
|
| 581 | 581 | } |
| 582 | 582 | } |
| 583 | -if (!is_callable('\\Sodium\\memzero')) { |
|
| 583 | +if ( ! is_callable( '\\Sodium\\memzero' ) ) { |
|
| 584 | 584 | /** |
| 585 | 585 | * @param string $str |
| 586 | 586 | * @return void |
| 587 | 587 | */ |
| 588 | - function memzero(&$str) |
|
| 588 | + function memzero( &$str ) |
|
| 589 | 589 | { |
| 590 | - ParagonIE_Sodium_Compat::memzero($str); |
|
| 590 | + ParagonIE_Sodium_Compat::memzero( $str ); |
|
| 591 | 591 | } |
| 592 | 592 | } |
| 593 | -if (!is_callable('\\Sodium\\randombytes_buf')) { |
|
| 593 | +if ( ! is_callable( '\\Sodium\\randombytes_buf' ) ) { |
|
| 594 | 594 | /** |
| 595 | 595 | * @param int $amount |
| 596 | 596 | * @return string |
| 597 | 597 | */ |
| 598 | - function randombytes_buf($amount) |
|
| 598 | + function randombytes_buf( $amount ) |
|
| 599 | 599 | { |
| 600 | - return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
|
| 600 | + return ParagonIE_Sodium_Compat::randombytes_buf( $amount ); |
|
| 601 | 601 | } |
| 602 | 602 | } |
| 603 | 603 | |
| 604 | -if (!is_callable('\\Sodium\\randombytes_uniform')) { |
|
| 604 | +if ( ! is_callable( '\\Sodium\\randombytes_uniform' ) ) { |
|
| 605 | 605 | /** |
| 606 | 606 | * @param int $upperLimit |
| 607 | 607 | * @return int |
| 608 | 608 | */ |
| 609 | - function randombytes_uniform($upperLimit) |
|
| 609 | + function randombytes_uniform( $upperLimit ) |
|
| 610 | 610 | { |
| 611 | - return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
|
| 611 | + return ParagonIE_Sodium_Compat::randombytes_uniform( $upperLimit ); |
|
| 612 | 612 | } |
| 613 | 613 | } |
| 614 | 614 | |
| 615 | -if (!is_callable('\\Sodium\\randombytes_random16')) { |
|
| 615 | +if ( ! is_callable( '\\Sodium\\randombytes_random16' ) ) { |
|
| 616 | 616 | /** |
| 617 | 617 | * @return int |
| 618 | 618 | */ |
@@ -622,6 +622,6 @@ discard block |
||
| 622 | 622 | } |
| 623 | 623 | } |
| 624 | 624 | |
| 625 | -if (!defined('\\Sodium\\CRYPTO_AUTH_BYTES')) { |
|
| 626 | - require_once dirname(__FILE__) . '/constants.php'; |
|
| 625 | +if ( ! defined( '\\Sodium\\CRYPTO_AUTH_BYTES' ) ) { |
|
| 626 | + require_once dirname( __FILE__ ) . '/constants.php'; |
|
| 627 | 627 | } |
@@ -15,8 +15,7 @@ discard block |
||
| 15 | 15 | * @param string $string |
| 16 | 16 | * @return string |
| 17 | 17 | */ |
| 18 | - function bin2hex($string) |
|
| 19 | - { |
|
| 18 | + function bin2hex($string) { |
|
| 20 | 19 | return ParagonIE_Sodium_Compat::bin2hex($string); |
| 21 | 20 | } |
| 22 | 21 | } |
@@ -26,8 +25,7 @@ discard block |
||
| 26 | 25 | * @param string $b |
| 27 | 26 | * @return int |
| 28 | 27 | */ |
| 29 | - function compare($a, $b) |
|
| 30 | - { |
|
| 28 | + function compare($a, $b) { |
|
| 31 | 29 | return ParagonIE_Sodium_Compat::compare($a, $b); |
| 32 | 30 | } |
| 33 | 31 | } |
@@ -39,8 +37,7 @@ discard block |
||
| 39 | 37 | * @param string $key |
| 40 | 38 | * @return string|bool |
| 41 | 39 | */ |
| 42 | - function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) |
|
| 43 | - { |
|
| 40 | + function crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key) { |
|
| 44 | 41 | try { |
| 45 | 42 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_decrypt($message, $assocData, $nonce, $key); |
| 46 | 43 | } catch (Error $ex) { |
@@ -58,8 +55,7 @@ discard block |
||
| 58 | 55 | * @param string $key |
| 59 | 56 | * @return string |
| 60 | 57 | */ |
| 61 | - function crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) |
|
| 62 | - { |
|
| 58 | + function crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key) { |
|
| 63 | 59 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_encrypt($message, $assocData, $nonce, $key); |
| 64 | 60 | } |
| 65 | 61 | } |
@@ -71,8 +67,7 @@ discard block |
||
| 71 | 67 | * @param string $key |
| 72 | 68 | * @return string|bool |
| 73 | 69 | */ |
| 74 | - function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) |
|
| 75 | - { |
|
| 70 | + function crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key) { |
|
| 76 | 71 | try { |
| 77 | 72 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_decrypt($message, $assocData, $nonce, $key); |
| 78 | 73 | } catch (Error $ex) { |
@@ -90,8 +85,7 @@ discard block |
||
| 90 | 85 | * @param string $key |
| 91 | 86 | * @return string |
| 92 | 87 | */ |
| 93 | - function crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) |
|
| 94 | - { |
|
| 88 | + function crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key) { |
|
| 95 | 89 | return ParagonIE_Sodium_Compat::crypto_aead_chacha20poly1305_ietf_encrypt($message, $assocData, $nonce, $key); |
| 96 | 90 | } |
| 97 | 91 | } |
@@ -101,8 +95,7 @@ discard block |
||
| 101 | 95 | * @param string $key |
| 102 | 96 | * @return string |
| 103 | 97 | */ |
| 104 | - function crypto_auth($message, $key) |
|
| 105 | - { |
|
| 98 | + function crypto_auth($message, $key) { |
|
| 106 | 99 | return ParagonIE_Sodium_Compat::crypto_auth($message, $key); |
| 107 | 100 | } |
| 108 | 101 | } |
@@ -113,8 +106,7 @@ discard block |
||
| 113 | 106 | * @param string $key |
| 114 | 107 | * @return bool |
| 115 | 108 | */ |
| 116 | - function crypto_auth_verify($mac, $message, $key) |
|
| 117 | - { |
|
| 109 | + function crypto_auth_verify($mac, $message, $key) { |
|
| 118 | 110 | return ParagonIE_Sodium_Compat::crypto_auth_verify($mac, $message, $key); |
| 119 | 111 | } |
| 120 | 112 | } |
@@ -125,8 +117,7 @@ discard block |
||
| 125 | 117 | * @param string $kp |
| 126 | 118 | * @return string |
| 127 | 119 | */ |
| 128 | - function crypto_box($message, $nonce, $kp) |
|
| 129 | - { |
|
| 120 | + function crypto_box($message, $nonce, $kp) { |
|
| 130 | 121 | return ParagonIE_Sodium_Compat::crypto_box($message, $nonce, $kp); |
| 131 | 122 | } |
| 132 | 123 | } |
@@ -134,8 +125,7 @@ discard block |
||
| 134 | 125 | /** |
| 135 | 126 | * @return string |
| 136 | 127 | */ |
| 137 | - function crypto_box_keypair() |
|
| 138 | - { |
|
| 128 | + function crypto_box_keypair() { |
|
| 139 | 129 | return ParagonIE_Sodium_Compat::crypto_box_keypair(); |
| 140 | 130 | } |
| 141 | 131 | } |
@@ -145,8 +135,7 @@ discard block |
||
| 145 | 135 | * @param string $pk |
| 146 | 136 | * @return string |
| 147 | 137 | */ |
| 148 | - function crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) |
|
| 149 | - { |
|
| 138 | + function crypto_box_keypair_from_secretkey_and_publickey($sk, $pk) { |
|
| 150 | 139 | return ParagonIE_Sodium_Compat::crypto_box_keypair_from_secretkey_and_publickey($sk, $pk); |
| 151 | 140 | } |
| 152 | 141 | } |
@@ -157,8 +146,7 @@ discard block |
||
| 157 | 146 | * @param string $kp |
| 158 | 147 | * @return string|bool |
| 159 | 148 | */ |
| 160 | - function crypto_box_open($message, $nonce, $kp) |
|
| 161 | - { |
|
| 149 | + function crypto_box_open($message, $nonce, $kp) { |
|
| 162 | 150 | try { |
| 163 | 151 | return ParagonIE_Sodium_Compat::crypto_box_open($message, $nonce, $kp); |
| 164 | 152 | } catch (Error $ex) { |
@@ -173,8 +161,7 @@ discard block |
||
| 173 | 161 | * @param string $keypair |
| 174 | 162 | * @return string |
| 175 | 163 | */ |
| 176 | - function crypto_box_publickey($keypair) |
|
| 177 | - { |
|
| 164 | + function crypto_box_publickey($keypair) { |
|
| 178 | 165 | return ParagonIE_Sodium_Compat::crypto_box_publickey($keypair); |
| 179 | 166 | } |
| 180 | 167 | } |
@@ -183,8 +170,7 @@ discard block |
||
| 183 | 170 | * @param string $sk |
| 184 | 171 | * @return string |
| 185 | 172 | */ |
| 186 | - function crypto_box_publickey_from_secretkey($sk) |
|
| 187 | - { |
|
| 173 | + function crypto_box_publickey_from_secretkey($sk) { |
|
| 188 | 174 | return ParagonIE_Sodium_Compat::crypto_box_publickey_from_secretkey($sk); |
| 189 | 175 | } |
| 190 | 176 | } |
@@ -194,8 +180,7 @@ discard block |
||
| 194 | 180 | * @param string $publicKey |
| 195 | 181 | * @return string |
| 196 | 182 | */ |
| 197 | - function crypto_box_seal($message, $publicKey) |
|
| 198 | - { |
|
| 183 | + function crypto_box_seal($message, $publicKey) { |
|
| 199 | 184 | return ParagonIE_Sodium_Compat::crypto_box_seal($message, $publicKey); |
| 200 | 185 | } |
| 201 | 186 | } |
@@ -205,8 +190,7 @@ discard block |
||
| 205 | 190 | * @param string $kp |
| 206 | 191 | * @return string|bool |
| 207 | 192 | */ |
| 208 | - function crypto_box_seal_open($message, $kp) |
|
| 209 | - { |
|
| 193 | + function crypto_box_seal_open($message, $kp) { |
|
| 210 | 194 | try { |
| 211 | 195 | return ParagonIE_Sodium_Compat::crypto_box_seal_open($message, $kp); |
| 212 | 196 | } catch (\Error $ex) { |
@@ -221,8 +205,7 @@ discard block |
||
| 221 | 205 | * @param string $keypair |
| 222 | 206 | * @return string |
| 223 | 207 | */ |
| 224 | - function crypto_box_secretkey($keypair) |
|
| 225 | - { |
|
| 208 | + function crypto_box_secretkey($keypair) { |
|
| 226 | 209 | return ParagonIE_Sodium_Compat::crypto_box_secretkey($keypair); |
| 227 | 210 | } |
| 228 | 211 | } |
@@ -233,8 +216,7 @@ discard block |
||
| 233 | 216 | * @param int $outLen |
| 234 | 217 | * @return string |
| 235 | 218 | */ |
| 236 | - function crypto_generichash($message, $key = null, $outLen = 32) |
|
| 237 | - { |
|
| 219 | + function crypto_generichash($message, $key = null, $outLen = 32) { |
|
| 238 | 220 | return ParagonIE_Sodium_Compat::crypto_generichash($message, $key, $outLen); |
| 239 | 221 | } |
| 240 | 222 | } |
@@ -244,8 +226,7 @@ discard block |
||
| 244 | 226 | * @param int $outputLength |
| 245 | 227 | * @return string |
| 246 | 228 | */ |
| 247 | - function crypto_generichash_final(&$ctx, $outputLength = 32) |
|
| 248 | - { |
|
| 229 | + function crypto_generichash_final(&$ctx, $outputLength = 32) { |
|
| 249 | 230 | return ParagonIE_Sodium_Compat::crypto_generichash_final($ctx, $outputLength); |
| 250 | 231 | } |
| 251 | 232 | } |
@@ -255,8 +236,7 @@ discard block |
||
| 255 | 236 | * @param int $outLen |
| 256 | 237 | * @return string |
| 257 | 238 | */ |
| 258 | - function crypto_generichash_init($key = null, $outLen = 32) |
|
| 259 | - { |
|
| 239 | + function crypto_generichash_init($key = null, $outLen = 32) { |
|
| 260 | 240 | return ParagonIE_Sodium_Compat::crypto_generichash_init($key, $outLen); |
| 261 | 241 | } |
| 262 | 242 | } |
@@ -266,8 +246,7 @@ discard block |
||
| 266 | 246 | * @param string $message |
| 267 | 247 | * @return void |
| 268 | 248 | */ |
| 269 | - function crypto_generichash_update(&$ctx, $message = '') |
|
| 270 | - { |
|
| 249 | + function crypto_generichash_update(&$ctx, $message = '') { |
|
| 271 | 250 | ParagonIE_Sodium_Compat::crypto_generichash_update($ctx, $message); |
| 272 | 251 | } |
| 273 | 252 | } |
@@ -279,8 +258,7 @@ discard block |
||
| 279 | 258 | * @param string $server_public |
| 280 | 259 | * @return string |
| 281 | 260 | */ |
| 282 | - function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 283 | - { |
|
| 261 | + function crypto_kx($my_secret, $their_public, $client_public, $server_public) { |
|
| 284 | 262 | return ParagonIE_Sodium_Compat::crypto_kx( |
| 285 | 263 | $my_secret, |
| 286 | 264 | $their_public, |
@@ -298,8 +276,7 @@ discard block |
||
| 298 | 276 | * @param int $memlimit |
| 299 | 277 | * @return string |
| 300 | 278 | */ |
| 301 | - function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 302 | - { |
|
| 279 | + function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) { |
|
| 303 | 280 | return ParagonIE_Sodium_Compat::crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
| 304 | 281 | } |
| 305 | 282 | } |
@@ -310,8 +287,7 @@ discard block |
||
| 310 | 287 | * @param int $memlimit |
| 311 | 288 | * @return string |
| 312 | 289 | */ |
| 313 | - function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 314 | - { |
|
| 290 | + function crypto_pwhash_str($passwd, $opslimit, $memlimit) { |
|
| 315 | 291 | return ParagonIE_Sodium_Compat::crypto_pwhash_str($passwd, $opslimit, $memlimit); |
| 316 | 292 | } |
| 317 | 293 | } |
@@ -321,8 +297,7 @@ discard block |
||
| 321 | 297 | * @param string $hash |
| 322 | 298 | * @return bool |
| 323 | 299 | */ |
| 324 | - function crypto_pwhash_str_verify($passwd, $hash) |
|
| 325 | - { |
|
| 300 | + function crypto_pwhash_str_verify($passwd, $hash) { |
|
| 326 | 301 | return ParagonIE_Sodium_Compat::crypto_pwhash_str_verify($passwd, $hash); |
| 327 | 302 | } |
| 328 | 303 | } |
@@ -335,8 +310,7 @@ discard block |
||
| 335 | 310 | * @param int $memlimit |
| 336 | 311 | * @return string |
| 337 | 312 | */ |
| 338 | - function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 339 | - { |
|
| 313 | + function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) { |
|
| 340 | 314 | return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
| 341 | 315 | } |
| 342 | 316 | } |
@@ -347,8 +321,7 @@ discard block |
||
| 347 | 321 | * @param int $memlimit |
| 348 | 322 | * @return string |
| 349 | 323 | */ |
| 350 | - function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 351 | - { |
|
| 324 | + function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) { |
|
| 352 | 325 | return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
| 353 | 326 | } |
| 354 | 327 | } |
@@ -358,8 +331,7 @@ discard block |
||
| 358 | 331 | * @param string $hash |
| 359 | 332 | * @return bool |
| 360 | 333 | */ |
| 361 | - function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 362 | - { |
|
| 334 | + function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) { |
|
| 363 | 335 | return ParagonIE_Sodium_Compat::crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
| 364 | 336 | } |
| 365 | 337 | } |
@@ -369,8 +341,7 @@ discard block |
||
| 369 | 341 | * @param string $p |
| 370 | 342 | * @return string |
| 371 | 343 | */ |
| 372 | - function crypto_scalarmult($n, $p) |
|
| 373 | - { |
|
| 344 | + function crypto_scalarmult($n, $p) { |
|
| 374 | 345 | return ParagonIE_Sodium_Compat::crypto_scalarmult($n, $p); |
| 375 | 346 | } |
| 376 | 347 | } |
@@ -379,8 +350,7 @@ discard block |
||
| 379 | 350 | * @param string $n |
| 380 | 351 | * @return string |
| 381 | 352 | */ |
| 382 | - function crypto_scalarmult_base($n) |
|
| 383 | - { |
|
| 353 | + function crypto_scalarmult_base($n) { |
|
| 384 | 354 | return ParagonIE_Sodium_Compat::crypto_scalarmult_base($n); |
| 385 | 355 | } |
| 386 | 356 | } |
@@ -391,8 +361,7 @@ discard block |
||
| 391 | 361 | * @param string $key |
| 392 | 362 | * @return string |
| 393 | 363 | */ |
| 394 | - function crypto_secretbox($message, $nonce, $key) |
|
| 395 | - { |
|
| 364 | + function crypto_secretbox($message, $nonce, $key) { |
|
| 396 | 365 | return ParagonIE_Sodium_Compat::crypto_secretbox($message, $nonce, $key); |
| 397 | 366 | } |
| 398 | 367 | } |
@@ -403,8 +372,7 @@ discard block |
||
| 403 | 372 | * @param string $key |
| 404 | 373 | * @return string|bool |
| 405 | 374 | */ |
| 406 | - function crypto_secretbox_open($message, $nonce, $key) |
|
| 407 | - { |
|
| 375 | + function crypto_secretbox_open($message, $nonce, $key) { |
|
| 408 | 376 | try { |
| 409 | 377 | return ParagonIE_Sodium_Compat::crypto_secretbox_open($message, $nonce, $key); |
| 410 | 378 | } catch (Error $ex) { |
@@ -420,8 +388,7 @@ discard block |
||
| 420 | 388 | * @param string $key |
| 421 | 389 | * @return string |
| 422 | 390 | */ |
| 423 | - function crypto_shorthash($message, $key = '') |
|
| 424 | - { |
|
| 391 | + function crypto_shorthash($message, $key = '') { |
|
| 425 | 392 | return ParagonIE_Sodium_Compat::crypto_shorthash($message, $key); |
| 426 | 393 | } |
| 427 | 394 | } |
@@ -431,8 +398,7 @@ discard block |
||
| 431 | 398 | * @param string $sk |
| 432 | 399 | * @return string |
| 433 | 400 | */ |
| 434 | - function crypto_sign($message, $sk) |
|
| 435 | - { |
|
| 401 | + function crypto_sign($message, $sk) { |
|
| 436 | 402 | return ParagonIE_Sodium_Compat::crypto_sign($message, $sk); |
| 437 | 403 | } |
| 438 | 404 | } |
@@ -442,8 +408,7 @@ discard block |
||
| 442 | 408 | * @param string $sk |
| 443 | 409 | * @return string |
| 444 | 410 | */ |
| 445 | - function crypto_sign_detached($message, $sk) |
|
| 446 | - { |
|
| 411 | + function crypto_sign_detached($message, $sk) { |
|
| 447 | 412 | return ParagonIE_Sodium_Compat::crypto_sign_detached($message, $sk); |
| 448 | 413 | } |
| 449 | 414 | } |
@@ -451,8 +416,7 @@ discard block |
||
| 451 | 416 | /** |
| 452 | 417 | * @return string |
| 453 | 418 | */ |
| 454 | - function crypto_sign_keypair() |
|
| 455 | - { |
|
| 419 | + function crypto_sign_keypair() { |
|
| 456 | 420 | return ParagonIE_Sodium_Compat::crypto_sign_keypair(); |
| 457 | 421 | } |
| 458 | 422 | } |
@@ -462,8 +426,7 @@ discard block |
||
| 462 | 426 | * @param string $pk |
| 463 | 427 | * @return string|bool |
| 464 | 428 | */ |
| 465 | - function crypto_sign_open($signedMessage, $pk) |
|
| 466 | - { |
|
| 429 | + function crypto_sign_open($signedMessage, $pk) { |
|
| 467 | 430 | try { |
| 468 | 431 | return ParagonIE_Sodium_Compat::crypto_sign_open($signedMessage, $pk); |
| 469 | 432 | } catch (\Error $ex) { |
@@ -478,8 +441,7 @@ discard block |
||
| 478 | 441 | * @param string $keypair |
| 479 | 442 | * @return string |
| 480 | 443 | */ |
| 481 | - function crypto_sign_publickey($keypair) |
|
| 482 | - { |
|
| 444 | + function crypto_sign_publickey($keypair) { |
|
| 483 | 445 | return ParagonIE_Sodium_Compat::crypto_sign_publickey($keypair); |
| 484 | 446 | } |
| 485 | 447 | } |
@@ -488,8 +450,7 @@ discard block |
||
| 488 | 450 | * @param string $sk |
| 489 | 451 | * @return string |
| 490 | 452 | */ |
| 491 | - function crypto_sign_publickey_from_secretkey($sk) |
|
| 492 | - { |
|
| 453 | + function crypto_sign_publickey_from_secretkey($sk) { |
|
| 493 | 454 | return ParagonIE_Sodium_Compat::crypto_sign_publickey_from_secretkey($sk); |
| 494 | 455 | } |
| 495 | 456 | } |
@@ -498,8 +459,7 @@ discard block |
||
| 498 | 459 | * @param string $keypair |
| 499 | 460 | * @return string |
| 500 | 461 | */ |
| 501 | - function crypto_sign_secretkey($keypair) |
|
| 502 | - { |
|
| 462 | + function crypto_sign_secretkey($keypair) { |
|
| 503 | 463 | return ParagonIE_Sodium_Compat::crypto_sign_secretkey($keypair); |
| 504 | 464 | } |
| 505 | 465 | } |
@@ -508,8 +468,7 @@ discard block |
||
| 508 | 468 | * @param string $seed |
| 509 | 469 | * @return string |
| 510 | 470 | */ |
| 511 | - function crypto_sign_seed_keypair($seed) |
|
| 512 | - { |
|
| 471 | + function crypto_sign_seed_keypair($seed) { |
|
| 513 | 472 | return ParagonIE_Sodium_Compat::crypto_sign_seed_keypair($seed); |
| 514 | 473 | } |
| 515 | 474 | } |
@@ -520,8 +479,7 @@ discard block |
||
| 520 | 479 | * @param string $pk |
| 521 | 480 | * @return bool |
| 522 | 481 | */ |
| 523 | - function crypto_sign_verify_detached($signature, $message, $pk) |
|
| 524 | - { |
|
| 482 | + function crypto_sign_verify_detached($signature, $message, $pk) { |
|
| 525 | 483 | return ParagonIE_Sodium_Compat::crypto_sign_verify_detached($signature, $message, $pk); |
| 526 | 484 | } |
| 527 | 485 | } |
@@ -530,8 +488,7 @@ discard block |
||
| 530 | 488 | * @param string $sk |
| 531 | 489 | * @return string |
| 532 | 490 | */ |
| 533 | - function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 534 | - { |
|
| 491 | + function crypto_sign_ed25519_sk_to_curve25519($sk) { |
|
| 535 | 492 | return ParagonIE_Sodium_Compat::crypto_sign_ed25519_sk_to_curve25519($sk); |
| 536 | 493 | } |
| 537 | 494 | } |
@@ -542,8 +499,7 @@ discard block |
||
| 542 | 499 | * @param string $key |
| 543 | 500 | * @return string |
| 544 | 501 | */ |
| 545 | - function crypto_stream($len, $nonce, $key) |
|
| 546 | - { |
|
| 502 | + function crypto_stream($len, $nonce, $key) { |
|
| 547 | 503 | return ParagonIE_Sodium_Compat::crypto_stream($len, $nonce, $key); |
| 548 | 504 | } |
| 549 | 505 | } |
@@ -554,8 +510,7 @@ discard block |
||
| 554 | 510 | * @param string $key |
| 555 | 511 | * @return string |
| 556 | 512 | */ |
| 557 | - function crypto_stream_xor($message, $nonce, $key) |
|
| 558 | - { |
|
| 513 | + function crypto_stream_xor($message, $nonce, $key) { |
|
| 559 | 514 | return ParagonIE_Sodium_Compat::crypto_stream_xor($message, $nonce, $key); |
| 560 | 515 | } |
| 561 | 516 | } |
@@ -564,8 +519,7 @@ discard block |
||
| 564 | 519 | * @param string $string |
| 565 | 520 | * @return string |
| 566 | 521 | */ |
| 567 | - function hex2bin($string) |
|
| 568 | - { |
|
| 522 | + function hex2bin($string) { |
|
| 569 | 523 | return ParagonIE_Sodium_Compat::hex2bin($string); |
| 570 | 524 | } |
| 571 | 525 | } |
@@ -575,8 +529,7 @@ discard block |
||
| 575 | 529 | * @param string $b |
| 576 | 530 | * @return int |
| 577 | 531 | */ |
| 578 | - function memcmp($a, $b) |
|
| 579 | - { |
|
| 532 | + function memcmp($a, $b) { |
|
| 580 | 533 | return ParagonIE_Sodium_Compat::memcmp($a, $b); |
| 581 | 534 | } |
| 582 | 535 | } |
@@ -585,8 +538,7 @@ discard block |
||
| 585 | 538 | * @param string $str |
| 586 | 539 | * @return void |
| 587 | 540 | */ |
| 588 | - function memzero(&$str) |
|
| 589 | - { |
|
| 541 | + function memzero(&$str) { |
|
| 590 | 542 | ParagonIE_Sodium_Compat::memzero($str); |
| 591 | 543 | } |
| 592 | 544 | } |
@@ -595,8 +547,7 @@ discard block |
||
| 595 | 547 | * @param int $amount |
| 596 | 548 | * @return string |
| 597 | 549 | */ |
| 598 | - function randombytes_buf($amount) |
|
| 599 | - { |
|
| 550 | + function randombytes_buf($amount) { |
|
| 600 | 551 | return ParagonIE_Sodium_Compat::randombytes_buf($amount); |
| 601 | 552 | } |
| 602 | 553 | } |
@@ -606,8 +557,7 @@ discard block |
||
| 606 | 557 | * @param int $upperLimit |
| 607 | 558 | * @return int |
| 608 | 559 | */ |
| 609 | - function randombytes_uniform($upperLimit) |
|
| 610 | - { |
|
| 560 | + function randombytes_uniform($upperLimit) { |
|
| 611 | 561 | return ParagonIE_Sodium_Compat::randombytes_uniform($upperLimit); |
| 612 | 562 | } |
| 613 | 563 | } |
@@ -616,8 +566,7 @@ discard block |
||
| 616 | 566 | /** |
| 617 | 567 | * @return int |
| 618 | 568 | */ |
| 619 | - function randombytes_random16() |
|
| 620 | - { |
|
| 569 | + function randombytes_random16() { |
|
| 621 | 570 | return ParagonIE_Sodium_Compat::randombytes_random16(); |
| 622 | 571 | } |
| 623 | 572 | } |
@@ -2266,7 +2266,7 @@ |
||
| 2266 | 2266 | * Libsodium as implemented in PHP 7.2 |
| 2267 | 2267 | * |
| 2268 | 2268 | * @ref https://wiki.php.net/rfc/libsodium |
| 2269 | - * @return bool |
|
| 2269 | + * @return boolean|null |
|
| 2270 | 2270 | */ |
| 2271 | 2271 | protected static function isPhp72OrGreater() |
| 2272 | 2272 | { |
@@ -22,2221 +22,2221 @@ discard block |
||
| 22 | 22 | */ |
| 23 | 23 | |
| 24 | 24 | if (class_exists('ParagonIE_Sodium_Compat', false)) { |
| 25 | - return; |
|
| 25 | + return; |
|
| 26 | 26 | } |
| 27 | 27 | |
| 28 | 28 | class ParagonIE_Sodium_Compat |
| 29 | 29 | { |
| 30 | - /** |
|
| 31 | - * This parameter prevents the use of the PECL extension. |
|
| 32 | - * It should only be used for unit testing. |
|
| 33 | - * |
|
| 34 | - * @var bool |
|
| 35 | - */ |
|
| 36 | - public static $disableFallbackForUnitTests = false; |
|
| 37 | - |
|
| 38 | - /** |
|
| 39 | - * Use fast multiplication rather than our constant-time multiplication |
|
| 40 | - * implementation. Can be enabled at runtime. Only enable this if you |
|
| 41 | - * are absolutely certain that there is no timing leak on your platform. |
|
| 42 | - * |
|
| 43 | - * @var bool |
|
| 44 | - */ |
|
| 45 | - public static $fastMult = false; |
|
| 46 | - |
|
| 47 | - const LIBRARY_VERSION_MAJOR = 9; |
|
| 48 | - const LIBRARY_VERSION_MINOR = 1; |
|
| 49 | - const VERSION_STRING = 'polyfill-1.0.8'; |
|
| 50 | - |
|
| 51 | - // From libsodium |
|
| 52 | - const CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES = 32; |
|
| 53 | - const CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES = 0; |
|
| 54 | - const CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES = 8; |
|
| 55 | - const CRYPTO_AEAD_CHACHA20POLY1305_ABYTES = 16; |
|
| 56 | - const CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES = 32; |
|
| 57 | - const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES = 0; |
|
| 58 | - const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES = 12; |
|
| 59 | - const CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES = 16; |
|
| 60 | - const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES = 32; |
|
| 61 | - const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NSECBYTES = 0; |
|
| 62 | - const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES = 24; |
|
| 63 | - const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES = 16; |
|
| 64 | - const CRYPTO_AUTH_BYTES = 32; |
|
| 65 | - const CRYPTO_AUTH_KEYBYTES = 32; |
|
| 66 | - const CRYPTO_BOX_SEALBYTES = 16; |
|
| 67 | - const CRYPTO_BOX_SECRETKEYBYTES = 32; |
|
| 68 | - const CRYPTO_BOX_PUBLICKEYBYTES = 32; |
|
| 69 | - const CRYPTO_BOX_KEYPAIRBYTES = 64; |
|
| 70 | - const CRYPTO_BOX_MACBYTES = 16; |
|
| 71 | - const CRYPTO_BOX_NONCEBYTES = 24; |
|
| 72 | - const CRYPTO_BOX_SEEDBYTES = 32; |
|
| 73 | - const CRYPTO_KX_BYTES = 32; |
|
| 74 | - const CRYPTO_KX_PUBLICKEYBYTES = 32; |
|
| 75 | - const CRYPTO_KX_SECRETKEYBYTES = 32; |
|
| 76 | - const CRYPTO_GENERICHASH_BYTES = 32; |
|
| 77 | - const CRYPTO_GENERICHASH_BYTES_MIN = 16; |
|
| 78 | - const CRYPTO_GENERICHASH_BYTES_MAX = 64; |
|
| 79 | - const CRYPTO_GENERICHASH_KEYBYTES = 32; |
|
| 80 | - const CRYPTO_GENERICHASH_KEYBYTES_MIN = 16; |
|
| 81 | - const CRYPTO_GENERICHASH_KEYBYTES_MAX = 64; |
|
| 82 | - const CRYPTO_PWHASH_SALTBYTES = 16; |
|
| 83 | - const CRYPTO_PWHASH_STRPREFIX = '$argon2i$'; |
|
| 84 | - const CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE = 33554432; |
|
| 85 | - const CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE = 4; |
|
| 86 | - const CRYPTO_PWHASH_MEMLIMIT_MODERATE = 134217728; |
|
| 87 | - const CRYPTO_PWHASH_OPSLIMIT_MODERATE = 6; |
|
| 88 | - const CRYPTO_PWHASH_MEMLIMIT_SENSITIVE = 536870912; |
|
| 89 | - const CRYPTO_PWHASH_OPSLIMIT_SENSITIVE = 8; |
|
| 90 | - const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES = 32; |
|
| 91 | - const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRPREFIX = '$7$'; |
|
| 92 | - const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE = 534288; |
|
| 93 | - const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE = 16777216; |
|
| 94 | - const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_SENSITIVE = 33554432; |
|
| 95 | - const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_SENSITIVE = 1073741824; |
|
| 96 | - const CRYPTO_SCALARMULT_BYTES = 32; |
|
| 97 | - const CRYPTO_SCALARMULT_SCALARBYTES = 32; |
|
| 98 | - const CRYPTO_SHORTHASH_BYTES = 8; |
|
| 99 | - const CRYPTO_SHORTHASH_KEYBYTES = 16; |
|
| 100 | - const CRYPTO_SECRETBOX_KEYBYTES = 32; |
|
| 101 | - const CRYPTO_SECRETBOX_MACBYTES = 16; |
|
| 102 | - const CRYPTO_SECRETBOX_NONCEBYTES = 24; |
|
| 103 | - const CRYPTO_SIGN_BYTES = 64; |
|
| 104 | - const CRYPTO_SIGN_SEEDBYTES = 32; |
|
| 105 | - const CRYPTO_SIGN_PUBLICKEYBYTES = 32; |
|
| 106 | - const CRYPTO_SIGN_SECRETKEYBYTES = 64; |
|
| 107 | - const CRYPTO_SIGN_KEYPAIRBYTES = 96; |
|
| 108 | - const CRYPTO_STREAM_KEYBYTES = 32; |
|
| 109 | - const CRYPTO_STREAM_NONCEBYTES = 24; |
|
| 110 | - |
|
| 111 | - /** |
|
| 112 | - * Cache-timing-safe implementation of bin2hex(). |
|
| 113 | - * |
|
| 114 | - * @param string $string A string (probably raw binary) |
|
| 115 | - * @return string A hexadecimal-encoded string |
|
| 116 | - * @throws TypeError |
|
| 117 | - */ |
|
| 118 | - public static function bin2hex($string) |
|
| 119 | - { |
|
| 120 | - /* Type checks: */ |
|
| 121 | - ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
|
| 122 | - |
|
| 123 | - if (self::isPhp72OrGreater()) { |
|
| 124 | - return bin2hex($string); |
|
| 125 | - } |
|
| 126 | - if (self::use_fallback('bin2hex')) { |
|
| 127 | - return call_user_func('\\Sodium\\bin2hex', $string); |
|
| 128 | - } |
|
| 129 | - return ParagonIE_Sodium_Core_Util::bin2hex($string); |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - /** |
|
| 133 | - * Compare two strings, in constant-time. |
|
| 134 | - * Compared to memcmp(), compare() is more useful for sorting. |
|
| 135 | - * |
|
| 136 | - * @param string $left The left operand; must be a string |
|
| 137 | - * @param string $right The right operand; must be a string |
|
| 138 | - * @return int < 0 if the left operand is less than the right |
|
| 139 | - * 0 if both strings are equal |
|
| 140 | - * > 0 if the right operand is less than the left |
|
| 141 | - * @throws TypeError |
|
| 142 | - */ |
|
| 143 | - public static function compare($left, $right) |
|
| 144 | - { |
|
| 145 | - /* Type checks: */ |
|
| 146 | - ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
|
| 147 | - ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
|
| 148 | - |
|
| 149 | - if (self::isPhp72OrGreater()) { |
|
| 150 | - return sodium_compare($left, $right); |
|
| 151 | - } |
|
| 152 | - if (self::use_fallback('compare')) { |
|
| 153 | - return call_user_func('\\Sodium\\compare', $left, $right); |
|
| 154 | - } |
|
| 155 | - return ParagonIE_Sodium_Core_Util::compare($left, $right); |
|
| 156 | - } |
|
| 157 | - |
|
| 158 | - /** |
|
| 159 | - * Authenticated Encryption with Associated Data: Decryption |
|
| 160 | - * |
|
| 161 | - * Algorithm: |
|
| 162 | - * ChaCha20-Poly1305 |
|
| 163 | - * |
|
| 164 | - * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 165 | - * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 166 | - * |
|
| 167 | - * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) |
|
| 168 | - * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 169 | - * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 170 | - * @param string $key Encryption key |
|
| 171 | - * |
|
| 172 | - * @return string The original plaintext message |
|
| 173 | - * @throws Error |
|
| 174 | - * @throws TypeError |
|
| 175 | - */ |
|
| 176 | - public static function crypto_aead_chacha20poly1305_decrypt( |
|
| 177 | - $ciphertext = '', |
|
| 178 | - $assocData = '', |
|
| 179 | - $nonce = '', |
|
| 180 | - $key = '' |
|
| 181 | - ) { |
|
| 182 | - /* Type checks: */ |
|
| 183 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 184 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 185 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 186 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 187 | - |
|
| 188 | - /* Input validation: */ |
|
| 189 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { |
|
| 190 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); |
|
| 191 | - } |
|
| 192 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 193 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 194 | - } |
|
| 195 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES) { |
|
| 196 | - throw new Error('Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long'); |
|
| 197 | - } |
|
| 198 | - |
|
| 199 | - if (self::isPhp72OrGreater()) { |
|
| 200 | - return sodium_crypto_aead_chacha20poly1305_decrypt( |
|
| 201 | - $ciphertext, |
|
| 202 | - $assocData, |
|
| 203 | - $nonce, |
|
| 204 | - $key |
|
| 205 | - ); |
|
| 206 | - } |
|
| 207 | - if (self::use_fallback('crypto_aead_chacha20poly1305_decrypt')) { |
|
| 208 | - return call_user_func( |
|
| 209 | - '\\Sodium\\crypto_aead_chacha20poly1305_decrypt', |
|
| 210 | - $ciphertext, |
|
| 211 | - $assocData, |
|
| 212 | - $nonce, |
|
| 213 | - $key |
|
| 214 | - ); |
|
| 215 | - } |
|
| 216 | - if (PHP_INT_SIZE === 4) { |
|
| 217 | - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_decrypt( |
|
| 218 | - $ciphertext, |
|
| 219 | - $assocData, |
|
| 220 | - $nonce, |
|
| 221 | - $key |
|
| 222 | - ); |
|
| 223 | - } |
|
| 224 | - return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_decrypt( |
|
| 225 | - $ciphertext, |
|
| 226 | - $assocData, |
|
| 227 | - $nonce, |
|
| 228 | - $key |
|
| 229 | - ); |
|
| 230 | - } |
|
| 231 | - |
|
| 232 | - /** |
|
| 233 | - * Authenticated Encryption with Associated Data |
|
| 234 | - * |
|
| 235 | - * Algorithm: |
|
| 236 | - * ChaCha20-Poly1305 |
|
| 237 | - * |
|
| 238 | - * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 239 | - * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 240 | - * |
|
| 241 | - * @param string $plaintext Message to be encrypted |
|
| 242 | - * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 243 | - * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 244 | - * @param string $key Encryption key |
|
| 245 | - * |
|
| 246 | - * @return string Ciphertext with a 16-byte Poly1305 message |
|
| 247 | - * authentication code appended |
|
| 248 | - * @throws Error |
|
| 249 | - * @throws TypeError |
|
| 250 | - */ |
|
| 251 | - public static function crypto_aead_chacha20poly1305_encrypt( |
|
| 252 | - $plaintext = '', |
|
| 253 | - $assocData = '', |
|
| 254 | - $nonce = '', |
|
| 255 | - $key = '' |
|
| 256 | - ) { |
|
| 257 | - /* Type checks: */ |
|
| 258 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 259 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 260 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 261 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 262 | - |
|
| 263 | - /* Input validation: */ |
|
| 264 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { |
|
| 265 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); |
|
| 266 | - } |
|
| 267 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 268 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 269 | - } |
|
| 270 | - |
|
| 271 | - if (self::isPhp72OrGreater()) { |
|
| 272 | - return sodium_crypto_aead_chacha20poly1305_encrypt( |
|
| 273 | - $plaintext, |
|
| 274 | - $assocData, |
|
| 275 | - $nonce, |
|
| 276 | - $key |
|
| 277 | - ); |
|
| 278 | - } |
|
| 279 | - if (self::use_fallback('crypto_aead_chacha20poly1305_encrypt')) { |
|
| 280 | - return call_user_func( |
|
| 281 | - '\\Sodium\\crypto_aead_chacha20poly1305_encrypt', |
|
| 282 | - $plaintext, |
|
| 283 | - $assocData, |
|
| 284 | - $nonce, |
|
| 285 | - $key |
|
| 286 | - ); |
|
| 287 | - } |
|
| 288 | - if (PHP_INT_SIZE === 4) { |
|
| 289 | - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_encrypt( |
|
| 290 | - $plaintext, |
|
| 291 | - $assocData, |
|
| 292 | - $nonce, |
|
| 293 | - $key |
|
| 294 | - ); |
|
| 295 | - } |
|
| 296 | - return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_encrypt( |
|
| 297 | - $plaintext, |
|
| 298 | - $assocData, |
|
| 299 | - $nonce, |
|
| 300 | - $key |
|
| 301 | - ); |
|
| 302 | - } |
|
| 303 | - |
|
| 304 | - /** |
|
| 305 | - * Authenticated Encryption with Associated Data: Decryption |
|
| 306 | - * |
|
| 307 | - * Algorithm: |
|
| 308 | - * ChaCha20-Poly1305 |
|
| 309 | - * |
|
| 310 | - * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 311 | - * Regular mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 312 | - * |
|
| 313 | - * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) |
|
| 314 | - * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 315 | - * @param string $nonce Number to be used only Once; must be 12 bytes |
|
| 316 | - * @param string $key Encryption key |
|
| 317 | - * |
|
| 318 | - * @return string The original plaintext message |
|
| 319 | - * @throws Error |
|
| 320 | - * @throws TypeError |
|
| 321 | - */ |
|
| 322 | - public static function crypto_aead_chacha20poly1305_ietf_decrypt( |
|
| 323 | - $ciphertext = '', |
|
| 324 | - $assocData = '', |
|
| 325 | - $nonce = '', |
|
| 326 | - $key = '' |
|
| 327 | - ) { |
|
| 328 | - /* Type checks: */ |
|
| 329 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 330 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 331 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 332 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 333 | - |
|
| 334 | - /* Input validation: */ |
|
| 335 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 336 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 337 | - } |
|
| 338 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 339 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 340 | - } |
|
| 341 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES) { |
|
| 342 | - throw new Error('Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long'); |
|
| 343 | - } |
|
| 344 | - |
|
| 345 | - if (self::isPhp72OrGreater()) { |
|
| 346 | - return sodium_crypto_aead_chacha20poly1305_ietf_decrypt( |
|
| 347 | - $ciphertext, |
|
| 348 | - $assocData, |
|
| 349 | - $nonce, |
|
| 350 | - $key |
|
| 351 | - ); |
|
| 352 | - } |
|
| 353 | - if (self::use_fallback('crypto_aead_chacha20poly1305_ietf_decrypt')) { |
|
| 354 | - return call_user_func( |
|
| 355 | - '\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt', |
|
| 356 | - $ciphertext, |
|
| 357 | - $assocData, |
|
| 358 | - $nonce, |
|
| 359 | - $key |
|
| 360 | - ); |
|
| 361 | - } |
|
| 362 | - if (PHP_INT_SIZE === 4) { |
|
| 363 | - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_decrypt( |
|
| 364 | - $ciphertext, |
|
| 365 | - $assocData, |
|
| 366 | - $nonce, |
|
| 367 | - $key |
|
| 368 | - ); |
|
| 369 | - } |
|
| 370 | - return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_decrypt( |
|
| 371 | - $ciphertext, |
|
| 372 | - $assocData, |
|
| 373 | - $nonce, |
|
| 374 | - $key |
|
| 375 | - ); |
|
| 376 | - } |
|
| 377 | - |
|
| 378 | - /** |
|
| 379 | - * Authenticated Encryption with Associated Data |
|
| 380 | - * |
|
| 381 | - * Algorithm: |
|
| 382 | - * ChaCha20-Poly1305 |
|
| 383 | - * |
|
| 384 | - * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 385 | - * Regular mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 386 | - * |
|
| 387 | - * @param string $plaintext Message to be encrypted |
|
| 388 | - * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 389 | - * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 390 | - * @param string $key Encryption key |
|
| 391 | - * |
|
| 392 | - * @return string Ciphertext with a 16-byte Poly1305 message |
|
| 393 | - * authentication code appended |
|
| 394 | - * @throws Error |
|
| 395 | - * @throws TypeError |
|
| 396 | - */ |
|
| 397 | - public static function crypto_aead_chacha20poly1305_ietf_encrypt( |
|
| 398 | - $plaintext = '', |
|
| 399 | - $assocData = '', |
|
| 400 | - $nonce = '', |
|
| 401 | - $key = '' |
|
| 402 | - ) { |
|
| 403 | - /* Type checks: */ |
|
| 404 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 405 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 406 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 407 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 408 | - |
|
| 409 | - /* Input validation: */ |
|
| 410 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 411 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 412 | - } |
|
| 413 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 414 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 415 | - } |
|
| 416 | - |
|
| 417 | - if (self::isPhp72OrGreater()) { |
|
| 418 | - return sodium_crypto_aead_chacha20poly1305_ietf_encrypt( |
|
| 419 | - $plaintext, |
|
| 420 | - $assocData, |
|
| 421 | - $nonce, |
|
| 422 | - $key |
|
| 423 | - ); |
|
| 424 | - } |
|
| 425 | - if (self::use_fallback('crypto_aead_chacha20poly1305_ietf_encrypt')) { |
|
| 426 | - return call_user_func( |
|
| 427 | - '\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt', |
|
| 428 | - $plaintext, |
|
| 429 | - $assocData, |
|
| 430 | - $nonce, |
|
| 431 | - $key |
|
| 432 | - ); |
|
| 433 | - } |
|
| 434 | - if (PHP_INT_SIZE === 4) { |
|
| 435 | - return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_encrypt( |
|
| 436 | - $plaintext, |
|
| 437 | - $assocData, |
|
| 438 | - $nonce, |
|
| 439 | - $key |
|
| 440 | - ); |
|
| 441 | - } |
|
| 442 | - return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_encrypt( |
|
| 443 | - $plaintext, |
|
| 444 | - $assocData, |
|
| 445 | - $nonce, |
|
| 446 | - $key |
|
| 447 | - ); |
|
| 448 | - } |
|
| 449 | - |
|
| 450 | - /** |
|
| 451 | - * Authenticated Encryption with Associated Data: Decryption |
|
| 452 | - * |
|
| 453 | - * Algorithm: |
|
| 454 | - * XChaCha20-Poly1305 |
|
| 455 | - * |
|
| 456 | - * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 457 | - * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 458 | - * |
|
| 459 | - * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) |
|
| 460 | - * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 461 | - * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 462 | - * @param string $key Encryption key |
|
| 463 | - * |
|
| 464 | - * @return string The original plaintext message |
|
| 465 | - * @throws Error |
|
| 466 | - * @throws TypeError |
|
| 467 | - */ |
|
| 468 | - public static function crypto_aead_xchacha20poly1305_ietf_decrypt( |
|
| 469 | - $ciphertext = '', |
|
| 470 | - $assocData = '', |
|
| 471 | - $nonce = '', |
|
| 472 | - $key = '' |
|
| 473 | - ) { |
|
| 474 | - /* Type checks: */ |
|
| 475 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 476 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 477 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 478 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 479 | - |
|
| 480 | - /* Input validation: */ |
|
| 481 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 482 | - throw new Error('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 483 | - } |
|
| 484 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { |
|
| 485 | - throw new Error('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES long'); |
|
| 486 | - } |
|
| 487 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES) { |
|
| 488 | - throw new Error('Message must be at least CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES long'); |
|
| 489 | - } |
|
| 490 | - |
|
| 491 | - if (PHP_INT_SIZE === 4) { |
|
| 492 | - return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_decrypt( |
|
| 493 | - $ciphertext, |
|
| 494 | - $assocData, |
|
| 495 | - $nonce, |
|
| 496 | - $key |
|
| 497 | - ); |
|
| 498 | - } |
|
| 499 | - return ParagonIE_Sodium_Crypto::aead_xchacha20poly1305_ietf_decrypt( |
|
| 500 | - $ciphertext, |
|
| 501 | - $assocData, |
|
| 502 | - $nonce, |
|
| 503 | - $key |
|
| 504 | - ); |
|
| 505 | - } |
|
| 506 | - |
|
| 507 | - /** |
|
| 508 | - * Authenticated Encryption with Associated Data |
|
| 509 | - * |
|
| 510 | - * Algorithm: |
|
| 511 | - * XChaCha20-Poly1305 |
|
| 512 | - * |
|
| 513 | - * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 514 | - * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 515 | - * |
|
| 516 | - * @param string $plaintext Message to be encrypted |
|
| 517 | - * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 518 | - * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 519 | - * @param string $key Encryption key |
|
| 520 | - * |
|
| 521 | - * @return string Ciphertext with a 16-byte Poly1305 message |
|
| 522 | - * authentication code appended |
|
| 523 | - * @throws Error |
|
| 524 | - * @throws TypeError |
|
| 525 | - */ |
|
| 526 | - public static function crypto_aead_xchacha20poly1305_ietf_encrypt( |
|
| 527 | - $plaintext = '', |
|
| 528 | - $assocData = '', |
|
| 529 | - $nonce = '', |
|
| 530 | - $key = '' |
|
| 531 | - ) { |
|
| 532 | - /* Type checks: */ |
|
| 533 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 534 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 535 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 536 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 537 | - |
|
| 538 | - /* Input validation: */ |
|
| 539 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 540 | - throw new Error('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_NPUBBYTES long'); |
|
| 541 | - } |
|
| 542 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { |
|
| 543 | - throw new Error('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_KEYBYTES long'); |
|
| 544 | - } |
|
| 545 | - |
|
| 546 | - if (PHP_INT_SIZE === 4) { |
|
| 547 | - return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_encrypt( |
|
| 548 | - $plaintext, |
|
| 549 | - $assocData, |
|
| 550 | - $nonce, |
|
| 551 | - $key |
|
| 552 | - ); |
|
| 553 | - } |
|
| 554 | - return ParagonIE_Sodium_Crypto::aead_xchacha20poly1305_ietf_encrypt( |
|
| 555 | - $plaintext, |
|
| 556 | - $assocData, |
|
| 557 | - $nonce, |
|
| 558 | - $key |
|
| 559 | - ); |
|
| 560 | - } |
|
| 561 | - |
|
| 562 | - /** |
|
| 563 | - * Authenticate a message. Uses symmetric-key cryptography. |
|
| 564 | - * |
|
| 565 | - * Algorithm: |
|
| 566 | - * HMAC-SHA512-256. Which is HMAC-SHA-512 truncated to 256 bits. |
|
| 567 | - * Not to be confused with HMAC-SHA-512/256 which would use the |
|
| 568 | - * SHA-512/256 hash function (uses different initial parameters |
|
| 569 | - * but still truncates to 256 bits to sidestep length-extension |
|
| 570 | - * attacks). |
|
| 571 | - * |
|
| 572 | - * @param string $message Message to be authenticated |
|
| 573 | - * @param string $key Symmetric authentication key |
|
| 574 | - * @return string Message authentication code |
|
| 575 | - * @throws Error |
|
| 576 | - * @throws TypeError |
|
| 577 | - */ |
|
| 578 | - public static function crypto_auth($message, $key) |
|
| 579 | - { |
|
| 580 | - /* Type checks: */ |
|
| 581 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 582 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 583 | - |
|
| 584 | - /* Input validation: */ |
|
| 585 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AUTH_KEYBYTES) { |
|
| 586 | - throw new Error('Argument 2 must be CRYPTO_AUTH_KEYBYTES long.'); |
|
| 587 | - } |
|
| 588 | - |
|
| 589 | - if (self::isPhp72OrGreater()) { |
|
| 590 | - return sodium_crypto_auth($message, $key); |
|
| 591 | - } |
|
| 592 | - if (self::use_fallback('crypto_auth')) { |
|
| 593 | - return call_user_func('\\Sodium\\crypto_auth', $message, $key); |
|
| 594 | - } |
|
| 595 | - if (PHP_INT_SIZE === 4) { |
|
| 596 | - return ParagonIE_Sodium_Crypto32::auth($message, $key); |
|
| 597 | - } |
|
| 598 | - return ParagonIE_Sodium_Crypto::auth($message, $key); |
|
| 599 | - } |
|
| 600 | - |
|
| 601 | - /** |
|
| 602 | - * Verify the MAC of a message previously authenticated with crypto_auth. |
|
| 603 | - * |
|
| 604 | - * @param string $mac Message authentication code |
|
| 605 | - * @param string $message Message whose authenticity you are attempting to |
|
| 606 | - * verify (with a given MAC and key) |
|
| 607 | - * @param string $key Symmetric authentication key |
|
| 608 | - * @return bool TRUE if authenticated, FALSE otherwise |
|
| 609 | - * @throws Error |
|
| 610 | - * @throws TypeError |
|
| 611 | - */ |
|
| 612 | - public static function crypto_auth_verify($mac, $message, $key) |
|
| 613 | - { |
|
| 614 | - /* Type checks: */ |
|
| 615 | - ParagonIE_Sodium_Core_Util::declareScalarType($mac, 'string', 1); |
|
| 616 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 617 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 618 | - |
|
| 619 | - /* Input validation: */ |
|
| 620 | - if (ParagonIE_Sodium_Core_Util::strlen($mac) !== self::CRYPTO_AUTH_BYTES) { |
|
| 621 | - throw new Error('Argument 1 must be CRYPTO_AUTH_BYTES long.'); |
|
| 622 | - } |
|
| 623 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AUTH_KEYBYTES) { |
|
| 624 | - throw new Error('Argument 3 must be CRYPTO_AUTH_KEYBYTES long.'); |
|
| 625 | - } |
|
| 626 | - |
|
| 627 | - if (self::isPhp72OrGreater()) { |
|
| 628 | - return sodium_crypto_auth_verify($mac, $message, $key); |
|
| 629 | - } |
|
| 630 | - if (self::use_fallback('crypto_auth_verify')) { |
|
| 631 | - return call_user_func('\\Sodium\\crypto_auth_verify', $mac, $message, $key); |
|
| 632 | - } |
|
| 633 | - if (PHP_INT_SIZE === 4) { |
|
| 634 | - return ParagonIE_Sodium_Crypto32::auth_verify($mac, $message, $key); |
|
| 635 | - } |
|
| 636 | - return ParagonIE_Sodium_Crypto::auth_verify($mac, $message, $key); |
|
| 637 | - } |
|
| 638 | - |
|
| 639 | - /** |
|
| 640 | - * Authenticated asymmetric-key encryption. Both the sender and recipient |
|
| 641 | - * may decrypt messages. |
|
| 642 | - * |
|
| 643 | - * Algorithm: X25519-XSalsa20-Poly1305. |
|
| 644 | - * X25519: Elliptic-Curve Diffie Hellman over Curve25519. |
|
| 645 | - * XSalsa20: Extended-nonce variant of salsa20. |
|
| 646 | - * Poyl1305: Polynomial MAC for one-time message authentication. |
|
| 647 | - * |
|
| 648 | - * @param string $plaintext The message to be encrypted |
|
| 649 | - * @param string $nonce A Number to only be used Once; must be 24 bytes |
|
| 650 | - * @param string $keypair Your secret key and your recipient's public key |
|
| 651 | - * @return string Ciphertext with 16-byte Poly1305 MAC |
|
| 652 | - * @throws Error |
|
| 653 | - * @throws TypeError |
|
| 654 | - */ |
|
| 655 | - public static function crypto_box($plaintext, $nonce, $keypair) |
|
| 656 | - { |
|
| 657 | - /* Type checks: */ |
|
| 658 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 659 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 660 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 3); |
|
| 661 | - |
|
| 662 | - /* Input validation: */ |
|
| 663 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_BOX_NONCEBYTES) { |
|
| 664 | - throw new Error('Argument 2 must be CRYPTO_BOX_NONCEBYTES long.'); |
|
| 665 | - } |
|
| 666 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 667 | - throw new Error('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 668 | - } |
|
| 669 | - |
|
| 670 | - if (self::isPhp72OrGreater()) { |
|
| 671 | - return sodium_crypto_box($plaintext, $nonce, $keypair); |
|
| 672 | - } |
|
| 673 | - if (self::use_fallback('crypto_box')) { |
|
| 674 | - return call_user_func('\\Sodium\\crypto_box', $plaintext, $nonce, $keypair); |
|
| 675 | - } |
|
| 676 | - if (PHP_INT_SIZE === 4) { |
|
| 677 | - return ParagonIE_Sodium_Crypto32::box($plaintext, $nonce, $keypair); |
|
| 678 | - } |
|
| 679 | - return ParagonIE_Sodium_Crypto::box($plaintext, $nonce, $keypair); |
|
| 680 | - } |
|
| 681 | - |
|
| 682 | - /** |
|
| 683 | - * Anonymous public-key encryption. Only the recipient may decrypt messages. |
|
| 684 | - * |
|
| 685 | - * Algorithm: X25519-XSalsa20-Poly1305, as with crypto_box. |
|
| 686 | - * The sender's X25519 keypair is ephemeral. |
|
| 687 | - * Nonce is generated from the BLAKE2b hash of both public keys. |
|
| 688 | - * |
|
| 689 | - * This provides ciphertext integrity. |
|
| 690 | - * |
|
| 691 | - * @param string $plaintext Message to be sealed |
|
| 692 | - * @param string $publicKey Your recipient's public key |
|
| 693 | - * @return string Sealed message that only your recipient can |
|
| 694 | - * decrypt |
|
| 695 | - * @throws Error |
|
| 696 | - * @throws TypeError |
|
| 697 | - */ |
|
| 698 | - public static function crypto_box_seal($plaintext, $publicKey) |
|
| 699 | - { |
|
| 700 | - /* Type checks: */ |
|
| 701 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 702 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 703 | - |
|
| 704 | - /* Input validation: */ |
|
| 705 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 706 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 707 | - } |
|
| 708 | - |
|
| 709 | - if (self::isPhp72OrGreater()) { |
|
| 710 | - return sodium_crypto_box_seal($plaintext, $publicKey); |
|
| 711 | - } |
|
| 712 | - if (self::use_fallback('crypto_box_seal')) { |
|
| 713 | - return call_user_func('\\Sodium\\crypto_box_seal', $plaintext, $publicKey); |
|
| 714 | - } |
|
| 715 | - if (PHP_INT_SIZE === 4) { |
|
| 716 | - return ParagonIE_Sodium_Crypto32::box_seal($plaintext, $publicKey); |
|
| 717 | - } |
|
| 718 | - return ParagonIE_Sodium_Crypto::box_seal($plaintext, $publicKey); |
|
| 719 | - } |
|
| 720 | - |
|
| 721 | - /** |
|
| 722 | - * Opens a message encrypted with crypto_box_seal(). Requires |
|
| 723 | - * the recipient's keypair (sk || pk) to decrypt successfully. |
|
| 724 | - * |
|
| 725 | - * This validates ciphertext integrity. |
|
| 726 | - * |
|
| 727 | - * @param string $ciphertext Sealed message to be opened |
|
| 728 | - * @param string $keypair Your crypto_box keypair |
|
| 729 | - * @return string The original plaintext message |
|
| 730 | - * @throws Error |
|
| 731 | - * @throws TypeError |
|
| 732 | - */ |
|
| 733 | - public static function crypto_box_seal_open($ciphertext, $keypair) |
|
| 734 | - { |
|
| 735 | - /* Type checks: */ |
|
| 736 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 737 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 2); |
|
| 738 | - |
|
| 739 | - /* Input validation: */ |
|
| 740 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 741 | - throw new Error('Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 742 | - } |
|
| 743 | - |
|
| 744 | - if (self::isPhp72OrGreater()) { |
|
| 745 | - return sodium_crypto_box_seal_open($ciphertext, $keypair); |
|
| 746 | - } |
|
| 747 | - if (self::use_fallback('crypto_box_seal_open')) { |
|
| 748 | - return call_user_func('\\Sodium\\crypto_box_seal_open', $ciphertext, $keypair); |
|
| 749 | - } |
|
| 750 | - if (PHP_INT_SIZE === 4) { |
|
| 751 | - return ParagonIE_Sodium_Crypto32::box_seal_open($ciphertext, $keypair); |
|
| 752 | - } |
|
| 753 | - return ParagonIE_Sodium_Crypto::box_seal_open($ciphertext, $keypair); |
|
| 754 | - } |
|
| 755 | - |
|
| 756 | - /** |
|
| 757 | - * Generate a new random X25519 keypair. |
|
| 758 | - * |
|
| 759 | - * @return string A 64-byte string; the first 32 are your secret key, while |
|
| 760 | - * the last 32 are your public key. crypto_box_secretkey() |
|
| 761 | - * and crypto_box_publickey() exist to separate them so you |
|
| 762 | - * don't accidentally get them mixed up! |
|
| 763 | - */ |
|
| 764 | - public static function crypto_box_keypair() |
|
| 765 | - { |
|
| 766 | - if (self::isPhp72OrGreater()) { |
|
| 767 | - return sodium_crypto_box_keypair(); |
|
| 768 | - } |
|
| 769 | - if (self::use_fallback('crypto_box_keypair')) { |
|
| 770 | - return call_user_func('\\Sodium\\crypto_box_keypair'); |
|
| 771 | - } |
|
| 772 | - return ParagonIE_Sodium_Crypto::box_keypair(); |
|
| 773 | - } |
|
| 774 | - |
|
| 775 | - /** |
|
| 776 | - * Combine two keys into a keypair for use in library methods that expect |
|
| 777 | - * a keypair. This doesn't necessarily have to be the same person's keys. |
|
| 778 | - * |
|
| 779 | - * @param string $secretKey Secret key |
|
| 780 | - * @param string $publicKey Public key |
|
| 781 | - * @return string Keypair |
|
| 782 | - * @throws Error |
|
| 783 | - * @throws TypeError |
|
| 784 | - */ |
|
| 785 | - public static function crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey) |
|
| 786 | - { |
|
| 787 | - /* Type checks: */ |
|
| 788 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 789 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 790 | - |
|
| 791 | - /* Input validation: */ |
|
| 792 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 793 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 794 | - } |
|
| 795 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 796 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 797 | - } |
|
| 798 | - |
|
| 799 | - if (self::isPhp72OrGreater()) { |
|
| 800 | - return sodium_crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 801 | - } |
|
| 802 | - if (self::use_fallback('crypto_box_keypair_from_secretkey_and_publickey')) { |
|
| 803 | - return call_user_func('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey', $secretKey, $publicKey); |
|
| 804 | - } |
|
| 805 | - if (PHP_INT_SIZE === 4) { |
|
| 806 | - return ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 807 | - } |
|
| 808 | - return ParagonIE_Sodium_Crypto::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 809 | - } |
|
| 810 | - |
|
| 811 | - /** |
|
| 812 | - * Decrypt a message previously encrypted with crypto_box(). |
|
| 813 | - * |
|
| 814 | - * @param string $ciphertext Encrypted message |
|
| 815 | - * @param string $nonce Number to only be used Once; must be 24 bytes |
|
| 816 | - * @param string $keypair Your secret key and the sender's public key |
|
| 817 | - * @return string The original plaintext message |
|
| 818 | - * @throws Error |
|
| 819 | - * @throws TypeError |
|
| 820 | - */ |
|
| 821 | - public static function crypto_box_open($ciphertext, $nonce, $keypair) |
|
| 822 | - { |
|
| 823 | - /* Type checks: */ |
|
| 824 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 825 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 826 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 3); |
|
| 827 | - |
|
| 828 | - /* Input validation: */ |
|
| 829 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_BOX_MACBYTES) { |
|
| 830 | - throw new Error('Argument 1 must be at least CRYPTO_BOX_MACBYTES long.'); |
|
| 831 | - } |
|
| 832 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_BOX_NONCEBYTES) { |
|
| 833 | - throw new Error('Argument 2 must be CRYPTO_BOX_NONCEBYTES long.'); |
|
| 834 | - } |
|
| 835 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 836 | - throw new Error('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 837 | - } |
|
| 838 | - |
|
| 839 | - if (self::isPhp72OrGreater()) { |
|
| 840 | - return sodium_crypto_box_open($ciphertext, $nonce, $keypair); |
|
| 841 | - } |
|
| 842 | - if (self::use_fallback('crypto_box_open')) { |
|
| 843 | - return call_user_func('\\Sodium\\crypto_box_open', $ciphertext, $nonce, $keypair); |
|
| 844 | - } |
|
| 845 | - if (PHP_INT_SIZE === 4) { |
|
| 846 | - return ParagonIE_Sodium_Crypto32::box_open($ciphertext, $nonce, $keypair); |
|
| 847 | - } |
|
| 848 | - return ParagonIE_Sodium_Crypto::box_open($ciphertext, $nonce, $keypair); |
|
| 849 | - } |
|
| 850 | - |
|
| 851 | - /** |
|
| 852 | - * Extract the public key from a crypto_box keypair. |
|
| 853 | - * |
|
| 854 | - * @param string $keypair |
|
| 855 | - * @return string Your crypto_box public key |
|
| 856 | - * @throws Error |
|
| 857 | - * @throws TypeError |
|
| 858 | - */ |
|
| 859 | - public static function crypto_box_publickey($keypair) |
|
| 860 | - { |
|
| 861 | - /* Type checks: */ |
|
| 862 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 863 | - |
|
| 864 | - /* Input validation: */ |
|
| 865 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 866 | - throw new Error('Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 867 | - } |
|
| 868 | - |
|
| 869 | - if (self::isPhp72OrGreater()) { |
|
| 870 | - return sodium_crypto_box_publickey($keypair); |
|
| 871 | - } |
|
| 872 | - if (self::use_fallback('crypto_box_publickey')) { |
|
| 873 | - return call_user_func('\\Sodium\\crypto_box_publickey', $keypair); |
|
| 874 | - } |
|
| 875 | - if (PHP_INT_SIZE === 4) { |
|
| 876 | - return ParagonIE_Sodium_Crypto32::box_publickey($keypair); |
|
| 877 | - } |
|
| 878 | - return ParagonIE_Sodium_Crypto::box_publickey($keypair); |
|
| 879 | - } |
|
| 880 | - |
|
| 881 | - /** |
|
| 882 | - * Calculate the X25519 public key from a given X25519 secret key. |
|
| 883 | - * |
|
| 884 | - * @param string $secretKey Any X25519 secret key |
|
| 885 | - * @return string The corresponding X25519 public key |
|
| 886 | - * @throws Error |
|
| 887 | - * @throws TypeError |
|
| 888 | - */ |
|
| 889 | - public static function crypto_box_publickey_from_secretkey($secretKey) |
|
| 890 | - { |
|
| 891 | - /* Type checks: */ |
|
| 892 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 893 | - |
|
| 894 | - /* Input validation: */ |
|
| 895 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 896 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 897 | - } |
|
| 898 | - |
|
| 899 | - if (self::isPhp72OrGreater()) { |
|
| 900 | - return sodium_crypto_box_publickey_from_secretkey($secretKey); |
|
| 901 | - } |
|
| 902 | - if (self::use_fallback('crypto_box_publickey_from_secretkey')) { |
|
| 903 | - return call_user_func('\\Sodium\\crypto_box_publickey_from_secretkey', $secretKey); |
|
| 904 | - } |
|
| 905 | - if (PHP_INT_SIZE === 4) { |
|
| 906 | - return ParagonIE_Sodium_Crypto32::box_publickey_from_secretkey($secretKey); |
|
| 907 | - } |
|
| 908 | - return ParagonIE_Sodium_Crypto::box_publickey_from_secretkey($secretKey); |
|
| 909 | - } |
|
| 910 | - |
|
| 911 | - /** |
|
| 912 | - * Extract the secret key from a crypto_box keypair. |
|
| 913 | - * |
|
| 914 | - * @param string $keypair |
|
| 915 | - * @return string Your crypto_box secret key |
|
| 916 | - * @throws Error |
|
| 917 | - * @throws TypeError |
|
| 918 | - */ |
|
| 919 | - public static function crypto_box_secretkey($keypair) |
|
| 920 | - { |
|
| 921 | - /* Type checks: */ |
|
| 922 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 923 | - |
|
| 924 | - /* Input validation: */ |
|
| 925 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 926 | - throw new Error('Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 927 | - } |
|
| 928 | - |
|
| 929 | - if (self::isPhp72OrGreater()) { |
|
| 930 | - return sodium_crypto_box_secretkey($keypair); |
|
| 931 | - } |
|
| 932 | - if (self::use_fallback('crypto_box_secretkey')) { |
|
| 933 | - return call_user_func('\\Sodium\\crypto_box_secretkey', $keypair); |
|
| 934 | - } |
|
| 935 | - if (PHP_INT_SIZE === 4) { |
|
| 936 | - return ParagonIE_Sodium_Crypto32::box_secretkey($keypair); |
|
| 937 | - } |
|
| 938 | - return ParagonIE_Sodium_Crypto::box_secretkey($keypair); |
|
| 939 | - } |
|
| 940 | - |
|
| 941 | - /** |
|
| 942 | - * Generate an X25519 keypair from a seed. |
|
| 943 | - * |
|
| 944 | - * @param string $seed |
|
| 945 | - * @return string |
|
| 946 | - */ |
|
| 947 | - public static function crypto_box_seed_keypair($seed) |
|
| 948 | - { |
|
| 949 | - /* Type checks: */ |
|
| 950 | - ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
|
| 951 | - |
|
| 952 | - if (self::isPhp72OrGreater()) { |
|
| 953 | - return sodium_crypto_box_seed_keypair($seed); |
|
| 954 | - } |
|
| 955 | - if (self::use_fallback('crypto_box_seed_keypair')) { |
|
| 956 | - return call_user_func('\\Sodium\\crypto_box_seed_keypair', $seed); |
|
| 957 | - } |
|
| 958 | - return ParagonIE_Sodium_Crypto::box_seed_keypair($seed); |
|
| 959 | - } |
|
| 960 | - |
|
| 961 | - /** |
|
| 962 | - * Calculates a BLAKE2b hash, with an optional key. |
|
| 963 | - * |
|
| 964 | - * @param string $message The message to be hashed |
|
| 965 | - * @param string $key If specified, must be a string between 16 and 64 |
|
| 966 | - * bytes long |
|
| 967 | - * @param int $length Output length in bytes; must be between 16 and 64 |
|
| 968 | - * (default = 32) |
|
| 969 | - * @return string Raw binary |
|
| 970 | - * @throws Error |
|
| 971 | - * @throws TypeError |
|
| 972 | - */ |
|
| 973 | - public static function crypto_generichash($message, $key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 974 | - { |
|
| 975 | - /* Type checks: */ |
|
| 976 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 977 | - if (is_null($key)) { |
|
| 978 | - $key = ''; |
|
| 979 | - } |
|
| 980 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 981 | - ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 3); |
|
| 982 | - |
|
| 983 | - /* Input validation: */ |
|
| 984 | - if (!empty($key)) { |
|
| 985 | - if (ParagonIE_Sodium_Core_Util::strlen($key) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN) { |
|
| 986 | - throw new Error('Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.'); |
|
| 987 | - } |
|
| 988 | - if (ParagonIE_Sodium_Core_Util::strlen($key) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { |
|
| 989 | - throw new Error('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); |
|
| 990 | - } |
|
| 991 | - } |
|
| 992 | - |
|
| 993 | - if (self::isPhp72OrGreater()) { |
|
| 994 | - return sodium_crypto_generichash($message, $key, $length); |
|
| 995 | - } |
|
| 996 | - if (self::use_fallback('crypto_generichash')) { |
|
| 997 | - return call_user_func('\\Sodium\\crypto_generichash', $message, $key, $length); |
|
| 998 | - } |
|
| 999 | - if (PHP_INT_SIZE === 4) { |
|
| 1000 | - return ParagonIE_Sodium_Crypto32::generichash($message, $key, $length); |
|
| 1001 | - } |
|
| 1002 | - return ParagonIE_Sodium_Crypto::generichash($message, $key, $length); |
|
| 1003 | - } |
|
| 1004 | - |
|
| 1005 | - /** |
|
| 1006 | - * Get the final BLAKE2b hash output for a given context. |
|
| 1007 | - * |
|
| 1008 | - * @param string &$ctx BLAKE2 hashing context. Generated by crypto_generichash_init(). |
|
| 1009 | - * @param int $length Hash output size. |
|
| 1010 | - * @return string Final BLAKE2b hash. |
|
| 1011 | - * @throws Error |
|
| 1012 | - * @throws TypeError |
|
| 1013 | - */ |
|
| 1014 | - public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1015 | - { |
|
| 1016 | - /* Type checks: */ |
|
| 1017 | - ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
|
| 1018 | - ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
|
| 1019 | - |
|
| 1020 | - if (self::isPhp72OrGreater()) { |
|
| 1021 | - return sodium_crypto_generichash_final($ctx, $length); |
|
| 1022 | - } |
|
| 1023 | - if (self::use_fallback('crypto_generichash_final')) { |
|
| 1024 | - $func = '\\Sodium\\crypto_generichash_final'; |
|
| 1025 | - return $func($ctx, $length); |
|
| 1026 | - } |
|
| 1027 | - if (PHP_INT_SIZE === 4) { |
|
| 1028 | - $result = ParagonIE_Sodium_Crypto32::generichash_final($ctx, $length); |
|
| 1029 | - } else { |
|
| 1030 | - $result = ParagonIE_Sodium_Crypto::generichash_final($ctx, $length); |
|
| 1031 | - } |
|
| 1032 | - try { |
|
| 1033 | - self::memzero($ctx); |
|
| 1034 | - } catch (Error $ex) { |
|
| 1035 | - unset($ctx); |
|
| 1036 | - } |
|
| 1037 | - return $result; |
|
| 1038 | - } |
|
| 1039 | - |
|
| 1040 | - /** |
|
| 1041 | - * Initialize a BLAKE2b hashing context, for use in a streaming interface. |
|
| 1042 | - * |
|
| 1043 | - * @param string $key If specified must be a string between 16 and 64 bytes |
|
| 1044 | - * @param int $length The size of the desired hash output |
|
| 1045 | - * @return string A BLAKE2 hashing context, encoded as a string |
|
| 1046 | - * (To be 100% compatible with ext/libsodium) |
|
| 1047 | - * @throws Error |
|
| 1048 | - * @throws TypeError |
|
| 1049 | - */ |
|
| 1050 | - public static function crypto_generichash_init($key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1051 | - { |
|
| 1052 | - /* Type checks: */ |
|
| 1053 | - if (is_null($key)) { |
|
| 1054 | - $key = ''; |
|
| 1055 | - } |
|
| 1056 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 1); |
|
| 1057 | - ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
|
| 1058 | - |
|
| 1059 | - /* Input validation: */ |
|
| 1060 | - if (!empty($key)) { |
|
| 1061 | - if (ParagonIE_Sodium_Core_Util::strlen($key) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN) { |
|
| 1062 | - throw new Error('Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.'); |
|
| 1063 | - } |
|
| 1064 | - if (ParagonIE_Sodium_Core_Util::strlen($key) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { |
|
| 1065 | - throw new Error('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); |
|
| 1066 | - } |
|
| 1067 | - } |
|
| 1068 | - |
|
| 1069 | - if (self::isPhp72OrGreater()) { |
|
| 1070 | - return sodium_crypto_generichash_init($key, $length); |
|
| 1071 | - } |
|
| 1072 | - if (self::use_fallback('crypto_generichash_init')) { |
|
| 1073 | - return call_user_func('\\Sodium\\crypto_generichash_init', $key, $length); |
|
| 1074 | - } |
|
| 1075 | - if (PHP_INT_SIZE === 4) { |
|
| 1076 | - return ParagonIE_Sodium_Crypto32::generichash_init($key, $length); |
|
| 1077 | - } |
|
| 1078 | - return ParagonIE_Sodium_Crypto::generichash_init($key, $length); |
|
| 1079 | - } |
|
| 1080 | - |
|
| 1081 | - /** |
|
| 1082 | - * Update a BLAKE2b hashing context with additional data. |
|
| 1083 | - * |
|
| 1084 | - * @param string &$ctx BLAKE2 hashing context. Generated by crypto_generichash_init(). |
|
| 1085 | - * $ctx is passed by reference and gets updated in-place. |
|
| 1086 | - * @param string $message The message to append to the existing hash state. |
|
| 1087 | - * @return void |
|
| 1088 | - * @throws TypeError |
|
| 1089 | - */ |
|
| 1090 | - public static function crypto_generichash_update(&$ctx, $message) |
|
| 1091 | - { |
|
| 1092 | - /* Type checks: */ |
|
| 1093 | - ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
|
| 1094 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 1095 | - |
|
| 1096 | - if (self::isPhp72OrGreater()) { |
|
| 1097 | - sodium_crypto_generichash_update($ctx, $message); |
|
| 1098 | - return; |
|
| 1099 | - } |
|
| 1100 | - if (self::use_fallback('crypto_generichash_update')) { |
|
| 1101 | - $func = '\\Sodium\\crypto_generichash_update'; |
|
| 1102 | - $func($ctx, $message); |
|
| 1103 | - return; |
|
| 1104 | - } |
|
| 1105 | - if (PHP_INT_SIZE === 4) { |
|
| 1106 | - $ctx = ParagonIE_Sodium_Crypto32::generichash_update($ctx, $message); |
|
| 1107 | - } else { |
|
| 1108 | - $ctx = ParagonIE_Sodium_Crypto::generichash_update($ctx, $message); |
|
| 1109 | - } |
|
| 1110 | - } |
|
| 1111 | - |
|
| 1112 | - /** |
|
| 1113 | - * Perform a key exchange, between a designated client and a server. |
|
| 1114 | - * |
|
| 1115 | - * Typically, you would designate one machine to be the client and the |
|
| 1116 | - * other to be the server. The first two keys are what you'd expect for |
|
| 1117 | - * scalarmult() below, but the latter two public keys don't swap places. |
|
| 1118 | - * |
|
| 1119 | - * | ALICE | BOB | |
|
| 1120 | - * | Client | Server | |
|
| 1121 | - * |--------------------------------|-------------------------------------| |
|
| 1122 | - * | shared = crypto_kx( | shared = crypto_kx( | |
|
| 1123 | - * | alice_sk, | bob_sk, | <- contextual |
|
| 1124 | - * | bob_pk, | alice_pk, | <- contextual |
|
| 1125 | - * | alice_pk, | alice_pk, | <----- static |
|
| 1126 | - * | bob_pk | bob_pk | <----- static |
|
| 1127 | - * | ) | ) | |
|
| 1128 | - * |
|
| 1129 | - * They are used along with the scalarmult product to generate a 256-bit |
|
| 1130 | - * BLAKE2b hash unique to the client and server keys. |
|
| 1131 | - * |
|
| 1132 | - * @param string $my_secret |
|
| 1133 | - * @param string $their_public |
|
| 1134 | - * @param string $client_public |
|
| 1135 | - * @param string $server_public |
|
| 1136 | - * @return string |
|
| 1137 | - * @throws Error |
|
| 1138 | - * @throws TypeError |
|
| 1139 | - */ |
|
| 1140 | - public static function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 1141 | - { |
|
| 1142 | - /* Type checks: */ |
|
| 1143 | - ParagonIE_Sodium_Core_Util::declareScalarType($my_secret, 'string', 1); |
|
| 1144 | - ParagonIE_Sodium_Core_Util::declareScalarType($their_public, 'string', 2); |
|
| 1145 | - ParagonIE_Sodium_Core_Util::declareScalarType($client_public, 'string', 3); |
|
| 1146 | - ParagonIE_Sodium_Core_Util::declareScalarType($server_public, 'string', 4); |
|
| 1147 | - |
|
| 1148 | - /* Input validation: */ |
|
| 1149 | - if (ParagonIE_Sodium_Core_Util::strlen($my_secret) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1150 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1151 | - } |
|
| 1152 | - if (ParagonIE_Sodium_Core_Util::strlen($their_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1153 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1154 | - } |
|
| 1155 | - if (ParagonIE_Sodium_Core_Util::strlen($client_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1156 | - throw new Error('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1157 | - } |
|
| 1158 | - if (ParagonIE_Sodium_Core_Util::strlen($server_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1159 | - throw new Error('Argument 4 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1160 | - } |
|
| 1161 | - |
|
| 1162 | - if (self::isPhp72OrGreater()) { |
|
| 1163 | - if (is_callable('sodium_crypto_kx')) { |
|
| 1164 | - return sodium_crypto_kx( |
|
| 1165 | - $my_secret, |
|
| 1166 | - $their_public, |
|
| 1167 | - $client_public, |
|
| 1168 | - $server_public |
|
| 1169 | - ); |
|
| 1170 | - } |
|
| 1171 | - } |
|
| 1172 | - if (self::use_fallback('crypto_kx')) { |
|
| 1173 | - return call_user_func( |
|
| 1174 | - '\\Sodium\\crypto_kx', |
|
| 1175 | - $my_secret, |
|
| 1176 | - $their_public, |
|
| 1177 | - $client_public, |
|
| 1178 | - $server_public |
|
| 1179 | - ); |
|
| 1180 | - } |
|
| 1181 | - if (PHP_INT_SIZE === 4) { |
|
| 1182 | - return ParagonIE_Sodium_Crypto32::keyExchange( |
|
| 1183 | - $my_secret, |
|
| 1184 | - $their_public, |
|
| 1185 | - $client_public, |
|
| 1186 | - $server_public |
|
| 1187 | - ); |
|
| 1188 | - } |
|
| 1189 | - return ParagonIE_Sodium_Crypto::keyExchange( |
|
| 1190 | - $my_secret, |
|
| 1191 | - $their_public, |
|
| 1192 | - $client_public, |
|
| 1193 | - $server_public |
|
| 1194 | - ); |
|
| 1195 | - } |
|
| 1196 | - |
|
| 1197 | - /** |
|
| 1198 | - * @param int $outlen |
|
| 1199 | - * @param string $passwd |
|
| 1200 | - * @param string $salt |
|
| 1201 | - * @param int $opslimit |
|
| 1202 | - * @param int $memlimit |
|
| 1203 | - * @return string |
|
| 1204 | - * @throws Error |
|
| 1205 | - */ |
|
| 1206 | - public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1207 | - { |
|
| 1208 | - ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
|
| 1209 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
|
| 1210 | - ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
|
| 1211 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); |
|
| 1212 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); |
|
| 1213 | - |
|
| 1214 | - if (self::isPhp72OrGreater()) { |
|
| 1215 | - return sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1216 | - } |
|
| 1217 | - if (self::use_fallback('crypto_pwhash')) { |
|
| 1218 | - return call_user_func('\\Sodium\\crypto_pwhash', $outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1219 | - } |
|
| 1220 | - // This is the best we can do. |
|
| 1221 | - throw new Error( |
|
| 1222 | - 'This is not implemented, as it is not possible to implement Argon2i with acceptable performance in pure-PHP' |
|
| 1223 | - ); |
|
| 1224 | - } |
|
| 1225 | - |
|
| 1226 | - /** |
|
| 1227 | - * @param string $passwd |
|
| 1228 | - * @param int $opslimit |
|
| 1229 | - * @param int $memlimit |
|
| 1230 | - * @return string |
|
| 1231 | - * @throws Error |
|
| 1232 | - */ |
|
| 1233 | - public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 1234 | - { |
|
| 1235 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1236 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
|
| 1237 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
|
| 1238 | - |
|
| 1239 | - if (self::isPhp72OrGreater()) { |
|
| 1240 | - return sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 1241 | - } |
|
| 1242 | - if (self::use_fallback('crypto_pwhash_str')) { |
|
| 1243 | - return call_user_func('\\Sodium\\crypto_pwhash_str', $passwd, $opslimit, $memlimit); |
|
| 1244 | - } |
|
| 1245 | - // This is the best we can do. |
|
| 1246 | - throw new Error( |
|
| 1247 | - 'This is not implemented, as it is not possible to implement Argon2i with acceptable performance in pure-PHP' |
|
| 1248 | - ); |
|
| 1249 | - } |
|
| 1250 | - |
|
| 1251 | - /** |
|
| 1252 | - * @param string $passwd |
|
| 1253 | - * @param string $hash |
|
| 1254 | - * @return bool |
|
| 1255 | - * @throws Error |
|
| 1256 | - */ |
|
| 1257 | - public static function crypto_pwhash_str_verify($passwd, $hash) |
|
| 1258 | - { |
|
| 1259 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1260 | - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
|
| 1261 | - |
|
| 1262 | - if (self::isPhp72OrGreater()) { |
|
| 1263 | - return sodium_crypto_pwhash_str_verify($passwd, $hash); |
|
| 1264 | - } |
|
| 1265 | - if (self::use_fallback('crypto_pwhash_str_verify')) { |
|
| 1266 | - return call_user_func('\\Sodium\\crypto_pwhash_str_verify', $passwd, $hash); |
|
| 1267 | - } |
|
| 1268 | - // This is the best we can do. |
|
| 1269 | - throw new Error( |
|
| 1270 | - 'This is not implemented, as it is not possible to implement Argon2i with acceptable performance in pure-PHP' |
|
| 1271 | - ); |
|
| 1272 | - } |
|
| 1273 | - |
|
| 1274 | - /** |
|
| 1275 | - * @param int $outlen |
|
| 1276 | - * @param string $passwd |
|
| 1277 | - * @param string $salt |
|
| 1278 | - * @param int $opslimit |
|
| 1279 | - * @param int $memlimit |
|
| 1280 | - * @return string |
|
| 1281 | - * @throws Error |
|
| 1282 | - */ |
|
| 1283 | - public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1284 | - { |
|
| 1285 | - ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
|
| 1286 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
|
| 1287 | - ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
|
| 1288 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); |
|
| 1289 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); |
|
| 1290 | - |
|
| 1291 | - if (self::isPhp72OrGreater()) { |
|
| 1292 | - return sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1293 | - } |
|
| 1294 | - if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256')) { |
|
| 1295 | - return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256', $outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1296 | - } |
|
| 1297 | - // This is the best we can do. |
|
| 1298 | - throw new Error( |
|
| 1299 | - 'This is not implemented, as it is not possible to implement Scrypt with acceptable performance in pure-PHP' |
|
| 1300 | - ); |
|
| 1301 | - } |
|
| 1302 | - |
|
| 1303 | - /** |
|
| 1304 | - * @param string $passwd |
|
| 1305 | - * @param int $opslimit |
|
| 1306 | - * @param int $memlimit |
|
| 1307 | - * @return string |
|
| 1308 | - * @throws Error |
|
| 1309 | - */ |
|
| 1310 | - public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 1311 | - { |
|
| 1312 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1313 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
|
| 1314 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
|
| 1315 | - |
|
| 1316 | - if (self::isPhp72OrGreater()) { |
|
| 1317 | - return sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 1318 | - } |
|
| 1319 | - if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str')) { |
|
| 1320 | - return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str', $passwd, $opslimit, $memlimit); |
|
| 1321 | - } |
|
| 1322 | - // This is the best we can do. |
|
| 1323 | - throw new Error( |
|
| 1324 | - 'This is not implemented, as it is not possible to implement Scrypt with acceptable performance in pure-PHP' |
|
| 1325 | - ); |
|
| 1326 | - } |
|
| 1327 | - |
|
| 1328 | - /** |
|
| 1329 | - * @param string $passwd |
|
| 1330 | - * @param string $hash |
|
| 1331 | - * @return bool |
|
| 1332 | - * @throws Error |
|
| 1333 | - */ |
|
| 1334 | - public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 1335 | - { |
|
| 1336 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1337 | - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
|
| 1338 | - |
|
| 1339 | - if (self::isPhp72OrGreater()) { |
|
| 1340 | - return sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 1341 | - } |
|
| 1342 | - if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
|
| 1343 | - return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify', $passwd, $hash); |
|
| 1344 | - } |
|
| 1345 | - // This is the best we can do. |
|
| 1346 | - throw new Error( |
|
| 1347 | - 'This is not implemented, as it is not possible to implement Scrypt with acceptable performance in pure-PHP' |
|
| 1348 | - ); |
|
| 1349 | - } |
|
| 1350 | - |
|
| 1351 | - /** |
|
| 1352 | - * Calculate the shared secret between your secret key and your |
|
| 1353 | - * recipient's public key. |
|
| 1354 | - * |
|
| 1355 | - * Algorithm: X25519 (ECDH over Curve25519) |
|
| 1356 | - * |
|
| 1357 | - * @param string $secretKey |
|
| 1358 | - * @param string $publicKey |
|
| 1359 | - * @return string |
|
| 1360 | - * @throws Error |
|
| 1361 | - * @throws TypeError |
|
| 1362 | - */ |
|
| 1363 | - public static function crypto_scalarmult($secretKey, $publicKey) |
|
| 1364 | - { |
|
| 1365 | - /* Type checks: */ |
|
| 1366 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1367 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 1368 | - |
|
| 1369 | - /* Input validation: */ |
|
| 1370 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1371 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1372 | - } |
|
| 1373 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1374 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1375 | - } |
|
| 1376 | - |
|
| 1377 | - if (self::isPhp72OrGreater()) { |
|
| 1378 | - return sodium_crypto_scalarmult($secretKey, $publicKey); |
|
| 1379 | - } |
|
| 1380 | - if (self::use_fallback('crypto_scalarmult')) { |
|
| 1381 | - return call_user_func('\\Sodium\\crypto_scalarmult', $secretKey, $publicKey); |
|
| 1382 | - } |
|
| 1383 | - |
|
| 1384 | - /* Output validation: Forbid all-zero keys */ |
|
| 1385 | - if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { |
|
| 1386 | - throw new Error('Zero secret key is not allowed'); |
|
| 1387 | - } |
|
| 1388 | - if (ParagonIE_Sodium_Core_Util::hashEquals($publicKey, str_repeat("\0", self::CRYPTO_BOX_PUBLICKEYBYTES))) { |
|
| 1389 | - throw new Error('Zero public key is not allowed'); |
|
| 1390 | - } |
|
| 1391 | - if (PHP_INT_SIZE === 4) { |
|
| 1392 | - return ParagonIE_Sodium_Crypto32::scalarmult($secretKey, $publicKey); |
|
| 1393 | - } |
|
| 1394 | - return ParagonIE_Sodium_Crypto::scalarmult($secretKey, $publicKey); |
|
| 1395 | - } |
|
| 1396 | - |
|
| 1397 | - /** |
|
| 1398 | - * Calculate an X25519 public key from an X25519 secret key. |
|
| 1399 | - * |
|
| 1400 | - * @param string $secretKey |
|
| 1401 | - * @return string |
|
| 1402 | - * @throws Error |
|
| 1403 | - * @throws TypeError |
|
| 1404 | - */ |
|
| 1405 | - public static function crypto_scalarmult_base($secretKey) |
|
| 1406 | - { |
|
| 1407 | - /* Type checks: */ |
|
| 1408 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1409 | - |
|
| 1410 | - /* Input validation: */ |
|
| 1411 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1412 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1413 | - } |
|
| 1414 | - |
|
| 1415 | - if (self::isPhp72OrGreater()) { |
|
| 1416 | - return sodium_crypto_scalarmult_base($secretKey); |
|
| 1417 | - } |
|
| 1418 | - if (self::use_fallback('crypto_scalarmult_base')) { |
|
| 1419 | - return call_user_func('\\Sodium\\crypto_scalarmult_base', $secretKey); |
|
| 1420 | - } |
|
| 1421 | - if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { |
|
| 1422 | - throw new Error('Zero secret key is not allowed'); |
|
| 1423 | - } |
|
| 1424 | - if (PHP_INT_SIZE === 4) { |
|
| 1425 | - return ParagonIE_Sodium_Crypto32::scalarmult_base($secretKey); |
|
| 1426 | - } |
|
| 1427 | - return ParagonIE_Sodium_Crypto::scalarmult_base($secretKey); |
|
| 1428 | - } |
|
| 1429 | - |
|
| 1430 | - /** |
|
| 1431 | - * Authenticated symmetric-key encryption. |
|
| 1432 | - * |
|
| 1433 | - * Algorithm: XSalsa20-Poly1305 |
|
| 1434 | - * |
|
| 1435 | - * @param string $plaintext The message you're encrypting |
|
| 1436 | - * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1437 | - * @param string $key Symmetric encryption key |
|
| 1438 | - * @return string Ciphertext with Poly1305 MAC |
|
| 1439 | - * @throws Error |
|
| 1440 | - * @throws TypeError |
|
| 1441 | - */ |
|
| 1442 | - public static function crypto_secretbox($plaintext, $nonce, $key) |
|
| 1443 | - { |
|
| 1444 | - /* Type checks: */ |
|
| 1445 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 1446 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1447 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1448 | - |
|
| 1449 | - /* Input validation: */ |
|
| 1450 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1451 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1452 | - } |
|
| 1453 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1454 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1455 | - } |
|
| 1456 | - |
|
| 1457 | - if (self::isPhp72OrGreater()) { |
|
| 1458 | - return sodium_crypto_secretbox($plaintext, $nonce, $key); |
|
| 1459 | - } |
|
| 1460 | - if (self::use_fallback('crypto_secretbox')) { |
|
| 1461 | - return call_user_func('\\Sodium\\crypto_secretbox', $plaintext, $nonce, $key); |
|
| 1462 | - } |
|
| 1463 | - if (PHP_INT_SIZE === 4) { |
|
| 1464 | - return ParagonIE_Sodium_Crypto32::secretbox($plaintext, $nonce, $key); |
|
| 1465 | - } |
|
| 1466 | - return ParagonIE_Sodium_Crypto::secretbox($plaintext, $nonce, $key); |
|
| 1467 | - } |
|
| 1468 | - |
|
| 1469 | - /** |
|
| 1470 | - * Decrypts a message previously encrypted with crypto_secretbox(). |
|
| 1471 | - * |
|
| 1472 | - * @param string $ciphertext Ciphertext with Poly1305 MAC |
|
| 1473 | - * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1474 | - * @param string $key Symmetric encryption key |
|
| 1475 | - * @return string Original plaintext message |
|
| 1476 | - * @throws Error |
|
| 1477 | - * @throws TypeError |
|
| 1478 | - */ |
|
| 1479 | - public static function crypto_secretbox_open($ciphertext, $nonce, $key) |
|
| 1480 | - { |
|
| 1481 | - /* Type checks: */ |
|
| 1482 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 1483 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1484 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1485 | - |
|
| 1486 | - /* Input validation: */ |
|
| 1487 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1488 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1489 | - } |
|
| 1490 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1491 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1492 | - } |
|
| 1493 | - |
|
| 1494 | - if (self::isPhp72OrGreater()) { |
|
| 1495 | - return sodium_crypto_secretbox_open($ciphertext, $nonce, $key); |
|
| 1496 | - } |
|
| 1497 | - if (self::use_fallback('crypto_secretbox_open')) { |
|
| 1498 | - return call_user_func('\\Sodium\\crypto_secretbox_open', $ciphertext, $nonce, $key); |
|
| 1499 | - } |
|
| 1500 | - if (PHP_INT_SIZE === 4) { |
|
| 1501 | - return ParagonIE_Sodium_Crypto32::secretbox_open($ciphertext, $nonce, $key); |
|
| 1502 | - } |
|
| 1503 | - return ParagonIE_Sodium_Crypto::secretbox_open($ciphertext, $nonce, $key); |
|
| 1504 | - } |
|
| 1505 | - |
|
| 1506 | - /** |
|
| 1507 | - * Authenticated symmetric-key encryption. |
|
| 1508 | - * |
|
| 1509 | - * Algorithm: XChaCha20-Poly1305 |
|
| 1510 | - * |
|
| 1511 | - * @param string $plaintext The message you're encrypting |
|
| 1512 | - * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1513 | - * @param string $key Symmetric encryption key |
|
| 1514 | - * @return string Ciphertext with Poly1305 MAC |
|
| 1515 | - * @throws Error |
|
| 1516 | - * @throws TypeError |
|
| 1517 | - */ |
|
| 1518 | - public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $key) |
|
| 1519 | - { |
|
| 1520 | - /* Type checks: */ |
|
| 1521 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 1522 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1523 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1524 | - |
|
| 1525 | - /* Input validation: */ |
|
| 1526 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1527 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1528 | - } |
|
| 1529 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1530 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1531 | - } |
|
| 1532 | - if (PHP_INT_SIZE === 4) { |
|
| 1533 | - return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305($plaintext, $nonce, $key); |
|
| 1534 | - } |
|
| 1535 | - return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305($plaintext, $nonce, $key); |
|
| 1536 | - } |
|
| 1537 | - /** |
|
| 1538 | - * Decrypts a message previously encrypted with crypto_secretbox_xchacha20poly1305(). |
|
| 1539 | - * |
|
| 1540 | - * @param string $ciphertext Ciphertext with Poly1305 MAC |
|
| 1541 | - * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1542 | - * @param string $key Symmetric encryption key |
|
| 1543 | - * @return string Original plaintext message |
|
| 1544 | - * @throws Error |
|
| 1545 | - * @throws TypeError |
|
| 1546 | - */ |
|
| 1547 | - public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) |
|
| 1548 | - { |
|
| 1549 | - /* Type checks: */ |
|
| 1550 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 1551 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1552 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1553 | - |
|
| 1554 | - /* Input validation: */ |
|
| 1555 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1556 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1557 | - } |
|
| 1558 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1559 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1560 | - } |
|
| 1561 | - |
|
| 1562 | - if (PHP_INT_SIZE === 4) { |
|
| 1563 | - return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); |
|
| 1564 | - } |
|
| 1565 | - return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); |
|
| 1566 | - } |
|
| 1567 | - |
|
| 1568 | - /** |
|
| 1569 | - * Calculates a SipHash-2-4 hash of a message for a given key. |
|
| 1570 | - * |
|
| 1571 | - * @param string $message Input message |
|
| 1572 | - * @param string $key SipHash-2-4 key |
|
| 1573 | - * @return string Hash |
|
| 1574 | - * @throws Error |
|
| 1575 | - * @throws TypeError |
|
| 1576 | - */ |
|
| 1577 | - public static function crypto_shorthash($message, $key) |
|
| 1578 | - { |
|
| 1579 | - /* Type checks: */ |
|
| 1580 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1581 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 1582 | - |
|
| 1583 | - /* Input validation: */ |
|
| 1584 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SHORTHASH_KEYBYTES) { |
|
| 1585 | - throw new Error('Argument 2 must be CRYPTO_SHORTHASH_KEYBYTES long.'); |
|
| 1586 | - } |
|
| 1587 | - |
|
| 1588 | - if (self::isPhp72OrGreater()) { |
|
| 1589 | - return sodium_crypto_shorthash($message, $key); |
|
| 1590 | - } |
|
| 1591 | - if (self::use_fallback('crypto_shorthash')) { |
|
| 1592 | - return call_user_func('\\Sodium\\crypto_shorthash', $message, $key); |
|
| 1593 | - } |
|
| 1594 | - if (PHP_INT_SIZE === 4) { |
|
| 1595 | - return ParagonIE_Sodium_Core32_SipHash::sipHash24($message, $key); |
|
| 1596 | - } |
|
| 1597 | - return ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key); |
|
| 1598 | - } |
|
| 1599 | - |
|
| 1600 | - /** |
|
| 1601 | - * Expand a key and nonce into a keystream of pseudorandom bytes. |
|
| 1602 | - * |
|
| 1603 | - * @param int $len Number of bytes desired |
|
| 1604 | - * @param string $nonce Number to be used Once; must be 24 bytes |
|
| 1605 | - * @param string $key XSalsa20 key |
|
| 1606 | - * @return string Pseudorandom stream that can be XORed with messages |
|
| 1607 | - * to provide encryption (but not authentication; see |
|
| 1608 | - * Poly1305 or crypto_auth() for that, which is not |
|
| 1609 | - * optional for security) |
|
| 1610 | - * @throws Error |
|
| 1611 | - * @throws TypeError |
|
| 1612 | - */ |
|
| 1613 | - public static function crypto_stream($len, $nonce, $key) |
|
| 1614 | - { |
|
| 1615 | - /* Type checks: */ |
|
| 1616 | - ParagonIE_Sodium_Core_Util::declareScalarType($len, 'int', 1); |
|
| 1617 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1618 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1619 | - |
|
| 1620 | - /* Input validation: */ |
|
| 1621 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { |
|
| 1622 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1623 | - } |
|
| 1624 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) { |
|
| 1625 | - throw new Error('Argument 3 must be CRYPTO_STREAM_KEYBYTES long.'); |
|
| 1626 | - } |
|
| 1627 | - |
|
| 1628 | - if (self::isPhp72OrGreater()) { |
|
| 1629 | - return sodium_crypto_stream($len, $nonce, $key); |
|
| 1630 | - } |
|
| 1631 | - if (self::use_fallback('crypto_stream')) { |
|
| 1632 | - return call_user_func('\\Sodium\\crypto_stream', $len, $nonce, $key); |
|
| 1633 | - } |
|
| 1634 | - if (PHP_INT_SIZE === 4) { |
|
| 1635 | - return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20($len, $nonce, $key); |
|
| 1636 | - } |
|
| 1637 | - return ParagonIE_Sodium_Core_XSalsa20::xsalsa20($len, $nonce, $key); |
|
| 1638 | - } |
|
| 1639 | - |
|
| 1640 | - /** |
|
| 1641 | - * DANGER! UNAUTHENTICATED ENCRYPTION! |
|
| 1642 | - * |
|
| 1643 | - * Unless you are following expert advice, do not used this feature. |
|
| 1644 | - * |
|
| 1645 | - * Algorithm: XSalsa20 |
|
| 1646 | - * |
|
| 1647 | - * This DOES NOT provide ciphertext integrity. |
|
| 1648 | - * |
|
| 1649 | - * @param string $message Plaintext message |
|
| 1650 | - * @param string $nonce Number to be used Once; must be 24 bytes |
|
| 1651 | - * @param string $key Encryption key |
|
| 1652 | - * @return string Encrypted text which is vulnerable to chosen- |
|
| 1653 | - * ciphertext attacks unless you implement some |
|
| 1654 | - * other mitigation to the ciphertext (i.e. |
|
| 1655 | - * Encrypt then MAC) |
|
| 1656 | - * @throws Error |
|
| 1657 | - * @throws TypeError |
|
| 1658 | - */ |
|
| 1659 | - public static function crypto_stream_xor($message, $nonce, $key) |
|
| 1660 | - { |
|
| 1661 | - /* Type checks: */ |
|
| 1662 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1663 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1664 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1665 | - |
|
| 1666 | - /* Input validation: */ |
|
| 1667 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { |
|
| 1668 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1669 | - } |
|
| 1670 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) { |
|
| 1671 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1672 | - } |
|
| 1673 | - |
|
| 1674 | - if (self::isPhp72OrGreater()) { |
|
| 1675 | - return sodium_crypto_stream_xor($message, $nonce, $key); |
|
| 1676 | - } |
|
| 1677 | - if (self::use_fallback('crypto_stream_xor')) { |
|
| 1678 | - return call_user_func('\\Sodium\\crypto_stream_xor', $message, $nonce, $key); |
|
| 1679 | - } |
|
| 1680 | - if (PHP_INT_SIZE === 4) { |
|
| 1681 | - return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20_xor($message, $nonce, $key); |
|
| 1682 | - } |
|
| 1683 | - return ParagonIE_Sodium_Core_XSalsa20::xsalsa20_xor($message, $nonce, $key); |
|
| 1684 | - } |
|
| 1685 | - |
|
| 1686 | - /** |
|
| 1687 | - * Returns a signed message. You probably want crypto_sign_detached() |
|
| 1688 | - * instead, which only returns the signature. |
|
| 1689 | - * |
|
| 1690 | - * Algorithm: Ed25519 (EdDSA over Curve25519) |
|
| 1691 | - * |
|
| 1692 | - * @param string $message Message to be signed. |
|
| 1693 | - * @param string $secretKey Secret signing key. |
|
| 1694 | - * @return string Signed message (signature is prefixed). |
|
| 1695 | - * @throws Error |
|
| 1696 | - * @throws TypeError |
|
| 1697 | - */ |
|
| 1698 | - public static function crypto_sign($message, $secretKey) |
|
| 1699 | - { |
|
| 1700 | - /* Type checks: */ |
|
| 1701 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1702 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
|
| 1703 | - |
|
| 1704 | - /* Input validation: */ |
|
| 1705 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1706 | - throw new Error('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1707 | - } |
|
| 1708 | - |
|
| 1709 | - if (self::isPhp72OrGreater()) { |
|
| 1710 | - return sodium_crypto_sign($message, $secretKey); |
|
| 1711 | - } |
|
| 1712 | - if (self::use_fallback('crypto_sign')) { |
|
| 1713 | - return call_user_func('\\Sodium\\crypto_sign', $message, $secretKey); |
|
| 1714 | - } |
|
| 1715 | - if (PHP_INT_SIZE === 4) { |
|
| 1716 | - return ParagonIE_Sodium_Crypto32::sign($message, $secretKey); |
|
| 1717 | - } |
|
| 1718 | - return ParagonIE_Sodium_Crypto::sign($message, $secretKey); |
|
| 1719 | - } |
|
| 1720 | - |
|
| 1721 | - /** |
|
| 1722 | - * Validates a signed message then returns the message. |
|
| 1723 | - * |
|
| 1724 | - * @param string $signedMessage A signed message |
|
| 1725 | - * @param string $publicKey A public key |
|
| 1726 | - * @return string The original message (if the signature is |
|
| 1727 | - * valid for this public key) |
|
| 1728 | - * @throws Error |
|
| 1729 | - * @throws TypeError |
|
| 1730 | - */ |
|
| 1731 | - public static function crypto_sign_open($signedMessage, $publicKey) |
|
| 1732 | - { |
|
| 1733 | - /* Type checks: */ |
|
| 1734 | - ParagonIE_Sodium_Core_Util::declareScalarType($signedMessage, 'string', 1); |
|
| 1735 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 1736 | - |
|
| 1737 | - /* Input validation: */ |
|
| 1738 | - if (ParagonIE_Sodium_Core_Util::strlen($signedMessage) < self::CRYPTO_SIGN_BYTES) { |
|
| 1739 | - throw new Error('Argument 1 must be at least CRYPTO_SIGN_BYTES long.'); |
|
| 1740 | - } |
|
| 1741 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_SIGN_PUBLICKEYBYTES) { |
|
| 1742 | - throw new Error('Argument 2 must be CRYPTO_SIGN_PUBLICKEYBYTES long.'); |
|
| 1743 | - } |
|
| 1744 | - |
|
| 1745 | - if (self::isPhp72OrGreater()) { |
|
| 1746 | - return sodium_crypto_sign_open($signedMessage, $publicKey); |
|
| 1747 | - } |
|
| 1748 | - if (self::use_fallback('crypto_sign_open')) { |
|
| 1749 | - return call_user_func('\\Sodium\\crypto_sign_open', $signedMessage, $publicKey); |
|
| 1750 | - } |
|
| 1751 | - if (PHP_INT_SIZE === 4) { |
|
| 1752 | - return ParagonIE_Sodium_Crypto32::sign_open($signedMessage, $publicKey); |
|
| 1753 | - } |
|
| 1754 | - return ParagonIE_Sodium_Crypto::sign_open($signedMessage, $publicKey); |
|
| 1755 | - } |
|
| 1756 | - |
|
| 1757 | - /** |
|
| 1758 | - * Generate a new random Ed25519 keypair. |
|
| 1759 | - * |
|
| 1760 | - * @return string |
|
| 1761 | - */ |
|
| 1762 | - public static function crypto_sign_keypair() |
|
| 1763 | - { |
|
| 1764 | - if (self::isPhp72OrGreater()) { |
|
| 1765 | - return sodium_crypto_sign_keypair(); |
|
| 1766 | - } |
|
| 1767 | - if (self::use_fallback('crypto_sign_keypair')) { |
|
| 1768 | - return call_user_func( |
|
| 1769 | - '\\Sodium\\crypto_sign_keypair' |
|
| 1770 | - ); |
|
| 1771 | - } |
|
| 1772 | - if (PHP_INT_SIZE === 4) { |
|
| 1773 | - return ParagonIE_Sodium_Core32_Ed25519::keypair(); |
|
| 1774 | - } |
|
| 1775 | - return ParagonIE_Sodium_Core_Ed25519::keypair(); |
|
| 1776 | - } |
|
| 1777 | - |
|
| 1778 | - /** |
|
| 1779 | - * Generate an Ed25519 keypair from a seed. |
|
| 1780 | - * |
|
| 1781 | - * @param string $seed Input seed |
|
| 1782 | - * @return string Keypair |
|
| 1783 | - */ |
|
| 1784 | - public static function crypto_sign_seed_keypair($seed) |
|
| 1785 | - { |
|
| 1786 | - ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
|
| 1787 | - |
|
| 1788 | - if (self::isPhp72OrGreater()) { |
|
| 1789 | - return sodium_crypto_sign_seed_keypair($seed); |
|
| 1790 | - } |
|
| 1791 | - if (self::use_fallback('crypto_sign_keypair')) { |
|
| 1792 | - return call_user_func('\\Sodium\\crypto_sign_seed_keypair', $seed); |
|
| 1793 | - } |
|
| 1794 | - $publicKey = ''; |
|
| 1795 | - $secretKey = ''; |
|
| 1796 | - if (PHP_INT_SIZE === 4) { |
|
| 1797 | - ParagonIE_Sodium_Core32_Ed25519::seed_keypair($publicKey, $secretKey, $seed); |
|
| 1798 | - } else { |
|
| 1799 | - ParagonIE_Sodium_Core_Ed25519::seed_keypair($publicKey, $secretKey, $seed); |
|
| 1800 | - } |
|
| 1801 | - return $secretKey . $publicKey; |
|
| 1802 | - } |
|
| 1803 | - |
|
| 1804 | - /** |
|
| 1805 | - * Extract an Ed25519 public key from an Ed25519 keypair. |
|
| 1806 | - * |
|
| 1807 | - * @param string $keypair Keypair |
|
| 1808 | - * @return string Public key |
|
| 1809 | - * @throws Error |
|
| 1810 | - * @throws TypeError |
|
| 1811 | - */ |
|
| 1812 | - public static function crypto_sign_publickey($keypair) |
|
| 1813 | - { |
|
| 1814 | - /* Type checks: */ |
|
| 1815 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 1816 | - |
|
| 1817 | - /* Input validation: */ |
|
| 1818 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { |
|
| 1819 | - throw new Error('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); |
|
| 1820 | - } |
|
| 1821 | - |
|
| 1822 | - if (self::isPhp72OrGreater()) { |
|
| 1823 | - return sodium_crypto_sign_publickey($keypair); |
|
| 1824 | - } |
|
| 1825 | - if (self::use_fallback('crypto_sign_publickey')) { |
|
| 1826 | - return call_user_func('\\Sodium\\crypto_sign_publickey', $keypair); |
|
| 1827 | - } |
|
| 1828 | - if (PHP_INT_SIZE === 4) { |
|
| 1829 | - return ParagonIE_Sodium_Core32_Ed25519::publickey($keypair); |
|
| 1830 | - } |
|
| 1831 | - return ParagonIE_Sodium_Core_Ed25519::publickey($keypair); |
|
| 1832 | - } |
|
| 1833 | - |
|
| 1834 | - /** |
|
| 1835 | - * Calculate an Ed25519 public key from an Ed25519 secret key. |
|
| 1836 | - * |
|
| 1837 | - * @param string $secretKey Your Ed25519 secret key |
|
| 1838 | - * @return string The corresponding Ed25519 public key |
|
| 1839 | - * @throws Error |
|
| 1840 | - * @throws TypeError |
|
| 1841 | - */ |
|
| 1842 | - public static function crypto_sign_publickey_from_secretkey($secretKey) |
|
| 1843 | - { |
|
| 1844 | - /* Type checks: */ |
|
| 1845 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1846 | - |
|
| 1847 | - /* Input validation: */ |
|
| 1848 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1849 | - throw new Error('Argument 1 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1850 | - } |
|
| 1851 | - |
|
| 1852 | - if (self::isPhp72OrGreater()) { |
|
| 1853 | - return sodium_crypto_sign_publickey_from_secretkey($secretKey); |
|
| 1854 | - } |
|
| 1855 | - if (self::use_fallback('crypto_sign_publickey_from_secretkey')) { |
|
| 1856 | - return call_user_func('\\Sodium\\crypto_sign_publickey_from_secretkey', $secretKey); |
|
| 1857 | - } |
|
| 1858 | - if (PHP_INT_SIZE === 4) { |
|
| 1859 | - return ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); |
|
| 1860 | - } |
|
| 1861 | - return ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); |
|
| 1862 | - } |
|
| 1863 | - |
|
| 1864 | - /** |
|
| 1865 | - * Extract an Ed25519 secret key from an Ed25519 keypair. |
|
| 1866 | - * |
|
| 1867 | - * @param string $keypair Keypair |
|
| 1868 | - * @return string Secret key |
|
| 1869 | - * @throws Error |
|
| 1870 | - * @throws TypeError |
|
| 1871 | - */ |
|
| 1872 | - public static function crypto_sign_secretkey($keypair) |
|
| 1873 | - { |
|
| 1874 | - /* Type checks: */ |
|
| 1875 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 1876 | - |
|
| 1877 | - /* Input validation: */ |
|
| 1878 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { |
|
| 1879 | - throw new Error('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); |
|
| 1880 | - } |
|
| 1881 | - |
|
| 1882 | - if (self::isPhp72OrGreater()) { |
|
| 1883 | - return sodium_crypto_sign_secretkey($keypair); |
|
| 1884 | - } |
|
| 1885 | - if (self::use_fallback('crypto_sign_secretkey')) { |
|
| 1886 | - return call_user_func('\\Sodium\\crypto_sign_secretkey', $keypair); |
|
| 1887 | - } |
|
| 1888 | - if (PHP_INT_SIZE === 4) { |
|
| 1889 | - return ParagonIE_Sodium_Core32_Ed25519::secretkey($keypair); |
|
| 1890 | - } |
|
| 1891 | - return ParagonIE_Sodium_Core_Ed25519::secretkey($keypair); |
|
| 1892 | - } |
|
| 1893 | - |
|
| 1894 | - /** |
|
| 1895 | - * Calculate the Ed25519 signature of a message and return ONLY the signature. |
|
| 1896 | - * |
|
| 1897 | - * Algorithm: Ed25519 (EdDSA over Curve25519) |
|
| 1898 | - * |
|
| 1899 | - * @param string $message Message to be signed |
|
| 1900 | - * @param string $secretKey Secret signing key |
|
| 1901 | - * @return string Digital signature |
|
| 1902 | - * @throws Error |
|
| 1903 | - * @throws TypeError |
|
| 1904 | - */ |
|
| 1905 | - public static function crypto_sign_detached($message, $secretKey) |
|
| 1906 | - { |
|
| 1907 | - /* Type checks: */ |
|
| 1908 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1909 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
|
| 1910 | - |
|
| 1911 | - /* Input validation: */ |
|
| 1912 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1913 | - throw new Error('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1914 | - } |
|
| 1915 | - |
|
| 1916 | - if (self::isPhp72OrGreater()) { |
|
| 1917 | - return sodium_crypto_sign_detached($message, $secretKey); |
|
| 1918 | - } |
|
| 1919 | - if (self::use_fallback('crypto_sign_detached')) { |
|
| 1920 | - return call_user_func('\\Sodium\\crypto_sign_detached', $message, $secretKey); |
|
| 1921 | - } |
|
| 1922 | - if (PHP_INT_SIZE === 4) { |
|
| 1923 | - return ParagonIE_Sodium_Crypto32::sign_detached($message, $secretKey); |
|
| 1924 | - } |
|
| 1925 | - return ParagonIE_Sodium_Crypto::sign_detached($message, $secretKey); |
|
| 1926 | - } |
|
| 1927 | - |
|
| 1928 | - /** |
|
| 1929 | - * Verify the Ed25519 signature of a message. |
|
| 1930 | - * |
|
| 1931 | - * @param string $signature Digital sginature |
|
| 1932 | - * @param string $message Message to be verified |
|
| 1933 | - * @param string $publicKey Public key |
|
| 1934 | - * @return bool TRUE if this signature is good for this public key; |
|
| 1935 | - * FALSE otherwise |
|
| 1936 | - * @throws Error |
|
| 1937 | - * @throws TypeError |
|
| 1938 | - */ |
|
| 1939 | - public static function crypto_sign_verify_detached($signature, $message, $publicKey) |
|
| 1940 | - { |
|
| 1941 | - /* Type checks: */ |
|
| 1942 | - ParagonIE_Sodium_Core_Util::declareScalarType($signature, 'string', 1); |
|
| 1943 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 1944 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 3); |
|
| 1945 | - |
|
| 1946 | - /* Input validation: */ |
|
| 1947 | - if (ParagonIE_Sodium_Core_Util::strlen($signature) !== self::CRYPTO_SIGN_BYTES) { |
|
| 1948 | - throw new Error('Argument 1 must be CRYPTO_SIGN_BYTES long.'); |
|
| 1949 | - } |
|
| 1950 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_SIGN_PUBLICKEYBYTES) { |
|
| 1951 | - throw new Error('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES long.'); |
|
| 1952 | - } |
|
| 1953 | - |
|
| 1954 | - if (self::isPhp72OrGreater()) { |
|
| 1955 | - return sodium_crypto_sign_verify_detached($signature, $message, $publicKey); |
|
| 1956 | - } |
|
| 1957 | - if (self::use_fallback('crypto_sign_verify_detached')) { |
|
| 1958 | - return call_user_func('\\Sodium\\crypto_sign_verify_detached', $signature, $message, $publicKey); |
|
| 1959 | - } |
|
| 1960 | - if (PHP_INT_SIZE === 4) { |
|
| 1961 | - return ParagonIE_Sodium_Crypto32::sign_verify_detached($signature, $message, $publicKey); |
|
| 1962 | - } |
|
| 1963 | - return ParagonIE_Sodium_Crypto::sign_verify_detached($signature, $message, $publicKey); |
|
| 1964 | - } |
|
| 1965 | - |
|
| 1966 | - /** |
|
| 1967 | - * Convert an Ed25519 secret key to a Curve25519 secret key |
|
| 1968 | - * |
|
| 1969 | - * @param string $sk |
|
| 1970 | - * @return string |
|
| 1971 | - * @throws Error |
|
| 1972 | - */ |
|
| 1973 | - public static function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 1974 | - { |
|
| 1975 | - /* Type checks: */ |
|
| 1976 | - ParagonIE_Sodium_Core_Util::declareScalarType($sk, 'string', 1); |
|
| 1977 | - |
|
| 1978 | - /* Input validation: */ |
|
| 1979 | - if (ParagonIE_Sodium_Core_Util::strlen($sk) < self::CRYPTO_SIGN_SEEDBYTES) { |
|
| 1980 | - throw new Error('Argument 1 must be at least CRYPTO_SIGN_SEEDBYTES long.'); |
|
| 1981 | - } |
|
| 1982 | - if (self::isPhp72OrGreater()) { |
|
| 1983 | - if (is_callable('crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 1984 | - return sodium_crypto_sign_ed25519_sk_to_curve25519($sk); |
|
| 1985 | - } |
|
| 1986 | - } |
|
| 1987 | - if (self::use_fallback('crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 1988 | - return call_user_func('\\Sodium\\crypto_sign_ed25519_sk_to_curve25519', $sk); |
|
| 1989 | - } |
|
| 1990 | - |
|
| 1991 | - $h = hash('sha512', ParagonIE_Sodium_Core_Util::substr($sk, 0, 32), true); |
|
| 1992 | - $h[0] = ParagonIE_Sodium_Core_Util::intToChr( |
|
| 1993 | - ParagonIE_Sodium_Core_Util::chrToInt($h[0]) & 248 |
|
| 1994 | - ); |
|
| 1995 | - $h[31] = ParagonIE_Sodium_Core_Util::intToChr( |
|
| 1996 | - (ParagonIE_Sodium_Core_Util::chrToInt($h[31]) & 127) | 64 |
|
| 1997 | - ); |
|
| 1998 | - return ParagonIE_Sodium_Core_Util::substr($h, 0, 32); |
|
| 1999 | - } |
|
| 2000 | - |
|
| 2001 | - /** |
|
| 2002 | - * Cache-timing-safe implementation of hex2bin(). |
|
| 2003 | - * |
|
| 2004 | - * @param string $string Hexadecimal string |
|
| 2005 | - * @return string Raw binary string |
|
| 2006 | - * @throws TypeError |
|
| 2007 | - */ |
|
| 2008 | - public static function hex2bin($string) |
|
| 2009 | - { |
|
| 2010 | - /* Type checks: */ |
|
| 2011 | - ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
|
| 2012 | - |
|
| 2013 | - if (self::isPhp72OrGreater()) { |
|
| 2014 | - return sodium_hex2bin($string); |
|
| 2015 | - } |
|
| 2016 | - if (self::use_fallback('hex2bin')) { |
|
| 2017 | - return call_user_func('\\Sodium\\hex2bin', $string); |
|
| 2018 | - } |
|
| 2019 | - return ParagonIE_Sodium_Core_Util::hex2bin($string); |
|
| 2020 | - } |
|
| 2021 | - |
|
| 2022 | - /** |
|
| 2023 | - * Increase a string (little endian) |
|
| 2024 | - * |
|
| 2025 | - * @param string $var |
|
| 2026 | - * |
|
| 2027 | - * @return void |
|
| 2028 | - * @throws Error (Unless libsodium is installed) |
|
| 2029 | - */ |
|
| 2030 | - public static function increment(&$var) |
|
| 2031 | - { |
|
| 2032 | - /* Type checks: */ |
|
| 2033 | - ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
|
| 2034 | - |
|
| 2035 | - if (self::isPhp72OrGreater()) { |
|
| 2036 | - sodium_increment($var); |
|
| 2037 | - return; |
|
| 2038 | - } |
|
| 2039 | - if (self::use_fallback('increment')) { |
|
| 2040 | - @call_user_func('\\Sodium\\increment', $var); |
|
| 2041 | - return; |
|
| 2042 | - } |
|
| 2043 | - |
|
| 2044 | - $len = ParagonIE_Sodium_Core_Util::strlen($var); |
|
| 2045 | - $c = 1; |
|
| 2046 | - $copy = ''; |
|
| 2047 | - for ($i = 0; $i < $len; ++$i) { |
|
| 2048 | - $c += ParagonIE_Sodium_Core_Util::chrToInt( |
|
| 2049 | - ParagonIE_Sodium_Core_Util::substr($var, $i, 1) |
|
| 2050 | - ); |
|
| 2051 | - $copy .= ParagonIE_Sodium_Core_Util::intToChr($c); |
|
| 2052 | - $c >>= 8; |
|
| 2053 | - } |
|
| 2054 | - $var = $copy; |
|
| 2055 | - } |
|
| 2056 | - |
|
| 2057 | - /** |
|
| 2058 | - * The equivalent to the libsodium minor version we aim to be compatible |
|
| 2059 | - * with (sans pwhash and memzero). |
|
| 2060 | - * |
|
| 2061 | - * @return int |
|
| 2062 | - */ |
|
| 2063 | - public static function library_version_major() |
|
| 2064 | - { |
|
| 2065 | - if (self::isPhp72OrGreater()) { |
|
| 2066 | - return sodium_library_version_major(); |
|
| 2067 | - } |
|
| 2068 | - if (self::use_fallback('library_version_major')) { |
|
| 2069 | - return (int) call_user_func('\\Sodium\\library_version_major'); |
|
| 2070 | - } |
|
| 2071 | - return self::LIBRARY_VERSION_MAJOR; |
|
| 2072 | - } |
|
| 2073 | - |
|
| 2074 | - /** |
|
| 2075 | - * The equivalent to the libsodium minor version we aim to be compatible |
|
| 2076 | - * with (sans pwhash and memzero). |
|
| 2077 | - * |
|
| 2078 | - * @return int |
|
| 2079 | - */ |
|
| 2080 | - public static function library_version_minor() |
|
| 2081 | - { |
|
| 2082 | - if (self::isPhp72OrGreater()) { |
|
| 2083 | - return sodium_library_version_minor(); |
|
| 2084 | - } |
|
| 2085 | - if (self::use_fallback('library_version_minor')) { |
|
| 2086 | - return (int) call_user_func('\\Sodium\\library_version_minor'); |
|
| 2087 | - } |
|
| 2088 | - return self::LIBRARY_VERSION_MINOR; |
|
| 2089 | - } |
|
| 2090 | - |
|
| 2091 | - /** |
|
| 2092 | - * Compare two strings. |
|
| 2093 | - * |
|
| 2094 | - * @param string $left |
|
| 2095 | - * @param string $right |
|
| 2096 | - * @return int |
|
| 2097 | - * @throws TypeError |
|
| 2098 | - */ |
|
| 2099 | - public static function memcmp($left, $right) |
|
| 2100 | - { |
|
| 2101 | - /* Type checks: */ |
|
| 2102 | - ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
|
| 2103 | - ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
|
| 2104 | - |
|
| 2105 | - if (self::use_fallback('memcmp')) { |
|
| 2106 | - return call_user_func('\\Sodium\\memcmp', $left, $right); |
|
| 2107 | - } |
|
| 2108 | - return ParagonIE_Sodium_Core_Util::memcmp($left, $right); |
|
| 2109 | - } |
|
| 2110 | - |
|
| 2111 | - /** |
|
| 2112 | - * It's actually not possible to zero memory buffers in PHP. You need the |
|
| 2113 | - * native library for that. |
|
| 2114 | - * |
|
| 2115 | - * @param string|null $var |
|
| 2116 | - * |
|
| 2117 | - * @return void |
|
| 2118 | - * @throws Error (Unless libsodium is installed) |
|
| 2119 | - */ |
|
| 2120 | - public static function memzero(&$var) |
|
| 2121 | - { |
|
| 2122 | - /* Type checks: */ |
|
| 2123 | - ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
|
| 2124 | - |
|
| 2125 | - if (self::isPhp72OrGreater()) { |
|
| 2126 | - sodium_memzero($var); |
|
| 2127 | - return; |
|
| 2128 | - } |
|
| 2129 | - if (self::use_fallback('memzero')) { |
|
| 2130 | - @call_user_func('\\Sodium\\memzero', $var); |
|
| 2131 | - return; |
|
| 2132 | - } |
|
| 2133 | - // This is the best we can do. |
|
| 2134 | - throw new Error( |
|
| 2135 | - 'This is not implemented, as it is not possible to securely wipe memory from PHP' |
|
| 2136 | - ); |
|
| 2137 | - } |
|
| 2138 | - |
|
| 2139 | - /** |
|
| 2140 | - * Generate a string of bytes from the kernel's CSPRNG. |
|
| 2141 | - * Proudly uses /dev/urandom (if getrandom(2) is not available). |
|
| 2142 | - * |
|
| 2143 | - * @param int $numBytes |
|
| 2144 | - * @return string |
|
| 2145 | - * @throws TypeError |
|
| 2146 | - */ |
|
| 2147 | - public static function randombytes_buf($numBytes) |
|
| 2148 | - { |
|
| 2149 | - /* Type checks: */ |
|
| 2150 | - if (!is_int($numBytes)) { |
|
| 2151 | - if (is_numeric($numBytes)) { |
|
| 2152 | - $numBytes = (int)$numBytes; |
|
| 2153 | - } else { |
|
| 2154 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($numBytes) . ' given.'); |
|
| 2155 | - } |
|
| 2156 | - } |
|
| 2157 | - if (self::use_fallback('randombytes_buf')) { |
|
| 2158 | - return call_user_func('\\Sodium\\randombytes_buf', $numBytes); |
|
| 2159 | - } |
|
| 2160 | - return random_bytes($numBytes); |
|
| 2161 | - } |
|
| 2162 | - |
|
| 2163 | - /** |
|
| 2164 | - * Generate an integer between 0 and $range (non-inclusive). |
|
| 2165 | - * |
|
| 2166 | - * @param int $range |
|
| 2167 | - * @return int |
|
| 2168 | - * @throws TypeError |
|
| 2169 | - */ |
|
| 2170 | - public static function randombytes_uniform($range) |
|
| 2171 | - { |
|
| 2172 | - /* Type checks: */ |
|
| 2173 | - if (!is_int($range)) { |
|
| 2174 | - if (is_numeric($range)) { |
|
| 2175 | - $range = (int)$range; |
|
| 2176 | - } else { |
|
| 2177 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($range) . ' given.'); |
|
| 2178 | - } |
|
| 2179 | - } |
|
| 2180 | - if (self::use_fallback('randombytes_uniform')) { |
|
| 2181 | - return (int) call_user_func('\\Sodium\\randombytes_uniform', $range); |
|
| 2182 | - } |
|
| 2183 | - return random_int(0, $range - 1); |
|
| 2184 | - } |
|
| 2185 | - |
|
| 2186 | - /** |
|
| 2187 | - * Generate a random 16-bit integer. |
|
| 2188 | - * |
|
| 2189 | - * @return int |
|
| 2190 | - */ |
|
| 2191 | - public static function randombytes_random16() |
|
| 2192 | - { |
|
| 2193 | - if (self::use_fallback('randombytes_random16')) { |
|
| 2194 | - return (int) call_user_func('\\Sodium\\randombytes_random16'); |
|
| 2195 | - } |
|
| 2196 | - return random_int(0, 65535); |
|
| 2197 | - } |
|
| 2198 | - |
|
| 2199 | - /** |
|
| 2200 | - * This emulates libsodium's version_string() function, except ours is |
|
| 2201 | - * prefixed with 'polyfill-'. |
|
| 2202 | - * |
|
| 2203 | - * @return string |
|
| 2204 | - */ |
|
| 2205 | - public static function version_string() |
|
| 2206 | - { |
|
| 2207 | - if (self::isPhp72OrGreater()) { |
|
| 2208 | - return sodium_version_string(); |
|
| 2209 | - } |
|
| 2210 | - if (self::use_fallback('version_string')) { |
|
| 2211 | - return (string) call_user_func('\\Sodium\\version_string'); |
|
| 2212 | - } |
|
| 2213 | - return self::VERSION_STRING; |
|
| 2214 | - } |
|
| 2215 | - |
|
| 2216 | - /** |
|
| 2217 | - * Should we use the libsodium core function instead? |
|
| 2218 | - * This is always a good idea, if it's available. (Unless we're in the |
|
| 2219 | - * middle of running our unit test suite.) |
|
| 2220 | - * |
|
| 2221 | - * If ext/libsodium is available, use it. Return TRUE. |
|
| 2222 | - * Otherwise, we have to use the code provided herein. Return FALSE. |
|
| 2223 | - * |
|
| 2224 | - * @param string $sodium_func_name |
|
| 2225 | - * |
|
| 2226 | - * @return bool |
|
| 2227 | - */ |
|
| 2228 | - protected static function use_fallback($sodium_func_name = '') |
|
| 2229 | - { |
|
| 2230 | - static $res = null; |
|
| 2231 | - if ($res === null) { |
|
| 2232 | - $res = extension_loaded('libsodium') && PHP_VERSION_ID >= 50300; |
|
| 2233 | - } |
|
| 2234 | - if (PHP_INT_SIZE === 4) { |
|
| 2235 | - if ($res && is_callable('\\Sodium\\' . $sodium_func_name)) { |
|
| 2236 | - // We can safely just offload to the PECL extension |
|
| 2237 | - return true; |
|
| 2238 | - } |
|
| 2239 | - /* |
|
| 30 | + /** |
|
| 31 | + * This parameter prevents the use of the PECL extension. |
|
| 32 | + * It should only be used for unit testing. |
|
| 33 | + * |
|
| 34 | + * @var bool |
|
| 35 | + */ |
|
| 36 | + public static $disableFallbackForUnitTests = false; |
|
| 37 | + |
|
| 38 | + /** |
|
| 39 | + * Use fast multiplication rather than our constant-time multiplication |
|
| 40 | + * implementation. Can be enabled at runtime. Only enable this if you |
|
| 41 | + * are absolutely certain that there is no timing leak on your platform. |
|
| 42 | + * |
|
| 43 | + * @var bool |
|
| 44 | + */ |
|
| 45 | + public static $fastMult = false; |
|
| 46 | + |
|
| 47 | + const LIBRARY_VERSION_MAJOR = 9; |
|
| 48 | + const LIBRARY_VERSION_MINOR = 1; |
|
| 49 | + const VERSION_STRING = 'polyfill-1.0.8'; |
|
| 50 | + |
|
| 51 | + // From libsodium |
|
| 52 | + const CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES = 32; |
|
| 53 | + const CRYPTO_AEAD_CHACHA20POLY1305_NSECBYTES = 0; |
|
| 54 | + const CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES = 8; |
|
| 55 | + const CRYPTO_AEAD_CHACHA20POLY1305_ABYTES = 16; |
|
| 56 | + const CRYPTO_AEAD_CHACHA20POLY1305_IETF_KEYBYTES = 32; |
|
| 57 | + const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NSECBYTES = 0; |
|
| 58 | + const CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES = 12; |
|
| 59 | + const CRYPTO_AEAD_CHACHA20POLY1305_IETF_ABYTES = 16; |
|
| 60 | + const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES = 32; |
|
| 61 | + const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NSECBYTES = 0; |
|
| 62 | + const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES = 24; |
|
| 63 | + const CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES = 16; |
|
| 64 | + const CRYPTO_AUTH_BYTES = 32; |
|
| 65 | + const CRYPTO_AUTH_KEYBYTES = 32; |
|
| 66 | + const CRYPTO_BOX_SEALBYTES = 16; |
|
| 67 | + const CRYPTO_BOX_SECRETKEYBYTES = 32; |
|
| 68 | + const CRYPTO_BOX_PUBLICKEYBYTES = 32; |
|
| 69 | + const CRYPTO_BOX_KEYPAIRBYTES = 64; |
|
| 70 | + const CRYPTO_BOX_MACBYTES = 16; |
|
| 71 | + const CRYPTO_BOX_NONCEBYTES = 24; |
|
| 72 | + const CRYPTO_BOX_SEEDBYTES = 32; |
|
| 73 | + const CRYPTO_KX_BYTES = 32; |
|
| 74 | + const CRYPTO_KX_PUBLICKEYBYTES = 32; |
|
| 75 | + const CRYPTO_KX_SECRETKEYBYTES = 32; |
|
| 76 | + const CRYPTO_GENERICHASH_BYTES = 32; |
|
| 77 | + const CRYPTO_GENERICHASH_BYTES_MIN = 16; |
|
| 78 | + const CRYPTO_GENERICHASH_BYTES_MAX = 64; |
|
| 79 | + const CRYPTO_GENERICHASH_KEYBYTES = 32; |
|
| 80 | + const CRYPTO_GENERICHASH_KEYBYTES_MIN = 16; |
|
| 81 | + const CRYPTO_GENERICHASH_KEYBYTES_MAX = 64; |
|
| 82 | + const CRYPTO_PWHASH_SALTBYTES = 16; |
|
| 83 | + const CRYPTO_PWHASH_STRPREFIX = '$argon2i$'; |
|
| 84 | + const CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE = 33554432; |
|
| 85 | + const CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE = 4; |
|
| 86 | + const CRYPTO_PWHASH_MEMLIMIT_MODERATE = 134217728; |
|
| 87 | + const CRYPTO_PWHASH_OPSLIMIT_MODERATE = 6; |
|
| 88 | + const CRYPTO_PWHASH_MEMLIMIT_SENSITIVE = 536870912; |
|
| 89 | + const CRYPTO_PWHASH_OPSLIMIT_SENSITIVE = 8; |
|
| 90 | + const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_SALTBYTES = 32; |
|
| 91 | + const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_STRPREFIX = '$7$'; |
|
| 92 | + const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_INTERACTIVE = 534288; |
|
| 93 | + const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_INTERACTIVE = 16777216; |
|
| 94 | + const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_OPSLIMIT_SENSITIVE = 33554432; |
|
| 95 | + const CRYPTO_PWHASH_SCRYPTSALSA208SHA256_MEMLIMIT_SENSITIVE = 1073741824; |
|
| 96 | + const CRYPTO_SCALARMULT_BYTES = 32; |
|
| 97 | + const CRYPTO_SCALARMULT_SCALARBYTES = 32; |
|
| 98 | + const CRYPTO_SHORTHASH_BYTES = 8; |
|
| 99 | + const CRYPTO_SHORTHASH_KEYBYTES = 16; |
|
| 100 | + const CRYPTO_SECRETBOX_KEYBYTES = 32; |
|
| 101 | + const CRYPTO_SECRETBOX_MACBYTES = 16; |
|
| 102 | + const CRYPTO_SECRETBOX_NONCEBYTES = 24; |
|
| 103 | + const CRYPTO_SIGN_BYTES = 64; |
|
| 104 | + const CRYPTO_SIGN_SEEDBYTES = 32; |
|
| 105 | + const CRYPTO_SIGN_PUBLICKEYBYTES = 32; |
|
| 106 | + const CRYPTO_SIGN_SECRETKEYBYTES = 64; |
|
| 107 | + const CRYPTO_SIGN_KEYPAIRBYTES = 96; |
|
| 108 | + const CRYPTO_STREAM_KEYBYTES = 32; |
|
| 109 | + const CRYPTO_STREAM_NONCEBYTES = 24; |
|
| 110 | + |
|
| 111 | + /** |
|
| 112 | + * Cache-timing-safe implementation of bin2hex(). |
|
| 113 | + * |
|
| 114 | + * @param string $string A string (probably raw binary) |
|
| 115 | + * @return string A hexadecimal-encoded string |
|
| 116 | + * @throws TypeError |
|
| 117 | + */ |
|
| 118 | + public static function bin2hex($string) |
|
| 119 | + { |
|
| 120 | + /* Type checks: */ |
|
| 121 | + ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
|
| 122 | + |
|
| 123 | + if (self::isPhp72OrGreater()) { |
|
| 124 | + return bin2hex($string); |
|
| 125 | + } |
|
| 126 | + if (self::use_fallback('bin2hex')) { |
|
| 127 | + return call_user_func('\\Sodium\\bin2hex', $string); |
|
| 128 | + } |
|
| 129 | + return ParagonIE_Sodium_Core_Util::bin2hex($string); |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + /** |
|
| 133 | + * Compare two strings, in constant-time. |
|
| 134 | + * Compared to memcmp(), compare() is more useful for sorting. |
|
| 135 | + * |
|
| 136 | + * @param string $left The left operand; must be a string |
|
| 137 | + * @param string $right The right operand; must be a string |
|
| 138 | + * @return int < 0 if the left operand is less than the right |
|
| 139 | + * 0 if both strings are equal |
|
| 140 | + * > 0 if the right operand is less than the left |
|
| 141 | + * @throws TypeError |
|
| 142 | + */ |
|
| 143 | + public static function compare($left, $right) |
|
| 144 | + { |
|
| 145 | + /* Type checks: */ |
|
| 146 | + ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
|
| 147 | + ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
|
| 148 | + |
|
| 149 | + if (self::isPhp72OrGreater()) { |
|
| 150 | + return sodium_compare($left, $right); |
|
| 151 | + } |
|
| 152 | + if (self::use_fallback('compare')) { |
|
| 153 | + return call_user_func('\\Sodium\\compare', $left, $right); |
|
| 154 | + } |
|
| 155 | + return ParagonIE_Sodium_Core_Util::compare($left, $right); |
|
| 156 | + } |
|
| 157 | + |
|
| 158 | + /** |
|
| 159 | + * Authenticated Encryption with Associated Data: Decryption |
|
| 160 | + * |
|
| 161 | + * Algorithm: |
|
| 162 | + * ChaCha20-Poly1305 |
|
| 163 | + * |
|
| 164 | + * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 165 | + * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 166 | + * |
|
| 167 | + * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) |
|
| 168 | + * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 169 | + * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 170 | + * @param string $key Encryption key |
|
| 171 | + * |
|
| 172 | + * @return string The original plaintext message |
|
| 173 | + * @throws Error |
|
| 174 | + * @throws TypeError |
|
| 175 | + */ |
|
| 176 | + public static function crypto_aead_chacha20poly1305_decrypt( |
|
| 177 | + $ciphertext = '', |
|
| 178 | + $assocData = '', |
|
| 179 | + $nonce = '', |
|
| 180 | + $key = '' |
|
| 181 | + ) { |
|
| 182 | + /* Type checks: */ |
|
| 183 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 184 | + ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 185 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 186 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 187 | + |
|
| 188 | + /* Input validation: */ |
|
| 189 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { |
|
| 190 | + throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); |
|
| 191 | + } |
|
| 192 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 193 | + throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 194 | + } |
|
| 195 | + if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES) { |
|
| 196 | + throw new Error('Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long'); |
|
| 197 | + } |
|
| 198 | + |
|
| 199 | + if (self::isPhp72OrGreater()) { |
|
| 200 | + return sodium_crypto_aead_chacha20poly1305_decrypt( |
|
| 201 | + $ciphertext, |
|
| 202 | + $assocData, |
|
| 203 | + $nonce, |
|
| 204 | + $key |
|
| 205 | + ); |
|
| 206 | + } |
|
| 207 | + if (self::use_fallback('crypto_aead_chacha20poly1305_decrypt')) { |
|
| 208 | + return call_user_func( |
|
| 209 | + '\\Sodium\\crypto_aead_chacha20poly1305_decrypt', |
|
| 210 | + $ciphertext, |
|
| 211 | + $assocData, |
|
| 212 | + $nonce, |
|
| 213 | + $key |
|
| 214 | + ); |
|
| 215 | + } |
|
| 216 | + if (PHP_INT_SIZE === 4) { |
|
| 217 | + return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_decrypt( |
|
| 218 | + $ciphertext, |
|
| 219 | + $assocData, |
|
| 220 | + $nonce, |
|
| 221 | + $key |
|
| 222 | + ); |
|
| 223 | + } |
|
| 224 | + return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_decrypt( |
|
| 225 | + $ciphertext, |
|
| 226 | + $assocData, |
|
| 227 | + $nonce, |
|
| 228 | + $key |
|
| 229 | + ); |
|
| 230 | + } |
|
| 231 | + |
|
| 232 | + /** |
|
| 233 | + * Authenticated Encryption with Associated Data |
|
| 234 | + * |
|
| 235 | + * Algorithm: |
|
| 236 | + * ChaCha20-Poly1305 |
|
| 237 | + * |
|
| 238 | + * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 239 | + * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 240 | + * |
|
| 241 | + * @param string $plaintext Message to be encrypted |
|
| 242 | + * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 243 | + * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 244 | + * @param string $key Encryption key |
|
| 245 | + * |
|
| 246 | + * @return string Ciphertext with a 16-byte Poly1305 message |
|
| 247 | + * authentication code appended |
|
| 248 | + * @throws Error |
|
| 249 | + * @throws TypeError |
|
| 250 | + */ |
|
| 251 | + public static function crypto_aead_chacha20poly1305_encrypt( |
|
| 252 | + $plaintext = '', |
|
| 253 | + $assocData = '', |
|
| 254 | + $nonce = '', |
|
| 255 | + $key = '' |
|
| 256 | + ) { |
|
| 257 | + /* Type checks: */ |
|
| 258 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 259 | + ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 260 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 261 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 262 | + |
|
| 263 | + /* Input validation: */ |
|
| 264 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { |
|
| 265 | + throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); |
|
| 266 | + } |
|
| 267 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 268 | + throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 269 | + } |
|
| 270 | + |
|
| 271 | + if (self::isPhp72OrGreater()) { |
|
| 272 | + return sodium_crypto_aead_chacha20poly1305_encrypt( |
|
| 273 | + $plaintext, |
|
| 274 | + $assocData, |
|
| 275 | + $nonce, |
|
| 276 | + $key |
|
| 277 | + ); |
|
| 278 | + } |
|
| 279 | + if (self::use_fallback('crypto_aead_chacha20poly1305_encrypt')) { |
|
| 280 | + return call_user_func( |
|
| 281 | + '\\Sodium\\crypto_aead_chacha20poly1305_encrypt', |
|
| 282 | + $plaintext, |
|
| 283 | + $assocData, |
|
| 284 | + $nonce, |
|
| 285 | + $key |
|
| 286 | + ); |
|
| 287 | + } |
|
| 288 | + if (PHP_INT_SIZE === 4) { |
|
| 289 | + return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_encrypt( |
|
| 290 | + $plaintext, |
|
| 291 | + $assocData, |
|
| 292 | + $nonce, |
|
| 293 | + $key |
|
| 294 | + ); |
|
| 295 | + } |
|
| 296 | + return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_encrypt( |
|
| 297 | + $plaintext, |
|
| 298 | + $assocData, |
|
| 299 | + $nonce, |
|
| 300 | + $key |
|
| 301 | + ); |
|
| 302 | + } |
|
| 303 | + |
|
| 304 | + /** |
|
| 305 | + * Authenticated Encryption with Associated Data: Decryption |
|
| 306 | + * |
|
| 307 | + * Algorithm: |
|
| 308 | + * ChaCha20-Poly1305 |
|
| 309 | + * |
|
| 310 | + * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 311 | + * Regular mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 312 | + * |
|
| 313 | + * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) |
|
| 314 | + * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 315 | + * @param string $nonce Number to be used only Once; must be 12 bytes |
|
| 316 | + * @param string $key Encryption key |
|
| 317 | + * |
|
| 318 | + * @return string The original plaintext message |
|
| 319 | + * @throws Error |
|
| 320 | + * @throws TypeError |
|
| 321 | + */ |
|
| 322 | + public static function crypto_aead_chacha20poly1305_ietf_decrypt( |
|
| 323 | + $ciphertext = '', |
|
| 324 | + $assocData = '', |
|
| 325 | + $nonce = '', |
|
| 326 | + $key = '' |
|
| 327 | + ) { |
|
| 328 | + /* Type checks: */ |
|
| 329 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 330 | + ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 331 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 332 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 333 | + |
|
| 334 | + /* Input validation: */ |
|
| 335 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 336 | + throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 337 | + } |
|
| 338 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 339 | + throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 340 | + } |
|
| 341 | + if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES) { |
|
| 342 | + throw new Error('Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long'); |
|
| 343 | + } |
|
| 344 | + |
|
| 345 | + if (self::isPhp72OrGreater()) { |
|
| 346 | + return sodium_crypto_aead_chacha20poly1305_ietf_decrypt( |
|
| 347 | + $ciphertext, |
|
| 348 | + $assocData, |
|
| 349 | + $nonce, |
|
| 350 | + $key |
|
| 351 | + ); |
|
| 352 | + } |
|
| 353 | + if (self::use_fallback('crypto_aead_chacha20poly1305_ietf_decrypt')) { |
|
| 354 | + return call_user_func( |
|
| 355 | + '\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt', |
|
| 356 | + $ciphertext, |
|
| 357 | + $assocData, |
|
| 358 | + $nonce, |
|
| 359 | + $key |
|
| 360 | + ); |
|
| 361 | + } |
|
| 362 | + if (PHP_INT_SIZE === 4) { |
|
| 363 | + return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_decrypt( |
|
| 364 | + $ciphertext, |
|
| 365 | + $assocData, |
|
| 366 | + $nonce, |
|
| 367 | + $key |
|
| 368 | + ); |
|
| 369 | + } |
|
| 370 | + return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_decrypt( |
|
| 371 | + $ciphertext, |
|
| 372 | + $assocData, |
|
| 373 | + $nonce, |
|
| 374 | + $key |
|
| 375 | + ); |
|
| 376 | + } |
|
| 377 | + |
|
| 378 | + /** |
|
| 379 | + * Authenticated Encryption with Associated Data |
|
| 380 | + * |
|
| 381 | + * Algorithm: |
|
| 382 | + * ChaCha20-Poly1305 |
|
| 383 | + * |
|
| 384 | + * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 385 | + * Regular mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 386 | + * |
|
| 387 | + * @param string $plaintext Message to be encrypted |
|
| 388 | + * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 389 | + * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 390 | + * @param string $key Encryption key |
|
| 391 | + * |
|
| 392 | + * @return string Ciphertext with a 16-byte Poly1305 message |
|
| 393 | + * authentication code appended |
|
| 394 | + * @throws Error |
|
| 395 | + * @throws TypeError |
|
| 396 | + */ |
|
| 397 | + public static function crypto_aead_chacha20poly1305_ietf_encrypt( |
|
| 398 | + $plaintext = '', |
|
| 399 | + $assocData = '', |
|
| 400 | + $nonce = '', |
|
| 401 | + $key = '' |
|
| 402 | + ) { |
|
| 403 | + /* Type checks: */ |
|
| 404 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 405 | + ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 406 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 407 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 408 | + |
|
| 409 | + /* Input validation: */ |
|
| 410 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 411 | + throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 412 | + } |
|
| 413 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 414 | + throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 415 | + } |
|
| 416 | + |
|
| 417 | + if (self::isPhp72OrGreater()) { |
|
| 418 | + return sodium_crypto_aead_chacha20poly1305_ietf_encrypt( |
|
| 419 | + $plaintext, |
|
| 420 | + $assocData, |
|
| 421 | + $nonce, |
|
| 422 | + $key |
|
| 423 | + ); |
|
| 424 | + } |
|
| 425 | + if (self::use_fallback('crypto_aead_chacha20poly1305_ietf_encrypt')) { |
|
| 426 | + return call_user_func( |
|
| 427 | + '\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt', |
|
| 428 | + $plaintext, |
|
| 429 | + $assocData, |
|
| 430 | + $nonce, |
|
| 431 | + $key |
|
| 432 | + ); |
|
| 433 | + } |
|
| 434 | + if (PHP_INT_SIZE === 4) { |
|
| 435 | + return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_encrypt( |
|
| 436 | + $plaintext, |
|
| 437 | + $assocData, |
|
| 438 | + $nonce, |
|
| 439 | + $key |
|
| 440 | + ); |
|
| 441 | + } |
|
| 442 | + return ParagonIE_Sodium_Crypto::aead_chacha20poly1305_ietf_encrypt( |
|
| 443 | + $plaintext, |
|
| 444 | + $assocData, |
|
| 445 | + $nonce, |
|
| 446 | + $key |
|
| 447 | + ); |
|
| 448 | + } |
|
| 449 | + |
|
| 450 | + /** |
|
| 451 | + * Authenticated Encryption with Associated Data: Decryption |
|
| 452 | + * |
|
| 453 | + * Algorithm: |
|
| 454 | + * XChaCha20-Poly1305 |
|
| 455 | + * |
|
| 456 | + * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 457 | + * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 458 | + * |
|
| 459 | + * @param string $ciphertext Encrypted message (with Poly1305 MAC appended) |
|
| 460 | + * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 461 | + * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 462 | + * @param string $key Encryption key |
|
| 463 | + * |
|
| 464 | + * @return string The original plaintext message |
|
| 465 | + * @throws Error |
|
| 466 | + * @throws TypeError |
|
| 467 | + */ |
|
| 468 | + public static function crypto_aead_xchacha20poly1305_ietf_decrypt( |
|
| 469 | + $ciphertext = '', |
|
| 470 | + $assocData = '', |
|
| 471 | + $nonce = '', |
|
| 472 | + $key = '' |
|
| 473 | + ) { |
|
| 474 | + /* Type checks: */ |
|
| 475 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 476 | + ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 477 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 478 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 479 | + |
|
| 480 | + /* Input validation: */ |
|
| 481 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 482 | + throw new Error('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 483 | + } |
|
| 484 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { |
|
| 485 | + throw new Error('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES long'); |
|
| 486 | + } |
|
| 487 | + if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES) { |
|
| 488 | + throw new Error('Message must be at least CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES long'); |
|
| 489 | + } |
|
| 490 | + |
|
| 491 | + if (PHP_INT_SIZE === 4) { |
|
| 492 | + return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_decrypt( |
|
| 493 | + $ciphertext, |
|
| 494 | + $assocData, |
|
| 495 | + $nonce, |
|
| 496 | + $key |
|
| 497 | + ); |
|
| 498 | + } |
|
| 499 | + return ParagonIE_Sodium_Crypto::aead_xchacha20poly1305_ietf_decrypt( |
|
| 500 | + $ciphertext, |
|
| 501 | + $assocData, |
|
| 502 | + $nonce, |
|
| 503 | + $key |
|
| 504 | + ); |
|
| 505 | + } |
|
| 506 | + |
|
| 507 | + /** |
|
| 508 | + * Authenticated Encryption with Associated Data |
|
| 509 | + * |
|
| 510 | + * Algorithm: |
|
| 511 | + * XChaCha20-Poly1305 |
|
| 512 | + * |
|
| 513 | + * This mode uses a 64-bit random nonce with a 64-bit counter. |
|
| 514 | + * IETF mode uses a 96-bit random nonce with a 32-bit counter. |
|
| 515 | + * |
|
| 516 | + * @param string $plaintext Message to be encrypted |
|
| 517 | + * @param string $assocData Authenticated Associated Data (unencrypted) |
|
| 518 | + * @param string $nonce Number to be used only Once; must be 8 bytes |
|
| 519 | + * @param string $key Encryption key |
|
| 520 | + * |
|
| 521 | + * @return string Ciphertext with a 16-byte Poly1305 message |
|
| 522 | + * authentication code appended |
|
| 523 | + * @throws Error |
|
| 524 | + * @throws TypeError |
|
| 525 | + */ |
|
| 526 | + public static function crypto_aead_xchacha20poly1305_ietf_encrypt( |
|
| 527 | + $plaintext = '', |
|
| 528 | + $assocData = '', |
|
| 529 | + $nonce = '', |
|
| 530 | + $key = '' |
|
| 531 | + ) { |
|
| 532 | + /* Type checks: */ |
|
| 533 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 534 | + ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 535 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 536 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 537 | + |
|
| 538 | + /* Input validation: */ |
|
| 539 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 540 | + throw new Error('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_NPUBBYTES long'); |
|
| 541 | + } |
|
| 542 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { |
|
| 543 | + throw new Error('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_KEYBYTES long'); |
|
| 544 | + } |
|
| 545 | + |
|
| 546 | + if (PHP_INT_SIZE === 4) { |
|
| 547 | + return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_encrypt( |
|
| 548 | + $plaintext, |
|
| 549 | + $assocData, |
|
| 550 | + $nonce, |
|
| 551 | + $key |
|
| 552 | + ); |
|
| 553 | + } |
|
| 554 | + return ParagonIE_Sodium_Crypto::aead_xchacha20poly1305_ietf_encrypt( |
|
| 555 | + $plaintext, |
|
| 556 | + $assocData, |
|
| 557 | + $nonce, |
|
| 558 | + $key |
|
| 559 | + ); |
|
| 560 | + } |
|
| 561 | + |
|
| 562 | + /** |
|
| 563 | + * Authenticate a message. Uses symmetric-key cryptography. |
|
| 564 | + * |
|
| 565 | + * Algorithm: |
|
| 566 | + * HMAC-SHA512-256. Which is HMAC-SHA-512 truncated to 256 bits. |
|
| 567 | + * Not to be confused with HMAC-SHA-512/256 which would use the |
|
| 568 | + * SHA-512/256 hash function (uses different initial parameters |
|
| 569 | + * but still truncates to 256 bits to sidestep length-extension |
|
| 570 | + * attacks). |
|
| 571 | + * |
|
| 572 | + * @param string $message Message to be authenticated |
|
| 573 | + * @param string $key Symmetric authentication key |
|
| 574 | + * @return string Message authentication code |
|
| 575 | + * @throws Error |
|
| 576 | + * @throws TypeError |
|
| 577 | + */ |
|
| 578 | + public static function crypto_auth($message, $key) |
|
| 579 | + { |
|
| 580 | + /* Type checks: */ |
|
| 581 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 582 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 583 | + |
|
| 584 | + /* Input validation: */ |
|
| 585 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AUTH_KEYBYTES) { |
|
| 586 | + throw new Error('Argument 2 must be CRYPTO_AUTH_KEYBYTES long.'); |
|
| 587 | + } |
|
| 588 | + |
|
| 589 | + if (self::isPhp72OrGreater()) { |
|
| 590 | + return sodium_crypto_auth($message, $key); |
|
| 591 | + } |
|
| 592 | + if (self::use_fallback('crypto_auth')) { |
|
| 593 | + return call_user_func('\\Sodium\\crypto_auth', $message, $key); |
|
| 594 | + } |
|
| 595 | + if (PHP_INT_SIZE === 4) { |
|
| 596 | + return ParagonIE_Sodium_Crypto32::auth($message, $key); |
|
| 597 | + } |
|
| 598 | + return ParagonIE_Sodium_Crypto::auth($message, $key); |
|
| 599 | + } |
|
| 600 | + |
|
| 601 | + /** |
|
| 602 | + * Verify the MAC of a message previously authenticated with crypto_auth. |
|
| 603 | + * |
|
| 604 | + * @param string $mac Message authentication code |
|
| 605 | + * @param string $message Message whose authenticity you are attempting to |
|
| 606 | + * verify (with a given MAC and key) |
|
| 607 | + * @param string $key Symmetric authentication key |
|
| 608 | + * @return bool TRUE if authenticated, FALSE otherwise |
|
| 609 | + * @throws Error |
|
| 610 | + * @throws TypeError |
|
| 611 | + */ |
|
| 612 | + public static function crypto_auth_verify($mac, $message, $key) |
|
| 613 | + { |
|
| 614 | + /* Type checks: */ |
|
| 615 | + ParagonIE_Sodium_Core_Util::declareScalarType($mac, 'string', 1); |
|
| 616 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 617 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 618 | + |
|
| 619 | + /* Input validation: */ |
|
| 620 | + if (ParagonIE_Sodium_Core_Util::strlen($mac) !== self::CRYPTO_AUTH_BYTES) { |
|
| 621 | + throw new Error('Argument 1 must be CRYPTO_AUTH_BYTES long.'); |
|
| 622 | + } |
|
| 623 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AUTH_KEYBYTES) { |
|
| 624 | + throw new Error('Argument 3 must be CRYPTO_AUTH_KEYBYTES long.'); |
|
| 625 | + } |
|
| 626 | + |
|
| 627 | + if (self::isPhp72OrGreater()) { |
|
| 628 | + return sodium_crypto_auth_verify($mac, $message, $key); |
|
| 629 | + } |
|
| 630 | + if (self::use_fallback('crypto_auth_verify')) { |
|
| 631 | + return call_user_func('\\Sodium\\crypto_auth_verify', $mac, $message, $key); |
|
| 632 | + } |
|
| 633 | + if (PHP_INT_SIZE === 4) { |
|
| 634 | + return ParagonIE_Sodium_Crypto32::auth_verify($mac, $message, $key); |
|
| 635 | + } |
|
| 636 | + return ParagonIE_Sodium_Crypto::auth_verify($mac, $message, $key); |
|
| 637 | + } |
|
| 638 | + |
|
| 639 | + /** |
|
| 640 | + * Authenticated asymmetric-key encryption. Both the sender and recipient |
|
| 641 | + * may decrypt messages. |
|
| 642 | + * |
|
| 643 | + * Algorithm: X25519-XSalsa20-Poly1305. |
|
| 644 | + * X25519: Elliptic-Curve Diffie Hellman over Curve25519. |
|
| 645 | + * XSalsa20: Extended-nonce variant of salsa20. |
|
| 646 | + * Poyl1305: Polynomial MAC for one-time message authentication. |
|
| 647 | + * |
|
| 648 | + * @param string $plaintext The message to be encrypted |
|
| 649 | + * @param string $nonce A Number to only be used Once; must be 24 bytes |
|
| 650 | + * @param string $keypair Your secret key and your recipient's public key |
|
| 651 | + * @return string Ciphertext with 16-byte Poly1305 MAC |
|
| 652 | + * @throws Error |
|
| 653 | + * @throws TypeError |
|
| 654 | + */ |
|
| 655 | + public static function crypto_box($plaintext, $nonce, $keypair) |
|
| 656 | + { |
|
| 657 | + /* Type checks: */ |
|
| 658 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 659 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 660 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 3); |
|
| 661 | + |
|
| 662 | + /* Input validation: */ |
|
| 663 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_BOX_NONCEBYTES) { |
|
| 664 | + throw new Error('Argument 2 must be CRYPTO_BOX_NONCEBYTES long.'); |
|
| 665 | + } |
|
| 666 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 667 | + throw new Error('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 668 | + } |
|
| 669 | + |
|
| 670 | + if (self::isPhp72OrGreater()) { |
|
| 671 | + return sodium_crypto_box($plaintext, $nonce, $keypair); |
|
| 672 | + } |
|
| 673 | + if (self::use_fallback('crypto_box')) { |
|
| 674 | + return call_user_func('\\Sodium\\crypto_box', $plaintext, $nonce, $keypair); |
|
| 675 | + } |
|
| 676 | + if (PHP_INT_SIZE === 4) { |
|
| 677 | + return ParagonIE_Sodium_Crypto32::box($plaintext, $nonce, $keypair); |
|
| 678 | + } |
|
| 679 | + return ParagonIE_Sodium_Crypto::box($plaintext, $nonce, $keypair); |
|
| 680 | + } |
|
| 681 | + |
|
| 682 | + /** |
|
| 683 | + * Anonymous public-key encryption. Only the recipient may decrypt messages. |
|
| 684 | + * |
|
| 685 | + * Algorithm: X25519-XSalsa20-Poly1305, as with crypto_box. |
|
| 686 | + * The sender's X25519 keypair is ephemeral. |
|
| 687 | + * Nonce is generated from the BLAKE2b hash of both public keys. |
|
| 688 | + * |
|
| 689 | + * This provides ciphertext integrity. |
|
| 690 | + * |
|
| 691 | + * @param string $plaintext Message to be sealed |
|
| 692 | + * @param string $publicKey Your recipient's public key |
|
| 693 | + * @return string Sealed message that only your recipient can |
|
| 694 | + * decrypt |
|
| 695 | + * @throws Error |
|
| 696 | + * @throws TypeError |
|
| 697 | + */ |
|
| 698 | + public static function crypto_box_seal($plaintext, $publicKey) |
|
| 699 | + { |
|
| 700 | + /* Type checks: */ |
|
| 701 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 702 | + ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 703 | + |
|
| 704 | + /* Input validation: */ |
|
| 705 | + if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 706 | + throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 707 | + } |
|
| 708 | + |
|
| 709 | + if (self::isPhp72OrGreater()) { |
|
| 710 | + return sodium_crypto_box_seal($plaintext, $publicKey); |
|
| 711 | + } |
|
| 712 | + if (self::use_fallback('crypto_box_seal')) { |
|
| 713 | + return call_user_func('\\Sodium\\crypto_box_seal', $plaintext, $publicKey); |
|
| 714 | + } |
|
| 715 | + if (PHP_INT_SIZE === 4) { |
|
| 716 | + return ParagonIE_Sodium_Crypto32::box_seal($plaintext, $publicKey); |
|
| 717 | + } |
|
| 718 | + return ParagonIE_Sodium_Crypto::box_seal($plaintext, $publicKey); |
|
| 719 | + } |
|
| 720 | + |
|
| 721 | + /** |
|
| 722 | + * Opens a message encrypted with crypto_box_seal(). Requires |
|
| 723 | + * the recipient's keypair (sk || pk) to decrypt successfully. |
|
| 724 | + * |
|
| 725 | + * This validates ciphertext integrity. |
|
| 726 | + * |
|
| 727 | + * @param string $ciphertext Sealed message to be opened |
|
| 728 | + * @param string $keypair Your crypto_box keypair |
|
| 729 | + * @return string The original plaintext message |
|
| 730 | + * @throws Error |
|
| 731 | + * @throws TypeError |
|
| 732 | + */ |
|
| 733 | + public static function crypto_box_seal_open($ciphertext, $keypair) |
|
| 734 | + { |
|
| 735 | + /* Type checks: */ |
|
| 736 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 737 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 2); |
|
| 738 | + |
|
| 739 | + /* Input validation: */ |
|
| 740 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 741 | + throw new Error('Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 742 | + } |
|
| 743 | + |
|
| 744 | + if (self::isPhp72OrGreater()) { |
|
| 745 | + return sodium_crypto_box_seal_open($ciphertext, $keypair); |
|
| 746 | + } |
|
| 747 | + if (self::use_fallback('crypto_box_seal_open')) { |
|
| 748 | + return call_user_func('\\Sodium\\crypto_box_seal_open', $ciphertext, $keypair); |
|
| 749 | + } |
|
| 750 | + if (PHP_INT_SIZE === 4) { |
|
| 751 | + return ParagonIE_Sodium_Crypto32::box_seal_open($ciphertext, $keypair); |
|
| 752 | + } |
|
| 753 | + return ParagonIE_Sodium_Crypto::box_seal_open($ciphertext, $keypair); |
|
| 754 | + } |
|
| 755 | + |
|
| 756 | + /** |
|
| 757 | + * Generate a new random X25519 keypair. |
|
| 758 | + * |
|
| 759 | + * @return string A 64-byte string; the first 32 are your secret key, while |
|
| 760 | + * the last 32 are your public key. crypto_box_secretkey() |
|
| 761 | + * and crypto_box_publickey() exist to separate them so you |
|
| 762 | + * don't accidentally get them mixed up! |
|
| 763 | + */ |
|
| 764 | + public static function crypto_box_keypair() |
|
| 765 | + { |
|
| 766 | + if (self::isPhp72OrGreater()) { |
|
| 767 | + return sodium_crypto_box_keypair(); |
|
| 768 | + } |
|
| 769 | + if (self::use_fallback('crypto_box_keypair')) { |
|
| 770 | + return call_user_func('\\Sodium\\crypto_box_keypair'); |
|
| 771 | + } |
|
| 772 | + return ParagonIE_Sodium_Crypto::box_keypair(); |
|
| 773 | + } |
|
| 774 | + |
|
| 775 | + /** |
|
| 776 | + * Combine two keys into a keypair for use in library methods that expect |
|
| 777 | + * a keypair. This doesn't necessarily have to be the same person's keys. |
|
| 778 | + * |
|
| 779 | + * @param string $secretKey Secret key |
|
| 780 | + * @param string $publicKey Public key |
|
| 781 | + * @return string Keypair |
|
| 782 | + * @throws Error |
|
| 783 | + * @throws TypeError |
|
| 784 | + */ |
|
| 785 | + public static function crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey) |
|
| 786 | + { |
|
| 787 | + /* Type checks: */ |
|
| 788 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 789 | + ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 790 | + |
|
| 791 | + /* Input validation: */ |
|
| 792 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 793 | + throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 794 | + } |
|
| 795 | + if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 796 | + throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 797 | + } |
|
| 798 | + |
|
| 799 | + if (self::isPhp72OrGreater()) { |
|
| 800 | + return sodium_crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 801 | + } |
|
| 802 | + if (self::use_fallback('crypto_box_keypair_from_secretkey_and_publickey')) { |
|
| 803 | + return call_user_func('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey', $secretKey, $publicKey); |
|
| 804 | + } |
|
| 805 | + if (PHP_INT_SIZE === 4) { |
|
| 806 | + return ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 807 | + } |
|
| 808 | + return ParagonIE_Sodium_Crypto::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 809 | + } |
|
| 810 | + |
|
| 811 | + /** |
|
| 812 | + * Decrypt a message previously encrypted with crypto_box(). |
|
| 813 | + * |
|
| 814 | + * @param string $ciphertext Encrypted message |
|
| 815 | + * @param string $nonce Number to only be used Once; must be 24 bytes |
|
| 816 | + * @param string $keypair Your secret key and the sender's public key |
|
| 817 | + * @return string The original plaintext message |
|
| 818 | + * @throws Error |
|
| 819 | + * @throws TypeError |
|
| 820 | + */ |
|
| 821 | + public static function crypto_box_open($ciphertext, $nonce, $keypair) |
|
| 822 | + { |
|
| 823 | + /* Type checks: */ |
|
| 824 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 825 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 826 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 3); |
|
| 827 | + |
|
| 828 | + /* Input validation: */ |
|
| 829 | + if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_BOX_MACBYTES) { |
|
| 830 | + throw new Error('Argument 1 must be at least CRYPTO_BOX_MACBYTES long.'); |
|
| 831 | + } |
|
| 832 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_BOX_NONCEBYTES) { |
|
| 833 | + throw new Error('Argument 2 must be CRYPTO_BOX_NONCEBYTES long.'); |
|
| 834 | + } |
|
| 835 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 836 | + throw new Error('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 837 | + } |
|
| 838 | + |
|
| 839 | + if (self::isPhp72OrGreater()) { |
|
| 840 | + return sodium_crypto_box_open($ciphertext, $nonce, $keypair); |
|
| 841 | + } |
|
| 842 | + if (self::use_fallback('crypto_box_open')) { |
|
| 843 | + return call_user_func('\\Sodium\\crypto_box_open', $ciphertext, $nonce, $keypair); |
|
| 844 | + } |
|
| 845 | + if (PHP_INT_SIZE === 4) { |
|
| 846 | + return ParagonIE_Sodium_Crypto32::box_open($ciphertext, $nonce, $keypair); |
|
| 847 | + } |
|
| 848 | + return ParagonIE_Sodium_Crypto::box_open($ciphertext, $nonce, $keypair); |
|
| 849 | + } |
|
| 850 | + |
|
| 851 | + /** |
|
| 852 | + * Extract the public key from a crypto_box keypair. |
|
| 853 | + * |
|
| 854 | + * @param string $keypair |
|
| 855 | + * @return string Your crypto_box public key |
|
| 856 | + * @throws Error |
|
| 857 | + * @throws TypeError |
|
| 858 | + */ |
|
| 859 | + public static function crypto_box_publickey($keypair) |
|
| 860 | + { |
|
| 861 | + /* Type checks: */ |
|
| 862 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 863 | + |
|
| 864 | + /* Input validation: */ |
|
| 865 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 866 | + throw new Error('Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 867 | + } |
|
| 868 | + |
|
| 869 | + if (self::isPhp72OrGreater()) { |
|
| 870 | + return sodium_crypto_box_publickey($keypair); |
|
| 871 | + } |
|
| 872 | + if (self::use_fallback('crypto_box_publickey')) { |
|
| 873 | + return call_user_func('\\Sodium\\crypto_box_publickey', $keypair); |
|
| 874 | + } |
|
| 875 | + if (PHP_INT_SIZE === 4) { |
|
| 876 | + return ParagonIE_Sodium_Crypto32::box_publickey($keypair); |
|
| 877 | + } |
|
| 878 | + return ParagonIE_Sodium_Crypto::box_publickey($keypair); |
|
| 879 | + } |
|
| 880 | + |
|
| 881 | + /** |
|
| 882 | + * Calculate the X25519 public key from a given X25519 secret key. |
|
| 883 | + * |
|
| 884 | + * @param string $secretKey Any X25519 secret key |
|
| 885 | + * @return string The corresponding X25519 public key |
|
| 886 | + * @throws Error |
|
| 887 | + * @throws TypeError |
|
| 888 | + */ |
|
| 889 | + public static function crypto_box_publickey_from_secretkey($secretKey) |
|
| 890 | + { |
|
| 891 | + /* Type checks: */ |
|
| 892 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 893 | + |
|
| 894 | + /* Input validation: */ |
|
| 895 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 896 | + throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 897 | + } |
|
| 898 | + |
|
| 899 | + if (self::isPhp72OrGreater()) { |
|
| 900 | + return sodium_crypto_box_publickey_from_secretkey($secretKey); |
|
| 901 | + } |
|
| 902 | + if (self::use_fallback('crypto_box_publickey_from_secretkey')) { |
|
| 903 | + return call_user_func('\\Sodium\\crypto_box_publickey_from_secretkey', $secretKey); |
|
| 904 | + } |
|
| 905 | + if (PHP_INT_SIZE === 4) { |
|
| 906 | + return ParagonIE_Sodium_Crypto32::box_publickey_from_secretkey($secretKey); |
|
| 907 | + } |
|
| 908 | + return ParagonIE_Sodium_Crypto::box_publickey_from_secretkey($secretKey); |
|
| 909 | + } |
|
| 910 | + |
|
| 911 | + /** |
|
| 912 | + * Extract the secret key from a crypto_box keypair. |
|
| 913 | + * |
|
| 914 | + * @param string $keypair |
|
| 915 | + * @return string Your crypto_box secret key |
|
| 916 | + * @throws Error |
|
| 917 | + * @throws TypeError |
|
| 918 | + */ |
|
| 919 | + public static function crypto_box_secretkey($keypair) |
|
| 920 | + { |
|
| 921 | + /* Type checks: */ |
|
| 922 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 923 | + |
|
| 924 | + /* Input validation: */ |
|
| 925 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 926 | + throw new Error('Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 927 | + } |
|
| 928 | + |
|
| 929 | + if (self::isPhp72OrGreater()) { |
|
| 930 | + return sodium_crypto_box_secretkey($keypair); |
|
| 931 | + } |
|
| 932 | + if (self::use_fallback('crypto_box_secretkey')) { |
|
| 933 | + return call_user_func('\\Sodium\\crypto_box_secretkey', $keypair); |
|
| 934 | + } |
|
| 935 | + if (PHP_INT_SIZE === 4) { |
|
| 936 | + return ParagonIE_Sodium_Crypto32::box_secretkey($keypair); |
|
| 937 | + } |
|
| 938 | + return ParagonIE_Sodium_Crypto::box_secretkey($keypair); |
|
| 939 | + } |
|
| 940 | + |
|
| 941 | + /** |
|
| 942 | + * Generate an X25519 keypair from a seed. |
|
| 943 | + * |
|
| 944 | + * @param string $seed |
|
| 945 | + * @return string |
|
| 946 | + */ |
|
| 947 | + public static function crypto_box_seed_keypair($seed) |
|
| 948 | + { |
|
| 949 | + /* Type checks: */ |
|
| 950 | + ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
|
| 951 | + |
|
| 952 | + if (self::isPhp72OrGreater()) { |
|
| 953 | + return sodium_crypto_box_seed_keypair($seed); |
|
| 954 | + } |
|
| 955 | + if (self::use_fallback('crypto_box_seed_keypair')) { |
|
| 956 | + return call_user_func('\\Sodium\\crypto_box_seed_keypair', $seed); |
|
| 957 | + } |
|
| 958 | + return ParagonIE_Sodium_Crypto::box_seed_keypair($seed); |
|
| 959 | + } |
|
| 960 | + |
|
| 961 | + /** |
|
| 962 | + * Calculates a BLAKE2b hash, with an optional key. |
|
| 963 | + * |
|
| 964 | + * @param string $message The message to be hashed |
|
| 965 | + * @param string $key If specified, must be a string between 16 and 64 |
|
| 966 | + * bytes long |
|
| 967 | + * @param int $length Output length in bytes; must be between 16 and 64 |
|
| 968 | + * (default = 32) |
|
| 969 | + * @return string Raw binary |
|
| 970 | + * @throws Error |
|
| 971 | + * @throws TypeError |
|
| 972 | + */ |
|
| 973 | + public static function crypto_generichash($message, $key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 974 | + { |
|
| 975 | + /* Type checks: */ |
|
| 976 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 977 | + if (is_null($key)) { |
|
| 978 | + $key = ''; |
|
| 979 | + } |
|
| 980 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 981 | + ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 3); |
|
| 982 | + |
|
| 983 | + /* Input validation: */ |
|
| 984 | + if (!empty($key)) { |
|
| 985 | + if (ParagonIE_Sodium_Core_Util::strlen($key) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN) { |
|
| 986 | + throw new Error('Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.'); |
|
| 987 | + } |
|
| 988 | + if (ParagonIE_Sodium_Core_Util::strlen($key) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { |
|
| 989 | + throw new Error('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); |
|
| 990 | + } |
|
| 991 | + } |
|
| 992 | + |
|
| 993 | + if (self::isPhp72OrGreater()) { |
|
| 994 | + return sodium_crypto_generichash($message, $key, $length); |
|
| 995 | + } |
|
| 996 | + if (self::use_fallback('crypto_generichash')) { |
|
| 997 | + return call_user_func('\\Sodium\\crypto_generichash', $message, $key, $length); |
|
| 998 | + } |
|
| 999 | + if (PHP_INT_SIZE === 4) { |
|
| 1000 | + return ParagonIE_Sodium_Crypto32::generichash($message, $key, $length); |
|
| 1001 | + } |
|
| 1002 | + return ParagonIE_Sodium_Crypto::generichash($message, $key, $length); |
|
| 1003 | + } |
|
| 1004 | + |
|
| 1005 | + /** |
|
| 1006 | + * Get the final BLAKE2b hash output for a given context. |
|
| 1007 | + * |
|
| 1008 | + * @param string &$ctx BLAKE2 hashing context. Generated by crypto_generichash_init(). |
|
| 1009 | + * @param int $length Hash output size. |
|
| 1010 | + * @return string Final BLAKE2b hash. |
|
| 1011 | + * @throws Error |
|
| 1012 | + * @throws TypeError |
|
| 1013 | + */ |
|
| 1014 | + public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1015 | + { |
|
| 1016 | + /* Type checks: */ |
|
| 1017 | + ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
|
| 1018 | + ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
|
| 1019 | + |
|
| 1020 | + if (self::isPhp72OrGreater()) { |
|
| 1021 | + return sodium_crypto_generichash_final($ctx, $length); |
|
| 1022 | + } |
|
| 1023 | + if (self::use_fallback('crypto_generichash_final')) { |
|
| 1024 | + $func = '\\Sodium\\crypto_generichash_final'; |
|
| 1025 | + return $func($ctx, $length); |
|
| 1026 | + } |
|
| 1027 | + if (PHP_INT_SIZE === 4) { |
|
| 1028 | + $result = ParagonIE_Sodium_Crypto32::generichash_final($ctx, $length); |
|
| 1029 | + } else { |
|
| 1030 | + $result = ParagonIE_Sodium_Crypto::generichash_final($ctx, $length); |
|
| 1031 | + } |
|
| 1032 | + try { |
|
| 1033 | + self::memzero($ctx); |
|
| 1034 | + } catch (Error $ex) { |
|
| 1035 | + unset($ctx); |
|
| 1036 | + } |
|
| 1037 | + return $result; |
|
| 1038 | + } |
|
| 1039 | + |
|
| 1040 | + /** |
|
| 1041 | + * Initialize a BLAKE2b hashing context, for use in a streaming interface. |
|
| 1042 | + * |
|
| 1043 | + * @param string $key If specified must be a string between 16 and 64 bytes |
|
| 1044 | + * @param int $length The size of the desired hash output |
|
| 1045 | + * @return string A BLAKE2 hashing context, encoded as a string |
|
| 1046 | + * (To be 100% compatible with ext/libsodium) |
|
| 1047 | + * @throws Error |
|
| 1048 | + * @throws TypeError |
|
| 1049 | + */ |
|
| 1050 | + public static function crypto_generichash_init($key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1051 | + { |
|
| 1052 | + /* Type checks: */ |
|
| 1053 | + if (is_null($key)) { |
|
| 1054 | + $key = ''; |
|
| 1055 | + } |
|
| 1056 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 1); |
|
| 1057 | + ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
|
| 1058 | + |
|
| 1059 | + /* Input validation: */ |
|
| 1060 | + if (!empty($key)) { |
|
| 1061 | + if (ParagonIE_Sodium_Core_Util::strlen($key) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN) { |
|
| 1062 | + throw new Error('Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.'); |
|
| 1063 | + } |
|
| 1064 | + if (ParagonIE_Sodium_Core_Util::strlen($key) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { |
|
| 1065 | + throw new Error('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); |
|
| 1066 | + } |
|
| 1067 | + } |
|
| 1068 | + |
|
| 1069 | + if (self::isPhp72OrGreater()) { |
|
| 1070 | + return sodium_crypto_generichash_init($key, $length); |
|
| 1071 | + } |
|
| 1072 | + if (self::use_fallback('crypto_generichash_init')) { |
|
| 1073 | + return call_user_func('\\Sodium\\crypto_generichash_init', $key, $length); |
|
| 1074 | + } |
|
| 1075 | + if (PHP_INT_SIZE === 4) { |
|
| 1076 | + return ParagonIE_Sodium_Crypto32::generichash_init($key, $length); |
|
| 1077 | + } |
|
| 1078 | + return ParagonIE_Sodium_Crypto::generichash_init($key, $length); |
|
| 1079 | + } |
|
| 1080 | + |
|
| 1081 | + /** |
|
| 1082 | + * Update a BLAKE2b hashing context with additional data. |
|
| 1083 | + * |
|
| 1084 | + * @param string &$ctx BLAKE2 hashing context. Generated by crypto_generichash_init(). |
|
| 1085 | + * $ctx is passed by reference and gets updated in-place. |
|
| 1086 | + * @param string $message The message to append to the existing hash state. |
|
| 1087 | + * @return void |
|
| 1088 | + * @throws TypeError |
|
| 1089 | + */ |
|
| 1090 | + public static function crypto_generichash_update(&$ctx, $message) |
|
| 1091 | + { |
|
| 1092 | + /* Type checks: */ |
|
| 1093 | + ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
|
| 1094 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 1095 | + |
|
| 1096 | + if (self::isPhp72OrGreater()) { |
|
| 1097 | + sodium_crypto_generichash_update($ctx, $message); |
|
| 1098 | + return; |
|
| 1099 | + } |
|
| 1100 | + if (self::use_fallback('crypto_generichash_update')) { |
|
| 1101 | + $func = '\\Sodium\\crypto_generichash_update'; |
|
| 1102 | + $func($ctx, $message); |
|
| 1103 | + return; |
|
| 1104 | + } |
|
| 1105 | + if (PHP_INT_SIZE === 4) { |
|
| 1106 | + $ctx = ParagonIE_Sodium_Crypto32::generichash_update($ctx, $message); |
|
| 1107 | + } else { |
|
| 1108 | + $ctx = ParagonIE_Sodium_Crypto::generichash_update($ctx, $message); |
|
| 1109 | + } |
|
| 1110 | + } |
|
| 1111 | + |
|
| 1112 | + /** |
|
| 1113 | + * Perform a key exchange, between a designated client and a server. |
|
| 1114 | + * |
|
| 1115 | + * Typically, you would designate one machine to be the client and the |
|
| 1116 | + * other to be the server. The first two keys are what you'd expect for |
|
| 1117 | + * scalarmult() below, but the latter two public keys don't swap places. |
|
| 1118 | + * |
|
| 1119 | + * | ALICE | BOB | |
|
| 1120 | + * | Client | Server | |
|
| 1121 | + * |--------------------------------|-------------------------------------| |
|
| 1122 | + * | shared = crypto_kx( | shared = crypto_kx( | |
|
| 1123 | + * | alice_sk, | bob_sk, | <- contextual |
|
| 1124 | + * | bob_pk, | alice_pk, | <- contextual |
|
| 1125 | + * | alice_pk, | alice_pk, | <----- static |
|
| 1126 | + * | bob_pk | bob_pk | <----- static |
|
| 1127 | + * | ) | ) | |
|
| 1128 | + * |
|
| 1129 | + * They are used along with the scalarmult product to generate a 256-bit |
|
| 1130 | + * BLAKE2b hash unique to the client and server keys. |
|
| 1131 | + * |
|
| 1132 | + * @param string $my_secret |
|
| 1133 | + * @param string $their_public |
|
| 1134 | + * @param string $client_public |
|
| 1135 | + * @param string $server_public |
|
| 1136 | + * @return string |
|
| 1137 | + * @throws Error |
|
| 1138 | + * @throws TypeError |
|
| 1139 | + */ |
|
| 1140 | + public static function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 1141 | + { |
|
| 1142 | + /* Type checks: */ |
|
| 1143 | + ParagonIE_Sodium_Core_Util::declareScalarType($my_secret, 'string', 1); |
|
| 1144 | + ParagonIE_Sodium_Core_Util::declareScalarType($their_public, 'string', 2); |
|
| 1145 | + ParagonIE_Sodium_Core_Util::declareScalarType($client_public, 'string', 3); |
|
| 1146 | + ParagonIE_Sodium_Core_Util::declareScalarType($server_public, 'string', 4); |
|
| 1147 | + |
|
| 1148 | + /* Input validation: */ |
|
| 1149 | + if (ParagonIE_Sodium_Core_Util::strlen($my_secret) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1150 | + throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1151 | + } |
|
| 1152 | + if (ParagonIE_Sodium_Core_Util::strlen($their_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1153 | + throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1154 | + } |
|
| 1155 | + if (ParagonIE_Sodium_Core_Util::strlen($client_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1156 | + throw new Error('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1157 | + } |
|
| 1158 | + if (ParagonIE_Sodium_Core_Util::strlen($server_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1159 | + throw new Error('Argument 4 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1160 | + } |
|
| 1161 | + |
|
| 1162 | + if (self::isPhp72OrGreater()) { |
|
| 1163 | + if (is_callable('sodium_crypto_kx')) { |
|
| 1164 | + return sodium_crypto_kx( |
|
| 1165 | + $my_secret, |
|
| 1166 | + $their_public, |
|
| 1167 | + $client_public, |
|
| 1168 | + $server_public |
|
| 1169 | + ); |
|
| 1170 | + } |
|
| 1171 | + } |
|
| 1172 | + if (self::use_fallback('crypto_kx')) { |
|
| 1173 | + return call_user_func( |
|
| 1174 | + '\\Sodium\\crypto_kx', |
|
| 1175 | + $my_secret, |
|
| 1176 | + $their_public, |
|
| 1177 | + $client_public, |
|
| 1178 | + $server_public |
|
| 1179 | + ); |
|
| 1180 | + } |
|
| 1181 | + if (PHP_INT_SIZE === 4) { |
|
| 1182 | + return ParagonIE_Sodium_Crypto32::keyExchange( |
|
| 1183 | + $my_secret, |
|
| 1184 | + $their_public, |
|
| 1185 | + $client_public, |
|
| 1186 | + $server_public |
|
| 1187 | + ); |
|
| 1188 | + } |
|
| 1189 | + return ParagonIE_Sodium_Crypto::keyExchange( |
|
| 1190 | + $my_secret, |
|
| 1191 | + $their_public, |
|
| 1192 | + $client_public, |
|
| 1193 | + $server_public |
|
| 1194 | + ); |
|
| 1195 | + } |
|
| 1196 | + |
|
| 1197 | + /** |
|
| 1198 | + * @param int $outlen |
|
| 1199 | + * @param string $passwd |
|
| 1200 | + * @param string $salt |
|
| 1201 | + * @param int $opslimit |
|
| 1202 | + * @param int $memlimit |
|
| 1203 | + * @return string |
|
| 1204 | + * @throws Error |
|
| 1205 | + */ |
|
| 1206 | + public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1207 | + { |
|
| 1208 | + ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
|
| 1209 | + ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
|
| 1210 | + ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
|
| 1211 | + ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); |
|
| 1212 | + ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); |
|
| 1213 | + |
|
| 1214 | + if (self::isPhp72OrGreater()) { |
|
| 1215 | + return sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1216 | + } |
|
| 1217 | + if (self::use_fallback('crypto_pwhash')) { |
|
| 1218 | + return call_user_func('\\Sodium\\crypto_pwhash', $outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1219 | + } |
|
| 1220 | + // This is the best we can do. |
|
| 1221 | + throw new Error( |
|
| 1222 | + 'This is not implemented, as it is not possible to implement Argon2i with acceptable performance in pure-PHP' |
|
| 1223 | + ); |
|
| 1224 | + } |
|
| 1225 | + |
|
| 1226 | + /** |
|
| 1227 | + * @param string $passwd |
|
| 1228 | + * @param int $opslimit |
|
| 1229 | + * @param int $memlimit |
|
| 1230 | + * @return string |
|
| 1231 | + * @throws Error |
|
| 1232 | + */ |
|
| 1233 | + public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 1234 | + { |
|
| 1235 | + ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1236 | + ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
|
| 1237 | + ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
|
| 1238 | + |
|
| 1239 | + if (self::isPhp72OrGreater()) { |
|
| 1240 | + return sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 1241 | + } |
|
| 1242 | + if (self::use_fallback('crypto_pwhash_str')) { |
|
| 1243 | + return call_user_func('\\Sodium\\crypto_pwhash_str', $passwd, $opslimit, $memlimit); |
|
| 1244 | + } |
|
| 1245 | + // This is the best we can do. |
|
| 1246 | + throw new Error( |
|
| 1247 | + 'This is not implemented, as it is not possible to implement Argon2i with acceptable performance in pure-PHP' |
|
| 1248 | + ); |
|
| 1249 | + } |
|
| 1250 | + |
|
| 1251 | + /** |
|
| 1252 | + * @param string $passwd |
|
| 1253 | + * @param string $hash |
|
| 1254 | + * @return bool |
|
| 1255 | + * @throws Error |
|
| 1256 | + */ |
|
| 1257 | + public static function crypto_pwhash_str_verify($passwd, $hash) |
|
| 1258 | + { |
|
| 1259 | + ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1260 | + ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
|
| 1261 | + |
|
| 1262 | + if (self::isPhp72OrGreater()) { |
|
| 1263 | + return sodium_crypto_pwhash_str_verify($passwd, $hash); |
|
| 1264 | + } |
|
| 1265 | + if (self::use_fallback('crypto_pwhash_str_verify')) { |
|
| 1266 | + return call_user_func('\\Sodium\\crypto_pwhash_str_verify', $passwd, $hash); |
|
| 1267 | + } |
|
| 1268 | + // This is the best we can do. |
|
| 1269 | + throw new Error( |
|
| 1270 | + 'This is not implemented, as it is not possible to implement Argon2i with acceptable performance in pure-PHP' |
|
| 1271 | + ); |
|
| 1272 | + } |
|
| 1273 | + |
|
| 1274 | + /** |
|
| 1275 | + * @param int $outlen |
|
| 1276 | + * @param string $passwd |
|
| 1277 | + * @param string $salt |
|
| 1278 | + * @param int $opslimit |
|
| 1279 | + * @param int $memlimit |
|
| 1280 | + * @return string |
|
| 1281 | + * @throws Error |
|
| 1282 | + */ |
|
| 1283 | + public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1284 | + { |
|
| 1285 | + ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
|
| 1286 | + ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
|
| 1287 | + ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
|
| 1288 | + ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); |
|
| 1289 | + ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); |
|
| 1290 | + |
|
| 1291 | + if (self::isPhp72OrGreater()) { |
|
| 1292 | + return sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1293 | + } |
|
| 1294 | + if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256')) { |
|
| 1295 | + return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256', $outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1296 | + } |
|
| 1297 | + // This is the best we can do. |
|
| 1298 | + throw new Error( |
|
| 1299 | + 'This is not implemented, as it is not possible to implement Scrypt with acceptable performance in pure-PHP' |
|
| 1300 | + ); |
|
| 1301 | + } |
|
| 1302 | + |
|
| 1303 | + /** |
|
| 1304 | + * @param string $passwd |
|
| 1305 | + * @param int $opslimit |
|
| 1306 | + * @param int $memlimit |
|
| 1307 | + * @return string |
|
| 1308 | + * @throws Error |
|
| 1309 | + */ |
|
| 1310 | + public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 1311 | + { |
|
| 1312 | + ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1313 | + ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
|
| 1314 | + ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
|
| 1315 | + |
|
| 1316 | + if (self::isPhp72OrGreater()) { |
|
| 1317 | + return sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 1318 | + } |
|
| 1319 | + if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str')) { |
|
| 1320 | + return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str', $passwd, $opslimit, $memlimit); |
|
| 1321 | + } |
|
| 1322 | + // This is the best we can do. |
|
| 1323 | + throw new Error( |
|
| 1324 | + 'This is not implemented, as it is not possible to implement Scrypt with acceptable performance in pure-PHP' |
|
| 1325 | + ); |
|
| 1326 | + } |
|
| 1327 | + |
|
| 1328 | + /** |
|
| 1329 | + * @param string $passwd |
|
| 1330 | + * @param string $hash |
|
| 1331 | + * @return bool |
|
| 1332 | + * @throws Error |
|
| 1333 | + */ |
|
| 1334 | + public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 1335 | + { |
|
| 1336 | + ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1337 | + ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
|
| 1338 | + |
|
| 1339 | + if (self::isPhp72OrGreater()) { |
|
| 1340 | + return sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 1341 | + } |
|
| 1342 | + if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
|
| 1343 | + return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify', $passwd, $hash); |
|
| 1344 | + } |
|
| 1345 | + // This is the best we can do. |
|
| 1346 | + throw new Error( |
|
| 1347 | + 'This is not implemented, as it is not possible to implement Scrypt with acceptable performance in pure-PHP' |
|
| 1348 | + ); |
|
| 1349 | + } |
|
| 1350 | + |
|
| 1351 | + /** |
|
| 1352 | + * Calculate the shared secret between your secret key and your |
|
| 1353 | + * recipient's public key. |
|
| 1354 | + * |
|
| 1355 | + * Algorithm: X25519 (ECDH over Curve25519) |
|
| 1356 | + * |
|
| 1357 | + * @param string $secretKey |
|
| 1358 | + * @param string $publicKey |
|
| 1359 | + * @return string |
|
| 1360 | + * @throws Error |
|
| 1361 | + * @throws TypeError |
|
| 1362 | + */ |
|
| 1363 | + public static function crypto_scalarmult($secretKey, $publicKey) |
|
| 1364 | + { |
|
| 1365 | + /* Type checks: */ |
|
| 1366 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1367 | + ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 1368 | + |
|
| 1369 | + /* Input validation: */ |
|
| 1370 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1371 | + throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1372 | + } |
|
| 1373 | + if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1374 | + throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1375 | + } |
|
| 1376 | + |
|
| 1377 | + if (self::isPhp72OrGreater()) { |
|
| 1378 | + return sodium_crypto_scalarmult($secretKey, $publicKey); |
|
| 1379 | + } |
|
| 1380 | + if (self::use_fallback('crypto_scalarmult')) { |
|
| 1381 | + return call_user_func('\\Sodium\\crypto_scalarmult', $secretKey, $publicKey); |
|
| 1382 | + } |
|
| 1383 | + |
|
| 1384 | + /* Output validation: Forbid all-zero keys */ |
|
| 1385 | + if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { |
|
| 1386 | + throw new Error('Zero secret key is not allowed'); |
|
| 1387 | + } |
|
| 1388 | + if (ParagonIE_Sodium_Core_Util::hashEquals($publicKey, str_repeat("\0", self::CRYPTO_BOX_PUBLICKEYBYTES))) { |
|
| 1389 | + throw new Error('Zero public key is not allowed'); |
|
| 1390 | + } |
|
| 1391 | + if (PHP_INT_SIZE === 4) { |
|
| 1392 | + return ParagonIE_Sodium_Crypto32::scalarmult($secretKey, $publicKey); |
|
| 1393 | + } |
|
| 1394 | + return ParagonIE_Sodium_Crypto::scalarmult($secretKey, $publicKey); |
|
| 1395 | + } |
|
| 1396 | + |
|
| 1397 | + /** |
|
| 1398 | + * Calculate an X25519 public key from an X25519 secret key. |
|
| 1399 | + * |
|
| 1400 | + * @param string $secretKey |
|
| 1401 | + * @return string |
|
| 1402 | + * @throws Error |
|
| 1403 | + * @throws TypeError |
|
| 1404 | + */ |
|
| 1405 | + public static function crypto_scalarmult_base($secretKey) |
|
| 1406 | + { |
|
| 1407 | + /* Type checks: */ |
|
| 1408 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1409 | + |
|
| 1410 | + /* Input validation: */ |
|
| 1411 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1412 | + throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1413 | + } |
|
| 1414 | + |
|
| 1415 | + if (self::isPhp72OrGreater()) { |
|
| 1416 | + return sodium_crypto_scalarmult_base($secretKey); |
|
| 1417 | + } |
|
| 1418 | + if (self::use_fallback('crypto_scalarmult_base')) { |
|
| 1419 | + return call_user_func('\\Sodium\\crypto_scalarmult_base', $secretKey); |
|
| 1420 | + } |
|
| 1421 | + if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { |
|
| 1422 | + throw new Error('Zero secret key is not allowed'); |
|
| 1423 | + } |
|
| 1424 | + if (PHP_INT_SIZE === 4) { |
|
| 1425 | + return ParagonIE_Sodium_Crypto32::scalarmult_base($secretKey); |
|
| 1426 | + } |
|
| 1427 | + return ParagonIE_Sodium_Crypto::scalarmult_base($secretKey); |
|
| 1428 | + } |
|
| 1429 | + |
|
| 1430 | + /** |
|
| 1431 | + * Authenticated symmetric-key encryption. |
|
| 1432 | + * |
|
| 1433 | + * Algorithm: XSalsa20-Poly1305 |
|
| 1434 | + * |
|
| 1435 | + * @param string $plaintext The message you're encrypting |
|
| 1436 | + * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1437 | + * @param string $key Symmetric encryption key |
|
| 1438 | + * @return string Ciphertext with Poly1305 MAC |
|
| 1439 | + * @throws Error |
|
| 1440 | + * @throws TypeError |
|
| 1441 | + */ |
|
| 1442 | + public static function crypto_secretbox($plaintext, $nonce, $key) |
|
| 1443 | + { |
|
| 1444 | + /* Type checks: */ |
|
| 1445 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 1446 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1447 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1448 | + |
|
| 1449 | + /* Input validation: */ |
|
| 1450 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1451 | + throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1452 | + } |
|
| 1453 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1454 | + throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1455 | + } |
|
| 1456 | + |
|
| 1457 | + if (self::isPhp72OrGreater()) { |
|
| 1458 | + return sodium_crypto_secretbox($plaintext, $nonce, $key); |
|
| 1459 | + } |
|
| 1460 | + if (self::use_fallback('crypto_secretbox')) { |
|
| 1461 | + return call_user_func('\\Sodium\\crypto_secretbox', $plaintext, $nonce, $key); |
|
| 1462 | + } |
|
| 1463 | + if (PHP_INT_SIZE === 4) { |
|
| 1464 | + return ParagonIE_Sodium_Crypto32::secretbox($plaintext, $nonce, $key); |
|
| 1465 | + } |
|
| 1466 | + return ParagonIE_Sodium_Crypto::secretbox($plaintext, $nonce, $key); |
|
| 1467 | + } |
|
| 1468 | + |
|
| 1469 | + /** |
|
| 1470 | + * Decrypts a message previously encrypted with crypto_secretbox(). |
|
| 1471 | + * |
|
| 1472 | + * @param string $ciphertext Ciphertext with Poly1305 MAC |
|
| 1473 | + * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1474 | + * @param string $key Symmetric encryption key |
|
| 1475 | + * @return string Original plaintext message |
|
| 1476 | + * @throws Error |
|
| 1477 | + * @throws TypeError |
|
| 1478 | + */ |
|
| 1479 | + public static function crypto_secretbox_open($ciphertext, $nonce, $key) |
|
| 1480 | + { |
|
| 1481 | + /* Type checks: */ |
|
| 1482 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 1483 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1484 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1485 | + |
|
| 1486 | + /* Input validation: */ |
|
| 1487 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1488 | + throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1489 | + } |
|
| 1490 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1491 | + throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1492 | + } |
|
| 1493 | + |
|
| 1494 | + if (self::isPhp72OrGreater()) { |
|
| 1495 | + return sodium_crypto_secretbox_open($ciphertext, $nonce, $key); |
|
| 1496 | + } |
|
| 1497 | + if (self::use_fallback('crypto_secretbox_open')) { |
|
| 1498 | + return call_user_func('\\Sodium\\crypto_secretbox_open', $ciphertext, $nonce, $key); |
|
| 1499 | + } |
|
| 1500 | + if (PHP_INT_SIZE === 4) { |
|
| 1501 | + return ParagonIE_Sodium_Crypto32::secretbox_open($ciphertext, $nonce, $key); |
|
| 1502 | + } |
|
| 1503 | + return ParagonIE_Sodium_Crypto::secretbox_open($ciphertext, $nonce, $key); |
|
| 1504 | + } |
|
| 1505 | + |
|
| 1506 | + /** |
|
| 1507 | + * Authenticated symmetric-key encryption. |
|
| 1508 | + * |
|
| 1509 | + * Algorithm: XChaCha20-Poly1305 |
|
| 1510 | + * |
|
| 1511 | + * @param string $plaintext The message you're encrypting |
|
| 1512 | + * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1513 | + * @param string $key Symmetric encryption key |
|
| 1514 | + * @return string Ciphertext with Poly1305 MAC |
|
| 1515 | + * @throws Error |
|
| 1516 | + * @throws TypeError |
|
| 1517 | + */ |
|
| 1518 | + public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $key) |
|
| 1519 | + { |
|
| 1520 | + /* Type checks: */ |
|
| 1521 | + ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 1522 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1523 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1524 | + |
|
| 1525 | + /* Input validation: */ |
|
| 1526 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1527 | + throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1528 | + } |
|
| 1529 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1530 | + throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1531 | + } |
|
| 1532 | + if (PHP_INT_SIZE === 4) { |
|
| 1533 | + return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305($plaintext, $nonce, $key); |
|
| 1534 | + } |
|
| 1535 | + return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305($plaintext, $nonce, $key); |
|
| 1536 | + } |
|
| 1537 | + /** |
|
| 1538 | + * Decrypts a message previously encrypted with crypto_secretbox_xchacha20poly1305(). |
|
| 1539 | + * |
|
| 1540 | + * @param string $ciphertext Ciphertext with Poly1305 MAC |
|
| 1541 | + * @param string $nonce A Number to be used Once; must be 24 bytes |
|
| 1542 | + * @param string $key Symmetric encryption key |
|
| 1543 | + * @return string Original plaintext message |
|
| 1544 | + * @throws Error |
|
| 1545 | + * @throws TypeError |
|
| 1546 | + */ |
|
| 1547 | + public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) |
|
| 1548 | + { |
|
| 1549 | + /* Type checks: */ |
|
| 1550 | + ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 1551 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1552 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1553 | + |
|
| 1554 | + /* Input validation: */ |
|
| 1555 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1556 | + throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1557 | + } |
|
| 1558 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1559 | + throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1560 | + } |
|
| 1561 | + |
|
| 1562 | + if (PHP_INT_SIZE === 4) { |
|
| 1563 | + return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); |
|
| 1564 | + } |
|
| 1565 | + return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); |
|
| 1566 | + } |
|
| 1567 | + |
|
| 1568 | + /** |
|
| 1569 | + * Calculates a SipHash-2-4 hash of a message for a given key. |
|
| 1570 | + * |
|
| 1571 | + * @param string $message Input message |
|
| 1572 | + * @param string $key SipHash-2-4 key |
|
| 1573 | + * @return string Hash |
|
| 1574 | + * @throws Error |
|
| 1575 | + * @throws TypeError |
|
| 1576 | + */ |
|
| 1577 | + public static function crypto_shorthash($message, $key) |
|
| 1578 | + { |
|
| 1579 | + /* Type checks: */ |
|
| 1580 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1581 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 1582 | + |
|
| 1583 | + /* Input validation: */ |
|
| 1584 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SHORTHASH_KEYBYTES) { |
|
| 1585 | + throw new Error('Argument 2 must be CRYPTO_SHORTHASH_KEYBYTES long.'); |
|
| 1586 | + } |
|
| 1587 | + |
|
| 1588 | + if (self::isPhp72OrGreater()) { |
|
| 1589 | + return sodium_crypto_shorthash($message, $key); |
|
| 1590 | + } |
|
| 1591 | + if (self::use_fallback('crypto_shorthash')) { |
|
| 1592 | + return call_user_func('\\Sodium\\crypto_shorthash', $message, $key); |
|
| 1593 | + } |
|
| 1594 | + if (PHP_INT_SIZE === 4) { |
|
| 1595 | + return ParagonIE_Sodium_Core32_SipHash::sipHash24($message, $key); |
|
| 1596 | + } |
|
| 1597 | + return ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key); |
|
| 1598 | + } |
|
| 1599 | + |
|
| 1600 | + /** |
|
| 1601 | + * Expand a key and nonce into a keystream of pseudorandom bytes. |
|
| 1602 | + * |
|
| 1603 | + * @param int $len Number of bytes desired |
|
| 1604 | + * @param string $nonce Number to be used Once; must be 24 bytes |
|
| 1605 | + * @param string $key XSalsa20 key |
|
| 1606 | + * @return string Pseudorandom stream that can be XORed with messages |
|
| 1607 | + * to provide encryption (but not authentication; see |
|
| 1608 | + * Poly1305 or crypto_auth() for that, which is not |
|
| 1609 | + * optional for security) |
|
| 1610 | + * @throws Error |
|
| 1611 | + * @throws TypeError |
|
| 1612 | + */ |
|
| 1613 | + public static function crypto_stream($len, $nonce, $key) |
|
| 1614 | + { |
|
| 1615 | + /* Type checks: */ |
|
| 1616 | + ParagonIE_Sodium_Core_Util::declareScalarType($len, 'int', 1); |
|
| 1617 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1618 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1619 | + |
|
| 1620 | + /* Input validation: */ |
|
| 1621 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { |
|
| 1622 | + throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1623 | + } |
|
| 1624 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) { |
|
| 1625 | + throw new Error('Argument 3 must be CRYPTO_STREAM_KEYBYTES long.'); |
|
| 1626 | + } |
|
| 1627 | + |
|
| 1628 | + if (self::isPhp72OrGreater()) { |
|
| 1629 | + return sodium_crypto_stream($len, $nonce, $key); |
|
| 1630 | + } |
|
| 1631 | + if (self::use_fallback('crypto_stream')) { |
|
| 1632 | + return call_user_func('\\Sodium\\crypto_stream', $len, $nonce, $key); |
|
| 1633 | + } |
|
| 1634 | + if (PHP_INT_SIZE === 4) { |
|
| 1635 | + return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20($len, $nonce, $key); |
|
| 1636 | + } |
|
| 1637 | + return ParagonIE_Sodium_Core_XSalsa20::xsalsa20($len, $nonce, $key); |
|
| 1638 | + } |
|
| 1639 | + |
|
| 1640 | + /** |
|
| 1641 | + * DANGER! UNAUTHENTICATED ENCRYPTION! |
|
| 1642 | + * |
|
| 1643 | + * Unless you are following expert advice, do not used this feature. |
|
| 1644 | + * |
|
| 1645 | + * Algorithm: XSalsa20 |
|
| 1646 | + * |
|
| 1647 | + * This DOES NOT provide ciphertext integrity. |
|
| 1648 | + * |
|
| 1649 | + * @param string $message Plaintext message |
|
| 1650 | + * @param string $nonce Number to be used Once; must be 24 bytes |
|
| 1651 | + * @param string $key Encryption key |
|
| 1652 | + * @return string Encrypted text which is vulnerable to chosen- |
|
| 1653 | + * ciphertext attacks unless you implement some |
|
| 1654 | + * other mitigation to the ciphertext (i.e. |
|
| 1655 | + * Encrypt then MAC) |
|
| 1656 | + * @throws Error |
|
| 1657 | + * @throws TypeError |
|
| 1658 | + */ |
|
| 1659 | + public static function crypto_stream_xor($message, $nonce, $key) |
|
| 1660 | + { |
|
| 1661 | + /* Type checks: */ |
|
| 1662 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1663 | + ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1664 | + ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1665 | + |
|
| 1666 | + /* Input validation: */ |
|
| 1667 | + if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { |
|
| 1668 | + throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1669 | + } |
|
| 1670 | + if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) { |
|
| 1671 | + throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1672 | + } |
|
| 1673 | + |
|
| 1674 | + if (self::isPhp72OrGreater()) { |
|
| 1675 | + return sodium_crypto_stream_xor($message, $nonce, $key); |
|
| 1676 | + } |
|
| 1677 | + if (self::use_fallback('crypto_stream_xor')) { |
|
| 1678 | + return call_user_func('\\Sodium\\crypto_stream_xor', $message, $nonce, $key); |
|
| 1679 | + } |
|
| 1680 | + if (PHP_INT_SIZE === 4) { |
|
| 1681 | + return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20_xor($message, $nonce, $key); |
|
| 1682 | + } |
|
| 1683 | + return ParagonIE_Sodium_Core_XSalsa20::xsalsa20_xor($message, $nonce, $key); |
|
| 1684 | + } |
|
| 1685 | + |
|
| 1686 | + /** |
|
| 1687 | + * Returns a signed message. You probably want crypto_sign_detached() |
|
| 1688 | + * instead, which only returns the signature. |
|
| 1689 | + * |
|
| 1690 | + * Algorithm: Ed25519 (EdDSA over Curve25519) |
|
| 1691 | + * |
|
| 1692 | + * @param string $message Message to be signed. |
|
| 1693 | + * @param string $secretKey Secret signing key. |
|
| 1694 | + * @return string Signed message (signature is prefixed). |
|
| 1695 | + * @throws Error |
|
| 1696 | + * @throws TypeError |
|
| 1697 | + */ |
|
| 1698 | + public static function crypto_sign($message, $secretKey) |
|
| 1699 | + { |
|
| 1700 | + /* Type checks: */ |
|
| 1701 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1702 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
|
| 1703 | + |
|
| 1704 | + /* Input validation: */ |
|
| 1705 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1706 | + throw new Error('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1707 | + } |
|
| 1708 | + |
|
| 1709 | + if (self::isPhp72OrGreater()) { |
|
| 1710 | + return sodium_crypto_sign($message, $secretKey); |
|
| 1711 | + } |
|
| 1712 | + if (self::use_fallback('crypto_sign')) { |
|
| 1713 | + return call_user_func('\\Sodium\\crypto_sign', $message, $secretKey); |
|
| 1714 | + } |
|
| 1715 | + if (PHP_INT_SIZE === 4) { |
|
| 1716 | + return ParagonIE_Sodium_Crypto32::sign($message, $secretKey); |
|
| 1717 | + } |
|
| 1718 | + return ParagonIE_Sodium_Crypto::sign($message, $secretKey); |
|
| 1719 | + } |
|
| 1720 | + |
|
| 1721 | + /** |
|
| 1722 | + * Validates a signed message then returns the message. |
|
| 1723 | + * |
|
| 1724 | + * @param string $signedMessage A signed message |
|
| 1725 | + * @param string $publicKey A public key |
|
| 1726 | + * @return string The original message (if the signature is |
|
| 1727 | + * valid for this public key) |
|
| 1728 | + * @throws Error |
|
| 1729 | + * @throws TypeError |
|
| 1730 | + */ |
|
| 1731 | + public static function crypto_sign_open($signedMessage, $publicKey) |
|
| 1732 | + { |
|
| 1733 | + /* Type checks: */ |
|
| 1734 | + ParagonIE_Sodium_Core_Util::declareScalarType($signedMessage, 'string', 1); |
|
| 1735 | + ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 1736 | + |
|
| 1737 | + /* Input validation: */ |
|
| 1738 | + if (ParagonIE_Sodium_Core_Util::strlen($signedMessage) < self::CRYPTO_SIGN_BYTES) { |
|
| 1739 | + throw new Error('Argument 1 must be at least CRYPTO_SIGN_BYTES long.'); |
|
| 1740 | + } |
|
| 1741 | + if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_SIGN_PUBLICKEYBYTES) { |
|
| 1742 | + throw new Error('Argument 2 must be CRYPTO_SIGN_PUBLICKEYBYTES long.'); |
|
| 1743 | + } |
|
| 1744 | + |
|
| 1745 | + if (self::isPhp72OrGreater()) { |
|
| 1746 | + return sodium_crypto_sign_open($signedMessage, $publicKey); |
|
| 1747 | + } |
|
| 1748 | + if (self::use_fallback('crypto_sign_open')) { |
|
| 1749 | + return call_user_func('\\Sodium\\crypto_sign_open', $signedMessage, $publicKey); |
|
| 1750 | + } |
|
| 1751 | + if (PHP_INT_SIZE === 4) { |
|
| 1752 | + return ParagonIE_Sodium_Crypto32::sign_open($signedMessage, $publicKey); |
|
| 1753 | + } |
|
| 1754 | + return ParagonIE_Sodium_Crypto::sign_open($signedMessage, $publicKey); |
|
| 1755 | + } |
|
| 1756 | + |
|
| 1757 | + /** |
|
| 1758 | + * Generate a new random Ed25519 keypair. |
|
| 1759 | + * |
|
| 1760 | + * @return string |
|
| 1761 | + */ |
|
| 1762 | + public static function crypto_sign_keypair() |
|
| 1763 | + { |
|
| 1764 | + if (self::isPhp72OrGreater()) { |
|
| 1765 | + return sodium_crypto_sign_keypair(); |
|
| 1766 | + } |
|
| 1767 | + if (self::use_fallback('crypto_sign_keypair')) { |
|
| 1768 | + return call_user_func( |
|
| 1769 | + '\\Sodium\\crypto_sign_keypair' |
|
| 1770 | + ); |
|
| 1771 | + } |
|
| 1772 | + if (PHP_INT_SIZE === 4) { |
|
| 1773 | + return ParagonIE_Sodium_Core32_Ed25519::keypair(); |
|
| 1774 | + } |
|
| 1775 | + return ParagonIE_Sodium_Core_Ed25519::keypair(); |
|
| 1776 | + } |
|
| 1777 | + |
|
| 1778 | + /** |
|
| 1779 | + * Generate an Ed25519 keypair from a seed. |
|
| 1780 | + * |
|
| 1781 | + * @param string $seed Input seed |
|
| 1782 | + * @return string Keypair |
|
| 1783 | + */ |
|
| 1784 | + public static function crypto_sign_seed_keypair($seed) |
|
| 1785 | + { |
|
| 1786 | + ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
|
| 1787 | + |
|
| 1788 | + if (self::isPhp72OrGreater()) { |
|
| 1789 | + return sodium_crypto_sign_seed_keypair($seed); |
|
| 1790 | + } |
|
| 1791 | + if (self::use_fallback('crypto_sign_keypair')) { |
|
| 1792 | + return call_user_func('\\Sodium\\crypto_sign_seed_keypair', $seed); |
|
| 1793 | + } |
|
| 1794 | + $publicKey = ''; |
|
| 1795 | + $secretKey = ''; |
|
| 1796 | + if (PHP_INT_SIZE === 4) { |
|
| 1797 | + ParagonIE_Sodium_Core32_Ed25519::seed_keypair($publicKey, $secretKey, $seed); |
|
| 1798 | + } else { |
|
| 1799 | + ParagonIE_Sodium_Core_Ed25519::seed_keypair($publicKey, $secretKey, $seed); |
|
| 1800 | + } |
|
| 1801 | + return $secretKey . $publicKey; |
|
| 1802 | + } |
|
| 1803 | + |
|
| 1804 | + /** |
|
| 1805 | + * Extract an Ed25519 public key from an Ed25519 keypair. |
|
| 1806 | + * |
|
| 1807 | + * @param string $keypair Keypair |
|
| 1808 | + * @return string Public key |
|
| 1809 | + * @throws Error |
|
| 1810 | + * @throws TypeError |
|
| 1811 | + */ |
|
| 1812 | + public static function crypto_sign_publickey($keypair) |
|
| 1813 | + { |
|
| 1814 | + /* Type checks: */ |
|
| 1815 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 1816 | + |
|
| 1817 | + /* Input validation: */ |
|
| 1818 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { |
|
| 1819 | + throw new Error('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); |
|
| 1820 | + } |
|
| 1821 | + |
|
| 1822 | + if (self::isPhp72OrGreater()) { |
|
| 1823 | + return sodium_crypto_sign_publickey($keypair); |
|
| 1824 | + } |
|
| 1825 | + if (self::use_fallback('crypto_sign_publickey')) { |
|
| 1826 | + return call_user_func('\\Sodium\\crypto_sign_publickey', $keypair); |
|
| 1827 | + } |
|
| 1828 | + if (PHP_INT_SIZE === 4) { |
|
| 1829 | + return ParagonIE_Sodium_Core32_Ed25519::publickey($keypair); |
|
| 1830 | + } |
|
| 1831 | + return ParagonIE_Sodium_Core_Ed25519::publickey($keypair); |
|
| 1832 | + } |
|
| 1833 | + |
|
| 1834 | + /** |
|
| 1835 | + * Calculate an Ed25519 public key from an Ed25519 secret key. |
|
| 1836 | + * |
|
| 1837 | + * @param string $secretKey Your Ed25519 secret key |
|
| 1838 | + * @return string The corresponding Ed25519 public key |
|
| 1839 | + * @throws Error |
|
| 1840 | + * @throws TypeError |
|
| 1841 | + */ |
|
| 1842 | + public static function crypto_sign_publickey_from_secretkey($secretKey) |
|
| 1843 | + { |
|
| 1844 | + /* Type checks: */ |
|
| 1845 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1846 | + |
|
| 1847 | + /* Input validation: */ |
|
| 1848 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1849 | + throw new Error('Argument 1 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1850 | + } |
|
| 1851 | + |
|
| 1852 | + if (self::isPhp72OrGreater()) { |
|
| 1853 | + return sodium_crypto_sign_publickey_from_secretkey($secretKey); |
|
| 1854 | + } |
|
| 1855 | + if (self::use_fallback('crypto_sign_publickey_from_secretkey')) { |
|
| 1856 | + return call_user_func('\\Sodium\\crypto_sign_publickey_from_secretkey', $secretKey); |
|
| 1857 | + } |
|
| 1858 | + if (PHP_INT_SIZE === 4) { |
|
| 1859 | + return ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); |
|
| 1860 | + } |
|
| 1861 | + return ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); |
|
| 1862 | + } |
|
| 1863 | + |
|
| 1864 | + /** |
|
| 1865 | + * Extract an Ed25519 secret key from an Ed25519 keypair. |
|
| 1866 | + * |
|
| 1867 | + * @param string $keypair Keypair |
|
| 1868 | + * @return string Secret key |
|
| 1869 | + * @throws Error |
|
| 1870 | + * @throws TypeError |
|
| 1871 | + */ |
|
| 1872 | + public static function crypto_sign_secretkey($keypair) |
|
| 1873 | + { |
|
| 1874 | + /* Type checks: */ |
|
| 1875 | + ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 1876 | + |
|
| 1877 | + /* Input validation: */ |
|
| 1878 | + if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { |
|
| 1879 | + throw new Error('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); |
|
| 1880 | + } |
|
| 1881 | + |
|
| 1882 | + if (self::isPhp72OrGreater()) { |
|
| 1883 | + return sodium_crypto_sign_secretkey($keypair); |
|
| 1884 | + } |
|
| 1885 | + if (self::use_fallback('crypto_sign_secretkey')) { |
|
| 1886 | + return call_user_func('\\Sodium\\crypto_sign_secretkey', $keypair); |
|
| 1887 | + } |
|
| 1888 | + if (PHP_INT_SIZE === 4) { |
|
| 1889 | + return ParagonIE_Sodium_Core32_Ed25519::secretkey($keypair); |
|
| 1890 | + } |
|
| 1891 | + return ParagonIE_Sodium_Core_Ed25519::secretkey($keypair); |
|
| 1892 | + } |
|
| 1893 | + |
|
| 1894 | + /** |
|
| 1895 | + * Calculate the Ed25519 signature of a message and return ONLY the signature. |
|
| 1896 | + * |
|
| 1897 | + * Algorithm: Ed25519 (EdDSA over Curve25519) |
|
| 1898 | + * |
|
| 1899 | + * @param string $message Message to be signed |
|
| 1900 | + * @param string $secretKey Secret signing key |
|
| 1901 | + * @return string Digital signature |
|
| 1902 | + * @throws Error |
|
| 1903 | + * @throws TypeError |
|
| 1904 | + */ |
|
| 1905 | + public static function crypto_sign_detached($message, $secretKey) |
|
| 1906 | + { |
|
| 1907 | + /* Type checks: */ |
|
| 1908 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1909 | + ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
|
| 1910 | + |
|
| 1911 | + /* Input validation: */ |
|
| 1912 | + if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1913 | + throw new Error('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1914 | + } |
|
| 1915 | + |
|
| 1916 | + if (self::isPhp72OrGreater()) { |
|
| 1917 | + return sodium_crypto_sign_detached($message, $secretKey); |
|
| 1918 | + } |
|
| 1919 | + if (self::use_fallback('crypto_sign_detached')) { |
|
| 1920 | + return call_user_func('\\Sodium\\crypto_sign_detached', $message, $secretKey); |
|
| 1921 | + } |
|
| 1922 | + if (PHP_INT_SIZE === 4) { |
|
| 1923 | + return ParagonIE_Sodium_Crypto32::sign_detached($message, $secretKey); |
|
| 1924 | + } |
|
| 1925 | + return ParagonIE_Sodium_Crypto::sign_detached($message, $secretKey); |
|
| 1926 | + } |
|
| 1927 | + |
|
| 1928 | + /** |
|
| 1929 | + * Verify the Ed25519 signature of a message. |
|
| 1930 | + * |
|
| 1931 | + * @param string $signature Digital sginature |
|
| 1932 | + * @param string $message Message to be verified |
|
| 1933 | + * @param string $publicKey Public key |
|
| 1934 | + * @return bool TRUE if this signature is good for this public key; |
|
| 1935 | + * FALSE otherwise |
|
| 1936 | + * @throws Error |
|
| 1937 | + * @throws TypeError |
|
| 1938 | + */ |
|
| 1939 | + public static function crypto_sign_verify_detached($signature, $message, $publicKey) |
|
| 1940 | + { |
|
| 1941 | + /* Type checks: */ |
|
| 1942 | + ParagonIE_Sodium_Core_Util::declareScalarType($signature, 'string', 1); |
|
| 1943 | + ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 1944 | + ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 3); |
|
| 1945 | + |
|
| 1946 | + /* Input validation: */ |
|
| 1947 | + if (ParagonIE_Sodium_Core_Util::strlen($signature) !== self::CRYPTO_SIGN_BYTES) { |
|
| 1948 | + throw new Error('Argument 1 must be CRYPTO_SIGN_BYTES long.'); |
|
| 1949 | + } |
|
| 1950 | + if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_SIGN_PUBLICKEYBYTES) { |
|
| 1951 | + throw new Error('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES long.'); |
|
| 1952 | + } |
|
| 1953 | + |
|
| 1954 | + if (self::isPhp72OrGreater()) { |
|
| 1955 | + return sodium_crypto_sign_verify_detached($signature, $message, $publicKey); |
|
| 1956 | + } |
|
| 1957 | + if (self::use_fallback('crypto_sign_verify_detached')) { |
|
| 1958 | + return call_user_func('\\Sodium\\crypto_sign_verify_detached', $signature, $message, $publicKey); |
|
| 1959 | + } |
|
| 1960 | + if (PHP_INT_SIZE === 4) { |
|
| 1961 | + return ParagonIE_Sodium_Crypto32::sign_verify_detached($signature, $message, $publicKey); |
|
| 1962 | + } |
|
| 1963 | + return ParagonIE_Sodium_Crypto::sign_verify_detached($signature, $message, $publicKey); |
|
| 1964 | + } |
|
| 1965 | + |
|
| 1966 | + /** |
|
| 1967 | + * Convert an Ed25519 secret key to a Curve25519 secret key |
|
| 1968 | + * |
|
| 1969 | + * @param string $sk |
|
| 1970 | + * @return string |
|
| 1971 | + * @throws Error |
|
| 1972 | + */ |
|
| 1973 | + public static function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 1974 | + { |
|
| 1975 | + /* Type checks: */ |
|
| 1976 | + ParagonIE_Sodium_Core_Util::declareScalarType($sk, 'string', 1); |
|
| 1977 | + |
|
| 1978 | + /* Input validation: */ |
|
| 1979 | + if (ParagonIE_Sodium_Core_Util::strlen($sk) < self::CRYPTO_SIGN_SEEDBYTES) { |
|
| 1980 | + throw new Error('Argument 1 must be at least CRYPTO_SIGN_SEEDBYTES long.'); |
|
| 1981 | + } |
|
| 1982 | + if (self::isPhp72OrGreater()) { |
|
| 1983 | + if (is_callable('crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 1984 | + return sodium_crypto_sign_ed25519_sk_to_curve25519($sk); |
|
| 1985 | + } |
|
| 1986 | + } |
|
| 1987 | + if (self::use_fallback('crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 1988 | + return call_user_func('\\Sodium\\crypto_sign_ed25519_sk_to_curve25519', $sk); |
|
| 1989 | + } |
|
| 1990 | + |
|
| 1991 | + $h = hash('sha512', ParagonIE_Sodium_Core_Util::substr($sk, 0, 32), true); |
|
| 1992 | + $h[0] = ParagonIE_Sodium_Core_Util::intToChr( |
|
| 1993 | + ParagonIE_Sodium_Core_Util::chrToInt($h[0]) & 248 |
|
| 1994 | + ); |
|
| 1995 | + $h[31] = ParagonIE_Sodium_Core_Util::intToChr( |
|
| 1996 | + (ParagonIE_Sodium_Core_Util::chrToInt($h[31]) & 127) | 64 |
|
| 1997 | + ); |
|
| 1998 | + return ParagonIE_Sodium_Core_Util::substr($h, 0, 32); |
|
| 1999 | + } |
|
| 2000 | + |
|
| 2001 | + /** |
|
| 2002 | + * Cache-timing-safe implementation of hex2bin(). |
|
| 2003 | + * |
|
| 2004 | + * @param string $string Hexadecimal string |
|
| 2005 | + * @return string Raw binary string |
|
| 2006 | + * @throws TypeError |
|
| 2007 | + */ |
|
| 2008 | + public static function hex2bin($string) |
|
| 2009 | + { |
|
| 2010 | + /* Type checks: */ |
|
| 2011 | + ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
|
| 2012 | + |
|
| 2013 | + if (self::isPhp72OrGreater()) { |
|
| 2014 | + return sodium_hex2bin($string); |
|
| 2015 | + } |
|
| 2016 | + if (self::use_fallback('hex2bin')) { |
|
| 2017 | + return call_user_func('\\Sodium\\hex2bin', $string); |
|
| 2018 | + } |
|
| 2019 | + return ParagonIE_Sodium_Core_Util::hex2bin($string); |
|
| 2020 | + } |
|
| 2021 | + |
|
| 2022 | + /** |
|
| 2023 | + * Increase a string (little endian) |
|
| 2024 | + * |
|
| 2025 | + * @param string $var |
|
| 2026 | + * |
|
| 2027 | + * @return void |
|
| 2028 | + * @throws Error (Unless libsodium is installed) |
|
| 2029 | + */ |
|
| 2030 | + public static function increment(&$var) |
|
| 2031 | + { |
|
| 2032 | + /* Type checks: */ |
|
| 2033 | + ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
|
| 2034 | + |
|
| 2035 | + if (self::isPhp72OrGreater()) { |
|
| 2036 | + sodium_increment($var); |
|
| 2037 | + return; |
|
| 2038 | + } |
|
| 2039 | + if (self::use_fallback('increment')) { |
|
| 2040 | + @call_user_func('\\Sodium\\increment', $var); |
|
| 2041 | + return; |
|
| 2042 | + } |
|
| 2043 | + |
|
| 2044 | + $len = ParagonIE_Sodium_Core_Util::strlen($var); |
|
| 2045 | + $c = 1; |
|
| 2046 | + $copy = ''; |
|
| 2047 | + for ($i = 0; $i < $len; ++$i) { |
|
| 2048 | + $c += ParagonIE_Sodium_Core_Util::chrToInt( |
|
| 2049 | + ParagonIE_Sodium_Core_Util::substr($var, $i, 1) |
|
| 2050 | + ); |
|
| 2051 | + $copy .= ParagonIE_Sodium_Core_Util::intToChr($c); |
|
| 2052 | + $c >>= 8; |
|
| 2053 | + } |
|
| 2054 | + $var = $copy; |
|
| 2055 | + } |
|
| 2056 | + |
|
| 2057 | + /** |
|
| 2058 | + * The equivalent to the libsodium minor version we aim to be compatible |
|
| 2059 | + * with (sans pwhash and memzero). |
|
| 2060 | + * |
|
| 2061 | + * @return int |
|
| 2062 | + */ |
|
| 2063 | + public static function library_version_major() |
|
| 2064 | + { |
|
| 2065 | + if (self::isPhp72OrGreater()) { |
|
| 2066 | + return sodium_library_version_major(); |
|
| 2067 | + } |
|
| 2068 | + if (self::use_fallback('library_version_major')) { |
|
| 2069 | + return (int) call_user_func('\\Sodium\\library_version_major'); |
|
| 2070 | + } |
|
| 2071 | + return self::LIBRARY_VERSION_MAJOR; |
|
| 2072 | + } |
|
| 2073 | + |
|
| 2074 | + /** |
|
| 2075 | + * The equivalent to the libsodium minor version we aim to be compatible |
|
| 2076 | + * with (sans pwhash and memzero). |
|
| 2077 | + * |
|
| 2078 | + * @return int |
|
| 2079 | + */ |
|
| 2080 | + public static function library_version_minor() |
|
| 2081 | + { |
|
| 2082 | + if (self::isPhp72OrGreater()) { |
|
| 2083 | + return sodium_library_version_minor(); |
|
| 2084 | + } |
|
| 2085 | + if (self::use_fallback('library_version_minor')) { |
|
| 2086 | + return (int) call_user_func('\\Sodium\\library_version_minor'); |
|
| 2087 | + } |
|
| 2088 | + return self::LIBRARY_VERSION_MINOR; |
|
| 2089 | + } |
|
| 2090 | + |
|
| 2091 | + /** |
|
| 2092 | + * Compare two strings. |
|
| 2093 | + * |
|
| 2094 | + * @param string $left |
|
| 2095 | + * @param string $right |
|
| 2096 | + * @return int |
|
| 2097 | + * @throws TypeError |
|
| 2098 | + */ |
|
| 2099 | + public static function memcmp($left, $right) |
|
| 2100 | + { |
|
| 2101 | + /* Type checks: */ |
|
| 2102 | + ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
|
| 2103 | + ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
|
| 2104 | + |
|
| 2105 | + if (self::use_fallback('memcmp')) { |
|
| 2106 | + return call_user_func('\\Sodium\\memcmp', $left, $right); |
|
| 2107 | + } |
|
| 2108 | + return ParagonIE_Sodium_Core_Util::memcmp($left, $right); |
|
| 2109 | + } |
|
| 2110 | + |
|
| 2111 | + /** |
|
| 2112 | + * It's actually not possible to zero memory buffers in PHP. You need the |
|
| 2113 | + * native library for that. |
|
| 2114 | + * |
|
| 2115 | + * @param string|null $var |
|
| 2116 | + * |
|
| 2117 | + * @return void |
|
| 2118 | + * @throws Error (Unless libsodium is installed) |
|
| 2119 | + */ |
|
| 2120 | + public static function memzero(&$var) |
|
| 2121 | + { |
|
| 2122 | + /* Type checks: */ |
|
| 2123 | + ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
|
| 2124 | + |
|
| 2125 | + if (self::isPhp72OrGreater()) { |
|
| 2126 | + sodium_memzero($var); |
|
| 2127 | + return; |
|
| 2128 | + } |
|
| 2129 | + if (self::use_fallback('memzero')) { |
|
| 2130 | + @call_user_func('\\Sodium\\memzero', $var); |
|
| 2131 | + return; |
|
| 2132 | + } |
|
| 2133 | + // This is the best we can do. |
|
| 2134 | + throw new Error( |
|
| 2135 | + 'This is not implemented, as it is not possible to securely wipe memory from PHP' |
|
| 2136 | + ); |
|
| 2137 | + } |
|
| 2138 | + |
|
| 2139 | + /** |
|
| 2140 | + * Generate a string of bytes from the kernel's CSPRNG. |
|
| 2141 | + * Proudly uses /dev/urandom (if getrandom(2) is not available). |
|
| 2142 | + * |
|
| 2143 | + * @param int $numBytes |
|
| 2144 | + * @return string |
|
| 2145 | + * @throws TypeError |
|
| 2146 | + */ |
|
| 2147 | + public static function randombytes_buf($numBytes) |
|
| 2148 | + { |
|
| 2149 | + /* Type checks: */ |
|
| 2150 | + if (!is_int($numBytes)) { |
|
| 2151 | + if (is_numeric($numBytes)) { |
|
| 2152 | + $numBytes = (int)$numBytes; |
|
| 2153 | + } else { |
|
| 2154 | + throw new TypeError('Argument 1 must be an integer, ' . gettype($numBytes) . ' given.'); |
|
| 2155 | + } |
|
| 2156 | + } |
|
| 2157 | + if (self::use_fallback('randombytes_buf')) { |
|
| 2158 | + return call_user_func('\\Sodium\\randombytes_buf', $numBytes); |
|
| 2159 | + } |
|
| 2160 | + return random_bytes($numBytes); |
|
| 2161 | + } |
|
| 2162 | + |
|
| 2163 | + /** |
|
| 2164 | + * Generate an integer between 0 and $range (non-inclusive). |
|
| 2165 | + * |
|
| 2166 | + * @param int $range |
|
| 2167 | + * @return int |
|
| 2168 | + * @throws TypeError |
|
| 2169 | + */ |
|
| 2170 | + public static function randombytes_uniform($range) |
|
| 2171 | + { |
|
| 2172 | + /* Type checks: */ |
|
| 2173 | + if (!is_int($range)) { |
|
| 2174 | + if (is_numeric($range)) { |
|
| 2175 | + $range = (int)$range; |
|
| 2176 | + } else { |
|
| 2177 | + throw new TypeError('Argument 1 must be an integer, ' . gettype($range) . ' given.'); |
|
| 2178 | + } |
|
| 2179 | + } |
|
| 2180 | + if (self::use_fallback('randombytes_uniform')) { |
|
| 2181 | + return (int) call_user_func('\\Sodium\\randombytes_uniform', $range); |
|
| 2182 | + } |
|
| 2183 | + return random_int(0, $range - 1); |
|
| 2184 | + } |
|
| 2185 | + |
|
| 2186 | + /** |
|
| 2187 | + * Generate a random 16-bit integer. |
|
| 2188 | + * |
|
| 2189 | + * @return int |
|
| 2190 | + */ |
|
| 2191 | + public static function randombytes_random16() |
|
| 2192 | + { |
|
| 2193 | + if (self::use_fallback('randombytes_random16')) { |
|
| 2194 | + return (int) call_user_func('\\Sodium\\randombytes_random16'); |
|
| 2195 | + } |
|
| 2196 | + return random_int(0, 65535); |
|
| 2197 | + } |
|
| 2198 | + |
|
| 2199 | + /** |
|
| 2200 | + * This emulates libsodium's version_string() function, except ours is |
|
| 2201 | + * prefixed with 'polyfill-'. |
|
| 2202 | + * |
|
| 2203 | + * @return string |
|
| 2204 | + */ |
|
| 2205 | + public static function version_string() |
|
| 2206 | + { |
|
| 2207 | + if (self::isPhp72OrGreater()) { |
|
| 2208 | + return sodium_version_string(); |
|
| 2209 | + } |
|
| 2210 | + if (self::use_fallback('version_string')) { |
|
| 2211 | + return (string) call_user_func('\\Sodium\\version_string'); |
|
| 2212 | + } |
|
| 2213 | + return self::VERSION_STRING; |
|
| 2214 | + } |
|
| 2215 | + |
|
| 2216 | + /** |
|
| 2217 | + * Should we use the libsodium core function instead? |
|
| 2218 | + * This is always a good idea, if it's available. (Unless we're in the |
|
| 2219 | + * middle of running our unit test suite.) |
|
| 2220 | + * |
|
| 2221 | + * If ext/libsodium is available, use it. Return TRUE. |
|
| 2222 | + * Otherwise, we have to use the code provided herein. Return FALSE. |
|
| 2223 | + * |
|
| 2224 | + * @param string $sodium_func_name |
|
| 2225 | + * |
|
| 2226 | + * @return bool |
|
| 2227 | + */ |
|
| 2228 | + protected static function use_fallback($sodium_func_name = '') |
|
| 2229 | + { |
|
| 2230 | + static $res = null; |
|
| 2231 | + if ($res === null) { |
|
| 2232 | + $res = extension_loaded('libsodium') && PHP_VERSION_ID >= 50300; |
|
| 2233 | + } |
|
| 2234 | + if (PHP_INT_SIZE === 4) { |
|
| 2235 | + if ($res && is_callable('\\Sodium\\' . $sodium_func_name)) { |
|
| 2236 | + // We can safely just offload to the PECL extension |
|
| 2237 | + return true; |
|
| 2238 | + } |
|
| 2239 | + /* |
|
| 2240 | 2240 | if (DIRECTORY_SEPARATOR === '\\' && PHP_VERSION_ID < 70000) { |
| 2241 | 2241 | throw new RuntimeException( |
| 2242 | 2242 | 'Sodium_compat produces incorrect results on systems that do not support 64-bit integers. ' . |
@@ -2247,37 +2247,37 @@ discard block |
||
| 2247 | 2247 | 'Sodium_compat produces incorrect results on systems that do not support 64-bit integers.' |
| 2248 | 2248 | ); |
| 2249 | 2249 | */ |
| 2250 | - } |
|
| 2251 | - if ($res === false) { |
|
| 2252 | - // No libsodium installed |
|
| 2253 | - return false; |
|
| 2254 | - } |
|
| 2255 | - if (self::$disableFallbackForUnitTests) { |
|
| 2256 | - // Don't fallback. Use the PHP implementation. |
|
| 2257 | - return false; |
|
| 2258 | - } |
|
| 2259 | - if (!empty($sodium_func_name)) { |
|
| 2260 | - return is_callable('\\Sodium\\' . $sodium_func_name); |
|
| 2261 | - } |
|
| 2262 | - return true; |
|
| 2263 | - } |
|
| 2264 | - |
|
| 2265 | - /** |
|
| 2266 | - * Libsodium as implemented in PHP 7.2 |
|
| 2267 | - * |
|
| 2268 | - * @ref https://wiki.php.net/rfc/libsodium |
|
| 2269 | - * @return bool |
|
| 2270 | - */ |
|
| 2271 | - protected static function isPhp72OrGreater() |
|
| 2272 | - { |
|
| 2273 | - static $res = null; |
|
| 2274 | - if ($res === null) { |
|
| 2275 | - $res = PHP_VERSION_ID >= 70200 && extension_loaded('sodium'); |
|
| 2276 | - } |
|
| 2277 | - if (self::$disableFallbackForUnitTests) { |
|
| 2278 | - // Don't fallback. Use the PHP implementation. |
|
| 2279 | - return false; |
|
| 2280 | - } |
|
| 2281 | - return $res; |
|
| 2282 | - } |
|
| 2250 | + } |
|
| 2251 | + if ($res === false) { |
|
| 2252 | + // No libsodium installed |
|
| 2253 | + return false; |
|
| 2254 | + } |
|
| 2255 | + if (self::$disableFallbackForUnitTests) { |
|
| 2256 | + // Don't fallback. Use the PHP implementation. |
|
| 2257 | + return false; |
|
| 2258 | + } |
|
| 2259 | + if (!empty($sodium_func_name)) { |
|
| 2260 | + return is_callable('\\Sodium\\' . $sodium_func_name); |
|
| 2261 | + } |
|
| 2262 | + return true; |
|
| 2263 | + } |
|
| 2264 | + |
|
| 2265 | + /** |
|
| 2266 | + * Libsodium as implemented in PHP 7.2 |
|
| 2267 | + * |
|
| 2268 | + * @ref https://wiki.php.net/rfc/libsodium |
|
| 2269 | + * @return bool |
|
| 2270 | + */ |
|
| 2271 | + protected static function isPhp72OrGreater() |
|
| 2272 | + { |
|
| 2273 | + static $res = null; |
|
| 2274 | + if ($res === null) { |
|
| 2275 | + $res = PHP_VERSION_ID >= 70200 && extension_loaded('sodium'); |
|
| 2276 | + } |
|
| 2277 | + if (self::$disableFallbackForUnitTests) { |
|
| 2278 | + // Don't fallback. Use the PHP implementation. |
|
| 2279 | + return false; |
|
| 2280 | + } |
|
| 2281 | + return $res; |
|
| 2282 | + } |
|
| 2283 | 2283 | } |
@@ -21,7 +21,7 @@ discard block |
||
| 21 | 21 | * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * CAUTION * |
| 22 | 22 | */ |
| 23 | 23 | |
| 24 | -if (class_exists('ParagonIE_Sodium_Compat', false)) { |
|
| 24 | +if ( class_exists( 'ParagonIE_Sodium_Compat', false ) ) { |
|
| 25 | 25 | return; |
| 26 | 26 | } |
| 27 | 27 | |
@@ -115,18 +115,18 @@ discard block |
||
| 115 | 115 | * @return string A hexadecimal-encoded string |
| 116 | 116 | * @throws TypeError |
| 117 | 117 | */ |
| 118 | - public static function bin2hex($string) |
|
| 118 | + public static function bin2hex( $string ) |
|
| 119 | 119 | { |
| 120 | 120 | /* Type checks: */ |
| 121 | - ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
|
| 121 | + ParagonIE_Sodium_Core_Util::declareScalarType( $string, 'string', 1 ); |
|
| 122 | 122 | |
| 123 | - if (self::isPhp72OrGreater()) { |
|
| 124 | - return bin2hex($string); |
|
| 123 | + if ( self::isPhp72OrGreater() ) { |
|
| 124 | + return bin2hex( $string ); |
|
| 125 | 125 | } |
| 126 | - if (self::use_fallback('bin2hex')) { |
|
| 127 | - return call_user_func('\\Sodium\\bin2hex', $string); |
|
| 126 | + if ( self::use_fallback( 'bin2hex' ) ) { |
|
| 127 | + return call_user_func( '\\Sodium\\bin2hex', $string ); |
|
| 128 | 128 | } |
| 129 | - return ParagonIE_Sodium_Core_Util::bin2hex($string); |
|
| 129 | + return ParagonIE_Sodium_Core_Util::bin2hex( $string ); |
|
| 130 | 130 | } |
| 131 | 131 | |
| 132 | 132 | /** |
@@ -140,19 +140,19 @@ discard block |
||
| 140 | 140 | * > 0 if the right operand is less than the left |
| 141 | 141 | * @throws TypeError |
| 142 | 142 | */ |
| 143 | - public static function compare($left, $right) |
|
| 143 | + public static function compare( $left, $right ) |
|
| 144 | 144 | { |
| 145 | 145 | /* Type checks: */ |
| 146 | - ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
|
| 147 | - ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
|
| 146 | + ParagonIE_Sodium_Core_Util::declareScalarType( $left, 'string', 1 ); |
|
| 147 | + ParagonIE_Sodium_Core_Util::declareScalarType( $right, 'string', 2 ); |
|
| 148 | 148 | |
| 149 | - if (self::isPhp72OrGreater()) { |
|
| 150 | - return sodium_compare($left, $right); |
|
| 149 | + if ( self::isPhp72OrGreater() ) { |
|
| 150 | + return sodium_compare( $left, $right ); |
|
| 151 | 151 | } |
| 152 | - if (self::use_fallback('compare')) { |
|
| 153 | - return call_user_func('\\Sodium\\compare', $left, $right); |
|
| 152 | + if ( self::use_fallback( 'compare' ) ) { |
|
| 153 | + return call_user_func( '\\Sodium\\compare', $left, $right ); |
|
| 154 | 154 | } |
| 155 | - return ParagonIE_Sodium_Core_Util::compare($left, $right); |
|
| 155 | + return ParagonIE_Sodium_Core_Util::compare( $left, $right ); |
|
| 156 | 156 | } |
| 157 | 157 | |
| 158 | 158 | /** |
@@ -180,23 +180,23 @@ discard block |
||
| 180 | 180 | $key = '' |
| 181 | 181 | ) { |
| 182 | 182 | /* Type checks: */ |
| 183 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 184 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 185 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 186 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 183 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 184 | + ParagonIE_Sodium_Core_Util::declareScalarType( $assocData, 'string', 2 ); |
|
| 185 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 3 ); |
|
| 186 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 4 ); |
|
| 187 | 187 | |
| 188 | 188 | /* Input validation: */ |
| 189 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { |
|
| 190 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); |
|
| 189 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES ) { |
|
| 190 | + throw new Error( 'Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long' ); |
|
| 191 | 191 | } |
| 192 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 193 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 192 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES ) { |
|
| 193 | + throw new Error( 'Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long' ); |
|
| 194 | 194 | } |
| 195 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES) { |
|
| 196 | - throw new Error('Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long'); |
|
| 195 | + if ( ParagonIE_Sodium_Core_Util::strlen( $ciphertext ) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES ) { |
|
| 196 | + throw new Error( 'Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long' ); |
|
| 197 | 197 | } |
| 198 | 198 | |
| 199 | - if (self::isPhp72OrGreater()) { |
|
| 199 | + if ( self::isPhp72OrGreater() ) { |
|
| 200 | 200 | return sodium_crypto_aead_chacha20poly1305_decrypt( |
| 201 | 201 | $ciphertext, |
| 202 | 202 | $assocData, |
@@ -204,7 +204,7 @@ discard block |
||
| 204 | 204 | $key |
| 205 | 205 | ); |
| 206 | 206 | } |
| 207 | - if (self::use_fallback('crypto_aead_chacha20poly1305_decrypt')) { |
|
| 207 | + if ( self::use_fallback( 'crypto_aead_chacha20poly1305_decrypt' ) ) { |
|
| 208 | 208 | return call_user_func( |
| 209 | 209 | '\\Sodium\\crypto_aead_chacha20poly1305_decrypt', |
| 210 | 210 | $ciphertext, |
@@ -213,7 +213,7 @@ discard block |
||
| 213 | 213 | $key |
| 214 | 214 | ); |
| 215 | 215 | } |
| 216 | - if (PHP_INT_SIZE === 4) { |
|
| 216 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 217 | 217 | return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_decrypt( |
| 218 | 218 | $ciphertext, |
| 219 | 219 | $assocData, |
@@ -255,20 +255,20 @@ discard block |
||
| 255 | 255 | $key = '' |
| 256 | 256 | ) { |
| 257 | 257 | /* Type checks: */ |
| 258 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 259 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 260 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 261 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 258 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 259 | + ParagonIE_Sodium_Core_Util::declareScalarType( $assocData, 'string', 2 ); |
|
| 260 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 3 ); |
|
| 261 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 4 ); |
|
| 262 | 262 | |
| 263 | 263 | /* Input validation: */ |
| 264 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES) { |
|
| 265 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long'); |
|
| 264 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES ) { |
|
| 265 | + throw new Error( 'Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES long' ); |
|
| 266 | 266 | } |
| 267 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 268 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 267 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES ) { |
|
| 268 | + throw new Error( 'Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long' ); |
|
| 269 | 269 | } |
| 270 | 270 | |
| 271 | - if (self::isPhp72OrGreater()) { |
|
| 271 | + if ( self::isPhp72OrGreater() ) { |
|
| 272 | 272 | return sodium_crypto_aead_chacha20poly1305_encrypt( |
| 273 | 273 | $plaintext, |
| 274 | 274 | $assocData, |
@@ -276,7 +276,7 @@ discard block |
||
| 276 | 276 | $key |
| 277 | 277 | ); |
| 278 | 278 | } |
| 279 | - if (self::use_fallback('crypto_aead_chacha20poly1305_encrypt')) { |
|
| 279 | + if ( self::use_fallback( 'crypto_aead_chacha20poly1305_encrypt' ) ) { |
|
| 280 | 280 | return call_user_func( |
| 281 | 281 | '\\Sodium\\crypto_aead_chacha20poly1305_encrypt', |
| 282 | 282 | $plaintext, |
@@ -285,7 +285,7 @@ discard block |
||
| 285 | 285 | $key |
| 286 | 286 | ); |
| 287 | 287 | } |
| 288 | - if (PHP_INT_SIZE === 4) { |
|
| 288 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 289 | 289 | return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_encrypt( |
| 290 | 290 | $plaintext, |
| 291 | 291 | $assocData, |
@@ -326,23 +326,23 @@ discard block |
||
| 326 | 326 | $key = '' |
| 327 | 327 | ) { |
| 328 | 328 | /* Type checks: */ |
| 329 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 330 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 331 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 332 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 329 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 330 | + ParagonIE_Sodium_Core_Util::declareScalarType( $assocData, 'string', 2 ); |
|
| 331 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 3 ); |
|
| 332 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 4 ); |
|
| 333 | 333 | |
| 334 | 334 | /* Input validation: */ |
| 335 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 336 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 335 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES ) { |
|
| 336 | + throw new Error( 'Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long' ); |
|
| 337 | 337 | } |
| 338 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 339 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 338 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES ) { |
|
| 339 | + throw new Error( 'Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long' ); |
|
| 340 | 340 | } |
| 341 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES) { |
|
| 342 | - throw new Error('Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long'); |
|
| 341 | + if ( ParagonIE_Sodium_Core_Util::strlen( $ciphertext ) < self::CRYPTO_AEAD_CHACHA20POLY1305_ABYTES ) { |
|
| 342 | + throw new Error( 'Message must be at least CRYPTO_AEAD_CHACHA20POLY1305_ABYTES long' ); |
|
| 343 | 343 | } |
| 344 | 344 | |
| 345 | - if (self::isPhp72OrGreater()) { |
|
| 345 | + if ( self::isPhp72OrGreater() ) { |
|
| 346 | 346 | return sodium_crypto_aead_chacha20poly1305_ietf_decrypt( |
| 347 | 347 | $ciphertext, |
| 348 | 348 | $assocData, |
@@ -350,7 +350,7 @@ discard block |
||
| 350 | 350 | $key |
| 351 | 351 | ); |
| 352 | 352 | } |
| 353 | - if (self::use_fallback('crypto_aead_chacha20poly1305_ietf_decrypt')) { |
|
| 353 | + if ( self::use_fallback( 'crypto_aead_chacha20poly1305_ietf_decrypt' ) ) { |
|
| 354 | 354 | return call_user_func( |
| 355 | 355 | '\\Sodium\\crypto_aead_chacha20poly1305_ietf_decrypt', |
| 356 | 356 | $ciphertext, |
@@ -359,7 +359,7 @@ discard block |
||
| 359 | 359 | $key |
| 360 | 360 | ); |
| 361 | 361 | } |
| 362 | - if (PHP_INT_SIZE === 4) { |
|
| 362 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 363 | 363 | return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_decrypt( |
| 364 | 364 | $ciphertext, |
| 365 | 365 | $assocData, |
@@ -401,20 +401,20 @@ discard block |
||
| 401 | 401 | $key = '' |
| 402 | 402 | ) { |
| 403 | 403 | /* Type checks: */ |
| 404 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 405 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 406 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 407 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 404 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 405 | + ParagonIE_Sodium_Core_Util::declareScalarType( $assocData, 'string', 2 ); |
|
| 406 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 3 ); |
|
| 407 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 4 ); |
|
| 408 | 408 | |
| 409 | 409 | /* Input validation: */ |
| 410 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 411 | - throw new Error('Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 410 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES ) { |
|
| 411 | + throw new Error( 'Nonce must be CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES long' ); |
|
| 412 | 412 | } |
| 413 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES) { |
|
| 414 | - throw new Error('Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long'); |
|
| 413 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES ) { |
|
| 414 | + throw new Error( 'Key must be CRYPTO_AEAD_CHACHA20POLY1305_KEYBYTES long' ); |
|
| 415 | 415 | } |
| 416 | 416 | |
| 417 | - if (self::isPhp72OrGreater()) { |
|
| 417 | + if ( self::isPhp72OrGreater() ) { |
|
| 418 | 418 | return sodium_crypto_aead_chacha20poly1305_ietf_encrypt( |
| 419 | 419 | $plaintext, |
| 420 | 420 | $assocData, |
@@ -422,7 +422,7 @@ discard block |
||
| 422 | 422 | $key |
| 423 | 423 | ); |
| 424 | 424 | } |
| 425 | - if (self::use_fallback('crypto_aead_chacha20poly1305_ietf_encrypt')) { |
|
| 425 | + if ( self::use_fallback( 'crypto_aead_chacha20poly1305_ietf_encrypt' ) ) { |
|
| 426 | 426 | return call_user_func( |
| 427 | 427 | '\\Sodium\\crypto_aead_chacha20poly1305_ietf_encrypt', |
| 428 | 428 | $plaintext, |
@@ -431,7 +431,7 @@ discard block |
||
| 431 | 431 | $key |
| 432 | 432 | ); |
| 433 | 433 | } |
| 434 | - if (PHP_INT_SIZE === 4) { |
|
| 434 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 435 | 435 | return ParagonIE_Sodium_Crypto32::aead_chacha20poly1305_ietf_encrypt( |
| 436 | 436 | $plaintext, |
| 437 | 437 | $assocData, |
@@ -472,23 +472,23 @@ discard block |
||
| 472 | 472 | $key = '' |
| 473 | 473 | ) { |
| 474 | 474 | /* Type checks: */ |
| 475 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 476 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 477 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 478 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 475 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 476 | + ParagonIE_Sodium_Core_Util::declareScalarType( $assocData, 'string', 2 ); |
|
| 477 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 3 ); |
|
| 478 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 4 ); |
|
| 479 | 479 | |
| 480 | 480 | /* Input validation: */ |
| 481 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 482 | - throw new Error('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES long'); |
|
| 481 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES ) { |
|
| 482 | + throw new Error( 'Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES long' ); |
|
| 483 | 483 | } |
| 484 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { |
|
| 485 | - throw new Error('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES long'); |
|
| 484 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES ) { |
|
| 485 | + throw new Error( 'Key must be CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES long' ); |
|
| 486 | 486 | } |
| 487 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES) { |
|
| 488 | - throw new Error('Message must be at least CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES long'); |
|
| 487 | + if ( ParagonIE_Sodium_Core_Util::strlen( $ciphertext ) < self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES ) { |
|
| 488 | + throw new Error( 'Message must be at least CRYPTO_AEAD_XCHACHA20POLY1305_IETF_ABYTES long' ); |
|
| 489 | 489 | } |
| 490 | 490 | |
| 491 | - if (PHP_INT_SIZE === 4) { |
|
| 491 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 492 | 492 | return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_decrypt( |
| 493 | 493 | $ciphertext, |
| 494 | 494 | $assocData, |
@@ -530,20 +530,20 @@ discard block |
||
| 530 | 530 | $key = '' |
| 531 | 531 | ) { |
| 532 | 532 | /* Type checks: */ |
| 533 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 534 | - ParagonIE_Sodium_Core_Util::declareScalarType($assocData, 'string', 2); |
|
| 535 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 3); |
|
| 536 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 4); |
|
| 533 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 534 | + ParagonIE_Sodium_Core_Util::declareScalarType( $assocData, 'string', 2 ); |
|
| 535 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 3 ); |
|
| 536 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 4 ); |
|
| 537 | 537 | |
| 538 | 538 | /* Input validation: */ |
| 539 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES) { |
|
| 540 | - throw new Error('Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_NPUBBYTES long'); |
|
| 539 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES ) { |
|
| 540 | + throw new Error( 'Nonce must be CRYPTO_AEAD_XCHACHA20POLY1305_NPUBBYTES long' ); |
|
| 541 | 541 | } |
| 542 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES) { |
|
| 543 | - throw new Error('Key must be CRYPTO_AEAD_XCHACHA20POLY1305_KEYBYTES long'); |
|
| 542 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_KEYBYTES ) { |
|
| 543 | + throw new Error( 'Key must be CRYPTO_AEAD_XCHACHA20POLY1305_KEYBYTES long' ); |
|
| 544 | 544 | } |
| 545 | 545 | |
| 546 | - if (PHP_INT_SIZE === 4) { |
|
| 546 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 547 | 547 | return ParagonIE_Sodium_Crypto32::aead_xchacha20poly1305_ietf_encrypt( |
| 548 | 548 | $plaintext, |
| 549 | 549 | $assocData, |
@@ -575,27 +575,27 @@ discard block |
||
| 575 | 575 | * @throws Error |
| 576 | 576 | * @throws TypeError |
| 577 | 577 | */ |
| 578 | - public static function crypto_auth($message, $key) |
|
| 578 | + public static function crypto_auth( $message, $key ) |
|
| 579 | 579 | { |
| 580 | 580 | /* Type checks: */ |
| 581 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 582 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 581 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 1 ); |
|
| 582 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 2 ); |
|
| 583 | 583 | |
| 584 | 584 | /* Input validation: */ |
| 585 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AUTH_KEYBYTES) { |
|
| 586 | - throw new Error('Argument 2 must be CRYPTO_AUTH_KEYBYTES long.'); |
|
| 585 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AUTH_KEYBYTES ) { |
|
| 586 | + throw new Error( 'Argument 2 must be CRYPTO_AUTH_KEYBYTES long.' ); |
|
| 587 | 587 | } |
| 588 | 588 | |
| 589 | - if (self::isPhp72OrGreater()) { |
|
| 590 | - return sodium_crypto_auth($message, $key); |
|
| 589 | + if ( self::isPhp72OrGreater() ) { |
|
| 590 | + return sodium_crypto_auth( $message, $key ); |
|
| 591 | 591 | } |
| 592 | - if (self::use_fallback('crypto_auth')) { |
|
| 593 | - return call_user_func('\\Sodium\\crypto_auth', $message, $key); |
|
| 592 | + if ( self::use_fallback( 'crypto_auth' ) ) { |
|
| 593 | + return call_user_func( '\\Sodium\\crypto_auth', $message, $key ); |
|
| 594 | 594 | } |
| 595 | - if (PHP_INT_SIZE === 4) { |
|
| 596 | - return ParagonIE_Sodium_Crypto32::auth($message, $key); |
|
| 595 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 596 | + return ParagonIE_Sodium_Crypto32::auth( $message, $key ); |
|
| 597 | 597 | } |
| 598 | - return ParagonIE_Sodium_Crypto::auth($message, $key); |
|
| 598 | + return ParagonIE_Sodium_Crypto::auth( $message, $key ); |
|
| 599 | 599 | } |
| 600 | 600 | |
| 601 | 601 | /** |
@@ -609,31 +609,31 @@ discard block |
||
| 609 | 609 | * @throws Error |
| 610 | 610 | * @throws TypeError |
| 611 | 611 | */ |
| 612 | - public static function crypto_auth_verify($mac, $message, $key) |
|
| 612 | + public static function crypto_auth_verify( $mac, $message, $key ) |
|
| 613 | 613 | { |
| 614 | 614 | /* Type checks: */ |
| 615 | - ParagonIE_Sodium_Core_Util::declareScalarType($mac, 'string', 1); |
|
| 616 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 617 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 615 | + ParagonIE_Sodium_Core_Util::declareScalarType( $mac, 'string', 1 ); |
|
| 616 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 2 ); |
|
| 617 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 618 | 618 | |
| 619 | 619 | /* Input validation: */ |
| 620 | - if (ParagonIE_Sodium_Core_Util::strlen($mac) !== self::CRYPTO_AUTH_BYTES) { |
|
| 621 | - throw new Error('Argument 1 must be CRYPTO_AUTH_BYTES long.'); |
|
| 620 | + if ( ParagonIE_Sodium_Core_Util::strlen( $mac ) !== self::CRYPTO_AUTH_BYTES ) { |
|
| 621 | + throw new Error( 'Argument 1 must be CRYPTO_AUTH_BYTES long.' ); |
|
| 622 | 622 | } |
| 623 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_AUTH_KEYBYTES) { |
|
| 624 | - throw new Error('Argument 3 must be CRYPTO_AUTH_KEYBYTES long.'); |
|
| 623 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_AUTH_KEYBYTES ) { |
|
| 624 | + throw new Error( 'Argument 3 must be CRYPTO_AUTH_KEYBYTES long.' ); |
|
| 625 | 625 | } |
| 626 | 626 | |
| 627 | - if (self::isPhp72OrGreater()) { |
|
| 628 | - return sodium_crypto_auth_verify($mac, $message, $key); |
|
| 627 | + if ( self::isPhp72OrGreater() ) { |
|
| 628 | + return sodium_crypto_auth_verify( $mac, $message, $key ); |
|
| 629 | 629 | } |
| 630 | - if (self::use_fallback('crypto_auth_verify')) { |
|
| 631 | - return call_user_func('\\Sodium\\crypto_auth_verify', $mac, $message, $key); |
|
| 630 | + if ( self::use_fallback( 'crypto_auth_verify' ) ) { |
|
| 631 | + return call_user_func( '\\Sodium\\crypto_auth_verify', $mac, $message, $key ); |
|
| 632 | 632 | } |
| 633 | - if (PHP_INT_SIZE === 4) { |
|
| 634 | - return ParagonIE_Sodium_Crypto32::auth_verify($mac, $message, $key); |
|
| 633 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 634 | + return ParagonIE_Sodium_Crypto32::auth_verify( $mac, $message, $key ); |
|
| 635 | 635 | } |
| 636 | - return ParagonIE_Sodium_Crypto::auth_verify($mac, $message, $key); |
|
| 636 | + return ParagonIE_Sodium_Crypto::auth_verify( $mac, $message, $key ); |
|
| 637 | 637 | } |
| 638 | 638 | |
| 639 | 639 | /** |
@@ -652,31 +652,31 @@ discard block |
||
| 652 | 652 | * @throws Error |
| 653 | 653 | * @throws TypeError |
| 654 | 654 | */ |
| 655 | - public static function crypto_box($plaintext, $nonce, $keypair) |
|
| 655 | + public static function crypto_box( $plaintext, $nonce, $keypair ) |
|
| 656 | 656 | { |
| 657 | 657 | /* Type checks: */ |
| 658 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 659 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 660 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 3); |
|
| 658 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 659 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 660 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 3 ); |
|
| 661 | 661 | |
| 662 | 662 | /* Input validation: */ |
| 663 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_BOX_NONCEBYTES) { |
|
| 664 | - throw new Error('Argument 2 must be CRYPTO_BOX_NONCEBYTES long.'); |
|
| 663 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_BOX_NONCEBYTES ) { |
|
| 664 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_NONCEBYTES long.' ); |
|
| 665 | 665 | } |
| 666 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 667 | - throw new Error('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 666 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_BOX_KEYPAIRBYTES ) { |
|
| 667 | + throw new Error( 'Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.' ); |
|
| 668 | 668 | } |
| 669 | 669 | |
| 670 | - if (self::isPhp72OrGreater()) { |
|
| 671 | - return sodium_crypto_box($plaintext, $nonce, $keypair); |
|
| 670 | + if ( self::isPhp72OrGreater() ) { |
|
| 671 | + return sodium_crypto_box( $plaintext, $nonce, $keypair ); |
|
| 672 | 672 | } |
| 673 | - if (self::use_fallback('crypto_box')) { |
|
| 674 | - return call_user_func('\\Sodium\\crypto_box', $plaintext, $nonce, $keypair); |
|
| 673 | + if ( self::use_fallback( 'crypto_box' ) ) { |
|
| 674 | + return call_user_func( '\\Sodium\\crypto_box', $plaintext, $nonce, $keypair ); |
|
| 675 | 675 | } |
| 676 | - if (PHP_INT_SIZE === 4) { |
|
| 677 | - return ParagonIE_Sodium_Crypto32::box($plaintext, $nonce, $keypair); |
|
| 676 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 677 | + return ParagonIE_Sodium_Crypto32::box( $plaintext, $nonce, $keypair ); |
|
| 678 | 678 | } |
| 679 | - return ParagonIE_Sodium_Crypto::box($plaintext, $nonce, $keypair); |
|
| 679 | + return ParagonIE_Sodium_Crypto::box( $plaintext, $nonce, $keypair ); |
|
| 680 | 680 | } |
| 681 | 681 | |
| 682 | 682 | /** |
@@ -695,27 +695,27 @@ discard block |
||
| 695 | 695 | * @throws Error |
| 696 | 696 | * @throws TypeError |
| 697 | 697 | */ |
| 698 | - public static function crypto_box_seal($plaintext, $publicKey) |
|
| 698 | + public static function crypto_box_seal( $plaintext, $publicKey ) |
|
| 699 | 699 | { |
| 700 | 700 | /* Type checks: */ |
| 701 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 702 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 701 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 702 | + ParagonIE_Sodium_Core_Util::declareScalarType( $publicKey, 'string', 2 ); |
|
| 703 | 703 | |
| 704 | 704 | /* Input validation: */ |
| 705 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 706 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 705 | + if ( ParagonIE_Sodium_Core_Util::strlen( $publicKey ) !== self::CRYPTO_BOX_PUBLICKEYBYTES ) { |
|
| 706 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.' ); |
|
| 707 | 707 | } |
| 708 | 708 | |
| 709 | - if (self::isPhp72OrGreater()) { |
|
| 710 | - return sodium_crypto_box_seal($plaintext, $publicKey); |
|
| 709 | + if ( self::isPhp72OrGreater() ) { |
|
| 710 | + return sodium_crypto_box_seal( $plaintext, $publicKey ); |
|
| 711 | 711 | } |
| 712 | - if (self::use_fallback('crypto_box_seal')) { |
|
| 713 | - return call_user_func('\\Sodium\\crypto_box_seal', $plaintext, $publicKey); |
|
| 712 | + if ( self::use_fallback( 'crypto_box_seal' ) ) { |
|
| 713 | + return call_user_func( '\\Sodium\\crypto_box_seal', $plaintext, $publicKey ); |
|
| 714 | 714 | } |
| 715 | - if (PHP_INT_SIZE === 4) { |
|
| 716 | - return ParagonIE_Sodium_Crypto32::box_seal($plaintext, $publicKey); |
|
| 715 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 716 | + return ParagonIE_Sodium_Crypto32::box_seal( $plaintext, $publicKey ); |
|
| 717 | 717 | } |
| 718 | - return ParagonIE_Sodium_Crypto::box_seal($plaintext, $publicKey); |
|
| 718 | + return ParagonIE_Sodium_Crypto::box_seal( $plaintext, $publicKey ); |
|
| 719 | 719 | } |
| 720 | 720 | |
| 721 | 721 | /** |
@@ -730,27 +730,27 @@ discard block |
||
| 730 | 730 | * @throws Error |
| 731 | 731 | * @throws TypeError |
| 732 | 732 | */ |
| 733 | - public static function crypto_box_seal_open($ciphertext, $keypair) |
|
| 733 | + public static function crypto_box_seal_open( $ciphertext, $keypair ) |
|
| 734 | 734 | { |
| 735 | 735 | /* Type checks: */ |
| 736 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 737 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 2); |
|
| 736 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 737 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 2 ); |
|
| 738 | 738 | |
| 739 | 739 | /* Input validation: */ |
| 740 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 741 | - throw new Error('Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 740 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_BOX_KEYPAIRBYTES ) { |
|
| 741 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_KEYPAIRBYTES long.' ); |
|
| 742 | 742 | } |
| 743 | 743 | |
| 744 | - if (self::isPhp72OrGreater()) { |
|
| 745 | - return sodium_crypto_box_seal_open($ciphertext, $keypair); |
|
| 744 | + if ( self::isPhp72OrGreater() ) { |
|
| 745 | + return sodium_crypto_box_seal_open( $ciphertext, $keypair ); |
|
| 746 | 746 | } |
| 747 | - if (self::use_fallback('crypto_box_seal_open')) { |
|
| 748 | - return call_user_func('\\Sodium\\crypto_box_seal_open', $ciphertext, $keypair); |
|
| 747 | + if ( self::use_fallback( 'crypto_box_seal_open' ) ) { |
|
| 748 | + return call_user_func( '\\Sodium\\crypto_box_seal_open', $ciphertext, $keypair ); |
|
| 749 | 749 | } |
| 750 | - if (PHP_INT_SIZE === 4) { |
|
| 751 | - return ParagonIE_Sodium_Crypto32::box_seal_open($ciphertext, $keypair); |
|
| 750 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 751 | + return ParagonIE_Sodium_Crypto32::box_seal_open( $ciphertext, $keypair ); |
|
| 752 | 752 | } |
| 753 | - return ParagonIE_Sodium_Crypto::box_seal_open($ciphertext, $keypair); |
|
| 753 | + return ParagonIE_Sodium_Crypto::box_seal_open( $ciphertext, $keypair ); |
|
| 754 | 754 | } |
| 755 | 755 | |
| 756 | 756 | /** |
@@ -763,11 +763,11 @@ discard block |
||
| 763 | 763 | */ |
| 764 | 764 | public static function crypto_box_keypair() |
| 765 | 765 | { |
| 766 | - if (self::isPhp72OrGreater()) { |
|
| 766 | + if ( self::isPhp72OrGreater() ) { |
|
| 767 | 767 | return sodium_crypto_box_keypair(); |
| 768 | 768 | } |
| 769 | - if (self::use_fallback('crypto_box_keypair')) { |
|
| 770 | - return call_user_func('\\Sodium\\crypto_box_keypair'); |
|
| 769 | + if ( self::use_fallback( 'crypto_box_keypair' ) ) { |
|
| 770 | + return call_user_func( '\\Sodium\\crypto_box_keypair' ); |
|
| 771 | 771 | } |
| 772 | 772 | return ParagonIE_Sodium_Crypto::box_keypair(); |
| 773 | 773 | } |
@@ -782,30 +782,30 @@ discard block |
||
| 782 | 782 | * @throws Error |
| 783 | 783 | * @throws TypeError |
| 784 | 784 | */ |
| 785 | - public static function crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey) |
|
| 785 | + public static function crypto_box_keypair_from_secretkey_and_publickey( $secretKey, $publicKey ) |
|
| 786 | 786 | { |
| 787 | 787 | /* Type checks: */ |
| 788 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 789 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 788 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 1 ); |
|
| 789 | + ParagonIE_Sodium_Core_Util::declareScalarType( $publicKey, 'string', 2 ); |
|
| 790 | 790 | |
| 791 | 791 | /* Input validation: */ |
| 792 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 793 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 792 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_BOX_SECRETKEYBYTES ) { |
|
| 793 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.' ); |
|
| 794 | 794 | } |
| 795 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 796 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 795 | + if ( ParagonIE_Sodium_Core_Util::strlen( $publicKey ) !== self::CRYPTO_BOX_PUBLICKEYBYTES ) { |
|
| 796 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.' ); |
|
| 797 | 797 | } |
| 798 | 798 | |
| 799 | - if (self::isPhp72OrGreater()) { |
|
| 800 | - return sodium_crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 799 | + if ( self::isPhp72OrGreater() ) { |
|
| 800 | + return sodium_crypto_box_keypair_from_secretkey_and_publickey( $secretKey, $publicKey ); |
|
| 801 | 801 | } |
| 802 | - if (self::use_fallback('crypto_box_keypair_from_secretkey_and_publickey')) { |
|
| 803 | - return call_user_func('\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey', $secretKey, $publicKey); |
|
| 802 | + if ( self::use_fallback( 'crypto_box_keypair_from_secretkey_and_publickey' ) ) { |
|
| 803 | + return call_user_func( '\\Sodium\\crypto_box_keypair_from_secretkey_and_publickey', $secretKey, $publicKey ); |
|
| 804 | 804 | } |
| 805 | - if (PHP_INT_SIZE === 4) { |
|
| 806 | - return ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 805 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 806 | + return ParagonIE_Sodium_Crypto32::box_keypair_from_secretkey_and_publickey( $secretKey, $publicKey ); |
|
| 807 | 807 | } |
| 808 | - return ParagonIE_Sodium_Crypto::box_keypair_from_secretkey_and_publickey($secretKey, $publicKey); |
|
| 808 | + return ParagonIE_Sodium_Crypto::box_keypair_from_secretkey_and_publickey( $secretKey, $publicKey ); |
|
| 809 | 809 | } |
| 810 | 810 | |
| 811 | 811 | /** |
@@ -818,34 +818,34 @@ discard block |
||
| 818 | 818 | * @throws Error |
| 819 | 819 | * @throws TypeError |
| 820 | 820 | */ |
| 821 | - public static function crypto_box_open($ciphertext, $nonce, $keypair) |
|
| 821 | + public static function crypto_box_open( $ciphertext, $nonce, $keypair ) |
|
| 822 | 822 | { |
| 823 | 823 | /* Type checks: */ |
| 824 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 825 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 826 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 3); |
|
| 824 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 825 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 826 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 3 ); |
|
| 827 | 827 | |
| 828 | 828 | /* Input validation: */ |
| 829 | - if (ParagonIE_Sodium_Core_Util::strlen($ciphertext) < self::CRYPTO_BOX_MACBYTES) { |
|
| 830 | - throw new Error('Argument 1 must be at least CRYPTO_BOX_MACBYTES long.'); |
|
| 829 | + if ( ParagonIE_Sodium_Core_Util::strlen( $ciphertext ) < self::CRYPTO_BOX_MACBYTES ) { |
|
| 830 | + throw new Error( 'Argument 1 must be at least CRYPTO_BOX_MACBYTES long.' ); |
|
| 831 | 831 | } |
| 832 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_BOX_NONCEBYTES) { |
|
| 833 | - throw new Error('Argument 2 must be CRYPTO_BOX_NONCEBYTES long.'); |
|
| 832 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_BOX_NONCEBYTES ) { |
|
| 833 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_NONCEBYTES long.' ); |
|
| 834 | 834 | } |
| 835 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 836 | - throw new Error('Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 835 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_BOX_KEYPAIRBYTES ) { |
|
| 836 | + throw new Error( 'Argument 3 must be CRYPTO_BOX_KEYPAIRBYTES long.' ); |
|
| 837 | 837 | } |
| 838 | 838 | |
| 839 | - if (self::isPhp72OrGreater()) { |
|
| 840 | - return sodium_crypto_box_open($ciphertext, $nonce, $keypair); |
|
| 839 | + if ( self::isPhp72OrGreater() ) { |
|
| 840 | + return sodium_crypto_box_open( $ciphertext, $nonce, $keypair ); |
|
| 841 | 841 | } |
| 842 | - if (self::use_fallback('crypto_box_open')) { |
|
| 843 | - return call_user_func('\\Sodium\\crypto_box_open', $ciphertext, $nonce, $keypair); |
|
| 842 | + if ( self::use_fallback( 'crypto_box_open' ) ) { |
|
| 843 | + return call_user_func( '\\Sodium\\crypto_box_open', $ciphertext, $nonce, $keypair ); |
|
| 844 | 844 | } |
| 845 | - if (PHP_INT_SIZE === 4) { |
|
| 846 | - return ParagonIE_Sodium_Crypto32::box_open($ciphertext, $nonce, $keypair); |
|
| 845 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 846 | + return ParagonIE_Sodium_Crypto32::box_open( $ciphertext, $nonce, $keypair ); |
|
| 847 | 847 | } |
| 848 | - return ParagonIE_Sodium_Crypto::box_open($ciphertext, $nonce, $keypair); |
|
| 848 | + return ParagonIE_Sodium_Crypto::box_open( $ciphertext, $nonce, $keypair ); |
|
| 849 | 849 | } |
| 850 | 850 | |
| 851 | 851 | /** |
@@ -856,26 +856,26 @@ discard block |
||
| 856 | 856 | * @throws Error |
| 857 | 857 | * @throws TypeError |
| 858 | 858 | */ |
| 859 | - public static function crypto_box_publickey($keypair) |
|
| 859 | + public static function crypto_box_publickey( $keypair ) |
|
| 860 | 860 | { |
| 861 | 861 | /* Type checks: */ |
| 862 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 862 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 1 ); |
|
| 863 | 863 | |
| 864 | 864 | /* Input validation: */ |
| 865 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 866 | - throw new Error('Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 865 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_BOX_KEYPAIRBYTES ) { |
|
| 866 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.' ); |
|
| 867 | 867 | } |
| 868 | 868 | |
| 869 | - if (self::isPhp72OrGreater()) { |
|
| 870 | - return sodium_crypto_box_publickey($keypair); |
|
| 869 | + if ( self::isPhp72OrGreater() ) { |
|
| 870 | + return sodium_crypto_box_publickey( $keypair ); |
|
| 871 | 871 | } |
| 872 | - if (self::use_fallback('crypto_box_publickey')) { |
|
| 873 | - return call_user_func('\\Sodium\\crypto_box_publickey', $keypair); |
|
| 872 | + if ( self::use_fallback( 'crypto_box_publickey' ) ) { |
|
| 873 | + return call_user_func( '\\Sodium\\crypto_box_publickey', $keypair ); |
|
| 874 | 874 | } |
| 875 | - if (PHP_INT_SIZE === 4) { |
|
| 876 | - return ParagonIE_Sodium_Crypto32::box_publickey($keypair); |
|
| 875 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 876 | + return ParagonIE_Sodium_Crypto32::box_publickey( $keypair ); |
|
| 877 | 877 | } |
| 878 | - return ParagonIE_Sodium_Crypto::box_publickey($keypair); |
|
| 878 | + return ParagonIE_Sodium_Crypto::box_publickey( $keypair ); |
|
| 879 | 879 | } |
| 880 | 880 | |
| 881 | 881 | /** |
@@ -886,26 +886,26 @@ discard block |
||
| 886 | 886 | * @throws Error |
| 887 | 887 | * @throws TypeError |
| 888 | 888 | */ |
| 889 | - public static function crypto_box_publickey_from_secretkey($secretKey) |
|
| 889 | + public static function crypto_box_publickey_from_secretkey( $secretKey ) |
|
| 890 | 890 | { |
| 891 | 891 | /* Type checks: */ |
| 892 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 892 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 1 ); |
|
| 893 | 893 | |
| 894 | 894 | /* Input validation: */ |
| 895 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 896 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 895 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_BOX_SECRETKEYBYTES ) { |
|
| 896 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.' ); |
|
| 897 | 897 | } |
| 898 | 898 | |
| 899 | - if (self::isPhp72OrGreater()) { |
|
| 900 | - return sodium_crypto_box_publickey_from_secretkey($secretKey); |
|
| 899 | + if ( self::isPhp72OrGreater() ) { |
|
| 900 | + return sodium_crypto_box_publickey_from_secretkey( $secretKey ); |
|
| 901 | 901 | } |
| 902 | - if (self::use_fallback('crypto_box_publickey_from_secretkey')) { |
|
| 903 | - return call_user_func('\\Sodium\\crypto_box_publickey_from_secretkey', $secretKey); |
|
| 902 | + if ( self::use_fallback( 'crypto_box_publickey_from_secretkey' ) ) { |
|
| 903 | + return call_user_func( '\\Sodium\\crypto_box_publickey_from_secretkey', $secretKey ); |
|
| 904 | 904 | } |
| 905 | - if (PHP_INT_SIZE === 4) { |
|
| 906 | - return ParagonIE_Sodium_Crypto32::box_publickey_from_secretkey($secretKey); |
|
| 905 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 906 | + return ParagonIE_Sodium_Crypto32::box_publickey_from_secretkey( $secretKey ); |
|
| 907 | 907 | } |
| 908 | - return ParagonIE_Sodium_Crypto::box_publickey_from_secretkey($secretKey); |
|
| 908 | + return ParagonIE_Sodium_Crypto::box_publickey_from_secretkey( $secretKey ); |
|
| 909 | 909 | } |
| 910 | 910 | |
| 911 | 911 | /** |
@@ -916,26 +916,26 @@ discard block |
||
| 916 | 916 | * @throws Error |
| 917 | 917 | * @throws TypeError |
| 918 | 918 | */ |
| 919 | - public static function crypto_box_secretkey($keypair) |
|
| 919 | + public static function crypto_box_secretkey( $keypair ) |
|
| 920 | 920 | { |
| 921 | 921 | /* Type checks: */ |
| 922 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 922 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 1 ); |
|
| 923 | 923 | |
| 924 | 924 | /* Input validation: */ |
| 925 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_BOX_KEYPAIRBYTES) { |
|
| 926 | - throw new Error('Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.'); |
|
| 925 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_BOX_KEYPAIRBYTES ) { |
|
| 926 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_KEYPAIRBYTES long.' ); |
|
| 927 | 927 | } |
| 928 | 928 | |
| 929 | - if (self::isPhp72OrGreater()) { |
|
| 930 | - return sodium_crypto_box_secretkey($keypair); |
|
| 929 | + if ( self::isPhp72OrGreater() ) { |
|
| 930 | + return sodium_crypto_box_secretkey( $keypair ); |
|
| 931 | 931 | } |
| 932 | - if (self::use_fallback('crypto_box_secretkey')) { |
|
| 933 | - return call_user_func('\\Sodium\\crypto_box_secretkey', $keypair); |
|
| 932 | + if ( self::use_fallback( 'crypto_box_secretkey' ) ) { |
|
| 933 | + return call_user_func( '\\Sodium\\crypto_box_secretkey', $keypair ); |
|
| 934 | 934 | } |
| 935 | - if (PHP_INT_SIZE === 4) { |
|
| 936 | - return ParagonIE_Sodium_Crypto32::box_secretkey($keypair); |
|
| 935 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 936 | + return ParagonIE_Sodium_Crypto32::box_secretkey( $keypair ); |
|
| 937 | 937 | } |
| 938 | - return ParagonIE_Sodium_Crypto::box_secretkey($keypair); |
|
| 938 | + return ParagonIE_Sodium_Crypto::box_secretkey( $keypair ); |
|
| 939 | 939 | } |
| 940 | 940 | |
| 941 | 941 | /** |
@@ -944,18 +944,18 @@ discard block |
||
| 944 | 944 | * @param string $seed |
| 945 | 945 | * @return string |
| 946 | 946 | */ |
| 947 | - public static function crypto_box_seed_keypair($seed) |
|
| 947 | + public static function crypto_box_seed_keypair( $seed ) |
|
| 948 | 948 | { |
| 949 | 949 | /* Type checks: */ |
| 950 | - ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
|
| 950 | + ParagonIE_Sodium_Core_Util::declareScalarType( $seed, 'string', 1 ); |
|
| 951 | 951 | |
| 952 | - if (self::isPhp72OrGreater()) { |
|
| 953 | - return sodium_crypto_box_seed_keypair($seed); |
|
| 952 | + if ( self::isPhp72OrGreater() ) { |
|
| 953 | + return sodium_crypto_box_seed_keypair( $seed ); |
|
| 954 | 954 | } |
| 955 | - if (self::use_fallback('crypto_box_seed_keypair')) { |
|
| 956 | - return call_user_func('\\Sodium\\crypto_box_seed_keypair', $seed); |
|
| 955 | + if ( self::use_fallback( 'crypto_box_seed_keypair' ) ) { |
|
| 956 | + return call_user_func( '\\Sodium\\crypto_box_seed_keypair', $seed ); |
|
| 957 | 957 | } |
| 958 | - return ParagonIE_Sodium_Crypto::box_seed_keypair($seed); |
|
| 958 | + return ParagonIE_Sodium_Crypto::box_seed_keypair( $seed ); |
|
| 959 | 959 | } |
| 960 | 960 | |
| 961 | 961 | /** |
@@ -970,36 +970,36 @@ discard block |
||
| 970 | 970 | * @throws Error |
| 971 | 971 | * @throws TypeError |
| 972 | 972 | */ |
| 973 | - public static function crypto_generichash($message, $key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 973 | + public static function crypto_generichash( $message, $key = '', $length = self::CRYPTO_GENERICHASH_BYTES ) |
|
| 974 | 974 | { |
| 975 | 975 | /* Type checks: */ |
| 976 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 977 | - if (is_null($key)) { |
|
| 976 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 1 ); |
|
| 977 | + if ( is_null( $key ) ) { |
|
| 978 | 978 | $key = ''; |
| 979 | 979 | } |
| 980 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 981 | - ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 3); |
|
| 980 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 2 ); |
|
| 981 | + ParagonIE_Sodium_Core_Util::declareScalarType( $length, 'int', 3 ); |
|
| 982 | 982 | |
| 983 | 983 | /* Input validation: */ |
| 984 | - if (!empty($key)) { |
|
| 985 | - if (ParagonIE_Sodium_Core_Util::strlen($key) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN) { |
|
| 986 | - throw new Error('Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.'); |
|
| 984 | + if ( ! empty( $key ) ) { |
|
| 985 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN ) { |
|
| 986 | + throw new Error( 'Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.' ); |
|
| 987 | 987 | } |
| 988 | - if (ParagonIE_Sodium_Core_Util::strlen($key) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { |
|
| 989 | - throw new Error('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); |
|
| 988 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX ) { |
|
| 989 | + throw new Error( 'Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.' ); |
|
| 990 | 990 | } |
| 991 | 991 | } |
| 992 | 992 | |
| 993 | - if (self::isPhp72OrGreater()) { |
|
| 994 | - return sodium_crypto_generichash($message, $key, $length); |
|
| 993 | + if ( self::isPhp72OrGreater() ) { |
|
| 994 | + return sodium_crypto_generichash( $message, $key, $length ); |
|
| 995 | 995 | } |
| 996 | - if (self::use_fallback('crypto_generichash')) { |
|
| 997 | - return call_user_func('\\Sodium\\crypto_generichash', $message, $key, $length); |
|
| 996 | + if ( self::use_fallback( 'crypto_generichash' ) ) { |
|
| 997 | + return call_user_func( '\\Sodium\\crypto_generichash', $message, $key, $length ); |
|
| 998 | 998 | } |
| 999 | - if (PHP_INT_SIZE === 4) { |
|
| 1000 | - return ParagonIE_Sodium_Crypto32::generichash($message, $key, $length); |
|
| 999 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1000 | + return ParagonIE_Sodium_Crypto32::generichash( $message, $key, $length ); |
|
| 1001 | 1001 | } |
| 1002 | - return ParagonIE_Sodium_Crypto::generichash($message, $key, $length); |
|
| 1002 | + return ParagonIE_Sodium_Crypto::generichash( $message, $key, $length ); |
|
| 1003 | 1003 | } |
| 1004 | 1004 | |
| 1005 | 1005 | /** |
@@ -1011,28 +1011,28 @@ discard block |
||
| 1011 | 1011 | * @throws Error |
| 1012 | 1012 | * @throws TypeError |
| 1013 | 1013 | */ |
| 1014 | - public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1014 | + public static function crypto_generichash_final( &$ctx, $length = self::CRYPTO_GENERICHASH_BYTES ) |
|
| 1015 | 1015 | { |
| 1016 | 1016 | /* Type checks: */ |
| 1017 | - ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
|
| 1018 | - ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
|
| 1017 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ctx, 'string', 1 ); |
|
| 1018 | + ParagonIE_Sodium_Core_Util::declareScalarType( $length, 'int', 2 ); |
|
| 1019 | 1019 | |
| 1020 | - if (self::isPhp72OrGreater()) { |
|
| 1021 | - return sodium_crypto_generichash_final($ctx, $length); |
|
| 1020 | + if ( self::isPhp72OrGreater() ) { |
|
| 1021 | + return sodium_crypto_generichash_final( $ctx, $length ); |
|
| 1022 | 1022 | } |
| 1023 | - if (self::use_fallback('crypto_generichash_final')) { |
|
| 1023 | + if ( self::use_fallback( 'crypto_generichash_final' ) ) { |
|
| 1024 | 1024 | $func = '\\Sodium\\crypto_generichash_final'; |
| 1025 | - return $func($ctx, $length); |
|
| 1025 | + return $func( $ctx, $length ); |
|
| 1026 | 1026 | } |
| 1027 | - if (PHP_INT_SIZE === 4) { |
|
| 1028 | - $result = ParagonIE_Sodium_Crypto32::generichash_final($ctx, $length); |
|
| 1027 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1028 | + $result = ParagonIE_Sodium_Crypto32::generichash_final( $ctx, $length ); |
|
| 1029 | 1029 | } else { |
| 1030 | - $result = ParagonIE_Sodium_Crypto::generichash_final($ctx, $length); |
|
| 1030 | + $result = ParagonIE_Sodium_Crypto::generichash_final( $ctx, $length ); |
|
| 1031 | 1031 | } |
| 1032 | 1032 | try { |
| 1033 | - self::memzero($ctx); |
|
| 1034 | - } catch (Error $ex) { |
|
| 1035 | - unset($ctx); |
|
| 1033 | + self::memzero( $ctx ); |
|
| 1034 | + } catch ( Error $ex ) { |
|
| 1035 | + unset( $ctx ); |
|
| 1036 | 1036 | } |
| 1037 | 1037 | return $result; |
| 1038 | 1038 | } |
@@ -1047,35 +1047,35 @@ discard block |
||
| 1047 | 1047 | * @throws Error |
| 1048 | 1048 | * @throws TypeError |
| 1049 | 1049 | */ |
| 1050 | - public static function crypto_generichash_init($key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1050 | + public static function crypto_generichash_init( $key = '', $length = self::CRYPTO_GENERICHASH_BYTES ) |
|
| 1051 | 1051 | { |
| 1052 | 1052 | /* Type checks: */ |
| 1053 | - if (is_null($key)) { |
|
| 1053 | + if ( is_null( $key ) ) { |
|
| 1054 | 1054 | $key = ''; |
| 1055 | 1055 | } |
| 1056 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 1); |
|
| 1057 | - ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
|
| 1056 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 1 ); |
|
| 1057 | + ParagonIE_Sodium_Core_Util::declareScalarType( $length, 'int', 2 ); |
|
| 1058 | 1058 | |
| 1059 | 1059 | /* Input validation: */ |
| 1060 | - if (!empty($key)) { |
|
| 1061 | - if (ParagonIE_Sodium_Core_Util::strlen($key) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN) { |
|
| 1062 | - throw new Error('Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.'); |
|
| 1060 | + if ( ! empty( $key ) ) { |
|
| 1061 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) < self::CRYPTO_GENERICHASH_KEYBYTES_MIN ) { |
|
| 1062 | + throw new Error( 'Unsupported key size. Must be at least CRYPTO_GENERICHASH_KEYBYTES_MIN bytes long.' ); |
|
| 1063 | 1063 | } |
| 1064 | - if (ParagonIE_Sodium_Core_Util::strlen($key) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX) { |
|
| 1065 | - throw new Error('Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.'); |
|
| 1064 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) > self::CRYPTO_GENERICHASH_KEYBYTES_MAX ) { |
|
| 1065 | + throw new Error( 'Unsupported key size. Must be at most CRYPTO_GENERICHASH_KEYBYTES_MAX bytes long.' ); |
|
| 1066 | 1066 | } |
| 1067 | 1067 | } |
| 1068 | 1068 | |
| 1069 | - if (self::isPhp72OrGreater()) { |
|
| 1070 | - return sodium_crypto_generichash_init($key, $length); |
|
| 1069 | + if ( self::isPhp72OrGreater() ) { |
|
| 1070 | + return sodium_crypto_generichash_init( $key, $length ); |
|
| 1071 | 1071 | } |
| 1072 | - if (self::use_fallback('crypto_generichash_init')) { |
|
| 1073 | - return call_user_func('\\Sodium\\crypto_generichash_init', $key, $length); |
|
| 1072 | + if ( self::use_fallback( 'crypto_generichash_init' ) ) { |
|
| 1073 | + return call_user_func( '\\Sodium\\crypto_generichash_init', $key, $length ); |
|
| 1074 | 1074 | } |
| 1075 | - if (PHP_INT_SIZE === 4) { |
|
| 1076 | - return ParagonIE_Sodium_Crypto32::generichash_init($key, $length); |
|
| 1075 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1076 | + return ParagonIE_Sodium_Crypto32::generichash_init( $key, $length ); |
|
| 1077 | 1077 | } |
| 1078 | - return ParagonIE_Sodium_Crypto::generichash_init($key, $length); |
|
| 1078 | + return ParagonIE_Sodium_Crypto::generichash_init( $key, $length ); |
|
| 1079 | 1079 | } |
| 1080 | 1080 | |
| 1081 | 1081 | /** |
@@ -1087,25 +1087,25 @@ discard block |
||
| 1087 | 1087 | * @return void |
| 1088 | 1088 | * @throws TypeError |
| 1089 | 1089 | */ |
| 1090 | - public static function crypto_generichash_update(&$ctx, $message) |
|
| 1090 | + public static function crypto_generichash_update( &$ctx, $message ) |
|
| 1091 | 1091 | { |
| 1092 | 1092 | /* Type checks: */ |
| 1093 | - ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
|
| 1094 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 1093 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ctx, 'string', 1 ); |
|
| 1094 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 2 ); |
|
| 1095 | 1095 | |
| 1096 | - if (self::isPhp72OrGreater()) { |
|
| 1097 | - sodium_crypto_generichash_update($ctx, $message); |
|
| 1096 | + if ( self::isPhp72OrGreater() ) { |
|
| 1097 | + sodium_crypto_generichash_update( $ctx, $message ); |
|
| 1098 | 1098 | return; |
| 1099 | 1099 | } |
| 1100 | - if (self::use_fallback('crypto_generichash_update')) { |
|
| 1100 | + if ( self::use_fallback( 'crypto_generichash_update' ) ) { |
|
| 1101 | 1101 | $func = '\\Sodium\\crypto_generichash_update'; |
| 1102 | - $func($ctx, $message); |
|
| 1102 | + $func( $ctx, $message ); |
|
| 1103 | 1103 | return; |
| 1104 | 1104 | } |
| 1105 | - if (PHP_INT_SIZE === 4) { |
|
| 1106 | - $ctx = ParagonIE_Sodium_Crypto32::generichash_update($ctx, $message); |
|
| 1105 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1106 | + $ctx = ParagonIE_Sodium_Crypto32::generichash_update( $ctx, $message ); |
|
| 1107 | 1107 | } else { |
| 1108 | - $ctx = ParagonIE_Sodium_Crypto::generichash_update($ctx, $message); |
|
| 1108 | + $ctx = ParagonIE_Sodium_Crypto::generichash_update( $ctx, $message ); |
|
| 1109 | 1109 | } |
| 1110 | 1110 | } |
| 1111 | 1111 | |
@@ -1137,30 +1137,30 @@ discard block |
||
| 1137 | 1137 | * @throws Error |
| 1138 | 1138 | * @throws TypeError |
| 1139 | 1139 | */ |
| 1140 | - public static function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 1140 | + public static function crypto_kx( $my_secret, $their_public, $client_public, $server_public ) |
|
| 1141 | 1141 | { |
| 1142 | 1142 | /* Type checks: */ |
| 1143 | - ParagonIE_Sodium_Core_Util::declareScalarType($my_secret, 'string', 1); |
|
| 1144 | - ParagonIE_Sodium_Core_Util::declareScalarType($their_public, 'string', 2); |
|
| 1145 | - ParagonIE_Sodium_Core_Util::declareScalarType($client_public, 'string', 3); |
|
| 1146 | - ParagonIE_Sodium_Core_Util::declareScalarType($server_public, 'string', 4); |
|
| 1143 | + ParagonIE_Sodium_Core_Util::declareScalarType( $my_secret, 'string', 1 ); |
|
| 1144 | + ParagonIE_Sodium_Core_Util::declareScalarType( $their_public, 'string', 2 ); |
|
| 1145 | + ParagonIE_Sodium_Core_Util::declareScalarType( $client_public, 'string', 3 ); |
|
| 1146 | + ParagonIE_Sodium_Core_Util::declareScalarType( $server_public, 'string', 4 ); |
|
| 1147 | 1147 | |
| 1148 | 1148 | /* Input validation: */ |
| 1149 | - if (ParagonIE_Sodium_Core_Util::strlen($my_secret) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1150 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1149 | + if ( ParagonIE_Sodium_Core_Util::strlen( $my_secret ) !== self::CRYPTO_BOX_SECRETKEYBYTES ) { |
|
| 1150 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.' ); |
|
| 1151 | 1151 | } |
| 1152 | - if (ParagonIE_Sodium_Core_Util::strlen($their_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1153 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1152 | + if ( ParagonIE_Sodium_Core_Util::strlen( $their_public ) !== self::CRYPTO_BOX_PUBLICKEYBYTES ) { |
|
| 1153 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.' ); |
|
| 1154 | 1154 | } |
| 1155 | - if (ParagonIE_Sodium_Core_Util::strlen($client_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1156 | - throw new Error('Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1155 | + if ( ParagonIE_Sodium_Core_Util::strlen( $client_public ) !== self::CRYPTO_BOX_PUBLICKEYBYTES ) { |
|
| 1156 | + throw new Error( 'Argument 3 must be CRYPTO_BOX_PUBLICKEYBYTES long.' ); |
|
| 1157 | 1157 | } |
| 1158 | - if (ParagonIE_Sodium_Core_Util::strlen($server_public) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1159 | - throw new Error('Argument 4 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1158 | + if ( ParagonIE_Sodium_Core_Util::strlen( $server_public ) !== self::CRYPTO_BOX_PUBLICKEYBYTES ) { |
|
| 1159 | + throw new Error( 'Argument 4 must be CRYPTO_BOX_PUBLICKEYBYTES long.' ); |
|
| 1160 | 1160 | } |
| 1161 | 1161 | |
| 1162 | - if (self::isPhp72OrGreater()) { |
|
| 1163 | - if (is_callable('sodium_crypto_kx')) { |
|
| 1162 | + if ( self::isPhp72OrGreater() ) { |
|
| 1163 | + if ( is_callable( 'sodium_crypto_kx' ) ) { |
|
| 1164 | 1164 | return sodium_crypto_kx( |
| 1165 | 1165 | $my_secret, |
| 1166 | 1166 | $their_public, |
@@ -1169,7 +1169,7 @@ discard block |
||
| 1169 | 1169 | ); |
| 1170 | 1170 | } |
| 1171 | 1171 | } |
| 1172 | - if (self::use_fallback('crypto_kx')) { |
|
| 1172 | + if ( self::use_fallback( 'crypto_kx' ) ) { |
|
| 1173 | 1173 | return call_user_func( |
| 1174 | 1174 | '\\Sodium\\crypto_kx', |
| 1175 | 1175 | $my_secret, |
@@ -1178,7 +1178,7 @@ discard block |
||
| 1178 | 1178 | $server_public |
| 1179 | 1179 | ); |
| 1180 | 1180 | } |
| 1181 | - if (PHP_INT_SIZE === 4) { |
|
| 1181 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1182 | 1182 | return ParagonIE_Sodium_Crypto32::keyExchange( |
| 1183 | 1183 | $my_secret, |
| 1184 | 1184 | $their_public, |
@@ -1203,19 +1203,19 @@ discard block |
||
| 1203 | 1203 | * @return string |
| 1204 | 1204 | * @throws Error |
| 1205 | 1205 | */ |
| 1206 | - public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1206 | + public static function crypto_pwhash( $outlen, $passwd, $salt, $opslimit, $memlimit ) |
|
| 1207 | 1207 | { |
| 1208 | - ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
|
| 1209 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
|
| 1210 | - ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
|
| 1211 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); |
|
| 1212 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); |
|
| 1208 | + ParagonIE_Sodium_Core_Util::declareScalarType( $outlen, 'int', 1 ); |
|
| 1209 | + ParagonIE_Sodium_Core_Util::declareScalarType( $passwd, 'string', 2 ); |
|
| 1210 | + ParagonIE_Sodium_Core_Util::declareScalarType( $salt, 'string', 3 ); |
|
| 1211 | + ParagonIE_Sodium_Core_Util::declareScalarType( $opslimit, 'int', 4 ); |
|
| 1212 | + ParagonIE_Sodium_Core_Util::declareScalarType( $memlimit, 'int', 5 ); |
|
| 1213 | 1213 | |
| 1214 | - if (self::isPhp72OrGreater()) { |
|
| 1215 | - return sodium_crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1214 | + if ( self::isPhp72OrGreater() ) { |
|
| 1215 | + return sodium_crypto_pwhash( $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 1216 | 1216 | } |
| 1217 | - if (self::use_fallback('crypto_pwhash')) { |
|
| 1218 | - return call_user_func('\\Sodium\\crypto_pwhash', $outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1217 | + if ( self::use_fallback( 'crypto_pwhash' ) ) { |
|
| 1218 | + return call_user_func( '\\Sodium\\crypto_pwhash', $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 1219 | 1219 | } |
| 1220 | 1220 | // This is the best we can do. |
| 1221 | 1221 | throw new Error( |
@@ -1230,17 +1230,17 @@ discard block |
||
| 1230 | 1230 | * @return string |
| 1231 | 1231 | * @throws Error |
| 1232 | 1232 | */ |
| 1233 | - public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 1233 | + public static function crypto_pwhash_str( $passwd, $opslimit, $memlimit ) |
|
| 1234 | 1234 | { |
| 1235 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1236 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
|
| 1237 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
|
| 1235 | + ParagonIE_Sodium_Core_Util::declareScalarType( $passwd, 'string', 1 ); |
|
| 1236 | + ParagonIE_Sodium_Core_Util::declareScalarType( $opslimit, 'int', 2 ); |
|
| 1237 | + ParagonIE_Sodium_Core_Util::declareScalarType( $memlimit, 'int', 3 ); |
|
| 1238 | 1238 | |
| 1239 | - if (self::isPhp72OrGreater()) { |
|
| 1240 | - return sodium_crypto_pwhash_str($passwd, $opslimit, $memlimit); |
|
| 1239 | + if ( self::isPhp72OrGreater() ) { |
|
| 1240 | + return sodium_crypto_pwhash_str( $passwd, $opslimit, $memlimit ); |
|
| 1241 | 1241 | } |
| 1242 | - if (self::use_fallback('crypto_pwhash_str')) { |
|
| 1243 | - return call_user_func('\\Sodium\\crypto_pwhash_str', $passwd, $opslimit, $memlimit); |
|
| 1242 | + if ( self::use_fallback( 'crypto_pwhash_str' ) ) { |
|
| 1243 | + return call_user_func( '\\Sodium\\crypto_pwhash_str', $passwd, $opslimit, $memlimit ); |
|
| 1244 | 1244 | } |
| 1245 | 1245 | // This is the best we can do. |
| 1246 | 1246 | throw new Error( |
@@ -1254,16 +1254,16 @@ discard block |
||
| 1254 | 1254 | * @return bool |
| 1255 | 1255 | * @throws Error |
| 1256 | 1256 | */ |
| 1257 | - public static function crypto_pwhash_str_verify($passwd, $hash) |
|
| 1257 | + public static function crypto_pwhash_str_verify( $passwd, $hash ) |
|
| 1258 | 1258 | { |
| 1259 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1260 | - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
|
| 1259 | + ParagonIE_Sodium_Core_Util::declareScalarType( $passwd, 'string', 1 ); |
|
| 1260 | + ParagonIE_Sodium_Core_Util::declareScalarType( $hash, 'string', 2 ); |
|
| 1261 | 1261 | |
| 1262 | - if (self::isPhp72OrGreater()) { |
|
| 1263 | - return sodium_crypto_pwhash_str_verify($passwd, $hash); |
|
| 1262 | + if ( self::isPhp72OrGreater() ) { |
|
| 1263 | + return sodium_crypto_pwhash_str_verify( $passwd, $hash ); |
|
| 1264 | 1264 | } |
| 1265 | - if (self::use_fallback('crypto_pwhash_str_verify')) { |
|
| 1266 | - return call_user_func('\\Sodium\\crypto_pwhash_str_verify', $passwd, $hash); |
|
| 1265 | + if ( self::use_fallback( 'crypto_pwhash_str_verify' ) ) { |
|
| 1266 | + return call_user_func( '\\Sodium\\crypto_pwhash_str_verify', $passwd, $hash ); |
|
| 1267 | 1267 | } |
| 1268 | 1268 | // This is the best we can do. |
| 1269 | 1269 | throw new Error( |
@@ -1280,19 +1280,19 @@ discard block |
||
| 1280 | 1280 | * @return string |
| 1281 | 1281 | * @throws Error |
| 1282 | 1282 | */ |
| 1283 | - public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1283 | + public static function crypto_pwhash_scryptsalsa208sha256( $outlen, $passwd, $salt, $opslimit, $memlimit ) |
|
| 1284 | 1284 | { |
| 1285 | - ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
|
| 1286 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
|
| 1287 | - ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
|
| 1288 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 4); |
|
| 1289 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 5); |
|
| 1285 | + ParagonIE_Sodium_Core_Util::declareScalarType( $outlen, 'int', 1 ); |
|
| 1286 | + ParagonIE_Sodium_Core_Util::declareScalarType( $passwd, 'string', 2 ); |
|
| 1287 | + ParagonIE_Sodium_Core_Util::declareScalarType( $salt, 'string', 3 ); |
|
| 1288 | + ParagonIE_Sodium_Core_Util::declareScalarType( $opslimit, 'int', 4 ); |
|
| 1289 | + ParagonIE_Sodium_Core_Util::declareScalarType( $memlimit, 'int', 5 ); |
|
| 1290 | 1290 | |
| 1291 | - if (self::isPhp72OrGreater()) { |
|
| 1292 | - return sodium_crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1291 | + if ( self::isPhp72OrGreater() ) { |
|
| 1292 | + return sodium_crypto_pwhash_scryptsalsa208sha256( $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 1293 | 1293 | } |
| 1294 | - if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256')) { |
|
| 1295 | - return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256', $outlen, $passwd, $salt, $opslimit, $memlimit); |
|
| 1294 | + if ( self::use_fallback( 'crypto_pwhash_scryptsalsa208sha256' ) ) { |
|
| 1295 | + return call_user_func( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256', $outlen, $passwd, $salt, $opslimit, $memlimit ); |
|
| 1296 | 1296 | } |
| 1297 | 1297 | // This is the best we can do. |
| 1298 | 1298 | throw new Error( |
@@ -1307,17 +1307,17 @@ discard block |
||
| 1307 | 1307 | * @return string |
| 1308 | 1308 | * @throws Error |
| 1309 | 1309 | */ |
| 1310 | - public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 1310 | + public static function crypto_pwhash_scryptsalsa208sha256_str( $passwd, $opslimit, $memlimit ) |
|
| 1311 | 1311 | { |
| 1312 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1313 | - ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
|
| 1314 | - ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
|
| 1312 | + ParagonIE_Sodium_Core_Util::declareScalarType( $passwd, 'string', 1 ); |
|
| 1313 | + ParagonIE_Sodium_Core_Util::declareScalarType( $opslimit, 'int', 2 ); |
|
| 1314 | + ParagonIE_Sodium_Core_Util::declareScalarType( $memlimit, 'int', 3 ); |
|
| 1315 | 1315 | |
| 1316 | - if (self::isPhp72OrGreater()) { |
|
| 1317 | - return sodium_crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit); |
|
| 1316 | + if ( self::isPhp72OrGreater() ) { |
|
| 1317 | + return sodium_crypto_pwhash_scryptsalsa208sha256_str( $passwd, $opslimit, $memlimit ); |
|
| 1318 | 1318 | } |
| 1319 | - if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str')) { |
|
| 1320 | - return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str', $passwd, $opslimit, $memlimit); |
|
| 1319 | + if ( self::use_fallback( 'crypto_pwhash_scryptsalsa208sha256_str' ) ) { |
|
| 1320 | + return call_user_func( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str', $passwd, $opslimit, $memlimit ); |
|
| 1321 | 1321 | } |
| 1322 | 1322 | // This is the best we can do. |
| 1323 | 1323 | throw new Error( |
@@ -1331,16 +1331,16 @@ discard block |
||
| 1331 | 1331 | * @return bool |
| 1332 | 1332 | * @throws Error |
| 1333 | 1333 | */ |
| 1334 | - public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 1334 | + public static function crypto_pwhash_scryptsalsa208sha256_str_verify( $passwd, $hash ) |
|
| 1335 | 1335 | { |
| 1336 | - ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
|
| 1337 | - ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
|
| 1336 | + ParagonIE_Sodium_Core_Util::declareScalarType( $passwd, 'string', 1 ); |
|
| 1337 | + ParagonIE_Sodium_Core_Util::declareScalarType( $hash, 'string', 2 ); |
|
| 1338 | 1338 | |
| 1339 | - if (self::isPhp72OrGreater()) { |
|
| 1340 | - return sodium_crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash); |
|
| 1339 | + if ( self::isPhp72OrGreater() ) { |
|
| 1340 | + return sodium_crypto_pwhash_scryptsalsa208sha256_str_verify( $passwd, $hash ); |
|
| 1341 | 1341 | } |
| 1342 | - if (self::use_fallback('crypto_pwhash_scryptsalsa208sha256_str_verify')) { |
|
| 1343 | - return call_user_func('\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify', $passwd, $hash); |
|
| 1342 | + if ( self::use_fallback( 'crypto_pwhash_scryptsalsa208sha256_str_verify' ) ) { |
|
| 1343 | + return call_user_func( '\\Sodium\\crypto_pwhash_scryptsalsa208sha256_str_verify', $passwd, $hash ); |
|
| 1344 | 1344 | } |
| 1345 | 1345 | // This is the best we can do. |
| 1346 | 1346 | throw new Error( |
@@ -1360,38 +1360,38 @@ discard block |
||
| 1360 | 1360 | * @throws Error |
| 1361 | 1361 | * @throws TypeError |
| 1362 | 1362 | */ |
| 1363 | - public static function crypto_scalarmult($secretKey, $publicKey) |
|
| 1363 | + public static function crypto_scalarmult( $secretKey, $publicKey ) |
|
| 1364 | 1364 | { |
| 1365 | 1365 | /* Type checks: */ |
| 1366 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1367 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 1366 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 1 ); |
|
| 1367 | + ParagonIE_Sodium_Core_Util::declareScalarType( $publicKey, 'string', 2 ); |
|
| 1368 | 1368 | |
| 1369 | 1369 | /* Input validation: */ |
| 1370 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1371 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1370 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_BOX_SECRETKEYBYTES ) { |
|
| 1371 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.' ); |
|
| 1372 | 1372 | } |
| 1373 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_BOX_PUBLICKEYBYTES) { |
|
| 1374 | - throw new Error('Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.'); |
|
| 1373 | + if ( ParagonIE_Sodium_Core_Util::strlen( $publicKey ) !== self::CRYPTO_BOX_PUBLICKEYBYTES ) { |
|
| 1374 | + throw new Error( 'Argument 2 must be CRYPTO_BOX_PUBLICKEYBYTES long.' ); |
|
| 1375 | 1375 | } |
| 1376 | 1376 | |
| 1377 | - if (self::isPhp72OrGreater()) { |
|
| 1378 | - return sodium_crypto_scalarmult($secretKey, $publicKey); |
|
| 1377 | + if ( self::isPhp72OrGreater() ) { |
|
| 1378 | + return sodium_crypto_scalarmult( $secretKey, $publicKey ); |
|
| 1379 | 1379 | } |
| 1380 | - if (self::use_fallback('crypto_scalarmult')) { |
|
| 1381 | - return call_user_func('\\Sodium\\crypto_scalarmult', $secretKey, $publicKey); |
|
| 1380 | + if ( self::use_fallback( 'crypto_scalarmult' ) ) { |
|
| 1381 | + return call_user_func( '\\Sodium\\crypto_scalarmult', $secretKey, $publicKey ); |
|
| 1382 | 1382 | } |
| 1383 | 1383 | |
| 1384 | 1384 | /* Output validation: Forbid all-zero keys */ |
| 1385 | - if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { |
|
| 1386 | - throw new Error('Zero secret key is not allowed'); |
|
| 1385 | + if ( ParagonIE_Sodium_Core_Util::hashEquals( $secretKey, str_repeat( "\0", self::CRYPTO_BOX_SECRETKEYBYTES ) ) ) { |
|
| 1386 | + throw new Error( 'Zero secret key is not allowed' ); |
|
| 1387 | 1387 | } |
| 1388 | - if (ParagonIE_Sodium_Core_Util::hashEquals($publicKey, str_repeat("\0", self::CRYPTO_BOX_PUBLICKEYBYTES))) { |
|
| 1389 | - throw new Error('Zero public key is not allowed'); |
|
| 1388 | + if ( ParagonIE_Sodium_Core_Util::hashEquals( $publicKey, str_repeat( "\0", self::CRYPTO_BOX_PUBLICKEYBYTES ) ) ) { |
|
| 1389 | + throw new Error( 'Zero public key is not allowed' ); |
|
| 1390 | 1390 | } |
| 1391 | - if (PHP_INT_SIZE === 4) { |
|
| 1392 | - return ParagonIE_Sodium_Crypto32::scalarmult($secretKey, $publicKey); |
|
| 1391 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1392 | + return ParagonIE_Sodium_Crypto32::scalarmult( $secretKey, $publicKey ); |
|
| 1393 | 1393 | } |
| 1394 | - return ParagonIE_Sodium_Crypto::scalarmult($secretKey, $publicKey); |
|
| 1394 | + return ParagonIE_Sodium_Crypto::scalarmult( $secretKey, $publicKey ); |
|
| 1395 | 1395 | } |
| 1396 | 1396 | |
| 1397 | 1397 | /** |
@@ -1402,29 +1402,29 @@ discard block |
||
| 1402 | 1402 | * @throws Error |
| 1403 | 1403 | * @throws TypeError |
| 1404 | 1404 | */ |
| 1405 | - public static function crypto_scalarmult_base($secretKey) |
|
| 1405 | + public static function crypto_scalarmult_base( $secretKey ) |
|
| 1406 | 1406 | { |
| 1407 | 1407 | /* Type checks: */ |
| 1408 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1408 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 1 ); |
|
| 1409 | 1409 | |
| 1410 | 1410 | /* Input validation: */ |
| 1411 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_BOX_SECRETKEYBYTES) { |
|
| 1412 | - throw new Error('Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.'); |
|
| 1411 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_BOX_SECRETKEYBYTES ) { |
|
| 1412 | + throw new Error( 'Argument 1 must be CRYPTO_BOX_SECRETKEYBYTES long.' ); |
|
| 1413 | 1413 | } |
| 1414 | 1414 | |
| 1415 | - if (self::isPhp72OrGreater()) { |
|
| 1416 | - return sodium_crypto_scalarmult_base($secretKey); |
|
| 1415 | + if ( self::isPhp72OrGreater() ) { |
|
| 1416 | + return sodium_crypto_scalarmult_base( $secretKey ); |
|
| 1417 | 1417 | } |
| 1418 | - if (self::use_fallback('crypto_scalarmult_base')) { |
|
| 1419 | - return call_user_func('\\Sodium\\crypto_scalarmult_base', $secretKey); |
|
| 1418 | + if ( self::use_fallback( 'crypto_scalarmult_base' ) ) { |
|
| 1419 | + return call_user_func( '\\Sodium\\crypto_scalarmult_base', $secretKey ); |
|
| 1420 | 1420 | } |
| 1421 | - if (ParagonIE_Sodium_Core_Util::hashEquals($secretKey, str_repeat("\0", self::CRYPTO_BOX_SECRETKEYBYTES))) { |
|
| 1422 | - throw new Error('Zero secret key is not allowed'); |
|
| 1421 | + if ( ParagonIE_Sodium_Core_Util::hashEquals( $secretKey, str_repeat( "\0", self::CRYPTO_BOX_SECRETKEYBYTES ) ) ) { |
|
| 1422 | + throw new Error( 'Zero secret key is not allowed' ); |
|
| 1423 | 1423 | } |
| 1424 | - if (PHP_INT_SIZE === 4) { |
|
| 1425 | - return ParagonIE_Sodium_Crypto32::scalarmult_base($secretKey); |
|
| 1424 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1425 | + return ParagonIE_Sodium_Crypto32::scalarmult_base( $secretKey ); |
|
| 1426 | 1426 | } |
| 1427 | - return ParagonIE_Sodium_Crypto::scalarmult_base($secretKey); |
|
| 1427 | + return ParagonIE_Sodium_Crypto::scalarmult_base( $secretKey ); |
|
| 1428 | 1428 | } |
| 1429 | 1429 | |
| 1430 | 1430 | /** |
@@ -1439,31 +1439,31 @@ discard block |
||
| 1439 | 1439 | * @throws Error |
| 1440 | 1440 | * @throws TypeError |
| 1441 | 1441 | */ |
| 1442 | - public static function crypto_secretbox($plaintext, $nonce, $key) |
|
| 1442 | + public static function crypto_secretbox( $plaintext, $nonce, $key ) |
|
| 1443 | 1443 | { |
| 1444 | 1444 | /* Type checks: */ |
| 1445 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 1446 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1447 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1445 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 1446 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 1447 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 1448 | 1448 | |
| 1449 | 1449 | /* Input validation: */ |
| 1450 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1451 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1450 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_SECRETBOX_NONCEBYTES ) { |
|
| 1451 | + throw new Error( 'Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.' ); |
|
| 1452 | 1452 | } |
| 1453 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1454 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1453 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_SECRETBOX_KEYBYTES ) { |
|
| 1454 | + throw new Error( 'Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.' ); |
|
| 1455 | 1455 | } |
| 1456 | 1456 | |
| 1457 | - if (self::isPhp72OrGreater()) { |
|
| 1458 | - return sodium_crypto_secretbox($plaintext, $nonce, $key); |
|
| 1457 | + if ( self::isPhp72OrGreater() ) { |
|
| 1458 | + return sodium_crypto_secretbox( $plaintext, $nonce, $key ); |
|
| 1459 | 1459 | } |
| 1460 | - if (self::use_fallback('crypto_secretbox')) { |
|
| 1461 | - return call_user_func('\\Sodium\\crypto_secretbox', $plaintext, $nonce, $key); |
|
| 1460 | + if ( self::use_fallback( 'crypto_secretbox' ) ) { |
|
| 1461 | + return call_user_func( '\\Sodium\\crypto_secretbox', $plaintext, $nonce, $key ); |
|
| 1462 | 1462 | } |
| 1463 | - if (PHP_INT_SIZE === 4) { |
|
| 1464 | - return ParagonIE_Sodium_Crypto32::secretbox($plaintext, $nonce, $key); |
|
| 1463 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1464 | + return ParagonIE_Sodium_Crypto32::secretbox( $plaintext, $nonce, $key ); |
|
| 1465 | 1465 | } |
| 1466 | - return ParagonIE_Sodium_Crypto::secretbox($plaintext, $nonce, $key); |
|
| 1466 | + return ParagonIE_Sodium_Crypto::secretbox( $plaintext, $nonce, $key ); |
|
| 1467 | 1467 | } |
| 1468 | 1468 | |
| 1469 | 1469 | /** |
@@ -1476,31 +1476,31 @@ discard block |
||
| 1476 | 1476 | * @throws Error |
| 1477 | 1477 | * @throws TypeError |
| 1478 | 1478 | */ |
| 1479 | - public static function crypto_secretbox_open($ciphertext, $nonce, $key) |
|
| 1479 | + public static function crypto_secretbox_open( $ciphertext, $nonce, $key ) |
|
| 1480 | 1480 | { |
| 1481 | 1481 | /* Type checks: */ |
| 1482 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 1483 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1484 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1482 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 1483 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 1484 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 1485 | 1485 | |
| 1486 | 1486 | /* Input validation: */ |
| 1487 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1488 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1487 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_SECRETBOX_NONCEBYTES ) { |
|
| 1488 | + throw new Error( 'Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.' ); |
|
| 1489 | 1489 | } |
| 1490 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1491 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1490 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_SECRETBOX_KEYBYTES ) { |
|
| 1491 | + throw new Error( 'Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.' ); |
|
| 1492 | 1492 | } |
| 1493 | 1493 | |
| 1494 | - if (self::isPhp72OrGreater()) { |
|
| 1495 | - return sodium_crypto_secretbox_open($ciphertext, $nonce, $key); |
|
| 1494 | + if ( self::isPhp72OrGreater() ) { |
|
| 1495 | + return sodium_crypto_secretbox_open( $ciphertext, $nonce, $key ); |
|
| 1496 | 1496 | } |
| 1497 | - if (self::use_fallback('crypto_secretbox_open')) { |
|
| 1498 | - return call_user_func('\\Sodium\\crypto_secretbox_open', $ciphertext, $nonce, $key); |
|
| 1497 | + if ( self::use_fallback( 'crypto_secretbox_open' ) ) { |
|
| 1498 | + return call_user_func( '\\Sodium\\crypto_secretbox_open', $ciphertext, $nonce, $key ); |
|
| 1499 | 1499 | } |
| 1500 | - if (PHP_INT_SIZE === 4) { |
|
| 1501 | - return ParagonIE_Sodium_Crypto32::secretbox_open($ciphertext, $nonce, $key); |
|
| 1500 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1501 | + return ParagonIE_Sodium_Crypto32::secretbox_open( $ciphertext, $nonce, $key ); |
|
| 1502 | 1502 | } |
| 1503 | - return ParagonIE_Sodium_Crypto::secretbox_open($ciphertext, $nonce, $key); |
|
| 1503 | + return ParagonIE_Sodium_Crypto::secretbox_open( $ciphertext, $nonce, $key ); |
|
| 1504 | 1504 | } |
| 1505 | 1505 | |
| 1506 | 1506 | /** |
@@ -1515,24 +1515,24 @@ discard block |
||
| 1515 | 1515 | * @throws Error |
| 1516 | 1516 | * @throws TypeError |
| 1517 | 1517 | */ |
| 1518 | - public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $key) |
|
| 1518 | + public static function crypto_secretbox_xchacha20poly1305( $plaintext, $nonce, $key ) |
|
| 1519 | 1519 | { |
| 1520 | 1520 | /* Type checks: */ |
| 1521 | - ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
|
| 1522 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1523 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1521 | + ParagonIE_Sodium_Core_Util::declareScalarType( $plaintext, 'string', 1 ); |
|
| 1522 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 1523 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 1524 | 1524 | |
| 1525 | 1525 | /* Input validation: */ |
| 1526 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1527 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1526 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_SECRETBOX_NONCEBYTES ) { |
|
| 1527 | + throw new Error( 'Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.' ); |
|
| 1528 | 1528 | } |
| 1529 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1530 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1529 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_SECRETBOX_KEYBYTES ) { |
|
| 1530 | + throw new Error( 'Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.' ); |
|
| 1531 | 1531 | } |
| 1532 | - if (PHP_INT_SIZE === 4) { |
|
| 1533 | - return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305($plaintext, $nonce, $key); |
|
| 1532 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1533 | + return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305( $plaintext, $nonce, $key ); |
|
| 1534 | 1534 | } |
| 1535 | - return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305($plaintext, $nonce, $key); |
|
| 1535 | + return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305( $plaintext, $nonce, $key ); |
|
| 1536 | 1536 | } |
| 1537 | 1537 | /** |
| 1538 | 1538 | * Decrypts a message previously encrypted with crypto_secretbox_xchacha20poly1305(). |
@@ -1544,25 +1544,25 @@ discard block |
||
| 1544 | 1544 | * @throws Error |
| 1545 | 1545 | * @throws TypeError |
| 1546 | 1546 | */ |
| 1547 | - public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) |
|
| 1547 | + public static function crypto_secretbox_xchacha20poly1305_open( $ciphertext, $nonce, $key ) |
|
| 1548 | 1548 | { |
| 1549 | 1549 | /* Type checks: */ |
| 1550 | - ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
|
| 1551 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1552 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1550 | + ParagonIE_Sodium_Core_Util::declareScalarType( $ciphertext, 'string', 1 ); |
|
| 1551 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 1552 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 1553 | 1553 | |
| 1554 | 1554 | /* Input validation: */ |
| 1555 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_SECRETBOX_NONCEBYTES) { |
|
| 1556 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1555 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_SECRETBOX_NONCEBYTES ) { |
|
| 1556 | + throw new Error( 'Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.' ); |
|
| 1557 | 1557 | } |
| 1558 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SECRETBOX_KEYBYTES) { |
|
| 1559 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1558 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_SECRETBOX_KEYBYTES ) { |
|
| 1559 | + throw new Error( 'Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.' ); |
|
| 1560 | 1560 | } |
| 1561 | 1561 | |
| 1562 | - if (PHP_INT_SIZE === 4) { |
|
| 1563 | - return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); |
|
| 1562 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1563 | + return ParagonIE_Sodium_Crypto32::secretbox_xchacha20poly1305_open( $ciphertext, $nonce, $key ); |
|
| 1564 | 1564 | } |
| 1565 | - return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key); |
|
| 1565 | + return ParagonIE_Sodium_Crypto::secretbox_xchacha20poly1305_open( $ciphertext, $nonce, $key ); |
|
| 1566 | 1566 | } |
| 1567 | 1567 | |
| 1568 | 1568 | /** |
@@ -1574,27 +1574,27 @@ discard block |
||
| 1574 | 1574 | * @throws Error |
| 1575 | 1575 | * @throws TypeError |
| 1576 | 1576 | */ |
| 1577 | - public static function crypto_shorthash($message, $key) |
|
| 1577 | + public static function crypto_shorthash( $message, $key ) |
|
| 1578 | 1578 | { |
| 1579 | 1579 | /* Type checks: */ |
| 1580 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1581 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
|
| 1580 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 1 ); |
|
| 1581 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 2 ); |
|
| 1582 | 1582 | |
| 1583 | 1583 | /* Input validation: */ |
| 1584 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_SHORTHASH_KEYBYTES) { |
|
| 1585 | - throw new Error('Argument 2 must be CRYPTO_SHORTHASH_KEYBYTES long.'); |
|
| 1584 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_SHORTHASH_KEYBYTES ) { |
|
| 1585 | + throw new Error( 'Argument 2 must be CRYPTO_SHORTHASH_KEYBYTES long.' ); |
|
| 1586 | 1586 | } |
| 1587 | 1587 | |
| 1588 | - if (self::isPhp72OrGreater()) { |
|
| 1589 | - return sodium_crypto_shorthash($message, $key); |
|
| 1588 | + if ( self::isPhp72OrGreater() ) { |
|
| 1589 | + return sodium_crypto_shorthash( $message, $key ); |
|
| 1590 | 1590 | } |
| 1591 | - if (self::use_fallback('crypto_shorthash')) { |
|
| 1592 | - return call_user_func('\\Sodium\\crypto_shorthash', $message, $key); |
|
| 1591 | + if ( self::use_fallback( 'crypto_shorthash' ) ) { |
|
| 1592 | + return call_user_func( '\\Sodium\\crypto_shorthash', $message, $key ); |
|
| 1593 | 1593 | } |
| 1594 | - if (PHP_INT_SIZE === 4) { |
|
| 1595 | - return ParagonIE_Sodium_Core32_SipHash::sipHash24($message, $key); |
|
| 1594 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1595 | + return ParagonIE_Sodium_Core32_SipHash::sipHash24( $message, $key ); |
|
| 1596 | 1596 | } |
| 1597 | - return ParagonIE_Sodium_Core_SipHash::sipHash24($message, $key); |
|
| 1597 | + return ParagonIE_Sodium_Core_SipHash::sipHash24( $message, $key ); |
|
| 1598 | 1598 | } |
| 1599 | 1599 | |
| 1600 | 1600 | /** |
@@ -1610,31 +1610,31 @@ discard block |
||
| 1610 | 1610 | * @throws Error |
| 1611 | 1611 | * @throws TypeError |
| 1612 | 1612 | */ |
| 1613 | - public static function crypto_stream($len, $nonce, $key) |
|
| 1613 | + public static function crypto_stream( $len, $nonce, $key ) |
|
| 1614 | 1614 | { |
| 1615 | 1615 | /* Type checks: */ |
| 1616 | - ParagonIE_Sodium_Core_Util::declareScalarType($len, 'int', 1); |
|
| 1617 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1618 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1616 | + ParagonIE_Sodium_Core_Util::declareScalarType( $len, 'int', 1 ); |
|
| 1617 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 1618 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 1619 | 1619 | |
| 1620 | 1620 | /* Input validation: */ |
| 1621 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { |
|
| 1622 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1621 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_STREAM_NONCEBYTES ) { |
|
| 1622 | + throw new Error( 'Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.' ); |
|
| 1623 | 1623 | } |
| 1624 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) { |
|
| 1625 | - throw new Error('Argument 3 must be CRYPTO_STREAM_KEYBYTES long.'); |
|
| 1624 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_STREAM_KEYBYTES ) { |
|
| 1625 | + throw new Error( 'Argument 3 must be CRYPTO_STREAM_KEYBYTES long.' ); |
|
| 1626 | 1626 | } |
| 1627 | 1627 | |
| 1628 | - if (self::isPhp72OrGreater()) { |
|
| 1629 | - return sodium_crypto_stream($len, $nonce, $key); |
|
| 1628 | + if ( self::isPhp72OrGreater() ) { |
|
| 1629 | + return sodium_crypto_stream( $len, $nonce, $key ); |
|
| 1630 | 1630 | } |
| 1631 | - if (self::use_fallback('crypto_stream')) { |
|
| 1632 | - return call_user_func('\\Sodium\\crypto_stream', $len, $nonce, $key); |
|
| 1631 | + if ( self::use_fallback( 'crypto_stream' ) ) { |
|
| 1632 | + return call_user_func( '\\Sodium\\crypto_stream', $len, $nonce, $key ); |
|
| 1633 | 1633 | } |
| 1634 | - if (PHP_INT_SIZE === 4) { |
|
| 1635 | - return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20($len, $nonce, $key); |
|
| 1634 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1635 | + return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20( $len, $nonce, $key ); |
|
| 1636 | 1636 | } |
| 1637 | - return ParagonIE_Sodium_Core_XSalsa20::xsalsa20($len, $nonce, $key); |
|
| 1637 | + return ParagonIE_Sodium_Core_XSalsa20::xsalsa20( $len, $nonce, $key ); |
|
| 1638 | 1638 | } |
| 1639 | 1639 | |
| 1640 | 1640 | /** |
@@ -1656,31 +1656,31 @@ discard block |
||
| 1656 | 1656 | * @throws Error |
| 1657 | 1657 | * @throws TypeError |
| 1658 | 1658 | */ |
| 1659 | - public static function crypto_stream_xor($message, $nonce, $key) |
|
| 1659 | + public static function crypto_stream_xor( $message, $nonce, $key ) |
|
| 1660 | 1660 | { |
| 1661 | 1661 | /* Type checks: */ |
| 1662 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1663 | - ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
|
| 1664 | - ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 3); |
|
| 1662 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 1 ); |
|
| 1663 | + ParagonIE_Sodium_Core_Util::declareScalarType( $nonce, 'string', 2 ); |
|
| 1664 | + ParagonIE_Sodium_Core_Util::declareScalarType( $key, 'string', 3 ); |
|
| 1665 | 1665 | |
| 1666 | 1666 | /* Input validation: */ |
| 1667 | - if (ParagonIE_Sodium_Core_Util::strlen($nonce) !== self::CRYPTO_STREAM_NONCEBYTES) { |
|
| 1668 | - throw new Error('Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.'); |
|
| 1667 | + if ( ParagonIE_Sodium_Core_Util::strlen( $nonce ) !== self::CRYPTO_STREAM_NONCEBYTES ) { |
|
| 1668 | + throw new Error( 'Argument 2 must be CRYPTO_SECRETBOX_NONCEBYTES long.' ); |
|
| 1669 | 1669 | } |
| 1670 | - if (ParagonIE_Sodium_Core_Util::strlen($key) !== self::CRYPTO_STREAM_KEYBYTES) { |
|
| 1671 | - throw new Error('Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.'); |
|
| 1670 | + if ( ParagonIE_Sodium_Core_Util::strlen( $key ) !== self::CRYPTO_STREAM_KEYBYTES ) { |
|
| 1671 | + throw new Error( 'Argument 3 must be CRYPTO_SECRETBOX_KEYBYTES long.' ); |
|
| 1672 | 1672 | } |
| 1673 | 1673 | |
| 1674 | - if (self::isPhp72OrGreater()) { |
|
| 1675 | - return sodium_crypto_stream_xor($message, $nonce, $key); |
|
| 1674 | + if ( self::isPhp72OrGreater() ) { |
|
| 1675 | + return sodium_crypto_stream_xor( $message, $nonce, $key ); |
|
| 1676 | 1676 | } |
| 1677 | - if (self::use_fallback('crypto_stream_xor')) { |
|
| 1678 | - return call_user_func('\\Sodium\\crypto_stream_xor', $message, $nonce, $key); |
|
| 1677 | + if ( self::use_fallback( 'crypto_stream_xor' ) ) { |
|
| 1678 | + return call_user_func( '\\Sodium\\crypto_stream_xor', $message, $nonce, $key ); |
|
| 1679 | 1679 | } |
| 1680 | - if (PHP_INT_SIZE === 4) { |
|
| 1681 | - return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20_xor($message, $nonce, $key); |
|
| 1680 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1681 | + return ParagonIE_Sodium_Core32_XSalsa20::xsalsa20_xor( $message, $nonce, $key ); |
|
| 1682 | 1682 | } |
| 1683 | - return ParagonIE_Sodium_Core_XSalsa20::xsalsa20_xor($message, $nonce, $key); |
|
| 1683 | + return ParagonIE_Sodium_Core_XSalsa20::xsalsa20_xor( $message, $nonce, $key ); |
|
| 1684 | 1684 | } |
| 1685 | 1685 | |
| 1686 | 1686 | /** |
@@ -1695,27 +1695,27 @@ discard block |
||
| 1695 | 1695 | * @throws Error |
| 1696 | 1696 | * @throws TypeError |
| 1697 | 1697 | */ |
| 1698 | - public static function crypto_sign($message, $secretKey) |
|
| 1698 | + public static function crypto_sign( $message, $secretKey ) |
|
| 1699 | 1699 | { |
| 1700 | 1700 | /* Type checks: */ |
| 1701 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1702 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
|
| 1701 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 1 ); |
|
| 1702 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 2 ); |
|
| 1703 | 1703 | |
| 1704 | 1704 | /* Input validation: */ |
| 1705 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1706 | - throw new Error('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1705 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_SIGN_SECRETKEYBYTES ) { |
|
| 1706 | + throw new Error( 'Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.' ); |
|
| 1707 | 1707 | } |
| 1708 | 1708 | |
| 1709 | - if (self::isPhp72OrGreater()) { |
|
| 1710 | - return sodium_crypto_sign($message, $secretKey); |
|
| 1709 | + if ( self::isPhp72OrGreater() ) { |
|
| 1710 | + return sodium_crypto_sign( $message, $secretKey ); |
|
| 1711 | 1711 | } |
| 1712 | - if (self::use_fallback('crypto_sign')) { |
|
| 1713 | - return call_user_func('\\Sodium\\crypto_sign', $message, $secretKey); |
|
| 1712 | + if ( self::use_fallback( 'crypto_sign' ) ) { |
|
| 1713 | + return call_user_func( '\\Sodium\\crypto_sign', $message, $secretKey ); |
|
| 1714 | 1714 | } |
| 1715 | - if (PHP_INT_SIZE === 4) { |
|
| 1716 | - return ParagonIE_Sodium_Crypto32::sign($message, $secretKey); |
|
| 1715 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1716 | + return ParagonIE_Sodium_Crypto32::sign( $message, $secretKey ); |
|
| 1717 | 1717 | } |
| 1718 | - return ParagonIE_Sodium_Crypto::sign($message, $secretKey); |
|
| 1718 | + return ParagonIE_Sodium_Crypto::sign( $message, $secretKey ); |
|
| 1719 | 1719 | } |
| 1720 | 1720 | |
| 1721 | 1721 | /** |
@@ -1728,30 +1728,30 @@ discard block |
||
| 1728 | 1728 | * @throws Error |
| 1729 | 1729 | * @throws TypeError |
| 1730 | 1730 | */ |
| 1731 | - public static function crypto_sign_open($signedMessage, $publicKey) |
|
| 1731 | + public static function crypto_sign_open( $signedMessage, $publicKey ) |
|
| 1732 | 1732 | { |
| 1733 | 1733 | /* Type checks: */ |
| 1734 | - ParagonIE_Sodium_Core_Util::declareScalarType($signedMessage, 'string', 1); |
|
| 1735 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
|
| 1734 | + ParagonIE_Sodium_Core_Util::declareScalarType( $signedMessage, 'string', 1 ); |
|
| 1735 | + ParagonIE_Sodium_Core_Util::declareScalarType( $publicKey, 'string', 2 ); |
|
| 1736 | 1736 | |
| 1737 | 1737 | /* Input validation: */ |
| 1738 | - if (ParagonIE_Sodium_Core_Util::strlen($signedMessage) < self::CRYPTO_SIGN_BYTES) { |
|
| 1739 | - throw new Error('Argument 1 must be at least CRYPTO_SIGN_BYTES long.'); |
|
| 1738 | + if ( ParagonIE_Sodium_Core_Util::strlen( $signedMessage ) < self::CRYPTO_SIGN_BYTES ) { |
|
| 1739 | + throw new Error( 'Argument 1 must be at least CRYPTO_SIGN_BYTES long.' ); |
|
| 1740 | 1740 | } |
| 1741 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_SIGN_PUBLICKEYBYTES) { |
|
| 1742 | - throw new Error('Argument 2 must be CRYPTO_SIGN_PUBLICKEYBYTES long.'); |
|
| 1741 | + if ( ParagonIE_Sodium_Core_Util::strlen( $publicKey ) !== self::CRYPTO_SIGN_PUBLICKEYBYTES ) { |
|
| 1742 | + throw new Error( 'Argument 2 must be CRYPTO_SIGN_PUBLICKEYBYTES long.' ); |
|
| 1743 | 1743 | } |
| 1744 | 1744 | |
| 1745 | - if (self::isPhp72OrGreater()) { |
|
| 1746 | - return sodium_crypto_sign_open($signedMessage, $publicKey); |
|
| 1745 | + if ( self::isPhp72OrGreater() ) { |
|
| 1746 | + return sodium_crypto_sign_open( $signedMessage, $publicKey ); |
|
| 1747 | 1747 | } |
| 1748 | - if (self::use_fallback('crypto_sign_open')) { |
|
| 1749 | - return call_user_func('\\Sodium\\crypto_sign_open', $signedMessage, $publicKey); |
|
| 1748 | + if ( self::use_fallback( 'crypto_sign_open' ) ) { |
|
| 1749 | + return call_user_func( '\\Sodium\\crypto_sign_open', $signedMessage, $publicKey ); |
|
| 1750 | 1750 | } |
| 1751 | - if (PHP_INT_SIZE === 4) { |
|
| 1752 | - return ParagonIE_Sodium_Crypto32::sign_open($signedMessage, $publicKey); |
|
| 1751 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1752 | + return ParagonIE_Sodium_Crypto32::sign_open( $signedMessage, $publicKey ); |
|
| 1753 | 1753 | } |
| 1754 | - return ParagonIE_Sodium_Crypto::sign_open($signedMessage, $publicKey); |
|
| 1754 | + return ParagonIE_Sodium_Crypto::sign_open( $signedMessage, $publicKey ); |
|
| 1755 | 1755 | } |
| 1756 | 1756 | |
| 1757 | 1757 | /** |
@@ -1761,15 +1761,15 @@ discard block |
||
| 1761 | 1761 | */ |
| 1762 | 1762 | public static function crypto_sign_keypair() |
| 1763 | 1763 | { |
| 1764 | - if (self::isPhp72OrGreater()) { |
|
| 1764 | + if ( self::isPhp72OrGreater() ) { |
|
| 1765 | 1765 | return sodium_crypto_sign_keypair(); |
| 1766 | 1766 | } |
| 1767 | - if (self::use_fallback('crypto_sign_keypair')) { |
|
| 1767 | + if ( self::use_fallback( 'crypto_sign_keypair' ) ) { |
|
| 1768 | 1768 | return call_user_func( |
| 1769 | 1769 | '\\Sodium\\crypto_sign_keypair' |
| 1770 | 1770 | ); |
| 1771 | 1771 | } |
| 1772 | - if (PHP_INT_SIZE === 4) { |
|
| 1772 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1773 | 1773 | return ParagonIE_Sodium_Core32_Ed25519::keypair(); |
| 1774 | 1774 | } |
| 1775 | 1775 | return ParagonIE_Sodium_Core_Ed25519::keypair(); |
@@ -1781,22 +1781,22 @@ discard block |
||
| 1781 | 1781 | * @param string $seed Input seed |
| 1782 | 1782 | * @return string Keypair |
| 1783 | 1783 | */ |
| 1784 | - public static function crypto_sign_seed_keypair($seed) |
|
| 1784 | + public static function crypto_sign_seed_keypair( $seed ) |
|
| 1785 | 1785 | { |
| 1786 | - ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
|
| 1786 | + ParagonIE_Sodium_Core_Util::declareScalarType( $seed, 'string', 1 ); |
|
| 1787 | 1787 | |
| 1788 | - if (self::isPhp72OrGreater()) { |
|
| 1789 | - return sodium_crypto_sign_seed_keypair($seed); |
|
| 1788 | + if ( self::isPhp72OrGreater() ) { |
|
| 1789 | + return sodium_crypto_sign_seed_keypair( $seed ); |
|
| 1790 | 1790 | } |
| 1791 | - if (self::use_fallback('crypto_sign_keypair')) { |
|
| 1792 | - return call_user_func('\\Sodium\\crypto_sign_seed_keypair', $seed); |
|
| 1791 | + if ( self::use_fallback( 'crypto_sign_keypair' ) ) { |
|
| 1792 | + return call_user_func( '\\Sodium\\crypto_sign_seed_keypair', $seed ); |
|
| 1793 | 1793 | } |
| 1794 | 1794 | $publicKey = ''; |
| 1795 | 1795 | $secretKey = ''; |
| 1796 | - if (PHP_INT_SIZE === 4) { |
|
| 1797 | - ParagonIE_Sodium_Core32_Ed25519::seed_keypair($publicKey, $secretKey, $seed); |
|
| 1796 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1797 | + ParagonIE_Sodium_Core32_Ed25519::seed_keypair( $publicKey, $secretKey, $seed ); |
|
| 1798 | 1798 | } else { |
| 1799 | - ParagonIE_Sodium_Core_Ed25519::seed_keypair($publicKey, $secretKey, $seed); |
|
| 1799 | + ParagonIE_Sodium_Core_Ed25519::seed_keypair( $publicKey, $secretKey, $seed ); |
|
| 1800 | 1800 | } |
| 1801 | 1801 | return $secretKey . $publicKey; |
| 1802 | 1802 | } |
@@ -1809,26 +1809,26 @@ discard block |
||
| 1809 | 1809 | * @throws Error |
| 1810 | 1810 | * @throws TypeError |
| 1811 | 1811 | */ |
| 1812 | - public static function crypto_sign_publickey($keypair) |
|
| 1812 | + public static function crypto_sign_publickey( $keypair ) |
|
| 1813 | 1813 | { |
| 1814 | 1814 | /* Type checks: */ |
| 1815 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 1815 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 1 ); |
|
| 1816 | 1816 | |
| 1817 | 1817 | /* Input validation: */ |
| 1818 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { |
|
| 1819 | - throw new Error('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); |
|
| 1818 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_SIGN_KEYPAIRBYTES ) { |
|
| 1819 | + throw new Error( 'Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.' ); |
|
| 1820 | 1820 | } |
| 1821 | 1821 | |
| 1822 | - if (self::isPhp72OrGreater()) { |
|
| 1823 | - return sodium_crypto_sign_publickey($keypair); |
|
| 1822 | + if ( self::isPhp72OrGreater() ) { |
|
| 1823 | + return sodium_crypto_sign_publickey( $keypair ); |
|
| 1824 | 1824 | } |
| 1825 | - if (self::use_fallback('crypto_sign_publickey')) { |
|
| 1826 | - return call_user_func('\\Sodium\\crypto_sign_publickey', $keypair); |
|
| 1825 | + if ( self::use_fallback( 'crypto_sign_publickey' ) ) { |
|
| 1826 | + return call_user_func( '\\Sodium\\crypto_sign_publickey', $keypair ); |
|
| 1827 | 1827 | } |
| 1828 | - if (PHP_INT_SIZE === 4) { |
|
| 1829 | - return ParagonIE_Sodium_Core32_Ed25519::publickey($keypair); |
|
| 1828 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1829 | + return ParagonIE_Sodium_Core32_Ed25519::publickey( $keypair ); |
|
| 1830 | 1830 | } |
| 1831 | - return ParagonIE_Sodium_Core_Ed25519::publickey($keypair); |
|
| 1831 | + return ParagonIE_Sodium_Core_Ed25519::publickey( $keypair ); |
|
| 1832 | 1832 | } |
| 1833 | 1833 | |
| 1834 | 1834 | /** |
@@ -1839,26 +1839,26 @@ discard block |
||
| 1839 | 1839 | * @throws Error |
| 1840 | 1840 | * @throws TypeError |
| 1841 | 1841 | */ |
| 1842 | - public static function crypto_sign_publickey_from_secretkey($secretKey) |
|
| 1842 | + public static function crypto_sign_publickey_from_secretkey( $secretKey ) |
|
| 1843 | 1843 | { |
| 1844 | 1844 | /* Type checks: */ |
| 1845 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
|
| 1845 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 1 ); |
|
| 1846 | 1846 | |
| 1847 | 1847 | /* Input validation: */ |
| 1848 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1849 | - throw new Error('Argument 1 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1848 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_SIGN_SECRETKEYBYTES ) { |
|
| 1849 | + throw new Error( 'Argument 1 must be CRYPTO_SIGN_SECRETKEYBYTES long.' ); |
|
| 1850 | 1850 | } |
| 1851 | 1851 | |
| 1852 | - if (self::isPhp72OrGreater()) { |
|
| 1853 | - return sodium_crypto_sign_publickey_from_secretkey($secretKey); |
|
| 1852 | + if ( self::isPhp72OrGreater() ) { |
|
| 1853 | + return sodium_crypto_sign_publickey_from_secretkey( $secretKey ); |
|
| 1854 | 1854 | } |
| 1855 | - if (self::use_fallback('crypto_sign_publickey_from_secretkey')) { |
|
| 1856 | - return call_user_func('\\Sodium\\crypto_sign_publickey_from_secretkey', $secretKey); |
|
| 1855 | + if ( self::use_fallback( 'crypto_sign_publickey_from_secretkey' ) ) { |
|
| 1856 | + return call_user_func( '\\Sodium\\crypto_sign_publickey_from_secretkey', $secretKey ); |
|
| 1857 | 1857 | } |
| 1858 | - if (PHP_INT_SIZE === 4) { |
|
| 1859 | - return ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey($secretKey); |
|
| 1858 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1859 | + return ParagonIE_Sodium_Core32_Ed25519::publickey_from_secretkey( $secretKey ); |
|
| 1860 | 1860 | } |
| 1861 | - return ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey($secretKey); |
|
| 1861 | + return ParagonIE_Sodium_Core_Ed25519::publickey_from_secretkey( $secretKey ); |
|
| 1862 | 1862 | } |
| 1863 | 1863 | |
| 1864 | 1864 | /** |
@@ -1869,26 +1869,26 @@ discard block |
||
| 1869 | 1869 | * @throws Error |
| 1870 | 1870 | * @throws TypeError |
| 1871 | 1871 | */ |
| 1872 | - public static function crypto_sign_secretkey($keypair) |
|
| 1872 | + public static function crypto_sign_secretkey( $keypair ) |
|
| 1873 | 1873 | { |
| 1874 | 1874 | /* Type checks: */ |
| 1875 | - ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
|
| 1875 | + ParagonIE_Sodium_Core_Util::declareScalarType( $keypair, 'string', 1 ); |
|
| 1876 | 1876 | |
| 1877 | 1877 | /* Input validation: */ |
| 1878 | - if (ParagonIE_Sodium_Core_Util::strlen($keypair) !== self::CRYPTO_SIGN_KEYPAIRBYTES) { |
|
| 1879 | - throw new Error('Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.'); |
|
| 1878 | + if ( ParagonIE_Sodium_Core_Util::strlen( $keypair ) !== self::CRYPTO_SIGN_KEYPAIRBYTES ) { |
|
| 1879 | + throw new Error( 'Argument 1 must be CRYPTO_SIGN_KEYPAIRBYTES long.' ); |
|
| 1880 | 1880 | } |
| 1881 | 1881 | |
| 1882 | - if (self::isPhp72OrGreater()) { |
|
| 1883 | - return sodium_crypto_sign_secretkey($keypair); |
|
| 1882 | + if ( self::isPhp72OrGreater() ) { |
|
| 1883 | + return sodium_crypto_sign_secretkey( $keypair ); |
|
| 1884 | 1884 | } |
| 1885 | - if (self::use_fallback('crypto_sign_secretkey')) { |
|
| 1886 | - return call_user_func('\\Sodium\\crypto_sign_secretkey', $keypair); |
|
| 1885 | + if ( self::use_fallback( 'crypto_sign_secretkey' ) ) { |
|
| 1886 | + return call_user_func( '\\Sodium\\crypto_sign_secretkey', $keypair ); |
|
| 1887 | 1887 | } |
| 1888 | - if (PHP_INT_SIZE === 4) { |
|
| 1889 | - return ParagonIE_Sodium_Core32_Ed25519::secretkey($keypair); |
|
| 1888 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1889 | + return ParagonIE_Sodium_Core32_Ed25519::secretkey( $keypair ); |
|
| 1890 | 1890 | } |
| 1891 | - return ParagonIE_Sodium_Core_Ed25519::secretkey($keypair); |
|
| 1891 | + return ParagonIE_Sodium_Core_Ed25519::secretkey( $keypair ); |
|
| 1892 | 1892 | } |
| 1893 | 1893 | |
| 1894 | 1894 | /** |
@@ -1902,27 +1902,27 @@ discard block |
||
| 1902 | 1902 | * @throws Error |
| 1903 | 1903 | * @throws TypeError |
| 1904 | 1904 | */ |
| 1905 | - public static function crypto_sign_detached($message, $secretKey) |
|
| 1905 | + public static function crypto_sign_detached( $message, $secretKey ) |
|
| 1906 | 1906 | { |
| 1907 | 1907 | /* Type checks: */ |
| 1908 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
|
| 1909 | - ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
|
| 1908 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 1 ); |
|
| 1909 | + ParagonIE_Sodium_Core_Util::declareScalarType( $secretKey, 'string', 2 ); |
|
| 1910 | 1910 | |
| 1911 | 1911 | /* Input validation: */ |
| 1912 | - if (ParagonIE_Sodium_Core_Util::strlen($secretKey) !== self::CRYPTO_SIGN_SECRETKEYBYTES) { |
|
| 1913 | - throw new Error('Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.'); |
|
| 1912 | + if ( ParagonIE_Sodium_Core_Util::strlen( $secretKey ) !== self::CRYPTO_SIGN_SECRETKEYBYTES ) { |
|
| 1913 | + throw new Error( 'Argument 2 must be CRYPTO_SIGN_SECRETKEYBYTES long.' ); |
|
| 1914 | 1914 | } |
| 1915 | 1915 | |
| 1916 | - if (self::isPhp72OrGreater()) { |
|
| 1917 | - return sodium_crypto_sign_detached($message, $secretKey); |
|
| 1916 | + if ( self::isPhp72OrGreater() ) { |
|
| 1917 | + return sodium_crypto_sign_detached( $message, $secretKey ); |
|
| 1918 | 1918 | } |
| 1919 | - if (self::use_fallback('crypto_sign_detached')) { |
|
| 1920 | - return call_user_func('\\Sodium\\crypto_sign_detached', $message, $secretKey); |
|
| 1919 | + if ( self::use_fallback( 'crypto_sign_detached' ) ) { |
|
| 1920 | + return call_user_func( '\\Sodium\\crypto_sign_detached', $message, $secretKey ); |
|
| 1921 | 1921 | } |
| 1922 | - if (PHP_INT_SIZE === 4) { |
|
| 1923 | - return ParagonIE_Sodium_Crypto32::sign_detached($message, $secretKey); |
|
| 1922 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1923 | + return ParagonIE_Sodium_Crypto32::sign_detached( $message, $secretKey ); |
|
| 1924 | 1924 | } |
| 1925 | - return ParagonIE_Sodium_Crypto::sign_detached($message, $secretKey); |
|
| 1925 | + return ParagonIE_Sodium_Crypto::sign_detached( $message, $secretKey ); |
|
| 1926 | 1926 | } |
| 1927 | 1927 | |
| 1928 | 1928 | /** |
@@ -1936,31 +1936,31 @@ discard block |
||
| 1936 | 1936 | * @throws Error |
| 1937 | 1937 | * @throws TypeError |
| 1938 | 1938 | */ |
| 1939 | - public static function crypto_sign_verify_detached($signature, $message, $publicKey) |
|
| 1939 | + public static function crypto_sign_verify_detached( $signature, $message, $publicKey ) |
|
| 1940 | 1940 | { |
| 1941 | 1941 | /* Type checks: */ |
| 1942 | - ParagonIE_Sodium_Core_Util::declareScalarType($signature, 'string', 1); |
|
| 1943 | - ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
|
| 1944 | - ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 3); |
|
| 1942 | + ParagonIE_Sodium_Core_Util::declareScalarType( $signature, 'string', 1 ); |
|
| 1943 | + ParagonIE_Sodium_Core_Util::declareScalarType( $message, 'string', 2 ); |
|
| 1944 | + ParagonIE_Sodium_Core_Util::declareScalarType( $publicKey, 'string', 3 ); |
|
| 1945 | 1945 | |
| 1946 | 1946 | /* Input validation: */ |
| 1947 | - if (ParagonIE_Sodium_Core_Util::strlen($signature) !== self::CRYPTO_SIGN_BYTES) { |
|
| 1948 | - throw new Error('Argument 1 must be CRYPTO_SIGN_BYTES long.'); |
|
| 1947 | + if ( ParagonIE_Sodium_Core_Util::strlen( $signature ) !== self::CRYPTO_SIGN_BYTES ) { |
|
| 1948 | + throw new Error( 'Argument 1 must be CRYPTO_SIGN_BYTES long.' ); |
|
| 1949 | 1949 | } |
| 1950 | - if (ParagonIE_Sodium_Core_Util::strlen($publicKey) !== self::CRYPTO_SIGN_PUBLICKEYBYTES) { |
|
| 1951 | - throw new Error('Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES long.'); |
|
| 1950 | + if ( ParagonIE_Sodium_Core_Util::strlen( $publicKey ) !== self::CRYPTO_SIGN_PUBLICKEYBYTES ) { |
|
| 1951 | + throw new Error( 'Argument 3 must be CRYPTO_SIGN_PUBLICKEYBYTES long.' ); |
|
| 1952 | 1952 | } |
| 1953 | 1953 | |
| 1954 | - if (self::isPhp72OrGreater()) { |
|
| 1955 | - return sodium_crypto_sign_verify_detached($signature, $message, $publicKey); |
|
| 1954 | + if ( self::isPhp72OrGreater() ) { |
|
| 1955 | + return sodium_crypto_sign_verify_detached( $signature, $message, $publicKey ); |
|
| 1956 | 1956 | } |
| 1957 | - if (self::use_fallback('crypto_sign_verify_detached')) { |
|
| 1958 | - return call_user_func('\\Sodium\\crypto_sign_verify_detached', $signature, $message, $publicKey); |
|
| 1957 | + if ( self::use_fallback( 'crypto_sign_verify_detached' ) ) { |
|
| 1958 | + return call_user_func( '\\Sodium\\crypto_sign_verify_detached', $signature, $message, $publicKey ); |
|
| 1959 | 1959 | } |
| 1960 | - if (PHP_INT_SIZE === 4) { |
|
| 1961 | - return ParagonIE_Sodium_Crypto32::sign_verify_detached($signature, $message, $publicKey); |
|
| 1960 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 1961 | + return ParagonIE_Sodium_Crypto32::sign_verify_detached( $signature, $message, $publicKey ); |
|
| 1962 | 1962 | } |
| 1963 | - return ParagonIE_Sodium_Crypto::sign_verify_detached($signature, $message, $publicKey); |
|
| 1963 | + return ParagonIE_Sodium_Crypto::sign_verify_detached( $signature, $message, $publicKey ); |
|
| 1964 | 1964 | } |
| 1965 | 1965 | |
| 1966 | 1966 | /** |
@@ -1970,32 +1970,32 @@ discard block |
||
| 1970 | 1970 | * @return string |
| 1971 | 1971 | * @throws Error |
| 1972 | 1972 | */ |
| 1973 | - public static function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 1973 | + public static function crypto_sign_ed25519_sk_to_curve25519( $sk ) |
|
| 1974 | 1974 | { |
| 1975 | 1975 | /* Type checks: */ |
| 1976 | - ParagonIE_Sodium_Core_Util::declareScalarType($sk, 'string', 1); |
|
| 1976 | + ParagonIE_Sodium_Core_Util::declareScalarType( $sk, 'string', 1 ); |
|
| 1977 | 1977 | |
| 1978 | 1978 | /* Input validation: */ |
| 1979 | - if (ParagonIE_Sodium_Core_Util::strlen($sk) < self::CRYPTO_SIGN_SEEDBYTES) { |
|
| 1980 | - throw new Error('Argument 1 must be at least CRYPTO_SIGN_SEEDBYTES long.'); |
|
| 1979 | + if ( ParagonIE_Sodium_Core_Util::strlen( $sk ) < self::CRYPTO_SIGN_SEEDBYTES ) { |
|
| 1980 | + throw new Error( 'Argument 1 must be at least CRYPTO_SIGN_SEEDBYTES long.' ); |
|
| 1981 | 1981 | } |
| 1982 | - if (self::isPhp72OrGreater()) { |
|
| 1983 | - if (is_callable('crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 1984 | - return sodium_crypto_sign_ed25519_sk_to_curve25519($sk); |
|
| 1982 | + if ( self::isPhp72OrGreater() ) { |
|
| 1983 | + if ( is_callable( 'crypto_sign_ed25519_sk_to_curve25519' ) ) { |
|
| 1984 | + return sodium_crypto_sign_ed25519_sk_to_curve25519( $sk ); |
|
| 1985 | 1985 | } |
| 1986 | 1986 | } |
| 1987 | - if (self::use_fallback('crypto_sign_ed25519_sk_to_curve25519')) { |
|
| 1988 | - return call_user_func('\\Sodium\\crypto_sign_ed25519_sk_to_curve25519', $sk); |
|
| 1987 | + if ( self::use_fallback( 'crypto_sign_ed25519_sk_to_curve25519' ) ) { |
|
| 1988 | + return call_user_func( '\\Sodium\\crypto_sign_ed25519_sk_to_curve25519', $sk ); |
|
| 1989 | 1989 | } |
| 1990 | 1990 | |
| 1991 | - $h = hash('sha512', ParagonIE_Sodium_Core_Util::substr($sk, 0, 32), true); |
|
| 1991 | + $h = hash( 'sha512', ParagonIE_Sodium_Core_Util::substr( $sk, 0, 32 ), true ); |
|
| 1992 | 1992 | $h[0] = ParagonIE_Sodium_Core_Util::intToChr( |
| 1993 | - ParagonIE_Sodium_Core_Util::chrToInt($h[0]) & 248 |
|
| 1993 | + ParagonIE_Sodium_Core_Util::chrToInt( $h[0] ) & 248 |
|
| 1994 | 1994 | ); |
| 1995 | 1995 | $h[31] = ParagonIE_Sodium_Core_Util::intToChr( |
| 1996 | - (ParagonIE_Sodium_Core_Util::chrToInt($h[31]) & 127) | 64 |
|
| 1996 | + ( ParagonIE_Sodium_Core_Util::chrToInt( $h[31] ) & 127 ) | 64 |
|
| 1997 | 1997 | ); |
| 1998 | - return ParagonIE_Sodium_Core_Util::substr($h, 0, 32); |
|
| 1998 | + return ParagonIE_Sodium_Core_Util::substr( $h, 0, 32 ); |
|
| 1999 | 1999 | } |
| 2000 | 2000 | |
| 2001 | 2001 | /** |
@@ -2005,18 +2005,18 @@ discard block |
||
| 2005 | 2005 | * @return string Raw binary string |
| 2006 | 2006 | * @throws TypeError |
| 2007 | 2007 | */ |
| 2008 | - public static function hex2bin($string) |
|
| 2008 | + public static function hex2bin( $string ) |
|
| 2009 | 2009 | { |
| 2010 | 2010 | /* Type checks: */ |
| 2011 | - ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
|
| 2011 | + ParagonIE_Sodium_Core_Util::declareScalarType( $string, 'string', 1 ); |
|
| 2012 | 2012 | |
| 2013 | - if (self::isPhp72OrGreater()) { |
|
| 2014 | - return sodium_hex2bin($string); |
|
| 2013 | + if ( self::isPhp72OrGreater() ) { |
|
| 2014 | + return sodium_hex2bin( $string ); |
|
| 2015 | 2015 | } |
| 2016 | - if (self::use_fallback('hex2bin')) { |
|
| 2017 | - return call_user_func('\\Sodium\\hex2bin', $string); |
|
| 2016 | + if ( self::use_fallback( 'hex2bin' ) ) { |
|
| 2017 | + return call_user_func( '\\Sodium\\hex2bin', $string ); |
|
| 2018 | 2018 | } |
| 2019 | - return ParagonIE_Sodium_Core_Util::hex2bin($string); |
|
| 2019 | + return ParagonIE_Sodium_Core_Util::hex2bin( $string ); |
|
| 2020 | 2020 | } |
| 2021 | 2021 | |
| 2022 | 2022 | /** |
@@ -2027,28 +2027,28 @@ discard block |
||
| 2027 | 2027 | * @return void |
| 2028 | 2028 | * @throws Error (Unless libsodium is installed) |
| 2029 | 2029 | */ |
| 2030 | - public static function increment(&$var) |
|
| 2030 | + public static function increment( &$var ) |
|
| 2031 | 2031 | { |
| 2032 | 2032 | /* Type checks: */ |
| 2033 | - ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
|
| 2033 | + ParagonIE_Sodium_Core_Util::declareScalarType( $var, 'string', 1 ); |
|
| 2034 | 2034 | |
| 2035 | - if (self::isPhp72OrGreater()) { |
|
| 2036 | - sodium_increment($var); |
|
| 2035 | + if ( self::isPhp72OrGreater() ) { |
|
| 2036 | + sodium_increment( $var ); |
|
| 2037 | 2037 | return; |
| 2038 | 2038 | } |
| 2039 | - if (self::use_fallback('increment')) { |
|
| 2040 | - @call_user_func('\\Sodium\\increment', $var); |
|
| 2039 | + if ( self::use_fallback( 'increment' ) ) { |
|
| 2040 | + @call_user_func( '\\Sodium\\increment', $var ); |
|
| 2041 | 2041 | return; |
| 2042 | 2042 | } |
| 2043 | 2043 | |
| 2044 | - $len = ParagonIE_Sodium_Core_Util::strlen($var); |
|
| 2044 | + $len = ParagonIE_Sodium_Core_Util::strlen( $var ); |
|
| 2045 | 2045 | $c = 1; |
| 2046 | 2046 | $copy = ''; |
| 2047 | - for ($i = 0; $i < $len; ++$i) { |
|
| 2047 | + for ( $i = 0; $i < $len; ++$i ) { |
|
| 2048 | 2048 | $c += ParagonIE_Sodium_Core_Util::chrToInt( |
| 2049 | - ParagonIE_Sodium_Core_Util::substr($var, $i, 1) |
|
| 2049 | + ParagonIE_Sodium_Core_Util::substr( $var, $i, 1 ) |
|
| 2050 | 2050 | ); |
| 2051 | - $copy .= ParagonIE_Sodium_Core_Util::intToChr($c); |
|
| 2051 | + $copy .= ParagonIE_Sodium_Core_Util::intToChr( $c ); |
|
| 2052 | 2052 | $c >>= 8; |
| 2053 | 2053 | } |
| 2054 | 2054 | $var = $copy; |
@@ -2062,11 +2062,11 @@ discard block |
||
| 2062 | 2062 | */ |
| 2063 | 2063 | public static function library_version_major() |
| 2064 | 2064 | { |
| 2065 | - if (self::isPhp72OrGreater()) { |
|
| 2065 | + if ( self::isPhp72OrGreater() ) { |
|
| 2066 | 2066 | return sodium_library_version_major(); |
| 2067 | 2067 | } |
| 2068 | - if (self::use_fallback('library_version_major')) { |
|
| 2069 | - return (int) call_user_func('\\Sodium\\library_version_major'); |
|
| 2068 | + if ( self::use_fallback( 'library_version_major' ) ) { |
|
| 2069 | + return (int) call_user_func( '\\Sodium\\library_version_major' ); |
|
| 2070 | 2070 | } |
| 2071 | 2071 | return self::LIBRARY_VERSION_MAJOR; |
| 2072 | 2072 | } |
@@ -2079,11 +2079,11 @@ discard block |
||
| 2079 | 2079 | */ |
| 2080 | 2080 | public static function library_version_minor() |
| 2081 | 2081 | { |
| 2082 | - if (self::isPhp72OrGreater()) { |
|
| 2082 | + if ( self::isPhp72OrGreater() ) { |
|
| 2083 | 2083 | return sodium_library_version_minor(); |
| 2084 | 2084 | } |
| 2085 | - if (self::use_fallback('library_version_minor')) { |
|
| 2086 | - return (int) call_user_func('\\Sodium\\library_version_minor'); |
|
| 2085 | + if ( self::use_fallback( 'library_version_minor' ) ) { |
|
| 2086 | + return (int) call_user_func( '\\Sodium\\library_version_minor' ); |
|
| 2087 | 2087 | } |
| 2088 | 2088 | return self::LIBRARY_VERSION_MINOR; |
| 2089 | 2089 | } |
@@ -2096,16 +2096,16 @@ discard block |
||
| 2096 | 2096 | * @return int |
| 2097 | 2097 | * @throws TypeError |
| 2098 | 2098 | */ |
| 2099 | - public static function memcmp($left, $right) |
|
| 2099 | + public static function memcmp( $left, $right ) |
|
| 2100 | 2100 | { |
| 2101 | 2101 | /* Type checks: */ |
| 2102 | - ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
|
| 2103 | - ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
|
| 2102 | + ParagonIE_Sodium_Core_Util::declareScalarType( $left, 'string', 1 ); |
|
| 2103 | + ParagonIE_Sodium_Core_Util::declareScalarType( $right, 'string', 2 ); |
|
| 2104 | 2104 | |
| 2105 | - if (self::use_fallback('memcmp')) { |
|
| 2106 | - return call_user_func('\\Sodium\\memcmp', $left, $right); |
|
| 2105 | + if ( self::use_fallback( 'memcmp' ) ) { |
|
| 2106 | + return call_user_func( '\\Sodium\\memcmp', $left, $right ); |
|
| 2107 | 2107 | } |
| 2108 | - return ParagonIE_Sodium_Core_Util::memcmp($left, $right); |
|
| 2108 | + return ParagonIE_Sodium_Core_Util::memcmp( $left, $right ); |
|
| 2109 | 2109 | } |
| 2110 | 2110 | |
| 2111 | 2111 | /** |
@@ -2117,17 +2117,17 @@ discard block |
||
| 2117 | 2117 | * @return void |
| 2118 | 2118 | * @throws Error (Unless libsodium is installed) |
| 2119 | 2119 | */ |
| 2120 | - public static function memzero(&$var) |
|
| 2120 | + public static function memzero( &$var ) |
|
| 2121 | 2121 | { |
| 2122 | 2122 | /* Type checks: */ |
| 2123 | - ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
|
| 2123 | + ParagonIE_Sodium_Core_Util::declareScalarType( $var, 'string', 1 ); |
|
| 2124 | 2124 | |
| 2125 | - if (self::isPhp72OrGreater()) { |
|
| 2126 | - sodium_memzero($var); |
|
| 2125 | + if ( self::isPhp72OrGreater() ) { |
|
| 2126 | + sodium_memzero( $var ); |
|
| 2127 | 2127 | return; |
| 2128 | 2128 | } |
| 2129 | - if (self::use_fallback('memzero')) { |
|
| 2130 | - @call_user_func('\\Sodium\\memzero', $var); |
|
| 2129 | + if ( self::use_fallback( 'memzero' ) ) { |
|
| 2130 | + @call_user_func( '\\Sodium\\memzero', $var ); |
|
| 2131 | 2131 | return; |
| 2132 | 2132 | } |
| 2133 | 2133 | // This is the best we can do. |
@@ -2144,20 +2144,20 @@ discard block |
||
| 2144 | 2144 | * @return string |
| 2145 | 2145 | * @throws TypeError |
| 2146 | 2146 | */ |
| 2147 | - public static function randombytes_buf($numBytes) |
|
| 2147 | + public static function randombytes_buf( $numBytes ) |
|
| 2148 | 2148 | { |
| 2149 | 2149 | /* Type checks: */ |
| 2150 | - if (!is_int($numBytes)) { |
|
| 2151 | - if (is_numeric($numBytes)) { |
|
| 2152 | - $numBytes = (int)$numBytes; |
|
| 2150 | + if ( ! is_int( $numBytes ) ) { |
|
| 2151 | + if ( is_numeric( $numBytes ) ) { |
|
| 2152 | + $numBytes = (int) $numBytes; |
|
| 2153 | 2153 | } else { |
| 2154 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($numBytes) . ' given.'); |
|
| 2154 | + throw new TypeError( 'Argument 1 must be an integer, ' . gettype( $numBytes ) . ' given.' ); |
|
| 2155 | 2155 | } |
| 2156 | 2156 | } |
| 2157 | - if (self::use_fallback('randombytes_buf')) { |
|
| 2158 | - return call_user_func('\\Sodium\\randombytes_buf', $numBytes); |
|
| 2157 | + if ( self::use_fallback( 'randombytes_buf' ) ) { |
|
| 2158 | + return call_user_func( '\\Sodium\\randombytes_buf', $numBytes ); |
|
| 2159 | 2159 | } |
| 2160 | - return random_bytes($numBytes); |
|
| 2160 | + return random_bytes( $numBytes ); |
|
| 2161 | 2161 | } |
| 2162 | 2162 | |
| 2163 | 2163 | /** |
@@ -2167,20 +2167,20 @@ discard block |
||
| 2167 | 2167 | * @return int |
| 2168 | 2168 | * @throws TypeError |
| 2169 | 2169 | */ |
| 2170 | - public static function randombytes_uniform($range) |
|
| 2170 | + public static function randombytes_uniform( $range ) |
|
| 2171 | 2171 | { |
| 2172 | 2172 | /* Type checks: */ |
| 2173 | - if (!is_int($range)) { |
|
| 2174 | - if (is_numeric($range)) { |
|
| 2175 | - $range = (int)$range; |
|
| 2173 | + if ( ! is_int( $range ) ) { |
|
| 2174 | + if ( is_numeric( $range ) ) { |
|
| 2175 | + $range = (int) $range; |
|
| 2176 | 2176 | } else { |
| 2177 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($range) . ' given.'); |
|
| 2177 | + throw new TypeError( 'Argument 1 must be an integer, ' . gettype( $range ) . ' given.' ); |
|
| 2178 | 2178 | } |
| 2179 | 2179 | } |
| 2180 | - if (self::use_fallback('randombytes_uniform')) { |
|
| 2181 | - return (int) call_user_func('\\Sodium\\randombytes_uniform', $range); |
|
| 2180 | + if ( self::use_fallback( 'randombytes_uniform' ) ) { |
|
| 2181 | + return (int) call_user_func( '\\Sodium\\randombytes_uniform', $range ); |
|
| 2182 | 2182 | } |
| 2183 | - return random_int(0, $range - 1); |
|
| 2183 | + return random_int( 0, $range - 1 ); |
|
| 2184 | 2184 | } |
| 2185 | 2185 | |
| 2186 | 2186 | /** |
@@ -2190,10 +2190,10 @@ discard block |
||
| 2190 | 2190 | */ |
| 2191 | 2191 | public static function randombytes_random16() |
| 2192 | 2192 | { |
| 2193 | - if (self::use_fallback('randombytes_random16')) { |
|
| 2194 | - return (int) call_user_func('\\Sodium\\randombytes_random16'); |
|
| 2193 | + if ( self::use_fallback( 'randombytes_random16' ) ) { |
|
| 2194 | + return (int) call_user_func( '\\Sodium\\randombytes_random16' ); |
|
| 2195 | 2195 | } |
| 2196 | - return random_int(0, 65535); |
|
| 2196 | + return random_int( 0, 65535 ); |
|
| 2197 | 2197 | } |
| 2198 | 2198 | |
| 2199 | 2199 | /** |
@@ -2204,11 +2204,11 @@ discard block |
||
| 2204 | 2204 | */ |
| 2205 | 2205 | public static function version_string() |
| 2206 | 2206 | { |
| 2207 | - if (self::isPhp72OrGreater()) { |
|
| 2207 | + if ( self::isPhp72OrGreater() ) { |
|
| 2208 | 2208 | return sodium_version_string(); |
| 2209 | 2209 | } |
| 2210 | - if (self::use_fallback('version_string')) { |
|
| 2211 | - return (string) call_user_func('\\Sodium\\version_string'); |
|
| 2210 | + if ( self::use_fallback( 'version_string' ) ) { |
|
| 2211 | + return (string) call_user_func( '\\Sodium\\version_string' ); |
|
| 2212 | 2212 | } |
| 2213 | 2213 | return self::VERSION_STRING; |
| 2214 | 2214 | } |
@@ -2225,14 +2225,14 @@ discard block |
||
| 2225 | 2225 | * |
| 2226 | 2226 | * @return bool |
| 2227 | 2227 | */ |
| 2228 | - protected static function use_fallback($sodium_func_name = '') |
|
| 2228 | + protected static function use_fallback( $sodium_func_name = '' ) |
|
| 2229 | 2229 | { |
| 2230 | 2230 | static $res = null; |
| 2231 | - if ($res === null) { |
|
| 2232 | - $res = extension_loaded('libsodium') && PHP_VERSION_ID >= 50300; |
|
| 2231 | + if ( $res === null ) { |
|
| 2232 | + $res = extension_loaded( 'libsodium' ) && PHP_VERSION_ID >= 50300; |
|
| 2233 | 2233 | } |
| 2234 | - if (PHP_INT_SIZE === 4) { |
|
| 2235 | - if ($res && is_callable('\\Sodium\\' . $sodium_func_name)) { |
|
| 2234 | + if ( PHP_INT_SIZE === 4 ) { |
|
| 2235 | + if ( $res && is_callable( '\\Sodium\\' . $sodium_func_name ) ) { |
|
| 2236 | 2236 | // We can safely just offload to the PECL extension |
| 2237 | 2237 | return true; |
| 2238 | 2238 | } |
@@ -2248,16 +2248,16 @@ discard block |
||
| 2248 | 2248 | ); |
| 2249 | 2249 | */ |
| 2250 | 2250 | } |
| 2251 | - if ($res === false) { |
|
| 2251 | + if ( $res === false ) { |
|
| 2252 | 2252 | // No libsodium installed |
| 2253 | 2253 | return false; |
| 2254 | 2254 | } |
| 2255 | - if (self::$disableFallbackForUnitTests) { |
|
| 2255 | + if ( self::$disableFallbackForUnitTests ) { |
|
| 2256 | 2256 | // Don't fallback. Use the PHP implementation. |
| 2257 | 2257 | return false; |
| 2258 | 2258 | } |
| 2259 | - if (!empty($sodium_func_name)) { |
|
| 2260 | - return is_callable('\\Sodium\\' . $sodium_func_name); |
|
| 2259 | + if ( ! empty( $sodium_func_name ) ) { |
|
| 2260 | + return is_callable( '\\Sodium\\' . $sodium_func_name ); |
|
| 2261 | 2261 | } |
| 2262 | 2262 | return true; |
| 2263 | 2263 | } |
@@ -2271,10 +2271,10 @@ discard block |
||
| 2271 | 2271 | protected static function isPhp72OrGreater() |
| 2272 | 2272 | { |
| 2273 | 2273 | static $res = null; |
| 2274 | - if ($res === null) { |
|
| 2275 | - $res = PHP_VERSION_ID >= 70200 && extension_loaded('sodium'); |
|
| 2274 | + if ( $res === null ) { |
|
| 2275 | + $res = PHP_VERSION_ID >= 70200 && extension_loaded( 'sodium' ); |
|
| 2276 | 2276 | } |
| 2277 | - if (self::$disableFallbackForUnitTests) { |
|
| 2277 | + if ( self::$disableFallbackForUnitTests ) { |
|
| 2278 | 2278 | // Don't fallback. Use the PHP implementation. |
| 2279 | 2279 | return false; |
| 2280 | 2280 | } |
@@ -25,8 +25,7 @@ discard block |
||
| 25 | 25 | return; |
| 26 | 26 | } |
| 27 | 27 | |
| 28 | -class ParagonIE_Sodium_Compat |
|
| 29 | -{ |
|
| 28 | +class ParagonIE_Sodium_Compat { |
|
| 30 | 29 | /** |
| 31 | 30 | * This parameter prevents the use of the PECL extension. |
| 32 | 31 | * It should only be used for unit testing. |
@@ -115,8 +114,7 @@ discard block |
||
| 115 | 114 | * @return string A hexadecimal-encoded string |
| 116 | 115 | * @throws TypeError |
| 117 | 116 | */ |
| 118 | - public static function bin2hex($string) |
|
| 119 | - { |
|
| 117 | + public static function bin2hex($string) { |
|
| 120 | 118 | /* Type checks: */ |
| 121 | 119 | ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
| 122 | 120 | |
@@ -140,8 +138,7 @@ discard block |
||
| 140 | 138 | * > 0 if the right operand is less than the left |
| 141 | 139 | * @throws TypeError |
| 142 | 140 | */ |
| 143 | - public static function compare($left, $right) |
|
| 144 | - { |
|
| 141 | + public static function compare($left, $right) { |
|
| 145 | 142 | /* Type checks: */ |
| 146 | 143 | ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
| 147 | 144 | ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
@@ -575,8 +572,7 @@ discard block |
||
| 575 | 572 | * @throws Error |
| 576 | 573 | * @throws TypeError |
| 577 | 574 | */ |
| 578 | - public static function crypto_auth($message, $key) |
|
| 579 | - { |
|
| 575 | + public static function crypto_auth($message, $key) { |
|
| 580 | 576 | /* Type checks: */ |
| 581 | 577 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
| 582 | 578 | ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
@@ -609,8 +605,7 @@ discard block |
||
| 609 | 605 | * @throws Error |
| 610 | 606 | * @throws TypeError |
| 611 | 607 | */ |
| 612 | - public static function crypto_auth_verify($mac, $message, $key) |
|
| 613 | - { |
|
| 608 | + public static function crypto_auth_verify($mac, $message, $key) { |
|
| 614 | 609 | /* Type checks: */ |
| 615 | 610 | ParagonIE_Sodium_Core_Util::declareScalarType($mac, 'string', 1); |
| 616 | 611 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
@@ -652,8 +647,7 @@ discard block |
||
| 652 | 647 | * @throws Error |
| 653 | 648 | * @throws TypeError |
| 654 | 649 | */ |
| 655 | - public static function crypto_box($plaintext, $nonce, $keypair) |
|
| 656 | - { |
|
| 650 | + public static function crypto_box($plaintext, $nonce, $keypair) { |
|
| 657 | 651 | /* Type checks: */ |
| 658 | 652 | ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
| 659 | 653 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -695,8 +689,7 @@ discard block |
||
| 695 | 689 | * @throws Error |
| 696 | 690 | * @throws TypeError |
| 697 | 691 | */ |
| 698 | - public static function crypto_box_seal($plaintext, $publicKey) |
|
| 699 | - { |
|
| 692 | + public static function crypto_box_seal($plaintext, $publicKey) { |
|
| 700 | 693 | /* Type checks: */ |
| 701 | 694 | ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
| 702 | 695 | ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
@@ -730,8 +723,7 @@ discard block |
||
| 730 | 723 | * @throws Error |
| 731 | 724 | * @throws TypeError |
| 732 | 725 | */ |
| 733 | - public static function crypto_box_seal_open($ciphertext, $keypair) |
|
| 734 | - { |
|
| 726 | + public static function crypto_box_seal_open($ciphertext, $keypair) { |
|
| 735 | 727 | /* Type checks: */ |
| 736 | 728 | ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
| 737 | 729 | ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 2); |
@@ -761,8 +753,7 @@ discard block |
||
| 761 | 753 | * and crypto_box_publickey() exist to separate them so you |
| 762 | 754 | * don't accidentally get them mixed up! |
| 763 | 755 | */ |
| 764 | - public static function crypto_box_keypair() |
|
| 765 | - { |
|
| 756 | + public static function crypto_box_keypair() { |
|
| 766 | 757 | if (self::isPhp72OrGreater()) { |
| 767 | 758 | return sodium_crypto_box_keypair(); |
| 768 | 759 | } |
@@ -782,8 +773,7 @@ discard block |
||
| 782 | 773 | * @throws Error |
| 783 | 774 | * @throws TypeError |
| 784 | 775 | */ |
| 785 | - public static function crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey) |
|
| 786 | - { |
|
| 776 | + public static function crypto_box_keypair_from_secretkey_and_publickey($secretKey, $publicKey) { |
|
| 787 | 777 | /* Type checks: */ |
| 788 | 778 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
| 789 | 779 | ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
@@ -818,8 +808,7 @@ discard block |
||
| 818 | 808 | * @throws Error |
| 819 | 809 | * @throws TypeError |
| 820 | 810 | */ |
| 821 | - public static function crypto_box_open($ciphertext, $nonce, $keypair) |
|
| 822 | - { |
|
| 811 | + public static function crypto_box_open($ciphertext, $nonce, $keypair) { |
|
| 823 | 812 | /* Type checks: */ |
| 824 | 813 | ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
| 825 | 814 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -856,8 +845,7 @@ discard block |
||
| 856 | 845 | * @throws Error |
| 857 | 846 | * @throws TypeError |
| 858 | 847 | */ |
| 859 | - public static function crypto_box_publickey($keypair) |
|
| 860 | - { |
|
| 848 | + public static function crypto_box_publickey($keypair) { |
|
| 861 | 849 | /* Type checks: */ |
| 862 | 850 | ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
| 863 | 851 | |
@@ -886,8 +874,7 @@ discard block |
||
| 886 | 874 | * @throws Error |
| 887 | 875 | * @throws TypeError |
| 888 | 876 | */ |
| 889 | - public static function crypto_box_publickey_from_secretkey($secretKey) |
|
| 890 | - { |
|
| 877 | + public static function crypto_box_publickey_from_secretkey($secretKey) { |
|
| 891 | 878 | /* Type checks: */ |
| 892 | 879 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
| 893 | 880 | |
@@ -916,8 +903,7 @@ discard block |
||
| 916 | 903 | * @throws Error |
| 917 | 904 | * @throws TypeError |
| 918 | 905 | */ |
| 919 | - public static function crypto_box_secretkey($keypair) |
|
| 920 | - { |
|
| 906 | + public static function crypto_box_secretkey($keypair) { |
|
| 921 | 907 | /* Type checks: */ |
| 922 | 908 | ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
| 923 | 909 | |
@@ -944,8 +930,7 @@ discard block |
||
| 944 | 930 | * @param string $seed |
| 945 | 931 | * @return string |
| 946 | 932 | */ |
| 947 | - public static function crypto_box_seed_keypair($seed) |
|
| 948 | - { |
|
| 933 | + public static function crypto_box_seed_keypair($seed) { |
|
| 949 | 934 | /* Type checks: */ |
| 950 | 935 | ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
| 951 | 936 | |
@@ -970,8 +955,7 @@ discard block |
||
| 970 | 955 | * @throws Error |
| 971 | 956 | * @throws TypeError |
| 972 | 957 | */ |
| 973 | - public static function crypto_generichash($message, $key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 974 | - { |
|
| 958 | + public static function crypto_generichash($message, $key = '', $length = self::CRYPTO_GENERICHASH_BYTES) { |
|
| 975 | 959 | /* Type checks: */ |
| 976 | 960 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
| 977 | 961 | if (is_null($key)) { |
@@ -1011,8 +995,7 @@ discard block |
||
| 1011 | 995 | * @throws Error |
| 1012 | 996 | * @throws TypeError |
| 1013 | 997 | */ |
| 1014 | - public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1015 | - { |
|
| 998 | + public static function crypto_generichash_final(&$ctx, $length = self::CRYPTO_GENERICHASH_BYTES) { |
|
| 1016 | 999 | /* Type checks: */ |
| 1017 | 1000 | ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
| 1018 | 1001 | ParagonIE_Sodium_Core_Util::declareScalarType($length, 'int', 2); |
@@ -1047,8 +1030,7 @@ discard block |
||
| 1047 | 1030 | * @throws Error |
| 1048 | 1031 | * @throws TypeError |
| 1049 | 1032 | */ |
| 1050 | - public static function crypto_generichash_init($key = '', $length = self::CRYPTO_GENERICHASH_BYTES) |
|
| 1051 | - { |
|
| 1033 | + public static function crypto_generichash_init($key = '', $length = self::CRYPTO_GENERICHASH_BYTES) { |
|
| 1052 | 1034 | /* Type checks: */ |
| 1053 | 1035 | if (is_null($key)) { |
| 1054 | 1036 | $key = ''; |
@@ -1087,8 +1069,7 @@ discard block |
||
| 1087 | 1069 | * @return void |
| 1088 | 1070 | * @throws TypeError |
| 1089 | 1071 | */ |
| 1090 | - public static function crypto_generichash_update(&$ctx, $message) |
|
| 1091 | - { |
|
| 1072 | + public static function crypto_generichash_update(&$ctx, $message) { |
|
| 1092 | 1073 | /* Type checks: */ |
| 1093 | 1074 | ParagonIE_Sodium_Core_Util::declareScalarType($ctx, 'string', 1); |
| 1094 | 1075 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
@@ -1137,8 +1118,7 @@ discard block |
||
| 1137 | 1118 | * @throws Error |
| 1138 | 1119 | * @throws TypeError |
| 1139 | 1120 | */ |
| 1140 | - public static function crypto_kx($my_secret, $their_public, $client_public, $server_public) |
|
| 1141 | - { |
|
| 1121 | + public static function crypto_kx($my_secret, $their_public, $client_public, $server_public) { |
|
| 1142 | 1122 | /* Type checks: */ |
| 1143 | 1123 | ParagonIE_Sodium_Core_Util::declareScalarType($my_secret, 'string', 1); |
| 1144 | 1124 | ParagonIE_Sodium_Core_Util::declareScalarType($their_public, 'string', 2); |
@@ -1203,8 +1183,7 @@ discard block |
||
| 1203 | 1183 | * @return string |
| 1204 | 1184 | * @throws Error |
| 1205 | 1185 | */ |
| 1206 | - public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1207 | - { |
|
| 1186 | + public static function crypto_pwhash($outlen, $passwd, $salt, $opslimit, $memlimit) { |
|
| 1208 | 1187 | ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
| 1209 | 1188 | ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
| 1210 | 1189 | ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
@@ -1230,8 +1209,7 @@ discard block |
||
| 1230 | 1209 | * @return string |
| 1231 | 1210 | * @throws Error |
| 1232 | 1211 | */ |
| 1233 | - public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) |
|
| 1234 | - { |
|
| 1212 | + public static function crypto_pwhash_str($passwd, $opslimit, $memlimit) { |
|
| 1235 | 1213 | ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
| 1236 | 1214 | ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
| 1237 | 1215 | ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
@@ -1254,8 +1232,7 @@ discard block |
||
| 1254 | 1232 | * @return bool |
| 1255 | 1233 | * @throws Error |
| 1256 | 1234 | */ |
| 1257 | - public static function crypto_pwhash_str_verify($passwd, $hash) |
|
| 1258 | - { |
|
| 1235 | + public static function crypto_pwhash_str_verify($passwd, $hash) { |
|
| 1259 | 1236 | ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
| 1260 | 1237 | ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
| 1261 | 1238 | |
@@ -1280,8 +1257,7 @@ discard block |
||
| 1280 | 1257 | * @return string |
| 1281 | 1258 | * @throws Error |
| 1282 | 1259 | */ |
| 1283 | - public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) |
|
| 1284 | - { |
|
| 1260 | + public static function crypto_pwhash_scryptsalsa208sha256($outlen, $passwd, $salt, $opslimit, $memlimit) { |
|
| 1285 | 1261 | ParagonIE_Sodium_Core_Util::declareScalarType($outlen, 'int', 1); |
| 1286 | 1262 | ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 2); |
| 1287 | 1263 | ParagonIE_Sodium_Core_Util::declareScalarType($salt, 'string', 3); |
@@ -1307,8 +1283,7 @@ discard block |
||
| 1307 | 1283 | * @return string |
| 1308 | 1284 | * @throws Error |
| 1309 | 1285 | */ |
| 1310 | - public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) |
|
| 1311 | - { |
|
| 1286 | + public static function crypto_pwhash_scryptsalsa208sha256_str($passwd, $opslimit, $memlimit) { |
|
| 1312 | 1287 | ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
| 1313 | 1288 | ParagonIE_Sodium_Core_Util::declareScalarType($opslimit, 'int', 2); |
| 1314 | 1289 | ParagonIE_Sodium_Core_Util::declareScalarType($memlimit, 'int', 3); |
@@ -1331,8 +1306,7 @@ discard block |
||
| 1331 | 1306 | * @return bool |
| 1332 | 1307 | * @throws Error |
| 1333 | 1308 | */ |
| 1334 | - public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) |
|
| 1335 | - { |
|
| 1309 | + public static function crypto_pwhash_scryptsalsa208sha256_str_verify($passwd, $hash) { |
|
| 1336 | 1310 | ParagonIE_Sodium_Core_Util::declareScalarType($passwd, 'string', 1); |
| 1337 | 1311 | ParagonIE_Sodium_Core_Util::declareScalarType($hash, 'string', 2); |
| 1338 | 1312 | |
@@ -1360,8 +1334,7 @@ discard block |
||
| 1360 | 1334 | * @throws Error |
| 1361 | 1335 | * @throws TypeError |
| 1362 | 1336 | */ |
| 1363 | - public static function crypto_scalarmult($secretKey, $publicKey) |
|
| 1364 | - { |
|
| 1337 | + public static function crypto_scalarmult($secretKey, $publicKey) { |
|
| 1365 | 1338 | /* Type checks: */ |
| 1366 | 1339 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
| 1367 | 1340 | ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
@@ -1402,8 +1375,7 @@ discard block |
||
| 1402 | 1375 | * @throws Error |
| 1403 | 1376 | * @throws TypeError |
| 1404 | 1377 | */ |
| 1405 | - public static function crypto_scalarmult_base($secretKey) |
|
| 1406 | - { |
|
| 1378 | + public static function crypto_scalarmult_base($secretKey) { |
|
| 1407 | 1379 | /* Type checks: */ |
| 1408 | 1380 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
| 1409 | 1381 | |
@@ -1439,8 +1411,7 @@ discard block |
||
| 1439 | 1411 | * @throws Error |
| 1440 | 1412 | * @throws TypeError |
| 1441 | 1413 | */ |
| 1442 | - public static function crypto_secretbox($plaintext, $nonce, $key) |
|
| 1443 | - { |
|
| 1414 | + public static function crypto_secretbox($plaintext, $nonce, $key) { |
|
| 1444 | 1415 | /* Type checks: */ |
| 1445 | 1416 | ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
| 1446 | 1417 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -1476,8 +1447,7 @@ discard block |
||
| 1476 | 1447 | * @throws Error |
| 1477 | 1448 | * @throws TypeError |
| 1478 | 1449 | */ |
| 1479 | - public static function crypto_secretbox_open($ciphertext, $nonce, $key) |
|
| 1480 | - { |
|
| 1450 | + public static function crypto_secretbox_open($ciphertext, $nonce, $key) { |
|
| 1481 | 1451 | /* Type checks: */ |
| 1482 | 1452 | ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
| 1483 | 1453 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -1515,8 +1485,7 @@ discard block |
||
| 1515 | 1485 | * @throws Error |
| 1516 | 1486 | * @throws TypeError |
| 1517 | 1487 | */ |
| 1518 | - public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $key) |
|
| 1519 | - { |
|
| 1488 | + public static function crypto_secretbox_xchacha20poly1305($plaintext, $nonce, $key) { |
|
| 1520 | 1489 | /* Type checks: */ |
| 1521 | 1490 | ParagonIE_Sodium_Core_Util::declareScalarType($plaintext, 'string', 1); |
| 1522 | 1491 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -1544,8 +1513,7 @@ discard block |
||
| 1544 | 1513 | * @throws Error |
| 1545 | 1514 | * @throws TypeError |
| 1546 | 1515 | */ |
| 1547 | - public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) |
|
| 1548 | - { |
|
| 1516 | + public static function crypto_secretbox_xchacha20poly1305_open($ciphertext, $nonce, $key) { |
|
| 1549 | 1517 | /* Type checks: */ |
| 1550 | 1518 | ParagonIE_Sodium_Core_Util::declareScalarType($ciphertext, 'string', 1); |
| 1551 | 1519 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -1574,8 +1542,7 @@ discard block |
||
| 1574 | 1542 | * @throws Error |
| 1575 | 1543 | * @throws TypeError |
| 1576 | 1544 | */ |
| 1577 | - public static function crypto_shorthash($message, $key) |
|
| 1578 | - { |
|
| 1545 | + public static function crypto_shorthash($message, $key) { |
|
| 1579 | 1546 | /* Type checks: */ |
| 1580 | 1547 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
| 1581 | 1548 | ParagonIE_Sodium_Core_Util::declareScalarType($key, 'string', 2); |
@@ -1610,8 +1577,7 @@ discard block |
||
| 1610 | 1577 | * @throws Error |
| 1611 | 1578 | * @throws TypeError |
| 1612 | 1579 | */ |
| 1613 | - public static function crypto_stream($len, $nonce, $key) |
|
| 1614 | - { |
|
| 1580 | + public static function crypto_stream($len, $nonce, $key) { |
|
| 1615 | 1581 | /* Type checks: */ |
| 1616 | 1582 | ParagonIE_Sodium_Core_Util::declareScalarType($len, 'int', 1); |
| 1617 | 1583 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -1656,8 +1622,7 @@ discard block |
||
| 1656 | 1622 | * @throws Error |
| 1657 | 1623 | * @throws TypeError |
| 1658 | 1624 | */ |
| 1659 | - public static function crypto_stream_xor($message, $nonce, $key) |
|
| 1660 | - { |
|
| 1625 | + public static function crypto_stream_xor($message, $nonce, $key) { |
|
| 1661 | 1626 | /* Type checks: */ |
| 1662 | 1627 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
| 1663 | 1628 | ParagonIE_Sodium_Core_Util::declareScalarType($nonce, 'string', 2); |
@@ -1695,8 +1660,7 @@ discard block |
||
| 1695 | 1660 | * @throws Error |
| 1696 | 1661 | * @throws TypeError |
| 1697 | 1662 | */ |
| 1698 | - public static function crypto_sign($message, $secretKey) |
|
| 1699 | - { |
|
| 1663 | + public static function crypto_sign($message, $secretKey) { |
|
| 1700 | 1664 | /* Type checks: */ |
| 1701 | 1665 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
| 1702 | 1666 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
@@ -1728,8 +1692,7 @@ discard block |
||
| 1728 | 1692 | * @throws Error |
| 1729 | 1693 | * @throws TypeError |
| 1730 | 1694 | */ |
| 1731 | - public static function crypto_sign_open($signedMessage, $publicKey) |
|
| 1732 | - { |
|
| 1695 | + public static function crypto_sign_open($signedMessage, $publicKey) { |
|
| 1733 | 1696 | /* Type checks: */ |
| 1734 | 1697 | ParagonIE_Sodium_Core_Util::declareScalarType($signedMessage, 'string', 1); |
| 1735 | 1698 | ParagonIE_Sodium_Core_Util::declareScalarType($publicKey, 'string', 2); |
@@ -1759,8 +1722,7 @@ discard block |
||
| 1759 | 1722 | * |
| 1760 | 1723 | * @return string |
| 1761 | 1724 | */ |
| 1762 | - public static function crypto_sign_keypair() |
|
| 1763 | - { |
|
| 1725 | + public static function crypto_sign_keypair() { |
|
| 1764 | 1726 | if (self::isPhp72OrGreater()) { |
| 1765 | 1727 | return sodium_crypto_sign_keypair(); |
| 1766 | 1728 | } |
@@ -1781,8 +1743,7 @@ discard block |
||
| 1781 | 1743 | * @param string $seed Input seed |
| 1782 | 1744 | * @return string Keypair |
| 1783 | 1745 | */ |
| 1784 | - public static function crypto_sign_seed_keypair($seed) |
|
| 1785 | - { |
|
| 1746 | + public static function crypto_sign_seed_keypair($seed) { |
|
| 1786 | 1747 | ParagonIE_Sodium_Core_Util::declareScalarType($seed, 'string', 1); |
| 1787 | 1748 | |
| 1788 | 1749 | if (self::isPhp72OrGreater()) { |
@@ -1809,8 +1770,7 @@ discard block |
||
| 1809 | 1770 | * @throws Error |
| 1810 | 1771 | * @throws TypeError |
| 1811 | 1772 | */ |
| 1812 | - public static function crypto_sign_publickey($keypair) |
|
| 1813 | - { |
|
| 1773 | + public static function crypto_sign_publickey($keypair) { |
|
| 1814 | 1774 | /* Type checks: */ |
| 1815 | 1775 | ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
| 1816 | 1776 | |
@@ -1839,8 +1799,7 @@ discard block |
||
| 1839 | 1799 | * @throws Error |
| 1840 | 1800 | * @throws TypeError |
| 1841 | 1801 | */ |
| 1842 | - public static function crypto_sign_publickey_from_secretkey($secretKey) |
|
| 1843 | - { |
|
| 1802 | + public static function crypto_sign_publickey_from_secretkey($secretKey) { |
|
| 1844 | 1803 | /* Type checks: */ |
| 1845 | 1804 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 1); |
| 1846 | 1805 | |
@@ -1869,8 +1828,7 @@ discard block |
||
| 1869 | 1828 | * @throws Error |
| 1870 | 1829 | * @throws TypeError |
| 1871 | 1830 | */ |
| 1872 | - public static function crypto_sign_secretkey($keypair) |
|
| 1873 | - { |
|
| 1831 | + public static function crypto_sign_secretkey($keypair) { |
|
| 1874 | 1832 | /* Type checks: */ |
| 1875 | 1833 | ParagonIE_Sodium_Core_Util::declareScalarType($keypair, 'string', 1); |
| 1876 | 1834 | |
@@ -1902,8 +1860,7 @@ discard block |
||
| 1902 | 1860 | * @throws Error |
| 1903 | 1861 | * @throws TypeError |
| 1904 | 1862 | */ |
| 1905 | - public static function crypto_sign_detached($message, $secretKey) |
|
| 1906 | - { |
|
| 1863 | + public static function crypto_sign_detached($message, $secretKey) { |
|
| 1907 | 1864 | /* Type checks: */ |
| 1908 | 1865 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 1); |
| 1909 | 1866 | ParagonIE_Sodium_Core_Util::declareScalarType($secretKey, 'string', 2); |
@@ -1936,8 +1893,7 @@ discard block |
||
| 1936 | 1893 | * @throws Error |
| 1937 | 1894 | * @throws TypeError |
| 1938 | 1895 | */ |
| 1939 | - public static function crypto_sign_verify_detached($signature, $message, $publicKey) |
|
| 1940 | - { |
|
| 1896 | + public static function crypto_sign_verify_detached($signature, $message, $publicKey) { |
|
| 1941 | 1897 | /* Type checks: */ |
| 1942 | 1898 | ParagonIE_Sodium_Core_Util::declareScalarType($signature, 'string', 1); |
| 1943 | 1899 | ParagonIE_Sodium_Core_Util::declareScalarType($message, 'string', 2); |
@@ -1970,8 +1926,7 @@ discard block |
||
| 1970 | 1926 | * @return string |
| 1971 | 1927 | * @throws Error |
| 1972 | 1928 | */ |
| 1973 | - public static function crypto_sign_ed25519_sk_to_curve25519($sk) |
|
| 1974 | - { |
|
| 1929 | + public static function crypto_sign_ed25519_sk_to_curve25519($sk) { |
|
| 1975 | 1930 | /* Type checks: */ |
| 1976 | 1931 | ParagonIE_Sodium_Core_Util::declareScalarType($sk, 'string', 1); |
| 1977 | 1932 | |
@@ -2005,8 +1960,7 @@ discard block |
||
| 2005 | 1960 | * @return string Raw binary string |
| 2006 | 1961 | * @throws TypeError |
| 2007 | 1962 | */ |
| 2008 | - public static function hex2bin($string) |
|
| 2009 | - { |
|
| 1963 | + public static function hex2bin($string) { |
|
| 2010 | 1964 | /* Type checks: */ |
| 2011 | 1965 | ParagonIE_Sodium_Core_Util::declareScalarType($string, 'string', 1); |
| 2012 | 1966 | |
@@ -2027,8 +1981,7 @@ discard block |
||
| 2027 | 1981 | * @return void |
| 2028 | 1982 | * @throws Error (Unless libsodium is installed) |
| 2029 | 1983 | */ |
| 2030 | - public static function increment(&$var) |
|
| 2031 | - { |
|
| 1984 | + public static function increment(&$var) { |
|
| 2032 | 1985 | /* Type checks: */ |
| 2033 | 1986 | ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
| 2034 | 1987 | |
@@ -2060,8 +2013,7 @@ discard block |
||
| 2060 | 2013 | * |
| 2061 | 2014 | * @return int |
| 2062 | 2015 | */ |
| 2063 | - public static function library_version_major() |
|
| 2064 | - { |
|
| 2016 | + public static function library_version_major() { |
|
| 2065 | 2017 | if (self::isPhp72OrGreater()) { |
| 2066 | 2018 | return sodium_library_version_major(); |
| 2067 | 2019 | } |
@@ -2077,8 +2029,7 @@ discard block |
||
| 2077 | 2029 | * |
| 2078 | 2030 | * @return int |
| 2079 | 2031 | */ |
| 2080 | - public static function library_version_minor() |
|
| 2081 | - { |
|
| 2032 | + public static function library_version_minor() { |
|
| 2082 | 2033 | if (self::isPhp72OrGreater()) { |
| 2083 | 2034 | return sodium_library_version_minor(); |
| 2084 | 2035 | } |
@@ -2096,8 +2047,7 @@ discard block |
||
| 2096 | 2047 | * @return int |
| 2097 | 2048 | * @throws TypeError |
| 2098 | 2049 | */ |
| 2099 | - public static function memcmp($left, $right) |
|
| 2100 | - { |
|
| 2050 | + public static function memcmp($left, $right) { |
|
| 2101 | 2051 | /* Type checks: */ |
| 2102 | 2052 | ParagonIE_Sodium_Core_Util::declareScalarType($left, 'string', 1); |
| 2103 | 2053 | ParagonIE_Sodium_Core_Util::declareScalarType($right, 'string', 2); |
@@ -2117,8 +2067,7 @@ discard block |
||
| 2117 | 2067 | * @return void |
| 2118 | 2068 | * @throws Error (Unless libsodium is installed) |
| 2119 | 2069 | */ |
| 2120 | - public static function memzero(&$var) |
|
| 2121 | - { |
|
| 2070 | + public static function memzero(&$var) { |
|
| 2122 | 2071 | /* Type checks: */ |
| 2123 | 2072 | ParagonIE_Sodium_Core_Util::declareScalarType($var, 'string', 1); |
| 2124 | 2073 | |
@@ -2144,8 +2093,7 @@ discard block |
||
| 2144 | 2093 | * @return string |
| 2145 | 2094 | * @throws TypeError |
| 2146 | 2095 | */ |
| 2147 | - public static function randombytes_buf($numBytes) |
|
| 2148 | - { |
|
| 2096 | + public static function randombytes_buf($numBytes) { |
|
| 2149 | 2097 | /* Type checks: */ |
| 2150 | 2098 | if (!is_int($numBytes)) { |
| 2151 | 2099 | if (is_numeric($numBytes)) { |
@@ -2167,8 +2115,7 @@ discard block |
||
| 2167 | 2115 | * @return int |
| 2168 | 2116 | * @throws TypeError |
| 2169 | 2117 | */ |
| 2170 | - public static function randombytes_uniform($range) |
|
| 2171 | - { |
|
| 2118 | + public static function randombytes_uniform($range) { |
|
| 2172 | 2119 | /* Type checks: */ |
| 2173 | 2120 | if (!is_int($range)) { |
| 2174 | 2121 | if (is_numeric($range)) { |
@@ -2188,8 +2135,7 @@ discard block |
||
| 2188 | 2135 | * |
| 2189 | 2136 | * @return int |
| 2190 | 2137 | */ |
| 2191 | - public static function randombytes_random16() |
|
| 2192 | - { |
|
| 2138 | + public static function randombytes_random16() { |
|
| 2193 | 2139 | if (self::use_fallback('randombytes_random16')) { |
| 2194 | 2140 | return (int) call_user_func('\\Sodium\\randombytes_random16'); |
| 2195 | 2141 | } |
@@ -2202,8 +2148,7 @@ discard block |
||
| 2202 | 2148 | * |
| 2203 | 2149 | * @return string |
| 2204 | 2150 | */ |
| 2205 | - public static function version_string() |
|
| 2206 | - { |
|
| 2151 | + public static function version_string() { |
|
| 2207 | 2152 | if (self::isPhp72OrGreater()) { |
| 2208 | 2153 | return sodium_version_string(); |
| 2209 | 2154 | } |
@@ -2225,8 +2170,7 @@ discard block |
||
| 2225 | 2170 | * |
| 2226 | 2171 | * @return bool |
| 2227 | 2172 | */ |
| 2228 | - protected static function use_fallback($sodium_func_name = '') |
|
| 2229 | - { |
|
| 2173 | + protected static function use_fallback($sodium_func_name = '') { |
|
| 2230 | 2174 | static $res = null; |
| 2231 | 2175 | if ($res === null) { |
| 2232 | 2176 | $res = extension_loaded('libsodium') && PHP_VERSION_ID >= 50300; |
@@ -2268,8 +2212,7 @@ discard block |
||
| 2268 | 2212 | * @ref https://wiki.php.net/rfc/libsodium |
| 2269 | 2213 | * @return bool |
| 2270 | 2214 | */ |
| 2271 | - protected static function isPhp72OrGreater() |
|
| 2272 | - { |
|
| 2215 | + protected static function isPhp72OrGreater() { |
|
| 2273 | 2216 | static $res = null; |
| 2274 | 2217 | if ($res === null) { |
| 2275 | 2218 | $res = PHP_VERSION_ID >= 70200 && extension_loaded('sodium'); |
@@ -184,7 +184,7 @@ |
||
| 184 | 184 | * @internal You should not use this directly from another application |
| 185 | 185 | * |
| 186 | 186 | * @param SplFixedArray $x |
| 187 | - * @return int |
|
| 187 | + * @return double |
|
| 188 | 188 | */ |
| 189 | 189 | protected static function flatten64($x) |
| 190 | 190 | { |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core_BLAKE2b', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -11,666 +11,666 @@ discard block |
||
| 11 | 11 | */ |
| 12 | 12 | abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util |
| 13 | 13 | { |
| 14 | - /** |
|
| 15 | - * @var SplFixedArray |
|
| 16 | - */ |
|
| 17 | - protected static $iv; |
|
| 18 | - |
|
| 19 | - /** |
|
| 20 | - * @var int[][] |
|
| 21 | - */ |
|
| 22 | - protected static $sigma = array( |
|
| 23 | - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), |
|
| 24 | - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3), |
|
| 25 | - array( 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4), |
|
| 26 | - array( 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8), |
|
| 27 | - array( 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13), |
|
| 28 | - array( 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9), |
|
| 29 | - array( 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11), |
|
| 30 | - array( 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10), |
|
| 31 | - array( 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5), |
|
| 32 | - array( 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0), |
|
| 33 | - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), |
|
| 34 | - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3) |
|
| 35 | - ); |
|
| 36 | - |
|
| 37 | - const BLOCKBYTES = 128; |
|
| 38 | - const OUTBYTES = 64; |
|
| 39 | - const KEYBYTES = 64; |
|
| 40 | - |
|
| 41 | - /** |
|
| 42 | - * Turn two 32-bit integers into a fixed array representing a 64-bit integer. |
|
| 43 | - * |
|
| 44 | - * @internal You should not use this directly from another application |
|
| 45 | - * |
|
| 46 | - * @param int $high |
|
| 47 | - * @param int $low |
|
| 48 | - * @return SplFixedArray |
|
| 49 | - */ |
|
| 50 | - public static function new64($high, $low) |
|
| 51 | - { |
|
| 52 | - $i64 = new SplFixedArray(2); |
|
| 53 | - $i64[0] = $high & 0xffffffff; |
|
| 54 | - $i64[1] = $low & 0xffffffff; |
|
| 55 | - return $i64; |
|
| 56 | - } |
|
| 57 | - |
|
| 58 | - /** |
|
| 59 | - * Convert an arbitrary number into an SplFixedArray of two 32-bit integers |
|
| 60 | - * that represents a 64-bit integer. |
|
| 61 | - * |
|
| 62 | - * @internal You should not use this directly from another application |
|
| 63 | - * |
|
| 64 | - * @param int $num |
|
| 65 | - * @return SplFixedArray |
|
| 66 | - */ |
|
| 67 | - protected static function to64($num) |
|
| 68 | - { |
|
| 69 | - list($hi, $lo) = self::numericTo64BitInteger($num); |
|
| 70 | - return self::new64($hi, $lo); |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * Adds two 64-bit integers together, returning their sum as a SplFixedArray |
|
| 75 | - * containing two 32-bit integers (representing a 64-bit integer). |
|
| 76 | - * |
|
| 77 | - * @internal You should not use this directly from another application |
|
| 78 | - * |
|
| 79 | - * @param SplFixedArray $x |
|
| 80 | - * @param SplFixedArray $y |
|
| 81 | - * @return SplFixedArray |
|
| 82 | - */ |
|
| 83 | - protected static function add64($x, $y) |
|
| 84 | - { |
|
| 85 | - $l = ($x[1] + $y[1]) & 0xffffffff; |
|
| 86 | - return self::new64( |
|
| 87 | - $x[0] + $y[0] + ( |
|
| 88 | - ($l < $x[1]) ? 1 : 0 |
|
| 89 | - ), |
|
| 90 | - $l |
|
| 91 | - ); |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - /** |
|
| 95 | - * @internal You should not use this directly from another application |
|
| 96 | - * |
|
| 97 | - * @param SplFixedArray $x |
|
| 98 | - * @param SplFixedArray $y |
|
| 99 | - * @param SplFixedArray $z |
|
| 100 | - * @return SplFixedArray |
|
| 101 | - */ |
|
| 102 | - protected static function add364($x, $y, $z) |
|
| 103 | - { |
|
| 104 | - return self::add64($x, self::add64($y, $z)); |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - /** |
|
| 108 | - * @internal You should not use this directly from another application |
|
| 109 | - * |
|
| 110 | - * @param SplFixedArray $x |
|
| 111 | - * @param SplFixedArray $y |
|
| 112 | - * @return SplFixedArray |
|
| 113 | - * @throws Exception |
|
| 114 | - */ |
|
| 115 | - protected static function xor64(SplFixedArray $x, SplFixedArray $y) |
|
| 116 | - { |
|
| 117 | - if (!is_numeric($x[0])) { |
|
| 118 | - throw new Exception('x[0] is not an integer'); |
|
| 119 | - } |
|
| 120 | - if (!is_numeric($x[1])) { |
|
| 121 | - throw new Exception('x[1] is not an integer'); |
|
| 122 | - } |
|
| 123 | - if (!is_numeric($y[0])) { |
|
| 124 | - throw new Exception('y[0] is not an integer'); |
|
| 125 | - } |
|
| 126 | - if (!is_numeric($y[1])) { |
|
| 127 | - throw new Exception('y[1] is not an integer'); |
|
| 128 | - } |
|
| 129 | - return self::new64($x[0] ^ $y[0], $x[1] ^ $y[1]); |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - /** |
|
| 133 | - * @internal You should not use this directly from another application |
|
| 134 | - * |
|
| 135 | - * @param SplFixedArray $x |
|
| 136 | - * @param int $c |
|
| 137 | - * @return SplFixedArray |
|
| 138 | - */ |
|
| 139 | - public static function rotr64($x, $c) |
|
| 140 | - { |
|
| 141 | - if ($c >= 64) { |
|
| 142 | - $c %= 64; |
|
| 143 | - } |
|
| 144 | - if ($c >= 32) { |
|
| 145 | - $tmp = $x[0]; |
|
| 146 | - $x[0] = $x[1]; |
|
| 147 | - $x[1] = $tmp; |
|
| 148 | - $c -= 32; |
|
| 149 | - } |
|
| 150 | - if ($c === 0) { |
|
| 151 | - return $x; |
|
| 152 | - } |
|
| 153 | - |
|
| 154 | - $l0 = 0; |
|
| 155 | - $c = 64 - $c; |
|
| 156 | - |
|
| 157 | - if ($c < 32) { |
|
| 158 | - $h0 = ($x[0] << $c) | ( |
|
| 159 | - ( |
|
| 160 | - $x[1] & ((1 << $c) - 1) |
|
| 161 | - << |
|
| 162 | - (32 - $c) |
|
| 163 | - ) >> (32 - $c) |
|
| 164 | - ); |
|
| 165 | - $l0 = $x[1] << $c; |
|
| 166 | - } else { |
|
| 167 | - $h0 = $x[1] << ($c - 32); |
|
| 168 | - } |
|
| 169 | - |
|
| 170 | - $h1 = 0; |
|
| 171 | - $c1 = 64 - $c; |
|
| 172 | - |
|
| 173 | - if ($c1 < 32) { |
|
| 174 | - $h1 = $x[0] >> $c1; |
|
| 175 | - $l1 = ($x[1] >> $c1) | ($x[0] & ((1 << $c1) - 1)) << (32 - $c1); |
|
| 176 | - } else { |
|
| 177 | - $l1 = $x[0] >> ($c1 - 32); |
|
| 178 | - } |
|
| 179 | - |
|
| 180 | - return self::new64($h0 | $h1, $l0 | $l1); |
|
| 181 | - } |
|
| 182 | - |
|
| 183 | - /** |
|
| 184 | - * @internal You should not use this directly from another application |
|
| 185 | - * |
|
| 186 | - * @param SplFixedArray $x |
|
| 187 | - * @return int |
|
| 188 | - */ |
|
| 189 | - protected static function flatten64($x) |
|
| 190 | - { |
|
| 191 | - return ($x[0] * 4294967296 + $x[1]); |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - /** |
|
| 195 | - * @internal You should not use this directly from another application |
|
| 196 | - * |
|
| 197 | - * @param SplFixedArray $x |
|
| 198 | - * @param int $i |
|
| 199 | - * @return SplFixedArray |
|
| 200 | - */ |
|
| 201 | - protected static function load64(SplFixedArray $x, $i) |
|
| 202 | - { |
|
| 203 | - $l = $x[$i] | ($x[$i+1]<<8) | ($x[$i+2]<<16) | ($x[$i+3]<<24); |
|
| 204 | - $h = $x[$i+4] | ($x[$i+5]<<8) | ($x[$i+6]<<16) | ($x[$i+7]<<24); |
|
| 205 | - return self::new64($h, $l); |
|
| 206 | - } |
|
| 207 | - |
|
| 208 | - /** |
|
| 209 | - * @internal You should not use this directly from another application |
|
| 210 | - * |
|
| 211 | - * @param SplFixedArray $x |
|
| 212 | - * @param int $i |
|
| 213 | - * @param SplFixedArray $u |
|
| 214 | - * @return void |
|
| 215 | - */ |
|
| 216 | - protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) |
|
| 217 | - { |
|
| 218 | - $maxLength = $x->getSize() - 1; |
|
| 219 | - for ($j = 0; $j < 8; ++$j) { |
|
| 220 | - /* |
|
| 14 | + /** |
|
| 15 | + * @var SplFixedArray |
|
| 16 | + */ |
|
| 17 | + protected static $iv; |
|
| 18 | + |
|
| 19 | + /** |
|
| 20 | + * @var int[][] |
|
| 21 | + */ |
|
| 22 | + protected static $sigma = array( |
|
| 23 | + array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), |
|
| 24 | + array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3), |
|
| 25 | + array( 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4), |
|
| 26 | + array( 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8), |
|
| 27 | + array( 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13), |
|
| 28 | + array( 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9), |
|
| 29 | + array( 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11), |
|
| 30 | + array( 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10), |
|
| 31 | + array( 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5), |
|
| 32 | + array( 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0), |
|
| 33 | + array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), |
|
| 34 | + array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3) |
|
| 35 | + ); |
|
| 36 | + |
|
| 37 | + const BLOCKBYTES = 128; |
|
| 38 | + const OUTBYTES = 64; |
|
| 39 | + const KEYBYTES = 64; |
|
| 40 | + |
|
| 41 | + /** |
|
| 42 | + * Turn two 32-bit integers into a fixed array representing a 64-bit integer. |
|
| 43 | + * |
|
| 44 | + * @internal You should not use this directly from another application |
|
| 45 | + * |
|
| 46 | + * @param int $high |
|
| 47 | + * @param int $low |
|
| 48 | + * @return SplFixedArray |
|
| 49 | + */ |
|
| 50 | + public static function new64($high, $low) |
|
| 51 | + { |
|
| 52 | + $i64 = new SplFixedArray(2); |
|
| 53 | + $i64[0] = $high & 0xffffffff; |
|
| 54 | + $i64[1] = $low & 0xffffffff; |
|
| 55 | + return $i64; |
|
| 56 | + } |
|
| 57 | + |
|
| 58 | + /** |
|
| 59 | + * Convert an arbitrary number into an SplFixedArray of two 32-bit integers |
|
| 60 | + * that represents a 64-bit integer. |
|
| 61 | + * |
|
| 62 | + * @internal You should not use this directly from another application |
|
| 63 | + * |
|
| 64 | + * @param int $num |
|
| 65 | + * @return SplFixedArray |
|
| 66 | + */ |
|
| 67 | + protected static function to64($num) |
|
| 68 | + { |
|
| 69 | + list($hi, $lo) = self::numericTo64BitInteger($num); |
|
| 70 | + return self::new64($hi, $lo); |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * Adds two 64-bit integers together, returning their sum as a SplFixedArray |
|
| 75 | + * containing two 32-bit integers (representing a 64-bit integer). |
|
| 76 | + * |
|
| 77 | + * @internal You should not use this directly from another application |
|
| 78 | + * |
|
| 79 | + * @param SplFixedArray $x |
|
| 80 | + * @param SplFixedArray $y |
|
| 81 | + * @return SplFixedArray |
|
| 82 | + */ |
|
| 83 | + protected static function add64($x, $y) |
|
| 84 | + { |
|
| 85 | + $l = ($x[1] + $y[1]) & 0xffffffff; |
|
| 86 | + return self::new64( |
|
| 87 | + $x[0] + $y[0] + ( |
|
| 88 | + ($l < $x[1]) ? 1 : 0 |
|
| 89 | + ), |
|
| 90 | + $l |
|
| 91 | + ); |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + /** |
|
| 95 | + * @internal You should not use this directly from another application |
|
| 96 | + * |
|
| 97 | + * @param SplFixedArray $x |
|
| 98 | + * @param SplFixedArray $y |
|
| 99 | + * @param SplFixedArray $z |
|
| 100 | + * @return SplFixedArray |
|
| 101 | + */ |
|
| 102 | + protected static function add364($x, $y, $z) |
|
| 103 | + { |
|
| 104 | + return self::add64($x, self::add64($y, $z)); |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + /** |
|
| 108 | + * @internal You should not use this directly from another application |
|
| 109 | + * |
|
| 110 | + * @param SplFixedArray $x |
|
| 111 | + * @param SplFixedArray $y |
|
| 112 | + * @return SplFixedArray |
|
| 113 | + * @throws Exception |
|
| 114 | + */ |
|
| 115 | + protected static function xor64(SplFixedArray $x, SplFixedArray $y) |
|
| 116 | + { |
|
| 117 | + if (!is_numeric($x[0])) { |
|
| 118 | + throw new Exception('x[0] is not an integer'); |
|
| 119 | + } |
|
| 120 | + if (!is_numeric($x[1])) { |
|
| 121 | + throw new Exception('x[1] is not an integer'); |
|
| 122 | + } |
|
| 123 | + if (!is_numeric($y[0])) { |
|
| 124 | + throw new Exception('y[0] is not an integer'); |
|
| 125 | + } |
|
| 126 | + if (!is_numeric($y[1])) { |
|
| 127 | + throw new Exception('y[1] is not an integer'); |
|
| 128 | + } |
|
| 129 | + return self::new64($x[0] ^ $y[0], $x[1] ^ $y[1]); |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + /** |
|
| 133 | + * @internal You should not use this directly from another application |
|
| 134 | + * |
|
| 135 | + * @param SplFixedArray $x |
|
| 136 | + * @param int $c |
|
| 137 | + * @return SplFixedArray |
|
| 138 | + */ |
|
| 139 | + public static function rotr64($x, $c) |
|
| 140 | + { |
|
| 141 | + if ($c >= 64) { |
|
| 142 | + $c %= 64; |
|
| 143 | + } |
|
| 144 | + if ($c >= 32) { |
|
| 145 | + $tmp = $x[0]; |
|
| 146 | + $x[0] = $x[1]; |
|
| 147 | + $x[1] = $tmp; |
|
| 148 | + $c -= 32; |
|
| 149 | + } |
|
| 150 | + if ($c === 0) { |
|
| 151 | + return $x; |
|
| 152 | + } |
|
| 153 | + |
|
| 154 | + $l0 = 0; |
|
| 155 | + $c = 64 - $c; |
|
| 156 | + |
|
| 157 | + if ($c < 32) { |
|
| 158 | + $h0 = ($x[0] << $c) | ( |
|
| 159 | + ( |
|
| 160 | + $x[1] & ((1 << $c) - 1) |
|
| 161 | + << |
|
| 162 | + (32 - $c) |
|
| 163 | + ) >> (32 - $c) |
|
| 164 | + ); |
|
| 165 | + $l0 = $x[1] << $c; |
|
| 166 | + } else { |
|
| 167 | + $h0 = $x[1] << ($c - 32); |
|
| 168 | + } |
|
| 169 | + |
|
| 170 | + $h1 = 0; |
|
| 171 | + $c1 = 64 - $c; |
|
| 172 | + |
|
| 173 | + if ($c1 < 32) { |
|
| 174 | + $h1 = $x[0] >> $c1; |
|
| 175 | + $l1 = ($x[1] >> $c1) | ($x[0] & ((1 << $c1) - 1)) << (32 - $c1); |
|
| 176 | + } else { |
|
| 177 | + $l1 = $x[0] >> ($c1 - 32); |
|
| 178 | + } |
|
| 179 | + |
|
| 180 | + return self::new64($h0 | $h1, $l0 | $l1); |
|
| 181 | + } |
|
| 182 | + |
|
| 183 | + /** |
|
| 184 | + * @internal You should not use this directly from another application |
|
| 185 | + * |
|
| 186 | + * @param SplFixedArray $x |
|
| 187 | + * @return int |
|
| 188 | + */ |
|
| 189 | + protected static function flatten64($x) |
|
| 190 | + { |
|
| 191 | + return ($x[0] * 4294967296 + $x[1]); |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + /** |
|
| 195 | + * @internal You should not use this directly from another application |
|
| 196 | + * |
|
| 197 | + * @param SplFixedArray $x |
|
| 198 | + * @param int $i |
|
| 199 | + * @return SplFixedArray |
|
| 200 | + */ |
|
| 201 | + protected static function load64(SplFixedArray $x, $i) |
|
| 202 | + { |
|
| 203 | + $l = $x[$i] | ($x[$i+1]<<8) | ($x[$i+2]<<16) | ($x[$i+3]<<24); |
|
| 204 | + $h = $x[$i+4] | ($x[$i+5]<<8) | ($x[$i+6]<<16) | ($x[$i+7]<<24); |
|
| 205 | + return self::new64($h, $l); |
|
| 206 | + } |
|
| 207 | + |
|
| 208 | + /** |
|
| 209 | + * @internal You should not use this directly from another application |
|
| 210 | + * |
|
| 211 | + * @param SplFixedArray $x |
|
| 212 | + * @param int $i |
|
| 213 | + * @param SplFixedArray $u |
|
| 214 | + * @return void |
|
| 215 | + */ |
|
| 216 | + protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) |
|
| 217 | + { |
|
| 218 | + $maxLength = $x->getSize() - 1; |
|
| 219 | + for ($j = 0; $j < 8; ++$j) { |
|
| 220 | + /* |
|
| 221 | 221 | [0, 1, 2, 3, 4, 5, 6, 7] |
| 222 | 222 | ... becomes ... |
| 223 | 223 | [0, 0, 0, 0, 1, 1, 1, 1] |
| 224 | 224 | */ |
| 225 | - $uIdx = ((7 - $j) & 4) >> 2; |
|
| 226 | - $x[$i] = ($u[$uIdx] & 0xff); |
|
| 227 | - if (++$i > $maxLength) { |
|
| 228 | - return; |
|
| 229 | - } |
|
| 230 | - $u[$uIdx] >>= 8; |
|
| 231 | - } |
|
| 232 | - } |
|
| 233 | - |
|
| 234 | - /** |
|
| 235 | - * This just sets the $iv static variable. |
|
| 236 | - * |
|
| 237 | - * @internal You should not use this directly from another application |
|
| 238 | - * |
|
| 239 | - * @return void |
|
| 240 | - */ |
|
| 241 | - public static function pseudoConstructor() |
|
| 242 | - { |
|
| 243 | - static $called = false; |
|
| 244 | - if ($called) { |
|
| 245 | - return; |
|
| 246 | - } |
|
| 247 | - self::$iv = new SplFixedArray(8); |
|
| 248 | - self::$iv[0] = self::new64(0x6a09e667, 0xf3bcc908); |
|
| 249 | - self::$iv[1] = self::new64(0xbb67ae85, 0x84caa73b); |
|
| 250 | - self::$iv[2] = self::new64(0x3c6ef372, 0xfe94f82b); |
|
| 251 | - self::$iv[3] = self::new64(0xa54ff53a, 0x5f1d36f1); |
|
| 252 | - self::$iv[4] = self::new64(0x510e527f, 0xade682d1); |
|
| 253 | - self::$iv[5] = self::new64(0x9b05688c, 0x2b3e6c1f); |
|
| 254 | - self::$iv[6] = self::new64(0x1f83d9ab, 0xfb41bd6b); |
|
| 255 | - self::$iv[7] = self::new64(0x5be0cd19, 0x137e2179); |
|
| 256 | - |
|
| 257 | - $called = true; |
|
| 258 | - } |
|
| 259 | - |
|
| 260 | - /** |
|
| 261 | - * Returns a fresh BLAKE2 context. |
|
| 262 | - * |
|
| 263 | - * @internal You should not use this directly from another application |
|
| 264 | - * |
|
| 265 | - * @return SplFixedArray |
|
| 266 | - */ |
|
| 267 | - protected static function context() |
|
| 268 | - { |
|
| 269 | - $ctx = new SplFixedArray(5); |
|
| 270 | - $ctx[0] = new SplFixedArray(8); // h |
|
| 271 | - $ctx[1] = new SplFixedArray(2); // t |
|
| 272 | - $ctx[2] = new SplFixedArray(2); // f |
|
| 273 | - $ctx[3] = new SplFixedArray(256); // buf |
|
| 274 | - $ctx[4] = 0; // buflen |
|
| 275 | - |
|
| 276 | - for ($i = 8; $i--;) { |
|
| 277 | - $ctx[0][$i] = self::$iv[$i]; |
|
| 278 | - } |
|
| 279 | - for ($i = 256; $i--;) { |
|
| 280 | - $ctx[3][$i] = 0; |
|
| 281 | - } |
|
| 282 | - |
|
| 283 | - $zero = self::new64(0, 0); |
|
| 284 | - $ctx[1][0] = $zero; |
|
| 285 | - $ctx[1][1] = $zero; |
|
| 286 | - $ctx[2][0] = $zero; |
|
| 287 | - $ctx[2][1] = $zero; |
|
| 288 | - |
|
| 289 | - return $ctx; |
|
| 290 | - } |
|
| 291 | - |
|
| 292 | - /** |
|
| 293 | - * @internal You should not use this directly from another application |
|
| 294 | - * |
|
| 295 | - * @param SplFixedArray $ctx |
|
| 296 | - * @param SplFixedArray $buf |
|
| 297 | - * @return void |
|
| 298 | - */ |
|
| 299 | - protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) |
|
| 300 | - { |
|
| 301 | - $m = new SplFixedArray(16); |
|
| 302 | - $v = new SplFixedArray(16); |
|
| 303 | - |
|
| 304 | - for ($i = 16; $i--;) { |
|
| 305 | - $m[$i] = self::load64($buf, $i << 3); |
|
| 306 | - } |
|
| 307 | - |
|
| 308 | - for ($i = 8; $i--;) { |
|
| 309 | - $v[$i] = $ctx[0][$i]; |
|
| 310 | - } |
|
| 311 | - |
|
| 312 | - $v[ 8] = self::$iv[0]; |
|
| 313 | - $v[ 9] = self::$iv[1]; |
|
| 314 | - $v[10] = self::$iv[2]; |
|
| 315 | - $v[11] = self::$iv[3]; |
|
| 316 | - |
|
| 317 | - $v[12] = self::xor64($ctx[1][0], self::$iv[4]); |
|
| 318 | - $v[13] = self::xor64($ctx[1][1], self::$iv[5]); |
|
| 319 | - $v[14] = self::xor64($ctx[2][0], self::$iv[6]); |
|
| 320 | - $v[15] = self::xor64($ctx[2][1], self::$iv[7]); |
|
| 321 | - |
|
| 322 | - for ($r = 0; $r < 12; ++$r) { |
|
| 323 | - $v = self::G($r, 0, 0, 4, 8, 12, $v, $m); |
|
| 324 | - $v = self::G($r, 1, 1, 5, 9, 13, $v, $m); |
|
| 325 | - $v = self::G($r, 2, 2, 6, 10, 14, $v, $m); |
|
| 326 | - $v = self::G($r, 3, 3, 7, 11, 15, $v, $m); |
|
| 327 | - $v = self::G($r, 4, 0, 5, 10, 15, $v, $m); |
|
| 328 | - $v = self::G($r, 5, 1, 6, 11, 12, $v, $m); |
|
| 329 | - $v = self::G($r, 6, 2, 7, 8, 13, $v, $m); |
|
| 330 | - $v = self::G($r, 7, 3, 4, 9, 14, $v, $m); |
|
| 331 | - } |
|
| 332 | - |
|
| 333 | - for ($i = 8; $i--;) { |
|
| 334 | - $ctx[0][$i] = self::xor64( |
|
| 335 | - $ctx[0][$i], self::xor64($v[$i], $v[$i+8]) |
|
| 336 | - ); |
|
| 337 | - } |
|
| 338 | - } |
|
| 339 | - |
|
| 340 | - /** |
|
| 341 | - * @internal You should not use this directly from another application |
|
| 342 | - * |
|
| 343 | - * @param int $r |
|
| 344 | - * @param int $i |
|
| 345 | - * @param int $a |
|
| 346 | - * @param int $b |
|
| 347 | - * @param int $c |
|
| 348 | - * @param int $d |
|
| 349 | - * @param SplFixedArray $v |
|
| 350 | - * @param SplFixedArray $m |
|
| 351 | - * @return SplFixedArray |
|
| 352 | - */ |
|
| 353 | - public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) |
|
| 354 | - { |
|
| 355 | - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); |
|
| 356 | - $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); |
|
| 357 | - $v[$c] = self::add64($v[$c], $v[$d]); |
|
| 358 | - $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 24); |
|
| 359 | - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][($i << 1) + 1]]); |
|
| 360 | - $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 16); |
|
| 361 | - $v[$c] = self::add64($v[$c], $v[$d]); |
|
| 362 | - $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 63); |
|
| 363 | - return $v; |
|
| 364 | - } |
|
| 365 | - |
|
| 366 | - /** |
|
| 367 | - * @internal You should not use this directly from another application |
|
| 368 | - * |
|
| 369 | - * @param SplFixedArray $ctx |
|
| 370 | - * @param int $inc |
|
| 371 | - * @return void |
|
| 372 | - * @throws Error |
|
| 373 | - */ |
|
| 374 | - public static function increment_counter($ctx, $inc) |
|
| 375 | - { |
|
| 376 | - if ($inc < 0) { |
|
| 377 | - throw new Error('Increasing by a negative number makes no sense.'); |
|
| 378 | - } |
|
| 379 | - $t = self::to64($inc); |
|
| 380 | - # S->t is $ctx[1] in our implementation |
|
| 381 | - |
|
| 382 | - # S->t[0] = ( uint64_t )( t >> 0 ); |
|
| 383 | - $ctx[1][0] = self::add64($ctx[1][0], $t); |
|
| 384 | - |
|
| 385 | - # S->t[1] += ( S->t[0] < inc ); |
|
| 386 | - if (self::flatten64($ctx[1][0]) < $inc) { |
|
| 387 | - $ctx[1][1] = self::add64($ctx[1][1], self::to64(1)); |
|
| 388 | - } |
|
| 389 | - } |
|
| 390 | - |
|
| 391 | - /** |
|
| 392 | - * @internal You should not use this directly from another application |
|
| 393 | - * |
|
| 394 | - * @param SplFixedArray $ctx |
|
| 395 | - * @param SplFixedArray $p |
|
| 396 | - * @param int $plen |
|
| 397 | - * @return void |
|
| 398 | - */ |
|
| 399 | - public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) |
|
| 400 | - { |
|
| 401 | - self::pseudoConstructor(); |
|
| 402 | - |
|
| 403 | - $offset = 0; |
|
| 404 | - while ($plen > 0) { |
|
| 405 | - $left = $ctx[4]; |
|
| 406 | - $fill = 256 - $left; |
|
| 407 | - |
|
| 408 | - if ($plen > $fill) { |
|
| 409 | - # memcpy( S->buf + left, in, fill ); /* Fill buffer */ |
|
| 410 | - for ($i = $fill; $i--;) { |
|
| 411 | - $ctx[3][$i + $left] = $p[$i + $offset]; |
|
| 412 | - } |
|
| 413 | - |
|
| 414 | - # S->buflen += fill; |
|
| 415 | - $ctx[4] += $fill; |
|
| 416 | - |
|
| 417 | - # blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
|
| 418 | - self::increment_counter($ctx, 128); |
|
| 419 | - |
|
| 420 | - # blake2b_compress( S, S->buf ); /* Compress */ |
|
| 421 | - self::compress($ctx, $ctx[3]); |
|
| 422 | - |
|
| 423 | - # memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); /* Shift buffer left */ |
|
| 424 | - for ($i = 128; $i--;) { |
|
| 425 | - $ctx[3][$i] = $ctx[3][$i + 128]; |
|
| 426 | - } |
|
| 427 | - |
|
| 428 | - # S->buflen -= BLAKE2B_BLOCKBYTES; |
|
| 429 | - $ctx[4] -= 128; |
|
| 430 | - |
|
| 431 | - # in += fill; |
|
| 432 | - $offset += $fill; |
|
| 433 | - |
|
| 434 | - # inlen -= fill; |
|
| 435 | - $plen -= $fill; |
|
| 436 | - } else { |
|
| 437 | - for ($i = $plen; $i--;) { |
|
| 438 | - $ctx[3][$i + $left] = $p[$i + $offset]; |
|
| 439 | - } |
|
| 440 | - $ctx[4] += $plen; |
|
| 441 | - $offset += $plen; |
|
| 442 | - $plen -= $plen; |
|
| 443 | - } |
|
| 444 | - } |
|
| 445 | - } |
|
| 446 | - |
|
| 447 | - /** |
|
| 448 | - * @internal You should not use this directly from another application |
|
| 449 | - * |
|
| 450 | - * @param SplFixedArray $ctx |
|
| 451 | - * @param SplFixedArray $out |
|
| 452 | - * @return SplFixedArray |
|
| 453 | - * @throws Error |
|
| 454 | - */ |
|
| 455 | - public static function finish(SplFixedArray $ctx, SplFixedArray $out) |
|
| 456 | - { |
|
| 457 | - self::pseudoConstructor(); |
|
| 458 | - if ($ctx[4] > 128) { |
|
| 459 | - self::increment_counter($ctx, 128); |
|
| 460 | - self::compress($ctx, $ctx[3]); |
|
| 461 | - $ctx[4] -= 128; |
|
| 462 | - if ($ctx[4] > 128) { |
|
| 463 | - throw new Error('Failed to assert that buflen <= 128 bytes'); |
|
| 464 | - } |
|
| 465 | - for ($i = $ctx[4]; $i--;) { |
|
| 466 | - $ctx[3][$i] = $ctx[3][$i + 128]; |
|
| 467 | - } |
|
| 468 | - } |
|
| 469 | - |
|
| 470 | - self::increment_counter($ctx, $ctx[4]); |
|
| 471 | - $ctx[2][0] = self::new64(0xffffffff, 0xffffffff); |
|
| 472 | - |
|
| 473 | - for ($i = 256 - $ctx[4]; $i--;) { |
|
| 474 | - $ctx[3][$i+$ctx[4]] = 0; |
|
| 475 | - } |
|
| 476 | - |
|
| 477 | - self::compress($ctx, $ctx[3]); |
|
| 478 | - |
|
| 479 | - $i = (int) (($out->getSize() - 1) / 8); |
|
| 480 | - for (; $i >= 0; --$i) { |
|
| 481 | - self::store64($out, $i << 3, $ctx[0][$i]); |
|
| 482 | - } |
|
| 483 | - return $out; |
|
| 484 | - } |
|
| 485 | - |
|
| 486 | - /** |
|
| 487 | - * @internal You should not use this directly from another application |
|
| 488 | - * |
|
| 489 | - * @param SplFixedArray|null $key |
|
| 490 | - * @param int $outlen |
|
| 491 | - * @return SplFixedArray |
|
| 492 | - * @throws Exception |
|
| 493 | - */ |
|
| 494 | - public static function init($key = null, $outlen = 64) |
|
| 495 | - { |
|
| 496 | - self::pseudoConstructor(); |
|
| 497 | - $klen = 0; |
|
| 498 | - |
|
| 499 | - if ($key !== null) { |
|
| 500 | - if (count($key) > 64) { |
|
| 501 | - throw new Exception('Invalid key size'); |
|
| 502 | - } |
|
| 503 | - $klen = count($key); |
|
| 504 | - } |
|
| 505 | - |
|
| 506 | - if ($outlen > 64) { |
|
| 507 | - throw new Exception('Invalid output size'); |
|
| 508 | - } |
|
| 509 | - |
|
| 510 | - $ctx = self::context(); |
|
| 511 | - |
|
| 512 | - $p = new SplFixedArray(64); |
|
| 513 | - for ($i = 64; --$i;) { |
|
| 514 | - $p[$i] = 0; |
|
| 515 | - } |
|
| 516 | - |
|
| 517 | - $p[0] = $outlen; // digest_length |
|
| 518 | - $p[1] = $klen; // key_length |
|
| 519 | - $p[2] = 1; // fanout |
|
| 520 | - $p[3] = 1; // depth |
|
| 521 | - |
|
| 522 | - $ctx[0][0] = self::xor64( |
|
| 523 | - $ctx[0][0], |
|
| 524 | - self::load64($p, 0) |
|
| 525 | - ); |
|
| 526 | - |
|
| 527 | - if ($klen > 0 && $key instanceof SplFixedArray) { |
|
| 528 | - $block = new SplFixedArray(128); |
|
| 529 | - for ($i = 128; $i--;) { |
|
| 530 | - $block[$i] = 0; |
|
| 531 | - } |
|
| 532 | - for ($i = $klen; $i--;) { |
|
| 533 | - $block[$i] = $key[$i]; |
|
| 534 | - } |
|
| 535 | - self::update($ctx, $block, 128); |
|
| 536 | - } |
|
| 537 | - |
|
| 538 | - return $ctx; |
|
| 539 | - } |
|
| 540 | - |
|
| 541 | - /** |
|
| 542 | - * Convert a string into an SplFixedArray of integers |
|
| 543 | - * |
|
| 544 | - * @internal You should not use this directly from another application |
|
| 545 | - * |
|
| 546 | - * @param string $str |
|
| 547 | - * @return SplFixedArray |
|
| 548 | - */ |
|
| 549 | - public static function stringToSplFixedArray($str = '') |
|
| 550 | - { |
|
| 551 | - $values = unpack('C*', $str); |
|
| 552 | - return SplFixedArray::fromArray(array_values($values)); |
|
| 553 | - } |
|
| 554 | - |
|
| 555 | - /** |
|
| 556 | - * Convert an SplFixedArray of integers into a string |
|
| 557 | - * |
|
| 558 | - * @internal You should not use this directly from another application |
|
| 559 | - * |
|
| 560 | - * @param SplFixedArray $a |
|
| 561 | - * @return string |
|
| 562 | - */ |
|
| 563 | - public static function SplFixedArrayToString(SplFixedArray $a) |
|
| 564 | - { |
|
| 565 | - /** |
|
| 566 | - * @var array<mixed, int> |
|
| 567 | - */ |
|
| 568 | - $arr = $a->toArray(); |
|
| 569 | - $c = $a->count(); |
|
| 570 | - array_unshift($arr, str_repeat('C', $c)); |
|
| 571 | - return call_user_func_array('pack', $arr); |
|
| 572 | - } |
|
| 573 | - |
|
| 574 | - /** |
|
| 575 | - * @internal You should not use this directly from another application |
|
| 576 | - * |
|
| 577 | - * @param SplFixedArray[SplFixedArray] $ctx |
|
| 578 | - * @return string |
|
| 579 | - */ |
|
| 580 | - public static function contextToString(SplFixedArray $ctx) |
|
| 581 | - { |
|
| 582 | - $str = ''; |
|
| 583 | - $ctxA = $ctx[0]->toArray(); |
|
| 584 | - |
|
| 585 | - # uint64_t h[8]; |
|
| 586 | - for ($i = 0; $i < 8; ++$i) { |
|
| 587 | - $str .= self::store32_le($ctxA[$i][1]); |
|
| 588 | - $str .= self::store32_le($ctxA[$i][0]); |
|
| 589 | - } |
|
| 590 | - |
|
| 591 | - # uint64_t t[2]; |
|
| 592 | - # uint64_t f[2]; |
|
| 593 | - for ($i = 1; $i < 3; ++$i) { |
|
| 594 | - $ctxA = $ctx[$i]->toArray(); |
|
| 595 | - $str .= self::store32_le($ctxA[0][1]); |
|
| 596 | - $str .= self::store32_le($ctxA[0][0]); |
|
| 597 | - $str .= self::store32_le($ctxA[1][1]); |
|
| 598 | - $str .= self::store32_le($ctxA[1][0]); |
|
| 599 | - } |
|
| 600 | - |
|
| 601 | - # uint8_t buf[2 * 128]; |
|
| 602 | - $str .= self::SplFixedArrayToString($ctx[3]); |
|
| 603 | - |
|
| 604 | - # size_t buflen; |
|
| 605 | - $str .= implode('', array( |
|
| 606 | - self::intToChr($ctx[4] & 0xff), |
|
| 607 | - self::intToChr(($ctx[4] >> 8) & 0xff), |
|
| 608 | - self::intToChr(($ctx[4] >> 16) & 0xff), |
|
| 609 | - self::intToChr(($ctx[4] >> 24) & 0xff), |
|
| 610 | - self::intToChr(($ctx[4] >> 32) & 0xff), |
|
| 611 | - self::intToChr(($ctx[4] >> 40) & 0xff), |
|
| 612 | - self::intToChr(($ctx[4] >> 48) & 0xff), |
|
| 613 | - self::intToChr(($ctx[4] >> 56) & 0xff) |
|
| 614 | - )); |
|
| 615 | - # uint8_t last_node; |
|
| 616 | - return $str . "\x00"; |
|
| 617 | - } |
|
| 618 | - |
|
| 619 | - /** |
|
| 620 | - * Creates an SplFixedArray containing other SplFixedArray elements, from |
|
| 621 | - * a string (compatible with \Sodium\crypto_generichash_{init, update, final}) |
|
| 622 | - * |
|
| 623 | - * @internal You should not use this directly from another application |
|
| 624 | - * |
|
| 625 | - * @param string $string |
|
| 626 | - * @return SplFixedArray |
|
| 627 | - */ |
|
| 628 | - public static function stringToContext($string) |
|
| 629 | - { |
|
| 630 | - $ctx = self::context(); |
|
| 631 | - |
|
| 632 | - # uint64_t h[8]; |
|
| 633 | - for ($i = 0; $i < 8; ++$i) { |
|
| 634 | - $ctx[0][$i] = SplFixedArray::fromArray( |
|
| 635 | - array( |
|
| 636 | - self::load_4( |
|
| 637 | - self::substr($string, (($i << 3) + 4), 4) |
|
| 638 | - ), |
|
| 639 | - self::load_4( |
|
| 640 | - self::substr($string, (($i << 3) + 0), 4) |
|
| 641 | - ) |
|
| 642 | - ) |
|
| 643 | - ); |
|
| 644 | - } |
|
| 645 | - |
|
| 646 | - # uint64_t t[2]; |
|
| 647 | - # uint64_t f[2]; |
|
| 648 | - for ($i = 1; $i < 3; ++$i) { |
|
| 649 | - $ctx[$i][1] = SplFixedArray::fromArray( |
|
| 650 | - array( |
|
| 651 | - self::load_4(self::substr($string, 76 + (($i - 1) << 4), 4)), |
|
| 652 | - self::load_4(self::substr($string, 72 + (($i - 1) << 4), 4)) |
|
| 653 | - ) |
|
| 654 | - ); |
|
| 655 | - $ctx[$i][0] = SplFixedArray::fromArray( |
|
| 656 | - array( |
|
| 657 | - self::load_4(self::substr($string, 68 + (($i - 1) << 4), 4)), |
|
| 658 | - self::load_4(self::substr($string, 64 + (($i - 1) << 4), 4)) |
|
| 659 | - ) |
|
| 660 | - ); |
|
| 661 | - } |
|
| 662 | - |
|
| 663 | - # uint8_t buf[2 * 128]; |
|
| 664 | - $ctx[3] = self::stringToSplFixedArray(self::substr($string, 96, 256)); |
|
| 665 | - |
|
| 666 | - |
|
| 667 | - # uint8_t buf[2 * 128]; |
|
| 668 | - $int = 0; |
|
| 669 | - for ($i = 0; $i < 8; ++$i) { |
|
| 670 | - $int |= self::chrToInt($string[352 + $i]) << ($i << 3); |
|
| 671 | - } |
|
| 672 | - $ctx[4] = $int; |
|
| 673 | - |
|
| 674 | - return $ctx; |
|
| 675 | - } |
|
| 225 | + $uIdx = ((7 - $j) & 4) >> 2; |
|
| 226 | + $x[$i] = ($u[$uIdx] & 0xff); |
|
| 227 | + if (++$i > $maxLength) { |
|
| 228 | + return; |
|
| 229 | + } |
|
| 230 | + $u[$uIdx] >>= 8; |
|
| 231 | + } |
|
| 232 | + } |
|
| 233 | + |
|
| 234 | + /** |
|
| 235 | + * This just sets the $iv static variable. |
|
| 236 | + * |
|
| 237 | + * @internal You should not use this directly from another application |
|
| 238 | + * |
|
| 239 | + * @return void |
|
| 240 | + */ |
|
| 241 | + public static function pseudoConstructor() |
|
| 242 | + { |
|
| 243 | + static $called = false; |
|
| 244 | + if ($called) { |
|
| 245 | + return; |
|
| 246 | + } |
|
| 247 | + self::$iv = new SplFixedArray(8); |
|
| 248 | + self::$iv[0] = self::new64(0x6a09e667, 0xf3bcc908); |
|
| 249 | + self::$iv[1] = self::new64(0xbb67ae85, 0x84caa73b); |
|
| 250 | + self::$iv[2] = self::new64(0x3c6ef372, 0xfe94f82b); |
|
| 251 | + self::$iv[3] = self::new64(0xa54ff53a, 0x5f1d36f1); |
|
| 252 | + self::$iv[4] = self::new64(0x510e527f, 0xade682d1); |
|
| 253 | + self::$iv[5] = self::new64(0x9b05688c, 0x2b3e6c1f); |
|
| 254 | + self::$iv[6] = self::new64(0x1f83d9ab, 0xfb41bd6b); |
|
| 255 | + self::$iv[7] = self::new64(0x5be0cd19, 0x137e2179); |
|
| 256 | + |
|
| 257 | + $called = true; |
|
| 258 | + } |
|
| 259 | + |
|
| 260 | + /** |
|
| 261 | + * Returns a fresh BLAKE2 context. |
|
| 262 | + * |
|
| 263 | + * @internal You should not use this directly from another application |
|
| 264 | + * |
|
| 265 | + * @return SplFixedArray |
|
| 266 | + */ |
|
| 267 | + protected static function context() |
|
| 268 | + { |
|
| 269 | + $ctx = new SplFixedArray(5); |
|
| 270 | + $ctx[0] = new SplFixedArray(8); // h |
|
| 271 | + $ctx[1] = new SplFixedArray(2); // t |
|
| 272 | + $ctx[2] = new SplFixedArray(2); // f |
|
| 273 | + $ctx[3] = new SplFixedArray(256); // buf |
|
| 274 | + $ctx[4] = 0; // buflen |
|
| 275 | + |
|
| 276 | + for ($i = 8; $i--;) { |
|
| 277 | + $ctx[0][$i] = self::$iv[$i]; |
|
| 278 | + } |
|
| 279 | + for ($i = 256; $i--;) { |
|
| 280 | + $ctx[3][$i] = 0; |
|
| 281 | + } |
|
| 282 | + |
|
| 283 | + $zero = self::new64(0, 0); |
|
| 284 | + $ctx[1][0] = $zero; |
|
| 285 | + $ctx[1][1] = $zero; |
|
| 286 | + $ctx[2][0] = $zero; |
|
| 287 | + $ctx[2][1] = $zero; |
|
| 288 | + |
|
| 289 | + return $ctx; |
|
| 290 | + } |
|
| 291 | + |
|
| 292 | + /** |
|
| 293 | + * @internal You should not use this directly from another application |
|
| 294 | + * |
|
| 295 | + * @param SplFixedArray $ctx |
|
| 296 | + * @param SplFixedArray $buf |
|
| 297 | + * @return void |
|
| 298 | + */ |
|
| 299 | + protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) |
|
| 300 | + { |
|
| 301 | + $m = new SplFixedArray(16); |
|
| 302 | + $v = new SplFixedArray(16); |
|
| 303 | + |
|
| 304 | + for ($i = 16; $i--;) { |
|
| 305 | + $m[$i] = self::load64($buf, $i << 3); |
|
| 306 | + } |
|
| 307 | + |
|
| 308 | + for ($i = 8; $i--;) { |
|
| 309 | + $v[$i] = $ctx[0][$i]; |
|
| 310 | + } |
|
| 311 | + |
|
| 312 | + $v[ 8] = self::$iv[0]; |
|
| 313 | + $v[ 9] = self::$iv[1]; |
|
| 314 | + $v[10] = self::$iv[2]; |
|
| 315 | + $v[11] = self::$iv[3]; |
|
| 316 | + |
|
| 317 | + $v[12] = self::xor64($ctx[1][0], self::$iv[4]); |
|
| 318 | + $v[13] = self::xor64($ctx[1][1], self::$iv[5]); |
|
| 319 | + $v[14] = self::xor64($ctx[2][0], self::$iv[6]); |
|
| 320 | + $v[15] = self::xor64($ctx[2][1], self::$iv[7]); |
|
| 321 | + |
|
| 322 | + for ($r = 0; $r < 12; ++$r) { |
|
| 323 | + $v = self::G($r, 0, 0, 4, 8, 12, $v, $m); |
|
| 324 | + $v = self::G($r, 1, 1, 5, 9, 13, $v, $m); |
|
| 325 | + $v = self::G($r, 2, 2, 6, 10, 14, $v, $m); |
|
| 326 | + $v = self::G($r, 3, 3, 7, 11, 15, $v, $m); |
|
| 327 | + $v = self::G($r, 4, 0, 5, 10, 15, $v, $m); |
|
| 328 | + $v = self::G($r, 5, 1, 6, 11, 12, $v, $m); |
|
| 329 | + $v = self::G($r, 6, 2, 7, 8, 13, $v, $m); |
|
| 330 | + $v = self::G($r, 7, 3, 4, 9, 14, $v, $m); |
|
| 331 | + } |
|
| 332 | + |
|
| 333 | + for ($i = 8; $i--;) { |
|
| 334 | + $ctx[0][$i] = self::xor64( |
|
| 335 | + $ctx[0][$i], self::xor64($v[$i], $v[$i+8]) |
|
| 336 | + ); |
|
| 337 | + } |
|
| 338 | + } |
|
| 339 | + |
|
| 340 | + /** |
|
| 341 | + * @internal You should not use this directly from another application |
|
| 342 | + * |
|
| 343 | + * @param int $r |
|
| 344 | + * @param int $i |
|
| 345 | + * @param int $a |
|
| 346 | + * @param int $b |
|
| 347 | + * @param int $c |
|
| 348 | + * @param int $d |
|
| 349 | + * @param SplFixedArray $v |
|
| 350 | + * @param SplFixedArray $m |
|
| 351 | + * @return SplFixedArray |
|
| 352 | + */ |
|
| 353 | + public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) |
|
| 354 | + { |
|
| 355 | + $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); |
|
| 356 | + $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); |
|
| 357 | + $v[$c] = self::add64($v[$c], $v[$d]); |
|
| 358 | + $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 24); |
|
| 359 | + $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][($i << 1) + 1]]); |
|
| 360 | + $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 16); |
|
| 361 | + $v[$c] = self::add64($v[$c], $v[$d]); |
|
| 362 | + $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 63); |
|
| 363 | + return $v; |
|
| 364 | + } |
|
| 365 | + |
|
| 366 | + /** |
|
| 367 | + * @internal You should not use this directly from another application |
|
| 368 | + * |
|
| 369 | + * @param SplFixedArray $ctx |
|
| 370 | + * @param int $inc |
|
| 371 | + * @return void |
|
| 372 | + * @throws Error |
|
| 373 | + */ |
|
| 374 | + public static function increment_counter($ctx, $inc) |
|
| 375 | + { |
|
| 376 | + if ($inc < 0) { |
|
| 377 | + throw new Error('Increasing by a negative number makes no sense.'); |
|
| 378 | + } |
|
| 379 | + $t = self::to64($inc); |
|
| 380 | + # S->t is $ctx[1] in our implementation |
|
| 381 | + |
|
| 382 | + # S->t[0] = ( uint64_t )( t >> 0 ); |
|
| 383 | + $ctx[1][0] = self::add64($ctx[1][0], $t); |
|
| 384 | + |
|
| 385 | + # S->t[1] += ( S->t[0] < inc ); |
|
| 386 | + if (self::flatten64($ctx[1][0]) < $inc) { |
|
| 387 | + $ctx[1][1] = self::add64($ctx[1][1], self::to64(1)); |
|
| 388 | + } |
|
| 389 | + } |
|
| 390 | + |
|
| 391 | + /** |
|
| 392 | + * @internal You should not use this directly from another application |
|
| 393 | + * |
|
| 394 | + * @param SplFixedArray $ctx |
|
| 395 | + * @param SplFixedArray $p |
|
| 396 | + * @param int $plen |
|
| 397 | + * @return void |
|
| 398 | + */ |
|
| 399 | + public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) |
|
| 400 | + { |
|
| 401 | + self::pseudoConstructor(); |
|
| 402 | + |
|
| 403 | + $offset = 0; |
|
| 404 | + while ($plen > 0) { |
|
| 405 | + $left = $ctx[4]; |
|
| 406 | + $fill = 256 - $left; |
|
| 407 | + |
|
| 408 | + if ($plen > $fill) { |
|
| 409 | + # memcpy( S->buf + left, in, fill ); /* Fill buffer */ |
|
| 410 | + for ($i = $fill; $i--;) { |
|
| 411 | + $ctx[3][$i + $left] = $p[$i + $offset]; |
|
| 412 | + } |
|
| 413 | + |
|
| 414 | + # S->buflen += fill; |
|
| 415 | + $ctx[4] += $fill; |
|
| 416 | + |
|
| 417 | + # blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
|
| 418 | + self::increment_counter($ctx, 128); |
|
| 419 | + |
|
| 420 | + # blake2b_compress( S, S->buf ); /* Compress */ |
|
| 421 | + self::compress($ctx, $ctx[3]); |
|
| 422 | + |
|
| 423 | + # memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); /* Shift buffer left */ |
|
| 424 | + for ($i = 128; $i--;) { |
|
| 425 | + $ctx[3][$i] = $ctx[3][$i + 128]; |
|
| 426 | + } |
|
| 427 | + |
|
| 428 | + # S->buflen -= BLAKE2B_BLOCKBYTES; |
|
| 429 | + $ctx[4] -= 128; |
|
| 430 | + |
|
| 431 | + # in += fill; |
|
| 432 | + $offset += $fill; |
|
| 433 | + |
|
| 434 | + # inlen -= fill; |
|
| 435 | + $plen -= $fill; |
|
| 436 | + } else { |
|
| 437 | + for ($i = $plen; $i--;) { |
|
| 438 | + $ctx[3][$i + $left] = $p[$i + $offset]; |
|
| 439 | + } |
|
| 440 | + $ctx[4] += $plen; |
|
| 441 | + $offset += $plen; |
|
| 442 | + $plen -= $plen; |
|
| 443 | + } |
|
| 444 | + } |
|
| 445 | + } |
|
| 446 | + |
|
| 447 | + /** |
|
| 448 | + * @internal You should not use this directly from another application |
|
| 449 | + * |
|
| 450 | + * @param SplFixedArray $ctx |
|
| 451 | + * @param SplFixedArray $out |
|
| 452 | + * @return SplFixedArray |
|
| 453 | + * @throws Error |
|
| 454 | + */ |
|
| 455 | + public static function finish(SplFixedArray $ctx, SplFixedArray $out) |
|
| 456 | + { |
|
| 457 | + self::pseudoConstructor(); |
|
| 458 | + if ($ctx[4] > 128) { |
|
| 459 | + self::increment_counter($ctx, 128); |
|
| 460 | + self::compress($ctx, $ctx[3]); |
|
| 461 | + $ctx[4] -= 128; |
|
| 462 | + if ($ctx[4] > 128) { |
|
| 463 | + throw new Error('Failed to assert that buflen <= 128 bytes'); |
|
| 464 | + } |
|
| 465 | + for ($i = $ctx[4]; $i--;) { |
|
| 466 | + $ctx[3][$i] = $ctx[3][$i + 128]; |
|
| 467 | + } |
|
| 468 | + } |
|
| 469 | + |
|
| 470 | + self::increment_counter($ctx, $ctx[4]); |
|
| 471 | + $ctx[2][0] = self::new64(0xffffffff, 0xffffffff); |
|
| 472 | + |
|
| 473 | + for ($i = 256 - $ctx[4]; $i--;) { |
|
| 474 | + $ctx[3][$i+$ctx[4]] = 0; |
|
| 475 | + } |
|
| 476 | + |
|
| 477 | + self::compress($ctx, $ctx[3]); |
|
| 478 | + |
|
| 479 | + $i = (int) (($out->getSize() - 1) / 8); |
|
| 480 | + for (; $i >= 0; --$i) { |
|
| 481 | + self::store64($out, $i << 3, $ctx[0][$i]); |
|
| 482 | + } |
|
| 483 | + return $out; |
|
| 484 | + } |
|
| 485 | + |
|
| 486 | + /** |
|
| 487 | + * @internal You should not use this directly from another application |
|
| 488 | + * |
|
| 489 | + * @param SplFixedArray|null $key |
|
| 490 | + * @param int $outlen |
|
| 491 | + * @return SplFixedArray |
|
| 492 | + * @throws Exception |
|
| 493 | + */ |
|
| 494 | + public static function init($key = null, $outlen = 64) |
|
| 495 | + { |
|
| 496 | + self::pseudoConstructor(); |
|
| 497 | + $klen = 0; |
|
| 498 | + |
|
| 499 | + if ($key !== null) { |
|
| 500 | + if (count($key) > 64) { |
|
| 501 | + throw new Exception('Invalid key size'); |
|
| 502 | + } |
|
| 503 | + $klen = count($key); |
|
| 504 | + } |
|
| 505 | + |
|
| 506 | + if ($outlen > 64) { |
|
| 507 | + throw new Exception('Invalid output size'); |
|
| 508 | + } |
|
| 509 | + |
|
| 510 | + $ctx = self::context(); |
|
| 511 | + |
|
| 512 | + $p = new SplFixedArray(64); |
|
| 513 | + for ($i = 64; --$i;) { |
|
| 514 | + $p[$i] = 0; |
|
| 515 | + } |
|
| 516 | + |
|
| 517 | + $p[0] = $outlen; // digest_length |
|
| 518 | + $p[1] = $klen; // key_length |
|
| 519 | + $p[2] = 1; // fanout |
|
| 520 | + $p[3] = 1; // depth |
|
| 521 | + |
|
| 522 | + $ctx[0][0] = self::xor64( |
|
| 523 | + $ctx[0][0], |
|
| 524 | + self::load64($p, 0) |
|
| 525 | + ); |
|
| 526 | + |
|
| 527 | + if ($klen > 0 && $key instanceof SplFixedArray) { |
|
| 528 | + $block = new SplFixedArray(128); |
|
| 529 | + for ($i = 128; $i--;) { |
|
| 530 | + $block[$i] = 0; |
|
| 531 | + } |
|
| 532 | + for ($i = $klen; $i--;) { |
|
| 533 | + $block[$i] = $key[$i]; |
|
| 534 | + } |
|
| 535 | + self::update($ctx, $block, 128); |
|
| 536 | + } |
|
| 537 | + |
|
| 538 | + return $ctx; |
|
| 539 | + } |
|
| 540 | + |
|
| 541 | + /** |
|
| 542 | + * Convert a string into an SplFixedArray of integers |
|
| 543 | + * |
|
| 544 | + * @internal You should not use this directly from another application |
|
| 545 | + * |
|
| 546 | + * @param string $str |
|
| 547 | + * @return SplFixedArray |
|
| 548 | + */ |
|
| 549 | + public static function stringToSplFixedArray($str = '') |
|
| 550 | + { |
|
| 551 | + $values = unpack('C*', $str); |
|
| 552 | + return SplFixedArray::fromArray(array_values($values)); |
|
| 553 | + } |
|
| 554 | + |
|
| 555 | + /** |
|
| 556 | + * Convert an SplFixedArray of integers into a string |
|
| 557 | + * |
|
| 558 | + * @internal You should not use this directly from another application |
|
| 559 | + * |
|
| 560 | + * @param SplFixedArray $a |
|
| 561 | + * @return string |
|
| 562 | + */ |
|
| 563 | + public static function SplFixedArrayToString(SplFixedArray $a) |
|
| 564 | + { |
|
| 565 | + /** |
|
| 566 | + * @var array<mixed, int> |
|
| 567 | + */ |
|
| 568 | + $arr = $a->toArray(); |
|
| 569 | + $c = $a->count(); |
|
| 570 | + array_unshift($arr, str_repeat('C', $c)); |
|
| 571 | + return call_user_func_array('pack', $arr); |
|
| 572 | + } |
|
| 573 | + |
|
| 574 | + /** |
|
| 575 | + * @internal You should not use this directly from another application |
|
| 576 | + * |
|
| 577 | + * @param SplFixedArray[SplFixedArray] $ctx |
|
| 578 | + * @return string |
|
| 579 | + */ |
|
| 580 | + public static function contextToString(SplFixedArray $ctx) |
|
| 581 | + { |
|
| 582 | + $str = ''; |
|
| 583 | + $ctxA = $ctx[0]->toArray(); |
|
| 584 | + |
|
| 585 | + # uint64_t h[8]; |
|
| 586 | + for ($i = 0; $i < 8; ++$i) { |
|
| 587 | + $str .= self::store32_le($ctxA[$i][1]); |
|
| 588 | + $str .= self::store32_le($ctxA[$i][0]); |
|
| 589 | + } |
|
| 590 | + |
|
| 591 | + # uint64_t t[2]; |
|
| 592 | + # uint64_t f[2]; |
|
| 593 | + for ($i = 1; $i < 3; ++$i) { |
|
| 594 | + $ctxA = $ctx[$i]->toArray(); |
|
| 595 | + $str .= self::store32_le($ctxA[0][1]); |
|
| 596 | + $str .= self::store32_le($ctxA[0][0]); |
|
| 597 | + $str .= self::store32_le($ctxA[1][1]); |
|
| 598 | + $str .= self::store32_le($ctxA[1][0]); |
|
| 599 | + } |
|
| 600 | + |
|
| 601 | + # uint8_t buf[2 * 128]; |
|
| 602 | + $str .= self::SplFixedArrayToString($ctx[3]); |
|
| 603 | + |
|
| 604 | + # size_t buflen; |
|
| 605 | + $str .= implode('', array( |
|
| 606 | + self::intToChr($ctx[4] & 0xff), |
|
| 607 | + self::intToChr(($ctx[4] >> 8) & 0xff), |
|
| 608 | + self::intToChr(($ctx[4] >> 16) & 0xff), |
|
| 609 | + self::intToChr(($ctx[4] >> 24) & 0xff), |
|
| 610 | + self::intToChr(($ctx[4] >> 32) & 0xff), |
|
| 611 | + self::intToChr(($ctx[4] >> 40) & 0xff), |
|
| 612 | + self::intToChr(($ctx[4] >> 48) & 0xff), |
|
| 613 | + self::intToChr(($ctx[4] >> 56) & 0xff) |
|
| 614 | + )); |
|
| 615 | + # uint8_t last_node; |
|
| 616 | + return $str . "\x00"; |
|
| 617 | + } |
|
| 618 | + |
|
| 619 | + /** |
|
| 620 | + * Creates an SplFixedArray containing other SplFixedArray elements, from |
|
| 621 | + * a string (compatible with \Sodium\crypto_generichash_{init, update, final}) |
|
| 622 | + * |
|
| 623 | + * @internal You should not use this directly from another application |
|
| 624 | + * |
|
| 625 | + * @param string $string |
|
| 626 | + * @return SplFixedArray |
|
| 627 | + */ |
|
| 628 | + public static function stringToContext($string) |
|
| 629 | + { |
|
| 630 | + $ctx = self::context(); |
|
| 631 | + |
|
| 632 | + # uint64_t h[8]; |
|
| 633 | + for ($i = 0; $i < 8; ++$i) { |
|
| 634 | + $ctx[0][$i] = SplFixedArray::fromArray( |
|
| 635 | + array( |
|
| 636 | + self::load_4( |
|
| 637 | + self::substr($string, (($i << 3) + 4), 4) |
|
| 638 | + ), |
|
| 639 | + self::load_4( |
|
| 640 | + self::substr($string, (($i << 3) + 0), 4) |
|
| 641 | + ) |
|
| 642 | + ) |
|
| 643 | + ); |
|
| 644 | + } |
|
| 645 | + |
|
| 646 | + # uint64_t t[2]; |
|
| 647 | + # uint64_t f[2]; |
|
| 648 | + for ($i = 1; $i < 3; ++$i) { |
|
| 649 | + $ctx[$i][1] = SplFixedArray::fromArray( |
|
| 650 | + array( |
|
| 651 | + self::load_4(self::substr($string, 76 + (($i - 1) << 4), 4)), |
|
| 652 | + self::load_4(self::substr($string, 72 + (($i - 1) << 4), 4)) |
|
| 653 | + ) |
|
| 654 | + ); |
|
| 655 | + $ctx[$i][0] = SplFixedArray::fromArray( |
|
| 656 | + array( |
|
| 657 | + self::load_4(self::substr($string, 68 + (($i - 1) << 4), 4)), |
|
| 658 | + self::load_4(self::substr($string, 64 + (($i - 1) << 4), 4)) |
|
| 659 | + ) |
|
| 660 | + ); |
|
| 661 | + } |
|
| 662 | + |
|
| 663 | + # uint8_t buf[2 * 128]; |
|
| 664 | + $ctx[3] = self::stringToSplFixedArray(self::substr($string, 96, 256)); |
|
| 665 | + |
|
| 666 | + |
|
| 667 | + # uint8_t buf[2 * 128]; |
|
| 668 | + $int = 0; |
|
| 669 | + for ($i = 0; $i < 8; ++$i) { |
|
| 670 | + $int |= self::chrToInt($string[352 + $i]) << ($i << 3); |
|
| 671 | + } |
|
| 672 | + $ctx[4] = $int; |
|
| 673 | + |
|
| 674 | + return $ctx; |
|
| 675 | + } |
|
| 676 | 676 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core_BLAKE2b', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core_BLAKE2b', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -20,18 +20,18 @@ discard block |
||
| 20 | 20 | * @var int[][] |
| 21 | 21 | */ |
| 22 | 22 | protected static $sigma = array( |
| 23 | - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), |
|
| 24 | - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3), |
|
| 25 | - array( 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4), |
|
| 26 | - array( 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8), |
|
| 27 | - array( 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13), |
|
| 28 | - array( 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9), |
|
| 29 | - array( 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11), |
|
| 30 | - array( 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10), |
|
| 31 | - array( 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5), |
|
| 32 | - array( 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0), |
|
| 33 | - array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15), |
|
| 34 | - array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3) |
|
| 23 | + array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 ), |
|
| 24 | + array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 ), |
|
| 25 | + array( 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 ), |
|
| 26 | + array( 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 ), |
|
| 27 | + array( 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 ), |
|
| 28 | + array( 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 ), |
|
| 29 | + array( 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 ), |
|
| 30 | + array( 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 ), |
|
| 31 | + array( 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 ), |
|
| 32 | + array( 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 ), |
|
| 33 | + array( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 ), |
|
| 34 | + array( 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 ) |
|
| 35 | 35 | ); |
| 36 | 36 | |
| 37 | 37 | const BLOCKBYTES = 128; |
@@ -47,9 +47,9 @@ discard block |
||
| 47 | 47 | * @param int $low |
| 48 | 48 | * @return SplFixedArray |
| 49 | 49 | */ |
| 50 | - public static function new64($high, $low) |
|
| 50 | + public static function new64( $high, $low ) |
|
| 51 | 51 | { |
| 52 | - $i64 = new SplFixedArray(2); |
|
| 52 | + $i64 = new SplFixedArray( 2 ); |
|
| 53 | 53 | $i64[0] = $high & 0xffffffff; |
| 54 | 54 | $i64[1] = $low & 0xffffffff; |
| 55 | 55 | return $i64; |
@@ -64,10 +64,10 @@ discard block |
||
| 64 | 64 | * @param int $num |
| 65 | 65 | * @return SplFixedArray |
| 66 | 66 | */ |
| 67 | - protected static function to64($num) |
|
| 67 | + protected static function to64( $num ) |
|
| 68 | 68 | { |
| 69 | - list($hi, $lo) = self::numericTo64BitInteger($num); |
|
| 70 | - return self::new64($hi, $lo); |
|
| 69 | + list( $hi, $lo ) = self::numericTo64BitInteger( $num ); |
|
| 70 | + return self::new64( $hi, $lo ); |
|
| 71 | 71 | } |
| 72 | 72 | |
| 73 | 73 | /** |
@@ -80,12 +80,12 @@ discard block |
||
| 80 | 80 | * @param SplFixedArray $y |
| 81 | 81 | * @return SplFixedArray |
| 82 | 82 | */ |
| 83 | - protected static function add64($x, $y) |
|
| 83 | + protected static function add64( $x, $y ) |
|
| 84 | 84 | { |
| 85 | - $l = ($x[1] + $y[1]) & 0xffffffff; |
|
| 85 | + $l = ( $x[1] + $y[1] ) & 0xffffffff; |
|
| 86 | 86 | return self::new64( |
| 87 | 87 | $x[0] + $y[0] + ( |
| 88 | - ($l < $x[1]) ? 1 : 0 |
|
| 88 | + ( $l < $x[1] ) ? 1 : 0 |
|
| 89 | 89 | ), |
| 90 | 90 | $l |
| 91 | 91 | ); |
@@ -99,9 +99,9 @@ discard block |
||
| 99 | 99 | * @param SplFixedArray $z |
| 100 | 100 | * @return SplFixedArray |
| 101 | 101 | */ |
| 102 | - protected static function add364($x, $y, $z) |
|
| 102 | + protected static function add364( $x, $y, $z ) |
|
| 103 | 103 | { |
| 104 | - return self::add64($x, self::add64($y, $z)); |
|
| 104 | + return self::add64( $x, self::add64( $y, $z ) ); |
|
| 105 | 105 | } |
| 106 | 106 | |
| 107 | 107 | /** |
@@ -112,21 +112,21 @@ discard block |
||
| 112 | 112 | * @return SplFixedArray |
| 113 | 113 | * @throws Exception |
| 114 | 114 | */ |
| 115 | - protected static function xor64(SplFixedArray $x, SplFixedArray $y) |
|
| 115 | + protected static function xor64( SplFixedArray $x, SplFixedArray $y ) |
|
| 116 | 116 | { |
| 117 | - if (!is_numeric($x[0])) { |
|
| 118 | - throw new Exception('x[0] is not an integer'); |
|
| 117 | + if ( ! is_numeric( $x[0] ) ) { |
|
| 118 | + throw new Exception( 'x[0] is not an integer' ); |
|
| 119 | 119 | } |
| 120 | - if (!is_numeric($x[1])) { |
|
| 121 | - throw new Exception('x[1] is not an integer'); |
|
| 120 | + if ( ! is_numeric( $x[1] ) ) { |
|
| 121 | + throw new Exception( 'x[1] is not an integer' ); |
|
| 122 | 122 | } |
| 123 | - if (!is_numeric($y[0])) { |
|
| 124 | - throw new Exception('y[0] is not an integer'); |
|
| 123 | + if ( ! is_numeric( $y[0] ) ) { |
|
| 124 | + throw new Exception( 'y[0] is not an integer' ); |
|
| 125 | 125 | } |
| 126 | - if (!is_numeric($y[1])) { |
|
| 127 | - throw new Exception('y[1] is not an integer'); |
|
| 126 | + if ( ! is_numeric( $y[1] ) ) { |
|
| 127 | + throw new Exception( 'y[1] is not an integer' ); |
|
| 128 | 128 | } |
| 129 | - return self::new64($x[0] ^ $y[0], $x[1] ^ $y[1]); |
|
| 129 | + return self::new64( $x[0] ^ $y[0], $x[1] ^ $y[1] ); |
|
| 130 | 130 | } |
| 131 | 131 | |
| 132 | 132 | /** |
@@ -136,48 +136,48 @@ discard block |
||
| 136 | 136 | * @param int $c |
| 137 | 137 | * @return SplFixedArray |
| 138 | 138 | */ |
| 139 | - public static function rotr64($x, $c) |
|
| 139 | + public static function rotr64( $x, $c ) |
|
| 140 | 140 | { |
| 141 | - if ($c >= 64) { |
|
| 141 | + if ( $c >= 64 ) { |
|
| 142 | 142 | $c %= 64; |
| 143 | 143 | } |
| 144 | - if ($c >= 32) { |
|
| 144 | + if ( $c >= 32 ) { |
|
| 145 | 145 | $tmp = $x[0]; |
| 146 | 146 | $x[0] = $x[1]; |
| 147 | 147 | $x[1] = $tmp; |
| 148 | 148 | $c -= 32; |
| 149 | 149 | } |
| 150 | - if ($c === 0) { |
|
| 150 | + if ( $c === 0 ) { |
|
| 151 | 151 | return $x; |
| 152 | 152 | } |
| 153 | 153 | |
| 154 | 154 | $l0 = 0; |
| 155 | 155 | $c = 64 - $c; |
| 156 | 156 | |
| 157 | - if ($c < 32) { |
|
| 158 | - $h0 = ($x[0] << $c) | ( |
|
| 157 | + if ( $c < 32 ) { |
|
| 158 | + $h0 = ( $x[0] << $c ) | ( |
|
| 159 | 159 | ( |
| 160 | - $x[1] & ((1 << $c) - 1) |
|
| 160 | + $x[1] & ( ( 1 << $c ) - 1 ) |
|
| 161 | 161 | << |
| 162 | - (32 - $c) |
|
| 163 | - ) >> (32 - $c) |
|
| 162 | + ( 32 - $c ) |
|
| 163 | + ) >> ( 32 - $c ) |
|
| 164 | 164 | ); |
| 165 | 165 | $l0 = $x[1] << $c; |
| 166 | 166 | } else { |
| 167 | - $h0 = $x[1] << ($c - 32); |
|
| 167 | + $h0 = $x[1] << ( $c - 32 ); |
|
| 168 | 168 | } |
| 169 | 169 | |
| 170 | 170 | $h1 = 0; |
| 171 | 171 | $c1 = 64 - $c; |
| 172 | 172 | |
| 173 | - if ($c1 < 32) { |
|
| 173 | + if ( $c1 < 32 ) { |
|
| 174 | 174 | $h1 = $x[0] >> $c1; |
| 175 | - $l1 = ($x[1] >> $c1) | ($x[0] & ((1 << $c1) - 1)) << (32 - $c1); |
|
| 175 | + $l1 = ( $x[1] >> $c1 ) | ( $x[0] & ( ( 1 << $c1 ) - 1 ) ) << ( 32 - $c1 ); |
|
| 176 | 176 | } else { |
| 177 | - $l1 = $x[0] >> ($c1 - 32); |
|
| 177 | + $l1 = $x[0] >> ( $c1 - 32 ); |
|
| 178 | 178 | } |
| 179 | 179 | |
| 180 | - return self::new64($h0 | $h1, $l0 | $l1); |
|
| 180 | + return self::new64( $h0 | $h1, $l0 | $l1 ); |
|
| 181 | 181 | } |
| 182 | 182 | |
| 183 | 183 | /** |
@@ -186,9 +186,9 @@ discard block |
||
| 186 | 186 | * @param SplFixedArray $x |
| 187 | 187 | * @return int |
| 188 | 188 | */ |
| 189 | - protected static function flatten64($x) |
|
| 189 | + protected static function flatten64( $x ) |
|
| 190 | 190 | { |
| 191 | - return ($x[0] * 4294967296 + $x[1]); |
|
| 191 | + return ( $x[0] * 4294967296 + $x[1] ); |
|
| 192 | 192 | } |
| 193 | 193 | |
| 194 | 194 | /** |
@@ -198,11 +198,11 @@ discard block |
||
| 198 | 198 | * @param int $i |
| 199 | 199 | * @return SplFixedArray |
| 200 | 200 | */ |
| 201 | - protected static function load64(SplFixedArray $x, $i) |
|
| 201 | + protected static function load64( SplFixedArray $x, $i ) |
|
| 202 | 202 | { |
| 203 | - $l = $x[$i] | ($x[$i+1]<<8) | ($x[$i+2]<<16) | ($x[$i+3]<<24); |
|
| 204 | - $h = $x[$i+4] | ($x[$i+5]<<8) | ($x[$i+6]<<16) | ($x[$i+7]<<24); |
|
| 205 | - return self::new64($h, $l); |
|
| 203 | + $l = $x[$i] | ( $x[$i + 1] << 8 ) | ( $x[$i + 2] << 16 ) | ( $x[$i + 3] << 24 ); |
|
| 204 | + $h = $x[$i + 4] | ( $x[$i + 5] << 8 ) | ( $x[$i + 6] << 16 ) | ( $x[$i + 7] << 24 ); |
|
| 205 | + return self::new64( $h, $l ); |
|
| 206 | 206 | } |
| 207 | 207 | |
| 208 | 208 | /** |
@@ -213,17 +213,17 @@ discard block |
||
| 213 | 213 | * @param SplFixedArray $u |
| 214 | 214 | * @return void |
| 215 | 215 | */ |
| 216 | - protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) |
|
| 216 | + protected static function store64( SplFixedArray $x, $i, SplFixedArray $u ) |
|
| 217 | 217 | { |
| 218 | 218 | $maxLength = $x->getSize() - 1; |
| 219 | - for ($j = 0; $j < 8; ++$j) { |
|
| 219 | + for ( $j = 0; $j < 8; ++$j ) { |
|
| 220 | 220 | /* |
| 221 | 221 | [0, 1, 2, 3, 4, 5, 6, 7] |
| 222 | 222 | ... becomes ... |
| 223 | 223 | [0, 0, 0, 0, 1, 1, 1, 1] |
| 224 | 224 | */ |
| 225 | - $uIdx = ((7 - $j) & 4) >> 2; |
|
| 226 | - $x[$i] = ($u[$uIdx] & 0xff); |
|
| 225 | + $uIdx = ( ( 7 - $j ) & 4 ) >> 2; |
|
| 226 | + $x[$i] = ( $u[$uIdx] & 0xff ); |
|
| 227 | 227 | if (++$i > $maxLength) { |
| 228 | 228 | return; |
| 229 | 229 | } |
@@ -241,18 +241,18 @@ discard block |
||
| 241 | 241 | public static function pseudoConstructor() |
| 242 | 242 | { |
| 243 | 243 | static $called = false; |
| 244 | - if ($called) { |
|
| 244 | + if ( $called ) { |
|
| 245 | 245 | return; |
| 246 | 246 | } |
| 247 | - self::$iv = new SplFixedArray(8); |
|
| 248 | - self::$iv[0] = self::new64(0x6a09e667, 0xf3bcc908); |
|
| 249 | - self::$iv[1] = self::new64(0xbb67ae85, 0x84caa73b); |
|
| 250 | - self::$iv[2] = self::new64(0x3c6ef372, 0xfe94f82b); |
|
| 251 | - self::$iv[3] = self::new64(0xa54ff53a, 0x5f1d36f1); |
|
| 252 | - self::$iv[4] = self::new64(0x510e527f, 0xade682d1); |
|
| 253 | - self::$iv[5] = self::new64(0x9b05688c, 0x2b3e6c1f); |
|
| 254 | - self::$iv[6] = self::new64(0x1f83d9ab, 0xfb41bd6b); |
|
| 255 | - self::$iv[7] = self::new64(0x5be0cd19, 0x137e2179); |
|
| 247 | + self::$iv = new SplFixedArray( 8 ); |
|
| 248 | + self::$iv[0] = self::new64( 0x6a09e667, 0xf3bcc908 ); |
|
| 249 | + self::$iv[1] = self::new64( 0xbb67ae85, 0x84caa73b ); |
|
| 250 | + self::$iv[2] = self::new64( 0x3c6ef372, 0xfe94f82b ); |
|
| 251 | + self::$iv[3] = self::new64( 0xa54ff53a, 0x5f1d36f1 ); |
|
| 252 | + self::$iv[4] = self::new64( 0x510e527f, 0xade682d1 ); |
|
| 253 | + self::$iv[5] = self::new64( 0x9b05688c, 0x2b3e6c1f ); |
|
| 254 | + self::$iv[6] = self::new64( 0x1f83d9ab, 0xfb41bd6b ); |
|
| 255 | + self::$iv[7] = self::new64( 0x5be0cd19, 0x137e2179 ); |
|
| 256 | 256 | |
| 257 | 257 | $called = true; |
| 258 | 258 | } |
@@ -266,21 +266,21 @@ discard block |
||
| 266 | 266 | */ |
| 267 | 267 | protected static function context() |
| 268 | 268 | { |
| 269 | - $ctx = new SplFixedArray(5); |
|
| 270 | - $ctx[0] = new SplFixedArray(8); // h |
|
| 271 | - $ctx[1] = new SplFixedArray(2); // t |
|
| 272 | - $ctx[2] = new SplFixedArray(2); // f |
|
| 273 | - $ctx[3] = new SplFixedArray(256); // buf |
|
| 274 | - $ctx[4] = 0; // buflen |
|
| 275 | - |
|
| 276 | - for ($i = 8; $i--;) { |
|
| 269 | + $ctx = new SplFixedArray( 5 ); |
|
| 270 | + $ctx[0] = new SplFixedArray( 8 ); // h |
|
| 271 | + $ctx[1] = new SplFixedArray( 2 ); // t |
|
| 272 | + $ctx[2] = new SplFixedArray( 2 ); // f |
|
| 273 | + $ctx[3] = new SplFixedArray( 256 ); // buf |
|
| 274 | + $ctx[4] = 0; // buflen |
|
| 275 | + |
|
| 276 | + for ( $i = 8; $i--; ) { |
|
| 277 | 277 | $ctx[0][$i] = self::$iv[$i]; |
| 278 | 278 | } |
| 279 | - for ($i = 256; $i--;) { |
|
| 279 | + for ( $i = 256; $i--; ) { |
|
| 280 | 280 | $ctx[3][$i] = 0; |
| 281 | 281 | } |
| 282 | 282 | |
| 283 | - $zero = self::new64(0, 0); |
|
| 283 | + $zero = self::new64( 0, 0 ); |
|
| 284 | 284 | $ctx[1][0] = $zero; |
| 285 | 285 | $ctx[1][1] = $zero; |
| 286 | 286 | $ctx[2][0] = $zero; |
@@ -296,43 +296,43 @@ discard block |
||
| 296 | 296 | * @param SplFixedArray $buf |
| 297 | 297 | * @return void |
| 298 | 298 | */ |
| 299 | - protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) |
|
| 299 | + protected static function compress( SplFixedArray $ctx, SplFixedArray $buf ) |
|
| 300 | 300 | { |
| 301 | - $m = new SplFixedArray(16); |
|
| 302 | - $v = new SplFixedArray(16); |
|
| 301 | + $m = new SplFixedArray( 16 ); |
|
| 302 | + $v = new SplFixedArray( 16 ); |
|
| 303 | 303 | |
| 304 | - for ($i = 16; $i--;) { |
|
| 305 | - $m[$i] = self::load64($buf, $i << 3); |
|
| 304 | + for ( $i = 16; $i--; ) { |
|
| 305 | + $m[$i] = self::load64( $buf, $i << 3 ); |
|
| 306 | 306 | } |
| 307 | 307 | |
| 308 | - for ($i = 8; $i--;) { |
|
| 308 | + for ( $i = 8; $i--; ) { |
|
| 309 | 309 | $v[$i] = $ctx[0][$i]; |
| 310 | 310 | } |
| 311 | 311 | |
| 312 | - $v[ 8] = self::$iv[0]; |
|
| 313 | - $v[ 9] = self::$iv[1]; |
|
| 312 | + $v[8] = self::$iv[0]; |
|
| 313 | + $v[9] = self::$iv[1]; |
|
| 314 | 314 | $v[10] = self::$iv[2]; |
| 315 | 315 | $v[11] = self::$iv[3]; |
| 316 | 316 | |
| 317 | - $v[12] = self::xor64($ctx[1][0], self::$iv[4]); |
|
| 318 | - $v[13] = self::xor64($ctx[1][1], self::$iv[5]); |
|
| 319 | - $v[14] = self::xor64($ctx[2][0], self::$iv[6]); |
|
| 320 | - $v[15] = self::xor64($ctx[2][1], self::$iv[7]); |
|
| 317 | + $v[12] = self::xor64( $ctx[1][0], self::$iv[4] ); |
|
| 318 | + $v[13] = self::xor64( $ctx[1][1], self::$iv[5] ); |
|
| 319 | + $v[14] = self::xor64( $ctx[2][0], self::$iv[6] ); |
|
| 320 | + $v[15] = self::xor64( $ctx[2][1], self::$iv[7] ); |
|
| 321 | 321 | |
| 322 | - for ($r = 0; $r < 12; ++$r) { |
|
| 323 | - $v = self::G($r, 0, 0, 4, 8, 12, $v, $m); |
|
| 324 | - $v = self::G($r, 1, 1, 5, 9, 13, $v, $m); |
|
| 325 | - $v = self::G($r, 2, 2, 6, 10, 14, $v, $m); |
|
| 326 | - $v = self::G($r, 3, 3, 7, 11, 15, $v, $m); |
|
| 327 | - $v = self::G($r, 4, 0, 5, 10, 15, $v, $m); |
|
| 328 | - $v = self::G($r, 5, 1, 6, 11, 12, $v, $m); |
|
| 329 | - $v = self::G($r, 6, 2, 7, 8, 13, $v, $m); |
|
| 330 | - $v = self::G($r, 7, 3, 4, 9, 14, $v, $m); |
|
| 322 | + for ( $r = 0; $r < 12; ++$r ) { |
|
| 323 | + $v = self::G( $r, 0, 0, 4, 8, 12, $v, $m ); |
|
| 324 | + $v = self::G( $r, 1, 1, 5, 9, 13, $v, $m ); |
|
| 325 | + $v = self::G( $r, 2, 2, 6, 10, 14, $v, $m ); |
|
| 326 | + $v = self::G( $r, 3, 3, 7, 11, 15, $v, $m ); |
|
| 327 | + $v = self::G( $r, 4, 0, 5, 10, 15, $v, $m ); |
|
| 328 | + $v = self::G( $r, 5, 1, 6, 11, 12, $v, $m ); |
|
| 329 | + $v = self::G( $r, 6, 2, 7, 8, 13, $v, $m ); |
|
| 330 | + $v = self::G( $r, 7, 3, 4, 9, 14, $v, $m ); |
|
| 331 | 331 | } |
| 332 | 332 | |
| 333 | - for ($i = 8; $i--;) { |
|
| 333 | + for ( $i = 8; $i--; ) { |
|
| 334 | 334 | $ctx[0][$i] = self::xor64( |
| 335 | - $ctx[0][$i], self::xor64($v[$i], $v[$i+8]) |
|
| 335 | + $ctx[0][$i], self::xor64( $v[$i], $v[$i + 8] ) |
|
| 336 | 336 | ); |
| 337 | 337 | } |
| 338 | 338 | } |
@@ -350,16 +350,16 @@ discard block |
||
| 350 | 350 | * @param SplFixedArray $m |
| 351 | 351 | * @return SplFixedArray |
| 352 | 352 | */ |
| 353 | - public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) |
|
| 353 | + public static function G( $r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m ) |
|
| 354 | 354 | { |
| 355 | - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); |
|
| 356 | - $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); |
|
| 357 | - $v[$c] = self::add64($v[$c], $v[$d]); |
|
| 358 | - $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 24); |
|
| 359 | - $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][($i << 1) + 1]]); |
|
| 360 | - $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 16); |
|
| 361 | - $v[$c] = self::add64($v[$c], $v[$d]); |
|
| 362 | - $v[$b] = self::rotr64(self::xor64($v[$b], $v[$c]), 63); |
|
| 355 | + $v[$a] = self::add364( $v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]] ); |
|
| 356 | + $v[$d] = self::rotr64( self::xor64( $v[$d], $v[$a] ), 32 ); |
|
| 357 | + $v[$c] = self::add64( $v[$c], $v[$d] ); |
|
| 358 | + $v[$b] = self::rotr64( self::xor64( $v[$b], $v[$c] ), 24 ); |
|
| 359 | + $v[$a] = self::add364( $v[$a], $v[$b], $m[self::$sigma[$r][( $i << 1 ) + 1]] ); |
|
| 360 | + $v[$d] = self::rotr64( self::xor64( $v[$d], $v[$a] ), 16 ); |
|
| 361 | + $v[$c] = self::add64( $v[$c], $v[$d] ); |
|
| 362 | + $v[$b] = self::rotr64( self::xor64( $v[$b], $v[$c] ), 63 ); |
|
| 363 | 363 | return $v; |
| 364 | 364 | } |
| 365 | 365 | |
@@ -371,20 +371,20 @@ discard block |
||
| 371 | 371 | * @return void |
| 372 | 372 | * @throws Error |
| 373 | 373 | */ |
| 374 | - public static function increment_counter($ctx, $inc) |
|
| 374 | + public static function increment_counter( $ctx, $inc ) |
|
| 375 | 375 | { |
| 376 | - if ($inc < 0) { |
|
| 377 | - throw new Error('Increasing by a negative number makes no sense.'); |
|
| 376 | + if ( $inc < 0 ) { |
|
| 377 | + throw new Error( 'Increasing by a negative number makes no sense.' ); |
|
| 378 | 378 | } |
| 379 | - $t = self::to64($inc); |
|
| 379 | + $t = self::to64( $inc ); |
|
| 380 | 380 | # S->t is $ctx[1] in our implementation |
| 381 | 381 | |
| 382 | 382 | # S->t[0] = ( uint64_t )( t >> 0 ); |
| 383 | - $ctx[1][0] = self::add64($ctx[1][0], $t); |
|
| 383 | + $ctx[1][0] = self::add64( $ctx[1][0], $t ); |
|
| 384 | 384 | |
| 385 | 385 | # S->t[1] += ( S->t[0] < inc ); |
| 386 | - if (self::flatten64($ctx[1][0]) < $inc) { |
|
| 387 | - $ctx[1][1] = self::add64($ctx[1][1], self::to64(1)); |
|
| 386 | + if ( self::flatten64( $ctx[1][0] ) < $inc ) { |
|
| 387 | + $ctx[1][1] = self::add64( $ctx[1][1], self::to64( 1 ) ); |
|
| 388 | 388 | } |
| 389 | 389 | } |
| 390 | 390 | |
@@ -396,18 +396,18 @@ discard block |
||
| 396 | 396 | * @param int $plen |
| 397 | 397 | * @return void |
| 398 | 398 | */ |
| 399 | - public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) |
|
| 399 | + public static function update( SplFixedArray $ctx, SplFixedArray $p, $plen ) |
|
| 400 | 400 | { |
| 401 | 401 | self::pseudoConstructor(); |
| 402 | 402 | |
| 403 | 403 | $offset = 0; |
| 404 | - while ($plen > 0) { |
|
| 404 | + while ( $plen > 0 ) { |
|
| 405 | 405 | $left = $ctx[4]; |
| 406 | 406 | $fill = 256 - $left; |
| 407 | 407 | |
| 408 | - if ($plen > $fill) { |
|
| 408 | + if ( $plen > $fill ) { |
|
| 409 | 409 | # memcpy( S->buf + left, in, fill ); /* Fill buffer */ |
| 410 | - for ($i = $fill; $i--;) { |
|
| 410 | + for ( $i = $fill; $i--; ) { |
|
| 411 | 411 | $ctx[3][$i + $left] = $p[$i + $offset]; |
| 412 | 412 | } |
| 413 | 413 | |
@@ -415,13 +415,13 @@ discard block |
||
| 415 | 415 | $ctx[4] += $fill; |
| 416 | 416 | |
| 417 | 417 | # blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); |
| 418 | - self::increment_counter($ctx, 128); |
|
| 418 | + self::increment_counter( $ctx, 128 ); |
|
| 419 | 419 | |
| 420 | 420 | # blake2b_compress( S, S->buf ); /* Compress */ |
| 421 | - self::compress($ctx, $ctx[3]); |
|
| 421 | + self::compress( $ctx, $ctx[3] ); |
|
| 422 | 422 | |
| 423 | 423 | # memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); /* Shift buffer left */ |
| 424 | - for ($i = 128; $i--;) { |
|
| 424 | + for ( $i = 128; $i--; ) { |
|
| 425 | 425 | $ctx[3][$i] = $ctx[3][$i + 128]; |
| 426 | 426 | } |
| 427 | 427 | |
@@ -434,7 +434,7 @@ discard block |
||
| 434 | 434 | # inlen -= fill; |
| 435 | 435 | $plen -= $fill; |
| 436 | 436 | } else { |
| 437 | - for ($i = $plen; $i--;) { |
|
| 437 | + for ( $i = $plen; $i--; ) { |
|
| 438 | 438 | $ctx[3][$i + $left] = $p[$i + $offset]; |
| 439 | 439 | } |
| 440 | 440 | $ctx[4] += $plen; |
@@ -452,33 +452,33 @@ discard block |
||
| 452 | 452 | * @return SplFixedArray |
| 453 | 453 | * @throws Error |
| 454 | 454 | */ |
| 455 | - public static function finish(SplFixedArray $ctx, SplFixedArray $out) |
|
| 455 | + public static function finish( SplFixedArray $ctx, SplFixedArray $out ) |
|
| 456 | 456 | { |
| 457 | 457 | self::pseudoConstructor(); |
| 458 | - if ($ctx[4] > 128) { |
|
| 459 | - self::increment_counter($ctx, 128); |
|
| 460 | - self::compress($ctx, $ctx[3]); |
|
| 458 | + if ( $ctx[4] > 128 ) { |
|
| 459 | + self::increment_counter( $ctx, 128 ); |
|
| 460 | + self::compress( $ctx, $ctx[3] ); |
|
| 461 | 461 | $ctx[4] -= 128; |
| 462 | - if ($ctx[4] > 128) { |
|
| 463 | - throw new Error('Failed to assert that buflen <= 128 bytes'); |
|
| 462 | + if ( $ctx[4] > 128 ) { |
|
| 463 | + throw new Error( 'Failed to assert that buflen <= 128 bytes' ); |
|
| 464 | 464 | } |
| 465 | - for ($i = $ctx[4]; $i--;) { |
|
| 465 | + for ( $i = $ctx[4]; $i--; ) { |
|
| 466 | 466 | $ctx[3][$i] = $ctx[3][$i + 128]; |
| 467 | 467 | } |
| 468 | 468 | } |
| 469 | 469 | |
| 470 | - self::increment_counter($ctx, $ctx[4]); |
|
| 471 | - $ctx[2][0] = self::new64(0xffffffff, 0xffffffff); |
|
| 470 | + self::increment_counter( $ctx, $ctx[4] ); |
|
| 471 | + $ctx[2][0] = self::new64( 0xffffffff, 0xffffffff ); |
|
| 472 | 472 | |
| 473 | - for ($i = 256 - $ctx[4]; $i--;) { |
|
| 474 | - $ctx[3][$i+$ctx[4]] = 0; |
|
| 473 | + for ( $i = 256 - $ctx[4]; $i--; ) { |
|
| 474 | + $ctx[3][$i + $ctx[4]] = 0; |
|
| 475 | 475 | } |
| 476 | 476 | |
| 477 | - self::compress($ctx, $ctx[3]); |
|
| 477 | + self::compress( $ctx, $ctx[3] ); |
|
| 478 | 478 | |
| 479 | - $i = (int) (($out->getSize() - 1) / 8); |
|
| 480 | - for (; $i >= 0; --$i) { |
|
| 481 | - self::store64($out, $i << 3, $ctx[0][$i]); |
|
| 479 | + $i = (int) ( ( $out->getSize() - 1 ) / 8 ); |
|
| 480 | + for ( ; $i >= 0; --$i ) { |
|
| 481 | + self::store64( $out, $i << 3, $ctx[0][$i] ); |
|
| 482 | 482 | } |
| 483 | 483 | return $out; |
| 484 | 484 | } |
@@ -491,48 +491,48 @@ discard block |
||
| 491 | 491 | * @return SplFixedArray |
| 492 | 492 | * @throws Exception |
| 493 | 493 | */ |
| 494 | - public static function init($key = null, $outlen = 64) |
|
| 494 | + public static function init( $key = null, $outlen = 64 ) |
|
| 495 | 495 | { |
| 496 | 496 | self::pseudoConstructor(); |
| 497 | 497 | $klen = 0; |
| 498 | 498 | |
| 499 | - if ($key !== null) { |
|
| 500 | - if (count($key) > 64) { |
|
| 501 | - throw new Exception('Invalid key size'); |
|
| 499 | + if ( $key !== null ) { |
|
| 500 | + if ( count( $key ) > 64 ) { |
|
| 501 | + throw new Exception( 'Invalid key size' ); |
|
| 502 | 502 | } |
| 503 | - $klen = count($key); |
|
| 503 | + $klen = count( $key ); |
|
| 504 | 504 | } |
| 505 | 505 | |
| 506 | - if ($outlen > 64) { |
|
| 507 | - throw new Exception('Invalid output size'); |
|
| 506 | + if ( $outlen > 64 ) { |
|
| 507 | + throw new Exception( 'Invalid output size' ); |
|
| 508 | 508 | } |
| 509 | 509 | |
| 510 | 510 | $ctx = self::context(); |
| 511 | 511 | |
| 512 | - $p = new SplFixedArray(64); |
|
| 513 | - for ($i = 64; --$i;) { |
|
| 512 | + $p = new SplFixedArray( 64 ); |
|
| 513 | + for ( $i = 64; --$i; ) { |
|
| 514 | 514 | $p[$i] = 0; |
| 515 | 515 | } |
| 516 | 516 | |
| 517 | 517 | $p[0] = $outlen; // digest_length |
| 518 | - $p[1] = $klen; // key_length |
|
| 519 | - $p[2] = 1; // fanout |
|
| 520 | - $p[3] = 1; // depth |
|
| 518 | + $p[1] = $klen; // key_length |
|
| 519 | + $p[2] = 1; // fanout |
|
| 520 | + $p[3] = 1; // depth |
|
| 521 | 521 | |
| 522 | 522 | $ctx[0][0] = self::xor64( |
| 523 | 523 | $ctx[0][0], |
| 524 | - self::load64($p, 0) |
|
| 524 | + self::load64( $p, 0 ) |
|
| 525 | 525 | ); |
| 526 | 526 | |
| 527 | - if ($klen > 0 && $key instanceof SplFixedArray) { |
|
| 528 | - $block = new SplFixedArray(128); |
|
| 529 | - for ($i = 128; $i--;) { |
|
| 527 | + if ( $klen > 0 && $key instanceof SplFixedArray ) { |
|
| 528 | + $block = new SplFixedArray( 128 ); |
|
| 529 | + for ( $i = 128; $i--; ) { |
|
| 530 | 530 | $block[$i] = 0; |
| 531 | 531 | } |
| 532 | - for ($i = $klen; $i--;) { |
|
| 532 | + for ( $i = $klen; $i--; ) { |
|
| 533 | 533 | $block[$i] = $key[$i]; |
| 534 | 534 | } |
| 535 | - self::update($ctx, $block, 128); |
|
| 535 | + self::update( $ctx, $block, 128 ); |
|
| 536 | 536 | } |
| 537 | 537 | |
| 538 | 538 | return $ctx; |
@@ -546,10 +546,10 @@ discard block |
||
| 546 | 546 | * @param string $str |
| 547 | 547 | * @return SplFixedArray |
| 548 | 548 | */ |
| 549 | - public static function stringToSplFixedArray($str = '') |
|
| 549 | + public static function stringToSplFixedArray( $str = '' ) |
|
| 550 | 550 | { |
| 551 | - $values = unpack('C*', $str); |
|
| 552 | - return SplFixedArray::fromArray(array_values($values)); |
|
| 551 | + $values = unpack( 'C*', $str ); |
|
| 552 | + return SplFixedArray::fromArray( array_values( $values ) ); |
|
| 553 | 553 | } |
| 554 | 554 | |
| 555 | 555 | /** |
@@ -560,15 +560,15 @@ discard block |
||
| 560 | 560 | * @param SplFixedArray $a |
| 561 | 561 | * @return string |
| 562 | 562 | */ |
| 563 | - public static function SplFixedArrayToString(SplFixedArray $a) |
|
| 563 | + public static function SplFixedArrayToString( SplFixedArray $a ) |
|
| 564 | 564 | { |
| 565 | 565 | /** |
| 566 | 566 | * @var array<mixed, int> |
| 567 | 567 | */ |
| 568 | 568 | $arr = $a->toArray(); |
| 569 | 569 | $c = $a->count(); |
| 570 | - array_unshift($arr, str_repeat('C', $c)); |
|
| 571 | - return call_user_func_array('pack', $arr); |
|
| 570 | + array_unshift( $arr, str_repeat( 'C', $c ) ); |
|
| 571 | + return call_user_func_array( 'pack', $arr ); |
|
| 572 | 572 | } |
| 573 | 573 | |
| 574 | 574 | /** |
@@ -577,41 +577,41 @@ discard block |
||
| 577 | 577 | * @param SplFixedArray[SplFixedArray] $ctx |
| 578 | 578 | * @return string |
| 579 | 579 | */ |
| 580 | - public static function contextToString(SplFixedArray $ctx) |
|
| 580 | + public static function contextToString( SplFixedArray $ctx ) |
|
| 581 | 581 | { |
| 582 | 582 | $str = ''; |
| 583 | 583 | $ctxA = $ctx[0]->toArray(); |
| 584 | 584 | |
| 585 | 585 | # uint64_t h[8]; |
| 586 | - for ($i = 0; $i < 8; ++$i) { |
|
| 587 | - $str .= self::store32_le($ctxA[$i][1]); |
|
| 588 | - $str .= self::store32_le($ctxA[$i][0]); |
|
| 586 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 587 | + $str .= self::store32_le( $ctxA[$i][1] ); |
|
| 588 | + $str .= self::store32_le( $ctxA[$i][0] ); |
|
| 589 | 589 | } |
| 590 | 590 | |
| 591 | 591 | # uint64_t t[2]; |
| 592 | 592 | # uint64_t f[2]; |
| 593 | - for ($i = 1; $i < 3; ++$i) { |
|
| 593 | + for ( $i = 1; $i < 3; ++$i ) { |
|
| 594 | 594 | $ctxA = $ctx[$i]->toArray(); |
| 595 | - $str .= self::store32_le($ctxA[0][1]); |
|
| 596 | - $str .= self::store32_le($ctxA[0][0]); |
|
| 597 | - $str .= self::store32_le($ctxA[1][1]); |
|
| 598 | - $str .= self::store32_le($ctxA[1][0]); |
|
| 595 | + $str .= self::store32_le( $ctxA[0][1] ); |
|
| 596 | + $str .= self::store32_le( $ctxA[0][0] ); |
|
| 597 | + $str .= self::store32_le( $ctxA[1][1] ); |
|
| 598 | + $str .= self::store32_le( $ctxA[1][0] ); |
|
| 599 | 599 | } |
| 600 | 600 | |
| 601 | 601 | # uint8_t buf[2 * 128]; |
| 602 | - $str .= self::SplFixedArrayToString($ctx[3]); |
|
| 602 | + $str .= self::SplFixedArrayToString( $ctx[3] ); |
|
| 603 | 603 | |
| 604 | 604 | # size_t buflen; |
| 605 | - $str .= implode('', array( |
|
| 606 | - self::intToChr($ctx[4] & 0xff), |
|
| 607 | - self::intToChr(($ctx[4] >> 8) & 0xff), |
|
| 608 | - self::intToChr(($ctx[4] >> 16) & 0xff), |
|
| 609 | - self::intToChr(($ctx[4] >> 24) & 0xff), |
|
| 610 | - self::intToChr(($ctx[4] >> 32) & 0xff), |
|
| 611 | - self::intToChr(($ctx[4] >> 40) & 0xff), |
|
| 612 | - self::intToChr(($ctx[4] >> 48) & 0xff), |
|
| 613 | - self::intToChr(($ctx[4] >> 56) & 0xff) |
|
| 614 | - )); |
|
| 605 | + $str .= implode( '', array( |
|
| 606 | + self::intToChr( $ctx[4] & 0xff ), |
|
| 607 | + self::intToChr( ( $ctx[4] >> 8 ) & 0xff ), |
|
| 608 | + self::intToChr( ( $ctx[4] >> 16 ) & 0xff ), |
|
| 609 | + self::intToChr( ( $ctx[4] >> 24 ) & 0xff ), |
|
| 610 | + self::intToChr( ( $ctx[4] >> 32 ) & 0xff ), |
|
| 611 | + self::intToChr( ( $ctx[4] >> 40 ) & 0xff ), |
|
| 612 | + self::intToChr( ( $ctx[4] >> 48 ) & 0xff ), |
|
| 613 | + self::intToChr( ( $ctx[4] >> 56 ) & 0xff ) |
|
| 614 | + ) ); |
|
| 615 | 615 | # uint8_t last_node; |
| 616 | 616 | return $str . "\x00"; |
| 617 | 617 | } |
@@ -625,19 +625,19 @@ discard block |
||
| 625 | 625 | * @param string $string |
| 626 | 626 | * @return SplFixedArray |
| 627 | 627 | */ |
| 628 | - public static function stringToContext($string) |
|
| 628 | + public static function stringToContext( $string ) |
|
| 629 | 629 | { |
| 630 | 630 | $ctx = self::context(); |
| 631 | 631 | |
| 632 | 632 | # uint64_t h[8]; |
| 633 | - for ($i = 0; $i < 8; ++$i) { |
|
| 633 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 634 | 634 | $ctx[0][$i] = SplFixedArray::fromArray( |
| 635 | 635 | array( |
| 636 | 636 | self::load_4( |
| 637 | - self::substr($string, (($i << 3) + 4), 4) |
|
| 637 | + self::substr( $string, ( ( $i << 3 ) + 4 ), 4 ) |
|
| 638 | 638 | ), |
| 639 | 639 | self::load_4( |
| 640 | - self::substr($string, (($i << 3) + 0), 4) |
|
| 640 | + self::substr( $string, ( ( $i << 3 ) + 0 ), 4 ) |
|
| 641 | 641 | ) |
| 642 | 642 | ) |
| 643 | 643 | ); |
@@ -645,29 +645,29 @@ discard block |
||
| 645 | 645 | |
| 646 | 646 | # uint64_t t[2]; |
| 647 | 647 | # uint64_t f[2]; |
| 648 | - for ($i = 1; $i < 3; ++$i) { |
|
| 648 | + for ( $i = 1; $i < 3; ++$i ) { |
|
| 649 | 649 | $ctx[$i][1] = SplFixedArray::fromArray( |
| 650 | 650 | array( |
| 651 | - self::load_4(self::substr($string, 76 + (($i - 1) << 4), 4)), |
|
| 652 | - self::load_4(self::substr($string, 72 + (($i - 1) << 4), 4)) |
|
| 651 | + self::load_4( self::substr( $string, 76 + ( ( $i - 1 ) << 4 ), 4 ) ), |
|
| 652 | + self::load_4( self::substr( $string, 72 + ( ( $i - 1 ) << 4 ), 4 ) ) |
|
| 653 | 653 | ) |
| 654 | 654 | ); |
| 655 | 655 | $ctx[$i][0] = SplFixedArray::fromArray( |
| 656 | 656 | array( |
| 657 | - self::load_4(self::substr($string, 68 + (($i - 1) << 4), 4)), |
|
| 658 | - self::load_4(self::substr($string, 64 + (($i - 1) << 4), 4)) |
|
| 657 | + self::load_4( self::substr( $string, 68 + ( ( $i - 1 ) << 4 ), 4 ) ), |
|
| 658 | + self::load_4( self::substr( $string, 64 + ( ( $i - 1 ) << 4 ), 4 ) ) |
|
| 659 | 659 | ) |
| 660 | 660 | ); |
| 661 | 661 | } |
| 662 | 662 | |
| 663 | 663 | # uint8_t buf[2 * 128]; |
| 664 | - $ctx[3] = self::stringToSplFixedArray(self::substr($string, 96, 256)); |
|
| 664 | + $ctx[3] = self::stringToSplFixedArray( self::substr( $string, 96, 256 ) ); |
|
| 665 | 665 | |
| 666 | 666 | |
| 667 | 667 | # uint8_t buf[2 * 128]; |
| 668 | 668 | $int = 0; |
| 669 | - for ($i = 0; $i < 8; ++$i) { |
|
| 670 | - $int |= self::chrToInt($string[352 + $i]) << ($i << 3); |
|
| 669 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 670 | + $int |= self::chrToInt( $string[352 + $i] ) << ( $i << 3 ); |
|
| 671 | 671 | } |
| 672 | 672 | $ctx[4] = $int; |
| 673 | 673 | |
@@ -9,8 +9,7 @@ discard block |
||
| 9 | 9 | * |
| 10 | 10 | * Based on the work of Devi Mandiri in devi/salt. |
| 11 | 11 | */ |
| 12 | -abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util |
|
| 13 | -{ |
|
| 12 | +abstract class ParagonIE_Sodium_Core_BLAKE2b extends ParagonIE_Sodium_Core_Util { |
|
| 14 | 13 | /** |
| 15 | 14 | * @var SplFixedArray |
| 16 | 15 | */ |
@@ -47,8 +46,7 @@ discard block |
||
| 47 | 46 | * @param int $low |
| 48 | 47 | * @return SplFixedArray |
| 49 | 48 | */ |
| 50 | - public static function new64($high, $low) |
|
| 51 | - { |
|
| 49 | + public static function new64($high, $low) { |
|
| 52 | 50 | $i64 = new SplFixedArray(2); |
| 53 | 51 | $i64[0] = $high & 0xffffffff; |
| 54 | 52 | $i64[1] = $low & 0xffffffff; |
@@ -64,8 +62,7 @@ discard block |
||
| 64 | 62 | * @param int $num |
| 65 | 63 | * @return SplFixedArray |
| 66 | 64 | */ |
| 67 | - protected static function to64($num) |
|
| 68 | - { |
|
| 65 | + protected static function to64($num) { |
|
| 69 | 66 | list($hi, $lo) = self::numericTo64BitInteger($num); |
| 70 | 67 | return self::new64($hi, $lo); |
| 71 | 68 | } |
@@ -80,8 +77,7 @@ discard block |
||
| 80 | 77 | * @param SplFixedArray $y |
| 81 | 78 | * @return SplFixedArray |
| 82 | 79 | */ |
| 83 | - protected static function add64($x, $y) |
|
| 84 | - { |
|
| 80 | + protected static function add64($x, $y) { |
|
| 85 | 81 | $l = ($x[1] + $y[1]) & 0xffffffff; |
| 86 | 82 | return self::new64( |
| 87 | 83 | $x[0] + $y[0] + ( |
@@ -99,8 +95,7 @@ discard block |
||
| 99 | 95 | * @param SplFixedArray $z |
| 100 | 96 | * @return SplFixedArray |
| 101 | 97 | */ |
| 102 | - protected static function add364($x, $y, $z) |
|
| 103 | - { |
|
| 98 | + protected static function add364($x, $y, $z) { |
|
| 104 | 99 | return self::add64($x, self::add64($y, $z)); |
| 105 | 100 | } |
| 106 | 101 | |
@@ -112,8 +107,7 @@ discard block |
||
| 112 | 107 | * @return SplFixedArray |
| 113 | 108 | * @throws Exception |
| 114 | 109 | */ |
| 115 | - protected static function xor64(SplFixedArray $x, SplFixedArray $y) |
|
| 116 | - { |
|
| 110 | + protected static function xor64(SplFixedArray $x, SplFixedArray $y) { |
|
| 117 | 111 | if (!is_numeric($x[0])) { |
| 118 | 112 | throw new Exception('x[0] is not an integer'); |
| 119 | 113 | } |
@@ -136,8 +130,7 @@ discard block |
||
| 136 | 130 | * @param int $c |
| 137 | 131 | * @return SplFixedArray |
| 138 | 132 | */ |
| 139 | - public static function rotr64($x, $c) |
|
| 140 | - { |
|
| 133 | + public static function rotr64($x, $c) { |
|
| 141 | 134 | if ($c >= 64) { |
| 142 | 135 | $c %= 64; |
| 143 | 136 | } |
@@ -186,8 +179,7 @@ discard block |
||
| 186 | 179 | * @param SplFixedArray $x |
| 187 | 180 | * @return int |
| 188 | 181 | */ |
| 189 | - protected static function flatten64($x) |
|
| 190 | - { |
|
| 182 | + protected static function flatten64($x) { |
|
| 191 | 183 | return ($x[0] * 4294967296 + $x[1]); |
| 192 | 184 | } |
| 193 | 185 | |
@@ -198,8 +190,7 @@ discard block |
||
| 198 | 190 | * @param int $i |
| 199 | 191 | * @return SplFixedArray |
| 200 | 192 | */ |
| 201 | - protected static function load64(SplFixedArray $x, $i) |
|
| 202 | - { |
|
| 193 | + protected static function load64(SplFixedArray $x, $i) { |
|
| 203 | 194 | $l = $x[$i] | ($x[$i+1]<<8) | ($x[$i+2]<<16) | ($x[$i+3]<<24); |
| 204 | 195 | $h = $x[$i+4] | ($x[$i+5]<<8) | ($x[$i+6]<<16) | ($x[$i+7]<<24); |
| 205 | 196 | return self::new64($h, $l); |
@@ -213,8 +204,7 @@ discard block |
||
| 213 | 204 | * @param SplFixedArray $u |
| 214 | 205 | * @return void |
| 215 | 206 | */ |
| 216 | - protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) |
|
| 217 | - { |
|
| 207 | + protected static function store64(SplFixedArray $x, $i, SplFixedArray $u) { |
|
| 218 | 208 | $maxLength = $x->getSize() - 1; |
| 219 | 209 | for ($j = 0; $j < 8; ++$j) { |
| 220 | 210 | /* |
@@ -238,8 +228,7 @@ discard block |
||
| 238 | 228 | * |
| 239 | 229 | * @return void |
| 240 | 230 | */ |
| 241 | - public static function pseudoConstructor() |
|
| 242 | - { |
|
| 231 | + public static function pseudoConstructor() { |
|
| 243 | 232 | static $called = false; |
| 244 | 233 | if ($called) { |
| 245 | 234 | return; |
@@ -264,8 +253,7 @@ discard block |
||
| 264 | 253 | * |
| 265 | 254 | * @return SplFixedArray |
| 266 | 255 | */ |
| 267 | - protected static function context() |
|
| 268 | - { |
|
| 256 | + protected static function context() { |
|
| 269 | 257 | $ctx = new SplFixedArray(5); |
| 270 | 258 | $ctx[0] = new SplFixedArray(8); // h |
| 271 | 259 | $ctx[1] = new SplFixedArray(2); // t |
@@ -296,8 +284,7 @@ discard block |
||
| 296 | 284 | * @param SplFixedArray $buf |
| 297 | 285 | * @return void |
| 298 | 286 | */ |
| 299 | - protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) |
|
| 300 | - { |
|
| 287 | + protected static function compress(SplFixedArray $ctx, SplFixedArray $buf) { |
|
| 301 | 288 | $m = new SplFixedArray(16); |
| 302 | 289 | $v = new SplFixedArray(16); |
| 303 | 290 | |
@@ -350,8 +337,7 @@ discard block |
||
| 350 | 337 | * @param SplFixedArray $m |
| 351 | 338 | * @return SplFixedArray |
| 352 | 339 | */ |
| 353 | - public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) |
|
| 354 | - { |
|
| 340 | + public static function G($r, $i, $a, $b, $c, $d, SplFixedArray $v, SplFixedArray $m) { |
|
| 355 | 341 | $v[$a] = self::add364($v[$a], $v[$b], $m[self::$sigma[$r][$i << 1]]); |
| 356 | 342 | $v[$d] = self::rotr64(self::xor64($v[$d], $v[$a]), 32); |
| 357 | 343 | $v[$c] = self::add64($v[$c], $v[$d]); |
@@ -371,8 +357,7 @@ discard block |
||
| 371 | 357 | * @return void |
| 372 | 358 | * @throws Error |
| 373 | 359 | */ |
| 374 | - public static function increment_counter($ctx, $inc) |
|
| 375 | - { |
|
| 360 | + public static function increment_counter($ctx, $inc) { |
|
| 376 | 361 | if ($inc < 0) { |
| 377 | 362 | throw new Error('Increasing by a negative number makes no sense.'); |
| 378 | 363 | } |
@@ -396,8 +381,7 @@ discard block |
||
| 396 | 381 | * @param int $plen |
| 397 | 382 | * @return void |
| 398 | 383 | */ |
| 399 | - public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) |
|
| 400 | - { |
|
| 384 | + public static function update(SplFixedArray $ctx, SplFixedArray $p, $plen) { |
|
| 401 | 385 | self::pseudoConstructor(); |
| 402 | 386 | |
| 403 | 387 | $offset = 0; |
@@ -452,8 +436,7 @@ discard block |
||
| 452 | 436 | * @return SplFixedArray |
| 453 | 437 | * @throws Error |
| 454 | 438 | */ |
| 455 | - public static function finish(SplFixedArray $ctx, SplFixedArray $out) |
|
| 456 | - { |
|
| 439 | + public static function finish(SplFixedArray $ctx, SplFixedArray $out) { |
|
| 457 | 440 | self::pseudoConstructor(); |
| 458 | 441 | if ($ctx[4] > 128) { |
| 459 | 442 | self::increment_counter($ctx, 128); |
@@ -491,8 +474,7 @@ discard block |
||
| 491 | 474 | * @return SplFixedArray |
| 492 | 475 | * @throws Exception |
| 493 | 476 | */ |
| 494 | - public static function init($key = null, $outlen = 64) |
|
| 495 | - { |
|
| 477 | + public static function init($key = null, $outlen = 64) { |
|
| 496 | 478 | self::pseudoConstructor(); |
| 497 | 479 | $klen = 0; |
| 498 | 480 | |
@@ -546,8 +528,7 @@ discard block |
||
| 546 | 528 | * @param string $str |
| 547 | 529 | * @return SplFixedArray |
| 548 | 530 | */ |
| 549 | - public static function stringToSplFixedArray($str = '') |
|
| 550 | - { |
|
| 531 | + public static function stringToSplFixedArray($str = '') { |
|
| 551 | 532 | $values = unpack('C*', $str); |
| 552 | 533 | return SplFixedArray::fromArray(array_values($values)); |
| 553 | 534 | } |
@@ -560,8 +541,7 @@ discard block |
||
| 560 | 541 | * @param SplFixedArray $a |
| 561 | 542 | * @return string |
| 562 | 543 | */ |
| 563 | - public static function SplFixedArrayToString(SplFixedArray $a) |
|
| 564 | - { |
|
| 544 | + public static function SplFixedArrayToString(SplFixedArray $a) { |
|
| 565 | 545 | /** |
| 566 | 546 | * @var array<mixed, int> |
| 567 | 547 | */ |
@@ -577,8 +557,7 @@ discard block |
||
| 577 | 557 | * @param SplFixedArray[SplFixedArray] $ctx |
| 578 | 558 | * @return string |
| 579 | 559 | */ |
| 580 | - public static function contextToString(SplFixedArray $ctx) |
|
| 581 | - { |
|
| 560 | + public static function contextToString(SplFixedArray $ctx) { |
|
| 582 | 561 | $str = ''; |
| 583 | 562 | $ctxA = $ctx[0]->toArray(); |
| 584 | 563 | |
@@ -625,8 +604,7 @@ discard block |
||
| 625 | 604 | * @param string $string |
| 626 | 605 | * @return SplFixedArray |
| 627 | 606 | */ |
| 628 | - public static function stringToContext($string) |
|
| 629 | - { |
|
| 607 | + public static function stringToContext($string) { |
|
| 630 | 608 | $ctx = self::context(); |
| 631 | 609 | |
| 632 | 610 | # uint64_t h[8]; |
@@ -1636,7 +1636,7 @@ |
||
| 1636 | 1636 | /** |
| 1637 | 1637 | * @internal You should not use this directly from another application |
| 1638 | 1638 | * |
| 1639 | - * @param string $a |
|
| 1639 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $a |
|
| 1640 | 1640 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A |
| 1641 | 1641 | * @param string $b |
| 1642 | 1642 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core_Curve25519', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -15,2550 +15,2550 @@ discard block |
||
| 15 | 15 | */ |
| 16 | 16 | abstract class ParagonIE_Sodium_Core_Curve25519 extends ParagonIE_Sodium_Core_Curve25519_H |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Get a field element of size 10 with a value of 0 |
|
| 20 | - * |
|
| 21 | - * @internal You should not use this directly from another application |
|
| 22 | - * |
|
| 23 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 24 | - */ |
|
| 25 | - public static function fe_0() |
|
| 26 | - { |
|
| 27 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 28 | - array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
|
| 29 | - ); |
|
| 30 | - } |
|
| 31 | - |
|
| 32 | - /** |
|
| 33 | - * Get a field element of size 10 with a value of 1 |
|
| 34 | - * |
|
| 35 | - * @internal You should not use this directly from another application |
|
| 36 | - * |
|
| 37 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 38 | - */ |
|
| 39 | - public static function fe_1() |
|
| 40 | - { |
|
| 41 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 42 | - array(1, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
|
| 43 | - ); |
|
| 44 | - } |
|
| 45 | - |
|
| 46 | - /** |
|
| 47 | - * Add two field elements. |
|
| 48 | - * |
|
| 49 | - * @internal You should not use this directly from another application |
|
| 50 | - * |
|
| 51 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 52 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 53 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 54 | - */ |
|
| 55 | - public static function fe_add( |
|
| 56 | - ParagonIE_Sodium_Core_Curve25519_Fe $f, |
|
| 57 | - ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 58 | - ) { |
|
| 59 | - $arr = array(); |
|
| 60 | - for ($i = 0; $i < 10; ++$i) { |
|
| 61 | - $arr[$i] = (int) ($f[$i] + $g[$i]); |
|
| 62 | - } |
|
| 63 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($arr); |
|
| 64 | - } |
|
| 65 | - |
|
| 66 | - /** |
|
| 67 | - * Constant-time conditional move. |
|
| 68 | - * |
|
| 69 | - * @internal You should not use this directly from another application |
|
| 70 | - * |
|
| 71 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 72 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 73 | - * @param int $b |
|
| 74 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 75 | - */ |
|
| 76 | - public static function fe_cmov( |
|
| 77 | - ParagonIE_Sodium_Core_Curve25519_Fe $f, |
|
| 78 | - ParagonIE_Sodium_Core_Curve25519_Fe $g, |
|
| 79 | - $b = 0 |
|
| 80 | - ) { |
|
| 81 | - $h = array(); |
|
| 82 | - $b *= -1; |
|
| 83 | - for ($i = 0; $i < 10; ++$i) { |
|
| 84 | - $x = (($f[$i] ^ $g[$i]) & $b); |
|
| 85 | - $h[$i] = $f[$i] ^ $x; |
|
| 86 | - } |
|
| 87 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - /** |
|
| 91 | - * Create a copy of a field element. |
|
| 92 | - * |
|
| 93 | - * @internal You should not use this directly from another application |
|
| 94 | - * |
|
| 95 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 96 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 97 | - */ |
|
| 98 | - public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 99 | - { |
|
| 100 | - $h = clone $f; |
|
| 101 | - return $h; |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - /** |
|
| 105 | - * Give: 32-byte string. |
|
| 106 | - * Receive: A field element object to use for internal calculations. |
|
| 107 | - * |
|
| 108 | - * @internal You should not use this directly from another application |
|
| 109 | - * |
|
| 110 | - * @param string $s |
|
| 111 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 112 | - * @throws RangeException |
|
| 113 | - */ |
|
| 114 | - public static function fe_frombytes($s) |
|
| 115 | - { |
|
| 116 | - if (self::strlen($s) !== 32) { |
|
| 117 | - throw new RangeException('Expected a 32-byte string.'); |
|
| 118 | - } |
|
| 119 | - $h0 = self::load_4($s); |
|
| 120 | - $h1 = self::load_3(self::substr($s, 4, 3)) << 6; |
|
| 121 | - $h2 = self::load_3(self::substr($s, 7, 3)) << 5; |
|
| 122 | - $h3 = self::load_3(self::substr($s, 10, 3)) << 3; |
|
| 123 | - $h4 = self::load_3(self::substr($s, 13, 3)) << 2; |
|
| 124 | - $h5 = self::load_4(self::substr($s, 16, 4)); |
|
| 125 | - $h6 = self::load_3(self::substr($s, 20, 3)) << 7; |
|
| 126 | - $h7 = self::load_3(self::substr($s, 23, 3)) << 5; |
|
| 127 | - $h8 = self::load_3(self::substr($s, 26, 3)) << 4; |
|
| 128 | - $h9 = (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2; |
|
| 129 | - |
|
| 130 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 131 | - $h0 += self::mul($carry9, 19, 5); |
|
| 132 | - $h9 -= $carry9 << 25; |
|
| 133 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 134 | - $h2 += $carry1; |
|
| 135 | - $h1 -= $carry1 << 25; |
|
| 136 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 137 | - $h4 += $carry3; |
|
| 138 | - $h3 -= $carry3 << 25; |
|
| 139 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 140 | - $h6 += $carry5; |
|
| 141 | - $h5 -= $carry5 << 25; |
|
| 142 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 143 | - $h8 += $carry7; |
|
| 144 | - $h7 -= $carry7 << 25; |
|
| 145 | - |
|
| 146 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 147 | - $h1 += $carry0; |
|
| 148 | - $h0 -= $carry0 << 26; |
|
| 149 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 150 | - $h3 += $carry2; |
|
| 151 | - $h2 -= $carry2 << 26; |
|
| 152 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 153 | - $h5 += $carry4; |
|
| 154 | - $h4 -= $carry4 << 26; |
|
| 155 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 156 | - $h7 += $carry6; |
|
| 157 | - $h6 -= $carry6 << 26; |
|
| 158 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 159 | - $h9 += $carry8; |
|
| 160 | - $h8 -= $carry8 << 26; |
|
| 161 | - |
|
| 162 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 163 | - array( |
|
| 164 | - (int) $h0, |
|
| 165 | - (int) $h1, |
|
| 166 | - (int) $h2, |
|
| 167 | - (int) $h3, |
|
| 168 | - (int) $h4, |
|
| 169 | - (int) $h5, |
|
| 170 | - (int) $h6, |
|
| 171 | - (int) $h7, |
|
| 172 | - (int) $h8, |
|
| 173 | - (int) $h9 |
|
| 174 | - ) |
|
| 175 | - ); |
|
| 176 | - } |
|
| 177 | - |
|
| 178 | - /** |
|
| 179 | - * Convert a field element to a byte string. |
|
| 180 | - * |
|
| 181 | - * @internal You should not use this directly from another application |
|
| 182 | - * |
|
| 183 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $h |
|
| 184 | - * @return string |
|
| 185 | - */ |
|
| 186 | - public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) |
|
| 187 | - { |
|
| 188 | - $h[0] = (int) $h[0]; |
|
| 189 | - $h[1] = (int) $h[1]; |
|
| 190 | - $h[2] = (int) $h[2]; |
|
| 191 | - $h[3] = (int) $h[3]; |
|
| 192 | - $h[4] = (int) $h[4]; |
|
| 193 | - $h[5] = (int) $h[5]; |
|
| 194 | - $h[6] = (int) $h[6]; |
|
| 195 | - $h[7] = (int) $h[7]; |
|
| 196 | - $h[8] = (int) $h[8]; |
|
| 197 | - $h[9] = (int) $h[9]; |
|
| 198 | - |
|
| 199 | - $q = (self::mul($h[9], 19, 5) + (1 << 24)) >> 25; |
|
| 200 | - $q = ($h[0] + $q) >> 26; |
|
| 201 | - $q = ($h[1] + $q) >> 25; |
|
| 202 | - $q = ($h[2] + $q) >> 26; |
|
| 203 | - $q = ($h[3] + $q) >> 25; |
|
| 204 | - $q = ($h[4] + $q) >> 26; |
|
| 205 | - $q = ($h[5] + $q) >> 25; |
|
| 206 | - $q = ($h[6] + $q) >> 26; |
|
| 207 | - $q = ($h[7] + $q) >> 25; |
|
| 208 | - $q = ($h[8] + $q) >> 26; |
|
| 209 | - $q = ($h[9] + $q) >> 25; |
|
| 210 | - |
|
| 211 | - $h[0] += self::mul($q, 19, 5); |
|
| 212 | - |
|
| 213 | - $carry0 = $h[0] >> 26; |
|
| 214 | - $h[1] += $carry0; |
|
| 215 | - $h[0] -= $carry0 << 26; |
|
| 216 | - $carry1 = $h[1] >> 25; |
|
| 217 | - $h[2] += $carry1; |
|
| 218 | - $h[1] -= $carry1 << 25; |
|
| 219 | - $carry2 = $h[2] >> 26; |
|
| 220 | - $h[3] += $carry2; |
|
| 221 | - $h[2] -= $carry2 << 26; |
|
| 222 | - $carry3 = $h[3] >> 25; |
|
| 223 | - $h[4] += $carry3; |
|
| 224 | - $h[3] -= $carry3 << 25; |
|
| 225 | - $carry4 = $h[4] >> 26; |
|
| 226 | - $h[5] += $carry4; |
|
| 227 | - $h[4] -= $carry4 << 26; |
|
| 228 | - $carry5 = $h[5] >> 25; |
|
| 229 | - $h[6] += $carry5; |
|
| 230 | - $h[5] -= $carry5 << 25; |
|
| 231 | - $carry6 = $h[6] >> 26; |
|
| 232 | - $h[7] += $carry6; |
|
| 233 | - $h[6] -= $carry6 << 26; |
|
| 234 | - $carry7 = $h[7] >> 25; |
|
| 235 | - $h[8] += $carry7; |
|
| 236 | - $h[7] -= $carry7 << 25; |
|
| 237 | - $carry8 = $h[8] >> 26; |
|
| 238 | - $h[9] += $carry8; |
|
| 239 | - $h[8] -= $carry8 << 26; |
|
| 240 | - $carry9 = $h[9] >> 25; |
|
| 241 | - $h[9] -= $carry9 << 25; |
|
| 242 | - |
|
| 243 | - /** |
|
| 244 | - * @var array<int, int> |
|
| 245 | - */ |
|
| 246 | - $s = array( |
|
| 247 | - (int) (($h[0] >> 0) & 0xff), |
|
| 248 | - (int) (($h[0] >> 8) & 0xff), |
|
| 249 | - (int) (($h[0] >> 16) & 0xff), |
|
| 250 | - (int) ((($h[0] >> 24) | ($h[1] << 2)) & 0xff), |
|
| 251 | - (int) (($h[1] >> 6) & 0xff), |
|
| 252 | - (int) (($h[1] >> 14) & 0xff), |
|
| 253 | - (int) ((($h[1] >> 22) | ($h[2] << 3)) & 0xff), |
|
| 254 | - (int) (($h[2] >> 5) & 0xff), |
|
| 255 | - (int) (($h[2] >> 13) & 0xff), |
|
| 256 | - (int) ((($h[2] >> 21) | ($h[3] << 5)) & 0xff), |
|
| 257 | - (int) (($h[3] >> 3) & 0xff), |
|
| 258 | - (int) (($h[3] >> 11) & 0xff), |
|
| 259 | - (int) ((($h[3] >> 19) | ($h[4] << 6)) & 0xff), |
|
| 260 | - (int) (($h[4] >> 2) & 0xff), |
|
| 261 | - (int) (($h[4] >> 10) & 0xff), |
|
| 262 | - (int) (($h[4] >> 18) & 0xff), |
|
| 263 | - (int) (($h[5] >> 0) & 0xff), |
|
| 264 | - (int) (($h[5] >> 8) & 0xff), |
|
| 265 | - (int) (($h[5] >> 16) & 0xff), |
|
| 266 | - (int) ((($h[5] >> 24) | ($h[6] << 1)) & 0xff), |
|
| 267 | - (int) (($h[6] >> 7) & 0xff), |
|
| 268 | - (int) (($h[6] >> 15) & 0xff), |
|
| 269 | - (int) ((($h[6] >> 23) | ($h[7] << 3)) & 0xff), |
|
| 270 | - (int) (($h[7] >> 5) & 0xff), |
|
| 271 | - (int) (($h[7] >> 13) & 0xff), |
|
| 272 | - (int) ((($h[7] >> 21) | ($h[8] << 4)) & 0xff), |
|
| 273 | - (int) (($h[8] >> 4) & 0xff), |
|
| 274 | - (int) (($h[8] >> 12) & 0xff), |
|
| 275 | - (int) ((($h[8] >> 20) | ($h[9] << 6)) & 0xff), |
|
| 276 | - (int) (($h[9] >> 2) & 0xff), |
|
| 277 | - (int) (($h[9] >> 10) & 0xff), |
|
| 278 | - (int) (($h[9] >> 18) & 0xff) |
|
| 279 | - ); |
|
| 280 | - return self::intArrayToString($s); |
|
| 281 | - } |
|
| 282 | - |
|
| 283 | - /** |
|
| 284 | - * Is a field element negative? (1 = yes, 0 = no. Used in calculations.) |
|
| 285 | - * |
|
| 286 | - * @internal You should not use this directly from another application |
|
| 287 | - * |
|
| 288 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 289 | - * @return int |
|
| 290 | - */ |
|
| 291 | - public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 292 | - { |
|
| 293 | - $str = self::fe_tobytes($f); |
|
| 294 | - return self::chrToInt($str[0]) & 1; |
|
| 295 | - } |
|
| 296 | - |
|
| 297 | - /** |
|
| 298 | - * Returns 0 if this field element results in all NUL bytes. |
|
| 299 | - * |
|
| 300 | - * @internal You should not use this directly from another application |
|
| 301 | - * |
|
| 302 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 303 | - * @return bool |
|
| 304 | - */ |
|
| 305 | - public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 306 | - { |
|
| 307 | - static $zero; |
|
| 308 | - if ($zero === null) { |
|
| 309 | - $zero = str_repeat("\x00", 32); |
|
| 310 | - } |
|
| 311 | - $str = self::fe_tobytes($f); |
|
| 312 | - return !self::verify_32($str, $zero); |
|
| 313 | - } |
|
| 314 | - |
|
| 315 | - /** |
|
| 316 | - * Multiply two field elements |
|
| 317 | - * |
|
| 318 | - * h = f * g |
|
| 319 | - * |
|
| 320 | - * @internal You should not use this directly from another application |
|
| 321 | - * |
|
| 322 | - * @security Is multiplication a source of timing leaks? If so, can we do |
|
| 323 | - * anything to prevent that from happening? |
|
| 324 | - * |
|
| 325 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 326 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 327 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 328 | - */ |
|
| 329 | - public static function fe_mul( |
|
| 330 | - ParagonIE_Sodium_Core_Curve25519_Fe $f, |
|
| 331 | - ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 332 | - ) { |
|
| 333 | - $f0 = $f[0]; |
|
| 334 | - $f1 = $f[1]; |
|
| 335 | - $f2 = $f[2]; |
|
| 336 | - $f3 = $f[3]; |
|
| 337 | - $f4 = $f[4]; |
|
| 338 | - $f5 = $f[5]; |
|
| 339 | - $f6 = $f[6]; |
|
| 340 | - $f7 = $f[7]; |
|
| 341 | - $f8 = $f[8]; |
|
| 342 | - $f9 = $f[9]; |
|
| 343 | - $g0 = $g[0]; |
|
| 344 | - $g1 = $g[1]; |
|
| 345 | - $g2 = $g[2]; |
|
| 346 | - $g3 = $g[3]; |
|
| 347 | - $g4 = $g[4]; |
|
| 348 | - $g5 = $g[5]; |
|
| 349 | - $g6 = $g[6]; |
|
| 350 | - $g7 = $g[7]; |
|
| 351 | - $g8 = $g[8]; |
|
| 352 | - $g9 = $g[9]; |
|
| 353 | - $g1_19 = self::mul($g1, 19, 5); |
|
| 354 | - $g2_19 = self::mul($g2, 19, 5); |
|
| 355 | - $g3_19 = self::mul($g3, 19, 5); |
|
| 356 | - $g4_19 = self::mul($g4, 19, 5); |
|
| 357 | - $g5_19 = self::mul($g5, 19, 5); |
|
| 358 | - $g6_19 = self::mul($g6, 19, 5); |
|
| 359 | - $g7_19 = self::mul($g7, 19, 5); |
|
| 360 | - $g8_19 = self::mul($g8, 19, 5); |
|
| 361 | - $g9_19 = self::mul($g9, 19, 5); |
|
| 362 | - $f1_2 = $f1 << 1; |
|
| 363 | - $f3_2 = $f3 << 1; |
|
| 364 | - $f5_2 = $f5 << 1; |
|
| 365 | - $f7_2 = $f7 << 1; |
|
| 366 | - $f9_2 = $f9 << 1; |
|
| 367 | - $f0g0 = self::mul($f0, $g0); |
|
| 368 | - $f0g1 = self::mul($f0, $g1); |
|
| 369 | - $f0g2 = self::mul($f0, $g2); |
|
| 370 | - $f0g3 = self::mul($f0, $g3); |
|
| 371 | - $f0g4 = self::mul($f0, $g4); |
|
| 372 | - $f0g5 = self::mul($f0, $g5); |
|
| 373 | - $f0g6 = self::mul($f0, $g6); |
|
| 374 | - $f0g7 = self::mul($f0, $g7); |
|
| 375 | - $f0g8 = self::mul($f0, $g8); |
|
| 376 | - $f0g9 = self::mul($f0, $g9); |
|
| 377 | - $f1g0 = self::mul($f1, $g0); |
|
| 378 | - $f1g1_2 = self::mul($f1_2, $g1); |
|
| 379 | - $f1g2 = self::mul($f1, $g2); |
|
| 380 | - $f1g3_2 = self::mul($f1_2, $g3); |
|
| 381 | - $f1g4 = self::mul($f1, $g4); |
|
| 382 | - $f1g5_2 = self::mul($f1_2, $g5); |
|
| 383 | - $f1g6 = self::mul($f1, $g6); |
|
| 384 | - $f1g7_2 = self::mul($f1_2, $g7); |
|
| 385 | - $f1g8 = self::mul($f1, $g8); |
|
| 386 | - $f1g9_38 = self::mul($f1_2, $g9_19); |
|
| 387 | - $f2g0 = self::mul($f2, $g0); |
|
| 388 | - $f2g1 = self::mul($f2, $g1); |
|
| 389 | - $f2g2 = self::mul($f2, $g2); |
|
| 390 | - $f2g3 = self::mul($f2, $g3); |
|
| 391 | - $f2g4 = self::mul($f2, $g4); |
|
| 392 | - $f2g5 = self::mul($f2, $g5); |
|
| 393 | - $f2g6 = self::mul($f2, $g6); |
|
| 394 | - $f2g7 = self::mul($f2, $g7); |
|
| 395 | - $f2g8_19 = self::mul($f2, $g8_19); |
|
| 396 | - $f2g9_19 = self::mul($f2, $g9_19); |
|
| 397 | - $f3g0 = self::mul($f3, $g0); |
|
| 398 | - $f3g1_2 = self::mul($f3_2, $g1); |
|
| 399 | - $f3g2 = self::mul($f3, $g2); |
|
| 400 | - $f3g3_2 = self::mul($f3_2, $g3); |
|
| 401 | - $f3g4 = self::mul($f3, $g4); |
|
| 402 | - $f3g5_2 = self::mul($f3_2, $g5); |
|
| 403 | - $f3g6 = self::mul($f3, $g6); |
|
| 404 | - $f3g7_38 = self::mul($f3_2, $g7_19); |
|
| 405 | - $f3g8_19 = self::mul($f3, $g8_19); |
|
| 406 | - $f3g9_38 = self::mul($f3_2, $g9_19); |
|
| 407 | - $f4g0 = self::mul($f4, $g0); |
|
| 408 | - $f4g1 = self::mul($f4, $g1); |
|
| 409 | - $f4g2 = self::mul($f4, $g2); |
|
| 410 | - $f4g3 = self::mul($f4, $g3); |
|
| 411 | - $f4g4 = self::mul($f4, $g4); |
|
| 412 | - $f4g5 = self::mul($f4, $g5); |
|
| 413 | - $f4g6_19 = self::mul($f4, $g6_19); |
|
| 414 | - $f4g7_19 = self::mul($f4, $g7_19); |
|
| 415 | - $f4g8_19 = self::mul($f4, $g8_19); |
|
| 416 | - $f4g9_19 = self::mul($f4, $g9_19); |
|
| 417 | - $f5g0 = self::mul($f5, $g0); |
|
| 418 | - $f5g1_2 = self::mul($f5_2, $g1); |
|
| 419 | - $f5g2 = self::mul($f5, $g2); |
|
| 420 | - $f5g3_2 = self::mul($f5_2, $g3); |
|
| 421 | - $f5g4 = self::mul($f5, $g4); |
|
| 422 | - $f5g5_38 = self::mul($f5_2, $g5_19); |
|
| 423 | - $f5g6_19 = self::mul($f5, $g6_19); |
|
| 424 | - $f5g7_38 = self::mul($f5_2, $g7_19); |
|
| 425 | - $f5g8_19 = self::mul($f5, $g8_19); |
|
| 426 | - $f5g9_38 = self::mul($f5_2, $g9_19); |
|
| 427 | - $f6g0 = self::mul($f6, $g0); |
|
| 428 | - $f6g1 = self::mul($f6, $g1); |
|
| 429 | - $f6g2 = self::mul($f6, $g2); |
|
| 430 | - $f6g3 = self::mul($f6, $g3); |
|
| 431 | - $f6g4_19 = self::mul($f6, $g4_19); |
|
| 432 | - $f6g5_19 = self::mul($f6, $g5_19); |
|
| 433 | - $f6g6_19 = self::mul($f6, $g6_19); |
|
| 434 | - $f6g7_19 = self::mul($f6, $g7_19); |
|
| 435 | - $f6g8_19 = self::mul($f6, $g8_19); |
|
| 436 | - $f6g9_19 = self::mul($f6, $g9_19); |
|
| 437 | - $f7g0 = self::mul($f7, $g0); |
|
| 438 | - $f7g1_2 = self::mul($f7_2, $g1); |
|
| 439 | - $f7g2 = self::mul($f7, $g2); |
|
| 440 | - $f7g3_38 = self::mul($f7_2, $g3_19); |
|
| 441 | - $f7g4_19 = self::mul($f7, $g4_19); |
|
| 442 | - $f7g5_38 = self::mul($f7_2, $g5_19); |
|
| 443 | - $f7g6_19 = self::mul($f7, $g6_19); |
|
| 444 | - $f7g7_38 = self::mul($f7_2, $g7_19); |
|
| 445 | - $f7g8_19 = self::mul($f7, $g8_19); |
|
| 446 | - $f7g9_38 = self::mul($f7_2, $g9_19); |
|
| 447 | - $f8g0 = self::mul($f8, $g0); |
|
| 448 | - $f8g1 = self::mul($f8, $g1); |
|
| 449 | - $f8g2_19 = self::mul($f8, $g2_19); |
|
| 450 | - $f8g3_19 = self::mul($f8, $g3_19); |
|
| 451 | - $f8g4_19 = self::mul($f8, $g4_19); |
|
| 452 | - $f8g5_19 = self::mul($f8, $g5_19); |
|
| 453 | - $f8g6_19 = self::mul($f8, $g6_19); |
|
| 454 | - $f8g7_19 = self::mul($f8, $g7_19); |
|
| 455 | - $f8g8_19 = self::mul($f8, $g8_19); |
|
| 456 | - $f8g9_19 = self::mul($f8, $g9_19); |
|
| 457 | - $f9g0 = self::mul($f9, $g0); |
|
| 458 | - $f9g1_38 = self::mul($f9_2, $g1_19); |
|
| 459 | - $f9g2_19 = self::mul($f9, $g2_19); |
|
| 460 | - $f9g3_38 = self::mul($f9_2, $g3_19); |
|
| 461 | - $f9g4_19 = self::mul($f9, $g4_19); |
|
| 462 | - $f9g5_38 = self::mul($f9_2, $g5_19); |
|
| 463 | - $f9g6_19 = self::mul($f9, $g6_19); |
|
| 464 | - $f9g7_38 = self::mul($f9_2, $g7_19); |
|
| 465 | - $f9g8_19 = self::mul($f9, $g8_19); |
|
| 466 | - $f9g9_38 = self::mul($f9_2, $g9_19); |
|
| 467 | - $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; |
|
| 468 | - $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
|
| 469 | - $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
|
| 470 | - $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
|
| 471 | - $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
|
| 472 | - $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
|
| 473 | - $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
|
| 474 | - $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
|
| 475 | - $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
|
| 476 | - $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; |
|
| 477 | - |
|
| 478 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 479 | - $h1 += $carry0; |
|
| 480 | - $h0 -= $carry0 << 26; |
|
| 481 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 482 | - $h5 += $carry4; |
|
| 483 | - $h4 -= $carry4 << 26; |
|
| 484 | - |
|
| 485 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 486 | - $h2 += $carry1; |
|
| 487 | - $h1 -= $carry1 << 25; |
|
| 488 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 489 | - $h6 += $carry5; |
|
| 490 | - $h5 -= $carry5 << 25; |
|
| 491 | - |
|
| 492 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 493 | - $h3 += $carry2; |
|
| 494 | - $h2 -= $carry2 << 26; |
|
| 495 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 496 | - $h7 += $carry6; |
|
| 497 | - $h6 -= $carry6 << 26; |
|
| 498 | - |
|
| 499 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 500 | - $h4 += $carry3; |
|
| 501 | - $h3 -= $carry3 << 25; |
|
| 502 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 503 | - $h8 += $carry7; |
|
| 504 | - $h7 -= $carry7 << 25; |
|
| 505 | - |
|
| 506 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 507 | - $h5 += $carry4; |
|
| 508 | - $h4 -= $carry4 << 26; |
|
| 509 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 510 | - $h9 += $carry8; |
|
| 511 | - $h8 -= $carry8 << 26; |
|
| 512 | - |
|
| 513 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 514 | - $h0 += self::mul($carry9, 19, 5); |
|
| 515 | - $h9 -= $carry9 << 25; |
|
| 516 | - |
|
| 517 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 518 | - $h1 += $carry0; |
|
| 519 | - $h0 -= $carry0 << 26; |
|
| 520 | - |
|
| 521 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 522 | - array( |
|
| 523 | - (int) $h0, |
|
| 524 | - (int) $h1, |
|
| 525 | - (int) $h2, |
|
| 526 | - (int) $h3, |
|
| 527 | - (int) $h4, |
|
| 528 | - (int) $h5, |
|
| 529 | - (int) $h6, |
|
| 530 | - (int) $h7, |
|
| 531 | - (int) $h8, |
|
| 532 | - (int) $h9 |
|
| 533 | - ) |
|
| 534 | - ); |
|
| 535 | - } |
|
| 536 | - |
|
| 537 | - /** |
|
| 538 | - * Get the negative values for each piece of the field element. |
|
| 539 | - * |
|
| 540 | - * h = -f |
|
| 541 | - * |
|
| 542 | - * @internal You should not use this directly from another application |
|
| 543 | - * |
|
| 544 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 545 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 546 | - */ |
|
| 547 | - public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 548 | - { |
|
| 549 | - $h = new ParagonIE_Sodium_Core_Curve25519_Fe(); |
|
| 550 | - for ($i = 0; $i < 10; ++$i) { |
|
| 551 | - $h[$i] = -$f[$i]; |
|
| 552 | - } |
|
| 553 | - return $h; |
|
| 554 | - } |
|
| 555 | - |
|
| 556 | - /** |
|
| 557 | - * Square a field element |
|
| 558 | - * |
|
| 559 | - * h = f * f |
|
| 560 | - * |
|
| 561 | - * @internal You should not use this directly from another application |
|
| 562 | - * |
|
| 563 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 564 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 565 | - */ |
|
| 566 | - public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 567 | - { |
|
| 568 | - $f0 = (int) $f[0]; |
|
| 569 | - $f1 = (int) $f[1]; |
|
| 570 | - $f2 = (int) $f[2]; |
|
| 571 | - $f3 = (int) $f[3]; |
|
| 572 | - $f4 = (int) $f[4]; |
|
| 573 | - $f5 = (int) $f[5]; |
|
| 574 | - $f6 = (int) $f[6]; |
|
| 575 | - $f7 = (int) $f[7]; |
|
| 576 | - $f8 = (int) $f[8]; |
|
| 577 | - $f9 = (int) $f[9]; |
|
| 578 | - |
|
| 579 | - $f0_2 = $f0 << 1; |
|
| 580 | - $f1_2 = $f1 << 1; |
|
| 581 | - $f2_2 = $f2 << 1; |
|
| 582 | - $f3_2 = $f3 << 1; |
|
| 583 | - $f4_2 = $f4 << 1; |
|
| 584 | - $f5_2 = $f5 << 1; |
|
| 585 | - $f6_2 = $f6 << 1; |
|
| 586 | - $f7_2 = $f7 << 1; |
|
| 587 | - $f5_38 = self::mul($f5, 38, 6); |
|
| 588 | - $f6_19 = self::mul($f6, 19, 5); |
|
| 589 | - $f7_38 = self::mul($f7, 38, 6); |
|
| 590 | - $f8_19 = self::mul($f8, 19, 5); |
|
| 591 | - $f9_38 = self::mul($f9, 38, 6); |
|
| 592 | - $f0f0 = self::mul($f0, $f0); |
|
| 593 | - $f0f1_2 = self::mul($f0_2, $f1); |
|
| 594 | - $f0f2_2 = self::mul($f0_2, $f2); |
|
| 595 | - $f0f3_2 = self::mul($f0_2, $f3); |
|
| 596 | - $f0f4_2 = self::mul($f0_2, $f4); |
|
| 597 | - $f0f5_2 = self::mul($f0_2, $f5); |
|
| 598 | - $f0f6_2 = self::mul($f0_2, $f6); |
|
| 599 | - $f0f7_2 = self::mul($f0_2, $f7); |
|
| 600 | - $f0f8_2 = self::mul($f0_2, $f8); |
|
| 601 | - $f0f9_2 = self::mul($f0_2, $f9); |
|
| 602 | - $f1f1_2 = self::mul($f1_2, $f1); |
|
| 603 | - $f1f2_2 = self::mul($f1_2, $f2); |
|
| 604 | - $f1f3_4 = self::mul($f1_2, $f3_2); |
|
| 605 | - $f1f4_2 = self::mul($f1_2, $f4); |
|
| 606 | - $f1f5_4 = self::mul($f1_2, $f5_2); |
|
| 607 | - $f1f6_2 = self::mul($f1_2, $f6); |
|
| 608 | - $f1f7_4 = self::mul($f1_2, $f7_2); |
|
| 609 | - $f1f8_2 = self::mul($f1_2, $f8); |
|
| 610 | - $f1f9_76 = self::mul($f1_2, $f9_38); |
|
| 611 | - $f2f2 = self::mul($f2, $f2); |
|
| 612 | - $f2f3_2 = self::mul($f2_2, $f3); |
|
| 613 | - $f2f4_2 = self::mul($f2_2, $f4); |
|
| 614 | - $f2f5_2 = self::mul($f2_2, $f5); |
|
| 615 | - $f2f6_2 = self::mul($f2_2, $f6); |
|
| 616 | - $f2f7_2 = self::mul($f2_2, $f7); |
|
| 617 | - $f2f8_38 = self::mul($f2_2, $f8_19); |
|
| 618 | - $f2f9_38 = self::mul($f2, $f9_38); |
|
| 619 | - $f3f3_2 = self::mul($f3_2, $f3); |
|
| 620 | - $f3f4_2 = self::mul($f3_2, $f4); |
|
| 621 | - $f3f5_4 = self::mul($f3_2, $f5_2); |
|
| 622 | - $f3f6_2 = self::mul($f3_2, $f6); |
|
| 623 | - $f3f7_76 = self::mul($f3_2, $f7_38); |
|
| 624 | - $f3f8_38 = self::mul($f3_2, $f8_19); |
|
| 625 | - $f3f9_76 = self::mul($f3_2, $f9_38); |
|
| 626 | - $f4f4 = self::mul($f4, $f4); |
|
| 627 | - $f4f5_2 = self::mul($f4_2, $f5); |
|
| 628 | - $f4f6_38 = self::mul($f4_2, $f6_19); |
|
| 629 | - $f4f7_38 = self::mul($f4, $f7_38); |
|
| 630 | - $f4f8_38 = self::mul($f4_2, $f8_19); |
|
| 631 | - $f4f9_38 = self::mul($f4, $f9_38); |
|
| 632 | - $f5f5_38 = self::mul($f5, $f5_38); |
|
| 633 | - $f5f6_38 = self::mul($f5_2, $f6_19); |
|
| 634 | - $f5f7_76 = self::mul($f5_2, $f7_38); |
|
| 635 | - $f5f8_38 = self::mul($f5_2, $f8_19); |
|
| 636 | - $f5f9_76 = self::mul($f5_2, $f9_38); |
|
| 637 | - $f6f6_19 = self::mul($f6, $f6_19); |
|
| 638 | - $f6f7_38 = self::mul($f6, $f7_38); |
|
| 639 | - $f6f8_38 = self::mul($f6_2, $f8_19); |
|
| 640 | - $f6f9_38 = self::mul($f6, $f9_38); |
|
| 641 | - $f7f7_38 = self::mul($f7, $f7_38); |
|
| 642 | - $f7f8_38 = self::mul($f7_2, $f8_19); |
|
| 643 | - $f7f9_76 = self::mul($f7_2, $f9_38); |
|
| 644 | - $f8f8_19 = self::mul($f8, $f8_19); |
|
| 645 | - $f8f9_38 = self::mul($f8, $f9_38); |
|
| 646 | - $f9f9_38 = self::mul($f9, $f9_38); |
|
| 647 | - $h0 = $f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38; |
|
| 648 | - $h1 = $f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38; |
|
| 649 | - $h2 = $f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19; |
|
| 650 | - $h3 = $f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38; |
|
| 651 | - $h4 = $f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38; |
|
| 652 | - $h5 = $f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38; |
|
| 653 | - $h6 = $f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19; |
|
| 654 | - $h7 = $f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38; |
|
| 655 | - $h8 = $f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38; |
|
| 656 | - $h9 = $f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2; |
|
| 657 | - |
|
| 658 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 659 | - $h1 += $carry0; |
|
| 660 | - $h0 -= $carry0 << 26; |
|
| 661 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 662 | - $h5 += $carry4; |
|
| 663 | - $h4 -= $carry4 << 26; |
|
| 664 | - |
|
| 665 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 666 | - $h2 += $carry1; |
|
| 667 | - $h1 -= $carry1 << 25; |
|
| 668 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 669 | - $h6 += $carry5; |
|
| 670 | - $h5 -= $carry5 << 25; |
|
| 671 | - |
|
| 672 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 673 | - $h3 += $carry2; |
|
| 674 | - $h2 -= $carry2 << 26; |
|
| 675 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 676 | - $h7 += $carry6; |
|
| 677 | - $h6 -= $carry6 << 26; |
|
| 678 | - |
|
| 679 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 680 | - $h4 += $carry3; |
|
| 681 | - $h3 -= $carry3 << 25; |
|
| 682 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 683 | - $h8 += $carry7; |
|
| 684 | - $h7 -= $carry7 << 25; |
|
| 685 | - |
|
| 686 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 687 | - $h5 += $carry4; |
|
| 688 | - $h4 -= $carry4 << 26; |
|
| 689 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 690 | - $h9 += $carry8; |
|
| 691 | - $h8 -= $carry8 << 26; |
|
| 692 | - |
|
| 693 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 694 | - $h0 += self::mul($carry9, 19, 5); |
|
| 695 | - $h9 -= $carry9 << 25; |
|
| 696 | - |
|
| 697 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 698 | - $h1 += $carry0; |
|
| 699 | - $h0 -= $carry0 << 26; |
|
| 700 | - |
|
| 701 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 702 | - array( |
|
| 703 | - (int) $h0, |
|
| 704 | - (int) $h1, |
|
| 705 | - (int) $h2, |
|
| 706 | - (int) $h3, |
|
| 707 | - (int) $h4, |
|
| 708 | - (int) $h5, |
|
| 709 | - (int) $h6, |
|
| 710 | - (int) $h7, |
|
| 711 | - (int) $h8, |
|
| 712 | - (int) $h9 |
|
| 713 | - ) |
|
| 714 | - ); |
|
| 715 | - } |
|
| 716 | - |
|
| 717 | - |
|
| 718 | - /** |
|
| 719 | - * Square and double a field element |
|
| 720 | - * |
|
| 721 | - * h = 2 * f * f |
|
| 722 | - * |
|
| 723 | - * @internal You should not use this directly from another application |
|
| 724 | - * |
|
| 725 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 726 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 727 | - */ |
|
| 728 | - public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 729 | - { |
|
| 730 | - $f0 = (int) $f[0]; |
|
| 731 | - $f1 = (int) $f[1]; |
|
| 732 | - $f2 = (int) $f[2]; |
|
| 733 | - $f3 = (int) $f[3]; |
|
| 734 | - $f4 = (int) $f[4]; |
|
| 735 | - $f5 = (int) $f[5]; |
|
| 736 | - $f6 = (int) $f[6]; |
|
| 737 | - $f7 = (int) $f[7]; |
|
| 738 | - $f8 = (int) $f[8]; |
|
| 739 | - $f9 = (int) $f[9]; |
|
| 740 | - |
|
| 741 | - $f0_2 = $f0 << 1; |
|
| 742 | - $f1_2 = $f1 << 1; |
|
| 743 | - $f2_2 = $f2 << 1; |
|
| 744 | - $f3_2 = $f3 << 1; |
|
| 745 | - $f4_2 = $f4 << 1; |
|
| 746 | - $f5_2 = $f5 << 1; |
|
| 747 | - $f6_2 = $f6 << 1; |
|
| 748 | - $f7_2 = $f7 << 1; |
|
| 749 | - $f5_38 = self::mul($f5, 38, 6); /* 1.959375*2^30 */ |
|
| 750 | - $f6_19 = self::mul($f6, 19, 5); /* 1.959375*2^30 */ |
|
| 751 | - $f7_38 = self::mul($f7, 38, 6); /* 1.959375*2^30 */ |
|
| 752 | - $f8_19 = self::mul($f8, 19, 5); /* 1.959375*2^30 */ |
|
| 753 | - $f9_38 = self::mul($f9, 38, 6); /* 1.959375*2^30 */ |
|
| 754 | - $f0f0 = self::mul($f0, (int) $f0); |
|
| 755 | - $f0f1_2 = self::mul($f0_2, (int) $f1); |
|
| 756 | - $f0f2_2 = self::mul($f0_2, (int) $f2); |
|
| 757 | - $f0f3_2 = self::mul($f0_2, (int) $f3); |
|
| 758 | - $f0f4_2 = self::mul($f0_2, (int) $f4); |
|
| 759 | - $f0f5_2 = self::mul($f0_2, (int) $f5); |
|
| 760 | - $f0f6_2 = self::mul($f0_2, (int) $f6); |
|
| 761 | - $f0f7_2 = self::mul($f0_2, (int) $f7); |
|
| 762 | - $f0f8_2 = self::mul($f0_2, (int) $f8); |
|
| 763 | - $f0f9_2 = self::mul($f0_2, (int) $f9); |
|
| 764 | - $f1f1_2 = self::mul($f1_2, (int) $f1); |
|
| 765 | - $f1f2_2 = self::mul($f1_2, (int) $f2); |
|
| 766 | - $f1f3_4 = self::mul($f1_2, (int) $f3_2); |
|
| 767 | - $f1f4_2 = self::mul($f1_2, (int) $f4); |
|
| 768 | - $f1f5_4 = self::mul($f1_2, (int) $f5_2); |
|
| 769 | - $f1f6_2 = self::mul($f1_2, (int) $f6); |
|
| 770 | - $f1f7_4 = self::mul($f1_2, (int) $f7_2); |
|
| 771 | - $f1f8_2 = self::mul($f1_2, (int) $f8); |
|
| 772 | - $f1f9_76 = self::mul($f1_2, (int) $f9_38); |
|
| 773 | - $f2f2 = self::mul($f2, (int) $f2); |
|
| 774 | - $f2f3_2 = self::mul($f2_2, (int) $f3); |
|
| 775 | - $f2f4_2 = self::mul($f2_2, (int) $f4); |
|
| 776 | - $f2f5_2 = self::mul($f2_2, (int) $f5); |
|
| 777 | - $f2f6_2 = self::mul($f2_2, (int) $f6); |
|
| 778 | - $f2f7_2 = self::mul($f2_2, (int) $f7); |
|
| 779 | - $f2f8_38 = self::mul($f2_2, (int) $f8_19); |
|
| 780 | - $f2f9_38 = self::mul($f2, (int) $f9_38); |
|
| 781 | - $f3f3_2 = self::mul($f3_2, (int) $f3); |
|
| 782 | - $f3f4_2 = self::mul($f3_2, (int) $f4); |
|
| 783 | - $f3f5_4 = self::mul($f3_2, (int) $f5_2); |
|
| 784 | - $f3f6_2 = self::mul($f3_2, (int) $f6); |
|
| 785 | - $f3f7_76 = self::mul($f3_2, (int) $f7_38); |
|
| 786 | - $f3f8_38 = self::mul($f3_2, (int) $f8_19); |
|
| 787 | - $f3f9_76 = self::mul($f3_2, (int) $f9_38); |
|
| 788 | - $f4f4 = self::mul($f4, (int) $f4); |
|
| 789 | - $f4f5_2 = self::mul($f4_2, (int) $f5); |
|
| 790 | - $f4f6_38 = self::mul($f4_2, (int) $f6_19); |
|
| 791 | - $f4f7_38 = self::mul($f4, (int) $f7_38); |
|
| 792 | - $f4f8_38 = self::mul($f4_2, (int) $f8_19); |
|
| 793 | - $f4f9_38 = self::mul($f4, (int) $f9_38); |
|
| 794 | - $f5f5_38 = self::mul($f5, (int) $f5_38); |
|
| 795 | - $f5f6_38 = self::mul($f5_2, (int) $f6_19); |
|
| 796 | - $f5f7_76 = self::mul($f5_2, (int) $f7_38); |
|
| 797 | - $f5f8_38 = self::mul($f5_2, (int) $f8_19); |
|
| 798 | - $f5f9_76 = self::mul($f5_2, (int) $f9_38); |
|
| 799 | - $f6f6_19 = self::mul($f6, (int) $f6_19); |
|
| 800 | - $f6f7_38 = self::mul($f6, (int) $f7_38); |
|
| 801 | - $f6f8_38 = self::mul($f6_2, (int) $f8_19); |
|
| 802 | - $f6f9_38 = self::mul($f6, (int) $f9_38); |
|
| 803 | - $f7f7_38 = self::mul($f7, (int) $f7_38); |
|
| 804 | - $f7f8_38 = self::mul($f7_2, (int) $f8_19); |
|
| 805 | - $f7f9_76 = self::mul($f7_2, (int) $f9_38); |
|
| 806 | - $f8f8_19 = self::mul($f8, (int) $f8_19); |
|
| 807 | - $f8f9_38 = self::mul($f8, (int) $f9_38); |
|
| 808 | - $f9f9_38 = self::mul($f9, (int) $f9_38); |
|
| 809 | - |
|
| 810 | - $h0 = (int) ($f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38); |
|
| 811 | - $h1 = (int) ($f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38); |
|
| 812 | - $h2 = (int) ($f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19); |
|
| 813 | - $h3 = (int) ($f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38); |
|
| 814 | - $h4 = (int) ($f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38); |
|
| 815 | - $h5 = (int) ($f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38); |
|
| 816 | - $h6 = (int) ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19); |
|
| 817 | - $h7 = (int) ($f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38); |
|
| 818 | - $h8 = (int) ($f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38); |
|
| 819 | - $h9 = (int) ($f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2); |
|
| 820 | - |
|
| 821 | - $h0 = (int) ($h0 + $h0); |
|
| 822 | - $h1 = (int) ($h1 + $h1); |
|
| 823 | - $h2 = (int) ($h2 + $h2); |
|
| 824 | - $h3 = (int) ($h3 + $h3); |
|
| 825 | - $h4 = (int) ($h4 + $h4); |
|
| 826 | - $h5 = (int) ($h5 + $h5); |
|
| 827 | - $h6 = (int) ($h6 + $h6); |
|
| 828 | - $h7 = (int) ($h7 + $h7); |
|
| 829 | - $h8 = (int) ($h8 + $h8); |
|
| 830 | - $h9 = (int) ($h9 + $h9); |
|
| 831 | - |
|
| 832 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 833 | - $h1 += $carry0; |
|
| 834 | - $h0 -= $carry0 << 26; |
|
| 835 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 836 | - $h5 += $carry4; |
|
| 837 | - $h4 -= $carry4 << 26; |
|
| 838 | - |
|
| 839 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 840 | - $h2 += $carry1; |
|
| 841 | - $h1 -= $carry1 << 25; |
|
| 842 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 843 | - $h6 += $carry5; |
|
| 844 | - $h5 -= $carry5 << 25; |
|
| 845 | - |
|
| 846 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 847 | - $h3 += $carry2; |
|
| 848 | - $h2 -= $carry2 << 26; |
|
| 849 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 850 | - $h7 += $carry6; |
|
| 851 | - $h6 -= $carry6 << 26; |
|
| 852 | - |
|
| 853 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 854 | - $h4 += $carry3; |
|
| 855 | - $h3 -= $carry3 << 25; |
|
| 856 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 857 | - $h8 += $carry7; |
|
| 858 | - $h7 -= $carry7 << 25; |
|
| 859 | - |
|
| 860 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 861 | - $h5 += $carry4; |
|
| 862 | - $h4 -= $carry4 << 26; |
|
| 863 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 864 | - $h9 += $carry8; |
|
| 865 | - $h8 -= $carry8 << 26; |
|
| 866 | - |
|
| 867 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 868 | - $h0 += self::mul($carry9, 19, 5); |
|
| 869 | - $h9 -= $carry9 << 25; |
|
| 870 | - |
|
| 871 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 872 | - $h1 += $carry0; |
|
| 873 | - $h0 -= $carry0 << 26; |
|
| 874 | - |
|
| 875 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 876 | - array( |
|
| 877 | - (int) $h0, |
|
| 878 | - (int) $h1, |
|
| 879 | - (int) $h2, |
|
| 880 | - (int) $h3, |
|
| 881 | - (int) $h4, |
|
| 882 | - (int) $h5, |
|
| 883 | - (int) $h6, |
|
| 884 | - (int) $h7, |
|
| 885 | - (int) $h8, |
|
| 886 | - (int) $h9 |
|
| 887 | - ) |
|
| 888 | - ); |
|
| 889 | - } |
|
| 890 | - |
|
| 891 | - /** |
|
| 892 | - * @internal You should not use this directly from another application |
|
| 893 | - * |
|
| 894 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $Z |
|
| 895 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 896 | - */ |
|
| 897 | - public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) |
|
| 898 | - { |
|
| 899 | - $z = clone $Z; |
|
| 900 | - $t0 = self::fe_sq($z); |
|
| 901 | - $t1 = self::fe_sq($t0); |
|
| 902 | - $t1 = self::fe_sq($t1); |
|
| 903 | - $t1 = self::fe_mul($z, $t1); |
|
| 904 | - $t0 = self::fe_mul($t0, $t1); |
|
| 905 | - $t2 = self::fe_sq($t0); |
|
| 906 | - $t1 = self::fe_mul($t1, $t2); |
|
| 907 | - $t2 = self::fe_sq($t1); |
|
| 908 | - for ($i = 1; $i < 5; ++$i) { |
|
| 909 | - $t2 = self::fe_sq($t2); |
|
| 910 | - } |
|
| 911 | - $t1 = self::fe_mul($t2, $t1); |
|
| 912 | - $t2 = self::fe_sq($t1); |
|
| 913 | - for ($i = 1; $i < 10; ++$i) { |
|
| 914 | - $t2 = self::fe_sq($t2); |
|
| 915 | - } |
|
| 916 | - $t2 = self::fe_mul($t2, $t1); |
|
| 917 | - $t3 = self::fe_sq($t2); |
|
| 918 | - for ($i = 1; $i < 20; ++$i) { |
|
| 919 | - $t3 = self::fe_sq($t3); |
|
| 920 | - } |
|
| 921 | - $t2 = self::fe_mul($t3, $t2); |
|
| 922 | - $t2 = self::fe_sq($t2); |
|
| 923 | - for ($i = 1; $i < 10; ++$i) { |
|
| 924 | - $t2 = self::fe_sq($t2); |
|
| 925 | - } |
|
| 926 | - $t1 = self::fe_mul($t2, $t1); |
|
| 927 | - $t2 = self::fe_sq($t1); |
|
| 928 | - for ($i = 1; $i < 50; ++$i) { |
|
| 929 | - $t2 = self::fe_sq($t2); |
|
| 930 | - } |
|
| 931 | - $t2 = self::fe_mul($t2, $t1); |
|
| 932 | - $t3 = self::fe_sq($t2); |
|
| 933 | - for ($i = 1; $i < 100; ++$i) { |
|
| 934 | - $t3 = self::fe_sq($t3); |
|
| 935 | - } |
|
| 936 | - $t2 = self::fe_mul($t3, $t2); |
|
| 937 | - $t2 = self::fe_sq($t2); |
|
| 938 | - for ($i = 1; $i < 50; ++$i) { |
|
| 939 | - $t2 = self::fe_sq($t2); |
|
| 940 | - } |
|
| 941 | - $t1 = self::fe_mul($t2, $t1); |
|
| 942 | - $t1 = self::fe_sq($t1); |
|
| 943 | - for ($i = 1; $i < 5; ++$i) { |
|
| 944 | - $t1 = self::fe_sq($t1); |
|
| 945 | - } |
|
| 946 | - return self::fe_mul($t1, $t0); |
|
| 947 | - } |
|
| 948 | - |
|
| 949 | - /** |
|
| 950 | - * @internal You should not use this directly from another application |
|
| 951 | - * |
|
| 952 | - * @ref https://github.com/jedisct1/libsodium/blob/68564326e1e9dc57ef03746f85734232d20ca6fb/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1054-L1106 |
|
| 953 | - * |
|
| 954 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $z |
|
| 955 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 956 | - */ |
|
| 957 | - public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) |
|
| 958 | - { |
|
| 959 | - # fe_sq(t0, z); |
|
| 960 | - # fe_sq(t1, t0); |
|
| 961 | - # fe_sq(t1, t1); |
|
| 962 | - # fe_mul(t1, z, t1); |
|
| 963 | - # fe_mul(t0, t0, t1); |
|
| 964 | - # fe_sq(t0, t0); |
|
| 965 | - # fe_mul(t0, t1, t0); |
|
| 966 | - # fe_sq(t1, t0); |
|
| 967 | - $t0 = self::fe_sq($z); |
|
| 968 | - $t1 = self::fe_sq($t0); |
|
| 969 | - $t1 = self::fe_sq($t1); |
|
| 970 | - $t1 = self::fe_mul($z, $t1); |
|
| 971 | - $t0 = self::fe_mul($t0, $t1); |
|
| 972 | - $t0 = self::fe_sq($t0); |
|
| 973 | - $t0 = self::fe_mul($t1, $t0); |
|
| 974 | - $t1 = self::fe_sq($t0); |
|
| 975 | - |
|
| 976 | - # for (i = 1; i < 5; ++i) { |
|
| 977 | - # fe_sq(t1, t1); |
|
| 978 | - # } |
|
| 979 | - for ($i = 1; $i < 5; ++$i) { |
|
| 980 | - $t1 = self::fe_sq($t1); |
|
| 981 | - } |
|
| 982 | - |
|
| 983 | - # fe_mul(t0, t1, t0); |
|
| 984 | - # fe_sq(t1, t0); |
|
| 985 | - $t0 = self::fe_mul($t1, $t0); |
|
| 986 | - $t1 = self::fe_sq($t0); |
|
| 987 | - |
|
| 988 | - # for (i = 1; i < 10; ++i) { |
|
| 989 | - # fe_sq(t1, t1); |
|
| 990 | - # } |
|
| 991 | - for ($i = 1; $i < 10; ++$i) { |
|
| 992 | - $t1 = self::fe_sq($t1); |
|
| 993 | - } |
|
| 994 | - |
|
| 995 | - # fe_mul(t1, t1, t0); |
|
| 996 | - # fe_sq(t2, t1); |
|
| 997 | - $t1 = self::fe_mul($t1, $t0); |
|
| 998 | - $t2 = self::fe_sq($t1); |
|
| 999 | - |
|
| 1000 | - # for (i = 1; i < 20; ++i) { |
|
| 1001 | - # fe_sq(t2, t2); |
|
| 1002 | - # } |
|
| 1003 | - for ($i = 1; $i < 20; ++$i) { |
|
| 1004 | - $t2 = self::fe_sq($t2); |
|
| 1005 | - } |
|
| 1006 | - |
|
| 1007 | - # fe_mul(t1, t2, t1); |
|
| 1008 | - # fe_sq(t1, t1); |
|
| 1009 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1010 | - $t1 = self::fe_sq($t1); |
|
| 1011 | - |
|
| 1012 | - # for (i = 1; i < 10; ++i) { |
|
| 1013 | - # fe_sq(t1, t1); |
|
| 1014 | - # } |
|
| 1015 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1016 | - $t1 = self::fe_sq($t1); |
|
| 1017 | - } |
|
| 1018 | - |
|
| 1019 | - # fe_mul(t0, t1, t0); |
|
| 1020 | - # fe_sq(t1, t0); |
|
| 1021 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1022 | - $t1 = self::fe_sq($t0); |
|
| 1023 | - |
|
| 1024 | - # for (i = 1; i < 50; ++i) { |
|
| 1025 | - # fe_sq(t1, t1); |
|
| 1026 | - # } |
|
| 1027 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1028 | - $t1 = self::fe_sq($t1); |
|
| 1029 | - } |
|
| 1030 | - |
|
| 1031 | - # fe_mul(t1, t1, t0); |
|
| 1032 | - # fe_sq(t2, t1); |
|
| 1033 | - $t1 = self::fe_mul($t1, $t0); |
|
| 1034 | - $t2 = self::fe_sq($t1); |
|
| 1035 | - |
|
| 1036 | - # for (i = 1; i < 100; ++i) { |
|
| 1037 | - # fe_sq(t2, t2); |
|
| 1038 | - # } |
|
| 1039 | - for ($i = 1; $i < 100; ++$i) { |
|
| 1040 | - $t2 = self::fe_sq($t2); |
|
| 1041 | - } |
|
| 1042 | - |
|
| 1043 | - # fe_mul(t1, t2, t1); |
|
| 1044 | - # fe_sq(t1, t1); |
|
| 1045 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1046 | - $t1 = self::fe_sq($t1); |
|
| 1047 | - |
|
| 1048 | - # for (i = 1; i < 50; ++i) { |
|
| 1049 | - # fe_sq(t1, t1); |
|
| 1050 | - # } |
|
| 1051 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1052 | - $t1 = self::fe_sq($t1); |
|
| 1053 | - } |
|
| 1054 | - |
|
| 1055 | - # fe_mul(t0, t1, t0); |
|
| 1056 | - # fe_sq(t0, t0); |
|
| 1057 | - # fe_sq(t0, t0); |
|
| 1058 | - # fe_mul(out, t0, z); |
|
| 1059 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1060 | - $t0 = self::fe_sq($t0); |
|
| 1061 | - $t0 = self::fe_sq($t0); |
|
| 1062 | - return self::fe_mul($t0, $z); |
|
| 1063 | - } |
|
| 1064 | - |
|
| 1065 | - /** |
|
| 1066 | - * Subtract two field elements. |
|
| 1067 | - * |
|
| 1068 | - * h = f - g |
|
| 1069 | - * |
|
| 1070 | - * Preconditions: |
|
| 1071 | - * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1072 | - * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1073 | - * |
|
| 1074 | - * Postconditions: |
|
| 1075 | - * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. |
|
| 1076 | - * |
|
| 1077 | - * @internal You should not use this directly from another application |
|
| 1078 | - * |
|
| 1079 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 1080 | - * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 1081 | - * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 1082 | - */ |
|
| 1083 | - public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) |
|
| 1084 | - { |
|
| 1085 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 1086 | - array( |
|
| 1087 | - (int) ($f[0] - $g[0]), |
|
| 1088 | - (int) ($f[1] - $g[1]), |
|
| 1089 | - (int) ($f[2] - $g[2]), |
|
| 1090 | - (int) ($f[3] - $g[3]), |
|
| 1091 | - (int) ($f[4] - $g[4]), |
|
| 1092 | - (int) ($f[5] - $g[5]), |
|
| 1093 | - (int) ($f[6] - $g[6]), |
|
| 1094 | - (int) ($f[7] - $g[7]), |
|
| 1095 | - (int) ($f[8] - $g[8]), |
|
| 1096 | - (int) ($f[9] - $g[9]) |
|
| 1097 | - ) |
|
| 1098 | - ); |
|
| 1099 | - } |
|
| 1100 | - |
|
| 1101 | - /** |
|
| 1102 | - * Add two group elements. |
|
| 1103 | - * |
|
| 1104 | - * r = p + q |
|
| 1105 | - * |
|
| 1106 | - * @internal You should not use this directly from another application |
|
| 1107 | - * |
|
| 1108 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1109 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1110 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1111 | - */ |
|
| 1112 | - public static function ge_add( |
|
| 1113 | - ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1114 | - ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1115 | - ) { |
|
| 1116 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1117 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1118 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1119 | - $r->Z = self::fe_mul($r->X, $q->YplusX); |
|
| 1120 | - $r->Y = self::fe_mul($r->Y, $q->YminusX); |
|
| 1121 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1122 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1123 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1124 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1125 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1126 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1127 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1128 | - return $r; |
|
| 1129 | - } |
|
| 1130 | - |
|
| 1131 | - /** |
|
| 1132 | - * @internal You should not use this directly from another application |
|
| 1133 | - * |
|
| 1134 | - * @ref https://github.com/jedisct1/libsodium/blob/157c4a80c13b117608aeae12178b2d38825f9f8f/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1185-L1215 |
|
| 1135 | - * @param string $a |
|
| 1136 | - * @return array<int, mixed> |
|
| 1137 | - */ |
|
| 1138 | - public static function slide($a) |
|
| 1139 | - { |
|
| 1140 | - if (self::strlen($a) < 256) { |
|
| 1141 | - if (self::strlen($a) < 16) { |
|
| 1142 | - $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
|
| 1143 | - } |
|
| 1144 | - } |
|
| 1145 | - $r = array(); |
|
| 1146 | - for ($i = 0; $i < 256; ++$i) { |
|
| 1147 | - $r[$i] = 1 & ( |
|
| 1148 | - self::chrToInt($a[$i >> 3]) |
|
| 1149 | - >> |
|
| 1150 | - ($i & 7) |
|
| 1151 | - ); |
|
| 1152 | - } |
|
| 1153 | - |
|
| 1154 | - for ($i = 0;$i < 256;++$i) { |
|
| 1155 | - if ($r[$i]) { |
|
| 1156 | - for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { |
|
| 1157 | - if ($r[$i + $b]) { |
|
| 1158 | - if ($r[$i] + ($r[$i + $b] << $b) <= 15) { |
|
| 1159 | - $r[$i] += $r[$i + $b] << $b; |
|
| 1160 | - $r[$i + $b] = 0; |
|
| 1161 | - } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { |
|
| 1162 | - $r[$i] -= $r[$i + $b] << $b; |
|
| 1163 | - for ($k = $i + $b; $k < 256; ++$k) { |
|
| 1164 | - if (!$r[$k]) { |
|
| 1165 | - $r[$k] = 1; |
|
| 1166 | - break; |
|
| 1167 | - } |
|
| 1168 | - $r[$k] = 0; |
|
| 1169 | - } |
|
| 1170 | - } else { |
|
| 1171 | - break; |
|
| 1172 | - } |
|
| 1173 | - } |
|
| 1174 | - } |
|
| 1175 | - } |
|
| 1176 | - } |
|
| 1177 | - return $r; |
|
| 1178 | - } |
|
| 1179 | - |
|
| 1180 | - /** |
|
| 1181 | - * @internal You should not use this directly from another application |
|
| 1182 | - * |
|
| 1183 | - * @param string $s |
|
| 1184 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1185 | - */ |
|
| 1186 | - public static function ge_frombytes_negate_vartime($s) |
|
| 1187 | - { |
|
| 1188 | - static $d = null; |
|
| 1189 | - if (!$d) { |
|
| 1190 | - $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d); |
|
| 1191 | - } |
|
| 1192 | - |
|
| 1193 | - # fe_frombytes(h->Y,s); |
|
| 1194 | - # fe_1(h->Z); |
|
| 1195 | - $h = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( |
|
| 1196 | - self::fe_0(), |
|
| 1197 | - self::fe_frombytes($s), |
|
| 1198 | - self::fe_1() |
|
| 1199 | - ); |
|
| 1200 | - |
|
| 1201 | - # fe_sq(u,h->Y); |
|
| 1202 | - # fe_mul(v,u,d); |
|
| 1203 | - # fe_sub(u,u,h->Z); /* u = y^2-1 */ |
|
| 1204 | - # fe_add(v,v,h->Z); /* v = dy^2+1 */ |
|
| 1205 | - $u = self::fe_sq($h->Y); |
|
| 1206 | - $v = self::fe_mul($u, $d); |
|
| 1207 | - $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ |
|
| 1208 | - $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ |
|
| 1209 | - |
|
| 1210 | - # fe_sq(v3,v); |
|
| 1211 | - # fe_mul(v3,v3,v); /* v3 = v^3 */ |
|
| 1212 | - # fe_sq(h->X,v3); |
|
| 1213 | - # fe_mul(h->X,h->X,v); |
|
| 1214 | - # fe_mul(h->X,h->X,u); /* x = uv^7 */ |
|
| 1215 | - $v3 = self::fe_sq($v); |
|
| 1216 | - $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ |
|
| 1217 | - $h->X = self::fe_sq($v3); |
|
| 1218 | - $h->X = self::fe_mul($h->X, $v); |
|
| 1219 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ |
|
| 1220 | - |
|
| 1221 | - # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1222 | - # fe_mul(h->X,h->X,v3); |
|
| 1223 | - # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1224 | - $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1225 | - $h->X = self::fe_mul($h->X, $v3); |
|
| 1226 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1227 | - |
|
| 1228 | - # fe_sq(vxx,h->X); |
|
| 1229 | - # fe_mul(vxx,vxx,v); |
|
| 1230 | - # fe_sub(check,vxx,u); /* vx^2-u */ |
|
| 1231 | - $vxx = self::fe_sq($h->X); |
|
| 1232 | - $vxx = self::fe_mul($vxx, $v); |
|
| 1233 | - $check = self::fe_sub($vxx, $u); /* vx^2 - u */ |
|
| 1234 | - |
|
| 1235 | - # if (fe_isnonzero(check)) { |
|
| 1236 | - # fe_add(check,vxx,u); /* vx^2+u */ |
|
| 1237 | - # if (fe_isnonzero(check)) { |
|
| 1238 | - # return -1; |
|
| 1239 | - # } |
|
| 1240 | - # fe_mul(h->X,h->X,sqrtm1); |
|
| 1241 | - # } |
|
| 1242 | - if (self::fe_isnonzero($check)) { |
|
| 1243 | - $check = self::fe_add($vxx, $u); /* vx^2 + u */ |
|
| 1244 | - if (self::fe_isnonzero($check)) { |
|
| 1245 | - throw new RangeException('Internal check failed.'); |
|
| 1246 | - } |
|
| 1247 | - $h->X = self::fe_mul( |
|
| 1248 | - $h->X, |
|
| 1249 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1) |
|
| 1250 | - ); |
|
| 1251 | - } |
|
| 1252 | - |
|
| 1253 | - # if (fe_isnegative(h->X) == (s[31] >> 7)) { |
|
| 1254 | - # fe_neg(h->X,h->X); |
|
| 1255 | - # } |
|
| 1256 | - $i = self::chrToInt($s[31]); |
|
| 1257 | - if (self::fe_isnegative($h->X) === ($i >> 7)) { |
|
| 1258 | - $h->X = self::fe_neg($h->X); |
|
| 1259 | - } |
|
| 1260 | - |
|
| 1261 | - # fe_mul(h->T,h->X,h->Y); |
|
| 1262 | - $h->T = self::fe_mul($h->X, $h->Y); |
|
| 1263 | - return $h; |
|
| 1264 | - } |
|
| 1265 | - |
|
| 1266 | - /** |
|
| 1267 | - * @internal You should not use this directly from another application |
|
| 1268 | - * |
|
| 1269 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R |
|
| 1270 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1271 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1272 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1273 | - */ |
|
| 1274 | - public static function ge_madd( |
|
| 1275 | - ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R, |
|
| 1276 | - ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1277 | - ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1278 | - ) { |
|
| 1279 | - $r = clone $R; |
|
| 1280 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1281 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1282 | - $r->Z = self::fe_mul($r->X, $q->yplusx); |
|
| 1283 | - $r->Y = self::fe_mul($r->Y, $q->yminusx); |
|
| 1284 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1285 | - $t0 = self::fe_add(clone $p->Z, clone $p->Z); |
|
| 1286 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1287 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1288 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1289 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1290 | - |
|
| 1291 | - return $r; |
|
| 1292 | - } |
|
| 1293 | - |
|
| 1294 | - /** |
|
| 1295 | - * @internal You should not use this directly from another application |
|
| 1296 | - * |
|
| 1297 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R |
|
| 1298 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1299 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1300 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1301 | - */ |
|
| 1302 | - public static function ge_msub( |
|
| 1303 | - ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R, |
|
| 1304 | - ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1305 | - ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1306 | - ) { |
|
| 1307 | - $r = clone $R; |
|
| 1308 | - |
|
| 1309 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1310 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1311 | - $r->Z = self::fe_mul($r->X, $q->yminusx); |
|
| 1312 | - $r->Y = self::fe_mul($r->Y, $q->yplusx); |
|
| 1313 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1314 | - $t0 = self::fe_add($p->Z, $p->Z); |
|
| 1315 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1316 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1317 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1318 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1319 | - |
|
| 1320 | - return $r; |
|
| 1321 | - } |
|
| 1322 | - |
|
| 1323 | - /** |
|
| 1324 | - * @internal You should not use this directly from another application |
|
| 1325 | - * |
|
| 1326 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
|
| 1327 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1328 | - */ |
|
| 1329 | - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1330 | - { |
|
| 1331 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P2(); |
|
| 1332 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1333 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1334 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1335 | - return $r; |
|
| 1336 | - } |
|
| 1337 | - |
|
| 1338 | - /** |
|
| 1339 | - * @internal You should not use this directly from another application |
|
| 1340 | - * |
|
| 1341 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
|
| 1342 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1343 | - */ |
|
| 1344 | - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1345 | - { |
|
| 1346 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P3(); |
|
| 1347 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1348 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1349 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1350 | - $r->T = self::fe_mul($p->X, $p->Y); |
|
| 1351 | - return $r; |
|
| 1352 | - } |
|
| 1353 | - |
|
| 1354 | - /** |
|
| 1355 | - * @internal You should not use this directly from another application |
|
| 1356 | - * |
|
| 1357 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1358 | - */ |
|
| 1359 | - public static function ge_p2_0() |
|
| 1360 | - { |
|
| 1361 | - return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
|
| 1362 | - self::fe_0(), |
|
| 1363 | - self::fe_1(), |
|
| 1364 | - self::fe_1() |
|
| 1365 | - ); |
|
| 1366 | - } |
|
| 1367 | - |
|
| 1368 | - /** |
|
| 1369 | - * @internal You should not use this directly from another application |
|
| 1370 | - * |
|
| 1371 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p |
|
| 1372 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1373 | - */ |
|
| 1374 | - public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) |
|
| 1375 | - { |
|
| 1376 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1377 | - |
|
| 1378 | - $r->X = self::fe_sq($p->X); |
|
| 1379 | - $r->Z = self::fe_sq($p->Y); |
|
| 1380 | - $r->T = self::fe_sq2($p->Z); |
|
| 1381 | - $r->Y = self::fe_add($p->X, $p->Y); |
|
| 1382 | - $t0 = self::fe_sq($r->Y); |
|
| 1383 | - $r->Y = self::fe_add($r->Z, $r->X); |
|
| 1384 | - $r->Z = self::fe_sub($r->Z, $r->X); |
|
| 1385 | - $r->X = self::fe_sub($t0, $r->Y); |
|
| 1386 | - $r->T = self::fe_sub($r->T, $r->Z); |
|
| 1387 | - |
|
| 1388 | - return $r; |
|
| 1389 | - } |
|
| 1390 | - |
|
| 1391 | - /** |
|
| 1392 | - * @internal You should not use this directly from another application |
|
| 1393 | - * |
|
| 1394 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1395 | - */ |
|
| 1396 | - public static function ge_p3_0() |
|
| 1397 | - { |
|
| 1398 | - return new ParagonIE_Sodium_Core_Curve25519_Ge_P3( |
|
| 1399 | - self::fe_0(), |
|
| 1400 | - self::fe_1(), |
|
| 1401 | - self::fe_1(), |
|
| 1402 | - self::fe_0() |
|
| 1403 | - ); |
|
| 1404 | - } |
|
| 1405 | - |
|
| 1406 | - /** |
|
| 1407 | - * @internal You should not use this directly from another application |
|
| 1408 | - * |
|
| 1409 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1410 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_Cached |
|
| 1411 | - */ |
|
| 1412 | - public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1413 | - { |
|
| 1414 | - static $d2 = null; |
|
| 1415 | - if ($d2 === null) { |
|
| 1416 | - $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d2); |
|
| 1417 | - } |
|
| 1418 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached(); |
|
| 1419 | - $r->YplusX = self::fe_add($p->Y, $p->X); |
|
| 1420 | - $r->YminusX = self::fe_sub($p->Y, $p->X); |
|
| 1421 | - $r->Z = self::fe_copy($p->Z); |
|
| 1422 | - $r->T2d = self::fe_mul($p->T, $d2); |
|
| 1423 | - return $r; |
|
| 1424 | - } |
|
| 1425 | - |
|
| 1426 | - /** |
|
| 1427 | - * @internal You should not use this directly from another application |
|
| 1428 | - * |
|
| 1429 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1430 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1431 | - */ |
|
| 1432 | - public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1433 | - { |
|
| 1434 | - return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
|
| 1435 | - $p->X, |
|
| 1436 | - $p->Y, |
|
| 1437 | - $p->Z |
|
| 1438 | - ); |
|
| 1439 | - } |
|
| 1440 | - |
|
| 1441 | - /** |
|
| 1442 | - * @internal You should not use this directly from another application |
|
| 1443 | - * |
|
| 1444 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h |
|
| 1445 | - * @return string |
|
| 1446 | - */ |
|
| 1447 | - public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) |
|
| 1448 | - { |
|
| 1449 | - $recip = self::fe_invert($h->Z); |
|
| 1450 | - $x = self::fe_mul($h->X, $recip); |
|
| 1451 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1452 | - $s = self::fe_tobytes($y); |
|
| 1453 | - $s[31] = self::intToChr( |
|
| 1454 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1455 | - ); |
|
| 1456 | - return $s; |
|
| 1457 | - } |
|
| 1458 | - |
|
| 1459 | - /** |
|
| 1460 | - * @internal You should not use this directly from another application |
|
| 1461 | - * |
|
| 1462 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1463 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1464 | - */ |
|
| 1465 | - public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1466 | - { |
|
| 1467 | - $q = self::ge_p3_to_p2($p); |
|
| 1468 | - return self::ge_p2_dbl($q); |
|
| 1469 | - } |
|
| 1470 | - |
|
| 1471 | - /** |
|
| 1472 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
|
| 1473 | - */ |
|
| 1474 | - public static function ge_precomp_0() |
|
| 1475 | - { |
|
| 1476 | - return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1477 | - self::fe_1(), |
|
| 1478 | - self::fe_1(), |
|
| 1479 | - self::fe_0() |
|
| 1480 | - ); |
|
| 1481 | - } |
|
| 1482 | - |
|
| 1483 | - /** |
|
| 1484 | - * @internal You should not use this directly from another application |
|
| 1485 | - * |
|
| 1486 | - * @param int $b |
|
| 1487 | - * @param int $c |
|
| 1488 | - * @return int |
|
| 1489 | - */ |
|
| 1490 | - public static function equal($b, $c) |
|
| 1491 | - { |
|
| 1492 | - return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
|
| 1493 | - } |
|
| 1494 | - |
|
| 1495 | - /** |
|
| 1496 | - * @internal You should not use this directly from another application |
|
| 1497 | - * |
|
| 1498 | - * @param int $char |
|
| 1499 | - * @return int (1 = yes, 0 = no) |
|
| 1500 | - */ |
|
| 1501 | - public static function negative($char) |
|
| 1502 | - { |
|
| 1503 | - if (is_int($char)) { |
|
| 1504 | - return $char < 0 ? 1 : 0; |
|
| 1505 | - } |
|
| 1506 | - $x = self::chrToInt(self::substr($char, 0, 1)); |
|
| 1507 | - if (PHP_INT_SIZE === 8) { |
|
| 1508 | - return $x >> 63; |
|
| 1509 | - } |
|
| 1510 | - return $x >> 31; |
|
| 1511 | - } |
|
| 1512 | - |
|
| 1513 | - /** |
|
| 1514 | - * Conditional move |
|
| 1515 | - * |
|
| 1516 | - * @internal You should not use this directly from another application |
|
| 1517 | - * |
|
| 1518 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $t |
|
| 1519 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u |
|
| 1520 | - * @param int $b |
|
| 1521 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
|
| 1522 | - */ |
|
| 1523 | - public static function cmov( |
|
| 1524 | - ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $t, |
|
| 1525 | - ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u, |
|
| 1526 | - $b |
|
| 1527 | - ) { |
|
| 1528 | - if (!is_int($b)) { |
|
| 1529 | - throw new InvalidArgumentException('Expected an integer.'); |
|
| 1530 | - } |
|
| 1531 | - return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1532 | - self::fe_cmov($t->yplusx, $u->yplusx, $b), |
|
| 1533 | - self::fe_cmov($t->yminusx, $u->yminusx, $b), |
|
| 1534 | - self::fe_cmov($t->xy2d, $u->xy2d, $b) |
|
| 1535 | - ); |
|
| 1536 | - } |
|
| 1537 | - |
|
| 1538 | - /** |
|
| 1539 | - * @internal You should not use this directly from another application |
|
| 1540 | - * |
|
| 1541 | - * @param int $pos |
|
| 1542 | - * @param int $b |
|
| 1543 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
|
| 1544 | - */ |
|
| 1545 | - public static function ge_select($pos = 0, $b = 0) |
|
| 1546 | - { |
|
| 1547 | - static $base = null; |
|
| 1548 | - if ($base === null) { |
|
| 1549 | - $base = array(); |
|
| 1550 | - foreach (self::$base as $i => $bas) { |
|
| 1551 | - for ($j = 0; $j < 8; ++$j) { |
|
| 1552 | - $base[$i][$j] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1553 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][0]), |
|
| 1554 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][1]), |
|
| 1555 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][2]) |
|
| 1556 | - ); |
|
| 1557 | - } |
|
| 1558 | - } |
|
| 1559 | - } |
|
| 1560 | - if (!is_int($pos)) { |
|
| 1561 | - throw new InvalidArgumentException('Position must be an integer'); |
|
| 1562 | - } |
|
| 1563 | - if ($pos < 0 || $pos > 31) { |
|
| 1564 | - throw new RangeException('Position is out of range [0, 31]'); |
|
| 1565 | - } |
|
| 1566 | - |
|
| 1567 | - $bnegative = self::negative($b); |
|
| 1568 | - $babs = $b - (((-$bnegative) & $b) << 1); |
|
| 1569 | - |
|
| 1570 | - $t = self::ge_precomp_0(); |
|
| 1571 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1572 | - $t = self::cmov( |
|
| 1573 | - $t, |
|
| 1574 | - $base[$pos][$i], |
|
| 1575 | - self::equal($babs, $i + 1) |
|
| 1576 | - ); |
|
| 1577 | - } |
|
| 1578 | - $minusT = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1579 | - self::fe_copy($t->yminusx), |
|
| 1580 | - self::fe_copy($t->yplusx), |
|
| 1581 | - self::fe_neg($t->xy2d) |
|
| 1582 | - ); |
|
| 1583 | - return self::cmov($t, $minusT, $bnegative); |
|
| 1584 | - } |
|
| 1585 | - |
|
| 1586 | - /** |
|
| 1587 | - * Subtract two group elements. |
|
| 1588 | - * |
|
| 1589 | - * r = p - q |
|
| 1590 | - * |
|
| 1591 | - * @internal You should not use this directly from another application |
|
| 1592 | - * |
|
| 1593 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1594 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1595 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1596 | - */ |
|
| 1597 | - public static function ge_sub( |
|
| 1598 | - ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1599 | - ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1600 | - ) { |
|
| 1601 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1602 | - |
|
| 1603 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1604 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1605 | - $r->Z = self::fe_mul($r->X, $q->YminusX); |
|
| 1606 | - $r->Y = self::fe_mul($r->Y, $q->YplusX); |
|
| 1607 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1608 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1609 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1610 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1611 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1612 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1613 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1614 | - |
|
| 1615 | - return $r; |
|
| 1616 | - } |
|
| 1617 | - |
|
| 1618 | - /** |
|
| 1619 | - * Convert a group element to a byte string. |
|
| 1620 | - * |
|
| 1621 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h |
|
| 1622 | - * @return string |
|
| 1623 | - */ |
|
| 1624 | - public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) |
|
| 1625 | - { |
|
| 1626 | - $recip = self::fe_invert($h->Z); |
|
| 1627 | - $x = self::fe_mul($h->X, $recip); |
|
| 1628 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1629 | - $s = self::fe_tobytes($y); |
|
| 1630 | - $s[31] = self::intToChr( |
|
| 1631 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1632 | - ); |
|
| 1633 | - return $s; |
|
| 1634 | - } |
|
| 1635 | - |
|
| 1636 | - /** |
|
| 1637 | - * @internal You should not use this directly from another application |
|
| 1638 | - * |
|
| 1639 | - * @param string $a |
|
| 1640 | - * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A |
|
| 1641 | - * @param string $b |
|
| 1642 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1643 | - */ |
|
| 1644 | - public static function ge_double_scalarmult_vartime( |
|
| 1645 | - $a, |
|
| 1646 | - ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A, |
|
| 1647 | - $b |
|
| 1648 | - ) { |
|
| 1649 | - /** |
|
| 1650 | - * @var ParagonIE_Sodium_Core_Curve25519_Ge_Cached[] |
|
| 1651 | - */ |
|
| 1652 | - $Ai = array(); |
|
| 1653 | - |
|
| 1654 | - /** |
|
| 1655 | - * @var ParagonIE_Sodium_Core_Curve25519_Ge_Precomp[] |
|
| 1656 | - */ |
|
| 1657 | - static $Bi = array(); |
|
| 1658 | - if (!$Bi) { |
|
| 1659 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1660 | - $Bi[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1661 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][0]), |
|
| 1662 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][1]), |
|
| 1663 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][2]) |
|
| 1664 | - ); |
|
| 1665 | - } |
|
| 1666 | - } |
|
| 1667 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1668 | - $Ai[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached( |
|
| 1669 | - self::fe_0(), |
|
| 1670 | - self::fe_0(), |
|
| 1671 | - self::fe_0(), |
|
| 1672 | - self::fe_0() |
|
| 1673 | - ); |
|
| 1674 | - } |
|
| 1675 | - |
|
| 1676 | - # slide(aslide,a); |
|
| 1677 | - # slide(bslide,b); |
|
| 1678 | - $aslide = self::slide($a); |
|
| 1679 | - $bslide = self::slide($b); |
|
| 1680 | - |
|
| 1681 | - # ge_p3_to_cached(&Ai[0],A); |
|
| 1682 | - # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); |
|
| 1683 | - $Ai[0] = self::ge_p3_to_cached($A); |
|
| 1684 | - $t = self::ge_p3_dbl($A); |
|
| 1685 | - $A2 = self::ge_p1p1_to_p3($t); |
|
| 1686 | - |
|
| 1687 | - # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); |
|
| 1688 | - # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); |
|
| 1689 | - # ge_add(&t,&A2,&Ai[2]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[3],&u); |
|
| 1690 | - # ge_add(&t,&A2,&Ai[3]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[4],&u); |
|
| 1691 | - # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); |
|
| 1692 | - # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); |
|
| 1693 | - # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); |
|
| 1694 | - for ($i = 0; $i < 7; ++$i) { |
|
| 1695 | - $t = self::ge_add($A2, $Ai[$i]); |
|
| 1696 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1697 | - $Ai[$i + 1] = self::ge_p3_to_cached($u); |
|
| 1698 | - } |
|
| 1699 | - |
|
| 1700 | - # ge_p2_0(r); |
|
| 1701 | - $r = self::ge_p2_0(); |
|
| 1702 | - |
|
| 1703 | - # for (i = 255;i >= 0;--i) { |
|
| 1704 | - # if (aslide[i] || bslide[i]) break; |
|
| 1705 | - # } |
|
| 1706 | - $i = 255; |
|
| 1707 | - for (; $i >= 0; --$i) { |
|
| 1708 | - if ($aslide[$i] || $bslide[$i]) { |
|
| 1709 | - break; |
|
| 1710 | - } |
|
| 1711 | - } |
|
| 1712 | - |
|
| 1713 | - # for (;i >= 0;--i) { |
|
| 1714 | - for (; $i >= 0; --$i) { |
|
| 1715 | - # ge_p2_dbl(&t,r); |
|
| 1716 | - $t = self::ge_p2_dbl($r); |
|
| 1717 | - |
|
| 1718 | - # if (aslide[i] > 0) { |
|
| 1719 | - if ($aslide[$i] > 0) { |
|
| 1720 | - # ge_p1p1_to_p3(&u,&t); |
|
| 1721 | - # ge_add(&t,&u,&Ai[aslide[i]/2]); |
|
| 1722 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1723 | - $t = self::ge_add( |
|
| 1724 | - $u, |
|
| 1725 | - $Ai[(int) floor($aslide[$i] / 2)] |
|
| 1726 | - ); |
|
| 1727 | - # } else if (aslide[i] < 0) { |
|
| 1728 | - } elseif ($aslide[$i] < 0) { |
|
| 1729 | - # ge_p1p1_to_p3(&u,&t); |
|
| 1730 | - # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); |
|
| 1731 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1732 | - $t = self::ge_sub( |
|
| 1733 | - $u, |
|
| 1734 | - $Ai[(int) floor(-$aslide[$i] / 2)] |
|
| 1735 | - ); |
|
| 1736 | - } |
|
| 1737 | - |
|
| 1738 | - # if (bslide[i] > 0) { |
|
| 1739 | - if ($bslide[$i] > 0) { |
|
| 1740 | - # ge_p1p1_to_p3(&u,&t); |
|
| 1741 | - # ge_madd(&t,&u,&Bi[bslide[i]/2]); |
|
| 1742 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1743 | - $t = self::ge_madd( |
|
| 1744 | - $t, |
|
| 1745 | - $u, |
|
| 1746 | - $Bi[(int) floor($bslide[$i] / 2)] |
|
| 1747 | - ); |
|
| 1748 | - # } else if (bslide[i] < 0) { |
|
| 1749 | - } elseif ($bslide[$i] < 0) { |
|
| 1750 | - # ge_p1p1_to_p3(&u,&t); |
|
| 1751 | - # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); |
|
| 1752 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1753 | - $t = self::ge_msub( |
|
| 1754 | - $t, |
|
| 1755 | - $u, |
|
| 1756 | - $Bi[(int) floor(-$bslide[$i] / 2)] |
|
| 1757 | - ); |
|
| 1758 | - } |
|
| 1759 | - # ge_p1p1_to_p2(r,&t); |
|
| 1760 | - $r = self::ge_p1p1_to_p2($t); |
|
| 1761 | - } |
|
| 1762 | - return $r; |
|
| 1763 | - } |
|
| 1764 | - |
|
| 1765 | - /** |
|
| 1766 | - * @internal You should not use this directly from another application |
|
| 1767 | - * |
|
| 1768 | - * @param string $a |
|
| 1769 | - * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1770 | - */ |
|
| 1771 | - public static function ge_scalarmult_base($a) |
|
| 1772 | - { |
|
| 1773 | - $e = array(); |
|
| 1774 | - $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1775 | - |
|
| 1776 | - for ($i = 0; $i < 32; ++$i) { |
|
| 1777 | - $e[$i << 1] = self::chrToInt($a[$i]) & 15; |
|
| 1778 | - $e[($i << 1) + 1] = (self::chrToInt($a[$i]) >> 4) & 15; |
|
| 1779 | - } |
|
| 1780 | - |
|
| 1781 | - $carry = 0; |
|
| 1782 | - for ($i = 0; $i < 63; ++$i) { |
|
| 1783 | - $e[$i] += $carry; |
|
| 1784 | - $carry = $e[$i] + 8; |
|
| 1785 | - $carry >>= 4; |
|
| 1786 | - $e[$i] -= $carry << 4; |
|
| 1787 | - } |
|
| 1788 | - $e[63] += $carry; |
|
| 1789 | - |
|
| 1790 | - $h = self::ge_p3_0(); |
|
| 1791 | - |
|
| 1792 | - for ($i = 1; $i < 64; $i += 2) { |
|
| 1793 | - $t = self::ge_select((int) floor($i / 2), $e[$i]); |
|
| 1794 | - $r = self::ge_madd($r, $h, $t); |
|
| 1795 | - $h = self::ge_p1p1_to_p3($r); |
|
| 1796 | - } |
|
| 1797 | - |
|
| 1798 | - $r = self::ge_p3_dbl($h); |
|
| 1799 | - |
|
| 1800 | - $s = self::ge_p1p1_to_p2($r); |
|
| 1801 | - $r = self::ge_p2_dbl($s); |
|
| 1802 | - $s = self::ge_p1p1_to_p2($r); |
|
| 1803 | - $r = self::ge_p2_dbl($s); |
|
| 1804 | - $s = self::ge_p1p1_to_p2($r); |
|
| 1805 | - $r = self::ge_p2_dbl($s); |
|
| 1806 | - |
|
| 1807 | - $h = self::ge_p1p1_to_p3($r); |
|
| 1808 | - |
|
| 1809 | - for ($i = 0; $i < 64; $i += 2) { |
|
| 1810 | - $t = self::ge_select($i >> 1, $e[$i]); |
|
| 1811 | - $r = self::ge_madd($r, $h, $t); |
|
| 1812 | - $h = self::ge_p1p1_to_p3($r); |
|
| 1813 | - } |
|
| 1814 | - return $h; |
|
| 1815 | - } |
|
| 1816 | - |
|
| 1817 | - /** |
|
| 1818 | - * Calculates (ab + c) mod l |
|
| 1819 | - * where l = 2^252 + 27742317777372353535851937790883648493 |
|
| 1820 | - * |
|
| 1821 | - * @internal You should not use this directly from another application |
|
| 1822 | - * |
|
| 1823 | - * @param string $a |
|
| 1824 | - * @param string $b |
|
| 1825 | - * @param string $c |
|
| 1826 | - * @return string |
|
| 1827 | - */ |
|
| 1828 | - public static function sc_muladd($a, $b, $c) |
|
| 1829 | - { |
|
| 1830 | - $a0 = 2097151 & self::load_3(self::substr($a, 0, 3)); |
|
| 1831 | - $a1 = 2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5); |
|
| 1832 | - $a2 = 2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2); |
|
| 1833 | - $a3 = 2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7); |
|
| 1834 | - $a4 = 2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4); |
|
| 1835 | - $a5 = 2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1); |
|
| 1836 | - $a6 = 2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6); |
|
| 1837 | - $a7 = 2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3); |
|
| 1838 | - $a8 = 2097151 & self::load_3(self::substr($a, 21, 3)); |
|
| 1839 | - $a9 = 2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5); |
|
| 1840 | - $a10 = 2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2); |
|
| 1841 | - $a11 = (self::load_4(self::substr($a, 28, 4)) >> 7); |
|
| 1842 | - $b0 = 2097151 & self::load_3(self::substr($b, 0, 3)); |
|
| 1843 | - $b1 = 2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5); |
|
| 1844 | - $b2 = 2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2); |
|
| 1845 | - $b3 = 2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7); |
|
| 1846 | - $b4 = 2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4); |
|
| 1847 | - $b5 = 2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1); |
|
| 1848 | - $b6 = 2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6); |
|
| 1849 | - $b7 = 2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3); |
|
| 1850 | - $b8 = 2097151 & self::load_3(self::substr($b, 21, 3)); |
|
| 1851 | - $b9 = 2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5); |
|
| 1852 | - $b10 = 2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2); |
|
| 1853 | - $b11 = (self::load_4(self::substr($b, 28, 4)) >> 7); |
|
| 1854 | - $c0 = 2097151 & self::load_3(self::substr($c, 0, 3)); |
|
| 1855 | - $c1 = 2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5); |
|
| 1856 | - $c2 = 2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2); |
|
| 1857 | - $c3 = 2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7); |
|
| 1858 | - $c4 = 2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4); |
|
| 1859 | - $c5 = 2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1); |
|
| 1860 | - $c6 = 2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6); |
|
| 1861 | - $c7 = 2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3); |
|
| 1862 | - $c8 = 2097151 & self::load_3(self::substr($c, 21, 3)); |
|
| 1863 | - $c9 = 2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5); |
|
| 1864 | - $c10 = 2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2); |
|
| 1865 | - $c11 = (self::load_4(self::substr($c, 28, 4)) >> 7); |
|
| 1866 | - |
|
| 1867 | - /* Can't really avoid the pyramid here: */ |
|
| 1868 | - $s0 = $c0 + self::mul($a0, $b0); |
|
| 1869 | - $s1 = $c1 + self::mul($a0, $b1) + self::mul($a1, $b0); |
|
| 1870 | - $s2 = $c2 + self::mul($a0, $b2) + self::mul($a1, $b1) + self::mul($a2, $b0); |
|
| 1871 | - $s3 = $c3 + self::mul($a0, $b3) + self::mul($a1, $b2) + self::mul($a2, $b1) + self::mul($a3, $b0); |
|
| 1872 | - $s4 = $c4 + self::mul($a0, $b4) + self::mul($a1, $b3) + self::mul($a2, $b2) + self::mul($a3, $b1) + self::mul($a4, $b0); |
|
| 1873 | - $s5 = $c5 + self::mul($a0, $b5) + self::mul($a1, $b4) + self::mul($a2, $b3) + self::mul($a3, $b2) + self::mul($a4, $b1) + self::mul($a5, $b0); |
|
| 1874 | - $s6 = $c6 + self::mul($a0, $b6) + self::mul($a1, $b5) + self::mul($a2, $b4) + self::mul($a3, $b3) + self::mul($a4, $b2) + self::mul($a5, $b1) + self::mul($a6, $b0); |
|
| 1875 | - $s7 = $c7 + self::mul($a0, $b7) + self::mul($a1, $b6) + self::mul($a2, $b5) + self::mul($a3, $b4) + self::mul($a4, $b3) + self::mul($a5, $b2) + self::mul($a6, $b1) + self::mul($a7, $b0); |
|
| 1876 | - $s8 = $c8 + self::mul($a0, $b8) + self::mul($a1, $b7) + self::mul($a2, $b6) + self::mul($a3, $b5) + self::mul($a4, $b4) + self::mul($a5, $b3) + self::mul($a6, $b2) + self::mul($a7, $b1) + self::mul($a8, $b0); |
|
| 1877 | - $s9 = $c9 + self::mul($a0, $b9) + self::mul($a1, $b8) + self::mul($a2, $b7) + self::mul($a3, $b6) + self::mul($a4, $b5) + self::mul($a5, $b4) + self::mul($a6, $b3) + self::mul($a7, $b2) + self::mul($a8, $b1) + self::mul($a9, $b0); |
|
| 1878 | - $s10 = $c10 + self::mul($a0, $b10) + self::mul($a1, $b9) + self::mul($a2, $b8) + self::mul($a3, $b7) + self::mul($a4, $b6) + self::mul($a5, $b5) + self::mul($a6, $b4) + self::mul($a7, $b3) + self::mul($a8, $b2) + self::mul($a9, $b1) + self::mul($a10, $b0); |
|
| 1879 | - $s11 = $c11 + self::mul($a0, $b11) + self::mul($a1, $b10) + self::mul($a2, $b9) + self::mul($a3, $b8) + self::mul($a4, $b7) + self::mul($a5, $b6) + self::mul($a6, $b5) + self::mul($a7, $b4) + self::mul($a8, $b3) + self::mul($a9, $b2) + self::mul($a10, $b1) + self::mul($a11, $b0); |
|
| 1880 | - $s12 = self::mul($a1, $b11) + self::mul($a2, $b10) + self::mul($a3, $b9) + self::mul($a4, $b8) + self::mul($a5, $b7) + self::mul($a6, $b6) + self::mul($a7, $b5) + self::mul($a8, $b4) + self::mul($a9, $b3) + self::mul($a10, $b2) + self::mul($a11, $b1); |
|
| 1881 | - $s13 = self::mul($a2, $b11) + self::mul($a3, $b10) + self::mul($a4, $b9) + self::mul($a5, $b8) + self::mul($a6, $b7) + self::mul($a7, $b6) + self::mul($a8, $b5) + self::mul($a9, $b4) + self::mul($a10, $b3) + self::mul($a11, $b2); |
|
| 1882 | - $s14 = self::mul($a3, $b11) + self::mul($a4, $b10) + self::mul($a5, $b9) + self::mul($a6, $b8) + self::mul($a7, $b7) + self::mul($a8, $b6) + self::mul($a9, $b5) + self::mul($a10, $b4) + self::mul($a11, $b3); |
|
| 1883 | - $s15 = self::mul($a4, $b11) + self::mul($a5, $b10) + self::mul($a6, $b9) + self::mul($a7, $b8) + self::mul($a8, $b7) + self::mul($a9, $b6) + self::mul($a10, $b5) + self::mul($a11, $b4); |
|
| 1884 | - $s16 = self::mul($a5, $b11) + self::mul($a6, $b10) + self::mul($a7, $b9) + self::mul($a8, $b8) + self::mul($a9, $b7) + self::mul($a10, $b6) + self::mul($a11, $b5); |
|
| 1885 | - $s17 = self::mul($a6, $b11) + self::mul($a7, $b10) + self::mul($a8, $b9) + self::mul($a9, $b8) + self::mul($a10, $b7) + self::mul($a11, $b6); |
|
| 1886 | - $s18 = self::mul($a7, $b11) + self::mul($a8, $b10) + self::mul($a9, $b9) + self::mul($a10, $b8) + self::mul($a11, $b7); |
|
| 1887 | - $s19 = self::mul($a8, $b11) + self::mul($a9, $b10) + self::mul($a10, $b9) + self::mul($a11, $b8); |
|
| 1888 | - $s20 = self::mul($a9, $b11) + self::mul($a10, $b10) + self::mul($a11, $b9); |
|
| 1889 | - $s21 = self::mul($a10, $b11) + self::mul($a11, $b10); |
|
| 1890 | - $s22 = self::mul($a11, $b11); |
|
| 1891 | - $s23 = 0; |
|
| 1892 | - |
|
| 1893 | - $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 1894 | - $s1 += $carry0; |
|
| 1895 | - $s0 -= $carry0 << 21; |
|
| 1896 | - $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 1897 | - $s3 += $carry2; |
|
| 1898 | - $s2 -= $carry2 << 21; |
|
| 1899 | - $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 1900 | - $s5 += $carry4; |
|
| 1901 | - $s4 -= $carry4 << 21; |
|
| 1902 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 1903 | - $s7 += $carry6; |
|
| 1904 | - $s6 -= $carry6 << 21; |
|
| 1905 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 1906 | - $s9 += $carry8; |
|
| 1907 | - $s8 -= $carry8 << 21; |
|
| 1908 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 1909 | - $s11 += $carry10; |
|
| 1910 | - $s10 -= $carry10 << 21; |
|
| 1911 | - $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 1912 | - $s13 += $carry12; |
|
| 1913 | - $s12 -= $carry12 << 21; |
|
| 1914 | - $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 1915 | - $s15 += $carry14; |
|
| 1916 | - $s14 -= $carry14 << 21; |
|
| 1917 | - $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 1918 | - $s17 += $carry16; |
|
| 1919 | - $s16 -= $carry16 << 21; |
|
| 1920 | - $carry18 = ($s18 + (1 << 20)) >> 21; |
|
| 1921 | - $s19 += $carry18; |
|
| 1922 | - $s18 -= $carry18 << 21; |
|
| 1923 | - $carry20 = ($s20 + (1 << 20)) >> 21; |
|
| 1924 | - $s21 += $carry20; |
|
| 1925 | - $s20 -= $carry20 << 21; |
|
| 1926 | - $carry22 = ($s22 + (1 << 20)) >> 21; |
|
| 1927 | - $s23 += $carry22; |
|
| 1928 | - $s22 -= $carry22 << 21; |
|
| 1929 | - |
|
| 1930 | - $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 1931 | - $s2 += $carry1; |
|
| 1932 | - $s1 -= $carry1 << 21; |
|
| 1933 | - $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 1934 | - $s4 += $carry3; |
|
| 1935 | - $s3 -= $carry3 << 21; |
|
| 1936 | - $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 1937 | - $s6 += $carry5; |
|
| 1938 | - $s5 -= $carry5 << 21; |
|
| 1939 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 1940 | - $s8 += $carry7; |
|
| 1941 | - $s7 -= $carry7 << 21; |
|
| 1942 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 1943 | - $s10 += $carry9; |
|
| 1944 | - $s9 -= $carry9 << 21; |
|
| 1945 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 1946 | - $s12 += $carry11; |
|
| 1947 | - $s11 -= $carry11 << 21; |
|
| 1948 | - $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 1949 | - $s14 += $carry13; |
|
| 1950 | - $s13 -= $carry13 << 21; |
|
| 1951 | - $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 1952 | - $s16 += $carry15; |
|
| 1953 | - $s15 -= $carry15 << 21; |
|
| 1954 | - $carry17 = ($s17 + (1 << 20)) >> 21; |
|
| 1955 | - $s18 += $carry17; |
|
| 1956 | - $s17 -= $carry17 << 21; |
|
| 1957 | - $carry19 = ($s19 + (1 << 20)) >> 21; |
|
| 1958 | - $s20 += $carry19; |
|
| 1959 | - $s19 -= $carry19 << 21; |
|
| 1960 | - $carry21 = ($s21 + (1 << 20)) >> 21; |
|
| 1961 | - $s22 += $carry21; |
|
| 1962 | - $s21 -= $carry21 << 21; |
|
| 1963 | - |
|
| 1964 | - $s11 += self::mul($s23, 666643, 20); |
|
| 1965 | - $s12 += self::mul($s23, 470296, 19); |
|
| 1966 | - $s13 += self::mul($s23, 654183, 20); |
|
| 1967 | - $s14 -= self::mul($s23, 997805, 20); |
|
| 1968 | - $s15 += self::mul($s23, 136657, 18); |
|
| 1969 | - $s16 -= self::mul($s23, 683901, 20); |
|
| 1970 | - |
|
| 1971 | - $s10 += self::mul($s22, 666643, 20); |
|
| 1972 | - $s11 += self::mul($s22, 470296, 19); |
|
| 1973 | - $s12 += self::mul($s22, 654183, 20); |
|
| 1974 | - $s13 -= self::mul($s22, 997805, 20); |
|
| 1975 | - $s14 += self::mul($s22, 136657, 18); |
|
| 1976 | - $s15 -= self::mul($s22, 683901, 20); |
|
| 1977 | - |
|
| 1978 | - $s9 += self::mul($s21, 666643, 20); |
|
| 1979 | - $s10 += self::mul($s21, 470296, 19); |
|
| 1980 | - $s11 += self::mul($s21, 654183, 20); |
|
| 1981 | - $s12 -= self::mul($s21, 997805, 20); |
|
| 1982 | - $s13 += self::mul($s21, 136657, 18); |
|
| 1983 | - $s14 -= self::mul($s21, 683901, 20); |
|
| 1984 | - |
|
| 1985 | - $s8 += self::mul($s20, 666643, 20); |
|
| 1986 | - $s9 += self::mul($s20, 470296, 19); |
|
| 1987 | - $s10 += self::mul($s20, 654183, 20); |
|
| 1988 | - $s11 -= self::mul($s20, 997805, 20); |
|
| 1989 | - $s12 += self::mul($s20, 136657, 18); |
|
| 1990 | - $s13 -= self::mul($s20, 683901, 20); |
|
| 1991 | - |
|
| 1992 | - $s7 += self::mul($s19, 666643, 20); |
|
| 1993 | - $s8 += self::mul($s19, 470296, 19); |
|
| 1994 | - $s9 += self::mul($s19, 654183, 20); |
|
| 1995 | - $s10 -= self::mul($s19, 997805, 20); |
|
| 1996 | - $s11 += self::mul($s19, 136657, 18); |
|
| 1997 | - $s12 -= self::mul($s19, 683901, 20); |
|
| 1998 | - |
|
| 1999 | - $s6 += self::mul($s18, 666643, 20); |
|
| 2000 | - $s7 += self::mul($s18, 470296, 19); |
|
| 2001 | - $s8 += self::mul($s18, 654183, 20); |
|
| 2002 | - $s9 -= self::mul($s18, 997805, 20); |
|
| 2003 | - $s10 += self::mul($s18, 136657, 18); |
|
| 2004 | - $s11 -= self::mul($s18, 683901, 20); |
|
| 2005 | - |
|
| 2006 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2007 | - $s7 += $carry6; |
|
| 2008 | - $s6 -= $carry6 << 21; |
|
| 2009 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2010 | - $s9 += $carry8; |
|
| 2011 | - $s8 -= $carry8 << 21; |
|
| 2012 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2013 | - $s11 += $carry10; |
|
| 2014 | - $s10 -= $carry10 << 21; |
|
| 2015 | - $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 2016 | - $s13 += $carry12; |
|
| 2017 | - $s12 -= $carry12 << 21; |
|
| 2018 | - $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 2019 | - $s15 += $carry14; |
|
| 2020 | - $s14 -= $carry14 << 21; |
|
| 2021 | - $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 2022 | - $s17 += $carry16; |
|
| 2023 | - $s16 -= $carry16 << 21; |
|
| 2024 | - |
|
| 2025 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2026 | - $s8 += $carry7; |
|
| 2027 | - $s7 -= $carry7 << 21; |
|
| 2028 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2029 | - $s10 += $carry9; |
|
| 2030 | - $s9 -= $carry9 << 21; |
|
| 2031 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2032 | - $s12 += $carry11; |
|
| 2033 | - $s11 -= $carry11 << 21; |
|
| 2034 | - $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 2035 | - $s14 += $carry13; |
|
| 2036 | - $s13 -= $carry13 << 21; |
|
| 2037 | - $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 2038 | - $s16 += $carry15; |
|
| 2039 | - $s15 -= $carry15 << 21; |
|
| 2040 | - |
|
| 2041 | - $s5 += self::mul($s17, 666643, 20); |
|
| 2042 | - $s6 += self::mul($s17, 470296, 19); |
|
| 2043 | - $s7 += self::mul($s17, 654183, 20); |
|
| 2044 | - $s8 -= self::mul($s17, 997805, 20); |
|
| 2045 | - $s9 += self::mul($s17, 136657, 18); |
|
| 2046 | - $s10 -= self::mul($s17, 683901, 20); |
|
| 2047 | - |
|
| 2048 | - $s4 += self::mul($s16, 666643, 20); |
|
| 2049 | - $s5 += self::mul($s16, 470296, 19); |
|
| 2050 | - $s6 += self::mul($s16, 654183, 20); |
|
| 2051 | - $s7 -= self::mul($s16, 997805, 20); |
|
| 2052 | - $s8 += self::mul($s16, 136657, 18); |
|
| 2053 | - $s9 -= self::mul($s16, 683901, 20); |
|
| 2054 | - |
|
| 2055 | - $s3 += self::mul($s15, 666643, 20); |
|
| 2056 | - $s4 += self::mul($s15, 470296, 19); |
|
| 2057 | - $s5 += self::mul($s15, 654183, 20); |
|
| 2058 | - $s6 -= self::mul($s15, 997805, 20); |
|
| 2059 | - $s7 += self::mul($s15, 136657, 18); |
|
| 2060 | - $s8 -= self::mul($s15, 683901, 20); |
|
| 2061 | - |
|
| 2062 | - $s2 += self::mul($s14, 666643, 20); |
|
| 2063 | - $s3 += self::mul($s14, 470296, 19); |
|
| 2064 | - $s4 += self::mul($s14, 654183, 20); |
|
| 2065 | - $s5 -= self::mul($s14, 997805, 20); |
|
| 2066 | - $s6 += self::mul($s14, 136657, 18); |
|
| 2067 | - $s7 -= self::mul($s14, 683901, 20); |
|
| 2068 | - |
|
| 2069 | - $s1 += self::mul($s13, 666643, 20); |
|
| 2070 | - $s2 += self::mul($s13, 470296, 19); |
|
| 2071 | - $s3 += self::mul($s13, 654183, 20); |
|
| 2072 | - $s4 -= self::mul($s13, 997805, 20); |
|
| 2073 | - $s5 += self::mul($s13, 136657, 18); |
|
| 2074 | - $s6 -= self::mul($s13, 683901, 20); |
|
| 2075 | - |
|
| 2076 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2077 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2078 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2079 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2080 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2081 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2082 | - $s12 = 0; |
|
| 2083 | - |
|
| 2084 | - $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 2085 | - $s1 += $carry0; |
|
| 2086 | - $s0 -= $carry0 << 21; |
|
| 2087 | - $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 2088 | - $s3 += $carry2; |
|
| 2089 | - $s2 -= $carry2 << 21; |
|
| 2090 | - $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 2091 | - $s5 += $carry4; |
|
| 2092 | - $s4 -= $carry4 << 21; |
|
| 2093 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2094 | - $s7 += $carry6; |
|
| 2095 | - $s6 -= $carry6 << 21; |
|
| 2096 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2097 | - $s9 += $carry8; |
|
| 2098 | - $s8 -= $carry8 << 21; |
|
| 2099 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2100 | - $s11 += $carry10; |
|
| 2101 | - $s10 -= $carry10 << 21; |
|
| 2102 | - |
|
| 2103 | - $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 2104 | - $s2 += $carry1; |
|
| 2105 | - $s1 -= $carry1 << 21; |
|
| 2106 | - $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 2107 | - $s4 += $carry3; |
|
| 2108 | - $s3 -= $carry3 << 21; |
|
| 2109 | - $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 2110 | - $s6 += $carry5; |
|
| 2111 | - $s5 -= $carry5 << 21; |
|
| 2112 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2113 | - $s8 += $carry7; |
|
| 2114 | - $s7 -= $carry7 << 21; |
|
| 2115 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2116 | - $s10 += $carry9; |
|
| 2117 | - $s9 -= $carry9 << 21; |
|
| 2118 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2119 | - $s12 += $carry11; |
|
| 2120 | - $s11 -= $carry11 << 21; |
|
| 2121 | - |
|
| 2122 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2123 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2124 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2125 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2126 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2127 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2128 | - $s12 = 0; |
|
| 2129 | - |
|
| 2130 | - $carry0 = $s0 >> 21; |
|
| 2131 | - $s1 += $carry0; |
|
| 2132 | - $s0 -= $carry0 << 21; |
|
| 2133 | - $carry1 = $s1 >> 21; |
|
| 2134 | - $s2 += $carry1; |
|
| 2135 | - $s1 -= $carry1 << 21; |
|
| 2136 | - $carry2 = $s2 >> 21; |
|
| 2137 | - $s3 += $carry2; |
|
| 2138 | - $s2 -= $carry2 << 21; |
|
| 2139 | - $carry3 = $s3 >> 21; |
|
| 2140 | - $s4 += $carry3; |
|
| 2141 | - $s3 -= $carry3 << 21; |
|
| 2142 | - $carry4 = $s4 >> 21; |
|
| 2143 | - $s5 += $carry4; |
|
| 2144 | - $s4 -= $carry4 << 21; |
|
| 2145 | - $carry5 = $s5 >> 21; |
|
| 2146 | - $s6 += $carry5; |
|
| 2147 | - $s5 -= $carry5 << 21; |
|
| 2148 | - $carry6 = $s6 >> 21; |
|
| 2149 | - $s7 += $carry6; |
|
| 2150 | - $s6 -= $carry6 << 21; |
|
| 2151 | - $carry7 = $s7 >> 21; |
|
| 2152 | - $s8 += $carry7; |
|
| 2153 | - $s7 -= $carry7 << 21; |
|
| 2154 | - $carry8 = $s8 >> 21; |
|
| 2155 | - $s9 += $carry8; |
|
| 2156 | - $s8 -= $carry8 << 21; |
|
| 2157 | - $carry9 = $s9 >> 21; |
|
| 2158 | - $s10 += $carry9; |
|
| 2159 | - $s9 -= $carry9 << 21; |
|
| 2160 | - $carry10 = $s10 >> 21; |
|
| 2161 | - $s11 += $carry10; |
|
| 2162 | - $s10 -= $carry10 << 21; |
|
| 2163 | - $carry11 = $s11 >> 21; |
|
| 2164 | - $s12 += $carry11; |
|
| 2165 | - $s11 -= $carry11 << 21; |
|
| 2166 | - |
|
| 2167 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2168 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2169 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2170 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2171 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2172 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2173 | - |
|
| 2174 | - $carry0 = $s0 >> 21; |
|
| 2175 | - $s1 += $carry0; |
|
| 2176 | - $s0 -= $carry0 << 21; |
|
| 2177 | - $carry1 = $s1 >> 21; |
|
| 2178 | - $s2 += $carry1; |
|
| 2179 | - $s1 -= $carry1 << 21; |
|
| 2180 | - $carry2 = $s2 >> 21; |
|
| 2181 | - $s3 += $carry2; |
|
| 2182 | - $s2 -= $carry2 << 21; |
|
| 2183 | - $carry3 = $s3 >> 21; |
|
| 2184 | - $s4 += $carry3; |
|
| 2185 | - $s3 -= $carry3 << 21; |
|
| 2186 | - $carry4 = $s4 >> 21; |
|
| 2187 | - $s5 += $carry4; |
|
| 2188 | - $s4 -= $carry4 << 21; |
|
| 2189 | - $carry5 = $s5 >> 21; |
|
| 2190 | - $s6 += $carry5; |
|
| 2191 | - $s5 -= $carry5 << 21; |
|
| 2192 | - $carry6 = $s6 >> 21; |
|
| 2193 | - $s7 += $carry6; |
|
| 2194 | - $s6 -= $carry6 << 21; |
|
| 2195 | - $carry7 = $s7 >> 21; |
|
| 2196 | - $s8 += $carry7; |
|
| 2197 | - $s7 -= $carry7 << 21; |
|
| 2198 | - $carry8 = $s8 >> 21; |
|
| 2199 | - $s9 += $carry8; |
|
| 2200 | - $s8 -= $carry8 << 21; |
|
| 2201 | - $carry9 = $s9 >> 21; |
|
| 2202 | - $s10 += $carry9; |
|
| 2203 | - $s9 -= $carry9 << 21; |
|
| 2204 | - $carry10 = $s10 >> 21; |
|
| 2205 | - $s11 += $carry10; |
|
| 2206 | - $s10 -= $carry10 << 21; |
|
| 2207 | - |
|
| 2208 | - /** |
|
| 2209 | - * @var array<int, int> |
|
| 2210 | - */ |
|
| 2211 | - $arr = array( |
|
| 2212 | - (int) (0xff & ($s0 >> 0)), |
|
| 2213 | - (int) (0xff & ($s0 >> 8)), |
|
| 2214 | - (int) (0xff & (($s0 >> 16) | $s1 << 5)), |
|
| 2215 | - (int) (0xff & ($s1 >> 3)), |
|
| 2216 | - (int) (0xff & ($s1 >> 11)), |
|
| 2217 | - (int) (0xff & (($s1 >> 19) | $s2 << 2)), |
|
| 2218 | - (int) (0xff & ($s2 >> 6)), |
|
| 2219 | - (int) (0xff & (($s2 >> 14) | $s3 << 7)), |
|
| 2220 | - (int) (0xff & ($s3 >> 1)), |
|
| 2221 | - (int) (0xff & ($s3 >> 9)), |
|
| 2222 | - (int) (0xff & (($s3 >> 17) | $s4 << 4)), |
|
| 2223 | - (int) (0xff & ($s4 >> 4)), |
|
| 2224 | - (int) (0xff & ($s4 >> 12)), |
|
| 2225 | - (int) (0xff & (($s4 >> 20) | $s5 << 1)), |
|
| 2226 | - (int) (0xff & ($s5 >> 7)), |
|
| 2227 | - (int) (0xff & (($s5 >> 15) | $s6 << 6)), |
|
| 2228 | - (int) (0xff & ($s6 >> 2)), |
|
| 2229 | - (int) (0xff & ($s6 >> 10)), |
|
| 2230 | - (int) (0xff & (($s6 >> 18) | $s7 << 3)), |
|
| 2231 | - (int) (0xff & ($s7 >> 5)), |
|
| 2232 | - (int) (0xff & ($s7 >> 13)), |
|
| 2233 | - (int) (0xff & ($s8 >> 0)), |
|
| 2234 | - (int) (0xff & ($s8 >> 8)), |
|
| 2235 | - (int) (0xff & (($s8 >> 16) | $s9 << 5)), |
|
| 2236 | - (int) (0xff & ($s9 >> 3)), |
|
| 2237 | - (int) (0xff & ($s9 >> 11)), |
|
| 2238 | - (int) (0xff & (($s9 >> 19) | $s10 << 2)), |
|
| 2239 | - (int) (0xff & ($s10 >> 6)), |
|
| 2240 | - (int) (0xff & (($s10 >> 14) | $s11 << 7)), |
|
| 2241 | - (int) (0xff & ($s11 >> 1)), |
|
| 2242 | - (int) (0xff & ($s11 >> 9)), |
|
| 2243 | - 0xff & ($s11 >> 17) |
|
| 2244 | - ); |
|
| 2245 | - return self::intArrayToString($arr); |
|
| 2246 | - } |
|
| 2247 | - |
|
| 2248 | - /** |
|
| 2249 | - * @internal You should not use this directly from another application |
|
| 2250 | - * |
|
| 2251 | - * @param string $s |
|
| 2252 | - * @return string |
|
| 2253 | - */ |
|
| 2254 | - public static function sc_reduce($s) |
|
| 2255 | - { |
|
| 2256 | - $s0 = 2097151 & self::load_3(self::substr($s, 0, 3)); |
|
| 2257 | - $s1 = 2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5); |
|
| 2258 | - $s2 = 2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2); |
|
| 2259 | - $s3 = 2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7); |
|
| 2260 | - $s4 = 2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4); |
|
| 2261 | - $s5 = 2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1); |
|
| 2262 | - $s6 = 2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6); |
|
| 2263 | - $s7 = 2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3); |
|
| 2264 | - $s8 = 2097151 & self::load_3(self::substr($s, 21, 3)); |
|
| 2265 | - $s9 = 2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5); |
|
| 2266 | - $s10 = 2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2); |
|
| 2267 | - $s11 = 2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7); |
|
| 2268 | - $s12 = 2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4); |
|
| 2269 | - $s13 = 2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1); |
|
| 2270 | - $s14 = 2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6); |
|
| 2271 | - $s15 = 2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3); |
|
| 2272 | - $s16 = 2097151 & self::load_3(self::substr($s, 42, 3)); |
|
| 2273 | - $s17 = 2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5); |
|
| 2274 | - $s18 = 2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2); |
|
| 2275 | - $s19 = 2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7); |
|
| 2276 | - $s20 = 2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4); |
|
| 2277 | - $s21 = 2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1); |
|
| 2278 | - $s22 = 2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6); |
|
| 2279 | - $s23 = (self::load_4(self::substr($s, 60, 4)) >> 3); |
|
| 2280 | - |
|
| 2281 | - $s11 += self::mul($s23, 666643, 20); |
|
| 2282 | - $s12 += self::mul($s23, 470296, 19); |
|
| 2283 | - $s13 += self::mul($s23, 654183, 20); |
|
| 2284 | - $s14 -= self::mul($s23, 997805, 20); |
|
| 2285 | - $s15 += self::mul($s23, 136657, 18); |
|
| 2286 | - $s16 -= self::mul($s23, 683901, 20); |
|
| 2287 | - |
|
| 2288 | - $s10 += self::mul($s22, 666643, 20); |
|
| 2289 | - $s11 += self::mul($s22, 470296, 19); |
|
| 2290 | - $s12 += self::mul($s22, 654183, 20); |
|
| 2291 | - $s13 -= self::mul($s22, 997805, 20); |
|
| 2292 | - $s14 += self::mul($s22, 136657, 18); |
|
| 2293 | - $s15 -= self::mul($s22, 683901, 20); |
|
| 2294 | - |
|
| 2295 | - $s9 += self::mul($s21, 666643, 20); |
|
| 2296 | - $s10 += self::mul($s21, 470296, 19); |
|
| 2297 | - $s11 += self::mul($s21, 654183, 20); |
|
| 2298 | - $s12 -= self::mul($s21, 997805, 20); |
|
| 2299 | - $s13 += self::mul($s21, 136657, 18); |
|
| 2300 | - $s14 -= self::mul($s21, 683901, 20); |
|
| 2301 | - |
|
| 2302 | - $s8 += self::mul($s20, 666643, 20); |
|
| 2303 | - $s9 += self::mul($s20, 470296, 19); |
|
| 2304 | - $s10 += self::mul($s20, 654183, 20); |
|
| 2305 | - $s11 -= self::mul($s20, 997805, 20); |
|
| 2306 | - $s12 += self::mul($s20, 136657, 18); |
|
| 2307 | - $s13 -= self::mul($s20, 683901, 20); |
|
| 2308 | - |
|
| 2309 | - $s7 += self::mul($s19, 666643, 20); |
|
| 2310 | - $s8 += self::mul($s19, 470296, 19); |
|
| 2311 | - $s9 += self::mul($s19, 654183, 20); |
|
| 2312 | - $s10 -= self::mul($s19, 997805, 20); |
|
| 2313 | - $s11 += self::mul($s19, 136657, 18); |
|
| 2314 | - $s12 -= self::mul($s19, 683901, 20); |
|
| 2315 | - |
|
| 2316 | - $s6 += self::mul($s18, 666643, 20); |
|
| 2317 | - $s7 += self::mul($s18, 470296, 19); |
|
| 2318 | - $s8 += self::mul($s18, 654183, 20); |
|
| 2319 | - $s9 -= self::mul($s18, 997805, 20); |
|
| 2320 | - $s10 += self::mul($s18, 136657, 18); |
|
| 2321 | - $s11 -= self::mul($s18, 683901, 20); |
|
| 2322 | - |
|
| 2323 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2324 | - $s7 += $carry6; |
|
| 2325 | - $s6 -= $carry6 << 21; |
|
| 2326 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2327 | - $s9 += $carry8; |
|
| 2328 | - $s8 -= $carry8 << 21; |
|
| 2329 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2330 | - $s11 += $carry10; |
|
| 2331 | - $s10 -= $carry10 << 21; |
|
| 2332 | - $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 2333 | - $s13 += $carry12; |
|
| 2334 | - $s12 -= $carry12 << 21; |
|
| 2335 | - $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 2336 | - $s15 += $carry14; |
|
| 2337 | - $s14 -= $carry14 << 21; |
|
| 2338 | - $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 2339 | - $s17 += $carry16; |
|
| 2340 | - $s16 -= $carry16 << 21; |
|
| 2341 | - |
|
| 2342 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2343 | - $s8 += $carry7; |
|
| 2344 | - $s7 -= $carry7 << 21; |
|
| 2345 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2346 | - $s10 += $carry9; |
|
| 2347 | - $s9 -= $carry9 << 21; |
|
| 2348 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2349 | - $s12 += $carry11; |
|
| 2350 | - $s11 -= $carry11 << 21; |
|
| 2351 | - $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 2352 | - $s14 += $carry13; |
|
| 2353 | - $s13 -= $carry13 << 21; |
|
| 2354 | - $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 2355 | - $s16 += $carry15; |
|
| 2356 | - $s15 -= $carry15 << 21; |
|
| 2357 | - |
|
| 2358 | - $s5 += self::mul($s17, 666643, 20); |
|
| 2359 | - $s6 += self::mul($s17, 470296, 19); |
|
| 2360 | - $s7 += self::mul($s17, 654183, 20); |
|
| 2361 | - $s8 -= self::mul($s17, 997805, 20); |
|
| 2362 | - $s9 += self::mul($s17, 136657, 18); |
|
| 2363 | - $s10 -= self::mul($s17, 683901, 20); |
|
| 2364 | - |
|
| 2365 | - $s4 += self::mul($s16, 666643, 20); |
|
| 2366 | - $s5 += self::mul($s16, 470296, 19); |
|
| 2367 | - $s6 += self::mul($s16, 654183, 20); |
|
| 2368 | - $s7 -= self::mul($s16, 997805, 20); |
|
| 2369 | - $s8 += self::mul($s16, 136657, 18); |
|
| 2370 | - $s9 -= self::mul($s16, 683901, 20); |
|
| 2371 | - |
|
| 2372 | - $s3 += self::mul($s15, 666643, 20); |
|
| 2373 | - $s4 += self::mul($s15, 470296, 19); |
|
| 2374 | - $s5 += self::mul($s15, 654183, 20); |
|
| 2375 | - $s6 -= self::mul($s15, 997805, 20); |
|
| 2376 | - $s7 += self::mul($s15, 136657, 18); |
|
| 2377 | - $s8 -= self::mul($s15, 683901, 20); |
|
| 2378 | - |
|
| 2379 | - $s2 += self::mul($s14, 666643, 20); |
|
| 2380 | - $s3 += self::mul($s14, 470296, 19); |
|
| 2381 | - $s4 += self::mul($s14, 654183, 20); |
|
| 2382 | - $s5 -= self::mul($s14, 997805, 20); |
|
| 2383 | - $s6 += self::mul($s14, 136657, 18); |
|
| 2384 | - $s7 -= self::mul($s14, 683901, 20); |
|
| 2385 | - |
|
| 2386 | - $s1 += self::mul($s13, 666643, 20); |
|
| 2387 | - $s2 += self::mul($s13, 470296, 19); |
|
| 2388 | - $s3 += self::mul($s13, 654183, 20); |
|
| 2389 | - $s4 -= self::mul($s13, 997805, 20); |
|
| 2390 | - $s5 += self::mul($s13, 136657, 18); |
|
| 2391 | - $s6 -= self::mul($s13, 683901, 20); |
|
| 2392 | - |
|
| 2393 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2394 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2395 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2396 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2397 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2398 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2399 | - $s12 = 0; |
|
| 2400 | - |
|
| 2401 | - $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 2402 | - $s1 += $carry0; |
|
| 2403 | - $s0 -= $carry0 << 21; |
|
| 2404 | - $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 2405 | - $s3 += $carry2; |
|
| 2406 | - $s2 -= $carry2 << 21; |
|
| 2407 | - $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 2408 | - $s5 += $carry4; |
|
| 2409 | - $s4 -= $carry4 << 21; |
|
| 2410 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2411 | - $s7 += $carry6; |
|
| 2412 | - $s6 -= $carry6 << 21; |
|
| 2413 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2414 | - $s9 += $carry8; |
|
| 2415 | - $s8 -= $carry8 << 21; |
|
| 2416 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2417 | - $s11 += $carry10; |
|
| 2418 | - $s10 -= $carry10 << 21; |
|
| 2419 | - |
|
| 2420 | - $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 2421 | - $s2 += $carry1; |
|
| 2422 | - $s1 -= $carry1 << 21; |
|
| 2423 | - $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 2424 | - $s4 += $carry3; |
|
| 2425 | - $s3 -= $carry3 << 21; |
|
| 2426 | - $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 2427 | - $s6 += $carry5; |
|
| 2428 | - $s5 -= $carry5 << 21; |
|
| 2429 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2430 | - $s8 += $carry7; |
|
| 2431 | - $s7 -= $carry7 << 21; |
|
| 2432 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2433 | - $s10 += $carry9; |
|
| 2434 | - $s9 -= $carry9 << 21; |
|
| 2435 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2436 | - $s12 += $carry11; |
|
| 2437 | - $s11 -= $carry11 << 21; |
|
| 2438 | - |
|
| 2439 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2440 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2441 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2442 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2443 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2444 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2445 | - $s12 = 0; |
|
| 2446 | - |
|
| 2447 | - $carry0 = $s0 >> 21; |
|
| 2448 | - $s1 += $carry0; |
|
| 2449 | - $s0 -= $carry0 << 21; |
|
| 2450 | - $carry1 = $s1 >> 21; |
|
| 2451 | - $s2 += $carry1; |
|
| 2452 | - $s1 -= $carry1 << 21; |
|
| 2453 | - $carry2 = $s2 >> 21; |
|
| 2454 | - $s3 += $carry2; |
|
| 2455 | - $s2 -= $carry2 << 21; |
|
| 2456 | - $carry3 = $s3 >> 21; |
|
| 2457 | - $s4 += $carry3; |
|
| 2458 | - $s3 -= $carry3 << 21; |
|
| 2459 | - $carry4 = $s4 >> 21; |
|
| 2460 | - $s5 += $carry4; |
|
| 2461 | - $s4 -= $carry4 << 21; |
|
| 2462 | - $carry5 = $s5 >> 21; |
|
| 2463 | - $s6 += $carry5; |
|
| 2464 | - $s5 -= $carry5 << 21; |
|
| 2465 | - $carry6 = $s6 >> 21; |
|
| 2466 | - $s7 += $carry6; |
|
| 2467 | - $s6 -= $carry6 << 21; |
|
| 2468 | - $carry7 = $s7 >> 21; |
|
| 2469 | - $s8 += $carry7; |
|
| 2470 | - $s7 -= $carry7 << 21; |
|
| 2471 | - $carry8 = $s8 >> 21; |
|
| 2472 | - $s9 += $carry8; |
|
| 2473 | - $s8 -= $carry8 << 21; |
|
| 2474 | - $carry9 = $s9 >> 21; |
|
| 2475 | - $s10 += $carry9; |
|
| 2476 | - $s9 -= $carry9 << 21; |
|
| 2477 | - $carry10 = $s10 >> 21; |
|
| 2478 | - $s11 += $carry10; |
|
| 2479 | - $s10 -= $carry10 << 21; |
|
| 2480 | - $carry11 = $s11 >> 21; |
|
| 2481 | - $s12 += $carry11; |
|
| 2482 | - $s11 -= $carry11 << 21; |
|
| 2483 | - |
|
| 2484 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2485 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2486 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2487 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2488 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2489 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2490 | - |
|
| 2491 | - $carry0 = $s0 >> 21; |
|
| 2492 | - $s1 += $carry0; |
|
| 2493 | - $s0 -= $carry0 << 21; |
|
| 2494 | - $carry1 = $s1 >> 21; |
|
| 2495 | - $s2 += $carry1; |
|
| 2496 | - $s1 -= $carry1 << 21; |
|
| 2497 | - $carry2 = $s2 >> 21; |
|
| 2498 | - $s3 += $carry2; |
|
| 2499 | - $s2 -= $carry2 << 21; |
|
| 2500 | - $carry3 = $s3 >> 21; |
|
| 2501 | - $s4 += $carry3; |
|
| 2502 | - $s3 -= $carry3 << 21; |
|
| 2503 | - $carry4 = $s4 >> 21; |
|
| 2504 | - $s5 += $carry4; |
|
| 2505 | - $s4 -= $carry4 << 21; |
|
| 2506 | - $carry5 = $s5 >> 21; |
|
| 2507 | - $s6 += $carry5; |
|
| 2508 | - $s5 -= $carry5 << 21; |
|
| 2509 | - $carry6 = $s6 >> 21; |
|
| 2510 | - $s7 += $carry6; |
|
| 2511 | - $s6 -= $carry6 << 21; |
|
| 2512 | - $carry7 = $s7 >> 21; |
|
| 2513 | - $s8 += $carry7; |
|
| 2514 | - $s7 -= $carry7 << 21; |
|
| 2515 | - $carry8 = $s8 >> 21; |
|
| 2516 | - $s9 += $carry8; |
|
| 2517 | - $s8 -= $carry8 << 21; |
|
| 2518 | - $carry9 = $s9 >> 21; |
|
| 2519 | - $s10 += $carry9; |
|
| 2520 | - $s9 -= $carry9 << 21; |
|
| 2521 | - $carry10 = $s10 >> 21; |
|
| 2522 | - $s11 += $carry10; |
|
| 2523 | - $s10 -= $carry10 << 21; |
|
| 2524 | - |
|
| 2525 | - /** |
|
| 2526 | - * @var array<int, int> |
|
| 2527 | - */ |
|
| 2528 | - $arr = array( |
|
| 2529 | - (int) ($s0 >> 0), |
|
| 2530 | - (int) ($s0 >> 8), |
|
| 2531 | - (int) (($s0 >> 16) | $s1 << 5), |
|
| 2532 | - (int) ($s1 >> 3), |
|
| 2533 | - (int) ($s1 >> 11), |
|
| 2534 | - (int) (($s1 >> 19) | $s2 << 2), |
|
| 2535 | - (int) ($s2 >> 6), |
|
| 2536 | - (int) (($s2 >> 14) | $s3 << 7), |
|
| 2537 | - (int) ($s3 >> 1), |
|
| 2538 | - (int) ($s3 >> 9), |
|
| 2539 | - (int) (($s3 >> 17) | $s4 << 4), |
|
| 2540 | - (int) ($s4 >> 4), |
|
| 2541 | - (int) ($s4 >> 12), |
|
| 2542 | - (int) (($s4 >> 20) | $s5 << 1), |
|
| 2543 | - (int) ($s5 >> 7), |
|
| 2544 | - (int) (($s5 >> 15) | $s6 << 6), |
|
| 2545 | - (int) ($s6 >> 2), |
|
| 2546 | - (int) ($s6 >> 10), |
|
| 2547 | - (int) (($s6 >> 18) | $s7 << 3), |
|
| 2548 | - (int) ($s7 >> 5), |
|
| 2549 | - (int) ($s7 >> 13), |
|
| 2550 | - (int) ($s8 >> 0), |
|
| 2551 | - (int) ($s8 >> 8), |
|
| 2552 | - (int) (($s8 >> 16) | $s9 << 5), |
|
| 2553 | - (int) ($s9 >> 3), |
|
| 2554 | - (int) ($s9 >> 11), |
|
| 2555 | - (int) (($s9 >> 19) | $s10 << 2), |
|
| 2556 | - (int) ($s10 >> 6), |
|
| 2557 | - (int) (($s10 >> 14) | $s11 << 7), |
|
| 2558 | - (int) ($s11 >> 1), |
|
| 2559 | - (int) ($s11 >> 9), |
|
| 2560 | - (int) $s11 >> 17 |
|
| 2561 | - ); |
|
| 2562 | - return self::intArrayToString($arr); |
|
| 2563 | - } |
|
| 18 | + /** |
|
| 19 | + * Get a field element of size 10 with a value of 0 |
|
| 20 | + * |
|
| 21 | + * @internal You should not use this directly from another application |
|
| 22 | + * |
|
| 23 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 24 | + */ |
|
| 25 | + public static function fe_0() |
|
| 26 | + { |
|
| 27 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 28 | + array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
|
| 29 | + ); |
|
| 30 | + } |
|
| 31 | + |
|
| 32 | + /** |
|
| 33 | + * Get a field element of size 10 with a value of 1 |
|
| 34 | + * |
|
| 35 | + * @internal You should not use this directly from another application |
|
| 36 | + * |
|
| 37 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 38 | + */ |
|
| 39 | + public static function fe_1() |
|
| 40 | + { |
|
| 41 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 42 | + array(1, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
|
| 43 | + ); |
|
| 44 | + } |
|
| 45 | + |
|
| 46 | + /** |
|
| 47 | + * Add two field elements. |
|
| 48 | + * |
|
| 49 | + * @internal You should not use this directly from another application |
|
| 50 | + * |
|
| 51 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 52 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 53 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 54 | + */ |
|
| 55 | + public static function fe_add( |
|
| 56 | + ParagonIE_Sodium_Core_Curve25519_Fe $f, |
|
| 57 | + ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 58 | + ) { |
|
| 59 | + $arr = array(); |
|
| 60 | + for ($i = 0; $i < 10; ++$i) { |
|
| 61 | + $arr[$i] = (int) ($f[$i] + $g[$i]); |
|
| 62 | + } |
|
| 63 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($arr); |
|
| 64 | + } |
|
| 65 | + |
|
| 66 | + /** |
|
| 67 | + * Constant-time conditional move. |
|
| 68 | + * |
|
| 69 | + * @internal You should not use this directly from another application |
|
| 70 | + * |
|
| 71 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 72 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 73 | + * @param int $b |
|
| 74 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 75 | + */ |
|
| 76 | + public static function fe_cmov( |
|
| 77 | + ParagonIE_Sodium_Core_Curve25519_Fe $f, |
|
| 78 | + ParagonIE_Sodium_Core_Curve25519_Fe $g, |
|
| 79 | + $b = 0 |
|
| 80 | + ) { |
|
| 81 | + $h = array(); |
|
| 82 | + $b *= -1; |
|
| 83 | + for ($i = 0; $i < 10; ++$i) { |
|
| 84 | + $x = (($f[$i] ^ $g[$i]) & $b); |
|
| 85 | + $h[$i] = $f[$i] ^ $x; |
|
| 86 | + } |
|
| 87 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + /** |
|
| 91 | + * Create a copy of a field element. |
|
| 92 | + * |
|
| 93 | + * @internal You should not use this directly from another application |
|
| 94 | + * |
|
| 95 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 96 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 97 | + */ |
|
| 98 | + public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 99 | + { |
|
| 100 | + $h = clone $f; |
|
| 101 | + return $h; |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + /** |
|
| 105 | + * Give: 32-byte string. |
|
| 106 | + * Receive: A field element object to use for internal calculations. |
|
| 107 | + * |
|
| 108 | + * @internal You should not use this directly from another application |
|
| 109 | + * |
|
| 110 | + * @param string $s |
|
| 111 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 112 | + * @throws RangeException |
|
| 113 | + */ |
|
| 114 | + public static function fe_frombytes($s) |
|
| 115 | + { |
|
| 116 | + if (self::strlen($s) !== 32) { |
|
| 117 | + throw new RangeException('Expected a 32-byte string.'); |
|
| 118 | + } |
|
| 119 | + $h0 = self::load_4($s); |
|
| 120 | + $h1 = self::load_3(self::substr($s, 4, 3)) << 6; |
|
| 121 | + $h2 = self::load_3(self::substr($s, 7, 3)) << 5; |
|
| 122 | + $h3 = self::load_3(self::substr($s, 10, 3)) << 3; |
|
| 123 | + $h4 = self::load_3(self::substr($s, 13, 3)) << 2; |
|
| 124 | + $h5 = self::load_4(self::substr($s, 16, 4)); |
|
| 125 | + $h6 = self::load_3(self::substr($s, 20, 3)) << 7; |
|
| 126 | + $h7 = self::load_3(self::substr($s, 23, 3)) << 5; |
|
| 127 | + $h8 = self::load_3(self::substr($s, 26, 3)) << 4; |
|
| 128 | + $h9 = (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2; |
|
| 129 | + |
|
| 130 | + $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 131 | + $h0 += self::mul($carry9, 19, 5); |
|
| 132 | + $h9 -= $carry9 << 25; |
|
| 133 | + $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 134 | + $h2 += $carry1; |
|
| 135 | + $h1 -= $carry1 << 25; |
|
| 136 | + $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 137 | + $h4 += $carry3; |
|
| 138 | + $h3 -= $carry3 << 25; |
|
| 139 | + $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 140 | + $h6 += $carry5; |
|
| 141 | + $h5 -= $carry5 << 25; |
|
| 142 | + $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 143 | + $h8 += $carry7; |
|
| 144 | + $h7 -= $carry7 << 25; |
|
| 145 | + |
|
| 146 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 147 | + $h1 += $carry0; |
|
| 148 | + $h0 -= $carry0 << 26; |
|
| 149 | + $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 150 | + $h3 += $carry2; |
|
| 151 | + $h2 -= $carry2 << 26; |
|
| 152 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 153 | + $h5 += $carry4; |
|
| 154 | + $h4 -= $carry4 << 26; |
|
| 155 | + $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 156 | + $h7 += $carry6; |
|
| 157 | + $h6 -= $carry6 << 26; |
|
| 158 | + $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 159 | + $h9 += $carry8; |
|
| 160 | + $h8 -= $carry8 << 26; |
|
| 161 | + |
|
| 162 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 163 | + array( |
|
| 164 | + (int) $h0, |
|
| 165 | + (int) $h1, |
|
| 166 | + (int) $h2, |
|
| 167 | + (int) $h3, |
|
| 168 | + (int) $h4, |
|
| 169 | + (int) $h5, |
|
| 170 | + (int) $h6, |
|
| 171 | + (int) $h7, |
|
| 172 | + (int) $h8, |
|
| 173 | + (int) $h9 |
|
| 174 | + ) |
|
| 175 | + ); |
|
| 176 | + } |
|
| 177 | + |
|
| 178 | + /** |
|
| 179 | + * Convert a field element to a byte string. |
|
| 180 | + * |
|
| 181 | + * @internal You should not use this directly from another application |
|
| 182 | + * |
|
| 183 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $h |
|
| 184 | + * @return string |
|
| 185 | + */ |
|
| 186 | + public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) |
|
| 187 | + { |
|
| 188 | + $h[0] = (int) $h[0]; |
|
| 189 | + $h[1] = (int) $h[1]; |
|
| 190 | + $h[2] = (int) $h[2]; |
|
| 191 | + $h[3] = (int) $h[3]; |
|
| 192 | + $h[4] = (int) $h[4]; |
|
| 193 | + $h[5] = (int) $h[5]; |
|
| 194 | + $h[6] = (int) $h[6]; |
|
| 195 | + $h[7] = (int) $h[7]; |
|
| 196 | + $h[8] = (int) $h[8]; |
|
| 197 | + $h[9] = (int) $h[9]; |
|
| 198 | + |
|
| 199 | + $q = (self::mul($h[9], 19, 5) + (1 << 24)) >> 25; |
|
| 200 | + $q = ($h[0] + $q) >> 26; |
|
| 201 | + $q = ($h[1] + $q) >> 25; |
|
| 202 | + $q = ($h[2] + $q) >> 26; |
|
| 203 | + $q = ($h[3] + $q) >> 25; |
|
| 204 | + $q = ($h[4] + $q) >> 26; |
|
| 205 | + $q = ($h[5] + $q) >> 25; |
|
| 206 | + $q = ($h[6] + $q) >> 26; |
|
| 207 | + $q = ($h[7] + $q) >> 25; |
|
| 208 | + $q = ($h[8] + $q) >> 26; |
|
| 209 | + $q = ($h[9] + $q) >> 25; |
|
| 210 | + |
|
| 211 | + $h[0] += self::mul($q, 19, 5); |
|
| 212 | + |
|
| 213 | + $carry0 = $h[0] >> 26; |
|
| 214 | + $h[1] += $carry0; |
|
| 215 | + $h[0] -= $carry0 << 26; |
|
| 216 | + $carry1 = $h[1] >> 25; |
|
| 217 | + $h[2] += $carry1; |
|
| 218 | + $h[1] -= $carry1 << 25; |
|
| 219 | + $carry2 = $h[2] >> 26; |
|
| 220 | + $h[3] += $carry2; |
|
| 221 | + $h[2] -= $carry2 << 26; |
|
| 222 | + $carry3 = $h[3] >> 25; |
|
| 223 | + $h[4] += $carry3; |
|
| 224 | + $h[3] -= $carry3 << 25; |
|
| 225 | + $carry4 = $h[4] >> 26; |
|
| 226 | + $h[5] += $carry4; |
|
| 227 | + $h[4] -= $carry4 << 26; |
|
| 228 | + $carry5 = $h[5] >> 25; |
|
| 229 | + $h[6] += $carry5; |
|
| 230 | + $h[5] -= $carry5 << 25; |
|
| 231 | + $carry6 = $h[6] >> 26; |
|
| 232 | + $h[7] += $carry6; |
|
| 233 | + $h[6] -= $carry6 << 26; |
|
| 234 | + $carry7 = $h[7] >> 25; |
|
| 235 | + $h[8] += $carry7; |
|
| 236 | + $h[7] -= $carry7 << 25; |
|
| 237 | + $carry8 = $h[8] >> 26; |
|
| 238 | + $h[9] += $carry8; |
|
| 239 | + $h[8] -= $carry8 << 26; |
|
| 240 | + $carry9 = $h[9] >> 25; |
|
| 241 | + $h[9] -= $carry9 << 25; |
|
| 242 | + |
|
| 243 | + /** |
|
| 244 | + * @var array<int, int> |
|
| 245 | + */ |
|
| 246 | + $s = array( |
|
| 247 | + (int) (($h[0] >> 0) & 0xff), |
|
| 248 | + (int) (($h[0] >> 8) & 0xff), |
|
| 249 | + (int) (($h[0] >> 16) & 0xff), |
|
| 250 | + (int) ((($h[0] >> 24) | ($h[1] << 2)) & 0xff), |
|
| 251 | + (int) (($h[1] >> 6) & 0xff), |
|
| 252 | + (int) (($h[1] >> 14) & 0xff), |
|
| 253 | + (int) ((($h[1] >> 22) | ($h[2] << 3)) & 0xff), |
|
| 254 | + (int) (($h[2] >> 5) & 0xff), |
|
| 255 | + (int) (($h[2] >> 13) & 0xff), |
|
| 256 | + (int) ((($h[2] >> 21) | ($h[3] << 5)) & 0xff), |
|
| 257 | + (int) (($h[3] >> 3) & 0xff), |
|
| 258 | + (int) (($h[3] >> 11) & 0xff), |
|
| 259 | + (int) ((($h[3] >> 19) | ($h[4] << 6)) & 0xff), |
|
| 260 | + (int) (($h[4] >> 2) & 0xff), |
|
| 261 | + (int) (($h[4] >> 10) & 0xff), |
|
| 262 | + (int) (($h[4] >> 18) & 0xff), |
|
| 263 | + (int) (($h[5] >> 0) & 0xff), |
|
| 264 | + (int) (($h[5] >> 8) & 0xff), |
|
| 265 | + (int) (($h[5] >> 16) & 0xff), |
|
| 266 | + (int) ((($h[5] >> 24) | ($h[6] << 1)) & 0xff), |
|
| 267 | + (int) (($h[6] >> 7) & 0xff), |
|
| 268 | + (int) (($h[6] >> 15) & 0xff), |
|
| 269 | + (int) ((($h[6] >> 23) | ($h[7] << 3)) & 0xff), |
|
| 270 | + (int) (($h[7] >> 5) & 0xff), |
|
| 271 | + (int) (($h[7] >> 13) & 0xff), |
|
| 272 | + (int) ((($h[7] >> 21) | ($h[8] << 4)) & 0xff), |
|
| 273 | + (int) (($h[8] >> 4) & 0xff), |
|
| 274 | + (int) (($h[8] >> 12) & 0xff), |
|
| 275 | + (int) ((($h[8] >> 20) | ($h[9] << 6)) & 0xff), |
|
| 276 | + (int) (($h[9] >> 2) & 0xff), |
|
| 277 | + (int) (($h[9] >> 10) & 0xff), |
|
| 278 | + (int) (($h[9] >> 18) & 0xff) |
|
| 279 | + ); |
|
| 280 | + return self::intArrayToString($s); |
|
| 281 | + } |
|
| 282 | + |
|
| 283 | + /** |
|
| 284 | + * Is a field element negative? (1 = yes, 0 = no. Used in calculations.) |
|
| 285 | + * |
|
| 286 | + * @internal You should not use this directly from another application |
|
| 287 | + * |
|
| 288 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 289 | + * @return int |
|
| 290 | + */ |
|
| 291 | + public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 292 | + { |
|
| 293 | + $str = self::fe_tobytes($f); |
|
| 294 | + return self::chrToInt($str[0]) & 1; |
|
| 295 | + } |
|
| 296 | + |
|
| 297 | + /** |
|
| 298 | + * Returns 0 if this field element results in all NUL bytes. |
|
| 299 | + * |
|
| 300 | + * @internal You should not use this directly from another application |
|
| 301 | + * |
|
| 302 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 303 | + * @return bool |
|
| 304 | + */ |
|
| 305 | + public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 306 | + { |
|
| 307 | + static $zero; |
|
| 308 | + if ($zero === null) { |
|
| 309 | + $zero = str_repeat("\x00", 32); |
|
| 310 | + } |
|
| 311 | + $str = self::fe_tobytes($f); |
|
| 312 | + return !self::verify_32($str, $zero); |
|
| 313 | + } |
|
| 314 | + |
|
| 315 | + /** |
|
| 316 | + * Multiply two field elements |
|
| 317 | + * |
|
| 318 | + * h = f * g |
|
| 319 | + * |
|
| 320 | + * @internal You should not use this directly from another application |
|
| 321 | + * |
|
| 322 | + * @security Is multiplication a source of timing leaks? If so, can we do |
|
| 323 | + * anything to prevent that from happening? |
|
| 324 | + * |
|
| 325 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 326 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 327 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 328 | + */ |
|
| 329 | + public static function fe_mul( |
|
| 330 | + ParagonIE_Sodium_Core_Curve25519_Fe $f, |
|
| 331 | + ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 332 | + ) { |
|
| 333 | + $f0 = $f[0]; |
|
| 334 | + $f1 = $f[1]; |
|
| 335 | + $f2 = $f[2]; |
|
| 336 | + $f3 = $f[3]; |
|
| 337 | + $f4 = $f[4]; |
|
| 338 | + $f5 = $f[5]; |
|
| 339 | + $f6 = $f[6]; |
|
| 340 | + $f7 = $f[7]; |
|
| 341 | + $f8 = $f[8]; |
|
| 342 | + $f9 = $f[9]; |
|
| 343 | + $g0 = $g[0]; |
|
| 344 | + $g1 = $g[1]; |
|
| 345 | + $g2 = $g[2]; |
|
| 346 | + $g3 = $g[3]; |
|
| 347 | + $g4 = $g[4]; |
|
| 348 | + $g5 = $g[5]; |
|
| 349 | + $g6 = $g[6]; |
|
| 350 | + $g7 = $g[7]; |
|
| 351 | + $g8 = $g[8]; |
|
| 352 | + $g9 = $g[9]; |
|
| 353 | + $g1_19 = self::mul($g1, 19, 5); |
|
| 354 | + $g2_19 = self::mul($g2, 19, 5); |
|
| 355 | + $g3_19 = self::mul($g3, 19, 5); |
|
| 356 | + $g4_19 = self::mul($g4, 19, 5); |
|
| 357 | + $g5_19 = self::mul($g5, 19, 5); |
|
| 358 | + $g6_19 = self::mul($g6, 19, 5); |
|
| 359 | + $g7_19 = self::mul($g7, 19, 5); |
|
| 360 | + $g8_19 = self::mul($g8, 19, 5); |
|
| 361 | + $g9_19 = self::mul($g9, 19, 5); |
|
| 362 | + $f1_2 = $f1 << 1; |
|
| 363 | + $f3_2 = $f3 << 1; |
|
| 364 | + $f5_2 = $f5 << 1; |
|
| 365 | + $f7_2 = $f7 << 1; |
|
| 366 | + $f9_2 = $f9 << 1; |
|
| 367 | + $f0g0 = self::mul($f0, $g0); |
|
| 368 | + $f0g1 = self::mul($f0, $g1); |
|
| 369 | + $f0g2 = self::mul($f0, $g2); |
|
| 370 | + $f0g3 = self::mul($f0, $g3); |
|
| 371 | + $f0g4 = self::mul($f0, $g4); |
|
| 372 | + $f0g5 = self::mul($f0, $g5); |
|
| 373 | + $f0g6 = self::mul($f0, $g6); |
|
| 374 | + $f0g7 = self::mul($f0, $g7); |
|
| 375 | + $f0g8 = self::mul($f0, $g8); |
|
| 376 | + $f0g9 = self::mul($f0, $g9); |
|
| 377 | + $f1g0 = self::mul($f1, $g0); |
|
| 378 | + $f1g1_2 = self::mul($f1_2, $g1); |
|
| 379 | + $f1g2 = self::mul($f1, $g2); |
|
| 380 | + $f1g3_2 = self::mul($f1_2, $g3); |
|
| 381 | + $f1g4 = self::mul($f1, $g4); |
|
| 382 | + $f1g5_2 = self::mul($f1_2, $g5); |
|
| 383 | + $f1g6 = self::mul($f1, $g6); |
|
| 384 | + $f1g7_2 = self::mul($f1_2, $g7); |
|
| 385 | + $f1g8 = self::mul($f1, $g8); |
|
| 386 | + $f1g9_38 = self::mul($f1_2, $g9_19); |
|
| 387 | + $f2g0 = self::mul($f2, $g0); |
|
| 388 | + $f2g1 = self::mul($f2, $g1); |
|
| 389 | + $f2g2 = self::mul($f2, $g2); |
|
| 390 | + $f2g3 = self::mul($f2, $g3); |
|
| 391 | + $f2g4 = self::mul($f2, $g4); |
|
| 392 | + $f2g5 = self::mul($f2, $g5); |
|
| 393 | + $f2g6 = self::mul($f2, $g6); |
|
| 394 | + $f2g7 = self::mul($f2, $g7); |
|
| 395 | + $f2g8_19 = self::mul($f2, $g8_19); |
|
| 396 | + $f2g9_19 = self::mul($f2, $g9_19); |
|
| 397 | + $f3g0 = self::mul($f3, $g0); |
|
| 398 | + $f3g1_2 = self::mul($f3_2, $g1); |
|
| 399 | + $f3g2 = self::mul($f3, $g2); |
|
| 400 | + $f3g3_2 = self::mul($f3_2, $g3); |
|
| 401 | + $f3g4 = self::mul($f3, $g4); |
|
| 402 | + $f3g5_2 = self::mul($f3_2, $g5); |
|
| 403 | + $f3g6 = self::mul($f3, $g6); |
|
| 404 | + $f3g7_38 = self::mul($f3_2, $g7_19); |
|
| 405 | + $f3g8_19 = self::mul($f3, $g8_19); |
|
| 406 | + $f3g9_38 = self::mul($f3_2, $g9_19); |
|
| 407 | + $f4g0 = self::mul($f4, $g0); |
|
| 408 | + $f4g1 = self::mul($f4, $g1); |
|
| 409 | + $f4g2 = self::mul($f4, $g2); |
|
| 410 | + $f4g3 = self::mul($f4, $g3); |
|
| 411 | + $f4g4 = self::mul($f4, $g4); |
|
| 412 | + $f4g5 = self::mul($f4, $g5); |
|
| 413 | + $f4g6_19 = self::mul($f4, $g6_19); |
|
| 414 | + $f4g7_19 = self::mul($f4, $g7_19); |
|
| 415 | + $f4g8_19 = self::mul($f4, $g8_19); |
|
| 416 | + $f4g9_19 = self::mul($f4, $g9_19); |
|
| 417 | + $f5g0 = self::mul($f5, $g0); |
|
| 418 | + $f5g1_2 = self::mul($f5_2, $g1); |
|
| 419 | + $f5g2 = self::mul($f5, $g2); |
|
| 420 | + $f5g3_2 = self::mul($f5_2, $g3); |
|
| 421 | + $f5g4 = self::mul($f5, $g4); |
|
| 422 | + $f5g5_38 = self::mul($f5_2, $g5_19); |
|
| 423 | + $f5g6_19 = self::mul($f5, $g6_19); |
|
| 424 | + $f5g7_38 = self::mul($f5_2, $g7_19); |
|
| 425 | + $f5g8_19 = self::mul($f5, $g8_19); |
|
| 426 | + $f5g9_38 = self::mul($f5_2, $g9_19); |
|
| 427 | + $f6g0 = self::mul($f6, $g0); |
|
| 428 | + $f6g1 = self::mul($f6, $g1); |
|
| 429 | + $f6g2 = self::mul($f6, $g2); |
|
| 430 | + $f6g3 = self::mul($f6, $g3); |
|
| 431 | + $f6g4_19 = self::mul($f6, $g4_19); |
|
| 432 | + $f6g5_19 = self::mul($f6, $g5_19); |
|
| 433 | + $f6g6_19 = self::mul($f6, $g6_19); |
|
| 434 | + $f6g7_19 = self::mul($f6, $g7_19); |
|
| 435 | + $f6g8_19 = self::mul($f6, $g8_19); |
|
| 436 | + $f6g9_19 = self::mul($f6, $g9_19); |
|
| 437 | + $f7g0 = self::mul($f7, $g0); |
|
| 438 | + $f7g1_2 = self::mul($f7_2, $g1); |
|
| 439 | + $f7g2 = self::mul($f7, $g2); |
|
| 440 | + $f7g3_38 = self::mul($f7_2, $g3_19); |
|
| 441 | + $f7g4_19 = self::mul($f7, $g4_19); |
|
| 442 | + $f7g5_38 = self::mul($f7_2, $g5_19); |
|
| 443 | + $f7g6_19 = self::mul($f7, $g6_19); |
|
| 444 | + $f7g7_38 = self::mul($f7_2, $g7_19); |
|
| 445 | + $f7g8_19 = self::mul($f7, $g8_19); |
|
| 446 | + $f7g9_38 = self::mul($f7_2, $g9_19); |
|
| 447 | + $f8g0 = self::mul($f8, $g0); |
|
| 448 | + $f8g1 = self::mul($f8, $g1); |
|
| 449 | + $f8g2_19 = self::mul($f8, $g2_19); |
|
| 450 | + $f8g3_19 = self::mul($f8, $g3_19); |
|
| 451 | + $f8g4_19 = self::mul($f8, $g4_19); |
|
| 452 | + $f8g5_19 = self::mul($f8, $g5_19); |
|
| 453 | + $f8g6_19 = self::mul($f8, $g6_19); |
|
| 454 | + $f8g7_19 = self::mul($f8, $g7_19); |
|
| 455 | + $f8g8_19 = self::mul($f8, $g8_19); |
|
| 456 | + $f8g9_19 = self::mul($f8, $g9_19); |
|
| 457 | + $f9g0 = self::mul($f9, $g0); |
|
| 458 | + $f9g1_38 = self::mul($f9_2, $g1_19); |
|
| 459 | + $f9g2_19 = self::mul($f9, $g2_19); |
|
| 460 | + $f9g3_38 = self::mul($f9_2, $g3_19); |
|
| 461 | + $f9g4_19 = self::mul($f9, $g4_19); |
|
| 462 | + $f9g5_38 = self::mul($f9_2, $g5_19); |
|
| 463 | + $f9g6_19 = self::mul($f9, $g6_19); |
|
| 464 | + $f9g7_38 = self::mul($f9_2, $g7_19); |
|
| 465 | + $f9g8_19 = self::mul($f9, $g8_19); |
|
| 466 | + $f9g9_38 = self::mul($f9_2, $g9_19); |
|
| 467 | + $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; |
|
| 468 | + $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
|
| 469 | + $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
|
| 470 | + $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
|
| 471 | + $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
|
| 472 | + $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
|
| 473 | + $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
|
| 474 | + $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
|
| 475 | + $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
|
| 476 | + $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; |
|
| 477 | + |
|
| 478 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 479 | + $h1 += $carry0; |
|
| 480 | + $h0 -= $carry0 << 26; |
|
| 481 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 482 | + $h5 += $carry4; |
|
| 483 | + $h4 -= $carry4 << 26; |
|
| 484 | + |
|
| 485 | + $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 486 | + $h2 += $carry1; |
|
| 487 | + $h1 -= $carry1 << 25; |
|
| 488 | + $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 489 | + $h6 += $carry5; |
|
| 490 | + $h5 -= $carry5 << 25; |
|
| 491 | + |
|
| 492 | + $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 493 | + $h3 += $carry2; |
|
| 494 | + $h2 -= $carry2 << 26; |
|
| 495 | + $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 496 | + $h7 += $carry6; |
|
| 497 | + $h6 -= $carry6 << 26; |
|
| 498 | + |
|
| 499 | + $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 500 | + $h4 += $carry3; |
|
| 501 | + $h3 -= $carry3 << 25; |
|
| 502 | + $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 503 | + $h8 += $carry7; |
|
| 504 | + $h7 -= $carry7 << 25; |
|
| 505 | + |
|
| 506 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 507 | + $h5 += $carry4; |
|
| 508 | + $h4 -= $carry4 << 26; |
|
| 509 | + $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 510 | + $h9 += $carry8; |
|
| 511 | + $h8 -= $carry8 << 26; |
|
| 512 | + |
|
| 513 | + $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 514 | + $h0 += self::mul($carry9, 19, 5); |
|
| 515 | + $h9 -= $carry9 << 25; |
|
| 516 | + |
|
| 517 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 518 | + $h1 += $carry0; |
|
| 519 | + $h0 -= $carry0 << 26; |
|
| 520 | + |
|
| 521 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 522 | + array( |
|
| 523 | + (int) $h0, |
|
| 524 | + (int) $h1, |
|
| 525 | + (int) $h2, |
|
| 526 | + (int) $h3, |
|
| 527 | + (int) $h4, |
|
| 528 | + (int) $h5, |
|
| 529 | + (int) $h6, |
|
| 530 | + (int) $h7, |
|
| 531 | + (int) $h8, |
|
| 532 | + (int) $h9 |
|
| 533 | + ) |
|
| 534 | + ); |
|
| 535 | + } |
|
| 536 | + |
|
| 537 | + /** |
|
| 538 | + * Get the negative values for each piece of the field element. |
|
| 539 | + * |
|
| 540 | + * h = -f |
|
| 541 | + * |
|
| 542 | + * @internal You should not use this directly from another application |
|
| 543 | + * |
|
| 544 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 545 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 546 | + */ |
|
| 547 | + public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 548 | + { |
|
| 549 | + $h = new ParagonIE_Sodium_Core_Curve25519_Fe(); |
|
| 550 | + for ($i = 0; $i < 10; ++$i) { |
|
| 551 | + $h[$i] = -$f[$i]; |
|
| 552 | + } |
|
| 553 | + return $h; |
|
| 554 | + } |
|
| 555 | + |
|
| 556 | + /** |
|
| 557 | + * Square a field element |
|
| 558 | + * |
|
| 559 | + * h = f * f |
|
| 560 | + * |
|
| 561 | + * @internal You should not use this directly from another application |
|
| 562 | + * |
|
| 563 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 564 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 565 | + */ |
|
| 566 | + public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 567 | + { |
|
| 568 | + $f0 = (int) $f[0]; |
|
| 569 | + $f1 = (int) $f[1]; |
|
| 570 | + $f2 = (int) $f[2]; |
|
| 571 | + $f3 = (int) $f[3]; |
|
| 572 | + $f4 = (int) $f[4]; |
|
| 573 | + $f5 = (int) $f[5]; |
|
| 574 | + $f6 = (int) $f[6]; |
|
| 575 | + $f7 = (int) $f[7]; |
|
| 576 | + $f8 = (int) $f[8]; |
|
| 577 | + $f9 = (int) $f[9]; |
|
| 578 | + |
|
| 579 | + $f0_2 = $f0 << 1; |
|
| 580 | + $f1_2 = $f1 << 1; |
|
| 581 | + $f2_2 = $f2 << 1; |
|
| 582 | + $f3_2 = $f3 << 1; |
|
| 583 | + $f4_2 = $f4 << 1; |
|
| 584 | + $f5_2 = $f5 << 1; |
|
| 585 | + $f6_2 = $f6 << 1; |
|
| 586 | + $f7_2 = $f7 << 1; |
|
| 587 | + $f5_38 = self::mul($f5, 38, 6); |
|
| 588 | + $f6_19 = self::mul($f6, 19, 5); |
|
| 589 | + $f7_38 = self::mul($f7, 38, 6); |
|
| 590 | + $f8_19 = self::mul($f8, 19, 5); |
|
| 591 | + $f9_38 = self::mul($f9, 38, 6); |
|
| 592 | + $f0f0 = self::mul($f0, $f0); |
|
| 593 | + $f0f1_2 = self::mul($f0_2, $f1); |
|
| 594 | + $f0f2_2 = self::mul($f0_2, $f2); |
|
| 595 | + $f0f3_2 = self::mul($f0_2, $f3); |
|
| 596 | + $f0f4_2 = self::mul($f0_2, $f4); |
|
| 597 | + $f0f5_2 = self::mul($f0_2, $f5); |
|
| 598 | + $f0f6_2 = self::mul($f0_2, $f6); |
|
| 599 | + $f0f7_2 = self::mul($f0_2, $f7); |
|
| 600 | + $f0f8_2 = self::mul($f0_2, $f8); |
|
| 601 | + $f0f9_2 = self::mul($f0_2, $f9); |
|
| 602 | + $f1f1_2 = self::mul($f1_2, $f1); |
|
| 603 | + $f1f2_2 = self::mul($f1_2, $f2); |
|
| 604 | + $f1f3_4 = self::mul($f1_2, $f3_2); |
|
| 605 | + $f1f4_2 = self::mul($f1_2, $f4); |
|
| 606 | + $f1f5_4 = self::mul($f1_2, $f5_2); |
|
| 607 | + $f1f6_2 = self::mul($f1_2, $f6); |
|
| 608 | + $f1f7_4 = self::mul($f1_2, $f7_2); |
|
| 609 | + $f1f8_2 = self::mul($f1_2, $f8); |
|
| 610 | + $f1f9_76 = self::mul($f1_2, $f9_38); |
|
| 611 | + $f2f2 = self::mul($f2, $f2); |
|
| 612 | + $f2f3_2 = self::mul($f2_2, $f3); |
|
| 613 | + $f2f4_2 = self::mul($f2_2, $f4); |
|
| 614 | + $f2f5_2 = self::mul($f2_2, $f5); |
|
| 615 | + $f2f6_2 = self::mul($f2_2, $f6); |
|
| 616 | + $f2f7_2 = self::mul($f2_2, $f7); |
|
| 617 | + $f2f8_38 = self::mul($f2_2, $f8_19); |
|
| 618 | + $f2f9_38 = self::mul($f2, $f9_38); |
|
| 619 | + $f3f3_2 = self::mul($f3_2, $f3); |
|
| 620 | + $f3f4_2 = self::mul($f3_2, $f4); |
|
| 621 | + $f3f5_4 = self::mul($f3_2, $f5_2); |
|
| 622 | + $f3f6_2 = self::mul($f3_2, $f6); |
|
| 623 | + $f3f7_76 = self::mul($f3_2, $f7_38); |
|
| 624 | + $f3f8_38 = self::mul($f3_2, $f8_19); |
|
| 625 | + $f3f9_76 = self::mul($f3_2, $f9_38); |
|
| 626 | + $f4f4 = self::mul($f4, $f4); |
|
| 627 | + $f4f5_2 = self::mul($f4_2, $f5); |
|
| 628 | + $f4f6_38 = self::mul($f4_2, $f6_19); |
|
| 629 | + $f4f7_38 = self::mul($f4, $f7_38); |
|
| 630 | + $f4f8_38 = self::mul($f4_2, $f8_19); |
|
| 631 | + $f4f9_38 = self::mul($f4, $f9_38); |
|
| 632 | + $f5f5_38 = self::mul($f5, $f5_38); |
|
| 633 | + $f5f6_38 = self::mul($f5_2, $f6_19); |
|
| 634 | + $f5f7_76 = self::mul($f5_2, $f7_38); |
|
| 635 | + $f5f8_38 = self::mul($f5_2, $f8_19); |
|
| 636 | + $f5f9_76 = self::mul($f5_2, $f9_38); |
|
| 637 | + $f6f6_19 = self::mul($f6, $f6_19); |
|
| 638 | + $f6f7_38 = self::mul($f6, $f7_38); |
|
| 639 | + $f6f8_38 = self::mul($f6_2, $f8_19); |
|
| 640 | + $f6f9_38 = self::mul($f6, $f9_38); |
|
| 641 | + $f7f7_38 = self::mul($f7, $f7_38); |
|
| 642 | + $f7f8_38 = self::mul($f7_2, $f8_19); |
|
| 643 | + $f7f9_76 = self::mul($f7_2, $f9_38); |
|
| 644 | + $f8f8_19 = self::mul($f8, $f8_19); |
|
| 645 | + $f8f9_38 = self::mul($f8, $f9_38); |
|
| 646 | + $f9f9_38 = self::mul($f9, $f9_38); |
|
| 647 | + $h0 = $f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38; |
|
| 648 | + $h1 = $f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38; |
|
| 649 | + $h2 = $f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19; |
|
| 650 | + $h3 = $f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38; |
|
| 651 | + $h4 = $f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38; |
|
| 652 | + $h5 = $f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38; |
|
| 653 | + $h6 = $f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19; |
|
| 654 | + $h7 = $f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38; |
|
| 655 | + $h8 = $f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38; |
|
| 656 | + $h9 = $f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2; |
|
| 657 | + |
|
| 658 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 659 | + $h1 += $carry0; |
|
| 660 | + $h0 -= $carry0 << 26; |
|
| 661 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 662 | + $h5 += $carry4; |
|
| 663 | + $h4 -= $carry4 << 26; |
|
| 664 | + |
|
| 665 | + $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 666 | + $h2 += $carry1; |
|
| 667 | + $h1 -= $carry1 << 25; |
|
| 668 | + $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 669 | + $h6 += $carry5; |
|
| 670 | + $h5 -= $carry5 << 25; |
|
| 671 | + |
|
| 672 | + $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 673 | + $h3 += $carry2; |
|
| 674 | + $h2 -= $carry2 << 26; |
|
| 675 | + $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 676 | + $h7 += $carry6; |
|
| 677 | + $h6 -= $carry6 << 26; |
|
| 678 | + |
|
| 679 | + $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 680 | + $h4 += $carry3; |
|
| 681 | + $h3 -= $carry3 << 25; |
|
| 682 | + $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 683 | + $h8 += $carry7; |
|
| 684 | + $h7 -= $carry7 << 25; |
|
| 685 | + |
|
| 686 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 687 | + $h5 += $carry4; |
|
| 688 | + $h4 -= $carry4 << 26; |
|
| 689 | + $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 690 | + $h9 += $carry8; |
|
| 691 | + $h8 -= $carry8 << 26; |
|
| 692 | + |
|
| 693 | + $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 694 | + $h0 += self::mul($carry9, 19, 5); |
|
| 695 | + $h9 -= $carry9 << 25; |
|
| 696 | + |
|
| 697 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 698 | + $h1 += $carry0; |
|
| 699 | + $h0 -= $carry0 << 26; |
|
| 700 | + |
|
| 701 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 702 | + array( |
|
| 703 | + (int) $h0, |
|
| 704 | + (int) $h1, |
|
| 705 | + (int) $h2, |
|
| 706 | + (int) $h3, |
|
| 707 | + (int) $h4, |
|
| 708 | + (int) $h5, |
|
| 709 | + (int) $h6, |
|
| 710 | + (int) $h7, |
|
| 711 | + (int) $h8, |
|
| 712 | + (int) $h9 |
|
| 713 | + ) |
|
| 714 | + ); |
|
| 715 | + } |
|
| 716 | + |
|
| 717 | + |
|
| 718 | + /** |
|
| 719 | + * Square and double a field element |
|
| 720 | + * |
|
| 721 | + * h = 2 * f * f |
|
| 722 | + * |
|
| 723 | + * @internal You should not use this directly from another application |
|
| 724 | + * |
|
| 725 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 726 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 727 | + */ |
|
| 728 | + public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 729 | + { |
|
| 730 | + $f0 = (int) $f[0]; |
|
| 731 | + $f1 = (int) $f[1]; |
|
| 732 | + $f2 = (int) $f[2]; |
|
| 733 | + $f3 = (int) $f[3]; |
|
| 734 | + $f4 = (int) $f[4]; |
|
| 735 | + $f5 = (int) $f[5]; |
|
| 736 | + $f6 = (int) $f[6]; |
|
| 737 | + $f7 = (int) $f[7]; |
|
| 738 | + $f8 = (int) $f[8]; |
|
| 739 | + $f9 = (int) $f[9]; |
|
| 740 | + |
|
| 741 | + $f0_2 = $f0 << 1; |
|
| 742 | + $f1_2 = $f1 << 1; |
|
| 743 | + $f2_2 = $f2 << 1; |
|
| 744 | + $f3_2 = $f3 << 1; |
|
| 745 | + $f4_2 = $f4 << 1; |
|
| 746 | + $f5_2 = $f5 << 1; |
|
| 747 | + $f6_2 = $f6 << 1; |
|
| 748 | + $f7_2 = $f7 << 1; |
|
| 749 | + $f5_38 = self::mul($f5, 38, 6); /* 1.959375*2^30 */ |
|
| 750 | + $f6_19 = self::mul($f6, 19, 5); /* 1.959375*2^30 */ |
|
| 751 | + $f7_38 = self::mul($f7, 38, 6); /* 1.959375*2^30 */ |
|
| 752 | + $f8_19 = self::mul($f8, 19, 5); /* 1.959375*2^30 */ |
|
| 753 | + $f9_38 = self::mul($f9, 38, 6); /* 1.959375*2^30 */ |
|
| 754 | + $f0f0 = self::mul($f0, (int) $f0); |
|
| 755 | + $f0f1_2 = self::mul($f0_2, (int) $f1); |
|
| 756 | + $f0f2_2 = self::mul($f0_2, (int) $f2); |
|
| 757 | + $f0f3_2 = self::mul($f0_2, (int) $f3); |
|
| 758 | + $f0f4_2 = self::mul($f0_2, (int) $f4); |
|
| 759 | + $f0f5_2 = self::mul($f0_2, (int) $f5); |
|
| 760 | + $f0f6_2 = self::mul($f0_2, (int) $f6); |
|
| 761 | + $f0f7_2 = self::mul($f0_2, (int) $f7); |
|
| 762 | + $f0f8_2 = self::mul($f0_2, (int) $f8); |
|
| 763 | + $f0f9_2 = self::mul($f0_2, (int) $f9); |
|
| 764 | + $f1f1_2 = self::mul($f1_2, (int) $f1); |
|
| 765 | + $f1f2_2 = self::mul($f1_2, (int) $f2); |
|
| 766 | + $f1f3_4 = self::mul($f1_2, (int) $f3_2); |
|
| 767 | + $f1f4_2 = self::mul($f1_2, (int) $f4); |
|
| 768 | + $f1f5_4 = self::mul($f1_2, (int) $f5_2); |
|
| 769 | + $f1f6_2 = self::mul($f1_2, (int) $f6); |
|
| 770 | + $f1f7_4 = self::mul($f1_2, (int) $f7_2); |
|
| 771 | + $f1f8_2 = self::mul($f1_2, (int) $f8); |
|
| 772 | + $f1f9_76 = self::mul($f1_2, (int) $f9_38); |
|
| 773 | + $f2f2 = self::mul($f2, (int) $f2); |
|
| 774 | + $f2f3_2 = self::mul($f2_2, (int) $f3); |
|
| 775 | + $f2f4_2 = self::mul($f2_2, (int) $f4); |
|
| 776 | + $f2f5_2 = self::mul($f2_2, (int) $f5); |
|
| 777 | + $f2f6_2 = self::mul($f2_2, (int) $f6); |
|
| 778 | + $f2f7_2 = self::mul($f2_2, (int) $f7); |
|
| 779 | + $f2f8_38 = self::mul($f2_2, (int) $f8_19); |
|
| 780 | + $f2f9_38 = self::mul($f2, (int) $f9_38); |
|
| 781 | + $f3f3_2 = self::mul($f3_2, (int) $f3); |
|
| 782 | + $f3f4_2 = self::mul($f3_2, (int) $f4); |
|
| 783 | + $f3f5_4 = self::mul($f3_2, (int) $f5_2); |
|
| 784 | + $f3f6_2 = self::mul($f3_2, (int) $f6); |
|
| 785 | + $f3f7_76 = self::mul($f3_2, (int) $f7_38); |
|
| 786 | + $f3f8_38 = self::mul($f3_2, (int) $f8_19); |
|
| 787 | + $f3f9_76 = self::mul($f3_2, (int) $f9_38); |
|
| 788 | + $f4f4 = self::mul($f4, (int) $f4); |
|
| 789 | + $f4f5_2 = self::mul($f4_2, (int) $f5); |
|
| 790 | + $f4f6_38 = self::mul($f4_2, (int) $f6_19); |
|
| 791 | + $f4f7_38 = self::mul($f4, (int) $f7_38); |
|
| 792 | + $f4f8_38 = self::mul($f4_2, (int) $f8_19); |
|
| 793 | + $f4f9_38 = self::mul($f4, (int) $f9_38); |
|
| 794 | + $f5f5_38 = self::mul($f5, (int) $f5_38); |
|
| 795 | + $f5f6_38 = self::mul($f5_2, (int) $f6_19); |
|
| 796 | + $f5f7_76 = self::mul($f5_2, (int) $f7_38); |
|
| 797 | + $f5f8_38 = self::mul($f5_2, (int) $f8_19); |
|
| 798 | + $f5f9_76 = self::mul($f5_2, (int) $f9_38); |
|
| 799 | + $f6f6_19 = self::mul($f6, (int) $f6_19); |
|
| 800 | + $f6f7_38 = self::mul($f6, (int) $f7_38); |
|
| 801 | + $f6f8_38 = self::mul($f6_2, (int) $f8_19); |
|
| 802 | + $f6f9_38 = self::mul($f6, (int) $f9_38); |
|
| 803 | + $f7f7_38 = self::mul($f7, (int) $f7_38); |
|
| 804 | + $f7f8_38 = self::mul($f7_2, (int) $f8_19); |
|
| 805 | + $f7f9_76 = self::mul($f7_2, (int) $f9_38); |
|
| 806 | + $f8f8_19 = self::mul($f8, (int) $f8_19); |
|
| 807 | + $f8f9_38 = self::mul($f8, (int) $f9_38); |
|
| 808 | + $f9f9_38 = self::mul($f9, (int) $f9_38); |
|
| 809 | + |
|
| 810 | + $h0 = (int) ($f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38); |
|
| 811 | + $h1 = (int) ($f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38); |
|
| 812 | + $h2 = (int) ($f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19); |
|
| 813 | + $h3 = (int) ($f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38); |
|
| 814 | + $h4 = (int) ($f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38); |
|
| 815 | + $h5 = (int) ($f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38); |
|
| 816 | + $h6 = (int) ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19); |
|
| 817 | + $h7 = (int) ($f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38); |
|
| 818 | + $h8 = (int) ($f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38); |
|
| 819 | + $h9 = (int) ($f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2); |
|
| 820 | + |
|
| 821 | + $h0 = (int) ($h0 + $h0); |
|
| 822 | + $h1 = (int) ($h1 + $h1); |
|
| 823 | + $h2 = (int) ($h2 + $h2); |
|
| 824 | + $h3 = (int) ($h3 + $h3); |
|
| 825 | + $h4 = (int) ($h4 + $h4); |
|
| 826 | + $h5 = (int) ($h5 + $h5); |
|
| 827 | + $h6 = (int) ($h6 + $h6); |
|
| 828 | + $h7 = (int) ($h7 + $h7); |
|
| 829 | + $h8 = (int) ($h8 + $h8); |
|
| 830 | + $h9 = (int) ($h9 + $h9); |
|
| 831 | + |
|
| 832 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 833 | + $h1 += $carry0; |
|
| 834 | + $h0 -= $carry0 << 26; |
|
| 835 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 836 | + $h5 += $carry4; |
|
| 837 | + $h4 -= $carry4 << 26; |
|
| 838 | + |
|
| 839 | + $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 840 | + $h2 += $carry1; |
|
| 841 | + $h1 -= $carry1 << 25; |
|
| 842 | + $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 843 | + $h6 += $carry5; |
|
| 844 | + $h5 -= $carry5 << 25; |
|
| 845 | + |
|
| 846 | + $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 847 | + $h3 += $carry2; |
|
| 848 | + $h2 -= $carry2 << 26; |
|
| 849 | + $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 850 | + $h7 += $carry6; |
|
| 851 | + $h6 -= $carry6 << 26; |
|
| 852 | + |
|
| 853 | + $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 854 | + $h4 += $carry3; |
|
| 855 | + $h3 -= $carry3 << 25; |
|
| 856 | + $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 857 | + $h8 += $carry7; |
|
| 858 | + $h7 -= $carry7 << 25; |
|
| 859 | + |
|
| 860 | + $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 861 | + $h5 += $carry4; |
|
| 862 | + $h4 -= $carry4 << 26; |
|
| 863 | + $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 864 | + $h9 += $carry8; |
|
| 865 | + $h8 -= $carry8 << 26; |
|
| 866 | + |
|
| 867 | + $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 868 | + $h0 += self::mul($carry9, 19, 5); |
|
| 869 | + $h9 -= $carry9 << 25; |
|
| 870 | + |
|
| 871 | + $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 872 | + $h1 += $carry0; |
|
| 873 | + $h0 -= $carry0 << 26; |
|
| 874 | + |
|
| 875 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 876 | + array( |
|
| 877 | + (int) $h0, |
|
| 878 | + (int) $h1, |
|
| 879 | + (int) $h2, |
|
| 880 | + (int) $h3, |
|
| 881 | + (int) $h4, |
|
| 882 | + (int) $h5, |
|
| 883 | + (int) $h6, |
|
| 884 | + (int) $h7, |
|
| 885 | + (int) $h8, |
|
| 886 | + (int) $h9 |
|
| 887 | + ) |
|
| 888 | + ); |
|
| 889 | + } |
|
| 890 | + |
|
| 891 | + /** |
|
| 892 | + * @internal You should not use this directly from another application |
|
| 893 | + * |
|
| 894 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $Z |
|
| 895 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 896 | + */ |
|
| 897 | + public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) |
|
| 898 | + { |
|
| 899 | + $z = clone $Z; |
|
| 900 | + $t0 = self::fe_sq($z); |
|
| 901 | + $t1 = self::fe_sq($t0); |
|
| 902 | + $t1 = self::fe_sq($t1); |
|
| 903 | + $t1 = self::fe_mul($z, $t1); |
|
| 904 | + $t0 = self::fe_mul($t0, $t1); |
|
| 905 | + $t2 = self::fe_sq($t0); |
|
| 906 | + $t1 = self::fe_mul($t1, $t2); |
|
| 907 | + $t2 = self::fe_sq($t1); |
|
| 908 | + for ($i = 1; $i < 5; ++$i) { |
|
| 909 | + $t2 = self::fe_sq($t2); |
|
| 910 | + } |
|
| 911 | + $t1 = self::fe_mul($t2, $t1); |
|
| 912 | + $t2 = self::fe_sq($t1); |
|
| 913 | + for ($i = 1; $i < 10; ++$i) { |
|
| 914 | + $t2 = self::fe_sq($t2); |
|
| 915 | + } |
|
| 916 | + $t2 = self::fe_mul($t2, $t1); |
|
| 917 | + $t3 = self::fe_sq($t2); |
|
| 918 | + for ($i = 1; $i < 20; ++$i) { |
|
| 919 | + $t3 = self::fe_sq($t3); |
|
| 920 | + } |
|
| 921 | + $t2 = self::fe_mul($t3, $t2); |
|
| 922 | + $t2 = self::fe_sq($t2); |
|
| 923 | + for ($i = 1; $i < 10; ++$i) { |
|
| 924 | + $t2 = self::fe_sq($t2); |
|
| 925 | + } |
|
| 926 | + $t1 = self::fe_mul($t2, $t1); |
|
| 927 | + $t2 = self::fe_sq($t1); |
|
| 928 | + for ($i = 1; $i < 50; ++$i) { |
|
| 929 | + $t2 = self::fe_sq($t2); |
|
| 930 | + } |
|
| 931 | + $t2 = self::fe_mul($t2, $t1); |
|
| 932 | + $t3 = self::fe_sq($t2); |
|
| 933 | + for ($i = 1; $i < 100; ++$i) { |
|
| 934 | + $t3 = self::fe_sq($t3); |
|
| 935 | + } |
|
| 936 | + $t2 = self::fe_mul($t3, $t2); |
|
| 937 | + $t2 = self::fe_sq($t2); |
|
| 938 | + for ($i = 1; $i < 50; ++$i) { |
|
| 939 | + $t2 = self::fe_sq($t2); |
|
| 940 | + } |
|
| 941 | + $t1 = self::fe_mul($t2, $t1); |
|
| 942 | + $t1 = self::fe_sq($t1); |
|
| 943 | + for ($i = 1; $i < 5; ++$i) { |
|
| 944 | + $t1 = self::fe_sq($t1); |
|
| 945 | + } |
|
| 946 | + return self::fe_mul($t1, $t0); |
|
| 947 | + } |
|
| 948 | + |
|
| 949 | + /** |
|
| 950 | + * @internal You should not use this directly from another application |
|
| 951 | + * |
|
| 952 | + * @ref https://github.com/jedisct1/libsodium/blob/68564326e1e9dc57ef03746f85734232d20ca6fb/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1054-L1106 |
|
| 953 | + * |
|
| 954 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $z |
|
| 955 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 956 | + */ |
|
| 957 | + public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) |
|
| 958 | + { |
|
| 959 | + # fe_sq(t0, z); |
|
| 960 | + # fe_sq(t1, t0); |
|
| 961 | + # fe_sq(t1, t1); |
|
| 962 | + # fe_mul(t1, z, t1); |
|
| 963 | + # fe_mul(t0, t0, t1); |
|
| 964 | + # fe_sq(t0, t0); |
|
| 965 | + # fe_mul(t0, t1, t0); |
|
| 966 | + # fe_sq(t1, t0); |
|
| 967 | + $t0 = self::fe_sq($z); |
|
| 968 | + $t1 = self::fe_sq($t0); |
|
| 969 | + $t1 = self::fe_sq($t1); |
|
| 970 | + $t1 = self::fe_mul($z, $t1); |
|
| 971 | + $t0 = self::fe_mul($t0, $t1); |
|
| 972 | + $t0 = self::fe_sq($t0); |
|
| 973 | + $t0 = self::fe_mul($t1, $t0); |
|
| 974 | + $t1 = self::fe_sq($t0); |
|
| 975 | + |
|
| 976 | + # for (i = 1; i < 5; ++i) { |
|
| 977 | + # fe_sq(t1, t1); |
|
| 978 | + # } |
|
| 979 | + for ($i = 1; $i < 5; ++$i) { |
|
| 980 | + $t1 = self::fe_sq($t1); |
|
| 981 | + } |
|
| 982 | + |
|
| 983 | + # fe_mul(t0, t1, t0); |
|
| 984 | + # fe_sq(t1, t0); |
|
| 985 | + $t0 = self::fe_mul($t1, $t0); |
|
| 986 | + $t1 = self::fe_sq($t0); |
|
| 987 | + |
|
| 988 | + # for (i = 1; i < 10; ++i) { |
|
| 989 | + # fe_sq(t1, t1); |
|
| 990 | + # } |
|
| 991 | + for ($i = 1; $i < 10; ++$i) { |
|
| 992 | + $t1 = self::fe_sq($t1); |
|
| 993 | + } |
|
| 994 | + |
|
| 995 | + # fe_mul(t1, t1, t0); |
|
| 996 | + # fe_sq(t2, t1); |
|
| 997 | + $t1 = self::fe_mul($t1, $t0); |
|
| 998 | + $t2 = self::fe_sq($t1); |
|
| 999 | + |
|
| 1000 | + # for (i = 1; i < 20; ++i) { |
|
| 1001 | + # fe_sq(t2, t2); |
|
| 1002 | + # } |
|
| 1003 | + for ($i = 1; $i < 20; ++$i) { |
|
| 1004 | + $t2 = self::fe_sq($t2); |
|
| 1005 | + } |
|
| 1006 | + |
|
| 1007 | + # fe_mul(t1, t2, t1); |
|
| 1008 | + # fe_sq(t1, t1); |
|
| 1009 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1010 | + $t1 = self::fe_sq($t1); |
|
| 1011 | + |
|
| 1012 | + # for (i = 1; i < 10; ++i) { |
|
| 1013 | + # fe_sq(t1, t1); |
|
| 1014 | + # } |
|
| 1015 | + for ($i = 1; $i < 10; ++$i) { |
|
| 1016 | + $t1 = self::fe_sq($t1); |
|
| 1017 | + } |
|
| 1018 | + |
|
| 1019 | + # fe_mul(t0, t1, t0); |
|
| 1020 | + # fe_sq(t1, t0); |
|
| 1021 | + $t0 = self::fe_mul($t1, $t0); |
|
| 1022 | + $t1 = self::fe_sq($t0); |
|
| 1023 | + |
|
| 1024 | + # for (i = 1; i < 50; ++i) { |
|
| 1025 | + # fe_sq(t1, t1); |
|
| 1026 | + # } |
|
| 1027 | + for ($i = 1; $i < 50; ++$i) { |
|
| 1028 | + $t1 = self::fe_sq($t1); |
|
| 1029 | + } |
|
| 1030 | + |
|
| 1031 | + # fe_mul(t1, t1, t0); |
|
| 1032 | + # fe_sq(t2, t1); |
|
| 1033 | + $t1 = self::fe_mul($t1, $t0); |
|
| 1034 | + $t2 = self::fe_sq($t1); |
|
| 1035 | + |
|
| 1036 | + # for (i = 1; i < 100; ++i) { |
|
| 1037 | + # fe_sq(t2, t2); |
|
| 1038 | + # } |
|
| 1039 | + for ($i = 1; $i < 100; ++$i) { |
|
| 1040 | + $t2 = self::fe_sq($t2); |
|
| 1041 | + } |
|
| 1042 | + |
|
| 1043 | + # fe_mul(t1, t2, t1); |
|
| 1044 | + # fe_sq(t1, t1); |
|
| 1045 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1046 | + $t1 = self::fe_sq($t1); |
|
| 1047 | + |
|
| 1048 | + # for (i = 1; i < 50; ++i) { |
|
| 1049 | + # fe_sq(t1, t1); |
|
| 1050 | + # } |
|
| 1051 | + for ($i = 1; $i < 50; ++$i) { |
|
| 1052 | + $t1 = self::fe_sq($t1); |
|
| 1053 | + } |
|
| 1054 | + |
|
| 1055 | + # fe_mul(t0, t1, t0); |
|
| 1056 | + # fe_sq(t0, t0); |
|
| 1057 | + # fe_sq(t0, t0); |
|
| 1058 | + # fe_mul(out, t0, z); |
|
| 1059 | + $t0 = self::fe_mul($t1, $t0); |
|
| 1060 | + $t0 = self::fe_sq($t0); |
|
| 1061 | + $t0 = self::fe_sq($t0); |
|
| 1062 | + return self::fe_mul($t0, $z); |
|
| 1063 | + } |
|
| 1064 | + |
|
| 1065 | + /** |
|
| 1066 | + * Subtract two field elements. |
|
| 1067 | + * |
|
| 1068 | + * h = f - g |
|
| 1069 | + * |
|
| 1070 | + * Preconditions: |
|
| 1071 | + * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1072 | + * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1073 | + * |
|
| 1074 | + * Postconditions: |
|
| 1075 | + * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. |
|
| 1076 | + * |
|
| 1077 | + * @internal You should not use this directly from another application |
|
| 1078 | + * |
|
| 1079 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
|
| 1080 | + * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
|
| 1081 | + * @return ParagonIE_Sodium_Core_Curve25519_Fe |
|
| 1082 | + */ |
|
| 1083 | + public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) |
|
| 1084 | + { |
|
| 1085 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
|
| 1086 | + array( |
|
| 1087 | + (int) ($f[0] - $g[0]), |
|
| 1088 | + (int) ($f[1] - $g[1]), |
|
| 1089 | + (int) ($f[2] - $g[2]), |
|
| 1090 | + (int) ($f[3] - $g[3]), |
|
| 1091 | + (int) ($f[4] - $g[4]), |
|
| 1092 | + (int) ($f[5] - $g[5]), |
|
| 1093 | + (int) ($f[6] - $g[6]), |
|
| 1094 | + (int) ($f[7] - $g[7]), |
|
| 1095 | + (int) ($f[8] - $g[8]), |
|
| 1096 | + (int) ($f[9] - $g[9]) |
|
| 1097 | + ) |
|
| 1098 | + ); |
|
| 1099 | + } |
|
| 1100 | + |
|
| 1101 | + /** |
|
| 1102 | + * Add two group elements. |
|
| 1103 | + * |
|
| 1104 | + * r = p + q |
|
| 1105 | + * |
|
| 1106 | + * @internal You should not use this directly from another application |
|
| 1107 | + * |
|
| 1108 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1109 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1110 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1111 | + */ |
|
| 1112 | + public static function ge_add( |
|
| 1113 | + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1114 | + ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1115 | + ) { |
|
| 1116 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1117 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1118 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1119 | + $r->Z = self::fe_mul($r->X, $q->YplusX); |
|
| 1120 | + $r->Y = self::fe_mul($r->Y, $q->YminusX); |
|
| 1121 | + $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1122 | + $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1123 | + $t0 = self::fe_add($r->X, $r->X); |
|
| 1124 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1125 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1126 | + $r->Z = self::fe_add($t0, $r->T); |
|
| 1127 | + $r->T = self::fe_sub($t0, $r->T); |
|
| 1128 | + return $r; |
|
| 1129 | + } |
|
| 1130 | + |
|
| 1131 | + /** |
|
| 1132 | + * @internal You should not use this directly from another application |
|
| 1133 | + * |
|
| 1134 | + * @ref https://github.com/jedisct1/libsodium/blob/157c4a80c13b117608aeae12178b2d38825f9f8f/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1185-L1215 |
|
| 1135 | + * @param string $a |
|
| 1136 | + * @return array<int, mixed> |
|
| 1137 | + */ |
|
| 1138 | + public static function slide($a) |
|
| 1139 | + { |
|
| 1140 | + if (self::strlen($a) < 256) { |
|
| 1141 | + if (self::strlen($a) < 16) { |
|
| 1142 | + $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
|
| 1143 | + } |
|
| 1144 | + } |
|
| 1145 | + $r = array(); |
|
| 1146 | + for ($i = 0; $i < 256; ++$i) { |
|
| 1147 | + $r[$i] = 1 & ( |
|
| 1148 | + self::chrToInt($a[$i >> 3]) |
|
| 1149 | + >> |
|
| 1150 | + ($i & 7) |
|
| 1151 | + ); |
|
| 1152 | + } |
|
| 1153 | + |
|
| 1154 | + for ($i = 0;$i < 256;++$i) { |
|
| 1155 | + if ($r[$i]) { |
|
| 1156 | + for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { |
|
| 1157 | + if ($r[$i + $b]) { |
|
| 1158 | + if ($r[$i] + ($r[$i + $b] << $b) <= 15) { |
|
| 1159 | + $r[$i] += $r[$i + $b] << $b; |
|
| 1160 | + $r[$i + $b] = 0; |
|
| 1161 | + } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { |
|
| 1162 | + $r[$i] -= $r[$i + $b] << $b; |
|
| 1163 | + for ($k = $i + $b; $k < 256; ++$k) { |
|
| 1164 | + if (!$r[$k]) { |
|
| 1165 | + $r[$k] = 1; |
|
| 1166 | + break; |
|
| 1167 | + } |
|
| 1168 | + $r[$k] = 0; |
|
| 1169 | + } |
|
| 1170 | + } else { |
|
| 1171 | + break; |
|
| 1172 | + } |
|
| 1173 | + } |
|
| 1174 | + } |
|
| 1175 | + } |
|
| 1176 | + } |
|
| 1177 | + return $r; |
|
| 1178 | + } |
|
| 1179 | + |
|
| 1180 | + /** |
|
| 1181 | + * @internal You should not use this directly from another application |
|
| 1182 | + * |
|
| 1183 | + * @param string $s |
|
| 1184 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1185 | + */ |
|
| 1186 | + public static function ge_frombytes_negate_vartime($s) |
|
| 1187 | + { |
|
| 1188 | + static $d = null; |
|
| 1189 | + if (!$d) { |
|
| 1190 | + $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d); |
|
| 1191 | + } |
|
| 1192 | + |
|
| 1193 | + # fe_frombytes(h->Y,s); |
|
| 1194 | + # fe_1(h->Z); |
|
| 1195 | + $h = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( |
|
| 1196 | + self::fe_0(), |
|
| 1197 | + self::fe_frombytes($s), |
|
| 1198 | + self::fe_1() |
|
| 1199 | + ); |
|
| 1200 | + |
|
| 1201 | + # fe_sq(u,h->Y); |
|
| 1202 | + # fe_mul(v,u,d); |
|
| 1203 | + # fe_sub(u,u,h->Z); /* u = y^2-1 */ |
|
| 1204 | + # fe_add(v,v,h->Z); /* v = dy^2+1 */ |
|
| 1205 | + $u = self::fe_sq($h->Y); |
|
| 1206 | + $v = self::fe_mul($u, $d); |
|
| 1207 | + $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ |
|
| 1208 | + $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ |
|
| 1209 | + |
|
| 1210 | + # fe_sq(v3,v); |
|
| 1211 | + # fe_mul(v3,v3,v); /* v3 = v^3 */ |
|
| 1212 | + # fe_sq(h->X,v3); |
|
| 1213 | + # fe_mul(h->X,h->X,v); |
|
| 1214 | + # fe_mul(h->X,h->X,u); /* x = uv^7 */ |
|
| 1215 | + $v3 = self::fe_sq($v); |
|
| 1216 | + $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ |
|
| 1217 | + $h->X = self::fe_sq($v3); |
|
| 1218 | + $h->X = self::fe_mul($h->X, $v); |
|
| 1219 | + $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ |
|
| 1220 | + |
|
| 1221 | + # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1222 | + # fe_mul(h->X,h->X,v3); |
|
| 1223 | + # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1224 | + $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1225 | + $h->X = self::fe_mul($h->X, $v3); |
|
| 1226 | + $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1227 | + |
|
| 1228 | + # fe_sq(vxx,h->X); |
|
| 1229 | + # fe_mul(vxx,vxx,v); |
|
| 1230 | + # fe_sub(check,vxx,u); /* vx^2-u */ |
|
| 1231 | + $vxx = self::fe_sq($h->X); |
|
| 1232 | + $vxx = self::fe_mul($vxx, $v); |
|
| 1233 | + $check = self::fe_sub($vxx, $u); /* vx^2 - u */ |
|
| 1234 | + |
|
| 1235 | + # if (fe_isnonzero(check)) { |
|
| 1236 | + # fe_add(check,vxx,u); /* vx^2+u */ |
|
| 1237 | + # if (fe_isnonzero(check)) { |
|
| 1238 | + # return -1; |
|
| 1239 | + # } |
|
| 1240 | + # fe_mul(h->X,h->X,sqrtm1); |
|
| 1241 | + # } |
|
| 1242 | + if (self::fe_isnonzero($check)) { |
|
| 1243 | + $check = self::fe_add($vxx, $u); /* vx^2 + u */ |
|
| 1244 | + if (self::fe_isnonzero($check)) { |
|
| 1245 | + throw new RangeException('Internal check failed.'); |
|
| 1246 | + } |
|
| 1247 | + $h->X = self::fe_mul( |
|
| 1248 | + $h->X, |
|
| 1249 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1) |
|
| 1250 | + ); |
|
| 1251 | + } |
|
| 1252 | + |
|
| 1253 | + # if (fe_isnegative(h->X) == (s[31] >> 7)) { |
|
| 1254 | + # fe_neg(h->X,h->X); |
|
| 1255 | + # } |
|
| 1256 | + $i = self::chrToInt($s[31]); |
|
| 1257 | + if (self::fe_isnegative($h->X) === ($i >> 7)) { |
|
| 1258 | + $h->X = self::fe_neg($h->X); |
|
| 1259 | + } |
|
| 1260 | + |
|
| 1261 | + # fe_mul(h->T,h->X,h->Y); |
|
| 1262 | + $h->T = self::fe_mul($h->X, $h->Y); |
|
| 1263 | + return $h; |
|
| 1264 | + } |
|
| 1265 | + |
|
| 1266 | + /** |
|
| 1267 | + * @internal You should not use this directly from another application |
|
| 1268 | + * |
|
| 1269 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R |
|
| 1270 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1271 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1272 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1273 | + */ |
|
| 1274 | + public static function ge_madd( |
|
| 1275 | + ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R, |
|
| 1276 | + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1277 | + ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1278 | + ) { |
|
| 1279 | + $r = clone $R; |
|
| 1280 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1281 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1282 | + $r->Z = self::fe_mul($r->X, $q->yplusx); |
|
| 1283 | + $r->Y = self::fe_mul($r->Y, $q->yminusx); |
|
| 1284 | + $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1285 | + $t0 = self::fe_add(clone $p->Z, clone $p->Z); |
|
| 1286 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1287 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1288 | + $r->Z = self::fe_add($t0, $r->T); |
|
| 1289 | + $r->T = self::fe_sub($t0, $r->T); |
|
| 1290 | + |
|
| 1291 | + return $r; |
|
| 1292 | + } |
|
| 1293 | + |
|
| 1294 | + /** |
|
| 1295 | + * @internal You should not use this directly from another application |
|
| 1296 | + * |
|
| 1297 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R |
|
| 1298 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1299 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1300 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1301 | + */ |
|
| 1302 | + public static function ge_msub( |
|
| 1303 | + ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $R, |
|
| 1304 | + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1305 | + ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
|
| 1306 | + ) { |
|
| 1307 | + $r = clone $R; |
|
| 1308 | + |
|
| 1309 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1310 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1311 | + $r->Z = self::fe_mul($r->X, $q->yminusx); |
|
| 1312 | + $r->Y = self::fe_mul($r->Y, $q->yplusx); |
|
| 1313 | + $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1314 | + $t0 = self::fe_add($p->Z, $p->Z); |
|
| 1315 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1316 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1317 | + $r->Z = self::fe_sub($t0, $r->T); |
|
| 1318 | + $r->T = self::fe_add($t0, $r->T); |
|
| 1319 | + |
|
| 1320 | + return $r; |
|
| 1321 | + } |
|
| 1322 | + |
|
| 1323 | + /** |
|
| 1324 | + * @internal You should not use this directly from another application |
|
| 1325 | + * |
|
| 1326 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
|
| 1327 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1328 | + */ |
|
| 1329 | + public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1330 | + { |
|
| 1331 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P2(); |
|
| 1332 | + $r->X = self::fe_mul($p->X, $p->T); |
|
| 1333 | + $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1334 | + $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1335 | + return $r; |
|
| 1336 | + } |
|
| 1337 | + |
|
| 1338 | + /** |
|
| 1339 | + * @internal You should not use this directly from another application |
|
| 1340 | + * |
|
| 1341 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
|
| 1342 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1343 | + */ |
|
| 1344 | + public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1345 | + { |
|
| 1346 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P3(); |
|
| 1347 | + $r->X = self::fe_mul($p->X, $p->T); |
|
| 1348 | + $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1349 | + $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1350 | + $r->T = self::fe_mul($p->X, $p->Y); |
|
| 1351 | + return $r; |
|
| 1352 | + } |
|
| 1353 | + |
|
| 1354 | + /** |
|
| 1355 | + * @internal You should not use this directly from another application |
|
| 1356 | + * |
|
| 1357 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1358 | + */ |
|
| 1359 | + public static function ge_p2_0() |
|
| 1360 | + { |
|
| 1361 | + return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
|
| 1362 | + self::fe_0(), |
|
| 1363 | + self::fe_1(), |
|
| 1364 | + self::fe_1() |
|
| 1365 | + ); |
|
| 1366 | + } |
|
| 1367 | + |
|
| 1368 | + /** |
|
| 1369 | + * @internal You should not use this directly from another application |
|
| 1370 | + * |
|
| 1371 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p |
|
| 1372 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1373 | + */ |
|
| 1374 | + public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) |
|
| 1375 | + { |
|
| 1376 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1377 | + |
|
| 1378 | + $r->X = self::fe_sq($p->X); |
|
| 1379 | + $r->Z = self::fe_sq($p->Y); |
|
| 1380 | + $r->T = self::fe_sq2($p->Z); |
|
| 1381 | + $r->Y = self::fe_add($p->X, $p->Y); |
|
| 1382 | + $t0 = self::fe_sq($r->Y); |
|
| 1383 | + $r->Y = self::fe_add($r->Z, $r->X); |
|
| 1384 | + $r->Z = self::fe_sub($r->Z, $r->X); |
|
| 1385 | + $r->X = self::fe_sub($t0, $r->Y); |
|
| 1386 | + $r->T = self::fe_sub($r->T, $r->Z); |
|
| 1387 | + |
|
| 1388 | + return $r; |
|
| 1389 | + } |
|
| 1390 | + |
|
| 1391 | + /** |
|
| 1392 | + * @internal You should not use this directly from another application |
|
| 1393 | + * |
|
| 1394 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1395 | + */ |
|
| 1396 | + public static function ge_p3_0() |
|
| 1397 | + { |
|
| 1398 | + return new ParagonIE_Sodium_Core_Curve25519_Ge_P3( |
|
| 1399 | + self::fe_0(), |
|
| 1400 | + self::fe_1(), |
|
| 1401 | + self::fe_1(), |
|
| 1402 | + self::fe_0() |
|
| 1403 | + ); |
|
| 1404 | + } |
|
| 1405 | + |
|
| 1406 | + /** |
|
| 1407 | + * @internal You should not use this directly from another application |
|
| 1408 | + * |
|
| 1409 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1410 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_Cached |
|
| 1411 | + */ |
|
| 1412 | + public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1413 | + { |
|
| 1414 | + static $d2 = null; |
|
| 1415 | + if ($d2 === null) { |
|
| 1416 | + $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d2); |
|
| 1417 | + } |
|
| 1418 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached(); |
|
| 1419 | + $r->YplusX = self::fe_add($p->Y, $p->X); |
|
| 1420 | + $r->YminusX = self::fe_sub($p->Y, $p->X); |
|
| 1421 | + $r->Z = self::fe_copy($p->Z); |
|
| 1422 | + $r->T2d = self::fe_mul($p->T, $d2); |
|
| 1423 | + return $r; |
|
| 1424 | + } |
|
| 1425 | + |
|
| 1426 | + /** |
|
| 1427 | + * @internal You should not use this directly from another application |
|
| 1428 | + * |
|
| 1429 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1430 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1431 | + */ |
|
| 1432 | + public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1433 | + { |
|
| 1434 | + return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
|
| 1435 | + $p->X, |
|
| 1436 | + $p->Y, |
|
| 1437 | + $p->Z |
|
| 1438 | + ); |
|
| 1439 | + } |
|
| 1440 | + |
|
| 1441 | + /** |
|
| 1442 | + * @internal You should not use this directly from another application |
|
| 1443 | + * |
|
| 1444 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h |
|
| 1445 | + * @return string |
|
| 1446 | + */ |
|
| 1447 | + public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) |
|
| 1448 | + { |
|
| 1449 | + $recip = self::fe_invert($h->Z); |
|
| 1450 | + $x = self::fe_mul($h->X, $recip); |
|
| 1451 | + $y = self::fe_mul($h->Y, $recip); |
|
| 1452 | + $s = self::fe_tobytes($y); |
|
| 1453 | + $s[31] = self::intToChr( |
|
| 1454 | + self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1455 | + ); |
|
| 1456 | + return $s; |
|
| 1457 | + } |
|
| 1458 | + |
|
| 1459 | + /** |
|
| 1460 | + * @internal You should not use this directly from another application |
|
| 1461 | + * |
|
| 1462 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1463 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1464 | + */ |
|
| 1465 | + public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1466 | + { |
|
| 1467 | + $q = self::ge_p3_to_p2($p); |
|
| 1468 | + return self::ge_p2_dbl($q); |
|
| 1469 | + } |
|
| 1470 | + |
|
| 1471 | + /** |
|
| 1472 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
|
| 1473 | + */ |
|
| 1474 | + public static function ge_precomp_0() |
|
| 1475 | + { |
|
| 1476 | + return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1477 | + self::fe_1(), |
|
| 1478 | + self::fe_1(), |
|
| 1479 | + self::fe_0() |
|
| 1480 | + ); |
|
| 1481 | + } |
|
| 1482 | + |
|
| 1483 | + /** |
|
| 1484 | + * @internal You should not use this directly from another application |
|
| 1485 | + * |
|
| 1486 | + * @param int $b |
|
| 1487 | + * @param int $c |
|
| 1488 | + * @return int |
|
| 1489 | + */ |
|
| 1490 | + public static function equal($b, $c) |
|
| 1491 | + { |
|
| 1492 | + return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
|
| 1493 | + } |
|
| 1494 | + |
|
| 1495 | + /** |
|
| 1496 | + * @internal You should not use this directly from another application |
|
| 1497 | + * |
|
| 1498 | + * @param int $char |
|
| 1499 | + * @return int (1 = yes, 0 = no) |
|
| 1500 | + */ |
|
| 1501 | + public static function negative($char) |
|
| 1502 | + { |
|
| 1503 | + if (is_int($char)) { |
|
| 1504 | + return $char < 0 ? 1 : 0; |
|
| 1505 | + } |
|
| 1506 | + $x = self::chrToInt(self::substr($char, 0, 1)); |
|
| 1507 | + if (PHP_INT_SIZE === 8) { |
|
| 1508 | + return $x >> 63; |
|
| 1509 | + } |
|
| 1510 | + return $x >> 31; |
|
| 1511 | + } |
|
| 1512 | + |
|
| 1513 | + /** |
|
| 1514 | + * Conditional move |
|
| 1515 | + * |
|
| 1516 | + * @internal You should not use this directly from another application |
|
| 1517 | + * |
|
| 1518 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $t |
|
| 1519 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u |
|
| 1520 | + * @param int $b |
|
| 1521 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
|
| 1522 | + */ |
|
| 1523 | + public static function cmov( |
|
| 1524 | + ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $t, |
|
| 1525 | + ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u, |
|
| 1526 | + $b |
|
| 1527 | + ) { |
|
| 1528 | + if (!is_int($b)) { |
|
| 1529 | + throw new InvalidArgumentException('Expected an integer.'); |
|
| 1530 | + } |
|
| 1531 | + return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1532 | + self::fe_cmov($t->yplusx, $u->yplusx, $b), |
|
| 1533 | + self::fe_cmov($t->yminusx, $u->yminusx, $b), |
|
| 1534 | + self::fe_cmov($t->xy2d, $u->xy2d, $b) |
|
| 1535 | + ); |
|
| 1536 | + } |
|
| 1537 | + |
|
| 1538 | + /** |
|
| 1539 | + * @internal You should not use this directly from another application |
|
| 1540 | + * |
|
| 1541 | + * @param int $pos |
|
| 1542 | + * @param int $b |
|
| 1543 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
|
| 1544 | + */ |
|
| 1545 | + public static function ge_select($pos = 0, $b = 0) |
|
| 1546 | + { |
|
| 1547 | + static $base = null; |
|
| 1548 | + if ($base === null) { |
|
| 1549 | + $base = array(); |
|
| 1550 | + foreach (self::$base as $i => $bas) { |
|
| 1551 | + for ($j = 0; $j < 8; ++$j) { |
|
| 1552 | + $base[$i][$j] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1553 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][0]), |
|
| 1554 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][1]), |
|
| 1555 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][2]) |
|
| 1556 | + ); |
|
| 1557 | + } |
|
| 1558 | + } |
|
| 1559 | + } |
|
| 1560 | + if (!is_int($pos)) { |
|
| 1561 | + throw new InvalidArgumentException('Position must be an integer'); |
|
| 1562 | + } |
|
| 1563 | + if ($pos < 0 || $pos > 31) { |
|
| 1564 | + throw new RangeException('Position is out of range [0, 31]'); |
|
| 1565 | + } |
|
| 1566 | + |
|
| 1567 | + $bnegative = self::negative($b); |
|
| 1568 | + $babs = $b - (((-$bnegative) & $b) << 1); |
|
| 1569 | + |
|
| 1570 | + $t = self::ge_precomp_0(); |
|
| 1571 | + for ($i = 0; $i < 8; ++$i) { |
|
| 1572 | + $t = self::cmov( |
|
| 1573 | + $t, |
|
| 1574 | + $base[$pos][$i], |
|
| 1575 | + self::equal($babs, $i + 1) |
|
| 1576 | + ); |
|
| 1577 | + } |
|
| 1578 | + $minusT = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1579 | + self::fe_copy($t->yminusx), |
|
| 1580 | + self::fe_copy($t->yplusx), |
|
| 1581 | + self::fe_neg($t->xy2d) |
|
| 1582 | + ); |
|
| 1583 | + return self::cmov($t, $minusT, $bnegative); |
|
| 1584 | + } |
|
| 1585 | + |
|
| 1586 | + /** |
|
| 1587 | + * Subtract two group elements. |
|
| 1588 | + * |
|
| 1589 | + * r = p - q |
|
| 1590 | + * |
|
| 1591 | + * @internal You should not use this directly from another application |
|
| 1592 | + * |
|
| 1593 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
|
| 1594 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1595 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
|
| 1596 | + */ |
|
| 1597 | + public static function ge_sub( |
|
| 1598 | + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p, |
|
| 1599 | + ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
|
| 1600 | + ) { |
|
| 1601 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1602 | + |
|
| 1603 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1604 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1605 | + $r->Z = self::fe_mul($r->X, $q->YminusX); |
|
| 1606 | + $r->Y = self::fe_mul($r->Y, $q->YplusX); |
|
| 1607 | + $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1608 | + $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1609 | + $t0 = self::fe_add($r->X, $r->X); |
|
| 1610 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1611 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1612 | + $r->Z = self::fe_sub($t0, $r->T); |
|
| 1613 | + $r->T = self::fe_add($t0, $r->T); |
|
| 1614 | + |
|
| 1615 | + return $r; |
|
| 1616 | + } |
|
| 1617 | + |
|
| 1618 | + /** |
|
| 1619 | + * Convert a group element to a byte string. |
|
| 1620 | + * |
|
| 1621 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h |
|
| 1622 | + * @return string |
|
| 1623 | + */ |
|
| 1624 | + public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) |
|
| 1625 | + { |
|
| 1626 | + $recip = self::fe_invert($h->Z); |
|
| 1627 | + $x = self::fe_mul($h->X, $recip); |
|
| 1628 | + $y = self::fe_mul($h->Y, $recip); |
|
| 1629 | + $s = self::fe_tobytes($y); |
|
| 1630 | + $s[31] = self::intToChr( |
|
| 1631 | + self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1632 | + ); |
|
| 1633 | + return $s; |
|
| 1634 | + } |
|
| 1635 | + |
|
| 1636 | + /** |
|
| 1637 | + * @internal You should not use this directly from another application |
|
| 1638 | + * |
|
| 1639 | + * @param string $a |
|
| 1640 | + * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A |
|
| 1641 | + * @param string $b |
|
| 1642 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
|
| 1643 | + */ |
|
| 1644 | + public static function ge_double_scalarmult_vartime( |
|
| 1645 | + $a, |
|
| 1646 | + ParagonIE_Sodium_Core_Curve25519_Ge_P3 $A, |
|
| 1647 | + $b |
|
| 1648 | + ) { |
|
| 1649 | + /** |
|
| 1650 | + * @var ParagonIE_Sodium_Core_Curve25519_Ge_Cached[] |
|
| 1651 | + */ |
|
| 1652 | + $Ai = array(); |
|
| 1653 | + |
|
| 1654 | + /** |
|
| 1655 | + * @var ParagonIE_Sodium_Core_Curve25519_Ge_Precomp[] |
|
| 1656 | + */ |
|
| 1657 | + static $Bi = array(); |
|
| 1658 | + if (!$Bi) { |
|
| 1659 | + for ($i = 0; $i < 8; ++$i) { |
|
| 1660 | + $Bi[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
|
| 1661 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][0]), |
|
| 1662 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][1]), |
|
| 1663 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][2]) |
|
| 1664 | + ); |
|
| 1665 | + } |
|
| 1666 | + } |
|
| 1667 | + for ($i = 0; $i < 8; ++$i) { |
|
| 1668 | + $Ai[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached( |
|
| 1669 | + self::fe_0(), |
|
| 1670 | + self::fe_0(), |
|
| 1671 | + self::fe_0(), |
|
| 1672 | + self::fe_0() |
|
| 1673 | + ); |
|
| 1674 | + } |
|
| 1675 | + |
|
| 1676 | + # slide(aslide,a); |
|
| 1677 | + # slide(bslide,b); |
|
| 1678 | + $aslide = self::slide($a); |
|
| 1679 | + $bslide = self::slide($b); |
|
| 1680 | + |
|
| 1681 | + # ge_p3_to_cached(&Ai[0],A); |
|
| 1682 | + # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); |
|
| 1683 | + $Ai[0] = self::ge_p3_to_cached($A); |
|
| 1684 | + $t = self::ge_p3_dbl($A); |
|
| 1685 | + $A2 = self::ge_p1p1_to_p3($t); |
|
| 1686 | + |
|
| 1687 | + # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); |
|
| 1688 | + # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); |
|
| 1689 | + # ge_add(&t,&A2,&Ai[2]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[3],&u); |
|
| 1690 | + # ge_add(&t,&A2,&Ai[3]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[4],&u); |
|
| 1691 | + # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); |
|
| 1692 | + # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); |
|
| 1693 | + # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); |
|
| 1694 | + for ($i = 0; $i < 7; ++$i) { |
|
| 1695 | + $t = self::ge_add($A2, $Ai[$i]); |
|
| 1696 | + $u = self::ge_p1p1_to_p3($t); |
|
| 1697 | + $Ai[$i + 1] = self::ge_p3_to_cached($u); |
|
| 1698 | + } |
|
| 1699 | + |
|
| 1700 | + # ge_p2_0(r); |
|
| 1701 | + $r = self::ge_p2_0(); |
|
| 1702 | + |
|
| 1703 | + # for (i = 255;i >= 0;--i) { |
|
| 1704 | + # if (aslide[i] || bslide[i]) break; |
|
| 1705 | + # } |
|
| 1706 | + $i = 255; |
|
| 1707 | + for (; $i >= 0; --$i) { |
|
| 1708 | + if ($aslide[$i] || $bslide[$i]) { |
|
| 1709 | + break; |
|
| 1710 | + } |
|
| 1711 | + } |
|
| 1712 | + |
|
| 1713 | + # for (;i >= 0;--i) { |
|
| 1714 | + for (; $i >= 0; --$i) { |
|
| 1715 | + # ge_p2_dbl(&t,r); |
|
| 1716 | + $t = self::ge_p2_dbl($r); |
|
| 1717 | + |
|
| 1718 | + # if (aslide[i] > 0) { |
|
| 1719 | + if ($aslide[$i] > 0) { |
|
| 1720 | + # ge_p1p1_to_p3(&u,&t); |
|
| 1721 | + # ge_add(&t,&u,&Ai[aslide[i]/2]); |
|
| 1722 | + $u = self::ge_p1p1_to_p3($t); |
|
| 1723 | + $t = self::ge_add( |
|
| 1724 | + $u, |
|
| 1725 | + $Ai[(int) floor($aslide[$i] / 2)] |
|
| 1726 | + ); |
|
| 1727 | + # } else if (aslide[i] < 0) { |
|
| 1728 | + } elseif ($aslide[$i] < 0) { |
|
| 1729 | + # ge_p1p1_to_p3(&u,&t); |
|
| 1730 | + # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); |
|
| 1731 | + $u = self::ge_p1p1_to_p3($t); |
|
| 1732 | + $t = self::ge_sub( |
|
| 1733 | + $u, |
|
| 1734 | + $Ai[(int) floor(-$aslide[$i] / 2)] |
|
| 1735 | + ); |
|
| 1736 | + } |
|
| 1737 | + |
|
| 1738 | + # if (bslide[i] > 0) { |
|
| 1739 | + if ($bslide[$i] > 0) { |
|
| 1740 | + # ge_p1p1_to_p3(&u,&t); |
|
| 1741 | + # ge_madd(&t,&u,&Bi[bslide[i]/2]); |
|
| 1742 | + $u = self::ge_p1p1_to_p3($t); |
|
| 1743 | + $t = self::ge_madd( |
|
| 1744 | + $t, |
|
| 1745 | + $u, |
|
| 1746 | + $Bi[(int) floor($bslide[$i] / 2)] |
|
| 1747 | + ); |
|
| 1748 | + # } else if (bslide[i] < 0) { |
|
| 1749 | + } elseif ($bslide[$i] < 0) { |
|
| 1750 | + # ge_p1p1_to_p3(&u,&t); |
|
| 1751 | + # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); |
|
| 1752 | + $u = self::ge_p1p1_to_p3($t); |
|
| 1753 | + $t = self::ge_msub( |
|
| 1754 | + $t, |
|
| 1755 | + $u, |
|
| 1756 | + $Bi[(int) floor(-$bslide[$i] / 2)] |
|
| 1757 | + ); |
|
| 1758 | + } |
|
| 1759 | + # ge_p1p1_to_p2(r,&t); |
|
| 1760 | + $r = self::ge_p1p1_to_p2($t); |
|
| 1761 | + } |
|
| 1762 | + return $r; |
|
| 1763 | + } |
|
| 1764 | + |
|
| 1765 | + /** |
|
| 1766 | + * @internal You should not use this directly from another application |
|
| 1767 | + * |
|
| 1768 | + * @param string $a |
|
| 1769 | + * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
|
| 1770 | + */ |
|
| 1771 | + public static function ge_scalarmult_base($a) |
|
| 1772 | + { |
|
| 1773 | + $e = array(); |
|
| 1774 | + $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
|
| 1775 | + |
|
| 1776 | + for ($i = 0; $i < 32; ++$i) { |
|
| 1777 | + $e[$i << 1] = self::chrToInt($a[$i]) & 15; |
|
| 1778 | + $e[($i << 1) + 1] = (self::chrToInt($a[$i]) >> 4) & 15; |
|
| 1779 | + } |
|
| 1780 | + |
|
| 1781 | + $carry = 0; |
|
| 1782 | + for ($i = 0; $i < 63; ++$i) { |
|
| 1783 | + $e[$i] += $carry; |
|
| 1784 | + $carry = $e[$i] + 8; |
|
| 1785 | + $carry >>= 4; |
|
| 1786 | + $e[$i] -= $carry << 4; |
|
| 1787 | + } |
|
| 1788 | + $e[63] += $carry; |
|
| 1789 | + |
|
| 1790 | + $h = self::ge_p3_0(); |
|
| 1791 | + |
|
| 1792 | + for ($i = 1; $i < 64; $i += 2) { |
|
| 1793 | + $t = self::ge_select((int) floor($i / 2), $e[$i]); |
|
| 1794 | + $r = self::ge_madd($r, $h, $t); |
|
| 1795 | + $h = self::ge_p1p1_to_p3($r); |
|
| 1796 | + } |
|
| 1797 | + |
|
| 1798 | + $r = self::ge_p3_dbl($h); |
|
| 1799 | + |
|
| 1800 | + $s = self::ge_p1p1_to_p2($r); |
|
| 1801 | + $r = self::ge_p2_dbl($s); |
|
| 1802 | + $s = self::ge_p1p1_to_p2($r); |
|
| 1803 | + $r = self::ge_p2_dbl($s); |
|
| 1804 | + $s = self::ge_p1p1_to_p2($r); |
|
| 1805 | + $r = self::ge_p2_dbl($s); |
|
| 1806 | + |
|
| 1807 | + $h = self::ge_p1p1_to_p3($r); |
|
| 1808 | + |
|
| 1809 | + for ($i = 0; $i < 64; $i += 2) { |
|
| 1810 | + $t = self::ge_select($i >> 1, $e[$i]); |
|
| 1811 | + $r = self::ge_madd($r, $h, $t); |
|
| 1812 | + $h = self::ge_p1p1_to_p3($r); |
|
| 1813 | + } |
|
| 1814 | + return $h; |
|
| 1815 | + } |
|
| 1816 | + |
|
| 1817 | + /** |
|
| 1818 | + * Calculates (ab + c) mod l |
|
| 1819 | + * where l = 2^252 + 27742317777372353535851937790883648493 |
|
| 1820 | + * |
|
| 1821 | + * @internal You should not use this directly from another application |
|
| 1822 | + * |
|
| 1823 | + * @param string $a |
|
| 1824 | + * @param string $b |
|
| 1825 | + * @param string $c |
|
| 1826 | + * @return string |
|
| 1827 | + */ |
|
| 1828 | + public static function sc_muladd($a, $b, $c) |
|
| 1829 | + { |
|
| 1830 | + $a0 = 2097151 & self::load_3(self::substr($a, 0, 3)); |
|
| 1831 | + $a1 = 2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5); |
|
| 1832 | + $a2 = 2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2); |
|
| 1833 | + $a3 = 2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7); |
|
| 1834 | + $a4 = 2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4); |
|
| 1835 | + $a5 = 2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1); |
|
| 1836 | + $a6 = 2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6); |
|
| 1837 | + $a7 = 2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3); |
|
| 1838 | + $a8 = 2097151 & self::load_3(self::substr($a, 21, 3)); |
|
| 1839 | + $a9 = 2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5); |
|
| 1840 | + $a10 = 2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2); |
|
| 1841 | + $a11 = (self::load_4(self::substr($a, 28, 4)) >> 7); |
|
| 1842 | + $b0 = 2097151 & self::load_3(self::substr($b, 0, 3)); |
|
| 1843 | + $b1 = 2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5); |
|
| 1844 | + $b2 = 2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2); |
|
| 1845 | + $b3 = 2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7); |
|
| 1846 | + $b4 = 2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4); |
|
| 1847 | + $b5 = 2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1); |
|
| 1848 | + $b6 = 2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6); |
|
| 1849 | + $b7 = 2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3); |
|
| 1850 | + $b8 = 2097151 & self::load_3(self::substr($b, 21, 3)); |
|
| 1851 | + $b9 = 2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5); |
|
| 1852 | + $b10 = 2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2); |
|
| 1853 | + $b11 = (self::load_4(self::substr($b, 28, 4)) >> 7); |
|
| 1854 | + $c0 = 2097151 & self::load_3(self::substr($c, 0, 3)); |
|
| 1855 | + $c1 = 2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5); |
|
| 1856 | + $c2 = 2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2); |
|
| 1857 | + $c3 = 2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7); |
|
| 1858 | + $c4 = 2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4); |
|
| 1859 | + $c5 = 2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1); |
|
| 1860 | + $c6 = 2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6); |
|
| 1861 | + $c7 = 2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3); |
|
| 1862 | + $c8 = 2097151 & self::load_3(self::substr($c, 21, 3)); |
|
| 1863 | + $c9 = 2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5); |
|
| 1864 | + $c10 = 2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2); |
|
| 1865 | + $c11 = (self::load_4(self::substr($c, 28, 4)) >> 7); |
|
| 1866 | + |
|
| 1867 | + /* Can't really avoid the pyramid here: */ |
|
| 1868 | + $s0 = $c0 + self::mul($a0, $b0); |
|
| 1869 | + $s1 = $c1 + self::mul($a0, $b1) + self::mul($a1, $b0); |
|
| 1870 | + $s2 = $c2 + self::mul($a0, $b2) + self::mul($a1, $b1) + self::mul($a2, $b0); |
|
| 1871 | + $s3 = $c3 + self::mul($a0, $b3) + self::mul($a1, $b2) + self::mul($a2, $b1) + self::mul($a3, $b0); |
|
| 1872 | + $s4 = $c4 + self::mul($a0, $b4) + self::mul($a1, $b3) + self::mul($a2, $b2) + self::mul($a3, $b1) + self::mul($a4, $b0); |
|
| 1873 | + $s5 = $c5 + self::mul($a0, $b5) + self::mul($a1, $b4) + self::mul($a2, $b3) + self::mul($a3, $b2) + self::mul($a4, $b1) + self::mul($a5, $b0); |
|
| 1874 | + $s6 = $c6 + self::mul($a0, $b6) + self::mul($a1, $b5) + self::mul($a2, $b4) + self::mul($a3, $b3) + self::mul($a4, $b2) + self::mul($a5, $b1) + self::mul($a6, $b0); |
|
| 1875 | + $s7 = $c7 + self::mul($a0, $b7) + self::mul($a1, $b6) + self::mul($a2, $b5) + self::mul($a3, $b4) + self::mul($a4, $b3) + self::mul($a5, $b2) + self::mul($a6, $b1) + self::mul($a7, $b0); |
|
| 1876 | + $s8 = $c8 + self::mul($a0, $b8) + self::mul($a1, $b7) + self::mul($a2, $b6) + self::mul($a3, $b5) + self::mul($a4, $b4) + self::mul($a5, $b3) + self::mul($a6, $b2) + self::mul($a7, $b1) + self::mul($a8, $b0); |
|
| 1877 | + $s9 = $c9 + self::mul($a0, $b9) + self::mul($a1, $b8) + self::mul($a2, $b7) + self::mul($a3, $b6) + self::mul($a4, $b5) + self::mul($a5, $b4) + self::mul($a6, $b3) + self::mul($a7, $b2) + self::mul($a8, $b1) + self::mul($a9, $b0); |
|
| 1878 | + $s10 = $c10 + self::mul($a0, $b10) + self::mul($a1, $b9) + self::mul($a2, $b8) + self::mul($a3, $b7) + self::mul($a4, $b6) + self::mul($a5, $b5) + self::mul($a6, $b4) + self::mul($a7, $b3) + self::mul($a8, $b2) + self::mul($a9, $b1) + self::mul($a10, $b0); |
|
| 1879 | + $s11 = $c11 + self::mul($a0, $b11) + self::mul($a1, $b10) + self::mul($a2, $b9) + self::mul($a3, $b8) + self::mul($a4, $b7) + self::mul($a5, $b6) + self::mul($a6, $b5) + self::mul($a7, $b4) + self::mul($a8, $b3) + self::mul($a9, $b2) + self::mul($a10, $b1) + self::mul($a11, $b0); |
|
| 1880 | + $s12 = self::mul($a1, $b11) + self::mul($a2, $b10) + self::mul($a3, $b9) + self::mul($a4, $b8) + self::mul($a5, $b7) + self::mul($a6, $b6) + self::mul($a7, $b5) + self::mul($a8, $b4) + self::mul($a9, $b3) + self::mul($a10, $b2) + self::mul($a11, $b1); |
|
| 1881 | + $s13 = self::mul($a2, $b11) + self::mul($a3, $b10) + self::mul($a4, $b9) + self::mul($a5, $b8) + self::mul($a6, $b7) + self::mul($a7, $b6) + self::mul($a8, $b5) + self::mul($a9, $b4) + self::mul($a10, $b3) + self::mul($a11, $b2); |
|
| 1882 | + $s14 = self::mul($a3, $b11) + self::mul($a4, $b10) + self::mul($a5, $b9) + self::mul($a6, $b8) + self::mul($a7, $b7) + self::mul($a8, $b6) + self::mul($a9, $b5) + self::mul($a10, $b4) + self::mul($a11, $b3); |
|
| 1883 | + $s15 = self::mul($a4, $b11) + self::mul($a5, $b10) + self::mul($a6, $b9) + self::mul($a7, $b8) + self::mul($a8, $b7) + self::mul($a9, $b6) + self::mul($a10, $b5) + self::mul($a11, $b4); |
|
| 1884 | + $s16 = self::mul($a5, $b11) + self::mul($a6, $b10) + self::mul($a7, $b9) + self::mul($a8, $b8) + self::mul($a9, $b7) + self::mul($a10, $b6) + self::mul($a11, $b5); |
|
| 1885 | + $s17 = self::mul($a6, $b11) + self::mul($a7, $b10) + self::mul($a8, $b9) + self::mul($a9, $b8) + self::mul($a10, $b7) + self::mul($a11, $b6); |
|
| 1886 | + $s18 = self::mul($a7, $b11) + self::mul($a8, $b10) + self::mul($a9, $b9) + self::mul($a10, $b8) + self::mul($a11, $b7); |
|
| 1887 | + $s19 = self::mul($a8, $b11) + self::mul($a9, $b10) + self::mul($a10, $b9) + self::mul($a11, $b8); |
|
| 1888 | + $s20 = self::mul($a9, $b11) + self::mul($a10, $b10) + self::mul($a11, $b9); |
|
| 1889 | + $s21 = self::mul($a10, $b11) + self::mul($a11, $b10); |
|
| 1890 | + $s22 = self::mul($a11, $b11); |
|
| 1891 | + $s23 = 0; |
|
| 1892 | + |
|
| 1893 | + $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 1894 | + $s1 += $carry0; |
|
| 1895 | + $s0 -= $carry0 << 21; |
|
| 1896 | + $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 1897 | + $s3 += $carry2; |
|
| 1898 | + $s2 -= $carry2 << 21; |
|
| 1899 | + $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 1900 | + $s5 += $carry4; |
|
| 1901 | + $s4 -= $carry4 << 21; |
|
| 1902 | + $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 1903 | + $s7 += $carry6; |
|
| 1904 | + $s6 -= $carry6 << 21; |
|
| 1905 | + $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 1906 | + $s9 += $carry8; |
|
| 1907 | + $s8 -= $carry8 << 21; |
|
| 1908 | + $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 1909 | + $s11 += $carry10; |
|
| 1910 | + $s10 -= $carry10 << 21; |
|
| 1911 | + $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 1912 | + $s13 += $carry12; |
|
| 1913 | + $s12 -= $carry12 << 21; |
|
| 1914 | + $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 1915 | + $s15 += $carry14; |
|
| 1916 | + $s14 -= $carry14 << 21; |
|
| 1917 | + $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 1918 | + $s17 += $carry16; |
|
| 1919 | + $s16 -= $carry16 << 21; |
|
| 1920 | + $carry18 = ($s18 + (1 << 20)) >> 21; |
|
| 1921 | + $s19 += $carry18; |
|
| 1922 | + $s18 -= $carry18 << 21; |
|
| 1923 | + $carry20 = ($s20 + (1 << 20)) >> 21; |
|
| 1924 | + $s21 += $carry20; |
|
| 1925 | + $s20 -= $carry20 << 21; |
|
| 1926 | + $carry22 = ($s22 + (1 << 20)) >> 21; |
|
| 1927 | + $s23 += $carry22; |
|
| 1928 | + $s22 -= $carry22 << 21; |
|
| 1929 | + |
|
| 1930 | + $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 1931 | + $s2 += $carry1; |
|
| 1932 | + $s1 -= $carry1 << 21; |
|
| 1933 | + $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 1934 | + $s4 += $carry3; |
|
| 1935 | + $s3 -= $carry3 << 21; |
|
| 1936 | + $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 1937 | + $s6 += $carry5; |
|
| 1938 | + $s5 -= $carry5 << 21; |
|
| 1939 | + $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 1940 | + $s8 += $carry7; |
|
| 1941 | + $s7 -= $carry7 << 21; |
|
| 1942 | + $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 1943 | + $s10 += $carry9; |
|
| 1944 | + $s9 -= $carry9 << 21; |
|
| 1945 | + $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 1946 | + $s12 += $carry11; |
|
| 1947 | + $s11 -= $carry11 << 21; |
|
| 1948 | + $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 1949 | + $s14 += $carry13; |
|
| 1950 | + $s13 -= $carry13 << 21; |
|
| 1951 | + $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 1952 | + $s16 += $carry15; |
|
| 1953 | + $s15 -= $carry15 << 21; |
|
| 1954 | + $carry17 = ($s17 + (1 << 20)) >> 21; |
|
| 1955 | + $s18 += $carry17; |
|
| 1956 | + $s17 -= $carry17 << 21; |
|
| 1957 | + $carry19 = ($s19 + (1 << 20)) >> 21; |
|
| 1958 | + $s20 += $carry19; |
|
| 1959 | + $s19 -= $carry19 << 21; |
|
| 1960 | + $carry21 = ($s21 + (1 << 20)) >> 21; |
|
| 1961 | + $s22 += $carry21; |
|
| 1962 | + $s21 -= $carry21 << 21; |
|
| 1963 | + |
|
| 1964 | + $s11 += self::mul($s23, 666643, 20); |
|
| 1965 | + $s12 += self::mul($s23, 470296, 19); |
|
| 1966 | + $s13 += self::mul($s23, 654183, 20); |
|
| 1967 | + $s14 -= self::mul($s23, 997805, 20); |
|
| 1968 | + $s15 += self::mul($s23, 136657, 18); |
|
| 1969 | + $s16 -= self::mul($s23, 683901, 20); |
|
| 1970 | + |
|
| 1971 | + $s10 += self::mul($s22, 666643, 20); |
|
| 1972 | + $s11 += self::mul($s22, 470296, 19); |
|
| 1973 | + $s12 += self::mul($s22, 654183, 20); |
|
| 1974 | + $s13 -= self::mul($s22, 997805, 20); |
|
| 1975 | + $s14 += self::mul($s22, 136657, 18); |
|
| 1976 | + $s15 -= self::mul($s22, 683901, 20); |
|
| 1977 | + |
|
| 1978 | + $s9 += self::mul($s21, 666643, 20); |
|
| 1979 | + $s10 += self::mul($s21, 470296, 19); |
|
| 1980 | + $s11 += self::mul($s21, 654183, 20); |
|
| 1981 | + $s12 -= self::mul($s21, 997805, 20); |
|
| 1982 | + $s13 += self::mul($s21, 136657, 18); |
|
| 1983 | + $s14 -= self::mul($s21, 683901, 20); |
|
| 1984 | + |
|
| 1985 | + $s8 += self::mul($s20, 666643, 20); |
|
| 1986 | + $s9 += self::mul($s20, 470296, 19); |
|
| 1987 | + $s10 += self::mul($s20, 654183, 20); |
|
| 1988 | + $s11 -= self::mul($s20, 997805, 20); |
|
| 1989 | + $s12 += self::mul($s20, 136657, 18); |
|
| 1990 | + $s13 -= self::mul($s20, 683901, 20); |
|
| 1991 | + |
|
| 1992 | + $s7 += self::mul($s19, 666643, 20); |
|
| 1993 | + $s8 += self::mul($s19, 470296, 19); |
|
| 1994 | + $s9 += self::mul($s19, 654183, 20); |
|
| 1995 | + $s10 -= self::mul($s19, 997805, 20); |
|
| 1996 | + $s11 += self::mul($s19, 136657, 18); |
|
| 1997 | + $s12 -= self::mul($s19, 683901, 20); |
|
| 1998 | + |
|
| 1999 | + $s6 += self::mul($s18, 666643, 20); |
|
| 2000 | + $s7 += self::mul($s18, 470296, 19); |
|
| 2001 | + $s8 += self::mul($s18, 654183, 20); |
|
| 2002 | + $s9 -= self::mul($s18, 997805, 20); |
|
| 2003 | + $s10 += self::mul($s18, 136657, 18); |
|
| 2004 | + $s11 -= self::mul($s18, 683901, 20); |
|
| 2005 | + |
|
| 2006 | + $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2007 | + $s7 += $carry6; |
|
| 2008 | + $s6 -= $carry6 << 21; |
|
| 2009 | + $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2010 | + $s9 += $carry8; |
|
| 2011 | + $s8 -= $carry8 << 21; |
|
| 2012 | + $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2013 | + $s11 += $carry10; |
|
| 2014 | + $s10 -= $carry10 << 21; |
|
| 2015 | + $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 2016 | + $s13 += $carry12; |
|
| 2017 | + $s12 -= $carry12 << 21; |
|
| 2018 | + $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 2019 | + $s15 += $carry14; |
|
| 2020 | + $s14 -= $carry14 << 21; |
|
| 2021 | + $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 2022 | + $s17 += $carry16; |
|
| 2023 | + $s16 -= $carry16 << 21; |
|
| 2024 | + |
|
| 2025 | + $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2026 | + $s8 += $carry7; |
|
| 2027 | + $s7 -= $carry7 << 21; |
|
| 2028 | + $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2029 | + $s10 += $carry9; |
|
| 2030 | + $s9 -= $carry9 << 21; |
|
| 2031 | + $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2032 | + $s12 += $carry11; |
|
| 2033 | + $s11 -= $carry11 << 21; |
|
| 2034 | + $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 2035 | + $s14 += $carry13; |
|
| 2036 | + $s13 -= $carry13 << 21; |
|
| 2037 | + $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 2038 | + $s16 += $carry15; |
|
| 2039 | + $s15 -= $carry15 << 21; |
|
| 2040 | + |
|
| 2041 | + $s5 += self::mul($s17, 666643, 20); |
|
| 2042 | + $s6 += self::mul($s17, 470296, 19); |
|
| 2043 | + $s7 += self::mul($s17, 654183, 20); |
|
| 2044 | + $s8 -= self::mul($s17, 997805, 20); |
|
| 2045 | + $s9 += self::mul($s17, 136657, 18); |
|
| 2046 | + $s10 -= self::mul($s17, 683901, 20); |
|
| 2047 | + |
|
| 2048 | + $s4 += self::mul($s16, 666643, 20); |
|
| 2049 | + $s5 += self::mul($s16, 470296, 19); |
|
| 2050 | + $s6 += self::mul($s16, 654183, 20); |
|
| 2051 | + $s7 -= self::mul($s16, 997805, 20); |
|
| 2052 | + $s8 += self::mul($s16, 136657, 18); |
|
| 2053 | + $s9 -= self::mul($s16, 683901, 20); |
|
| 2054 | + |
|
| 2055 | + $s3 += self::mul($s15, 666643, 20); |
|
| 2056 | + $s4 += self::mul($s15, 470296, 19); |
|
| 2057 | + $s5 += self::mul($s15, 654183, 20); |
|
| 2058 | + $s6 -= self::mul($s15, 997805, 20); |
|
| 2059 | + $s7 += self::mul($s15, 136657, 18); |
|
| 2060 | + $s8 -= self::mul($s15, 683901, 20); |
|
| 2061 | + |
|
| 2062 | + $s2 += self::mul($s14, 666643, 20); |
|
| 2063 | + $s3 += self::mul($s14, 470296, 19); |
|
| 2064 | + $s4 += self::mul($s14, 654183, 20); |
|
| 2065 | + $s5 -= self::mul($s14, 997805, 20); |
|
| 2066 | + $s6 += self::mul($s14, 136657, 18); |
|
| 2067 | + $s7 -= self::mul($s14, 683901, 20); |
|
| 2068 | + |
|
| 2069 | + $s1 += self::mul($s13, 666643, 20); |
|
| 2070 | + $s2 += self::mul($s13, 470296, 19); |
|
| 2071 | + $s3 += self::mul($s13, 654183, 20); |
|
| 2072 | + $s4 -= self::mul($s13, 997805, 20); |
|
| 2073 | + $s5 += self::mul($s13, 136657, 18); |
|
| 2074 | + $s6 -= self::mul($s13, 683901, 20); |
|
| 2075 | + |
|
| 2076 | + $s0 += self::mul($s12, 666643, 20); |
|
| 2077 | + $s1 += self::mul($s12, 470296, 19); |
|
| 2078 | + $s2 += self::mul($s12, 654183, 20); |
|
| 2079 | + $s3 -= self::mul($s12, 997805, 20); |
|
| 2080 | + $s4 += self::mul($s12, 136657, 18); |
|
| 2081 | + $s5 -= self::mul($s12, 683901, 20); |
|
| 2082 | + $s12 = 0; |
|
| 2083 | + |
|
| 2084 | + $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 2085 | + $s1 += $carry0; |
|
| 2086 | + $s0 -= $carry0 << 21; |
|
| 2087 | + $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 2088 | + $s3 += $carry2; |
|
| 2089 | + $s2 -= $carry2 << 21; |
|
| 2090 | + $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 2091 | + $s5 += $carry4; |
|
| 2092 | + $s4 -= $carry4 << 21; |
|
| 2093 | + $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2094 | + $s7 += $carry6; |
|
| 2095 | + $s6 -= $carry6 << 21; |
|
| 2096 | + $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2097 | + $s9 += $carry8; |
|
| 2098 | + $s8 -= $carry8 << 21; |
|
| 2099 | + $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2100 | + $s11 += $carry10; |
|
| 2101 | + $s10 -= $carry10 << 21; |
|
| 2102 | + |
|
| 2103 | + $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 2104 | + $s2 += $carry1; |
|
| 2105 | + $s1 -= $carry1 << 21; |
|
| 2106 | + $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 2107 | + $s4 += $carry3; |
|
| 2108 | + $s3 -= $carry3 << 21; |
|
| 2109 | + $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 2110 | + $s6 += $carry5; |
|
| 2111 | + $s5 -= $carry5 << 21; |
|
| 2112 | + $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2113 | + $s8 += $carry7; |
|
| 2114 | + $s7 -= $carry7 << 21; |
|
| 2115 | + $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2116 | + $s10 += $carry9; |
|
| 2117 | + $s9 -= $carry9 << 21; |
|
| 2118 | + $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2119 | + $s12 += $carry11; |
|
| 2120 | + $s11 -= $carry11 << 21; |
|
| 2121 | + |
|
| 2122 | + $s0 += self::mul($s12, 666643, 20); |
|
| 2123 | + $s1 += self::mul($s12, 470296, 19); |
|
| 2124 | + $s2 += self::mul($s12, 654183, 20); |
|
| 2125 | + $s3 -= self::mul($s12, 997805, 20); |
|
| 2126 | + $s4 += self::mul($s12, 136657, 18); |
|
| 2127 | + $s5 -= self::mul($s12, 683901, 20); |
|
| 2128 | + $s12 = 0; |
|
| 2129 | + |
|
| 2130 | + $carry0 = $s0 >> 21; |
|
| 2131 | + $s1 += $carry0; |
|
| 2132 | + $s0 -= $carry0 << 21; |
|
| 2133 | + $carry1 = $s1 >> 21; |
|
| 2134 | + $s2 += $carry1; |
|
| 2135 | + $s1 -= $carry1 << 21; |
|
| 2136 | + $carry2 = $s2 >> 21; |
|
| 2137 | + $s3 += $carry2; |
|
| 2138 | + $s2 -= $carry2 << 21; |
|
| 2139 | + $carry3 = $s3 >> 21; |
|
| 2140 | + $s4 += $carry3; |
|
| 2141 | + $s3 -= $carry3 << 21; |
|
| 2142 | + $carry4 = $s4 >> 21; |
|
| 2143 | + $s5 += $carry4; |
|
| 2144 | + $s4 -= $carry4 << 21; |
|
| 2145 | + $carry5 = $s5 >> 21; |
|
| 2146 | + $s6 += $carry5; |
|
| 2147 | + $s5 -= $carry5 << 21; |
|
| 2148 | + $carry6 = $s6 >> 21; |
|
| 2149 | + $s7 += $carry6; |
|
| 2150 | + $s6 -= $carry6 << 21; |
|
| 2151 | + $carry7 = $s7 >> 21; |
|
| 2152 | + $s8 += $carry7; |
|
| 2153 | + $s7 -= $carry7 << 21; |
|
| 2154 | + $carry8 = $s8 >> 21; |
|
| 2155 | + $s9 += $carry8; |
|
| 2156 | + $s8 -= $carry8 << 21; |
|
| 2157 | + $carry9 = $s9 >> 21; |
|
| 2158 | + $s10 += $carry9; |
|
| 2159 | + $s9 -= $carry9 << 21; |
|
| 2160 | + $carry10 = $s10 >> 21; |
|
| 2161 | + $s11 += $carry10; |
|
| 2162 | + $s10 -= $carry10 << 21; |
|
| 2163 | + $carry11 = $s11 >> 21; |
|
| 2164 | + $s12 += $carry11; |
|
| 2165 | + $s11 -= $carry11 << 21; |
|
| 2166 | + |
|
| 2167 | + $s0 += self::mul($s12, 666643, 20); |
|
| 2168 | + $s1 += self::mul($s12, 470296, 19); |
|
| 2169 | + $s2 += self::mul($s12, 654183, 20); |
|
| 2170 | + $s3 -= self::mul($s12, 997805, 20); |
|
| 2171 | + $s4 += self::mul($s12, 136657, 18); |
|
| 2172 | + $s5 -= self::mul($s12, 683901, 20); |
|
| 2173 | + |
|
| 2174 | + $carry0 = $s0 >> 21; |
|
| 2175 | + $s1 += $carry0; |
|
| 2176 | + $s0 -= $carry0 << 21; |
|
| 2177 | + $carry1 = $s1 >> 21; |
|
| 2178 | + $s2 += $carry1; |
|
| 2179 | + $s1 -= $carry1 << 21; |
|
| 2180 | + $carry2 = $s2 >> 21; |
|
| 2181 | + $s3 += $carry2; |
|
| 2182 | + $s2 -= $carry2 << 21; |
|
| 2183 | + $carry3 = $s3 >> 21; |
|
| 2184 | + $s4 += $carry3; |
|
| 2185 | + $s3 -= $carry3 << 21; |
|
| 2186 | + $carry4 = $s4 >> 21; |
|
| 2187 | + $s5 += $carry4; |
|
| 2188 | + $s4 -= $carry4 << 21; |
|
| 2189 | + $carry5 = $s5 >> 21; |
|
| 2190 | + $s6 += $carry5; |
|
| 2191 | + $s5 -= $carry5 << 21; |
|
| 2192 | + $carry6 = $s6 >> 21; |
|
| 2193 | + $s7 += $carry6; |
|
| 2194 | + $s6 -= $carry6 << 21; |
|
| 2195 | + $carry7 = $s7 >> 21; |
|
| 2196 | + $s8 += $carry7; |
|
| 2197 | + $s7 -= $carry7 << 21; |
|
| 2198 | + $carry8 = $s8 >> 21; |
|
| 2199 | + $s9 += $carry8; |
|
| 2200 | + $s8 -= $carry8 << 21; |
|
| 2201 | + $carry9 = $s9 >> 21; |
|
| 2202 | + $s10 += $carry9; |
|
| 2203 | + $s9 -= $carry9 << 21; |
|
| 2204 | + $carry10 = $s10 >> 21; |
|
| 2205 | + $s11 += $carry10; |
|
| 2206 | + $s10 -= $carry10 << 21; |
|
| 2207 | + |
|
| 2208 | + /** |
|
| 2209 | + * @var array<int, int> |
|
| 2210 | + */ |
|
| 2211 | + $arr = array( |
|
| 2212 | + (int) (0xff & ($s0 >> 0)), |
|
| 2213 | + (int) (0xff & ($s0 >> 8)), |
|
| 2214 | + (int) (0xff & (($s0 >> 16) | $s1 << 5)), |
|
| 2215 | + (int) (0xff & ($s1 >> 3)), |
|
| 2216 | + (int) (0xff & ($s1 >> 11)), |
|
| 2217 | + (int) (0xff & (($s1 >> 19) | $s2 << 2)), |
|
| 2218 | + (int) (0xff & ($s2 >> 6)), |
|
| 2219 | + (int) (0xff & (($s2 >> 14) | $s3 << 7)), |
|
| 2220 | + (int) (0xff & ($s3 >> 1)), |
|
| 2221 | + (int) (0xff & ($s3 >> 9)), |
|
| 2222 | + (int) (0xff & (($s3 >> 17) | $s4 << 4)), |
|
| 2223 | + (int) (0xff & ($s4 >> 4)), |
|
| 2224 | + (int) (0xff & ($s4 >> 12)), |
|
| 2225 | + (int) (0xff & (($s4 >> 20) | $s5 << 1)), |
|
| 2226 | + (int) (0xff & ($s5 >> 7)), |
|
| 2227 | + (int) (0xff & (($s5 >> 15) | $s6 << 6)), |
|
| 2228 | + (int) (0xff & ($s6 >> 2)), |
|
| 2229 | + (int) (0xff & ($s6 >> 10)), |
|
| 2230 | + (int) (0xff & (($s6 >> 18) | $s7 << 3)), |
|
| 2231 | + (int) (0xff & ($s7 >> 5)), |
|
| 2232 | + (int) (0xff & ($s7 >> 13)), |
|
| 2233 | + (int) (0xff & ($s8 >> 0)), |
|
| 2234 | + (int) (0xff & ($s8 >> 8)), |
|
| 2235 | + (int) (0xff & (($s8 >> 16) | $s9 << 5)), |
|
| 2236 | + (int) (0xff & ($s9 >> 3)), |
|
| 2237 | + (int) (0xff & ($s9 >> 11)), |
|
| 2238 | + (int) (0xff & (($s9 >> 19) | $s10 << 2)), |
|
| 2239 | + (int) (0xff & ($s10 >> 6)), |
|
| 2240 | + (int) (0xff & (($s10 >> 14) | $s11 << 7)), |
|
| 2241 | + (int) (0xff & ($s11 >> 1)), |
|
| 2242 | + (int) (0xff & ($s11 >> 9)), |
|
| 2243 | + 0xff & ($s11 >> 17) |
|
| 2244 | + ); |
|
| 2245 | + return self::intArrayToString($arr); |
|
| 2246 | + } |
|
| 2247 | + |
|
| 2248 | + /** |
|
| 2249 | + * @internal You should not use this directly from another application |
|
| 2250 | + * |
|
| 2251 | + * @param string $s |
|
| 2252 | + * @return string |
|
| 2253 | + */ |
|
| 2254 | + public static function sc_reduce($s) |
|
| 2255 | + { |
|
| 2256 | + $s0 = 2097151 & self::load_3(self::substr($s, 0, 3)); |
|
| 2257 | + $s1 = 2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5); |
|
| 2258 | + $s2 = 2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2); |
|
| 2259 | + $s3 = 2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7); |
|
| 2260 | + $s4 = 2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4); |
|
| 2261 | + $s5 = 2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1); |
|
| 2262 | + $s6 = 2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6); |
|
| 2263 | + $s7 = 2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3); |
|
| 2264 | + $s8 = 2097151 & self::load_3(self::substr($s, 21, 3)); |
|
| 2265 | + $s9 = 2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5); |
|
| 2266 | + $s10 = 2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2); |
|
| 2267 | + $s11 = 2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7); |
|
| 2268 | + $s12 = 2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4); |
|
| 2269 | + $s13 = 2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1); |
|
| 2270 | + $s14 = 2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6); |
|
| 2271 | + $s15 = 2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3); |
|
| 2272 | + $s16 = 2097151 & self::load_3(self::substr($s, 42, 3)); |
|
| 2273 | + $s17 = 2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5); |
|
| 2274 | + $s18 = 2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2); |
|
| 2275 | + $s19 = 2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7); |
|
| 2276 | + $s20 = 2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4); |
|
| 2277 | + $s21 = 2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1); |
|
| 2278 | + $s22 = 2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6); |
|
| 2279 | + $s23 = (self::load_4(self::substr($s, 60, 4)) >> 3); |
|
| 2280 | + |
|
| 2281 | + $s11 += self::mul($s23, 666643, 20); |
|
| 2282 | + $s12 += self::mul($s23, 470296, 19); |
|
| 2283 | + $s13 += self::mul($s23, 654183, 20); |
|
| 2284 | + $s14 -= self::mul($s23, 997805, 20); |
|
| 2285 | + $s15 += self::mul($s23, 136657, 18); |
|
| 2286 | + $s16 -= self::mul($s23, 683901, 20); |
|
| 2287 | + |
|
| 2288 | + $s10 += self::mul($s22, 666643, 20); |
|
| 2289 | + $s11 += self::mul($s22, 470296, 19); |
|
| 2290 | + $s12 += self::mul($s22, 654183, 20); |
|
| 2291 | + $s13 -= self::mul($s22, 997805, 20); |
|
| 2292 | + $s14 += self::mul($s22, 136657, 18); |
|
| 2293 | + $s15 -= self::mul($s22, 683901, 20); |
|
| 2294 | + |
|
| 2295 | + $s9 += self::mul($s21, 666643, 20); |
|
| 2296 | + $s10 += self::mul($s21, 470296, 19); |
|
| 2297 | + $s11 += self::mul($s21, 654183, 20); |
|
| 2298 | + $s12 -= self::mul($s21, 997805, 20); |
|
| 2299 | + $s13 += self::mul($s21, 136657, 18); |
|
| 2300 | + $s14 -= self::mul($s21, 683901, 20); |
|
| 2301 | + |
|
| 2302 | + $s8 += self::mul($s20, 666643, 20); |
|
| 2303 | + $s9 += self::mul($s20, 470296, 19); |
|
| 2304 | + $s10 += self::mul($s20, 654183, 20); |
|
| 2305 | + $s11 -= self::mul($s20, 997805, 20); |
|
| 2306 | + $s12 += self::mul($s20, 136657, 18); |
|
| 2307 | + $s13 -= self::mul($s20, 683901, 20); |
|
| 2308 | + |
|
| 2309 | + $s7 += self::mul($s19, 666643, 20); |
|
| 2310 | + $s8 += self::mul($s19, 470296, 19); |
|
| 2311 | + $s9 += self::mul($s19, 654183, 20); |
|
| 2312 | + $s10 -= self::mul($s19, 997805, 20); |
|
| 2313 | + $s11 += self::mul($s19, 136657, 18); |
|
| 2314 | + $s12 -= self::mul($s19, 683901, 20); |
|
| 2315 | + |
|
| 2316 | + $s6 += self::mul($s18, 666643, 20); |
|
| 2317 | + $s7 += self::mul($s18, 470296, 19); |
|
| 2318 | + $s8 += self::mul($s18, 654183, 20); |
|
| 2319 | + $s9 -= self::mul($s18, 997805, 20); |
|
| 2320 | + $s10 += self::mul($s18, 136657, 18); |
|
| 2321 | + $s11 -= self::mul($s18, 683901, 20); |
|
| 2322 | + |
|
| 2323 | + $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2324 | + $s7 += $carry6; |
|
| 2325 | + $s6 -= $carry6 << 21; |
|
| 2326 | + $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2327 | + $s9 += $carry8; |
|
| 2328 | + $s8 -= $carry8 << 21; |
|
| 2329 | + $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2330 | + $s11 += $carry10; |
|
| 2331 | + $s10 -= $carry10 << 21; |
|
| 2332 | + $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 2333 | + $s13 += $carry12; |
|
| 2334 | + $s12 -= $carry12 << 21; |
|
| 2335 | + $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 2336 | + $s15 += $carry14; |
|
| 2337 | + $s14 -= $carry14 << 21; |
|
| 2338 | + $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 2339 | + $s17 += $carry16; |
|
| 2340 | + $s16 -= $carry16 << 21; |
|
| 2341 | + |
|
| 2342 | + $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2343 | + $s8 += $carry7; |
|
| 2344 | + $s7 -= $carry7 << 21; |
|
| 2345 | + $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2346 | + $s10 += $carry9; |
|
| 2347 | + $s9 -= $carry9 << 21; |
|
| 2348 | + $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2349 | + $s12 += $carry11; |
|
| 2350 | + $s11 -= $carry11 << 21; |
|
| 2351 | + $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 2352 | + $s14 += $carry13; |
|
| 2353 | + $s13 -= $carry13 << 21; |
|
| 2354 | + $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 2355 | + $s16 += $carry15; |
|
| 2356 | + $s15 -= $carry15 << 21; |
|
| 2357 | + |
|
| 2358 | + $s5 += self::mul($s17, 666643, 20); |
|
| 2359 | + $s6 += self::mul($s17, 470296, 19); |
|
| 2360 | + $s7 += self::mul($s17, 654183, 20); |
|
| 2361 | + $s8 -= self::mul($s17, 997805, 20); |
|
| 2362 | + $s9 += self::mul($s17, 136657, 18); |
|
| 2363 | + $s10 -= self::mul($s17, 683901, 20); |
|
| 2364 | + |
|
| 2365 | + $s4 += self::mul($s16, 666643, 20); |
|
| 2366 | + $s5 += self::mul($s16, 470296, 19); |
|
| 2367 | + $s6 += self::mul($s16, 654183, 20); |
|
| 2368 | + $s7 -= self::mul($s16, 997805, 20); |
|
| 2369 | + $s8 += self::mul($s16, 136657, 18); |
|
| 2370 | + $s9 -= self::mul($s16, 683901, 20); |
|
| 2371 | + |
|
| 2372 | + $s3 += self::mul($s15, 666643, 20); |
|
| 2373 | + $s4 += self::mul($s15, 470296, 19); |
|
| 2374 | + $s5 += self::mul($s15, 654183, 20); |
|
| 2375 | + $s6 -= self::mul($s15, 997805, 20); |
|
| 2376 | + $s7 += self::mul($s15, 136657, 18); |
|
| 2377 | + $s8 -= self::mul($s15, 683901, 20); |
|
| 2378 | + |
|
| 2379 | + $s2 += self::mul($s14, 666643, 20); |
|
| 2380 | + $s3 += self::mul($s14, 470296, 19); |
|
| 2381 | + $s4 += self::mul($s14, 654183, 20); |
|
| 2382 | + $s5 -= self::mul($s14, 997805, 20); |
|
| 2383 | + $s6 += self::mul($s14, 136657, 18); |
|
| 2384 | + $s7 -= self::mul($s14, 683901, 20); |
|
| 2385 | + |
|
| 2386 | + $s1 += self::mul($s13, 666643, 20); |
|
| 2387 | + $s2 += self::mul($s13, 470296, 19); |
|
| 2388 | + $s3 += self::mul($s13, 654183, 20); |
|
| 2389 | + $s4 -= self::mul($s13, 997805, 20); |
|
| 2390 | + $s5 += self::mul($s13, 136657, 18); |
|
| 2391 | + $s6 -= self::mul($s13, 683901, 20); |
|
| 2392 | + |
|
| 2393 | + $s0 += self::mul($s12, 666643, 20); |
|
| 2394 | + $s1 += self::mul($s12, 470296, 19); |
|
| 2395 | + $s2 += self::mul($s12, 654183, 20); |
|
| 2396 | + $s3 -= self::mul($s12, 997805, 20); |
|
| 2397 | + $s4 += self::mul($s12, 136657, 18); |
|
| 2398 | + $s5 -= self::mul($s12, 683901, 20); |
|
| 2399 | + $s12 = 0; |
|
| 2400 | + |
|
| 2401 | + $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 2402 | + $s1 += $carry0; |
|
| 2403 | + $s0 -= $carry0 << 21; |
|
| 2404 | + $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 2405 | + $s3 += $carry2; |
|
| 2406 | + $s2 -= $carry2 << 21; |
|
| 2407 | + $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 2408 | + $s5 += $carry4; |
|
| 2409 | + $s4 -= $carry4 << 21; |
|
| 2410 | + $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2411 | + $s7 += $carry6; |
|
| 2412 | + $s6 -= $carry6 << 21; |
|
| 2413 | + $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2414 | + $s9 += $carry8; |
|
| 2415 | + $s8 -= $carry8 << 21; |
|
| 2416 | + $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2417 | + $s11 += $carry10; |
|
| 2418 | + $s10 -= $carry10 << 21; |
|
| 2419 | + |
|
| 2420 | + $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 2421 | + $s2 += $carry1; |
|
| 2422 | + $s1 -= $carry1 << 21; |
|
| 2423 | + $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 2424 | + $s4 += $carry3; |
|
| 2425 | + $s3 -= $carry3 << 21; |
|
| 2426 | + $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 2427 | + $s6 += $carry5; |
|
| 2428 | + $s5 -= $carry5 << 21; |
|
| 2429 | + $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2430 | + $s8 += $carry7; |
|
| 2431 | + $s7 -= $carry7 << 21; |
|
| 2432 | + $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2433 | + $s10 += $carry9; |
|
| 2434 | + $s9 -= $carry9 << 21; |
|
| 2435 | + $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2436 | + $s12 += $carry11; |
|
| 2437 | + $s11 -= $carry11 << 21; |
|
| 2438 | + |
|
| 2439 | + $s0 += self::mul($s12, 666643, 20); |
|
| 2440 | + $s1 += self::mul($s12, 470296, 19); |
|
| 2441 | + $s2 += self::mul($s12, 654183, 20); |
|
| 2442 | + $s3 -= self::mul($s12, 997805, 20); |
|
| 2443 | + $s4 += self::mul($s12, 136657, 18); |
|
| 2444 | + $s5 -= self::mul($s12, 683901, 20); |
|
| 2445 | + $s12 = 0; |
|
| 2446 | + |
|
| 2447 | + $carry0 = $s0 >> 21; |
|
| 2448 | + $s1 += $carry0; |
|
| 2449 | + $s0 -= $carry0 << 21; |
|
| 2450 | + $carry1 = $s1 >> 21; |
|
| 2451 | + $s2 += $carry1; |
|
| 2452 | + $s1 -= $carry1 << 21; |
|
| 2453 | + $carry2 = $s2 >> 21; |
|
| 2454 | + $s3 += $carry2; |
|
| 2455 | + $s2 -= $carry2 << 21; |
|
| 2456 | + $carry3 = $s3 >> 21; |
|
| 2457 | + $s4 += $carry3; |
|
| 2458 | + $s3 -= $carry3 << 21; |
|
| 2459 | + $carry4 = $s4 >> 21; |
|
| 2460 | + $s5 += $carry4; |
|
| 2461 | + $s4 -= $carry4 << 21; |
|
| 2462 | + $carry5 = $s5 >> 21; |
|
| 2463 | + $s6 += $carry5; |
|
| 2464 | + $s5 -= $carry5 << 21; |
|
| 2465 | + $carry6 = $s6 >> 21; |
|
| 2466 | + $s7 += $carry6; |
|
| 2467 | + $s6 -= $carry6 << 21; |
|
| 2468 | + $carry7 = $s7 >> 21; |
|
| 2469 | + $s8 += $carry7; |
|
| 2470 | + $s7 -= $carry7 << 21; |
|
| 2471 | + $carry8 = $s8 >> 21; |
|
| 2472 | + $s9 += $carry8; |
|
| 2473 | + $s8 -= $carry8 << 21; |
|
| 2474 | + $carry9 = $s9 >> 21; |
|
| 2475 | + $s10 += $carry9; |
|
| 2476 | + $s9 -= $carry9 << 21; |
|
| 2477 | + $carry10 = $s10 >> 21; |
|
| 2478 | + $s11 += $carry10; |
|
| 2479 | + $s10 -= $carry10 << 21; |
|
| 2480 | + $carry11 = $s11 >> 21; |
|
| 2481 | + $s12 += $carry11; |
|
| 2482 | + $s11 -= $carry11 << 21; |
|
| 2483 | + |
|
| 2484 | + $s0 += self::mul($s12, 666643, 20); |
|
| 2485 | + $s1 += self::mul($s12, 470296, 19); |
|
| 2486 | + $s2 += self::mul($s12, 654183, 20); |
|
| 2487 | + $s3 -= self::mul($s12, 997805, 20); |
|
| 2488 | + $s4 += self::mul($s12, 136657, 18); |
|
| 2489 | + $s5 -= self::mul($s12, 683901, 20); |
|
| 2490 | + |
|
| 2491 | + $carry0 = $s0 >> 21; |
|
| 2492 | + $s1 += $carry0; |
|
| 2493 | + $s0 -= $carry0 << 21; |
|
| 2494 | + $carry1 = $s1 >> 21; |
|
| 2495 | + $s2 += $carry1; |
|
| 2496 | + $s1 -= $carry1 << 21; |
|
| 2497 | + $carry2 = $s2 >> 21; |
|
| 2498 | + $s3 += $carry2; |
|
| 2499 | + $s2 -= $carry2 << 21; |
|
| 2500 | + $carry3 = $s3 >> 21; |
|
| 2501 | + $s4 += $carry3; |
|
| 2502 | + $s3 -= $carry3 << 21; |
|
| 2503 | + $carry4 = $s4 >> 21; |
|
| 2504 | + $s5 += $carry4; |
|
| 2505 | + $s4 -= $carry4 << 21; |
|
| 2506 | + $carry5 = $s5 >> 21; |
|
| 2507 | + $s6 += $carry5; |
|
| 2508 | + $s5 -= $carry5 << 21; |
|
| 2509 | + $carry6 = $s6 >> 21; |
|
| 2510 | + $s7 += $carry6; |
|
| 2511 | + $s6 -= $carry6 << 21; |
|
| 2512 | + $carry7 = $s7 >> 21; |
|
| 2513 | + $s8 += $carry7; |
|
| 2514 | + $s7 -= $carry7 << 21; |
|
| 2515 | + $carry8 = $s8 >> 21; |
|
| 2516 | + $s9 += $carry8; |
|
| 2517 | + $s8 -= $carry8 << 21; |
|
| 2518 | + $carry9 = $s9 >> 21; |
|
| 2519 | + $s10 += $carry9; |
|
| 2520 | + $s9 -= $carry9 << 21; |
|
| 2521 | + $carry10 = $s10 >> 21; |
|
| 2522 | + $s11 += $carry10; |
|
| 2523 | + $s10 -= $carry10 << 21; |
|
| 2524 | + |
|
| 2525 | + /** |
|
| 2526 | + * @var array<int, int> |
|
| 2527 | + */ |
|
| 2528 | + $arr = array( |
|
| 2529 | + (int) ($s0 >> 0), |
|
| 2530 | + (int) ($s0 >> 8), |
|
| 2531 | + (int) (($s0 >> 16) | $s1 << 5), |
|
| 2532 | + (int) ($s1 >> 3), |
|
| 2533 | + (int) ($s1 >> 11), |
|
| 2534 | + (int) (($s1 >> 19) | $s2 << 2), |
|
| 2535 | + (int) ($s2 >> 6), |
|
| 2536 | + (int) (($s2 >> 14) | $s3 << 7), |
|
| 2537 | + (int) ($s3 >> 1), |
|
| 2538 | + (int) ($s3 >> 9), |
|
| 2539 | + (int) (($s3 >> 17) | $s4 << 4), |
|
| 2540 | + (int) ($s4 >> 4), |
|
| 2541 | + (int) ($s4 >> 12), |
|
| 2542 | + (int) (($s4 >> 20) | $s5 << 1), |
|
| 2543 | + (int) ($s5 >> 7), |
|
| 2544 | + (int) (($s5 >> 15) | $s6 << 6), |
|
| 2545 | + (int) ($s6 >> 2), |
|
| 2546 | + (int) ($s6 >> 10), |
|
| 2547 | + (int) (($s6 >> 18) | $s7 << 3), |
|
| 2548 | + (int) ($s7 >> 5), |
|
| 2549 | + (int) ($s7 >> 13), |
|
| 2550 | + (int) ($s8 >> 0), |
|
| 2551 | + (int) ($s8 >> 8), |
|
| 2552 | + (int) (($s8 >> 16) | $s9 << 5), |
|
| 2553 | + (int) ($s9 >> 3), |
|
| 2554 | + (int) ($s9 >> 11), |
|
| 2555 | + (int) (($s9 >> 19) | $s10 << 2), |
|
| 2556 | + (int) ($s10 >> 6), |
|
| 2557 | + (int) (($s10 >> 14) | $s11 << 7), |
|
| 2558 | + (int) ($s11 >> 1), |
|
| 2559 | + (int) ($s11 >> 9), |
|
| 2560 | + (int) $s11 >> 17 |
|
| 2561 | + ); |
|
| 2562 | + return self::intArrayToString($arr); |
|
| 2563 | + } |
|
| 2564 | 2564 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core_Curve25519', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core_Curve25519', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | public static function fe_0() |
| 26 | 26 | { |
| 27 | 27 | return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
| 28 | - array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
|
| 28 | + array( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) |
|
| 29 | 29 | ); |
| 30 | 30 | } |
| 31 | 31 | |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | public static function fe_1() |
| 40 | 40 | { |
| 41 | 41 | return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
| 42 | - array(1, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
|
| 42 | + array( 1, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) |
|
| 43 | 43 | ); |
| 44 | 44 | } |
| 45 | 45 | |
@@ -57,10 +57,10 @@ discard block |
||
| 57 | 57 | ParagonIE_Sodium_Core_Curve25519_Fe $g |
| 58 | 58 | ) { |
| 59 | 59 | $arr = array(); |
| 60 | - for ($i = 0; $i < 10; ++$i) { |
|
| 61 | - $arr[$i] = (int) ($f[$i] + $g[$i]); |
|
| 60 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 61 | + $arr[$i] = (int) ( $f[$i] + $g[$i] ); |
|
| 62 | 62 | } |
| 63 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($arr); |
|
| 63 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( $arr ); |
|
| 64 | 64 | } |
| 65 | 65 | |
| 66 | 66 | /** |
@@ -80,11 +80,11 @@ discard block |
||
| 80 | 80 | ) { |
| 81 | 81 | $h = array(); |
| 82 | 82 | $b *= -1; |
| 83 | - for ($i = 0; $i < 10; ++$i) { |
|
| 84 | - $x = (($f[$i] ^ $g[$i]) & $b); |
|
| 83 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 84 | + $x = ( ( $f[$i] ^ $g[$i] ) & $b ); |
|
| 85 | 85 | $h[$i] = $f[$i] ^ $x; |
| 86 | 86 | } |
| 87 | - return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($h); |
|
| 87 | + return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( $h ); |
|
| 88 | 88 | } |
| 89 | 89 | |
| 90 | 90 | /** |
@@ -95,7 +95,7 @@ discard block |
||
| 95 | 95 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 96 | 96 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 97 | 97 | */ |
| 98 | - public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 98 | + public static function fe_copy( ParagonIE_Sodium_Core_Curve25519_Fe $f ) |
|
| 99 | 99 | { |
| 100 | 100 | $h = clone $f; |
| 101 | 101 | return $h; |
@@ -111,51 +111,51 @@ discard block |
||
| 111 | 111 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 112 | 112 | * @throws RangeException |
| 113 | 113 | */ |
| 114 | - public static function fe_frombytes($s) |
|
| 114 | + public static function fe_frombytes( $s ) |
|
| 115 | 115 | { |
| 116 | - if (self::strlen($s) !== 32) { |
|
| 117 | - throw new RangeException('Expected a 32-byte string.'); |
|
| 116 | + if ( self::strlen( $s ) !== 32 ) { |
|
| 117 | + throw new RangeException( 'Expected a 32-byte string.' ); |
|
| 118 | 118 | } |
| 119 | - $h0 = self::load_4($s); |
|
| 120 | - $h1 = self::load_3(self::substr($s, 4, 3)) << 6; |
|
| 121 | - $h2 = self::load_3(self::substr($s, 7, 3)) << 5; |
|
| 122 | - $h3 = self::load_3(self::substr($s, 10, 3)) << 3; |
|
| 123 | - $h4 = self::load_3(self::substr($s, 13, 3)) << 2; |
|
| 124 | - $h5 = self::load_4(self::substr($s, 16, 4)); |
|
| 125 | - $h6 = self::load_3(self::substr($s, 20, 3)) << 7; |
|
| 126 | - $h7 = self::load_3(self::substr($s, 23, 3)) << 5; |
|
| 127 | - $h8 = self::load_3(self::substr($s, 26, 3)) << 4; |
|
| 128 | - $h9 = (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2; |
|
| 129 | - |
|
| 130 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 131 | - $h0 += self::mul($carry9, 19, 5); |
|
| 119 | + $h0 = self::load_4( $s ); |
|
| 120 | + $h1 = self::load_3( self::substr( $s, 4, 3 ) ) << 6; |
|
| 121 | + $h2 = self::load_3( self::substr( $s, 7, 3 ) ) << 5; |
|
| 122 | + $h3 = self::load_3( self::substr( $s, 10, 3 ) ) << 3; |
|
| 123 | + $h4 = self::load_3( self::substr( $s, 13, 3 ) ) << 2; |
|
| 124 | + $h5 = self::load_4( self::substr( $s, 16, 4 ) ); |
|
| 125 | + $h6 = self::load_3( self::substr( $s, 20, 3 ) ) << 7; |
|
| 126 | + $h7 = self::load_3( self::substr( $s, 23, 3 ) ) << 5; |
|
| 127 | + $h8 = self::load_3( self::substr( $s, 26, 3 ) ) << 4; |
|
| 128 | + $h9 = ( self::load_3( self::substr( $s, 29, 3 ) ) & 8388607 ) << 2; |
|
| 129 | + |
|
| 130 | + $carry9 = ( $h9 + ( 1 << 24 ) ) >> 25; |
|
| 131 | + $h0 += self::mul( $carry9, 19, 5 ); |
|
| 132 | 132 | $h9 -= $carry9 << 25; |
| 133 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 133 | + $carry1 = ( $h1 + ( 1 << 24 ) ) >> 25; |
|
| 134 | 134 | $h2 += $carry1; |
| 135 | 135 | $h1 -= $carry1 << 25; |
| 136 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 136 | + $carry3 = ( $h3 + ( 1 << 24 ) ) >> 25; |
|
| 137 | 137 | $h4 += $carry3; |
| 138 | 138 | $h3 -= $carry3 << 25; |
| 139 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 139 | + $carry5 = ( $h5 + ( 1 << 24 ) ) >> 25; |
|
| 140 | 140 | $h6 += $carry5; |
| 141 | 141 | $h5 -= $carry5 << 25; |
| 142 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 142 | + $carry7 = ( $h7 + ( 1 << 24 ) ) >> 25; |
|
| 143 | 143 | $h8 += $carry7; |
| 144 | 144 | $h7 -= $carry7 << 25; |
| 145 | 145 | |
| 146 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 146 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 147 | 147 | $h1 += $carry0; |
| 148 | 148 | $h0 -= $carry0 << 26; |
| 149 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 149 | + $carry2 = ( $h2 + ( 1 << 25 ) ) >> 26; |
|
| 150 | 150 | $h3 += $carry2; |
| 151 | 151 | $h2 -= $carry2 << 26; |
| 152 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 152 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 153 | 153 | $h5 += $carry4; |
| 154 | 154 | $h4 -= $carry4 << 26; |
| 155 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 155 | + $carry6 = ( $h6 + ( 1 << 25 ) ) >> 26; |
|
| 156 | 156 | $h7 += $carry6; |
| 157 | 157 | $h6 -= $carry6 << 26; |
| 158 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 158 | + $carry8 = ( $h8 + ( 1 << 25 ) ) >> 26; |
|
| 159 | 159 | $h9 += $carry8; |
| 160 | 160 | $h8 -= $carry8 << 26; |
| 161 | 161 | |
@@ -183,7 +183,7 @@ discard block |
||
| 183 | 183 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $h |
| 184 | 184 | * @return string |
| 185 | 185 | */ |
| 186 | - public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) |
|
| 186 | + public static function fe_tobytes( ParagonIE_Sodium_Core_Curve25519_Fe $h ) |
|
| 187 | 187 | { |
| 188 | 188 | $h[0] = (int) $h[0]; |
| 189 | 189 | $h[1] = (int) $h[1]; |
@@ -196,19 +196,19 @@ discard block |
||
| 196 | 196 | $h[8] = (int) $h[8]; |
| 197 | 197 | $h[9] = (int) $h[9]; |
| 198 | 198 | |
| 199 | - $q = (self::mul($h[9], 19, 5) + (1 << 24)) >> 25; |
|
| 200 | - $q = ($h[0] + $q) >> 26; |
|
| 201 | - $q = ($h[1] + $q) >> 25; |
|
| 202 | - $q = ($h[2] + $q) >> 26; |
|
| 203 | - $q = ($h[3] + $q) >> 25; |
|
| 204 | - $q = ($h[4] + $q) >> 26; |
|
| 205 | - $q = ($h[5] + $q) >> 25; |
|
| 206 | - $q = ($h[6] + $q) >> 26; |
|
| 207 | - $q = ($h[7] + $q) >> 25; |
|
| 208 | - $q = ($h[8] + $q) >> 26; |
|
| 209 | - $q = ($h[9] + $q) >> 25; |
|
| 199 | + $q = ( self::mul( $h[9], 19, 5 ) + ( 1 << 24 ) ) >> 25; |
|
| 200 | + $q = ( $h[0] + $q ) >> 26; |
|
| 201 | + $q = ( $h[1] + $q ) >> 25; |
|
| 202 | + $q = ( $h[2] + $q ) >> 26; |
|
| 203 | + $q = ( $h[3] + $q ) >> 25; |
|
| 204 | + $q = ( $h[4] + $q ) >> 26; |
|
| 205 | + $q = ( $h[5] + $q ) >> 25; |
|
| 206 | + $q = ( $h[6] + $q ) >> 26; |
|
| 207 | + $q = ( $h[7] + $q ) >> 25; |
|
| 208 | + $q = ( $h[8] + $q ) >> 26; |
|
| 209 | + $q = ( $h[9] + $q ) >> 25; |
|
| 210 | 210 | |
| 211 | - $h[0] += self::mul($q, 19, 5); |
|
| 211 | + $h[0] += self::mul( $q, 19, 5 ); |
|
| 212 | 212 | |
| 213 | 213 | $carry0 = $h[0] >> 26; |
| 214 | 214 | $h[1] += $carry0; |
@@ -244,40 +244,40 @@ discard block |
||
| 244 | 244 | * @var array<int, int> |
| 245 | 245 | */ |
| 246 | 246 | $s = array( |
| 247 | - (int) (($h[0] >> 0) & 0xff), |
|
| 248 | - (int) (($h[0] >> 8) & 0xff), |
|
| 249 | - (int) (($h[0] >> 16) & 0xff), |
|
| 250 | - (int) ((($h[0] >> 24) | ($h[1] << 2)) & 0xff), |
|
| 251 | - (int) (($h[1] >> 6) & 0xff), |
|
| 252 | - (int) (($h[1] >> 14) & 0xff), |
|
| 253 | - (int) ((($h[1] >> 22) | ($h[2] << 3)) & 0xff), |
|
| 254 | - (int) (($h[2] >> 5) & 0xff), |
|
| 255 | - (int) (($h[2] >> 13) & 0xff), |
|
| 256 | - (int) ((($h[2] >> 21) | ($h[3] << 5)) & 0xff), |
|
| 257 | - (int) (($h[3] >> 3) & 0xff), |
|
| 258 | - (int) (($h[3] >> 11) & 0xff), |
|
| 259 | - (int) ((($h[3] >> 19) | ($h[4] << 6)) & 0xff), |
|
| 260 | - (int) (($h[4] >> 2) & 0xff), |
|
| 261 | - (int) (($h[4] >> 10) & 0xff), |
|
| 262 | - (int) (($h[4] >> 18) & 0xff), |
|
| 263 | - (int) (($h[5] >> 0) & 0xff), |
|
| 264 | - (int) (($h[5] >> 8) & 0xff), |
|
| 265 | - (int) (($h[5] >> 16) & 0xff), |
|
| 266 | - (int) ((($h[5] >> 24) | ($h[6] << 1)) & 0xff), |
|
| 267 | - (int) (($h[6] >> 7) & 0xff), |
|
| 268 | - (int) (($h[6] >> 15) & 0xff), |
|
| 269 | - (int) ((($h[6] >> 23) | ($h[7] << 3)) & 0xff), |
|
| 270 | - (int) (($h[7] >> 5) & 0xff), |
|
| 271 | - (int) (($h[7] >> 13) & 0xff), |
|
| 272 | - (int) ((($h[7] >> 21) | ($h[8] << 4)) & 0xff), |
|
| 273 | - (int) (($h[8] >> 4) & 0xff), |
|
| 274 | - (int) (($h[8] >> 12) & 0xff), |
|
| 275 | - (int) ((($h[8] >> 20) | ($h[9] << 6)) & 0xff), |
|
| 276 | - (int) (($h[9] >> 2) & 0xff), |
|
| 277 | - (int) (($h[9] >> 10) & 0xff), |
|
| 278 | - (int) (($h[9] >> 18) & 0xff) |
|
| 247 | + (int) ( ( $h[0] >> 0 ) & 0xff ), |
|
| 248 | + (int) ( ( $h[0] >> 8 ) & 0xff ), |
|
| 249 | + (int) ( ( $h[0] >> 16 ) & 0xff ), |
|
| 250 | + (int) ( ( ( $h[0] >> 24 ) | ( $h[1] << 2 ) ) & 0xff ), |
|
| 251 | + (int) ( ( $h[1] >> 6 ) & 0xff ), |
|
| 252 | + (int) ( ( $h[1] >> 14 ) & 0xff ), |
|
| 253 | + (int) ( ( ( $h[1] >> 22 ) | ( $h[2] << 3 ) ) & 0xff ), |
|
| 254 | + (int) ( ( $h[2] >> 5 ) & 0xff ), |
|
| 255 | + (int) ( ( $h[2] >> 13 ) & 0xff ), |
|
| 256 | + (int) ( ( ( $h[2] >> 21 ) | ( $h[3] << 5 ) ) & 0xff ), |
|
| 257 | + (int) ( ( $h[3] >> 3 ) & 0xff ), |
|
| 258 | + (int) ( ( $h[3] >> 11 ) & 0xff ), |
|
| 259 | + (int) ( ( ( $h[3] >> 19 ) | ( $h[4] << 6 ) ) & 0xff ), |
|
| 260 | + (int) ( ( $h[4] >> 2 ) & 0xff ), |
|
| 261 | + (int) ( ( $h[4] >> 10 ) & 0xff ), |
|
| 262 | + (int) ( ( $h[4] >> 18 ) & 0xff ), |
|
| 263 | + (int) ( ( $h[5] >> 0 ) & 0xff ), |
|
| 264 | + (int) ( ( $h[5] >> 8 ) & 0xff ), |
|
| 265 | + (int) ( ( $h[5] >> 16 ) & 0xff ), |
|
| 266 | + (int) ( ( ( $h[5] >> 24 ) | ( $h[6] << 1 ) ) & 0xff ), |
|
| 267 | + (int) ( ( $h[6] >> 7 ) & 0xff ), |
|
| 268 | + (int) ( ( $h[6] >> 15 ) & 0xff ), |
|
| 269 | + (int) ( ( ( $h[6] >> 23 ) | ( $h[7] << 3 ) ) & 0xff ), |
|
| 270 | + (int) ( ( $h[7] >> 5 ) & 0xff ), |
|
| 271 | + (int) ( ( $h[7] >> 13 ) & 0xff ), |
|
| 272 | + (int) ( ( ( $h[7] >> 21 ) | ( $h[8] << 4 ) ) & 0xff ), |
|
| 273 | + (int) ( ( $h[8] >> 4 ) & 0xff ), |
|
| 274 | + (int) ( ( $h[8] >> 12 ) & 0xff ), |
|
| 275 | + (int) ( ( ( $h[8] >> 20 ) | ( $h[9] << 6 ) ) & 0xff ), |
|
| 276 | + (int) ( ( $h[9] >> 2 ) & 0xff ), |
|
| 277 | + (int) ( ( $h[9] >> 10 ) & 0xff ), |
|
| 278 | + (int) ( ( $h[9] >> 18 ) & 0xff ) |
|
| 279 | 279 | ); |
| 280 | - return self::intArrayToString($s); |
|
| 280 | + return self::intArrayToString( $s ); |
|
| 281 | 281 | } |
| 282 | 282 | |
| 283 | 283 | /** |
@@ -288,10 +288,10 @@ discard block |
||
| 288 | 288 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 289 | 289 | * @return int |
| 290 | 290 | */ |
| 291 | - public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 291 | + public static function fe_isnegative( ParagonIE_Sodium_Core_Curve25519_Fe $f ) |
|
| 292 | 292 | { |
| 293 | - $str = self::fe_tobytes($f); |
|
| 294 | - return self::chrToInt($str[0]) & 1; |
|
| 293 | + $str = self::fe_tobytes( $f ); |
|
| 294 | + return self::chrToInt( $str[0] ) & 1; |
|
| 295 | 295 | } |
| 296 | 296 | |
| 297 | 297 | /** |
@@ -302,14 +302,14 @@ discard block |
||
| 302 | 302 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 303 | 303 | * @return bool |
| 304 | 304 | */ |
| 305 | - public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 305 | + public static function fe_isnonzero( ParagonIE_Sodium_Core_Curve25519_Fe $f ) |
|
| 306 | 306 | { |
| 307 | 307 | static $zero; |
| 308 | - if ($zero === null) { |
|
| 309 | - $zero = str_repeat("\x00", 32); |
|
| 308 | + if ( $zero === null ) { |
|
| 309 | + $zero = str_repeat( "\x00", 32 ); |
|
| 310 | 310 | } |
| 311 | - $str = self::fe_tobytes($f); |
|
| 312 | - return !self::verify_32($str, $zero); |
|
| 311 | + $str = self::fe_tobytes( $f ); |
|
| 312 | + return ! self::verify_32( $str, $zero ); |
|
| 313 | 313 | } |
| 314 | 314 | |
| 315 | 315 | /** |
@@ -350,171 +350,171 @@ discard block |
||
| 350 | 350 | $g7 = $g[7]; |
| 351 | 351 | $g8 = $g[8]; |
| 352 | 352 | $g9 = $g[9]; |
| 353 | - $g1_19 = self::mul($g1, 19, 5); |
|
| 354 | - $g2_19 = self::mul($g2, 19, 5); |
|
| 355 | - $g3_19 = self::mul($g3, 19, 5); |
|
| 356 | - $g4_19 = self::mul($g4, 19, 5); |
|
| 357 | - $g5_19 = self::mul($g5, 19, 5); |
|
| 358 | - $g6_19 = self::mul($g6, 19, 5); |
|
| 359 | - $g7_19 = self::mul($g7, 19, 5); |
|
| 360 | - $g8_19 = self::mul($g8, 19, 5); |
|
| 361 | - $g9_19 = self::mul($g9, 19, 5); |
|
| 353 | + $g1_19 = self::mul( $g1, 19, 5 ); |
|
| 354 | + $g2_19 = self::mul( $g2, 19, 5 ); |
|
| 355 | + $g3_19 = self::mul( $g3, 19, 5 ); |
|
| 356 | + $g4_19 = self::mul( $g4, 19, 5 ); |
|
| 357 | + $g5_19 = self::mul( $g5, 19, 5 ); |
|
| 358 | + $g6_19 = self::mul( $g6, 19, 5 ); |
|
| 359 | + $g7_19 = self::mul( $g7, 19, 5 ); |
|
| 360 | + $g8_19 = self::mul( $g8, 19, 5 ); |
|
| 361 | + $g9_19 = self::mul( $g9, 19, 5 ); |
|
| 362 | 362 | $f1_2 = $f1 << 1; |
| 363 | 363 | $f3_2 = $f3 << 1; |
| 364 | 364 | $f5_2 = $f5 << 1; |
| 365 | 365 | $f7_2 = $f7 << 1; |
| 366 | 366 | $f9_2 = $f9 << 1; |
| 367 | - $f0g0 = self::mul($f0, $g0); |
|
| 368 | - $f0g1 = self::mul($f0, $g1); |
|
| 369 | - $f0g2 = self::mul($f0, $g2); |
|
| 370 | - $f0g3 = self::mul($f0, $g3); |
|
| 371 | - $f0g4 = self::mul($f0, $g4); |
|
| 372 | - $f0g5 = self::mul($f0, $g5); |
|
| 373 | - $f0g6 = self::mul($f0, $g6); |
|
| 374 | - $f0g7 = self::mul($f0, $g7); |
|
| 375 | - $f0g8 = self::mul($f0, $g8); |
|
| 376 | - $f0g9 = self::mul($f0, $g9); |
|
| 377 | - $f1g0 = self::mul($f1, $g0); |
|
| 378 | - $f1g1_2 = self::mul($f1_2, $g1); |
|
| 379 | - $f1g2 = self::mul($f1, $g2); |
|
| 380 | - $f1g3_2 = self::mul($f1_2, $g3); |
|
| 381 | - $f1g4 = self::mul($f1, $g4); |
|
| 382 | - $f1g5_2 = self::mul($f1_2, $g5); |
|
| 383 | - $f1g6 = self::mul($f1, $g6); |
|
| 384 | - $f1g7_2 = self::mul($f1_2, $g7); |
|
| 385 | - $f1g8 = self::mul($f1, $g8); |
|
| 386 | - $f1g9_38 = self::mul($f1_2, $g9_19); |
|
| 387 | - $f2g0 = self::mul($f2, $g0); |
|
| 388 | - $f2g1 = self::mul($f2, $g1); |
|
| 389 | - $f2g2 = self::mul($f2, $g2); |
|
| 390 | - $f2g3 = self::mul($f2, $g3); |
|
| 391 | - $f2g4 = self::mul($f2, $g4); |
|
| 392 | - $f2g5 = self::mul($f2, $g5); |
|
| 393 | - $f2g6 = self::mul($f2, $g6); |
|
| 394 | - $f2g7 = self::mul($f2, $g7); |
|
| 395 | - $f2g8_19 = self::mul($f2, $g8_19); |
|
| 396 | - $f2g9_19 = self::mul($f2, $g9_19); |
|
| 397 | - $f3g0 = self::mul($f3, $g0); |
|
| 398 | - $f3g1_2 = self::mul($f3_2, $g1); |
|
| 399 | - $f3g2 = self::mul($f3, $g2); |
|
| 400 | - $f3g3_2 = self::mul($f3_2, $g3); |
|
| 401 | - $f3g4 = self::mul($f3, $g4); |
|
| 402 | - $f3g5_2 = self::mul($f3_2, $g5); |
|
| 403 | - $f3g6 = self::mul($f3, $g6); |
|
| 404 | - $f3g7_38 = self::mul($f3_2, $g7_19); |
|
| 405 | - $f3g8_19 = self::mul($f3, $g8_19); |
|
| 406 | - $f3g9_38 = self::mul($f3_2, $g9_19); |
|
| 407 | - $f4g0 = self::mul($f4, $g0); |
|
| 408 | - $f4g1 = self::mul($f4, $g1); |
|
| 409 | - $f4g2 = self::mul($f4, $g2); |
|
| 410 | - $f4g3 = self::mul($f4, $g3); |
|
| 411 | - $f4g4 = self::mul($f4, $g4); |
|
| 412 | - $f4g5 = self::mul($f4, $g5); |
|
| 413 | - $f4g6_19 = self::mul($f4, $g6_19); |
|
| 414 | - $f4g7_19 = self::mul($f4, $g7_19); |
|
| 415 | - $f4g8_19 = self::mul($f4, $g8_19); |
|
| 416 | - $f4g9_19 = self::mul($f4, $g9_19); |
|
| 417 | - $f5g0 = self::mul($f5, $g0); |
|
| 418 | - $f5g1_2 = self::mul($f5_2, $g1); |
|
| 419 | - $f5g2 = self::mul($f5, $g2); |
|
| 420 | - $f5g3_2 = self::mul($f5_2, $g3); |
|
| 421 | - $f5g4 = self::mul($f5, $g4); |
|
| 422 | - $f5g5_38 = self::mul($f5_2, $g5_19); |
|
| 423 | - $f5g6_19 = self::mul($f5, $g6_19); |
|
| 424 | - $f5g7_38 = self::mul($f5_2, $g7_19); |
|
| 425 | - $f5g8_19 = self::mul($f5, $g8_19); |
|
| 426 | - $f5g9_38 = self::mul($f5_2, $g9_19); |
|
| 427 | - $f6g0 = self::mul($f6, $g0); |
|
| 428 | - $f6g1 = self::mul($f6, $g1); |
|
| 429 | - $f6g2 = self::mul($f6, $g2); |
|
| 430 | - $f6g3 = self::mul($f6, $g3); |
|
| 431 | - $f6g4_19 = self::mul($f6, $g4_19); |
|
| 432 | - $f6g5_19 = self::mul($f6, $g5_19); |
|
| 433 | - $f6g6_19 = self::mul($f6, $g6_19); |
|
| 434 | - $f6g7_19 = self::mul($f6, $g7_19); |
|
| 435 | - $f6g8_19 = self::mul($f6, $g8_19); |
|
| 436 | - $f6g9_19 = self::mul($f6, $g9_19); |
|
| 437 | - $f7g0 = self::mul($f7, $g0); |
|
| 438 | - $f7g1_2 = self::mul($f7_2, $g1); |
|
| 439 | - $f7g2 = self::mul($f7, $g2); |
|
| 440 | - $f7g3_38 = self::mul($f7_2, $g3_19); |
|
| 441 | - $f7g4_19 = self::mul($f7, $g4_19); |
|
| 442 | - $f7g5_38 = self::mul($f7_2, $g5_19); |
|
| 443 | - $f7g6_19 = self::mul($f7, $g6_19); |
|
| 444 | - $f7g7_38 = self::mul($f7_2, $g7_19); |
|
| 445 | - $f7g8_19 = self::mul($f7, $g8_19); |
|
| 446 | - $f7g9_38 = self::mul($f7_2, $g9_19); |
|
| 447 | - $f8g0 = self::mul($f8, $g0); |
|
| 448 | - $f8g1 = self::mul($f8, $g1); |
|
| 449 | - $f8g2_19 = self::mul($f8, $g2_19); |
|
| 450 | - $f8g3_19 = self::mul($f8, $g3_19); |
|
| 451 | - $f8g4_19 = self::mul($f8, $g4_19); |
|
| 452 | - $f8g5_19 = self::mul($f8, $g5_19); |
|
| 453 | - $f8g6_19 = self::mul($f8, $g6_19); |
|
| 454 | - $f8g7_19 = self::mul($f8, $g7_19); |
|
| 455 | - $f8g8_19 = self::mul($f8, $g8_19); |
|
| 456 | - $f8g9_19 = self::mul($f8, $g9_19); |
|
| 457 | - $f9g0 = self::mul($f9, $g0); |
|
| 458 | - $f9g1_38 = self::mul($f9_2, $g1_19); |
|
| 459 | - $f9g2_19 = self::mul($f9, $g2_19); |
|
| 460 | - $f9g3_38 = self::mul($f9_2, $g3_19); |
|
| 461 | - $f9g4_19 = self::mul($f9, $g4_19); |
|
| 462 | - $f9g5_38 = self::mul($f9_2, $g5_19); |
|
| 463 | - $f9g6_19 = self::mul($f9, $g6_19); |
|
| 464 | - $f9g7_38 = self::mul($f9_2, $g7_19); |
|
| 465 | - $f9g8_19 = self::mul($f9, $g8_19); |
|
| 466 | - $f9g9_38 = self::mul($f9_2, $g9_19); |
|
| 367 | + $f0g0 = self::mul( $f0, $g0 ); |
|
| 368 | + $f0g1 = self::mul( $f0, $g1 ); |
|
| 369 | + $f0g2 = self::mul( $f0, $g2 ); |
|
| 370 | + $f0g3 = self::mul( $f0, $g3 ); |
|
| 371 | + $f0g4 = self::mul( $f0, $g4 ); |
|
| 372 | + $f0g5 = self::mul( $f0, $g5 ); |
|
| 373 | + $f0g6 = self::mul( $f0, $g6 ); |
|
| 374 | + $f0g7 = self::mul( $f0, $g7 ); |
|
| 375 | + $f0g8 = self::mul( $f0, $g8 ); |
|
| 376 | + $f0g9 = self::mul( $f0, $g9 ); |
|
| 377 | + $f1g0 = self::mul( $f1, $g0 ); |
|
| 378 | + $f1g1_2 = self::mul( $f1_2, $g1 ); |
|
| 379 | + $f1g2 = self::mul( $f1, $g2 ); |
|
| 380 | + $f1g3_2 = self::mul( $f1_2, $g3 ); |
|
| 381 | + $f1g4 = self::mul( $f1, $g4 ); |
|
| 382 | + $f1g5_2 = self::mul( $f1_2, $g5 ); |
|
| 383 | + $f1g6 = self::mul( $f1, $g6 ); |
|
| 384 | + $f1g7_2 = self::mul( $f1_2, $g7 ); |
|
| 385 | + $f1g8 = self::mul( $f1, $g8 ); |
|
| 386 | + $f1g9_38 = self::mul( $f1_2, $g9_19 ); |
|
| 387 | + $f2g0 = self::mul( $f2, $g0 ); |
|
| 388 | + $f2g1 = self::mul( $f2, $g1 ); |
|
| 389 | + $f2g2 = self::mul( $f2, $g2 ); |
|
| 390 | + $f2g3 = self::mul( $f2, $g3 ); |
|
| 391 | + $f2g4 = self::mul( $f2, $g4 ); |
|
| 392 | + $f2g5 = self::mul( $f2, $g5 ); |
|
| 393 | + $f2g6 = self::mul( $f2, $g6 ); |
|
| 394 | + $f2g7 = self::mul( $f2, $g7 ); |
|
| 395 | + $f2g8_19 = self::mul( $f2, $g8_19 ); |
|
| 396 | + $f2g9_19 = self::mul( $f2, $g9_19 ); |
|
| 397 | + $f3g0 = self::mul( $f3, $g0 ); |
|
| 398 | + $f3g1_2 = self::mul( $f3_2, $g1 ); |
|
| 399 | + $f3g2 = self::mul( $f3, $g2 ); |
|
| 400 | + $f3g3_2 = self::mul( $f3_2, $g3 ); |
|
| 401 | + $f3g4 = self::mul( $f3, $g4 ); |
|
| 402 | + $f3g5_2 = self::mul( $f3_2, $g5 ); |
|
| 403 | + $f3g6 = self::mul( $f3, $g6 ); |
|
| 404 | + $f3g7_38 = self::mul( $f3_2, $g7_19 ); |
|
| 405 | + $f3g8_19 = self::mul( $f3, $g8_19 ); |
|
| 406 | + $f3g9_38 = self::mul( $f3_2, $g9_19 ); |
|
| 407 | + $f4g0 = self::mul( $f4, $g0 ); |
|
| 408 | + $f4g1 = self::mul( $f4, $g1 ); |
|
| 409 | + $f4g2 = self::mul( $f4, $g2 ); |
|
| 410 | + $f4g3 = self::mul( $f4, $g3 ); |
|
| 411 | + $f4g4 = self::mul( $f4, $g4 ); |
|
| 412 | + $f4g5 = self::mul( $f4, $g5 ); |
|
| 413 | + $f4g6_19 = self::mul( $f4, $g6_19 ); |
|
| 414 | + $f4g7_19 = self::mul( $f4, $g7_19 ); |
|
| 415 | + $f4g8_19 = self::mul( $f4, $g8_19 ); |
|
| 416 | + $f4g9_19 = self::mul( $f4, $g9_19 ); |
|
| 417 | + $f5g0 = self::mul( $f5, $g0 ); |
|
| 418 | + $f5g1_2 = self::mul( $f5_2, $g1 ); |
|
| 419 | + $f5g2 = self::mul( $f5, $g2 ); |
|
| 420 | + $f5g3_2 = self::mul( $f5_2, $g3 ); |
|
| 421 | + $f5g4 = self::mul( $f5, $g4 ); |
|
| 422 | + $f5g5_38 = self::mul( $f5_2, $g5_19 ); |
|
| 423 | + $f5g6_19 = self::mul( $f5, $g6_19 ); |
|
| 424 | + $f5g7_38 = self::mul( $f5_2, $g7_19 ); |
|
| 425 | + $f5g8_19 = self::mul( $f5, $g8_19 ); |
|
| 426 | + $f5g9_38 = self::mul( $f5_2, $g9_19 ); |
|
| 427 | + $f6g0 = self::mul( $f6, $g0 ); |
|
| 428 | + $f6g1 = self::mul( $f6, $g1 ); |
|
| 429 | + $f6g2 = self::mul( $f6, $g2 ); |
|
| 430 | + $f6g3 = self::mul( $f6, $g3 ); |
|
| 431 | + $f6g4_19 = self::mul( $f6, $g4_19 ); |
|
| 432 | + $f6g5_19 = self::mul( $f6, $g5_19 ); |
|
| 433 | + $f6g6_19 = self::mul( $f6, $g6_19 ); |
|
| 434 | + $f6g7_19 = self::mul( $f6, $g7_19 ); |
|
| 435 | + $f6g8_19 = self::mul( $f6, $g8_19 ); |
|
| 436 | + $f6g9_19 = self::mul( $f6, $g9_19 ); |
|
| 437 | + $f7g0 = self::mul( $f7, $g0 ); |
|
| 438 | + $f7g1_2 = self::mul( $f7_2, $g1 ); |
|
| 439 | + $f7g2 = self::mul( $f7, $g2 ); |
|
| 440 | + $f7g3_38 = self::mul( $f7_2, $g3_19 ); |
|
| 441 | + $f7g4_19 = self::mul( $f7, $g4_19 ); |
|
| 442 | + $f7g5_38 = self::mul( $f7_2, $g5_19 ); |
|
| 443 | + $f7g6_19 = self::mul( $f7, $g6_19 ); |
|
| 444 | + $f7g7_38 = self::mul( $f7_2, $g7_19 ); |
|
| 445 | + $f7g8_19 = self::mul( $f7, $g8_19 ); |
|
| 446 | + $f7g9_38 = self::mul( $f7_2, $g9_19 ); |
|
| 447 | + $f8g0 = self::mul( $f8, $g0 ); |
|
| 448 | + $f8g1 = self::mul( $f8, $g1 ); |
|
| 449 | + $f8g2_19 = self::mul( $f8, $g2_19 ); |
|
| 450 | + $f8g3_19 = self::mul( $f8, $g3_19 ); |
|
| 451 | + $f8g4_19 = self::mul( $f8, $g4_19 ); |
|
| 452 | + $f8g5_19 = self::mul( $f8, $g5_19 ); |
|
| 453 | + $f8g6_19 = self::mul( $f8, $g6_19 ); |
|
| 454 | + $f8g7_19 = self::mul( $f8, $g7_19 ); |
|
| 455 | + $f8g8_19 = self::mul( $f8, $g8_19 ); |
|
| 456 | + $f8g9_19 = self::mul( $f8, $g9_19 ); |
|
| 457 | + $f9g0 = self::mul( $f9, $g0 ); |
|
| 458 | + $f9g1_38 = self::mul( $f9_2, $g1_19 ); |
|
| 459 | + $f9g2_19 = self::mul( $f9, $g2_19 ); |
|
| 460 | + $f9g3_38 = self::mul( $f9_2, $g3_19 ); |
|
| 461 | + $f9g4_19 = self::mul( $f9, $g4_19 ); |
|
| 462 | + $f9g5_38 = self::mul( $f9_2, $g5_19 ); |
|
| 463 | + $f9g6_19 = self::mul( $f9, $g6_19 ); |
|
| 464 | + $f9g7_38 = self::mul( $f9_2, $g7_19 ); |
|
| 465 | + $f9g8_19 = self::mul( $f9, $g8_19 ); |
|
| 466 | + $f9g9_38 = self::mul( $f9_2, $g9_19 ); |
|
| 467 | 467 | $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; |
| 468 | - $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
|
| 469 | - $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
|
| 470 | - $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
|
| 471 | - $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
|
| 472 | - $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
|
| 473 | - $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
|
| 474 | - $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
|
| 475 | - $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
|
| 476 | - $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; |
|
| 477 | - |
|
| 478 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 468 | + $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
|
| 469 | + $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
|
| 470 | + $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
|
| 471 | + $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
|
| 472 | + $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
|
| 473 | + $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
|
| 474 | + $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
|
| 475 | + $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
|
| 476 | + $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0; |
|
| 477 | + |
|
| 478 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 479 | 479 | $h1 += $carry0; |
| 480 | 480 | $h0 -= $carry0 << 26; |
| 481 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 481 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 482 | 482 | $h5 += $carry4; |
| 483 | 483 | $h4 -= $carry4 << 26; |
| 484 | 484 | |
| 485 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 485 | + $carry1 = ( $h1 + ( 1 << 24 ) ) >> 25; |
|
| 486 | 486 | $h2 += $carry1; |
| 487 | 487 | $h1 -= $carry1 << 25; |
| 488 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 488 | + $carry5 = ( $h5 + ( 1 << 24 ) ) >> 25; |
|
| 489 | 489 | $h6 += $carry5; |
| 490 | 490 | $h5 -= $carry5 << 25; |
| 491 | 491 | |
| 492 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 492 | + $carry2 = ( $h2 + ( 1 << 25 ) ) >> 26; |
|
| 493 | 493 | $h3 += $carry2; |
| 494 | 494 | $h2 -= $carry2 << 26; |
| 495 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 495 | + $carry6 = ( $h6 + ( 1 << 25 ) ) >> 26; |
|
| 496 | 496 | $h7 += $carry6; |
| 497 | 497 | $h6 -= $carry6 << 26; |
| 498 | 498 | |
| 499 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 499 | + $carry3 = ( $h3 + ( 1 << 24 ) ) >> 25; |
|
| 500 | 500 | $h4 += $carry3; |
| 501 | 501 | $h3 -= $carry3 << 25; |
| 502 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 502 | + $carry7 = ( $h7 + ( 1 << 24 ) ) >> 25; |
|
| 503 | 503 | $h8 += $carry7; |
| 504 | 504 | $h7 -= $carry7 << 25; |
| 505 | 505 | |
| 506 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 506 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 507 | 507 | $h5 += $carry4; |
| 508 | 508 | $h4 -= $carry4 << 26; |
| 509 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 509 | + $carry8 = ( $h8 + ( 1 << 25 ) ) >> 26; |
|
| 510 | 510 | $h9 += $carry8; |
| 511 | 511 | $h8 -= $carry8 << 26; |
| 512 | 512 | |
| 513 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 514 | - $h0 += self::mul($carry9, 19, 5); |
|
| 513 | + $carry9 = ( $h9 + ( 1 << 24 ) ) >> 25; |
|
| 514 | + $h0 += self::mul( $carry9, 19, 5 ); |
|
| 515 | 515 | $h9 -= $carry9 << 25; |
| 516 | 516 | |
| 517 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 517 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 518 | 518 | $h1 += $carry0; |
| 519 | 519 | $h0 -= $carry0 << 26; |
| 520 | 520 | |
@@ -544,10 +544,10 @@ discard block |
||
| 544 | 544 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 545 | 545 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 546 | 546 | */ |
| 547 | - public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 547 | + public static function fe_neg( ParagonIE_Sodium_Core_Curve25519_Fe $f ) |
|
| 548 | 548 | { |
| 549 | 549 | $h = new ParagonIE_Sodium_Core_Curve25519_Fe(); |
| 550 | - for ($i = 0; $i < 10; ++$i) { |
|
| 550 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 551 | 551 | $h[$i] = -$f[$i]; |
| 552 | 552 | } |
| 553 | 553 | return $h; |
@@ -563,7 +563,7 @@ discard block |
||
| 563 | 563 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 564 | 564 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 565 | 565 | */ |
| 566 | - public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 566 | + public static function fe_sq( ParagonIE_Sodium_Core_Curve25519_Fe $f ) |
|
| 567 | 567 | { |
| 568 | 568 | $f0 = (int) $f[0]; |
| 569 | 569 | $f1 = (int) $f[1]; |
@@ -584,117 +584,117 @@ discard block |
||
| 584 | 584 | $f5_2 = $f5 << 1; |
| 585 | 585 | $f6_2 = $f6 << 1; |
| 586 | 586 | $f7_2 = $f7 << 1; |
| 587 | - $f5_38 = self::mul($f5, 38, 6); |
|
| 588 | - $f6_19 = self::mul($f6, 19, 5); |
|
| 589 | - $f7_38 = self::mul($f7, 38, 6); |
|
| 590 | - $f8_19 = self::mul($f8, 19, 5); |
|
| 591 | - $f9_38 = self::mul($f9, 38, 6); |
|
| 592 | - $f0f0 = self::mul($f0, $f0); |
|
| 593 | - $f0f1_2 = self::mul($f0_2, $f1); |
|
| 594 | - $f0f2_2 = self::mul($f0_2, $f2); |
|
| 595 | - $f0f3_2 = self::mul($f0_2, $f3); |
|
| 596 | - $f0f4_2 = self::mul($f0_2, $f4); |
|
| 597 | - $f0f5_2 = self::mul($f0_2, $f5); |
|
| 598 | - $f0f6_2 = self::mul($f0_2, $f6); |
|
| 599 | - $f0f7_2 = self::mul($f0_2, $f7); |
|
| 600 | - $f0f8_2 = self::mul($f0_2, $f8); |
|
| 601 | - $f0f9_2 = self::mul($f0_2, $f9); |
|
| 602 | - $f1f1_2 = self::mul($f1_2, $f1); |
|
| 603 | - $f1f2_2 = self::mul($f1_2, $f2); |
|
| 604 | - $f1f3_4 = self::mul($f1_2, $f3_2); |
|
| 605 | - $f1f4_2 = self::mul($f1_2, $f4); |
|
| 606 | - $f1f5_4 = self::mul($f1_2, $f5_2); |
|
| 607 | - $f1f6_2 = self::mul($f1_2, $f6); |
|
| 608 | - $f1f7_4 = self::mul($f1_2, $f7_2); |
|
| 609 | - $f1f8_2 = self::mul($f1_2, $f8); |
|
| 610 | - $f1f9_76 = self::mul($f1_2, $f9_38); |
|
| 611 | - $f2f2 = self::mul($f2, $f2); |
|
| 612 | - $f2f3_2 = self::mul($f2_2, $f3); |
|
| 613 | - $f2f4_2 = self::mul($f2_2, $f4); |
|
| 614 | - $f2f5_2 = self::mul($f2_2, $f5); |
|
| 615 | - $f2f6_2 = self::mul($f2_2, $f6); |
|
| 616 | - $f2f7_2 = self::mul($f2_2, $f7); |
|
| 617 | - $f2f8_38 = self::mul($f2_2, $f8_19); |
|
| 618 | - $f2f9_38 = self::mul($f2, $f9_38); |
|
| 619 | - $f3f3_2 = self::mul($f3_2, $f3); |
|
| 620 | - $f3f4_2 = self::mul($f3_2, $f4); |
|
| 621 | - $f3f5_4 = self::mul($f3_2, $f5_2); |
|
| 622 | - $f3f6_2 = self::mul($f3_2, $f6); |
|
| 623 | - $f3f7_76 = self::mul($f3_2, $f7_38); |
|
| 624 | - $f3f8_38 = self::mul($f3_2, $f8_19); |
|
| 625 | - $f3f9_76 = self::mul($f3_2, $f9_38); |
|
| 626 | - $f4f4 = self::mul($f4, $f4); |
|
| 627 | - $f4f5_2 = self::mul($f4_2, $f5); |
|
| 628 | - $f4f6_38 = self::mul($f4_2, $f6_19); |
|
| 629 | - $f4f7_38 = self::mul($f4, $f7_38); |
|
| 630 | - $f4f8_38 = self::mul($f4_2, $f8_19); |
|
| 631 | - $f4f9_38 = self::mul($f4, $f9_38); |
|
| 632 | - $f5f5_38 = self::mul($f5, $f5_38); |
|
| 633 | - $f5f6_38 = self::mul($f5_2, $f6_19); |
|
| 634 | - $f5f7_76 = self::mul($f5_2, $f7_38); |
|
| 635 | - $f5f8_38 = self::mul($f5_2, $f8_19); |
|
| 636 | - $f5f9_76 = self::mul($f5_2, $f9_38); |
|
| 637 | - $f6f6_19 = self::mul($f6, $f6_19); |
|
| 638 | - $f6f7_38 = self::mul($f6, $f7_38); |
|
| 639 | - $f6f8_38 = self::mul($f6_2, $f8_19); |
|
| 640 | - $f6f9_38 = self::mul($f6, $f9_38); |
|
| 641 | - $f7f7_38 = self::mul($f7, $f7_38); |
|
| 642 | - $f7f8_38 = self::mul($f7_2, $f8_19); |
|
| 643 | - $f7f9_76 = self::mul($f7_2, $f9_38); |
|
| 644 | - $f8f8_19 = self::mul($f8, $f8_19); |
|
| 645 | - $f8f9_38 = self::mul($f8, $f9_38); |
|
| 646 | - $f9f9_38 = self::mul($f9, $f9_38); |
|
| 647 | - $h0 = $f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38; |
|
| 587 | + $f5_38 = self::mul( $f5, 38, 6 ); |
|
| 588 | + $f6_19 = self::mul( $f6, 19, 5 ); |
|
| 589 | + $f7_38 = self::mul( $f7, 38, 6 ); |
|
| 590 | + $f8_19 = self::mul( $f8, 19, 5 ); |
|
| 591 | + $f9_38 = self::mul( $f9, 38, 6 ); |
|
| 592 | + $f0f0 = self::mul( $f0, $f0 ); |
|
| 593 | + $f0f1_2 = self::mul( $f0_2, $f1 ); |
|
| 594 | + $f0f2_2 = self::mul( $f0_2, $f2 ); |
|
| 595 | + $f0f3_2 = self::mul( $f0_2, $f3 ); |
|
| 596 | + $f0f4_2 = self::mul( $f0_2, $f4 ); |
|
| 597 | + $f0f5_2 = self::mul( $f0_2, $f5 ); |
|
| 598 | + $f0f6_2 = self::mul( $f0_2, $f6 ); |
|
| 599 | + $f0f7_2 = self::mul( $f0_2, $f7 ); |
|
| 600 | + $f0f8_2 = self::mul( $f0_2, $f8 ); |
|
| 601 | + $f0f9_2 = self::mul( $f0_2, $f9 ); |
|
| 602 | + $f1f1_2 = self::mul( $f1_2, $f1 ); |
|
| 603 | + $f1f2_2 = self::mul( $f1_2, $f2 ); |
|
| 604 | + $f1f3_4 = self::mul( $f1_2, $f3_2 ); |
|
| 605 | + $f1f4_2 = self::mul( $f1_2, $f4 ); |
|
| 606 | + $f1f5_4 = self::mul( $f1_2, $f5_2 ); |
|
| 607 | + $f1f6_2 = self::mul( $f1_2, $f6 ); |
|
| 608 | + $f1f7_4 = self::mul( $f1_2, $f7_2 ); |
|
| 609 | + $f1f8_2 = self::mul( $f1_2, $f8 ); |
|
| 610 | + $f1f9_76 = self::mul( $f1_2, $f9_38 ); |
|
| 611 | + $f2f2 = self::mul( $f2, $f2 ); |
|
| 612 | + $f2f3_2 = self::mul( $f2_2, $f3 ); |
|
| 613 | + $f2f4_2 = self::mul( $f2_2, $f4 ); |
|
| 614 | + $f2f5_2 = self::mul( $f2_2, $f5 ); |
|
| 615 | + $f2f6_2 = self::mul( $f2_2, $f6 ); |
|
| 616 | + $f2f7_2 = self::mul( $f2_2, $f7 ); |
|
| 617 | + $f2f8_38 = self::mul( $f2_2, $f8_19 ); |
|
| 618 | + $f2f9_38 = self::mul( $f2, $f9_38 ); |
|
| 619 | + $f3f3_2 = self::mul( $f3_2, $f3 ); |
|
| 620 | + $f3f4_2 = self::mul( $f3_2, $f4 ); |
|
| 621 | + $f3f5_4 = self::mul( $f3_2, $f5_2 ); |
|
| 622 | + $f3f6_2 = self::mul( $f3_2, $f6 ); |
|
| 623 | + $f3f7_76 = self::mul( $f3_2, $f7_38 ); |
|
| 624 | + $f3f8_38 = self::mul( $f3_2, $f8_19 ); |
|
| 625 | + $f3f9_76 = self::mul( $f3_2, $f9_38 ); |
|
| 626 | + $f4f4 = self::mul( $f4, $f4 ); |
|
| 627 | + $f4f5_2 = self::mul( $f4_2, $f5 ); |
|
| 628 | + $f4f6_38 = self::mul( $f4_2, $f6_19 ); |
|
| 629 | + $f4f7_38 = self::mul( $f4, $f7_38 ); |
|
| 630 | + $f4f8_38 = self::mul( $f4_2, $f8_19 ); |
|
| 631 | + $f4f9_38 = self::mul( $f4, $f9_38 ); |
|
| 632 | + $f5f5_38 = self::mul( $f5, $f5_38 ); |
|
| 633 | + $f5f6_38 = self::mul( $f5_2, $f6_19 ); |
|
| 634 | + $f5f7_76 = self::mul( $f5_2, $f7_38 ); |
|
| 635 | + $f5f8_38 = self::mul( $f5_2, $f8_19 ); |
|
| 636 | + $f5f9_76 = self::mul( $f5_2, $f9_38 ); |
|
| 637 | + $f6f6_19 = self::mul( $f6, $f6_19 ); |
|
| 638 | + $f6f7_38 = self::mul( $f6, $f7_38 ); |
|
| 639 | + $f6f8_38 = self::mul( $f6_2, $f8_19 ); |
|
| 640 | + $f6f9_38 = self::mul( $f6, $f9_38 ); |
|
| 641 | + $f7f7_38 = self::mul( $f7, $f7_38 ); |
|
| 642 | + $f7f8_38 = self::mul( $f7_2, $f8_19 ); |
|
| 643 | + $f7f9_76 = self::mul( $f7_2, $f9_38 ); |
|
| 644 | + $f8f8_19 = self::mul( $f8, $f8_19 ); |
|
| 645 | + $f8f9_38 = self::mul( $f8, $f9_38 ); |
|
| 646 | + $f9f9_38 = self::mul( $f9, $f9_38 ); |
|
| 647 | + $h0 = $f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38; |
|
| 648 | 648 | $h1 = $f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38; |
| 649 | - $h2 = $f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19; |
|
| 650 | - $h3 = $f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38; |
|
| 651 | - $h4 = $f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38; |
|
| 652 | - $h5 = $f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38; |
|
| 653 | - $h6 = $f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19; |
|
| 654 | - $h7 = $f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38; |
|
| 655 | - $h8 = $f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38; |
|
| 656 | - $h9 = $f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2; |
|
| 657 | - |
|
| 658 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 649 | + $h2 = $f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19; |
|
| 650 | + $h3 = $f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38; |
|
| 651 | + $h4 = $f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38; |
|
| 652 | + $h5 = $f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38; |
|
| 653 | + $h6 = $f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19; |
|
| 654 | + $h7 = $f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38; |
|
| 655 | + $h8 = $f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38; |
|
| 656 | + $h9 = $f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2; |
|
| 657 | + |
|
| 658 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 659 | 659 | $h1 += $carry0; |
| 660 | 660 | $h0 -= $carry0 << 26; |
| 661 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 661 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 662 | 662 | $h5 += $carry4; |
| 663 | 663 | $h4 -= $carry4 << 26; |
| 664 | 664 | |
| 665 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 665 | + $carry1 = ( $h1 + ( 1 << 24 ) ) >> 25; |
|
| 666 | 666 | $h2 += $carry1; |
| 667 | 667 | $h1 -= $carry1 << 25; |
| 668 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 668 | + $carry5 = ( $h5 + ( 1 << 24 ) ) >> 25; |
|
| 669 | 669 | $h6 += $carry5; |
| 670 | 670 | $h5 -= $carry5 << 25; |
| 671 | 671 | |
| 672 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 672 | + $carry2 = ( $h2 + ( 1 << 25 ) ) >> 26; |
|
| 673 | 673 | $h3 += $carry2; |
| 674 | 674 | $h2 -= $carry2 << 26; |
| 675 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 675 | + $carry6 = ( $h6 + ( 1 << 25 ) ) >> 26; |
|
| 676 | 676 | $h7 += $carry6; |
| 677 | 677 | $h6 -= $carry6 << 26; |
| 678 | 678 | |
| 679 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 679 | + $carry3 = ( $h3 + ( 1 << 24 ) ) >> 25; |
|
| 680 | 680 | $h4 += $carry3; |
| 681 | 681 | $h3 -= $carry3 << 25; |
| 682 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 682 | + $carry7 = ( $h7 + ( 1 << 24 ) ) >> 25; |
|
| 683 | 683 | $h8 += $carry7; |
| 684 | 684 | $h7 -= $carry7 << 25; |
| 685 | 685 | |
| 686 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 686 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 687 | 687 | $h5 += $carry4; |
| 688 | 688 | $h4 -= $carry4 << 26; |
| 689 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 689 | + $carry8 = ( $h8 + ( 1 << 25 ) ) >> 26; |
|
| 690 | 690 | $h9 += $carry8; |
| 691 | 691 | $h8 -= $carry8 << 26; |
| 692 | 692 | |
| 693 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 694 | - $h0 += self::mul($carry9, 19, 5); |
|
| 693 | + $carry9 = ( $h9 + ( 1 << 24 ) ) >> 25; |
|
| 694 | + $h0 += self::mul( $carry9, 19, 5 ); |
|
| 695 | 695 | $h9 -= $carry9 << 25; |
| 696 | 696 | |
| 697 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 697 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 698 | 698 | $h1 += $carry0; |
| 699 | 699 | $h0 -= $carry0 << 26; |
| 700 | 700 | |
@@ -725,7 +725,7 @@ discard block |
||
| 725 | 725 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 726 | 726 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 727 | 727 | */ |
| 728 | - public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 728 | + public static function fe_sq2( ParagonIE_Sodium_Core_Curve25519_Fe $f ) |
|
| 729 | 729 | { |
| 730 | 730 | $f0 = (int) $f[0]; |
| 731 | 731 | $f1 = (int) $f[1]; |
@@ -746,129 +746,129 @@ discard block |
||
| 746 | 746 | $f5_2 = $f5 << 1; |
| 747 | 747 | $f6_2 = $f6 << 1; |
| 748 | 748 | $f7_2 = $f7 << 1; |
| 749 | - $f5_38 = self::mul($f5, 38, 6); /* 1.959375*2^30 */ |
|
| 750 | - $f6_19 = self::mul($f6, 19, 5); /* 1.959375*2^30 */ |
|
| 751 | - $f7_38 = self::mul($f7, 38, 6); /* 1.959375*2^30 */ |
|
| 752 | - $f8_19 = self::mul($f8, 19, 5); /* 1.959375*2^30 */ |
|
| 753 | - $f9_38 = self::mul($f9, 38, 6); /* 1.959375*2^30 */ |
|
| 754 | - $f0f0 = self::mul($f0, (int) $f0); |
|
| 755 | - $f0f1_2 = self::mul($f0_2, (int) $f1); |
|
| 756 | - $f0f2_2 = self::mul($f0_2, (int) $f2); |
|
| 757 | - $f0f3_2 = self::mul($f0_2, (int) $f3); |
|
| 758 | - $f0f4_2 = self::mul($f0_2, (int) $f4); |
|
| 759 | - $f0f5_2 = self::mul($f0_2, (int) $f5); |
|
| 760 | - $f0f6_2 = self::mul($f0_2, (int) $f6); |
|
| 761 | - $f0f7_2 = self::mul($f0_2, (int) $f7); |
|
| 762 | - $f0f8_2 = self::mul($f0_2, (int) $f8); |
|
| 763 | - $f0f9_2 = self::mul($f0_2, (int) $f9); |
|
| 764 | - $f1f1_2 = self::mul($f1_2, (int) $f1); |
|
| 765 | - $f1f2_2 = self::mul($f1_2, (int) $f2); |
|
| 766 | - $f1f3_4 = self::mul($f1_2, (int) $f3_2); |
|
| 767 | - $f1f4_2 = self::mul($f1_2, (int) $f4); |
|
| 768 | - $f1f5_4 = self::mul($f1_2, (int) $f5_2); |
|
| 769 | - $f1f6_2 = self::mul($f1_2, (int) $f6); |
|
| 770 | - $f1f7_4 = self::mul($f1_2, (int) $f7_2); |
|
| 771 | - $f1f8_2 = self::mul($f1_2, (int) $f8); |
|
| 772 | - $f1f9_76 = self::mul($f1_2, (int) $f9_38); |
|
| 773 | - $f2f2 = self::mul($f2, (int) $f2); |
|
| 774 | - $f2f3_2 = self::mul($f2_2, (int) $f3); |
|
| 775 | - $f2f4_2 = self::mul($f2_2, (int) $f4); |
|
| 776 | - $f2f5_2 = self::mul($f2_2, (int) $f5); |
|
| 777 | - $f2f6_2 = self::mul($f2_2, (int) $f6); |
|
| 778 | - $f2f7_2 = self::mul($f2_2, (int) $f7); |
|
| 779 | - $f2f8_38 = self::mul($f2_2, (int) $f8_19); |
|
| 780 | - $f2f9_38 = self::mul($f2, (int) $f9_38); |
|
| 781 | - $f3f3_2 = self::mul($f3_2, (int) $f3); |
|
| 782 | - $f3f4_2 = self::mul($f3_2, (int) $f4); |
|
| 783 | - $f3f5_4 = self::mul($f3_2, (int) $f5_2); |
|
| 784 | - $f3f6_2 = self::mul($f3_2, (int) $f6); |
|
| 785 | - $f3f7_76 = self::mul($f3_2, (int) $f7_38); |
|
| 786 | - $f3f8_38 = self::mul($f3_2, (int) $f8_19); |
|
| 787 | - $f3f9_76 = self::mul($f3_2, (int) $f9_38); |
|
| 788 | - $f4f4 = self::mul($f4, (int) $f4); |
|
| 789 | - $f4f5_2 = self::mul($f4_2, (int) $f5); |
|
| 790 | - $f4f6_38 = self::mul($f4_2, (int) $f6_19); |
|
| 791 | - $f4f7_38 = self::mul($f4, (int) $f7_38); |
|
| 792 | - $f4f8_38 = self::mul($f4_2, (int) $f8_19); |
|
| 793 | - $f4f9_38 = self::mul($f4, (int) $f9_38); |
|
| 794 | - $f5f5_38 = self::mul($f5, (int) $f5_38); |
|
| 795 | - $f5f6_38 = self::mul($f5_2, (int) $f6_19); |
|
| 796 | - $f5f7_76 = self::mul($f5_2, (int) $f7_38); |
|
| 797 | - $f5f8_38 = self::mul($f5_2, (int) $f8_19); |
|
| 798 | - $f5f9_76 = self::mul($f5_2, (int) $f9_38); |
|
| 799 | - $f6f6_19 = self::mul($f6, (int) $f6_19); |
|
| 800 | - $f6f7_38 = self::mul($f6, (int) $f7_38); |
|
| 801 | - $f6f8_38 = self::mul($f6_2, (int) $f8_19); |
|
| 802 | - $f6f9_38 = self::mul($f6, (int) $f9_38); |
|
| 803 | - $f7f7_38 = self::mul($f7, (int) $f7_38); |
|
| 804 | - $f7f8_38 = self::mul($f7_2, (int) $f8_19); |
|
| 805 | - $f7f9_76 = self::mul($f7_2, (int) $f9_38); |
|
| 806 | - $f8f8_19 = self::mul($f8, (int) $f8_19); |
|
| 807 | - $f8f9_38 = self::mul($f8, (int) $f9_38); |
|
| 808 | - $f9f9_38 = self::mul($f9, (int) $f9_38); |
|
| 809 | - |
|
| 810 | - $h0 = (int) ($f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38); |
|
| 811 | - $h1 = (int) ($f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38); |
|
| 812 | - $h2 = (int) ($f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19); |
|
| 813 | - $h3 = (int) ($f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38); |
|
| 814 | - $h4 = (int) ($f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38); |
|
| 815 | - $h5 = (int) ($f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38); |
|
| 816 | - $h6 = (int) ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19); |
|
| 817 | - $h7 = (int) ($f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38); |
|
| 818 | - $h8 = (int) ($f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38); |
|
| 819 | - $h9 = (int) ($f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2); |
|
| 820 | - |
|
| 821 | - $h0 = (int) ($h0 + $h0); |
|
| 822 | - $h1 = (int) ($h1 + $h1); |
|
| 823 | - $h2 = (int) ($h2 + $h2); |
|
| 824 | - $h3 = (int) ($h3 + $h3); |
|
| 825 | - $h4 = (int) ($h4 + $h4); |
|
| 826 | - $h5 = (int) ($h5 + $h5); |
|
| 827 | - $h6 = (int) ($h6 + $h6); |
|
| 828 | - $h7 = (int) ($h7 + $h7); |
|
| 829 | - $h8 = (int) ($h8 + $h8); |
|
| 830 | - $h9 = (int) ($h9 + $h9); |
|
| 831 | - |
|
| 832 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 749 | + $f5_38 = self::mul( $f5, 38, 6 ); /* 1.959375*2^30 */ |
|
| 750 | + $f6_19 = self::mul( $f6, 19, 5 ); /* 1.959375*2^30 */ |
|
| 751 | + $f7_38 = self::mul( $f7, 38, 6 ); /* 1.959375*2^30 */ |
|
| 752 | + $f8_19 = self::mul( $f8, 19, 5 ); /* 1.959375*2^30 */ |
|
| 753 | + $f9_38 = self::mul( $f9, 38, 6 ); /* 1.959375*2^30 */ |
|
| 754 | + $f0f0 = self::mul( $f0, (int) $f0 ); |
|
| 755 | + $f0f1_2 = self::mul( $f0_2, (int) $f1 ); |
|
| 756 | + $f0f2_2 = self::mul( $f0_2, (int) $f2 ); |
|
| 757 | + $f0f3_2 = self::mul( $f0_2, (int) $f3 ); |
|
| 758 | + $f0f4_2 = self::mul( $f0_2, (int) $f4 ); |
|
| 759 | + $f0f5_2 = self::mul( $f0_2, (int) $f5 ); |
|
| 760 | + $f0f6_2 = self::mul( $f0_2, (int) $f6 ); |
|
| 761 | + $f0f7_2 = self::mul( $f0_2, (int) $f7 ); |
|
| 762 | + $f0f8_2 = self::mul( $f0_2, (int) $f8 ); |
|
| 763 | + $f0f9_2 = self::mul( $f0_2, (int) $f9 ); |
|
| 764 | + $f1f1_2 = self::mul( $f1_2, (int) $f1 ); |
|
| 765 | + $f1f2_2 = self::mul( $f1_2, (int) $f2 ); |
|
| 766 | + $f1f3_4 = self::mul( $f1_2, (int) $f3_2 ); |
|
| 767 | + $f1f4_2 = self::mul( $f1_2, (int) $f4 ); |
|
| 768 | + $f1f5_4 = self::mul( $f1_2, (int) $f5_2 ); |
|
| 769 | + $f1f6_2 = self::mul( $f1_2, (int) $f6 ); |
|
| 770 | + $f1f7_4 = self::mul( $f1_2, (int) $f7_2 ); |
|
| 771 | + $f1f8_2 = self::mul( $f1_2, (int) $f8 ); |
|
| 772 | + $f1f9_76 = self::mul( $f1_2, (int) $f9_38 ); |
|
| 773 | + $f2f2 = self::mul( $f2, (int) $f2 ); |
|
| 774 | + $f2f3_2 = self::mul( $f2_2, (int) $f3 ); |
|
| 775 | + $f2f4_2 = self::mul( $f2_2, (int) $f4 ); |
|
| 776 | + $f2f5_2 = self::mul( $f2_2, (int) $f5 ); |
|
| 777 | + $f2f6_2 = self::mul( $f2_2, (int) $f6 ); |
|
| 778 | + $f2f7_2 = self::mul( $f2_2, (int) $f7 ); |
|
| 779 | + $f2f8_38 = self::mul( $f2_2, (int) $f8_19 ); |
|
| 780 | + $f2f9_38 = self::mul( $f2, (int) $f9_38 ); |
|
| 781 | + $f3f3_2 = self::mul( $f3_2, (int) $f3 ); |
|
| 782 | + $f3f4_2 = self::mul( $f3_2, (int) $f4 ); |
|
| 783 | + $f3f5_4 = self::mul( $f3_2, (int) $f5_2 ); |
|
| 784 | + $f3f6_2 = self::mul( $f3_2, (int) $f6 ); |
|
| 785 | + $f3f7_76 = self::mul( $f3_2, (int) $f7_38 ); |
|
| 786 | + $f3f8_38 = self::mul( $f3_2, (int) $f8_19 ); |
|
| 787 | + $f3f9_76 = self::mul( $f3_2, (int) $f9_38 ); |
|
| 788 | + $f4f4 = self::mul( $f4, (int) $f4 ); |
|
| 789 | + $f4f5_2 = self::mul( $f4_2, (int) $f5 ); |
|
| 790 | + $f4f6_38 = self::mul( $f4_2, (int) $f6_19 ); |
|
| 791 | + $f4f7_38 = self::mul( $f4, (int) $f7_38 ); |
|
| 792 | + $f4f8_38 = self::mul( $f4_2, (int) $f8_19 ); |
|
| 793 | + $f4f9_38 = self::mul( $f4, (int) $f9_38 ); |
|
| 794 | + $f5f5_38 = self::mul( $f5, (int) $f5_38 ); |
|
| 795 | + $f5f6_38 = self::mul( $f5_2, (int) $f6_19 ); |
|
| 796 | + $f5f7_76 = self::mul( $f5_2, (int) $f7_38 ); |
|
| 797 | + $f5f8_38 = self::mul( $f5_2, (int) $f8_19 ); |
|
| 798 | + $f5f9_76 = self::mul( $f5_2, (int) $f9_38 ); |
|
| 799 | + $f6f6_19 = self::mul( $f6, (int) $f6_19 ); |
|
| 800 | + $f6f7_38 = self::mul( $f6, (int) $f7_38 ); |
|
| 801 | + $f6f8_38 = self::mul( $f6_2, (int) $f8_19 ); |
|
| 802 | + $f6f9_38 = self::mul( $f6, (int) $f9_38 ); |
|
| 803 | + $f7f7_38 = self::mul( $f7, (int) $f7_38 ); |
|
| 804 | + $f7f8_38 = self::mul( $f7_2, (int) $f8_19 ); |
|
| 805 | + $f7f9_76 = self::mul( $f7_2, (int) $f9_38 ); |
|
| 806 | + $f8f8_19 = self::mul( $f8, (int) $f8_19 ); |
|
| 807 | + $f8f9_38 = self::mul( $f8, (int) $f9_38 ); |
|
| 808 | + $f9f9_38 = self::mul( $f9, (int) $f9_38 ); |
|
| 809 | + |
|
| 810 | + $h0 = (int) ( $f0f0 + $f1f9_76 + $f2f8_38 + $f3f7_76 + $f4f6_38 + $f5f5_38 ); |
|
| 811 | + $h1 = (int) ( $f0f1_2 + $f2f9_38 + $f3f8_38 + $f4f7_38 + $f5f6_38 ); |
|
| 812 | + $h2 = (int) ( $f0f2_2 + $f1f1_2 + $f3f9_76 + $f4f8_38 + $f5f7_76 + $f6f6_19 ); |
|
| 813 | + $h3 = (int) ( $f0f3_2 + $f1f2_2 + $f4f9_38 + $f5f8_38 + $f6f7_38 ); |
|
| 814 | + $h4 = (int) ( $f0f4_2 + $f1f3_4 + $f2f2 + $f5f9_76 + $f6f8_38 + $f7f7_38 ); |
|
| 815 | + $h5 = (int) ( $f0f5_2 + $f1f4_2 + $f2f3_2 + $f6f9_38 + $f7f8_38 ); |
|
| 816 | + $h6 = (int) ( $f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19 ); |
|
| 817 | + $h7 = (int) ( $f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38 ); |
|
| 818 | + $h8 = (int) ( $f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38 ); |
|
| 819 | + $h9 = (int) ( $f0f9_2 + $f1f8_2 + $f2f7_2 + $f3f6_2 + $f4f5_2 ); |
|
| 820 | + |
|
| 821 | + $h0 = (int) ( $h0 + $h0 ); |
|
| 822 | + $h1 = (int) ( $h1 + $h1 ); |
|
| 823 | + $h2 = (int) ( $h2 + $h2 ); |
|
| 824 | + $h3 = (int) ( $h3 + $h3 ); |
|
| 825 | + $h4 = (int) ( $h4 + $h4 ); |
|
| 826 | + $h5 = (int) ( $h5 + $h5 ); |
|
| 827 | + $h6 = (int) ( $h6 + $h6 ); |
|
| 828 | + $h7 = (int) ( $h7 + $h7 ); |
|
| 829 | + $h8 = (int) ( $h8 + $h8 ); |
|
| 830 | + $h9 = (int) ( $h9 + $h9 ); |
|
| 831 | + |
|
| 832 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 833 | 833 | $h1 += $carry0; |
| 834 | 834 | $h0 -= $carry0 << 26; |
| 835 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 835 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 836 | 836 | $h5 += $carry4; |
| 837 | 837 | $h4 -= $carry4 << 26; |
| 838 | 838 | |
| 839 | - $carry1 = ($h1 + (1 << 24)) >> 25; |
|
| 839 | + $carry1 = ( $h1 + ( 1 << 24 ) ) >> 25; |
|
| 840 | 840 | $h2 += $carry1; |
| 841 | 841 | $h1 -= $carry1 << 25; |
| 842 | - $carry5 = ($h5 + (1 << 24)) >> 25; |
|
| 842 | + $carry5 = ( $h5 + ( 1 << 24 ) ) >> 25; |
|
| 843 | 843 | $h6 += $carry5; |
| 844 | 844 | $h5 -= $carry5 << 25; |
| 845 | 845 | |
| 846 | - $carry2 = ($h2 + (1 << 25)) >> 26; |
|
| 846 | + $carry2 = ( $h2 + ( 1 << 25 ) ) >> 26; |
|
| 847 | 847 | $h3 += $carry2; |
| 848 | 848 | $h2 -= $carry2 << 26; |
| 849 | - $carry6 = ($h6 + (1 << 25)) >> 26; |
|
| 849 | + $carry6 = ( $h6 + ( 1 << 25 ) ) >> 26; |
|
| 850 | 850 | $h7 += $carry6; |
| 851 | 851 | $h6 -= $carry6 << 26; |
| 852 | 852 | |
| 853 | - $carry3 = ($h3 + (1 << 24)) >> 25; |
|
| 853 | + $carry3 = ( $h3 + ( 1 << 24 ) ) >> 25; |
|
| 854 | 854 | $h4 += $carry3; |
| 855 | 855 | $h3 -= $carry3 << 25; |
| 856 | - $carry7 = ($h7 + (1 << 24)) >> 25; |
|
| 856 | + $carry7 = ( $h7 + ( 1 << 24 ) ) >> 25; |
|
| 857 | 857 | $h8 += $carry7; |
| 858 | 858 | $h7 -= $carry7 << 25; |
| 859 | 859 | |
| 860 | - $carry4 = ($h4 + (1 << 25)) >> 26; |
|
| 860 | + $carry4 = ( $h4 + ( 1 << 25 ) ) >> 26; |
|
| 861 | 861 | $h5 += $carry4; |
| 862 | 862 | $h4 -= $carry4 << 26; |
| 863 | - $carry8 = ($h8 + (1 << 25)) >> 26; |
|
| 863 | + $carry8 = ( $h8 + ( 1 << 25 ) ) >> 26; |
|
| 864 | 864 | $h9 += $carry8; |
| 865 | 865 | $h8 -= $carry8 << 26; |
| 866 | 866 | |
| 867 | - $carry9 = ($h9 + (1 << 24)) >> 25; |
|
| 868 | - $h0 += self::mul($carry9, 19, 5); |
|
| 867 | + $carry9 = ( $h9 + ( 1 << 24 ) ) >> 25; |
|
| 868 | + $h0 += self::mul( $carry9, 19, 5 ); |
|
| 869 | 869 | $h9 -= $carry9 << 25; |
| 870 | 870 | |
| 871 | - $carry0 = ($h0 + (1 << 25)) >> 26; |
|
| 871 | + $carry0 = ( $h0 + ( 1 << 25 ) ) >> 26; |
|
| 872 | 872 | $h1 += $carry0; |
| 873 | 873 | $h0 -= $carry0 << 26; |
| 874 | 874 | |
@@ -894,56 +894,56 @@ discard block |
||
| 894 | 894 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $Z |
| 895 | 895 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 896 | 896 | */ |
| 897 | - public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) |
|
| 897 | + public static function fe_invert( ParagonIE_Sodium_Core_Curve25519_Fe $Z ) |
|
| 898 | 898 | { |
| 899 | 899 | $z = clone $Z; |
| 900 | - $t0 = self::fe_sq($z); |
|
| 901 | - $t1 = self::fe_sq($t0); |
|
| 902 | - $t1 = self::fe_sq($t1); |
|
| 903 | - $t1 = self::fe_mul($z, $t1); |
|
| 904 | - $t0 = self::fe_mul($t0, $t1); |
|
| 905 | - $t2 = self::fe_sq($t0); |
|
| 906 | - $t1 = self::fe_mul($t1, $t2); |
|
| 907 | - $t2 = self::fe_sq($t1); |
|
| 908 | - for ($i = 1; $i < 5; ++$i) { |
|
| 909 | - $t2 = self::fe_sq($t2); |
|
| 900 | + $t0 = self::fe_sq( $z ); |
|
| 901 | + $t1 = self::fe_sq( $t0 ); |
|
| 902 | + $t1 = self::fe_sq( $t1 ); |
|
| 903 | + $t1 = self::fe_mul( $z, $t1 ); |
|
| 904 | + $t0 = self::fe_mul( $t0, $t1 ); |
|
| 905 | + $t2 = self::fe_sq( $t0 ); |
|
| 906 | + $t1 = self::fe_mul( $t1, $t2 ); |
|
| 907 | + $t2 = self::fe_sq( $t1 ); |
|
| 908 | + for ( $i = 1; $i < 5; ++$i ) { |
|
| 909 | + $t2 = self::fe_sq( $t2 ); |
|
| 910 | 910 | } |
| 911 | - $t1 = self::fe_mul($t2, $t1); |
|
| 912 | - $t2 = self::fe_sq($t1); |
|
| 913 | - for ($i = 1; $i < 10; ++$i) { |
|
| 914 | - $t2 = self::fe_sq($t2); |
|
| 911 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 912 | + $t2 = self::fe_sq( $t1 ); |
|
| 913 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 914 | + $t2 = self::fe_sq( $t2 ); |
|
| 915 | 915 | } |
| 916 | - $t2 = self::fe_mul($t2, $t1); |
|
| 917 | - $t3 = self::fe_sq($t2); |
|
| 918 | - for ($i = 1; $i < 20; ++$i) { |
|
| 919 | - $t3 = self::fe_sq($t3); |
|
| 916 | + $t2 = self::fe_mul( $t2, $t1 ); |
|
| 917 | + $t3 = self::fe_sq( $t2 ); |
|
| 918 | + for ( $i = 1; $i < 20; ++$i ) { |
|
| 919 | + $t3 = self::fe_sq( $t3 ); |
|
| 920 | 920 | } |
| 921 | - $t2 = self::fe_mul($t3, $t2); |
|
| 922 | - $t2 = self::fe_sq($t2); |
|
| 923 | - for ($i = 1; $i < 10; ++$i) { |
|
| 924 | - $t2 = self::fe_sq($t2); |
|
| 921 | + $t2 = self::fe_mul( $t3, $t2 ); |
|
| 922 | + $t2 = self::fe_sq( $t2 ); |
|
| 923 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 924 | + $t2 = self::fe_sq( $t2 ); |
|
| 925 | 925 | } |
| 926 | - $t1 = self::fe_mul($t2, $t1); |
|
| 927 | - $t2 = self::fe_sq($t1); |
|
| 928 | - for ($i = 1; $i < 50; ++$i) { |
|
| 929 | - $t2 = self::fe_sq($t2); |
|
| 926 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 927 | + $t2 = self::fe_sq( $t1 ); |
|
| 928 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 929 | + $t2 = self::fe_sq( $t2 ); |
|
| 930 | 930 | } |
| 931 | - $t2 = self::fe_mul($t2, $t1); |
|
| 932 | - $t3 = self::fe_sq($t2); |
|
| 933 | - for ($i = 1; $i < 100; ++$i) { |
|
| 934 | - $t3 = self::fe_sq($t3); |
|
| 931 | + $t2 = self::fe_mul( $t2, $t1 ); |
|
| 932 | + $t3 = self::fe_sq( $t2 ); |
|
| 933 | + for ( $i = 1; $i < 100; ++$i ) { |
|
| 934 | + $t3 = self::fe_sq( $t3 ); |
|
| 935 | 935 | } |
| 936 | - $t2 = self::fe_mul($t3, $t2); |
|
| 937 | - $t2 = self::fe_sq($t2); |
|
| 938 | - for ($i = 1; $i < 50; ++$i) { |
|
| 939 | - $t2 = self::fe_sq($t2); |
|
| 936 | + $t2 = self::fe_mul( $t3, $t2 ); |
|
| 937 | + $t2 = self::fe_sq( $t2 ); |
|
| 938 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 939 | + $t2 = self::fe_sq( $t2 ); |
|
| 940 | 940 | } |
| 941 | - $t1 = self::fe_mul($t2, $t1); |
|
| 942 | - $t1 = self::fe_sq($t1); |
|
| 943 | - for ($i = 1; $i < 5; ++$i) { |
|
| 944 | - $t1 = self::fe_sq($t1); |
|
| 941 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 942 | + $t1 = self::fe_sq( $t1 ); |
|
| 943 | + for ( $i = 1; $i < 5; ++$i ) { |
|
| 944 | + $t1 = self::fe_sq( $t1 ); |
|
| 945 | 945 | } |
| 946 | - return self::fe_mul($t1, $t0); |
|
| 946 | + return self::fe_mul( $t1, $t0 ); |
|
| 947 | 947 | } |
| 948 | 948 | |
| 949 | 949 | /** |
@@ -954,7 +954,7 @@ discard block |
||
| 954 | 954 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $z |
| 955 | 955 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 956 | 956 | */ |
| 957 | - public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) |
|
| 957 | + public static function fe_pow22523( ParagonIE_Sodium_Core_Curve25519_Fe $z ) |
|
| 958 | 958 | { |
| 959 | 959 | # fe_sq(t0, z); |
| 960 | 960 | # fe_sq(t1, t0); |
@@ -964,102 +964,102 @@ discard block |
||
| 964 | 964 | # fe_sq(t0, t0); |
| 965 | 965 | # fe_mul(t0, t1, t0); |
| 966 | 966 | # fe_sq(t1, t0); |
| 967 | - $t0 = self::fe_sq($z); |
|
| 968 | - $t1 = self::fe_sq($t0); |
|
| 969 | - $t1 = self::fe_sq($t1); |
|
| 970 | - $t1 = self::fe_mul($z, $t1); |
|
| 971 | - $t0 = self::fe_mul($t0, $t1); |
|
| 972 | - $t0 = self::fe_sq($t0); |
|
| 973 | - $t0 = self::fe_mul($t1, $t0); |
|
| 974 | - $t1 = self::fe_sq($t0); |
|
| 967 | + $t0 = self::fe_sq( $z ); |
|
| 968 | + $t1 = self::fe_sq( $t0 ); |
|
| 969 | + $t1 = self::fe_sq( $t1 ); |
|
| 970 | + $t1 = self::fe_mul( $z, $t1 ); |
|
| 971 | + $t0 = self::fe_mul( $t0, $t1 ); |
|
| 972 | + $t0 = self::fe_sq( $t0 ); |
|
| 973 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 974 | + $t1 = self::fe_sq( $t0 ); |
|
| 975 | 975 | |
| 976 | 976 | # for (i = 1; i < 5; ++i) { |
| 977 | 977 | # fe_sq(t1, t1); |
| 978 | 978 | # } |
| 979 | - for ($i = 1; $i < 5; ++$i) { |
|
| 980 | - $t1 = self::fe_sq($t1); |
|
| 979 | + for ( $i = 1; $i < 5; ++$i ) { |
|
| 980 | + $t1 = self::fe_sq( $t1 ); |
|
| 981 | 981 | } |
| 982 | 982 | |
| 983 | 983 | # fe_mul(t0, t1, t0); |
| 984 | 984 | # fe_sq(t1, t0); |
| 985 | - $t0 = self::fe_mul($t1, $t0); |
|
| 986 | - $t1 = self::fe_sq($t0); |
|
| 985 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 986 | + $t1 = self::fe_sq( $t0 ); |
|
| 987 | 987 | |
| 988 | 988 | # for (i = 1; i < 10; ++i) { |
| 989 | 989 | # fe_sq(t1, t1); |
| 990 | 990 | # } |
| 991 | - for ($i = 1; $i < 10; ++$i) { |
|
| 992 | - $t1 = self::fe_sq($t1); |
|
| 991 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 992 | + $t1 = self::fe_sq( $t1 ); |
|
| 993 | 993 | } |
| 994 | 994 | |
| 995 | 995 | # fe_mul(t1, t1, t0); |
| 996 | 996 | # fe_sq(t2, t1); |
| 997 | - $t1 = self::fe_mul($t1, $t0); |
|
| 998 | - $t2 = self::fe_sq($t1); |
|
| 997 | + $t1 = self::fe_mul( $t1, $t0 ); |
|
| 998 | + $t2 = self::fe_sq( $t1 ); |
|
| 999 | 999 | |
| 1000 | 1000 | # for (i = 1; i < 20; ++i) { |
| 1001 | 1001 | # fe_sq(t2, t2); |
| 1002 | 1002 | # } |
| 1003 | - for ($i = 1; $i < 20; ++$i) { |
|
| 1004 | - $t2 = self::fe_sq($t2); |
|
| 1003 | + for ( $i = 1; $i < 20; ++$i ) { |
|
| 1004 | + $t2 = self::fe_sq( $t2 ); |
|
| 1005 | 1005 | } |
| 1006 | 1006 | |
| 1007 | 1007 | # fe_mul(t1, t2, t1); |
| 1008 | 1008 | # fe_sq(t1, t1); |
| 1009 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1010 | - $t1 = self::fe_sq($t1); |
|
| 1009 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1010 | + $t1 = self::fe_sq( $t1 ); |
|
| 1011 | 1011 | |
| 1012 | 1012 | # for (i = 1; i < 10; ++i) { |
| 1013 | 1013 | # fe_sq(t1, t1); |
| 1014 | 1014 | # } |
| 1015 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1016 | - $t1 = self::fe_sq($t1); |
|
| 1015 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 1016 | + $t1 = self::fe_sq( $t1 ); |
|
| 1017 | 1017 | } |
| 1018 | 1018 | |
| 1019 | 1019 | # fe_mul(t0, t1, t0); |
| 1020 | 1020 | # fe_sq(t1, t0); |
| 1021 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1022 | - $t1 = self::fe_sq($t0); |
|
| 1021 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 1022 | + $t1 = self::fe_sq( $t0 ); |
|
| 1023 | 1023 | |
| 1024 | 1024 | # for (i = 1; i < 50; ++i) { |
| 1025 | 1025 | # fe_sq(t1, t1); |
| 1026 | 1026 | # } |
| 1027 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1028 | - $t1 = self::fe_sq($t1); |
|
| 1027 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 1028 | + $t1 = self::fe_sq( $t1 ); |
|
| 1029 | 1029 | } |
| 1030 | 1030 | |
| 1031 | 1031 | # fe_mul(t1, t1, t0); |
| 1032 | 1032 | # fe_sq(t2, t1); |
| 1033 | - $t1 = self::fe_mul($t1, $t0); |
|
| 1034 | - $t2 = self::fe_sq($t1); |
|
| 1033 | + $t1 = self::fe_mul( $t1, $t0 ); |
|
| 1034 | + $t2 = self::fe_sq( $t1 ); |
|
| 1035 | 1035 | |
| 1036 | 1036 | # for (i = 1; i < 100; ++i) { |
| 1037 | 1037 | # fe_sq(t2, t2); |
| 1038 | 1038 | # } |
| 1039 | - for ($i = 1; $i < 100; ++$i) { |
|
| 1040 | - $t2 = self::fe_sq($t2); |
|
| 1039 | + for ( $i = 1; $i < 100; ++$i ) { |
|
| 1040 | + $t2 = self::fe_sq( $t2 ); |
|
| 1041 | 1041 | } |
| 1042 | 1042 | |
| 1043 | 1043 | # fe_mul(t1, t2, t1); |
| 1044 | 1044 | # fe_sq(t1, t1); |
| 1045 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1046 | - $t1 = self::fe_sq($t1); |
|
| 1045 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1046 | + $t1 = self::fe_sq( $t1 ); |
|
| 1047 | 1047 | |
| 1048 | 1048 | # for (i = 1; i < 50; ++i) { |
| 1049 | 1049 | # fe_sq(t1, t1); |
| 1050 | 1050 | # } |
| 1051 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1052 | - $t1 = self::fe_sq($t1); |
|
| 1051 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 1052 | + $t1 = self::fe_sq( $t1 ); |
|
| 1053 | 1053 | } |
| 1054 | 1054 | |
| 1055 | 1055 | # fe_mul(t0, t1, t0); |
| 1056 | 1056 | # fe_sq(t0, t0); |
| 1057 | 1057 | # fe_sq(t0, t0); |
| 1058 | 1058 | # fe_mul(out, t0, z); |
| 1059 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1060 | - $t0 = self::fe_sq($t0); |
|
| 1061 | - $t0 = self::fe_sq($t0); |
|
| 1062 | - return self::fe_mul($t0, $z); |
|
| 1059 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 1060 | + $t0 = self::fe_sq( $t0 ); |
|
| 1061 | + $t0 = self::fe_sq( $t0 ); |
|
| 1062 | + return self::fe_mul( $t0, $z ); |
|
| 1063 | 1063 | } |
| 1064 | 1064 | |
| 1065 | 1065 | /** |
@@ -1080,20 +1080,20 @@ discard block |
||
| 1080 | 1080 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
| 1081 | 1081 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 1082 | 1082 | */ |
| 1083 | - public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) |
|
| 1083 | + public static function fe_sub( ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g ) |
|
| 1084 | 1084 | { |
| 1085 | 1085 | return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
| 1086 | 1086 | array( |
| 1087 | - (int) ($f[0] - $g[0]), |
|
| 1088 | - (int) ($f[1] - $g[1]), |
|
| 1089 | - (int) ($f[2] - $g[2]), |
|
| 1090 | - (int) ($f[3] - $g[3]), |
|
| 1091 | - (int) ($f[4] - $g[4]), |
|
| 1092 | - (int) ($f[5] - $g[5]), |
|
| 1093 | - (int) ($f[6] - $g[6]), |
|
| 1094 | - (int) ($f[7] - $g[7]), |
|
| 1095 | - (int) ($f[8] - $g[8]), |
|
| 1096 | - (int) ($f[9] - $g[9]) |
|
| 1087 | + (int) ( $f[0] - $g[0] ), |
|
| 1088 | + (int) ( $f[1] - $g[1] ), |
|
| 1089 | + (int) ( $f[2] - $g[2] ), |
|
| 1090 | + (int) ( $f[3] - $g[3] ), |
|
| 1091 | + (int) ( $f[4] - $g[4] ), |
|
| 1092 | + (int) ( $f[5] - $g[5] ), |
|
| 1093 | + (int) ( $f[6] - $g[6] ), |
|
| 1094 | + (int) ( $f[7] - $g[7] ), |
|
| 1095 | + (int) ( $f[8] - $g[8] ), |
|
| 1096 | + (int) ( $f[9] - $g[9] ) |
|
| 1097 | 1097 | ) |
| 1098 | 1098 | ); |
| 1099 | 1099 | } |
@@ -1114,17 +1114,17 @@ discard block |
||
| 1114 | 1114 | ParagonIE_Sodium_Core_Curve25519_Ge_Cached $q |
| 1115 | 1115 | ) { |
| 1116 | 1116 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
| 1117 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1118 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1119 | - $r->Z = self::fe_mul($r->X, $q->YplusX); |
|
| 1120 | - $r->Y = self::fe_mul($r->Y, $q->YminusX); |
|
| 1121 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1122 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1123 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1124 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1125 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1126 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1127 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1117 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1118 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1119 | + $r->Z = self::fe_mul( $r->X, $q->YplusX ); |
|
| 1120 | + $r->Y = self::fe_mul( $r->Y, $q->YminusX ); |
|
| 1121 | + $r->T = self::fe_mul( $q->T2d, $p->T ); |
|
| 1122 | + $r->X = self::fe_mul( $p->Z, $q->Z ); |
|
| 1123 | + $t0 = self::fe_add( $r->X, $r->X ); |
|
| 1124 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1125 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1126 | + $r->Z = self::fe_add( $t0, $r->T ); |
|
| 1127 | + $r->T = self::fe_sub( $t0, $r->T ); |
|
| 1128 | 1128 | return $r; |
| 1129 | 1129 | } |
| 1130 | 1130 | |
@@ -1135,33 +1135,33 @@ discard block |
||
| 1135 | 1135 | * @param string $a |
| 1136 | 1136 | * @return array<int, mixed> |
| 1137 | 1137 | */ |
| 1138 | - public static function slide($a) |
|
| 1138 | + public static function slide( $a ) |
|
| 1139 | 1139 | { |
| 1140 | - if (self::strlen($a) < 256) { |
|
| 1141 | - if (self::strlen($a) < 16) { |
|
| 1142 | - $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
|
| 1140 | + if ( self::strlen( $a ) < 256 ) { |
|
| 1141 | + if ( self::strlen( $a ) < 16 ) { |
|
| 1142 | + $a = str_pad( $a, 256, '0', STR_PAD_RIGHT ); |
|
| 1143 | 1143 | } |
| 1144 | 1144 | } |
| 1145 | 1145 | $r = array(); |
| 1146 | - for ($i = 0; $i < 256; ++$i) { |
|
| 1146 | + for ( $i = 0; $i < 256; ++$i ) { |
|
| 1147 | 1147 | $r[$i] = 1 & ( |
| 1148 | - self::chrToInt($a[$i >> 3]) |
|
| 1148 | + self::chrToInt( $a[$i >> 3] ) |
|
| 1149 | 1149 | >> |
| 1150 | - ($i & 7) |
|
| 1150 | + ( $i & 7 ) |
|
| 1151 | 1151 | ); |
| 1152 | 1152 | } |
| 1153 | 1153 | |
| 1154 | - for ($i = 0;$i < 256;++$i) { |
|
| 1155 | - if ($r[$i]) { |
|
| 1156 | - for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { |
|
| 1157 | - if ($r[$i + $b]) { |
|
| 1158 | - if ($r[$i] + ($r[$i + $b] << $b) <= 15) { |
|
| 1154 | + for ( $i = 0; $i < 256; ++$i ) { |
|
| 1155 | + if ( $r[$i] ) { |
|
| 1156 | + for ( $b = 1; $b <= 6 && $i + $b < 256; ++$b ) { |
|
| 1157 | + if ( $r[$i + $b] ) { |
|
| 1158 | + if ( $r[$i] + ( $r[$i + $b] << $b ) <= 15 ) { |
|
| 1159 | 1159 | $r[$i] += $r[$i + $b] << $b; |
| 1160 | 1160 | $r[$i + $b] = 0; |
| 1161 | - } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { |
|
| 1161 | + } elseif ( $r[$i] - ( $r[$i + $b] << $b ) >= -15 ) { |
|
| 1162 | 1162 | $r[$i] -= $r[$i + $b] << $b; |
| 1163 | - for ($k = $i + $b; $k < 256; ++$k) { |
|
| 1164 | - if (!$r[$k]) { |
|
| 1163 | + for ( $k = $i + $b; $k < 256; ++$k ) { |
|
| 1164 | + if ( ! $r[$k] ) { |
|
| 1165 | 1165 | $r[$k] = 1; |
| 1166 | 1166 | break; |
| 1167 | 1167 | } |
@@ -1183,18 +1183,18 @@ discard block |
||
| 1183 | 1183 | * @param string $s |
| 1184 | 1184 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1185 | 1185 | */ |
| 1186 | - public static function ge_frombytes_negate_vartime($s) |
|
| 1186 | + public static function ge_frombytes_negate_vartime( $s ) |
|
| 1187 | 1187 | { |
| 1188 | 1188 | static $d = null; |
| 1189 | - if (!$d) { |
|
| 1190 | - $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d); |
|
| 1189 | + if ( ! $d ) { |
|
| 1190 | + $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( self::$d ); |
|
| 1191 | 1191 | } |
| 1192 | 1192 | |
| 1193 | 1193 | # fe_frombytes(h->Y,s); |
| 1194 | 1194 | # fe_1(h->Z); |
| 1195 | 1195 | $h = new ParagonIE_Sodium_Core_Curve25519_Ge_P3( |
| 1196 | 1196 | self::fe_0(), |
| 1197 | - self::fe_frombytes($s), |
|
| 1197 | + self::fe_frombytes( $s ), |
|
| 1198 | 1198 | self::fe_1() |
| 1199 | 1199 | ); |
| 1200 | 1200 | |
@@ -1202,35 +1202,35 @@ discard block |
||
| 1202 | 1202 | # fe_mul(v,u,d); |
| 1203 | 1203 | # fe_sub(u,u,h->Z); /* u = y^2-1 */ |
| 1204 | 1204 | # fe_add(v,v,h->Z); /* v = dy^2+1 */ |
| 1205 | - $u = self::fe_sq($h->Y); |
|
| 1206 | - $v = self::fe_mul($u, $d); |
|
| 1207 | - $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ |
|
| 1208 | - $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ |
|
| 1205 | + $u = self::fe_sq( $h->Y ); |
|
| 1206 | + $v = self::fe_mul( $u, $d ); |
|
| 1207 | + $u = self::fe_sub( $u, $h->Z ); /* u = y^2 - 1 */ |
|
| 1208 | + $v = self::fe_add( $v, $h->Z ); /* v = dy^2 + 1 */ |
|
| 1209 | 1209 | |
| 1210 | 1210 | # fe_sq(v3,v); |
| 1211 | 1211 | # fe_mul(v3,v3,v); /* v3 = v^3 */ |
| 1212 | 1212 | # fe_sq(h->X,v3); |
| 1213 | 1213 | # fe_mul(h->X,h->X,v); |
| 1214 | 1214 | # fe_mul(h->X,h->X,u); /* x = uv^7 */ |
| 1215 | - $v3 = self::fe_sq($v); |
|
| 1216 | - $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ |
|
| 1217 | - $h->X = self::fe_sq($v3); |
|
| 1218 | - $h->X = self::fe_mul($h->X, $v); |
|
| 1219 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ |
|
| 1215 | + $v3 = self::fe_sq( $v ); |
|
| 1216 | + $v3 = self::fe_mul( $v3, $v ); /* v3 = v^3 */ |
|
| 1217 | + $h->X = self::fe_sq( $v3 ); |
|
| 1218 | + $h->X = self::fe_mul( $h->X, $v ); |
|
| 1219 | + $h->X = self::fe_mul( $h->X, $u ); /* x = uv^7 */ |
|
| 1220 | 1220 | |
| 1221 | 1221 | # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ |
| 1222 | 1222 | # fe_mul(h->X,h->X,v3); |
| 1223 | 1223 | # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ |
| 1224 | - $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1225 | - $h->X = self::fe_mul($h->X, $v3); |
|
| 1226 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1224 | + $h->X = self::fe_pow22523( $h->X ); /* x = (uv^7)^((q-5)/8) */ |
|
| 1225 | + $h->X = self::fe_mul( $h->X, $v3 ); |
|
| 1226 | + $h->X = self::fe_mul( $h->X, $u ); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1227 | 1227 | |
| 1228 | 1228 | # fe_sq(vxx,h->X); |
| 1229 | 1229 | # fe_mul(vxx,vxx,v); |
| 1230 | 1230 | # fe_sub(check,vxx,u); /* vx^2-u */ |
| 1231 | - $vxx = self::fe_sq($h->X); |
|
| 1232 | - $vxx = self::fe_mul($vxx, $v); |
|
| 1233 | - $check = self::fe_sub($vxx, $u); /* vx^2 - u */ |
|
| 1231 | + $vxx = self::fe_sq( $h->X ); |
|
| 1232 | + $vxx = self::fe_mul( $vxx, $v ); |
|
| 1233 | + $check = self::fe_sub( $vxx, $u ); /* vx^2 - u */ |
|
| 1234 | 1234 | |
| 1235 | 1235 | # if (fe_isnonzero(check)) { |
| 1236 | 1236 | # fe_add(check,vxx,u); /* vx^2+u */ |
@@ -1239,27 +1239,27 @@ discard block |
||
| 1239 | 1239 | # } |
| 1240 | 1240 | # fe_mul(h->X,h->X,sqrtm1); |
| 1241 | 1241 | # } |
| 1242 | - if (self::fe_isnonzero($check)) { |
|
| 1243 | - $check = self::fe_add($vxx, $u); /* vx^2 + u */ |
|
| 1244 | - if (self::fe_isnonzero($check)) { |
|
| 1245 | - throw new RangeException('Internal check failed.'); |
|
| 1242 | + if ( self::fe_isnonzero( $check ) ) { |
|
| 1243 | + $check = self::fe_add( $vxx, $u ); /* vx^2 + u */ |
|
| 1244 | + if ( self::fe_isnonzero( $check ) ) { |
|
| 1245 | + throw new RangeException( 'Internal check failed.' ); |
|
| 1246 | 1246 | } |
| 1247 | 1247 | $h->X = self::fe_mul( |
| 1248 | 1248 | $h->X, |
| 1249 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$sqrtm1) |
|
| 1249 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( self::$sqrtm1 ) |
|
| 1250 | 1250 | ); |
| 1251 | 1251 | } |
| 1252 | 1252 | |
| 1253 | 1253 | # if (fe_isnegative(h->X) == (s[31] >> 7)) { |
| 1254 | 1254 | # fe_neg(h->X,h->X); |
| 1255 | 1255 | # } |
| 1256 | - $i = self::chrToInt($s[31]); |
|
| 1257 | - if (self::fe_isnegative($h->X) === ($i >> 7)) { |
|
| 1258 | - $h->X = self::fe_neg($h->X); |
|
| 1256 | + $i = self::chrToInt( $s[31] ); |
|
| 1257 | + if ( self::fe_isnegative( $h->X ) === ( $i >> 7 ) ) { |
|
| 1258 | + $h->X = self::fe_neg( $h->X ); |
|
| 1259 | 1259 | } |
| 1260 | 1260 | |
| 1261 | 1261 | # fe_mul(h->T,h->X,h->Y); |
| 1262 | - $h->T = self::fe_mul($h->X, $h->Y); |
|
| 1262 | + $h->T = self::fe_mul( $h->X, $h->Y ); |
|
| 1263 | 1263 | return $h; |
| 1264 | 1264 | } |
| 1265 | 1265 | |
@@ -1277,16 +1277,16 @@ discard block |
||
| 1277 | 1277 | ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $q |
| 1278 | 1278 | ) { |
| 1279 | 1279 | $r = clone $R; |
| 1280 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1281 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1282 | - $r->Z = self::fe_mul($r->X, $q->yplusx); |
|
| 1283 | - $r->Y = self::fe_mul($r->Y, $q->yminusx); |
|
| 1284 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1285 | - $t0 = self::fe_add(clone $p->Z, clone $p->Z); |
|
| 1286 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1287 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1288 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1289 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1280 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1281 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1282 | + $r->Z = self::fe_mul( $r->X, $q->yplusx ); |
|
| 1283 | + $r->Y = self::fe_mul( $r->Y, $q->yminusx ); |
|
| 1284 | + $r->T = self::fe_mul( $q->xy2d, $p->T ); |
|
| 1285 | + $t0 = self::fe_add( clone $p->Z, clone $p->Z ); |
|
| 1286 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1287 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1288 | + $r->Z = self::fe_add( $t0, $r->T ); |
|
| 1289 | + $r->T = self::fe_sub( $t0, $r->T ); |
|
| 1290 | 1290 | |
| 1291 | 1291 | return $r; |
| 1292 | 1292 | } |
@@ -1306,16 +1306,16 @@ discard block |
||
| 1306 | 1306 | ) { |
| 1307 | 1307 | $r = clone $R; |
| 1308 | 1308 | |
| 1309 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1310 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1311 | - $r->Z = self::fe_mul($r->X, $q->yminusx); |
|
| 1312 | - $r->Y = self::fe_mul($r->Y, $q->yplusx); |
|
| 1313 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1314 | - $t0 = self::fe_add($p->Z, $p->Z); |
|
| 1315 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1316 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1317 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1318 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1309 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1310 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1311 | + $r->Z = self::fe_mul( $r->X, $q->yminusx ); |
|
| 1312 | + $r->Y = self::fe_mul( $r->Y, $q->yplusx ); |
|
| 1313 | + $r->T = self::fe_mul( $q->xy2d, $p->T ); |
|
| 1314 | + $t0 = self::fe_add( $p->Z, $p->Z ); |
|
| 1315 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1316 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1317 | + $r->Z = self::fe_sub( $t0, $r->T ); |
|
| 1318 | + $r->T = self::fe_add( $t0, $r->T ); |
|
| 1319 | 1319 | |
| 1320 | 1320 | return $r; |
| 1321 | 1321 | } |
@@ -1326,12 +1326,12 @@ discard block |
||
| 1326 | 1326 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
| 1327 | 1327 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
| 1328 | 1328 | */ |
| 1329 | - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1329 | + public static function ge_p1p1_to_p2( ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p ) |
|
| 1330 | 1330 | { |
| 1331 | 1331 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P2(); |
| 1332 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1333 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1334 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1332 | + $r->X = self::fe_mul( $p->X, $p->T ); |
|
| 1333 | + $r->Y = self::fe_mul( $p->Y, $p->Z ); |
|
| 1334 | + $r->Z = self::fe_mul( $p->Z, $p->T ); |
|
| 1335 | 1335 | return $r; |
| 1336 | 1336 | } |
| 1337 | 1337 | |
@@ -1341,13 +1341,13 @@ discard block |
||
| 1341 | 1341 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
| 1342 | 1342 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1343 | 1343 | */ |
| 1344 | - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1344 | + public static function ge_p1p1_to_p3( ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p ) |
|
| 1345 | 1345 | { |
| 1346 | 1346 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P3(); |
| 1347 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1348 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1349 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1350 | - $r->T = self::fe_mul($p->X, $p->Y); |
|
| 1347 | + $r->X = self::fe_mul( $p->X, $p->T ); |
|
| 1348 | + $r->Y = self::fe_mul( $p->Y, $p->Z ); |
|
| 1349 | + $r->Z = self::fe_mul( $p->Z, $p->T ); |
|
| 1350 | + $r->T = self::fe_mul( $p->X, $p->Y ); |
|
| 1351 | 1351 | return $r; |
| 1352 | 1352 | } |
| 1353 | 1353 | |
@@ -1371,19 +1371,19 @@ discard block |
||
| 1371 | 1371 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p |
| 1372 | 1372 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
| 1373 | 1373 | */ |
| 1374 | - public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) |
|
| 1374 | + public static function ge_p2_dbl( ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p ) |
|
| 1375 | 1375 | { |
| 1376 | 1376 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
| 1377 | 1377 | |
| 1378 | - $r->X = self::fe_sq($p->X); |
|
| 1379 | - $r->Z = self::fe_sq($p->Y); |
|
| 1380 | - $r->T = self::fe_sq2($p->Z); |
|
| 1381 | - $r->Y = self::fe_add($p->X, $p->Y); |
|
| 1382 | - $t0 = self::fe_sq($r->Y); |
|
| 1383 | - $r->Y = self::fe_add($r->Z, $r->X); |
|
| 1384 | - $r->Z = self::fe_sub($r->Z, $r->X); |
|
| 1385 | - $r->X = self::fe_sub($t0, $r->Y); |
|
| 1386 | - $r->T = self::fe_sub($r->T, $r->Z); |
|
| 1378 | + $r->X = self::fe_sq( $p->X ); |
|
| 1379 | + $r->Z = self::fe_sq( $p->Y ); |
|
| 1380 | + $r->T = self::fe_sq2( $p->Z ); |
|
| 1381 | + $r->Y = self::fe_add( $p->X, $p->Y ); |
|
| 1382 | + $t0 = self::fe_sq( $r->Y ); |
|
| 1383 | + $r->Y = self::fe_add( $r->Z, $r->X ); |
|
| 1384 | + $r->Z = self::fe_sub( $r->Z, $r->X ); |
|
| 1385 | + $r->X = self::fe_sub( $t0, $r->Y ); |
|
| 1386 | + $r->T = self::fe_sub( $r->T, $r->Z ); |
|
| 1387 | 1387 | |
| 1388 | 1388 | return $r; |
| 1389 | 1389 | } |
@@ -1409,17 +1409,17 @@ discard block |
||
| 1409 | 1409 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
| 1410 | 1410 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_Cached |
| 1411 | 1411 | */ |
| 1412 | - public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1412 | + public static function ge_p3_to_cached( ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p ) |
|
| 1413 | 1413 | { |
| 1414 | 1414 | static $d2 = null; |
| 1415 | - if ($d2 === null) { |
|
| 1416 | - $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d2); |
|
| 1415 | + if ( $d2 === null ) { |
|
| 1416 | + $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( self::$d2 ); |
|
| 1417 | 1417 | } |
| 1418 | 1418 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached(); |
| 1419 | - $r->YplusX = self::fe_add($p->Y, $p->X); |
|
| 1420 | - $r->YminusX = self::fe_sub($p->Y, $p->X); |
|
| 1421 | - $r->Z = self::fe_copy($p->Z); |
|
| 1422 | - $r->T2d = self::fe_mul($p->T, $d2); |
|
| 1419 | + $r->YplusX = self::fe_add( $p->Y, $p->X ); |
|
| 1420 | + $r->YminusX = self::fe_sub( $p->Y, $p->X ); |
|
| 1421 | + $r->Z = self::fe_copy( $p->Z ); |
|
| 1422 | + $r->T2d = self::fe_mul( $p->T, $d2 ); |
|
| 1423 | 1423 | return $r; |
| 1424 | 1424 | } |
| 1425 | 1425 | |
@@ -1429,7 +1429,7 @@ discard block |
||
| 1429 | 1429 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
| 1430 | 1430 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
| 1431 | 1431 | */ |
| 1432 | - public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1432 | + public static function ge_p3_to_p2( ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p ) |
|
| 1433 | 1433 | { |
| 1434 | 1434 | return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
| 1435 | 1435 | $p->X, |
@@ -1444,14 +1444,14 @@ discard block |
||
| 1444 | 1444 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h |
| 1445 | 1445 | * @return string |
| 1446 | 1446 | */ |
| 1447 | - public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) |
|
| 1447 | + public static function ge_p3_tobytes( ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h ) |
|
| 1448 | 1448 | { |
| 1449 | - $recip = self::fe_invert($h->Z); |
|
| 1450 | - $x = self::fe_mul($h->X, $recip); |
|
| 1451 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1452 | - $s = self::fe_tobytes($y); |
|
| 1449 | + $recip = self::fe_invert( $h->Z ); |
|
| 1450 | + $x = self::fe_mul( $h->X, $recip ); |
|
| 1451 | + $y = self::fe_mul( $h->Y, $recip ); |
|
| 1452 | + $s = self::fe_tobytes( $y ); |
|
| 1453 | 1453 | $s[31] = self::intToChr( |
| 1454 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1454 | + self::chrToInt( $s[31] ) ^ ( self::fe_isnegative( $x ) << 7 ) |
|
| 1455 | 1455 | ); |
| 1456 | 1456 | return $s; |
| 1457 | 1457 | } |
@@ -1462,10 +1462,10 @@ discard block |
||
| 1462 | 1462 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
| 1463 | 1463 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
| 1464 | 1464 | */ |
| 1465 | - public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1465 | + public static function ge_p3_dbl( ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p ) |
|
| 1466 | 1466 | { |
| 1467 | - $q = self::ge_p3_to_p2($p); |
|
| 1468 | - return self::ge_p2_dbl($q); |
|
| 1467 | + $q = self::ge_p3_to_p2( $p ); |
|
| 1468 | + return self::ge_p2_dbl( $q ); |
|
| 1469 | 1469 | } |
| 1470 | 1470 | |
| 1471 | 1471 | /** |
@@ -1487,9 +1487,9 @@ discard block |
||
| 1487 | 1487 | * @param int $c |
| 1488 | 1488 | * @return int |
| 1489 | 1489 | */ |
| 1490 | - public static function equal($b, $c) |
|
| 1490 | + public static function equal( $b, $c ) |
|
| 1491 | 1491 | { |
| 1492 | - return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
|
| 1492 | + return ( ( $b ^ $c ) - 1 & 0xffffffff ) >> 31; |
|
| 1493 | 1493 | } |
| 1494 | 1494 | |
| 1495 | 1495 | /** |
@@ -1498,13 +1498,13 @@ discard block |
||
| 1498 | 1498 | * @param int $char |
| 1499 | 1499 | * @return int (1 = yes, 0 = no) |
| 1500 | 1500 | */ |
| 1501 | - public static function negative($char) |
|
| 1501 | + public static function negative( $char ) |
|
| 1502 | 1502 | { |
| 1503 | - if (is_int($char)) { |
|
| 1503 | + if ( is_int( $char ) ) { |
|
| 1504 | 1504 | return $char < 0 ? 1 : 0; |
| 1505 | 1505 | } |
| 1506 | - $x = self::chrToInt(self::substr($char, 0, 1)); |
|
| 1507 | - if (PHP_INT_SIZE === 8) { |
|
| 1506 | + $x = self::chrToInt( self::substr( $char, 0, 1 ) ); |
|
| 1507 | + if ( PHP_INT_SIZE === 8 ) { |
|
| 1508 | 1508 | return $x >> 63; |
| 1509 | 1509 | } |
| 1510 | 1510 | return $x >> 31; |
@@ -1525,13 +1525,13 @@ discard block |
||
| 1525 | 1525 | ParagonIE_Sodium_Core_Curve25519_Ge_Precomp $u, |
| 1526 | 1526 | $b |
| 1527 | 1527 | ) { |
| 1528 | - if (!is_int($b)) { |
|
| 1529 | - throw new InvalidArgumentException('Expected an integer.'); |
|
| 1528 | + if ( ! is_int( $b ) ) { |
|
| 1529 | + throw new InvalidArgumentException( 'Expected an integer.' ); |
|
| 1530 | 1530 | } |
| 1531 | 1531 | return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
| 1532 | - self::fe_cmov($t->yplusx, $u->yplusx, $b), |
|
| 1533 | - self::fe_cmov($t->yminusx, $u->yminusx, $b), |
|
| 1534 | - self::fe_cmov($t->xy2d, $u->xy2d, $b) |
|
| 1532 | + self::fe_cmov( $t->yplusx, $u->yplusx, $b ), |
|
| 1533 | + self::fe_cmov( $t->yminusx, $u->yminusx, $b ), |
|
| 1534 | + self::fe_cmov( $t->xy2d, $u->xy2d, $b ) |
|
| 1535 | 1535 | ); |
| 1536 | 1536 | } |
| 1537 | 1537 | |
@@ -1542,45 +1542,45 @@ discard block |
||
| 1542 | 1542 | * @param int $b |
| 1543 | 1543 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
| 1544 | 1544 | */ |
| 1545 | - public static function ge_select($pos = 0, $b = 0) |
|
| 1545 | + public static function ge_select( $pos = 0, $b = 0 ) |
|
| 1546 | 1546 | { |
| 1547 | 1547 | static $base = null; |
| 1548 | - if ($base === null) { |
|
| 1548 | + if ( $base === null ) { |
|
| 1549 | 1549 | $base = array(); |
| 1550 | - foreach (self::$base as $i => $bas) { |
|
| 1551 | - for ($j = 0; $j < 8; ++$j) { |
|
| 1550 | + foreach ( self::$base as $i => $bas ) { |
|
| 1551 | + for ( $j = 0; $j < 8; ++$j ) { |
|
| 1552 | 1552 | $base[$i][$j] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
| 1553 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][0]), |
|
| 1554 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][1]), |
|
| 1555 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray($bas[$j][2]) |
|
| 1553 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( $bas[$j][0] ), |
|
| 1554 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( $bas[$j][1] ), |
|
| 1555 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( $bas[$j][2] ) |
|
| 1556 | 1556 | ); |
| 1557 | 1557 | } |
| 1558 | 1558 | } |
| 1559 | 1559 | } |
| 1560 | - if (!is_int($pos)) { |
|
| 1561 | - throw new InvalidArgumentException('Position must be an integer'); |
|
| 1560 | + if ( ! is_int( $pos ) ) { |
|
| 1561 | + throw new InvalidArgumentException( 'Position must be an integer' ); |
|
| 1562 | 1562 | } |
| 1563 | - if ($pos < 0 || $pos > 31) { |
|
| 1564 | - throw new RangeException('Position is out of range [0, 31]'); |
|
| 1563 | + if ( $pos < 0 || $pos > 31 ) { |
|
| 1564 | + throw new RangeException( 'Position is out of range [0, 31]' ); |
|
| 1565 | 1565 | } |
| 1566 | 1566 | |
| 1567 | - $bnegative = self::negative($b); |
|
| 1568 | - $babs = $b - (((-$bnegative) & $b) << 1); |
|
| 1567 | + $bnegative = self::negative( $b ); |
|
| 1568 | + $babs = $b - ( ( (-$bnegative) & $b ) << 1 ); |
|
| 1569 | 1569 | |
| 1570 | 1570 | $t = self::ge_precomp_0(); |
| 1571 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1571 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 1572 | 1572 | $t = self::cmov( |
| 1573 | 1573 | $t, |
| 1574 | 1574 | $base[$pos][$i], |
| 1575 | - self::equal($babs, $i + 1) |
|
| 1575 | + self::equal( $babs, $i + 1 ) |
|
| 1576 | 1576 | ); |
| 1577 | 1577 | } |
| 1578 | 1578 | $minusT = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
| 1579 | - self::fe_copy($t->yminusx), |
|
| 1580 | - self::fe_copy($t->yplusx), |
|
| 1581 | - self::fe_neg($t->xy2d) |
|
| 1579 | + self::fe_copy( $t->yminusx ), |
|
| 1580 | + self::fe_copy( $t->yplusx ), |
|
| 1581 | + self::fe_neg( $t->xy2d ) |
|
| 1582 | 1582 | ); |
| 1583 | - return self::cmov($t, $minusT, $bnegative); |
|
| 1583 | + return self::cmov( $t, $minusT, $bnegative ); |
|
| 1584 | 1584 | } |
| 1585 | 1585 | |
| 1586 | 1586 | /** |
@@ -1600,17 +1600,17 @@ discard block |
||
| 1600 | 1600 | ) { |
| 1601 | 1601 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
| 1602 | 1602 | |
| 1603 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1604 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1605 | - $r->Z = self::fe_mul($r->X, $q->YminusX); |
|
| 1606 | - $r->Y = self::fe_mul($r->Y, $q->YplusX); |
|
| 1607 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1608 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1609 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1610 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1611 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1612 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1613 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1603 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1604 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1605 | + $r->Z = self::fe_mul( $r->X, $q->YminusX ); |
|
| 1606 | + $r->Y = self::fe_mul( $r->Y, $q->YplusX ); |
|
| 1607 | + $r->T = self::fe_mul( $q->T2d, $p->T ); |
|
| 1608 | + $r->X = self::fe_mul( $p->Z, $q->Z ); |
|
| 1609 | + $t0 = self::fe_add( $r->X, $r->X ); |
|
| 1610 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1611 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1612 | + $r->Z = self::fe_sub( $t0, $r->T ); |
|
| 1613 | + $r->T = self::fe_add( $t0, $r->T ); |
|
| 1614 | 1614 | |
| 1615 | 1615 | return $r; |
| 1616 | 1616 | } |
@@ -1621,14 +1621,14 @@ discard block |
||
| 1621 | 1621 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h |
| 1622 | 1622 | * @return string |
| 1623 | 1623 | */ |
| 1624 | - public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) |
|
| 1624 | + public static function ge_tobytes( ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h ) |
|
| 1625 | 1625 | { |
| 1626 | - $recip = self::fe_invert($h->Z); |
|
| 1627 | - $x = self::fe_mul($h->X, $recip); |
|
| 1628 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1629 | - $s = self::fe_tobytes($y); |
|
| 1626 | + $recip = self::fe_invert( $h->Z ); |
|
| 1627 | + $x = self::fe_mul( $h->X, $recip ); |
|
| 1628 | + $y = self::fe_mul( $h->Y, $recip ); |
|
| 1629 | + $s = self::fe_tobytes( $y ); |
|
| 1630 | 1630 | $s[31] = self::intToChr( |
| 1631 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1631 | + self::chrToInt( $s[31] ) ^ ( self::fe_isnegative( $x ) << 7 ) |
|
| 1632 | 1632 | ); |
| 1633 | 1633 | return $s; |
| 1634 | 1634 | } |
@@ -1655,16 +1655,16 @@ discard block |
||
| 1655 | 1655 | * @var ParagonIE_Sodium_Core_Curve25519_Ge_Precomp[] |
| 1656 | 1656 | */ |
| 1657 | 1657 | static $Bi = array(); |
| 1658 | - if (!$Bi) { |
|
| 1659 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1658 | + if ( ! $Bi ) { |
|
| 1659 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 1660 | 1660 | $Bi[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
| 1661 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][0]), |
|
| 1662 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][1]), |
|
| 1663 | - ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$base2[$i][2]) |
|
| 1661 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( self::$base2[$i][0] ), |
|
| 1662 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( self::$base2[$i][1] ), |
|
| 1663 | + ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( self::$base2[$i][2] ) |
|
| 1664 | 1664 | ); |
| 1665 | 1665 | } |
| 1666 | 1666 | } |
| 1667 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1667 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 1668 | 1668 | $Ai[$i] = new ParagonIE_Sodium_Core_Curve25519_Ge_Cached( |
| 1669 | 1669 | self::fe_0(), |
| 1670 | 1670 | self::fe_0(), |
@@ -1675,14 +1675,14 @@ discard block |
||
| 1675 | 1675 | |
| 1676 | 1676 | # slide(aslide,a); |
| 1677 | 1677 | # slide(bslide,b); |
| 1678 | - $aslide = self::slide($a); |
|
| 1679 | - $bslide = self::slide($b); |
|
| 1678 | + $aslide = self::slide( $a ); |
|
| 1679 | + $bslide = self::slide( $b ); |
|
| 1680 | 1680 | |
| 1681 | 1681 | # ge_p3_to_cached(&Ai[0],A); |
| 1682 | 1682 | # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); |
| 1683 | - $Ai[0] = self::ge_p3_to_cached($A); |
|
| 1684 | - $t = self::ge_p3_dbl($A); |
|
| 1685 | - $A2 = self::ge_p1p1_to_p3($t); |
|
| 1683 | + $Ai[0] = self::ge_p3_to_cached( $A ); |
|
| 1684 | + $t = self::ge_p3_dbl( $A ); |
|
| 1685 | + $A2 = self::ge_p1p1_to_p3( $t ); |
|
| 1686 | 1686 | |
| 1687 | 1687 | # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); |
| 1688 | 1688 | # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); |
@@ -1691,10 +1691,10 @@ discard block |
||
| 1691 | 1691 | # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); |
| 1692 | 1692 | # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); |
| 1693 | 1693 | # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); |
| 1694 | - for ($i = 0; $i < 7; ++$i) { |
|
| 1695 | - $t = self::ge_add($A2, $Ai[$i]); |
|
| 1696 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1697 | - $Ai[$i + 1] = self::ge_p3_to_cached($u); |
|
| 1694 | + for ( $i = 0; $i < 7; ++$i ) { |
|
| 1695 | + $t = self::ge_add( $A2, $Ai[$i] ); |
|
| 1696 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 1697 | + $Ai[$i + 1] = self::ge_p3_to_cached( $u ); |
|
| 1698 | 1698 | } |
| 1699 | 1699 | |
| 1700 | 1700 | # ge_p2_0(r); |
@@ -1704,31 +1704,31 @@ discard block |
||
| 1704 | 1704 | # if (aslide[i] || bslide[i]) break; |
| 1705 | 1705 | # } |
| 1706 | 1706 | $i = 255; |
| 1707 | - for (; $i >= 0; --$i) { |
|
| 1708 | - if ($aslide[$i] || $bslide[$i]) { |
|
| 1707 | + for ( ; $i >= 0; --$i ) { |
|
| 1708 | + if ( $aslide[$i] || $bslide[$i] ) { |
|
| 1709 | 1709 | break; |
| 1710 | 1710 | } |
| 1711 | 1711 | } |
| 1712 | 1712 | |
| 1713 | 1713 | # for (;i >= 0;--i) { |
| 1714 | - for (; $i >= 0; --$i) { |
|
| 1714 | + for ( ; $i >= 0; --$i ) { |
|
| 1715 | 1715 | # ge_p2_dbl(&t,r); |
| 1716 | - $t = self::ge_p2_dbl($r); |
|
| 1716 | + $t = self::ge_p2_dbl( $r ); |
|
| 1717 | 1717 | |
| 1718 | 1718 | # if (aslide[i] > 0) { |
| 1719 | - if ($aslide[$i] > 0) { |
|
| 1719 | + if ( $aslide[$i] > 0 ) { |
|
| 1720 | 1720 | # ge_p1p1_to_p3(&u,&t); |
| 1721 | 1721 | # ge_add(&t,&u,&Ai[aslide[i]/2]); |
| 1722 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1722 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 1723 | 1723 | $t = self::ge_add( |
| 1724 | 1724 | $u, |
| 1725 | - $Ai[(int) floor($aslide[$i] / 2)] |
|
| 1725 | + $Ai[(int) floor( $aslide[$i] / 2 )] |
|
| 1726 | 1726 | ); |
| 1727 | 1727 | # } else if (aslide[i] < 0) { |
| 1728 | - } elseif ($aslide[$i] < 0) { |
|
| 1728 | + } elseif ( $aslide[$i] < 0 ) { |
|
| 1729 | 1729 | # ge_p1p1_to_p3(&u,&t); |
| 1730 | 1730 | # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); |
| 1731 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1731 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 1732 | 1732 | $t = self::ge_sub( |
| 1733 | 1733 | $u, |
| 1734 | 1734 | $Ai[(int) floor(-$aslide[$i] / 2)] |
@@ -1736,20 +1736,20 @@ discard block |
||
| 1736 | 1736 | } |
| 1737 | 1737 | |
| 1738 | 1738 | # if (bslide[i] > 0) { |
| 1739 | - if ($bslide[$i] > 0) { |
|
| 1739 | + if ( $bslide[$i] > 0 ) { |
|
| 1740 | 1740 | # ge_p1p1_to_p3(&u,&t); |
| 1741 | 1741 | # ge_madd(&t,&u,&Bi[bslide[i]/2]); |
| 1742 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1742 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 1743 | 1743 | $t = self::ge_madd( |
| 1744 | 1744 | $t, |
| 1745 | 1745 | $u, |
| 1746 | - $Bi[(int) floor($bslide[$i] / 2)] |
|
| 1746 | + $Bi[(int) floor( $bslide[$i] / 2 )] |
|
| 1747 | 1747 | ); |
| 1748 | 1748 | # } else if (bslide[i] < 0) { |
| 1749 | - } elseif ($bslide[$i] < 0) { |
|
| 1749 | + } elseif ( $bslide[$i] < 0 ) { |
|
| 1750 | 1750 | # ge_p1p1_to_p3(&u,&t); |
| 1751 | 1751 | # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); |
| 1752 | - $u = self::ge_p1p1_to_p3($t); |
|
| 1752 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 1753 | 1753 | $t = self::ge_msub( |
| 1754 | 1754 | $t, |
| 1755 | 1755 | $u, |
@@ -1757,7 +1757,7 @@ discard block |
||
| 1757 | 1757 | ); |
| 1758 | 1758 | } |
| 1759 | 1759 | # ge_p1p1_to_p2(r,&t); |
| 1760 | - $r = self::ge_p1p1_to_p2($t); |
|
| 1760 | + $r = self::ge_p1p1_to_p2( $t ); |
|
| 1761 | 1761 | } |
| 1762 | 1762 | return $r; |
| 1763 | 1763 | } |
@@ -1768,18 +1768,18 @@ discard block |
||
| 1768 | 1768 | * @param string $a |
| 1769 | 1769 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1770 | 1770 | */ |
| 1771 | - public static function ge_scalarmult_base($a) |
|
| 1771 | + public static function ge_scalarmult_base( $a ) |
|
| 1772 | 1772 | { |
| 1773 | 1773 | $e = array(); |
| 1774 | 1774 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
| 1775 | 1775 | |
| 1776 | - for ($i = 0; $i < 32; ++$i) { |
|
| 1777 | - $e[$i << 1] = self::chrToInt($a[$i]) & 15; |
|
| 1778 | - $e[($i << 1) + 1] = (self::chrToInt($a[$i]) >> 4) & 15; |
|
| 1776 | + for ( $i = 0; $i < 32; ++$i ) { |
|
| 1777 | + $e[$i << 1] = self::chrToInt( $a[$i] ) & 15; |
|
| 1778 | + $e[( $i << 1 ) + 1] = ( self::chrToInt( $a[$i] ) >> 4 ) & 15; |
|
| 1779 | 1779 | } |
| 1780 | 1780 | |
| 1781 | 1781 | $carry = 0; |
| 1782 | - for ($i = 0; $i < 63; ++$i) { |
|
| 1782 | + for ( $i = 0; $i < 63; ++$i ) { |
|
| 1783 | 1783 | $e[$i] += $carry; |
| 1784 | 1784 | $carry = $e[$i] + 8; |
| 1785 | 1785 | $carry >>= 4; |
@@ -1789,27 +1789,27 @@ discard block |
||
| 1789 | 1789 | |
| 1790 | 1790 | $h = self::ge_p3_0(); |
| 1791 | 1791 | |
| 1792 | - for ($i = 1; $i < 64; $i += 2) { |
|
| 1793 | - $t = self::ge_select((int) floor($i / 2), $e[$i]); |
|
| 1794 | - $r = self::ge_madd($r, $h, $t); |
|
| 1795 | - $h = self::ge_p1p1_to_p3($r); |
|
| 1792 | + for ( $i = 1; $i < 64; $i += 2 ) { |
|
| 1793 | + $t = self::ge_select( (int) floor( $i / 2 ), $e[$i] ); |
|
| 1794 | + $r = self::ge_madd( $r, $h, $t ); |
|
| 1795 | + $h = self::ge_p1p1_to_p3( $r ); |
|
| 1796 | 1796 | } |
| 1797 | 1797 | |
| 1798 | - $r = self::ge_p3_dbl($h); |
|
| 1798 | + $r = self::ge_p3_dbl( $h ); |
|
| 1799 | 1799 | |
| 1800 | - $s = self::ge_p1p1_to_p2($r); |
|
| 1801 | - $r = self::ge_p2_dbl($s); |
|
| 1802 | - $s = self::ge_p1p1_to_p2($r); |
|
| 1803 | - $r = self::ge_p2_dbl($s); |
|
| 1804 | - $s = self::ge_p1p1_to_p2($r); |
|
| 1805 | - $r = self::ge_p2_dbl($s); |
|
| 1800 | + $s = self::ge_p1p1_to_p2( $r ); |
|
| 1801 | + $r = self::ge_p2_dbl( $s ); |
|
| 1802 | + $s = self::ge_p1p1_to_p2( $r ); |
|
| 1803 | + $r = self::ge_p2_dbl( $s ); |
|
| 1804 | + $s = self::ge_p1p1_to_p2( $r ); |
|
| 1805 | + $r = self::ge_p2_dbl( $s ); |
|
| 1806 | 1806 | |
| 1807 | - $h = self::ge_p1p1_to_p3($r); |
|
| 1807 | + $h = self::ge_p1p1_to_p3( $r ); |
|
| 1808 | 1808 | |
| 1809 | - for ($i = 0; $i < 64; $i += 2) { |
|
| 1810 | - $t = self::ge_select($i >> 1, $e[$i]); |
|
| 1811 | - $r = self::ge_madd($r, $h, $t); |
|
| 1812 | - $h = self::ge_p1p1_to_p3($r); |
|
| 1809 | + for ( $i = 0; $i < 64; $i += 2 ) { |
|
| 1810 | + $t = self::ge_select( $i >> 1, $e[$i] ); |
|
| 1811 | + $r = self::ge_madd( $r, $h, $t ); |
|
| 1812 | + $h = self::ge_p1p1_to_p3( $r ); |
|
| 1813 | 1813 | } |
| 1814 | 1814 | return $h; |
| 1815 | 1815 | } |
@@ -1825,306 +1825,306 @@ discard block |
||
| 1825 | 1825 | * @param string $c |
| 1826 | 1826 | * @return string |
| 1827 | 1827 | */ |
| 1828 | - public static function sc_muladd($a, $b, $c) |
|
| 1828 | + public static function sc_muladd( $a, $b, $c ) |
|
| 1829 | 1829 | { |
| 1830 | - $a0 = 2097151 & self::load_3(self::substr($a, 0, 3)); |
|
| 1831 | - $a1 = 2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5); |
|
| 1832 | - $a2 = 2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2); |
|
| 1833 | - $a3 = 2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7); |
|
| 1834 | - $a4 = 2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4); |
|
| 1835 | - $a5 = 2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1); |
|
| 1836 | - $a6 = 2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6); |
|
| 1837 | - $a7 = 2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3); |
|
| 1838 | - $a8 = 2097151 & self::load_3(self::substr($a, 21, 3)); |
|
| 1839 | - $a9 = 2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5); |
|
| 1840 | - $a10 = 2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2); |
|
| 1841 | - $a11 = (self::load_4(self::substr($a, 28, 4)) >> 7); |
|
| 1842 | - $b0 = 2097151 & self::load_3(self::substr($b, 0, 3)); |
|
| 1843 | - $b1 = 2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5); |
|
| 1844 | - $b2 = 2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2); |
|
| 1845 | - $b3 = 2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7); |
|
| 1846 | - $b4 = 2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4); |
|
| 1847 | - $b5 = 2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1); |
|
| 1848 | - $b6 = 2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6); |
|
| 1849 | - $b7 = 2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3); |
|
| 1850 | - $b8 = 2097151 & self::load_3(self::substr($b, 21, 3)); |
|
| 1851 | - $b9 = 2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5); |
|
| 1852 | - $b10 = 2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2); |
|
| 1853 | - $b11 = (self::load_4(self::substr($b, 28, 4)) >> 7); |
|
| 1854 | - $c0 = 2097151 & self::load_3(self::substr($c, 0, 3)); |
|
| 1855 | - $c1 = 2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5); |
|
| 1856 | - $c2 = 2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2); |
|
| 1857 | - $c3 = 2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7); |
|
| 1858 | - $c4 = 2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4); |
|
| 1859 | - $c5 = 2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1); |
|
| 1860 | - $c6 = 2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6); |
|
| 1861 | - $c7 = 2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3); |
|
| 1862 | - $c8 = 2097151 & self::load_3(self::substr($c, 21, 3)); |
|
| 1863 | - $c9 = 2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5); |
|
| 1864 | - $c10 = 2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2); |
|
| 1865 | - $c11 = (self::load_4(self::substr($c, 28, 4)) >> 7); |
|
| 1830 | + $a0 = 2097151 & self::load_3( self::substr( $a, 0, 3 ) ); |
|
| 1831 | + $a1 = 2097151 & ( self::load_4( self::substr( $a, 2, 4 ) ) >> 5 ); |
|
| 1832 | + $a2 = 2097151 & ( self::load_3( self::substr( $a, 5, 3 ) ) >> 2 ); |
|
| 1833 | + $a3 = 2097151 & ( self::load_4( self::substr( $a, 7, 4 ) ) >> 7 ); |
|
| 1834 | + $a4 = 2097151 & ( self::load_4( self::substr( $a, 10, 4 ) ) >> 4 ); |
|
| 1835 | + $a5 = 2097151 & ( self::load_3( self::substr( $a, 13, 3 ) ) >> 1 ); |
|
| 1836 | + $a6 = 2097151 & ( self::load_4( self::substr( $a, 15, 4 ) ) >> 6 ); |
|
| 1837 | + $a7 = 2097151 & ( self::load_3( self::substr( $a, 18, 3 ) ) >> 3 ); |
|
| 1838 | + $a8 = 2097151 & self::load_3( self::substr( $a, 21, 3 ) ); |
|
| 1839 | + $a9 = 2097151 & ( self::load_4( self::substr( $a, 23, 4 ) ) >> 5 ); |
|
| 1840 | + $a10 = 2097151 & ( self::load_3( self::substr( $a, 26, 3 ) ) >> 2 ); |
|
| 1841 | + $a11 = ( self::load_4( self::substr( $a, 28, 4 ) ) >> 7 ); |
|
| 1842 | + $b0 = 2097151 & self::load_3( self::substr( $b, 0, 3 ) ); |
|
| 1843 | + $b1 = 2097151 & ( self::load_4( self::substr( $b, 2, 4 ) ) >> 5 ); |
|
| 1844 | + $b2 = 2097151 & ( self::load_3( self::substr( $b, 5, 3 ) ) >> 2 ); |
|
| 1845 | + $b3 = 2097151 & ( self::load_4( self::substr( $b, 7, 4 ) ) >> 7 ); |
|
| 1846 | + $b4 = 2097151 & ( self::load_4( self::substr( $b, 10, 4 ) ) >> 4 ); |
|
| 1847 | + $b5 = 2097151 & ( self::load_3( self::substr( $b, 13, 3 ) ) >> 1 ); |
|
| 1848 | + $b6 = 2097151 & ( self::load_4( self::substr( $b, 15, 4 ) ) >> 6 ); |
|
| 1849 | + $b7 = 2097151 & ( self::load_3( self::substr( $b, 18, 3 ) ) >> 3 ); |
|
| 1850 | + $b8 = 2097151 & self::load_3( self::substr( $b, 21, 3 ) ); |
|
| 1851 | + $b9 = 2097151 & ( self::load_4( self::substr( $b, 23, 4 ) ) >> 5 ); |
|
| 1852 | + $b10 = 2097151 & ( self::load_3( self::substr( $b, 26, 3 ) ) >> 2 ); |
|
| 1853 | + $b11 = ( self::load_4( self::substr( $b, 28, 4 ) ) >> 7 ); |
|
| 1854 | + $c0 = 2097151 & self::load_3( self::substr( $c, 0, 3 ) ); |
|
| 1855 | + $c1 = 2097151 & ( self::load_4( self::substr( $c, 2, 4 ) ) >> 5 ); |
|
| 1856 | + $c2 = 2097151 & ( self::load_3( self::substr( $c, 5, 3 ) ) >> 2 ); |
|
| 1857 | + $c3 = 2097151 & ( self::load_4( self::substr( $c, 7, 4 ) ) >> 7 ); |
|
| 1858 | + $c4 = 2097151 & ( self::load_4( self::substr( $c, 10, 4 ) ) >> 4 ); |
|
| 1859 | + $c5 = 2097151 & ( self::load_3( self::substr( $c, 13, 3 ) ) >> 1 ); |
|
| 1860 | + $c6 = 2097151 & ( self::load_4( self::substr( $c, 15, 4 ) ) >> 6 ); |
|
| 1861 | + $c7 = 2097151 & ( self::load_3( self::substr( $c, 18, 3 ) ) >> 3 ); |
|
| 1862 | + $c8 = 2097151 & self::load_3( self::substr( $c, 21, 3 ) ); |
|
| 1863 | + $c9 = 2097151 & ( self::load_4( self::substr( $c, 23, 4 ) ) >> 5 ); |
|
| 1864 | + $c10 = 2097151 & ( self::load_3( self::substr( $c, 26, 3 ) ) >> 2 ); |
|
| 1865 | + $c11 = ( self::load_4( self::substr( $c, 28, 4 ) ) >> 7 ); |
|
| 1866 | 1866 | |
| 1867 | 1867 | /* Can't really avoid the pyramid here: */ |
| 1868 | - $s0 = $c0 + self::mul($a0, $b0); |
|
| 1869 | - $s1 = $c1 + self::mul($a0, $b1) + self::mul($a1, $b0); |
|
| 1870 | - $s2 = $c2 + self::mul($a0, $b2) + self::mul($a1, $b1) + self::mul($a2, $b0); |
|
| 1871 | - $s3 = $c3 + self::mul($a0, $b3) + self::mul($a1, $b2) + self::mul($a2, $b1) + self::mul($a3, $b0); |
|
| 1872 | - $s4 = $c4 + self::mul($a0, $b4) + self::mul($a1, $b3) + self::mul($a2, $b2) + self::mul($a3, $b1) + self::mul($a4, $b0); |
|
| 1873 | - $s5 = $c5 + self::mul($a0, $b5) + self::mul($a1, $b4) + self::mul($a2, $b3) + self::mul($a3, $b2) + self::mul($a4, $b1) + self::mul($a5, $b0); |
|
| 1874 | - $s6 = $c6 + self::mul($a0, $b6) + self::mul($a1, $b5) + self::mul($a2, $b4) + self::mul($a3, $b3) + self::mul($a4, $b2) + self::mul($a5, $b1) + self::mul($a6, $b0); |
|
| 1875 | - $s7 = $c7 + self::mul($a0, $b7) + self::mul($a1, $b6) + self::mul($a2, $b5) + self::mul($a3, $b4) + self::mul($a4, $b3) + self::mul($a5, $b2) + self::mul($a6, $b1) + self::mul($a7, $b0); |
|
| 1876 | - $s8 = $c8 + self::mul($a0, $b8) + self::mul($a1, $b7) + self::mul($a2, $b6) + self::mul($a3, $b5) + self::mul($a4, $b4) + self::mul($a5, $b3) + self::mul($a6, $b2) + self::mul($a7, $b1) + self::mul($a8, $b0); |
|
| 1877 | - $s9 = $c9 + self::mul($a0, $b9) + self::mul($a1, $b8) + self::mul($a2, $b7) + self::mul($a3, $b6) + self::mul($a4, $b5) + self::mul($a5, $b4) + self::mul($a6, $b3) + self::mul($a7, $b2) + self::mul($a8, $b1) + self::mul($a9, $b0); |
|
| 1878 | - $s10 = $c10 + self::mul($a0, $b10) + self::mul($a1, $b9) + self::mul($a2, $b8) + self::mul($a3, $b7) + self::mul($a4, $b6) + self::mul($a5, $b5) + self::mul($a6, $b4) + self::mul($a7, $b3) + self::mul($a8, $b2) + self::mul($a9, $b1) + self::mul($a10, $b0); |
|
| 1879 | - $s11 = $c11 + self::mul($a0, $b11) + self::mul($a1, $b10) + self::mul($a2, $b9) + self::mul($a3, $b8) + self::mul($a4, $b7) + self::mul($a5, $b6) + self::mul($a6, $b5) + self::mul($a7, $b4) + self::mul($a8, $b3) + self::mul($a9, $b2) + self::mul($a10, $b1) + self::mul($a11, $b0); |
|
| 1880 | - $s12 = self::mul($a1, $b11) + self::mul($a2, $b10) + self::mul($a3, $b9) + self::mul($a4, $b8) + self::mul($a5, $b7) + self::mul($a6, $b6) + self::mul($a7, $b5) + self::mul($a8, $b4) + self::mul($a9, $b3) + self::mul($a10, $b2) + self::mul($a11, $b1); |
|
| 1881 | - $s13 = self::mul($a2, $b11) + self::mul($a3, $b10) + self::mul($a4, $b9) + self::mul($a5, $b8) + self::mul($a6, $b7) + self::mul($a7, $b6) + self::mul($a8, $b5) + self::mul($a9, $b4) + self::mul($a10, $b3) + self::mul($a11, $b2); |
|
| 1882 | - $s14 = self::mul($a3, $b11) + self::mul($a4, $b10) + self::mul($a5, $b9) + self::mul($a6, $b8) + self::mul($a7, $b7) + self::mul($a8, $b6) + self::mul($a9, $b5) + self::mul($a10, $b4) + self::mul($a11, $b3); |
|
| 1883 | - $s15 = self::mul($a4, $b11) + self::mul($a5, $b10) + self::mul($a6, $b9) + self::mul($a7, $b8) + self::mul($a8, $b7) + self::mul($a9, $b6) + self::mul($a10, $b5) + self::mul($a11, $b4); |
|
| 1884 | - $s16 = self::mul($a5, $b11) + self::mul($a6, $b10) + self::mul($a7, $b9) + self::mul($a8, $b8) + self::mul($a9, $b7) + self::mul($a10, $b6) + self::mul($a11, $b5); |
|
| 1885 | - $s17 = self::mul($a6, $b11) + self::mul($a7, $b10) + self::mul($a8, $b9) + self::mul($a9, $b8) + self::mul($a10, $b7) + self::mul($a11, $b6); |
|
| 1886 | - $s18 = self::mul($a7, $b11) + self::mul($a8, $b10) + self::mul($a9, $b9) + self::mul($a10, $b8) + self::mul($a11, $b7); |
|
| 1887 | - $s19 = self::mul($a8, $b11) + self::mul($a9, $b10) + self::mul($a10, $b9) + self::mul($a11, $b8); |
|
| 1888 | - $s20 = self::mul($a9, $b11) + self::mul($a10, $b10) + self::mul($a11, $b9); |
|
| 1889 | - $s21 = self::mul($a10, $b11) + self::mul($a11, $b10); |
|
| 1890 | - $s22 = self::mul($a11, $b11); |
|
| 1868 | + $s0 = $c0 + self::mul( $a0, $b0 ); |
|
| 1869 | + $s1 = $c1 + self::mul( $a0, $b1 ) + self::mul( $a1, $b0 ); |
|
| 1870 | + $s2 = $c2 + self::mul( $a0, $b2 ) + self::mul( $a1, $b1 ) + self::mul( $a2, $b0 ); |
|
| 1871 | + $s3 = $c3 + self::mul( $a0, $b3 ) + self::mul( $a1, $b2 ) + self::mul( $a2, $b1 ) + self::mul( $a3, $b0 ); |
|
| 1872 | + $s4 = $c4 + self::mul( $a0, $b4 ) + self::mul( $a1, $b3 ) + self::mul( $a2, $b2 ) + self::mul( $a3, $b1 ) + self::mul( $a4, $b0 ); |
|
| 1873 | + $s5 = $c5 + self::mul( $a0, $b5 ) + self::mul( $a1, $b4 ) + self::mul( $a2, $b3 ) + self::mul( $a3, $b2 ) + self::mul( $a4, $b1 ) + self::mul( $a5, $b0 ); |
|
| 1874 | + $s6 = $c6 + self::mul( $a0, $b6 ) + self::mul( $a1, $b5 ) + self::mul( $a2, $b4 ) + self::mul( $a3, $b3 ) + self::mul( $a4, $b2 ) + self::mul( $a5, $b1 ) + self::mul( $a6, $b0 ); |
|
| 1875 | + $s7 = $c7 + self::mul( $a0, $b7 ) + self::mul( $a1, $b6 ) + self::mul( $a2, $b5 ) + self::mul( $a3, $b4 ) + self::mul( $a4, $b3 ) + self::mul( $a5, $b2 ) + self::mul( $a6, $b1 ) + self::mul( $a7, $b0 ); |
|
| 1876 | + $s8 = $c8 + self::mul( $a0, $b8 ) + self::mul( $a1, $b7 ) + self::mul( $a2, $b6 ) + self::mul( $a3, $b5 ) + self::mul( $a4, $b4 ) + self::mul( $a5, $b3 ) + self::mul( $a6, $b2 ) + self::mul( $a7, $b1 ) + self::mul( $a8, $b0 ); |
|
| 1877 | + $s9 = $c9 + self::mul( $a0, $b9 ) + self::mul( $a1, $b8 ) + self::mul( $a2, $b7 ) + self::mul( $a3, $b6 ) + self::mul( $a4, $b5 ) + self::mul( $a5, $b4 ) + self::mul( $a6, $b3 ) + self::mul( $a7, $b2 ) + self::mul( $a8, $b1 ) + self::mul( $a9, $b0 ); |
|
| 1878 | + $s10 = $c10 + self::mul( $a0, $b10 ) + self::mul( $a1, $b9 ) + self::mul( $a2, $b8 ) + self::mul( $a3, $b7 ) + self::mul( $a4, $b6 ) + self::mul( $a5, $b5 ) + self::mul( $a6, $b4 ) + self::mul( $a7, $b3 ) + self::mul( $a8, $b2 ) + self::mul( $a9, $b1 ) + self::mul( $a10, $b0 ); |
|
| 1879 | + $s11 = $c11 + self::mul( $a0, $b11 ) + self::mul( $a1, $b10 ) + self::mul( $a2, $b9 ) + self::mul( $a3, $b8 ) + self::mul( $a4, $b7 ) + self::mul( $a5, $b6 ) + self::mul( $a6, $b5 ) + self::mul( $a7, $b4 ) + self::mul( $a8, $b3 ) + self::mul( $a9, $b2 ) + self::mul( $a10, $b1 ) + self::mul( $a11, $b0 ); |
|
| 1880 | + $s12 = self::mul( $a1, $b11 ) + self::mul( $a2, $b10 ) + self::mul( $a3, $b9 ) + self::mul( $a4, $b8 ) + self::mul( $a5, $b7 ) + self::mul( $a6, $b6 ) + self::mul( $a7, $b5 ) + self::mul( $a8, $b4 ) + self::mul( $a9, $b3 ) + self::mul( $a10, $b2 ) + self::mul( $a11, $b1 ); |
|
| 1881 | + $s13 = self::mul( $a2, $b11 ) + self::mul( $a3, $b10 ) + self::mul( $a4, $b9 ) + self::mul( $a5, $b8 ) + self::mul( $a6, $b7 ) + self::mul( $a7, $b6 ) + self::mul( $a8, $b5 ) + self::mul( $a9, $b4 ) + self::mul( $a10, $b3 ) + self::mul( $a11, $b2 ); |
|
| 1882 | + $s14 = self::mul( $a3, $b11 ) + self::mul( $a4, $b10 ) + self::mul( $a5, $b9 ) + self::mul( $a6, $b8 ) + self::mul( $a7, $b7 ) + self::mul( $a8, $b6 ) + self::mul( $a9, $b5 ) + self::mul( $a10, $b4 ) + self::mul( $a11, $b3 ); |
|
| 1883 | + $s15 = self::mul( $a4, $b11 ) + self::mul( $a5, $b10 ) + self::mul( $a6, $b9 ) + self::mul( $a7, $b8 ) + self::mul( $a8, $b7 ) + self::mul( $a9, $b6 ) + self::mul( $a10, $b5 ) + self::mul( $a11, $b4 ); |
|
| 1884 | + $s16 = self::mul( $a5, $b11 ) + self::mul( $a6, $b10 ) + self::mul( $a7, $b9 ) + self::mul( $a8, $b8 ) + self::mul( $a9, $b7 ) + self::mul( $a10, $b6 ) + self::mul( $a11, $b5 ); |
|
| 1885 | + $s17 = self::mul( $a6, $b11 ) + self::mul( $a7, $b10 ) + self::mul( $a8, $b9 ) + self::mul( $a9, $b8 ) + self::mul( $a10, $b7 ) + self::mul( $a11, $b6 ); |
|
| 1886 | + $s18 = self::mul( $a7, $b11 ) + self::mul( $a8, $b10 ) + self::mul( $a9, $b9 ) + self::mul( $a10, $b8 ) + self::mul( $a11, $b7 ); |
|
| 1887 | + $s19 = self::mul( $a8, $b11 ) + self::mul( $a9, $b10 ) + self::mul( $a10, $b9 ) + self::mul( $a11, $b8 ); |
|
| 1888 | + $s20 = self::mul( $a9, $b11 ) + self::mul( $a10, $b10 ) + self::mul( $a11, $b9 ); |
|
| 1889 | + $s21 = self::mul( $a10, $b11 ) + self::mul( $a11, $b10 ); |
|
| 1890 | + $s22 = self::mul( $a11, $b11 ); |
|
| 1891 | 1891 | $s23 = 0; |
| 1892 | 1892 | |
| 1893 | - $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 1893 | + $carry0 = ( $s0 + ( 1 << 20 ) ) >> 21; |
|
| 1894 | 1894 | $s1 += $carry0; |
| 1895 | 1895 | $s0 -= $carry0 << 21; |
| 1896 | - $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 1896 | + $carry2 = ( $s2 + ( 1 << 20 ) ) >> 21; |
|
| 1897 | 1897 | $s3 += $carry2; |
| 1898 | 1898 | $s2 -= $carry2 << 21; |
| 1899 | - $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 1899 | + $carry4 = ( $s4 + ( 1 << 20 ) ) >> 21; |
|
| 1900 | 1900 | $s5 += $carry4; |
| 1901 | 1901 | $s4 -= $carry4 << 21; |
| 1902 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 1902 | + $carry6 = ( $s6 + ( 1 << 20 ) ) >> 21; |
|
| 1903 | 1903 | $s7 += $carry6; |
| 1904 | 1904 | $s6 -= $carry6 << 21; |
| 1905 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 1905 | + $carry8 = ( $s8 + ( 1 << 20 ) ) >> 21; |
|
| 1906 | 1906 | $s9 += $carry8; |
| 1907 | 1907 | $s8 -= $carry8 << 21; |
| 1908 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 1908 | + $carry10 = ( $s10 + ( 1 << 20 ) ) >> 21; |
|
| 1909 | 1909 | $s11 += $carry10; |
| 1910 | 1910 | $s10 -= $carry10 << 21; |
| 1911 | - $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 1911 | + $carry12 = ( $s12 + ( 1 << 20 ) ) >> 21; |
|
| 1912 | 1912 | $s13 += $carry12; |
| 1913 | 1913 | $s12 -= $carry12 << 21; |
| 1914 | - $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 1914 | + $carry14 = ( $s14 + ( 1 << 20 ) ) >> 21; |
|
| 1915 | 1915 | $s15 += $carry14; |
| 1916 | 1916 | $s14 -= $carry14 << 21; |
| 1917 | - $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 1917 | + $carry16 = ( $s16 + ( 1 << 20 ) ) >> 21; |
|
| 1918 | 1918 | $s17 += $carry16; |
| 1919 | 1919 | $s16 -= $carry16 << 21; |
| 1920 | - $carry18 = ($s18 + (1 << 20)) >> 21; |
|
| 1920 | + $carry18 = ( $s18 + ( 1 << 20 ) ) >> 21; |
|
| 1921 | 1921 | $s19 += $carry18; |
| 1922 | 1922 | $s18 -= $carry18 << 21; |
| 1923 | - $carry20 = ($s20 + (1 << 20)) >> 21; |
|
| 1923 | + $carry20 = ( $s20 + ( 1 << 20 ) ) >> 21; |
|
| 1924 | 1924 | $s21 += $carry20; |
| 1925 | 1925 | $s20 -= $carry20 << 21; |
| 1926 | - $carry22 = ($s22 + (1 << 20)) >> 21; |
|
| 1926 | + $carry22 = ( $s22 + ( 1 << 20 ) ) >> 21; |
|
| 1927 | 1927 | $s23 += $carry22; |
| 1928 | 1928 | $s22 -= $carry22 << 21; |
| 1929 | 1929 | |
| 1930 | - $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 1930 | + $carry1 = ( $s1 + ( 1 << 20 ) ) >> 21; |
|
| 1931 | 1931 | $s2 += $carry1; |
| 1932 | 1932 | $s1 -= $carry1 << 21; |
| 1933 | - $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 1933 | + $carry3 = ( $s3 + ( 1 << 20 ) ) >> 21; |
|
| 1934 | 1934 | $s4 += $carry3; |
| 1935 | 1935 | $s3 -= $carry3 << 21; |
| 1936 | - $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 1936 | + $carry5 = ( $s5 + ( 1 << 20 ) ) >> 21; |
|
| 1937 | 1937 | $s6 += $carry5; |
| 1938 | 1938 | $s5 -= $carry5 << 21; |
| 1939 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 1939 | + $carry7 = ( $s7 + ( 1 << 20 ) ) >> 21; |
|
| 1940 | 1940 | $s8 += $carry7; |
| 1941 | 1941 | $s7 -= $carry7 << 21; |
| 1942 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 1942 | + $carry9 = ( $s9 + ( 1 << 20 ) ) >> 21; |
|
| 1943 | 1943 | $s10 += $carry9; |
| 1944 | 1944 | $s9 -= $carry9 << 21; |
| 1945 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 1945 | + $carry11 = ( $s11 + ( 1 << 20 ) ) >> 21; |
|
| 1946 | 1946 | $s12 += $carry11; |
| 1947 | 1947 | $s11 -= $carry11 << 21; |
| 1948 | - $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 1948 | + $carry13 = ( $s13 + ( 1 << 20 ) ) >> 21; |
|
| 1949 | 1949 | $s14 += $carry13; |
| 1950 | 1950 | $s13 -= $carry13 << 21; |
| 1951 | - $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 1951 | + $carry15 = ( $s15 + ( 1 << 20 ) ) >> 21; |
|
| 1952 | 1952 | $s16 += $carry15; |
| 1953 | 1953 | $s15 -= $carry15 << 21; |
| 1954 | - $carry17 = ($s17 + (1 << 20)) >> 21; |
|
| 1954 | + $carry17 = ( $s17 + ( 1 << 20 ) ) >> 21; |
|
| 1955 | 1955 | $s18 += $carry17; |
| 1956 | 1956 | $s17 -= $carry17 << 21; |
| 1957 | - $carry19 = ($s19 + (1 << 20)) >> 21; |
|
| 1957 | + $carry19 = ( $s19 + ( 1 << 20 ) ) >> 21; |
|
| 1958 | 1958 | $s20 += $carry19; |
| 1959 | 1959 | $s19 -= $carry19 << 21; |
| 1960 | - $carry21 = ($s21 + (1 << 20)) >> 21; |
|
| 1960 | + $carry21 = ( $s21 + ( 1 << 20 ) ) >> 21; |
|
| 1961 | 1961 | $s22 += $carry21; |
| 1962 | 1962 | $s21 -= $carry21 << 21; |
| 1963 | 1963 | |
| 1964 | - $s11 += self::mul($s23, 666643, 20); |
|
| 1965 | - $s12 += self::mul($s23, 470296, 19); |
|
| 1966 | - $s13 += self::mul($s23, 654183, 20); |
|
| 1967 | - $s14 -= self::mul($s23, 997805, 20); |
|
| 1968 | - $s15 += self::mul($s23, 136657, 18); |
|
| 1969 | - $s16 -= self::mul($s23, 683901, 20); |
|
| 1970 | - |
|
| 1971 | - $s10 += self::mul($s22, 666643, 20); |
|
| 1972 | - $s11 += self::mul($s22, 470296, 19); |
|
| 1973 | - $s12 += self::mul($s22, 654183, 20); |
|
| 1974 | - $s13 -= self::mul($s22, 997805, 20); |
|
| 1975 | - $s14 += self::mul($s22, 136657, 18); |
|
| 1976 | - $s15 -= self::mul($s22, 683901, 20); |
|
| 1977 | - |
|
| 1978 | - $s9 += self::mul($s21, 666643, 20); |
|
| 1979 | - $s10 += self::mul($s21, 470296, 19); |
|
| 1980 | - $s11 += self::mul($s21, 654183, 20); |
|
| 1981 | - $s12 -= self::mul($s21, 997805, 20); |
|
| 1982 | - $s13 += self::mul($s21, 136657, 18); |
|
| 1983 | - $s14 -= self::mul($s21, 683901, 20); |
|
| 1984 | - |
|
| 1985 | - $s8 += self::mul($s20, 666643, 20); |
|
| 1986 | - $s9 += self::mul($s20, 470296, 19); |
|
| 1987 | - $s10 += self::mul($s20, 654183, 20); |
|
| 1988 | - $s11 -= self::mul($s20, 997805, 20); |
|
| 1989 | - $s12 += self::mul($s20, 136657, 18); |
|
| 1990 | - $s13 -= self::mul($s20, 683901, 20); |
|
| 1991 | - |
|
| 1992 | - $s7 += self::mul($s19, 666643, 20); |
|
| 1993 | - $s8 += self::mul($s19, 470296, 19); |
|
| 1994 | - $s9 += self::mul($s19, 654183, 20); |
|
| 1995 | - $s10 -= self::mul($s19, 997805, 20); |
|
| 1996 | - $s11 += self::mul($s19, 136657, 18); |
|
| 1997 | - $s12 -= self::mul($s19, 683901, 20); |
|
| 1998 | - |
|
| 1999 | - $s6 += self::mul($s18, 666643, 20); |
|
| 2000 | - $s7 += self::mul($s18, 470296, 19); |
|
| 2001 | - $s8 += self::mul($s18, 654183, 20); |
|
| 2002 | - $s9 -= self::mul($s18, 997805, 20); |
|
| 2003 | - $s10 += self::mul($s18, 136657, 18); |
|
| 2004 | - $s11 -= self::mul($s18, 683901, 20); |
|
| 2005 | - |
|
| 2006 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 1964 | + $s11 += self::mul( $s23, 666643, 20 ); |
|
| 1965 | + $s12 += self::mul( $s23, 470296, 19 ); |
|
| 1966 | + $s13 += self::mul( $s23, 654183, 20 ); |
|
| 1967 | + $s14 -= self::mul( $s23, 997805, 20 ); |
|
| 1968 | + $s15 += self::mul( $s23, 136657, 18 ); |
|
| 1969 | + $s16 -= self::mul( $s23, 683901, 20 ); |
|
| 1970 | + |
|
| 1971 | + $s10 += self::mul( $s22, 666643, 20 ); |
|
| 1972 | + $s11 += self::mul( $s22, 470296, 19 ); |
|
| 1973 | + $s12 += self::mul( $s22, 654183, 20 ); |
|
| 1974 | + $s13 -= self::mul( $s22, 997805, 20 ); |
|
| 1975 | + $s14 += self::mul( $s22, 136657, 18 ); |
|
| 1976 | + $s15 -= self::mul( $s22, 683901, 20 ); |
|
| 1977 | + |
|
| 1978 | + $s9 += self::mul( $s21, 666643, 20 ); |
|
| 1979 | + $s10 += self::mul( $s21, 470296, 19 ); |
|
| 1980 | + $s11 += self::mul( $s21, 654183, 20 ); |
|
| 1981 | + $s12 -= self::mul( $s21, 997805, 20 ); |
|
| 1982 | + $s13 += self::mul( $s21, 136657, 18 ); |
|
| 1983 | + $s14 -= self::mul( $s21, 683901, 20 ); |
|
| 1984 | + |
|
| 1985 | + $s8 += self::mul( $s20, 666643, 20 ); |
|
| 1986 | + $s9 += self::mul( $s20, 470296, 19 ); |
|
| 1987 | + $s10 += self::mul( $s20, 654183, 20 ); |
|
| 1988 | + $s11 -= self::mul( $s20, 997805, 20 ); |
|
| 1989 | + $s12 += self::mul( $s20, 136657, 18 ); |
|
| 1990 | + $s13 -= self::mul( $s20, 683901, 20 ); |
|
| 1991 | + |
|
| 1992 | + $s7 += self::mul( $s19, 666643, 20 ); |
|
| 1993 | + $s8 += self::mul( $s19, 470296, 19 ); |
|
| 1994 | + $s9 += self::mul( $s19, 654183, 20 ); |
|
| 1995 | + $s10 -= self::mul( $s19, 997805, 20 ); |
|
| 1996 | + $s11 += self::mul( $s19, 136657, 18 ); |
|
| 1997 | + $s12 -= self::mul( $s19, 683901, 20 ); |
|
| 1998 | + |
|
| 1999 | + $s6 += self::mul( $s18, 666643, 20 ); |
|
| 2000 | + $s7 += self::mul( $s18, 470296, 19 ); |
|
| 2001 | + $s8 += self::mul( $s18, 654183, 20 ); |
|
| 2002 | + $s9 -= self::mul( $s18, 997805, 20 ); |
|
| 2003 | + $s10 += self::mul( $s18, 136657, 18 ); |
|
| 2004 | + $s11 -= self::mul( $s18, 683901, 20 ); |
|
| 2005 | + |
|
| 2006 | + $carry6 = ( $s6 + ( 1 << 20 ) ) >> 21; |
|
| 2007 | 2007 | $s7 += $carry6; |
| 2008 | 2008 | $s6 -= $carry6 << 21; |
| 2009 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2009 | + $carry8 = ( $s8 + ( 1 << 20 ) ) >> 21; |
|
| 2010 | 2010 | $s9 += $carry8; |
| 2011 | 2011 | $s8 -= $carry8 << 21; |
| 2012 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2012 | + $carry10 = ( $s10 + ( 1 << 20 ) ) >> 21; |
|
| 2013 | 2013 | $s11 += $carry10; |
| 2014 | 2014 | $s10 -= $carry10 << 21; |
| 2015 | - $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 2015 | + $carry12 = ( $s12 + ( 1 << 20 ) ) >> 21; |
|
| 2016 | 2016 | $s13 += $carry12; |
| 2017 | 2017 | $s12 -= $carry12 << 21; |
| 2018 | - $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 2018 | + $carry14 = ( $s14 + ( 1 << 20 ) ) >> 21; |
|
| 2019 | 2019 | $s15 += $carry14; |
| 2020 | 2020 | $s14 -= $carry14 << 21; |
| 2021 | - $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 2021 | + $carry16 = ( $s16 + ( 1 << 20 ) ) >> 21; |
|
| 2022 | 2022 | $s17 += $carry16; |
| 2023 | 2023 | $s16 -= $carry16 << 21; |
| 2024 | 2024 | |
| 2025 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2025 | + $carry7 = ( $s7 + ( 1 << 20 ) ) >> 21; |
|
| 2026 | 2026 | $s8 += $carry7; |
| 2027 | 2027 | $s7 -= $carry7 << 21; |
| 2028 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2028 | + $carry9 = ( $s9 + ( 1 << 20 ) ) >> 21; |
|
| 2029 | 2029 | $s10 += $carry9; |
| 2030 | 2030 | $s9 -= $carry9 << 21; |
| 2031 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2031 | + $carry11 = ( $s11 + ( 1 << 20 ) ) >> 21; |
|
| 2032 | 2032 | $s12 += $carry11; |
| 2033 | 2033 | $s11 -= $carry11 << 21; |
| 2034 | - $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 2034 | + $carry13 = ( $s13 + ( 1 << 20 ) ) >> 21; |
|
| 2035 | 2035 | $s14 += $carry13; |
| 2036 | 2036 | $s13 -= $carry13 << 21; |
| 2037 | - $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 2037 | + $carry15 = ( $s15 + ( 1 << 20 ) ) >> 21; |
|
| 2038 | 2038 | $s16 += $carry15; |
| 2039 | 2039 | $s15 -= $carry15 << 21; |
| 2040 | 2040 | |
| 2041 | - $s5 += self::mul($s17, 666643, 20); |
|
| 2042 | - $s6 += self::mul($s17, 470296, 19); |
|
| 2043 | - $s7 += self::mul($s17, 654183, 20); |
|
| 2044 | - $s8 -= self::mul($s17, 997805, 20); |
|
| 2045 | - $s9 += self::mul($s17, 136657, 18); |
|
| 2046 | - $s10 -= self::mul($s17, 683901, 20); |
|
| 2047 | - |
|
| 2048 | - $s4 += self::mul($s16, 666643, 20); |
|
| 2049 | - $s5 += self::mul($s16, 470296, 19); |
|
| 2050 | - $s6 += self::mul($s16, 654183, 20); |
|
| 2051 | - $s7 -= self::mul($s16, 997805, 20); |
|
| 2052 | - $s8 += self::mul($s16, 136657, 18); |
|
| 2053 | - $s9 -= self::mul($s16, 683901, 20); |
|
| 2054 | - |
|
| 2055 | - $s3 += self::mul($s15, 666643, 20); |
|
| 2056 | - $s4 += self::mul($s15, 470296, 19); |
|
| 2057 | - $s5 += self::mul($s15, 654183, 20); |
|
| 2058 | - $s6 -= self::mul($s15, 997805, 20); |
|
| 2059 | - $s7 += self::mul($s15, 136657, 18); |
|
| 2060 | - $s8 -= self::mul($s15, 683901, 20); |
|
| 2061 | - |
|
| 2062 | - $s2 += self::mul($s14, 666643, 20); |
|
| 2063 | - $s3 += self::mul($s14, 470296, 19); |
|
| 2064 | - $s4 += self::mul($s14, 654183, 20); |
|
| 2065 | - $s5 -= self::mul($s14, 997805, 20); |
|
| 2066 | - $s6 += self::mul($s14, 136657, 18); |
|
| 2067 | - $s7 -= self::mul($s14, 683901, 20); |
|
| 2068 | - |
|
| 2069 | - $s1 += self::mul($s13, 666643, 20); |
|
| 2070 | - $s2 += self::mul($s13, 470296, 19); |
|
| 2071 | - $s3 += self::mul($s13, 654183, 20); |
|
| 2072 | - $s4 -= self::mul($s13, 997805, 20); |
|
| 2073 | - $s5 += self::mul($s13, 136657, 18); |
|
| 2074 | - $s6 -= self::mul($s13, 683901, 20); |
|
| 2075 | - |
|
| 2076 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2077 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2078 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2079 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2080 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2081 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2041 | + $s5 += self::mul( $s17, 666643, 20 ); |
|
| 2042 | + $s6 += self::mul( $s17, 470296, 19 ); |
|
| 2043 | + $s7 += self::mul( $s17, 654183, 20 ); |
|
| 2044 | + $s8 -= self::mul( $s17, 997805, 20 ); |
|
| 2045 | + $s9 += self::mul( $s17, 136657, 18 ); |
|
| 2046 | + $s10 -= self::mul( $s17, 683901, 20 ); |
|
| 2047 | + |
|
| 2048 | + $s4 += self::mul( $s16, 666643, 20 ); |
|
| 2049 | + $s5 += self::mul( $s16, 470296, 19 ); |
|
| 2050 | + $s6 += self::mul( $s16, 654183, 20 ); |
|
| 2051 | + $s7 -= self::mul( $s16, 997805, 20 ); |
|
| 2052 | + $s8 += self::mul( $s16, 136657, 18 ); |
|
| 2053 | + $s9 -= self::mul( $s16, 683901, 20 ); |
|
| 2054 | + |
|
| 2055 | + $s3 += self::mul( $s15, 666643, 20 ); |
|
| 2056 | + $s4 += self::mul( $s15, 470296, 19 ); |
|
| 2057 | + $s5 += self::mul( $s15, 654183, 20 ); |
|
| 2058 | + $s6 -= self::mul( $s15, 997805, 20 ); |
|
| 2059 | + $s7 += self::mul( $s15, 136657, 18 ); |
|
| 2060 | + $s8 -= self::mul( $s15, 683901, 20 ); |
|
| 2061 | + |
|
| 2062 | + $s2 += self::mul( $s14, 666643, 20 ); |
|
| 2063 | + $s3 += self::mul( $s14, 470296, 19 ); |
|
| 2064 | + $s4 += self::mul( $s14, 654183, 20 ); |
|
| 2065 | + $s5 -= self::mul( $s14, 997805, 20 ); |
|
| 2066 | + $s6 += self::mul( $s14, 136657, 18 ); |
|
| 2067 | + $s7 -= self::mul( $s14, 683901, 20 ); |
|
| 2068 | + |
|
| 2069 | + $s1 += self::mul( $s13, 666643, 20 ); |
|
| 2070 | + $s2 += self::mul( $s13, 470296, 19 ); |
|
| 2071 | + $s3 += self::mul( $s13, 654183, 20 ); |
|
| 2072 | + $s4 -= self::mul( $s13, 997805, 20 ); |
|
| 2073 | + $s5 += self::mul( $s13, 136657, 18 ); |
|
| 2074 | + $s6 -= self::mul( $s13, 683901, 20 ); |
|
| 2075 | + |
|
| 2076 | + $s0 += self::mul( $s12, 666643, 20 ); |
|
| 2077 | + $s1 += self::mul( $s12, 470296, 19 ); |
|
| 2078 | + $s2 += self::mul( $s12, 654183, 20 ); |
|
| 2079 | + $s3 -= self::mul( $s12, 997805, 20 ); |
|
| 2080 | + $s4 += self::mul( $s12, 136657, 18 ); |
|
| 2081 | + $s5 -= self::mul( $s12, 683901, 20 ); |
|
| 2082 | 2082 | $s12 = 0; |
| 2083 | 2083 | |
| 2084 | - $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 2084 | + $carry0 = ( $s0 + ( 1 << 20 ) ) >> 21; |
|
| 2085 | 2085 | $s1 += $carry0; |
| 2086 | 2086 | $s0 -= $carry0 << 21; |
| 2087 | - $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 2087 | + $carry2 = ( $s2 + ( 1 << 20 ) ) >> 21; |
|
| 2088 | 2088 | $s3 += $carry2; |
| 2089 | 2089 | $s2 -= $carry2 << 21; |
| 2090 | - $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 2090 | + $carry4 = ( $s4 + ( 1 << 20 ) ) >> 21; |
|
| 2091 | 2091 | $s5 += $carry4; |
| 2092 | 2092 | $s4 -= $carry4 << 21; |
| 2093 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2093 | + $carry6 = ( $s6 + ( 1 << 20 ) ) >> 21; |
|
| 2094 | 2094 | $s7 += $carry6; |
| 2095 | 2095 | $s6 -= $carry6 << 21; |
| 2096 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2096 | + $carry8 = ( $s8 + ( 1 << 20 ) ) >> 21; |
|
| 2097 | 2097 | $s9 += $carry8; |
| 2098 | 2098 | $s8 -= $carry8 << 21; |
| 2099 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2099 | + $carry10 = ( $s10 + ( 1 << 20 ) ) >> 21; |
|
| 2100 | 2100 | $s11 += $carry10; |
| 2101 | 2101 | $s10 -= $carry10 << 21; |
| 2102 | 2102 | |
| 2103 | - $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 2103 | + $carry1 = ( $s1 + ( 1 << 20 ) ) >> 21; |
|
| 2104 | 2104 | $s2 += $carry1; |
| 2105 | 2105 | $s1 -= $carry1 << 21; |
| 2106 | - $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 2106 | + $carry3 = ( $s3 + ( 1 << 20 ) ) >> 21; |
|
| 2107 | 2107 | $s4 += $carry3; |
| 2108 | 2108 | $s3 -= $carry3 << 21; |
| 2109 | - $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 2109 | + $carry5 = ( $s5 + ( 1 << 20 ) ) >> 21; |
|
| 2110 | 2110 | $s6 += $carry5; |
| 2111 | 2111 | $s5 -= $carry5 << 21; |
| 2112 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2112 | + $carry7 = ( $s7 + ( 1 << 20 ) ) >> 21; |
|
| 2113 | 2113 | $s8 += $carry7; |
| 2114 | 2114 | $s7 -= $carry7 << 21; |
| 2115 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2115 | + $carry9 = ( $s9 + ( 1 << 20 ) ) >> 21; |
|
| 2116 | 2116 | $s10 += $carry9; |
| 2117 | 2117 | $s9 -= $carry9 << 21; |
| 2118 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2118 | + $carry11 = ( $s11 + ( 1 << 20 ) ) >> 21; |
|
| 2119 | 2119 | $s12 += $carry11; |
| 2120 | 2120 | $s11 -= $carry11 << 21; |
| 2121 | 2121 | |
| 2122 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2123 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2124 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2125 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2126 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2127 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2122 | + $s0 += self::mul( $s12, 666643, 20 ); |
|
| 2123 | + $s1 += self::mul( $s12, 470296, 19 ); |
|
| 2124 | + $s2 += self::mul( $s12, 654183, 20 ); |
|
| 2125 | + $s3 -= self::mul( $s12, 997805, 20 ); |
|
| 2126 | + $s4 += self::mul( $s12, 136657, 18 ); |
|
| 2127 | + $s5 -= self::mul( $s12, 683901, 20 ); |
|
| 2128 | 2128 | $s12 = 0; |
| 2129 | 2129 | |
| 2130 | 2130 | $carry0 = $s0 >> 21; |
@@ -2164,12 +2164,12 @@ discard block |
||
| 2164 | 2164 | $s12 += $carry11; |
| 2165 | 2165 | $s11 -= $carry11 << 21; |
| 2166 | 2166 | |
| 2167 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2168 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2169 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2170 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2171 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2172 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2167 | + $s0 += self::mul( $s12, 666643, 20 ); |
|
| 2168 | + $s1 += self::mul( $s12, 470296, 19 ); |
|
| 2169 | + $s2 += self::mul( $s12, 654183, 20 ); |
|
| 2170 | + $s3 -= self::mul( $s12, 997805, 20 ); |
|
| 2171 | + $s4 += self::mul( $s12, 136657, 18 ); |
|
| 2172 | + $s5 -= self::mul( $s12, 683901, 20 ); |
|
| 2173 | 2173 | |
| 2174 | 2174 | $carry0 = $s0 >> 21; |
| 2175 | 2175 | $s1 += $carry0; |
@@ -2209,40 +2209,40 @@ discard block |
||
| 2209 | 2209 | * @var array<int, int> |
| 2210 | 2210 | */ |
| 2211 | 2211 | $arr = array( |
| 2212 | - (int) (0xff & ($s0 >> 0)), |
|
| 2213 | - (int) (0xff & ($s0 >> 8)), |
|
| 2214 | - (int) (0xff & (($s0 >> 16) | $s1 << 5)), |
|
| 2215 | - (int) (0xff & ($s1 >> 3)), |
|
| 2216 | - (int) (0xff & ($s1 >> 11)), |
|
| 2217 | - (int) (0xff & (($s1 >> 19) | $s2 << 2)), |
|
| 2218 | - (int) (0xff & ($s2 >> 6)), |
|
| 2219 | - (int) (0xff & (($s2 >> 14) | $s3 << 7)), |
|
| 2220 | - (int) (0xff & ($s3 >> 1)), |
|
| 2221 | - (int) (0xff & ($s3 >> 9)), |
|
| 2222 | - (int) (0xff & (($s3 >> 17) | $s4 << 4)), |
|
| 2223 | - (int) (0xff & ($s4 >> 4)), |
|
| 2224 | - (int) (0xff & ($s4 >> 12)), |
|
| 2225 | - (int) (0xff & (($s4 >> 20) | $s5 << 1)), |
|
| 2226 | - (int) (0xff & ($s5 >> 7)), |
|
| 2227 | - (int) (0xff & (($s5 >> 15) | $s6 << 6)), |
|
| 2228 | - (int) (0xff & ($s6 >> 2)), |
|
| 2229 | - (int) (0xff & ($s6 >> 10)), |
|
| 2230 | - (int) (0xff & (($s6 >> 18) | $s7 << 3)), |
|
| 2231 | - (int) (0xff & ($s7 >> 5)), |
|
| 2232 | - (int) (0xff & ($s7 >> 13)), |
|
| 2233 | - (int) (0xff & ($s8 >> 0)), |
|
| 2234 | - (int) (0xff & ($s8 >> 8)), |
|
| 2235 | - (int) (0xff & (($s8 >> 16) | $s9 << 5)), |
|
| 2236 | - (int) (0xff & ($s9 >> 3)), |
|
| 2237 | - (int) (0xff & ($s9 >> 11)), |
|
| 2238 | - (int) (0xff & (($s9 >> 19) | $s10 << 2)), |
|
| 2239 | - (int) (0xff & ($s10 >> 6)), |
|
| 2240 | - (int) (0xff & (($s10 >> 14) | $s11 << 7)), |
|
| 2241 | - (int) (0xff & ($s11 >> 1)), |
|
| 2242 | - (int) (0xff & ($s11 >> 9)), |
|
| 2243 | - 0xff & ($s11 >> 17) |
|
| 2212 | + (int) ( 0xff & ( $s0 >> 0 ) ), |
|
| 2213 | + (int) ( 0xff & ( $s0 >> 8 ) ), |
|
| 2214 | + (int) ( 0xff & ( ( $s0 >> 16 ) | $s1 << 5 ) ), |
|
| 2215 | + (int) ( 0xff & ( $s1 >> 3 ) ), |
|
| 2216 | + (int) ( 0xff & ( $s1 >> 11 ) ), |
|
| 2217 | + (int) ( 0xff & ( ( $s1 >> 19 ) | $s2 << 2 ) ), |
|
| 2218 | + (int) ( 0xff & ( $s2 >> 6 ) ), |
|
| 2219 | + (int) ( 0xff & ( ( $s2 >> 14 ) | $s3 << 7 ) ), |
|
| 2220 | + (int) ( 0xff & ( $s3 >> 1 ) ), |
|
| 2221 | + (int) ( 0xff & ( $s3 >> 9 ) ), |
|
| 2222 | + (int) ( 0xff & ( ( $s3 >> 17 ) | $s4 << 4 ) ), |
|
| 2223 | + (int) ( 0xff & ( $s4 >> 4 ) ), |
|
| 2224 | + (int) ( 0xff & ( $s4 >> 12 ) ), |
|
| 2225 | + (int) ( 0xff & ( ( $s4 >> 20 ) | $s5 << 1 ) ), |
|
| 2226 | + (int) ( 0xff & ( $s5 >> 7 ) ), |
|
| 2227 | + (int) ( 0xff & ( ( $s5 >> 15 ) | $s6 << 6 ) ), |
|
| 2228 | + (int) ( 0xff & ( $s6 >> 2 ) ), |
|
| 2229 | + (int) ( 0xff & ( $s6 >> 10 ) ), |
|
| 2230 | + (int) ( 0xff & ( ( $s6 >> 18 ) | $s7 << 3 ) ), |
|
| 2231 | + (int) ( 0xff & ( $s7 >> 5 ) ), |
|
| 2232 | + (int) ( 0xff & ( $s7 >> 13 ) ), |
|
| 2233 | + (int) ( 0xff & ( $s8 >> 0 ) ), |
|
| 2234 | + (int) ( 0xff & ( $s8 >> 8 ) ), |
|
| 2235 | + (int) ( 0xff & ( ( $s8 >> 16 ) | $s9 << 5 ) ), |
|
| 2236 | + (int) ( 0xff & ( $s9 >> 3 ) ), |
|
| 2237 | + (int) ( 0xff & ( $s9 >> 11 ) ), |
|
| 2238 | + (int) ( 0xff & ( ( $s9 >> 19 ) | $s10 << 2 ) ), |
|
| 2239 | + (int) ( 0xff & ( $s10 >> 6 ) ), |
|
| 2240 | + (int) ( 0xff & ( ( $s10 >> 14 ) | $s11 << 7 ) ), |
|
| 2241 | + (int) ( 0xff & ( $s11 >> 1 ) ), |
|
| 2242 | + (int) ( 0xff & ( $s11 >> 9 ) ), |
|
| 2243 | + 0xff & ( $s11 >> 17 ) |
|
| 2244 | 2244 | ); |
| 2245 | - return self::intArrayToString($arr); |
|
| 2245 | + return self::intArrayToString( $arr ); |
|
| 2246 | 2246 | } |
| 2247 | 2247 | |
| 2248 | 2248 | /** |
@@ -2251,197 +2251,197 @@ discard block |
||
| 2251 | 2251 | * @param string $s |
| 2252 | 2252 | * @return string |
| 2253 | 2253 | */ |
| 2254 | - public static function sc_reduce($s) |
|
| 2254 | + public static function sc_reduce( $s ) |
|
| 2255 | 2255 | { |
| 2256 | - $s0 = 2097151 & self::load_3(self::substr($s, 0, 3)); |
|
| 2257 | - $s1 = 2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5); |
|
| 2258 | - $s2 = 2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2); |
|
| 2259 | - $s3 = 2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7); |
|
| 2260 | - $s4 = 2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4); |
|
| 2261 | - $s5 = 2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1); |
|
| 2262 | - $s6 = 2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6); |
|
| 2263 | - $s7 = 2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3); |
|
| 2264 | - $s8 = 2097151 & self::load_3(self::substr($s, 21, 3)); |
|
| 2265 | - $s9 = 2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5); |
|
| 2266 | - $s10 = 2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2); |
|
| 2267 | - $s11 = 2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7); |
|
| 2268 | - $s12 = 2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4); |
|
| 2269 | - $s13 = 2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1); |
|
| 2270 | - $s14 = 2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6); |
|
| 2271 | - $s15 = 2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3); |
|
| 2272 | - $s16 = 2097151 & self::load_3(self::substr($s, 42, 3)); |
|
| 2273 | - $s17 = 2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5); |
|
| 2274 | - $s18 = 2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2); |
|
| 2275 | - $s19 = 2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7); |
|
| 2276 | - $s20 = 2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4); |
|
| 2277 | - $s21 = 2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1); |
|
| 2278 | - $s22 = 2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6); |
|
| 2279 | - $s23 = (self::load_4(self::substr($s, 60, 4)) >> 3); |
|
| 2280 | - |
|
| 2281 | - $s11 += self::mul($s23, 666643, 20); |
|
| 2282 | - $s12 += self::mul($s23, 470296, 19); |
|
| 2283 | - $s13 += self::mul($s23, 654183, 20); |
|
| 2284 | - $s14 -= self::mul($s23, 997805, 20); |
|
| 2285 | - $s15 += self::mul($s23, 136657, 18); |
|
| 2286 | - $s16 -= self::mul($s23, 683901, 20); |
|
| 2287 | - |
|
| 2288 | - $s10 += self::mul($s22, 666643, 20); |
|
| 2289 | - $s11 += self::mul($s22, 470296, 19); |
|
| 2290 | - $s12 += self::mul($s22, 654183, 20); |
|
| 2291 | - $s13 -= self::mul($s22, 997805, 20); |
|
| 2292 | - $s14 += self::mul($s22, 136657, 18); |
|
| 2293 | - $s15 -= self::mul($s22, 683901, 20); |
|
| 2294 | - |
|
| 2295 | - $s9 += self::mul($s21, 666643, 20); |
|
| 2296 | - $s10 += self::mul($s21, 470296, 19); |
|
| 2297 | - $s11 += self::mul($s21, 654183, 20); |
|
| 2298 | - $s12 -= self::mul($s21, 997805, 20); |
|
| 2299 | - $s13 += self::mul($s21, 136657, 18); |
|
| 2300 | - $s14 -= self::mul($s21, 683901, 20); |
|
| 2301 | - |
|
| 2302 | - $s8 += self::mul($s20, 666643, 20); |
|
| 2303 | - $s9 += self::mul($s20, 470296, 19); |
|
| 2304 | - $s10 += self::mul($s20, 654183, 20); |
|
| 2305 | - $s11 -= self::mul($s20, 997805, 20); |
|
| 2306 | - $s12 += self::mul($s20, 136657, 18); |
|
| 2307 | - $s13 -= self::mul($s20, 683901, 20); |
|
| 2308 | - |
|
| 2309 | - $s7 += self::mul($s19, 666643, 20); |
|
| 2310 | - $s8 += self::mul($s19, 470296, 19); |
|
| 2311 | - $s9 += self::mul($s19, 654183, 20); |
|
| 2312 | - $s10 -= self::mul($s19, 997805, 20); |
|
| 2313 | - $s11 += self::mul($s19, 136657, 18); |
|
| 2314 | - $s12 -= self::mul($s19, 683901, 20); |
|
| 2315 | - |
|
| 2316 | - $s6 += self::mul($s18, 666643, 20); |
|
| 2317 | - $s7 += self::mul($s18, 470296, 19); |
|
| 2318 | - $s8 += self::mul($s18, 654183, 20); |
|
| 2319 | - $s9 -= self::mul($s18, 997805, 20); |
|
| 2320 | - $s10 += self::mul($s18, 136657, 18); |
|
| 2321 | - $s11 -= self::mul($s18, 683901, 20); |
|
| 2322 | - |
|
| 2323 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2256 | + $s0 = 2097151 & self::load_3( self::substr( $s, 0, 3 ) ); |
|
| 2257 | + $s1 = 2097151 & ( self::load_4( self::substr( $s, 2, 4 ) ) >> 5 ); |
|
| 2258 | + $s2 = 2097151 & ( self::load_3( self::substr( $s, 5, 3 ) ) >> 2 ); |
|
| 2259 | + $s3 = 2097151 & ( self::load_4( self::substr( $s, 7, 4 ) ) >> 7 ); |
|
| 2260 | + $s4 = 2097151 & ( self::load_4( self::substr( $s, 10, 4 ) ) >> 4 ); |
|
| 2261 | + $s5 = 2097151 & ( self::load_3( self::substr( $s, 13, 3 ) ) >> 1 ); |
|
| 2262 | + $s6 = 2097151 & ( self::load_4( self::substr( $s, 15, 4 ) ) >> 6 ); |
|
| 2263 | + $s7 = 2097151 & ( self::load_3( self::substr( $s, 18, 4 ) ) >> 3 ); |
|
| 2264 | + $s8 = 2097151 & self::load_3( self::substr( $s, 21, 3 ) ); |
|
| 2265 | + $s9 = 2097151 & ( self::load_4( self::substr( $s, 23, 4 ) ) >> 5 ); |
|
| 2266 | + $s10 = 2097151 & ( self::load_3( self::substr( $s, 26, 3 ) ) >> 2 ); |
|
| 2267 | + $s11 = 2097151 & ( self::load_4( self::substr( $s, 28, 4 ) ) >> 7 ); |
|
| 2268 | + $s12 = 2097151 & ( self::load_4( self::substr( $s, 31, 4 ) ) >> 4 ); |
|
| 2269 | + $s13 = 2097151 & ( self::load_3( self::substr( $s, 34, 3 ) ) >> 1 ); |
|
| 2270 | + $s14 = 2097151 & ( self::load_4( self::substr( $s, 36, 4 ) ) >> 6 ); |
|
| 2271 | + $s15 = 2097151 & ( self::load_3( self::substr( $s, 39, 4 ) ) >> 3 ); |
|
| 2272 | + $s16 = 2097151 & self::load_3( self::substr( $s, 42, 3 ) ); |
|
| 2273 | + $s17 = 2097151 & ( self::load_4( self::substr( $s, 44, 4 ) ) >> 5 ); |
|
| 2274 | + $s18 = 2097151 & ( self::load_3( self::substr( $s, 47, 3 ) ) >> 2 ); |
|
| 2275 | + $s19 = 2097151 & ( self::load_4( self::substr( $s, 49, 4 ) ) >> 7 ); |
|
| 2276 | + $s20 = 2097151 & ( self::load_4( self::substr( $s, 52, 4 ) ) >> 4 ); |
|
| 2277 | + $s21 = 2097151 & ( self::load_3( self::substr( $s, 55, 3 ) ) >> 1 ); |
|
| 2278 | + $s22 = 2097151 & ( self::load_4( self::substr( $s, 57, 4 ) ) >> 6 ); |
|
| 2279 | + $s23 = ( self::load_4( self::substr( $s, 60, 4 ) ) >> 3 ); |
|
| 2280 | + |
|
| 2281 | + $s11 += self::mul( $s23, 666643, 20 ); |
|
| 2282 | + $s12 += self::mul( $s23, 470296, 19 ); |
|
| 2283 | + $s13 += self::mul( $s23, 654183, 20 ); |
|
| 2284 | + $s14 -= self::mul( $s23, 997805, 20 ); |
|
| 2285 | + $s15 += self::mul( $s23, 136657, 18 ); |
|
| 2286 | + $s16 -= self::mul( $s23, 683901, 20 ); |
|
| 2287 | + |
|
| 2288 | + $s10 += self::mul( $s22, 666643, 20 ); |
|
| 2289 | + $s11 += self::mul( $s22, 470296, 19 ); |
|
| 2290 | + $s12 += self::mul( $s22, 654183, 20 ); |
|
| 2291 | + $s13 -= self::mul( $s22, 997805, 20 ); |
|
| 2292 | + $s14 += self::mul( $s22, 136657, 18 ); |
|
| 2293 | + $s15 -= self::mul( $s22, 683901, 20 ); |
|
| 2294 | + |
|
| 2295 | + $s9 += self::mul( $s21, 666643, 20 ); |
|
| 2296 | + $s10 += self::mul( $s21, 470296, 19 ); |
|
| 2297 | + $s11 += self::mul( $s21, 654183, 20 ); |
|
| 2298 | + $s12 -= self::mul( $s21, 997805, 20 ); |
|
| 2299 | + $s13 += self::mul( $s21, 136657, 18 ); |
|
| 2300 | + $s14 -= self::mul( $s21, 683901, 20 ); |
|
| 2301 | + |
|
| 2302 | + $s8 += self::mul( $s20, 666643, 20 ); |
|
| 2303 | + $s9 += self::mul( $s20, 470296, 19 ); |
|
| 2304 | + $s10 += self::mul( $s20, 654183, 20 ); |
|
| 2305 | + $s11 -= self::mul( $s20, 997805, 20 ); |
|
| 2306 | + $s12 += self::mul( $s20, 136657, 18 ); |
|
| 2307 | + $s13 -= self::mul( $s20, 683901, 20 ); |
|
| 2308 | + |
|
| 2309 | + $s7 += self::mul( $s19, 666643, 20 ); |
|
| 2310 | + $s8 += self::mul( $s19, 470296, 19 ); |
|
| 2311 | + $s9 += self::mul( $s19, 654183, 20 ); |
|
| 2312 | + $s10 -= self::mul( $s19, 997805, 20 ); |
|
| 2313 | + $s11 += self::mul( $s19, 136657, 18 ); |
|
| 2314 | + $s12 -= self::mul( $s19, 683901, 20 ); |
|
| 2315 | + |
|
| 2316 | + $s6 += self::mul( $s18, 666643, 20 ); |
|
| 2317 | + $s7 += self::mul( $s18, 470296, 19 ); |
|
| 2318 | + $s8 += self::mul( $s18, 654183, 20 ); |
|
| 2319 | + $s9 -= self::mul( $s18, 997805, 20 ); |
|
| 2320 | + $s10 += self::mul( $s18, 136657, 18 ); |
|
| 2321 | + $s11 -= self::mul( $s18, 683901, 20 ); |
|
| 2322 | + |
|
| 2323 | + $carry6 = ( $s6 + ( 1 << 20 ) ) >> 21; |
|
| 2324 | 2324 | $s7 += $carry6; |
| 2325 | 2325 | $s6 -= $carry6 << 21; |
| 2326 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2326 | + $carry8 = ( $s8 + ( 1 << 20 ) ) >> 21; |
|
| 2327 | 2327 | $s9 += $carry8; |
| 2328 | 2328 | $s8 -= $carry8 << 21; |
| 2329 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2329 | + $carry10 = ( $s10 + ( 1 << 20 ) ) >> 21; |
|
| 2330 | 2330 | $s11 += $carry10; |
| 2331 | 2331 | $s10 -= $carry10 << 21; |
| 2332 | - $carry12 = ($s12 + (1 << 20)) >> 21; |
|
| 2332 | + $carry12 = ( $s12 + ( 1 << 20 ) ) >> 21; |
|
| 2333 | 2333 | $s13 += $carry12; |
| 2334 | 2334 | $s12 -= $carry12 << 21; |
| 2335 | - $carry14 = ($s14 + (1 << 20)) >> 21; |
|
| 2335 | + $carry14 = ( $s14 + ( 1 << 20 ) ) >> 21; |
|
| 2336 | 2336 | $s15 += $carry14; |
| 2337 | 2337 | $s14 -= $carry14 << 21; |
| 2338 | - $carry16 = ($s16 + (1 << 20)) >> 21; |
|
| 2338 | + $carry16 = ( $s16 + ( 1 << 20 ) ) >> 21; |
|
| 2339 | 2339 | $s17 += $carry16; |
| 2340 | 2340 | $s16 -= $carry16 << 21; |
| 2341 | 2341 | |
| 2342 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2342 | + $carry7 = ( $s7 + ( 1 << 20 ) ) >> 21; |
|
| 2343 | 2343 | $s8 += $carry7; |
| 2344 | 2344 | $s7 -= $carry7 << 21; |
| 2345 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2345 | + $carry9 = ( $s9 + ( 1 << 20 ) ) >> 21; |
|
| 2346 | 2346 | $s10 += $carry9; |
| 2347 | 2347 | $s9 -= $carry9 << 21; |
| 2348 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2348 | + $carry11 = ( $s11 + ( 1 << 20 ) ) >> 21; |
|
| 2349 | 2349 | $s12 += $carry11; |
| 2350 | 2350 | $s11 -= $carry11 << 21; |
| 2351 | - $carry13 = ($s13 + (1 << 20)) >> 21; |
|
| 2351 | + $carry13 = ( $s13 + ( 1 << 20 ) ) >> 21; |
|
| 2352 | 2352 | $s14 += $carry13; |
| 2353 | 2353 | $s13 -= $carry13 << 21; |
| 2354 | - $carry15 = ($s15 + (1 << 20)) >> 21; |
|
| 2354 | + $carry15 = ( $s15 + ( 1 << 20 ) ) >> 21; |
|
| 2355 | 2355 | $s16 += $carry15; |
| 2356 | 2356 | $s15 -= $carry15 << 21; |
| 2357 | 2357 | |
| 2358 | - $s5 += self::mul($s17, 666643, 20); |
|
| 2359 | - $s6 += self::mul($s17, 470296, 19); |
|
| 2360 | - $s7 += self::mul($s17, 654183, 20); |
|
| 2361 | - $s8 -= self::mul($s17, 997805, 20); |
|
| 2362 | - $s9 += self::mul($s17, 136657, 18); |
|
| 2363 | - $s10 -= self::mul($s17, 683901, 20); |
|
| 2364 | - |
|
| 2365 | - $s4 += self::mul($s16, 666643, 20); |
|
| 2366 | - $s5 += self::mul($s16, 470296, 19); |
|
| 2367 | - $s6 += self::mul($s16, 654183, 20); |
|
| 2368 | - $s7 -= self::mul($s16, 997805, 20); |
|
| 2369 | - $s8 += self::mul($s16, 136657, 18); |
|
| 2370 | - $s9 -= self::mul($s16, 683901, 20); |
|
| 2371 | - |
|
| 2372 | - $s3 += self::mul($s15, 666643, 20); |
|
| 2373 | - $s4 += self::mul($s15, 470296, 19); |
|
| 2374 | - $s5 += self::mul($s15, 654183, 20); |
|
| 2375 | - $s6 -= self::mul($s15, 997805, 20); |
|
| 2376 | - $s7 += self::mul($s15, 136657, 18); |
|
| 2377 | - $s8 -= self::mul($s15, 683901, 20); |
|
| 2378 | - |
|
| 2379 | - $s2 += self::mul($s14, 666643, 20); |
|
| 2380 | - $s3 += self::mul($s14, 470296, 19); |
|
| 2381 | - $s4 += self::mul($s14, 654183, 20); |
|
| 2382 | - $s5 -= self::mul($s14, 997805, 20); |
|
| 2383 | - $s6 += self::mul($s14, 136657, 18); |
|
| 2384 | - $s7 -= self::mul($s14, 683901, 20); |
|
| 2385 | - |
|
| 2386 | - $s1 += self::mul($s13, 666643, 20); |
|
| 2387 | - $s2 += self::mul($s13, 470296, 19); |
|
| 2388 | - $s3 += self::mul($s13, 654183, 20); |
|
| 2389 | - $s4 -= self::mul($s13, 997805, 20); |
|
| 2390 | - $s5 += self::mul($s13, 136657, 18); |
|
| 2391 | - $s6 -= self::mul($s13, 683901, 20); |
|
| 2392 | - |
|
| 2393 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2394 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2395 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2396 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2397 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2398 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2358 | + $s5 += self::mul( $s17, 666643, 20 ); |
|
| 2359 | + $s6 += self::mul( $s17, 470296, 19 ); |
|
| 2360 | + $s7 += self::mul( $s17, 654183, 20 ); |
|
| 2361 | + $s8 -= self::mul( $s17, 997805, 20 ); |
|
| 2362 | + $s9 += self::mul( $s17, 136657, 18 ); |
|
| 2363 | + $s10 -= self::mul( $s17, 683901, 20 ); |
|
| 2364 | + |
|
| 2365 | + $s4 += self::mul( $s16, 666643, 20 ); |
|
| 2366 | + $s5 += self::mul( $s16, 470296, 19 ); |
|
| 2367 | + $s6 += self::mul( $s16, 654183, 20 ); |
|
| 2368 | + $s7 -= self::mul( $s16, 997805, 20 ); |
|
| 2369 | + $s8 += self::mul( $s16, 136657, 18 ); |
|
| 2370 | + $s9 -= self::mul( $s16, 683901, 20 ); |
|
| 2371 | + |
|
| 2372 | + $s3 += self::mul( $s15, 666643, 20 ); |
|
| 2373 | + $s4 += self::mul( $s15, 470296, 19 ); |
|
| 2374 | + $s5 += self::mul( $s15, 654183, 20 ); |
|
| 2375 | + $s6 -= self::mul( $s15, 997805, 20 ); |
|
| 2376 | + $s7 += self::mul( $s15, 136657, 18 ); |
|
| 2377 | + $s8 -= self::mul( $s15, 683901, 20 ); |
|
| 2378 | + |
|
| 2379 | + $s2 += self::mul( $s14, 666643, 20 ); |
|
| 2380 | + $s3 += self::mul( $s14, 470296, 19 ); |
|
| 2381 | + $s4 += self::mul( $s14, 654183, 20 ); |
|
| 2382 | + $s5 -= self::mul( $s14, 997805, 20 ); |
|
| 2383 | + $s6 += self::mul( $s14, 136657, 18 ); |
|
| 2384 | + $s7 -= self::mul( $s14, 683901, 20 ); |
|
| 2385 | + |
|
| 2386 | + $s1 += self::mul( $s13, 666643, 20 ); |
|
| 2387 | + $s2 += self::mul( $s13, 470296, 19 ); |
|
| 2388 | + $s3 += self::mul( $s13, 654183, 20 ); |
|
| 2389 | + $s4 -= self::mul( $s13, 997805, 20 ); |
|
| 2390 | + $s5 += self::mul( $s13, 136657, 18 ); |
|
| 2391 | + $s6 -= self::mul( $s13, 683901, 20 ); |
|
| 2392 | + |
|
| 2393 | + $s0 += self::mul( $s12, 666643, 20 ); |
|
| 2394 | + $s1 += self::mul( $s12, 470296, 19 ); |
|
| 2395 | + $s2 += self::mul( $s12, 654183, 20 ); |
|
| 2396 | + $s3 -= self::mul( $s12, 997805, 20 ); |
|
| 2397 | + $s4 += self::mul( $s12, 136657, 18 ); |
|
| 2398 | + $s5 -= self::mul( $s12, 683901, 20 ); |
|
| 2399 | 2399 | $s12 = 0; |
| 2400 | 2400 | |
| 2401 | - $carry0 = ($s0 + (1 << 20)) >> 21; |
|
| 2401 | + $carry0 = ( $s0 + ( 1 << 20 ) ) >> 21; |
|
| 2402 | 2402 | $s1 += $carry0; |
| 2403 | 2403 | $s0 -= $carry0 << 21; |
| 2404 | - $carry2 = ($s2 + (1 << 20)) >> 21; |
|
| 2404 | + $carry2 = ( $s2 + ( 1 << 20 ) ) >> 21; |
|
| 2405 | 2405 | $s3 += $carry2; |
| 2406 | 2406 | $s2 -= $carry2 << 21; |
| 2407 | - $carry4 = ($s4 + (1 << 20)) >> 21; |
|
| 2407 | + $carry4 = ( $s4 + ( 1 << 20 ) ) >> 21; |
|
| 2408 | 2408 | $s5 += $carry4; |
| 2409 | 2409 | $s4 -= $carry4 << 21; |
| 2410 | - $carry6 = ($s6 + (1 << 20)) >> 21; |
|
| 2410 | + $carry6 = ( $s6 + ( 1 << 20 ) ) >> 21; |
|
| 2411 | 2411 | $s7 += $carry6; |
| 2412 | 2412 | $s6 -= $carry6 << 21; |
| 2413 | - $carry8 = ($s8 + (1 << 20)) >> 21; |
|
| 2413 | + $carry8 = ( $s8 + ( 1 << 20 ) ) >> 21; |
|
| 2414 | 2414 | $s9 += $carry8; |
| 2415 | 2415 | $s8 -= $carry8 << 21; |
| 2416 | - $carry10 = ($s10 + (1 << 20)) >> 21; |
|
| 2416 | + $carry10 = ( $s10 + ( 1 << 20 ) ) >> 21; |
|
| 2417 | 2417 | $s11 += $carry10; |
| 2418 | 2418 | $s10 -= $carry10 << 21; |
| 2419 | 2419 | |
| 2420 | - $carry1 = ($s1 + (1 << 20)) >> 21; |
|
| 2420 | + $carry1 = ( $s1 + ( 1 << 20 ) ) >> 21; |
|
| 2421 | 2421 | $s2 += $carry1; |
| 2422 | 2422 | $s1 -= $carry1 << 21; |
| 2423 | - $carry3 = ($s3 + (1 << 20)) >> 21; |
|
| 2423 | + $carry3 = ( $s3 + ( 1 << 20 ) ) >> 21; |
|
| 2424 | 2424 | $s4 += $carry3; |
| 2425 | 2425 | $s3 -= $carry3 << 21; |
| 2426 | - $carry5 = ($s5 + (1 << 20)) >> 21; |
|
| 2426 | + $carry5 = ( $s5 + ( 1 << 20 ) ) >> 21; |
|
| 2427 | 2427 | $s6 += $carry5; |
| 2428 | 2428 | $s5 -= $carry5 << 21; |
| 2429 | - $carry7 = ($s7 + (1 << 20)) >> 21; |
|
| 2429 | + $carry7 = ( $s7 + ( 1 << 20 ) ) >> 21; |
|
| 2430 | 2430 | $s8 += $carry7; |
| 2431 | 2431 | $s7 -= $carry7 << 21; |
| 2432 | - $carry9 = ($s9 + (1 << 20)) >> 21; |
|
| 2432 | + $carry9 = ( $s9 + ( 1 << 20 ) ) >> 21; |
|
| 2433 | 2433 | $s10 += $carry9; |
| 2434 | 2434 | $s9 -= $carry9 << 21; |
| 2435 | - $carry11 = ($s11 + (1 << 20)) >> 21; |
|
| 2435 | + $carry11 = ( $s11 + ( 1 << 20 ) ) >> 21; |
|
| 2436 | 2436 | $s12 += $carry11; |
| 2437 | 2437 | $s11 -= $carry11 << 21; |
| 2438 | 2438 | |
| 2439 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2440 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2441 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2442 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2443 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2444 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2439 | + $s0 += self::mul( $s12, 666643, 20 ); |
|
| 2440 | + $s1 += self::mul( $s12, 470296, 19 ); |
|
| 2441 | + $s2 += self::mul( $s12, 654183, 20 ); |
|
| 2442 | + $s3 -= self::mul( $s12, 997805, 20 ); |
|
| 2443 | + $s4 += self::mul( $s12, 136657, 18 ); |
|
| 2444 | + $s5 -= self::mul( $s12, 683901, 20 ); |
|
| 2445 | 2445 | $s12 = 0; |
| 2446 | 2446 | |
| 2447 | 2447 | $carry0 = $s0 >> 21; |
@@ -2481,12 +2481,12 @@ discard block |
||
| 2481 | 2481 | $s12 += $carry11; |
| 2482 | 2482 | $s11 -= $carry11 << 21; |
| 2483 | 2483 | |
| 2484 | - $s0 += self::mul($s12, 666643, 20); |
|
| 2485 | - $s1 += self::mul($s12, 470296, 19); |
|
| 2486 | - $s2 += self::mul($s12, 654183, 20); |
|
| 2487 | - $s3 -= self::mul($s12, 997805, 20); |
|
| 2488 | - $s4 += self::mul($s12, 136657, 18); |
|
| 2489 | - $s5 -= self::mul($s12, 683901, 20); |
|
| 2484 | + $s0 += self::mul( $s12, 666643, 20 ); |
|
| 2485 | + $s1 += self::mul( $s12, 470296, 19 ); |
|
| 2486 | + $s2 += self::mul( $s12, 654183, 20 ); |
|
| 2487 | + $s3 -= self::mul( $s12, 997805, 20 ); |
|
| 2488 | + $s4 += self::mul( $s12, 136657, 18 ); |
|
| 2489 | + $s5 -= self::mul( $s12, 683901, 20 ); |
|
| 2490 | 2490 | |
| 2491 | 2491 | $carry0 = $s0 >> 21; |
| 2492 | 2492 | $s1 += $carry0; |
@@ -2526,39 +2526,39 @@ discard block |
||
| 2526 | 2526 | * @var array<int, int> |
| 2527 | 2527 | */ |
| 2528 | 2528 | $arr = array( |
| 2529 | - (int) ($s0 >> 0), |
|
| 2530 | - (int) ($s0 >> 8), |
|
| 2531 | - (int) (($s0 >> 16) | $s1 << 5), |
|
| 2532 | - (int) ($s1 >> 3), |
|
| 2533 | - (int) ($s1 >> 11), |
|
| 2534 | - (int) (($s1 >> 19) | $s2 << 2), |
|
| 2535 | - (int) ($s2 >> 6), |
|
| 2536 | - (int) (($s2 >> 14) | $s3 << 7), |
|
| 2537 | - (int) ($s3 >> 1), |
|
| 2538 | - (int) ($s3 >> 9), |
|
| 2539 | - (int) (($s3 >> 17) | $s4 << 4), |
|
| 2540 | - (int) ($s4 >> 4), |
|
| 2541 | - (int) ($s4 >> 12), |
|
| 2542 | - (int) (($s4 >> 20) | $s5 << 1), |
|
| 2543 | - (int) ($s5 >> 7), |
|
| 2544 | - (int) (($s5 >> 15) | $s6 << 6), |
|
| 2545 | - (int) ($s6 >> 2), |
|
| 2546 | - (int) ($s6 >> 10), |
|
| 2547 | - (int) (($s6 >> 18) | $s7 << 3), |
|
| 2548 | - (int) ($s7 >> 5), |
|
| 2549 | - (int) ($s7 >> 13), |
|
| 2550 | - (int) ($s8 >> 0), |
|
| 2551 | - (int) ($s8 >> 8), |
|
| 2552 | - (int) (($s8 >> 16) | $s9 << 5), |
|
| 2553 | - (int) ($s9 >> 3), |
|
| 2554 | - (int) ($s9 >> 11), |
|
| 2555 | - (int) (($s9 >> 19) | $s10 << 2), |
|
| 2556 | - (int) ($s10 >> 6), |
|
| 2557 | - (int) (($s10 >> 14) | $s11 << 7), |
|
| 2558 | - (int) ($s11 >> 1), |
|
| 2559 | - (int) ($s11 >> 9), |
|
| 2529 | + (int) ( $s0 >> 0 ), |
|
| 2530 | + (int) ( $s0 >> 8 ), |
|
| 2531 | + (int) ( ( $s0 >> 16 ) | $s1 << 5 ), |
|
| 2532 | + (int) ( $s1 >> 3 ), |
|
| 2533 | + (int) ( $s1 >> 11 ), |
|
| 2534 | + (int) ( ( $s1 >> 19 ) | $s2 << 2 ), |
|
| 2535 | + (int) ( $s2 >> 6 ), |
|
| 2536 | + (int) ( ( $s2 >> 14 ) | $s3 << 7 ), |
|
| 2537 | + (int) ( $s3 >> 1 ), |
|
| 2538 | + (int) ( $s3 >> 9 ), |
|
| 2539 | + (int) ( ( $s3 >> 17 ) | $s4 << 4 ), |
|
| 2540 | + (int) ( $s4 >> 4 ), |
|
| 2541 | + (int) ( $s4 >> 12 ), |
|
| 2542 | + (int) ( ( $s4 >> 20 ) | $s5 << 1 ), |
|
| 2543 | + (int) ( $s5 >> 7 ), |
|
| 2544 | + (int) ( ( $s5 >> 15 ) | $s6 << 6 ), |
|
| 2545 | + (int) ( $s6 >> 2 ), |
|
| 2546 | + (int) ( $s6 >> 10 ), |
|
| 2547 | + (int) ( ( $s6 >> 18 ) | $s7 << 3 ), |
|
| 2548 | + (int) ( $s7 >> 5 ), |
|
| 2549 | + (int) ( $s7 >> 13 ), |
|
| 2550 | + (int) ( $s8 >> 0 ), |
|
| 2551 | + (int) ( $s8 >> 8 ), |
|
| 2552 | + (int) ( ( $s8 >> 16 ) | $s9 << 5 ), |
|
| 2553 | + (int) ( $s9 >> 3 ), |
|
| 2554 | + (int) ( $s9 >> 11 ), |
|
| 2555 | + (int) ( ( $s9 >> 19 ) | $s10 << 2 ), |
|
| 2556 | + (int) ( $s10 >> 6 ), |
|
| 2557 | + (int) ( ( $s10 >> 14 ) | $s11 << 7 ), |
|
| 2558 | + (int) ( $s11 >> 1 ), |
|
| 2559 | + (int) ( $s11 >> 9 ), |
|
| 2560 | 2560 | (int) $s11 >> 17 |
| 2561 | 2561 | ); |
| 2562 | - return self::intArrayToString($arr); |
|
| 2562 | + return self::intArrayToString( $arr ); |
|
| 2563 | 2563 | } |
| 2564 | 2564 | } |
@@ -13,8 +13,7 @@ discard block |
||
| 13 | 13 | * |
| 14 | 14 | * @ref https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c |
| 15 | 15 | */ |
| 16 | -abstract class ParagonIE_Sodium_Core_Curve25519 extends ParagonIE_Sodium_Core_Curve25519_H |
|
| 17 | -{ |
|
| 16 | +abstract class ParagonIE_Sodium_Core_Curve25519 extends ParagonIE_Sodium_Core_Curve25519_H { |
|
| 18 | 17 | /** |
| 19 | 18 | * Get a field element of size 10 with a value of 0 |
| 20 | 19 | * |
@@ -22,8 +21,7 @@ discard block |
||
| 22 | 21 | * |
| 23 | 22 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 24 | 23 | */ |
| 25 | - public static function fe_0() |
|
| 26 | - { |
|
| 24 | + public static function fe_0() { |
|
| 27 | 25 | return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
| 28 | 26 | array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
| 29 | 27 | ); |
@@ -36,8 +34,7 @@ discard block |
||
| 36 | 34 | * |
| 37 | 35 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 38 | 36 | */ |
| 39 | - public static function fe_1() |
|
| 40 | - { |
|
| 37 | + public static function fe_1() { |
|
| 41 | 38 | return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
| 42 | 39 | array(1, 0, 0, 0, 0, 0, 0, 0, 0, 0) |
| 43 | 40 | ); |
@@ -95,8 +92,7 @@ discard block |
||
| 95 | 92 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 96 | 93 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 97 | 94 | */ |
| 98 | - public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 99 | - { |
|
| 95 | + public static function fe_copy(ParagonIE_Sodium_Core_Curve25519_Fe $f) { |
|
| 100 | 96 | $h = clone $f; |
| 101 | 97 | return $h; |
| 102 | 98 | } |
@@ -111,8 +107,7 @@ discard block |
||
| 111 | 107 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 112 | 108 | * @throws RangeException |
| 113 | 109 | */ |
| 114 | - public static function fe_frombytes($s) |
|
| 115 | - { |
|
| 110 | + public static function fe_frombytes($s) { |
|
| 116 | 111 | if (self::strlen($s) !== 32) { |
| 117 | 112 | throw new RangeException('Expected a 32-byte string.'); |
| 118 | 113 | } |
@@ -183,8 +178,7 @@ discard block |
||
| 183 | 178 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $h |
| 184 | 179 | * @return string |
| 185 | 180 | */ |
| 186 | - public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) |
|
| 187 | - { |
|
| 181 | + public static function fe_tobytes(ParagonIE_Sodium_Core_Curve25519_Fe $h) { |
|
| 188 | 182 | $h[0] = (int) $h[0]; |
| 189 | 183 | $h[1] = (int) $h[1]; |
| 190 | 184 | $h[2] = (int) $h[2]; |
@@ -288,8 +282,7 @@ discard block |
||
| 288 | 282 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 289 | 283 | * @return int |
| 290 | 284 | */ |
| 291 | - public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 292 | - { |
|
| 285 | + public static function fe_isnegative(ParagonIE_Sodium_Core_Curve25519_Fe $f) { |
|
| 293 | 286 | $str = self::fe_tobytes($f); |
| 294 | 287 | return self::chrToInt($str[0]) & 1; |
| 295 | 288 | } |
@@ -302,8 +295,7 @@ discard block |
||
| 302 | 295 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 303 | 296 | * @return bool |
| 304 | 297 | */ |
| 305 | - public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 306 | - { |
|
| 298 | + public static function fe_isnonzero(ParagonIE_Sodium_Core_Curve25519_Fe $f) { |
|
| 307 | 299 | static $zero; |
| 308 | 300 | if ($zero === null) { |
| 309 | 301 | $zero = str_repeat("\x00", 32); |
@@ -544,8 +536,7 @@ discard block |
||
| 544 | 536 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 545 | 537 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 546 | 538 | */ |
| 547 | - public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 548 | - { |
|
| 539 | + public static function fe_neg(ParagonIE_Sodium_Core_Curve25519_Fe $f) { |
|
| 549 | 540 | $h = new ParagonIE_Sodium_Core_Curve25519_Fe(); |
| 550 | 541 | for ($i = 0; $i < 10; ++$i) { |
| 551 | 542 | $h[$i] = -$f[$i]; |
@@ -563,8 +554,7 @@ discard block |
||
| 563 | 554 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 564 | 555 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 565 | 556 | */ |
| 566 | - public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 567 | - { |
|
| 557 | + public static function fe_sq(ParagonIE_Sodium_Core_Curve25519_Fe $f) { |
|
| 568 | 558 | $f0 = (int) $f[0]; |
| 569 | 559 | $f1 = (int) $f[1]; |
| 570 | 560 | $f2 = (int) $f[2]; |
@@ -725,8 +715,7 @@ discard block |
||
| 725 | 715 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $f |
| 726 | 716 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 727 | 717 | */ |
| 728 | - public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) |
|
| 729 | - { |
|
| 718 | + public static function fe_sq2(ParagonIE_Sodium_Core_Curve25519_Fe $f) { |
|
| 730 | 719 | $f0 = (int) $f[0]; |
| 731 | 720 | $f1 = (int) $f[1]; |
| 732 | 721 | $f2 = (int) $f[2]; |
@@ -894,8 +883,7 @@ discard block |
||
| 894 | 883 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $Z |
| 895 | 884 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 896 | 885 | */ |
| 897 | - public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) |
|
| 898 | - { |
|
| 886 | + public static function fe_invert(ParagonIE_Sodium_Core_Curve25519_Fe $Z) { |
|
| 899 | 887 | $z = clone $Z; |
| 900 | 888 | $t0 = self::fe_sq($z); |
| 901 | 889 | $t1 = self::fe_sq($t0); |
@@ -954,8 +942,7 @@ discard block |
||
| 954 | 942 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $z |
| 955 | 943 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 956 | 944 | */ |
| 957 | - public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) |
|
| 958 | - { |
|
| 945 | + public static function fe_pow22523(ParagonIE_Sodium_Core_Curve25519_Fe $z) { |
|
| 959 | 946 | # fe_sq(t0, z); |
| 960 | 947 | # fe_sq(t1, t0); |
| 961 | 948 | # fe_sq(t1, t1); |
@@ -1080,8 +1067,7 @@ discard block |
||
| 1080 | 1067 | * @param ParagonIE_Sodium_Core_Curve25519_Fe $g |
| 1081 | 1068 | * @return ParagonIE_Sodium_Core_Curve25519_Fe |
| 1082 | 1069 | */ |
| 1083 | - public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) |
|
| 1084 | - { |
|
| 1070 | + public static function fe_sub(ParagonIE_Sodium_Core_Curve25519_Fe $f, ParagonIE_Sodium_Core_Curve25519_Fe $g) { |
|
| 1085 | 1071 | return ParagonIE_Sodium_Core_Curve25519_Fe::fromArray( |
| 1086 | 1072 | array( |
| 1087 | 1073 | (int) ($f[0] - $g[0]), |
@@ -1135,8 +1121,7 @@ discard block |
||
| 1135 | 1121 | * @param string $a |
| 1136 | 1122 | * @return array<int, mixed> |
| 1137 | 1123 | */ |
| 1138 | - public static function slide($a) |
|
| 1139 | - { |
|
| 1124 | + public static function slide($a) { |
|
| 1140 | 1125 | if (self::strlen($a) < 256) { |
| 1141 | 1126 | if (self::strlen($a) < 16) { |
| 1142 | 1127 | $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
@@ -1183,8 +1168,7 @@ discard block |
||
| 1183 | 1168 | * @param string $s |
| 1184 | 1169 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1185 | 1170 | */ |
| 1186 | - public static function ge_frombytes_negate_vartime($s) |
|
| 1187 | - { |
|
| 1171 | + public static function ge_frombytes_negate_vartime($s) { |
|
| 1188 | 1172 | static $d = null; |
| 1189 | 1173 | if (!$d) { |
| 1190 | 1174 | $d = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d); |
@@ -1326,8 +1310,7 @@ discard block |
||
| 1326 | 1310 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
| 1327 | 1311 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
| 1328 | 1312 | */ |
| 1329 | - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1330 | - { |
|
| 1313 | + public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) { |
|
| 1331 | 1314 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P2(); |
| 1332 | 1315 | $r->X = self::fe_mul($p->X, $p->T); |
| 1333 | 1316 | $r->Y = self::fe_mul($p->Y, $p->Z); |
@@ -1341,8 +1324,7 @@ discard block |
||
| 1341 | 1324 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p |
| 1342 | 1325 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1343 | 1326 | */ |
| 1344 | - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) |
|
| 1345 | - { |
|
| 1327 | + public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 $p) { |
|
| 1346 | 1328 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P3(); |
| 1347 | 1329 | $r->X = self::fe_mul($p->X, $p->T); |
| 1348 | 1330 | $r->Y = self::fe_mul($p->Y, $p->Z); |
@@ -1356,8 +1338,7 @@ discard block |
||
| 1356 | 1338 | * |
| 1357 | 1339 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
| 1358 | 1340 | */ |
| 1359 | - public static function ge_p2_0() |
|
| 1360 | - { |
|
| 1341 | + public static function ge_p2_0() { |
|
| 1361 | 1342 | return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
| 1362 | 1343 | self::fe_0(), |
| 1363 | 1344 | self::fe_1(), |
@@ -1371,8 +1352,7 @@ discard block |
||
| 1371 | 1352 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p |
| 1372 | 1353 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
| 1373 | 1354 | */ |
| 1374 | - public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) |
|
| 1375 | - { |
|
| 1355 | + public static function ge_p2_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $p) { |
|
| 1376 | 1356 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
| 1377 | 1357 | |
| 1378 | 1358 | $r->X = self::fe_sq($p->X); |
@@ -1393,8 +1373,7 @@ discard block |
||
| 1393 | 1373 | * |
| 1394 | 1374 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1395 | 1375 | */ |
| 1396 | - public static function ge_p3_0() |
|
| 1397 | - { |
|
| 1376 | + public static function ge_p3_0() { |
|
| 1398 | 1377 | return new ParagonIE_Sodium_Core_Curve25519_Ge_P3( |
| 1399 | 1378 | self::fe_0(), |
| 1400 | 1379 | self::fe_1(), |
@@ -1409,8 +1388,7 @@ discard block |
||
| 1409 | 1388 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
| 1410 | 1389 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_Cached |
| 1411 | 1390 | */ |
| 1412 | - public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1413 | - { |
|
| 1391 | + public static function ge_p3_to_cached(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) { |
|
| 1414 | 1392 | static $d2 = null; |
| 1415 | 1393 | if ($d2 === null) { |
| 1416 | 1394 | $d2 = ParagonIE_Sodium_Core_Curve25519_Fe::fromArray(self::$d2); |
@@ -1429,8 +1407,7 @@ discard block |
||
| 1429 | 1407 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
| 1430 | 1408 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P2 |
| 1431 | 1409 | */ |
| 1432 | - public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1433 | - { |
|
| 1410 | + public static function ge_p3_to_p2(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) { |
|
| 1434 | 1411 | return new ParagonIE_Sodium_Core_Curve25519_Ge_P2( |
| 1435 | 1412 | $p->X, |
| 1436 | 1413 | $p->Y, |
@@ -1444,8 +1421,7 @@ discard block |
||
| 1444 | 1421 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h |
| 1445 | 1422 | * @return string |
| 1446 | 1423 | */ |
| 1447 | - public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) |
|
| 1448 | - { |
|
| 1424 | + public static function ge_p3_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $h) { |
|
| 1449 | 1425 | $recip = self::fe_invert($h->Z); |
| 1450 | 1426 | $x = self::fe_mul($h->X, $recip); |
| 1451 | 1427 | $y = self::fe_mul($h->Y, $recip); |
@@ -1462,8 +1438,7 @@ discard block |
||
| 1462 | 1438 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p |
| 1463 | 1439 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P1p1 |
| 1464 | 1440 | */ |
| 1465 | - public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) |
|
| 1466 | - { |
|
| 1441 | + public static function ge_p3_dbl(ParagonIE_Sodium_Core_Curve25519_Ge_P3 $p) { |
|
| 1467 | 1442 | $q = self::ge_p3_to_p2($p); |
| 1468 | 1443 | return self::ge_p2_dbl($q); |
| 1469 | 1444 | } |
@@ -1471,8 +1446,7 @@ discard block |
||
| 1471 | 1446 | /** |
| 1472 | 1447 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
| 1473 | 1448 | */ |
| 1474 | - public static function ge_precomp_0() |
|
| 1475 | - { |
|
| 1449 | + public static function ge_precomp_0() { |
|
| 1476 | 1450 | return new ParagonIE_Sodium_Core_Curve25519_Ge_Precomp( |
| 1477 | 1451 | self::fe_1(), |
| 1478 | 1452 | self::fe_1(), |
@@ -1487,8 +1461,7 @@ discard block |
||
| 1487 | 1461 | * @param int $c |
| 1488 | 1462 | * @return int |
| 1489 | 1463 | */ |
| 1490 | - public static function equal($b, $c) |
|
| 1491 | - { |
|
| 1464 | + public static function equal($b, $c) { |
|
| 1492 | 1465 | return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
| 1493 | 1466 | } |
| 1494 | 1467 | |
@@ -1498,8 +1471,7 @@ discard block |
||
| 1498 | 1471 | * @param int $char |
| 1499 | 1472 | * @return int (1 = yes, 0 = no) |
| 1500 | 1473 | */ |
| 1501 | - public static function negative($char) |
|
| 1502 | - { |
|
| 1474 | + public static function negative($char) { |
|
| 1503 | 1475 | if (is_int($char)) { |
| 1504 | 1476 | return $char < 0 ? 1 : 0; |
| 1505 | 1477 | } |
@@ -1542,8 +1514,7 @@ discard block |
||
| 1542 | 1514 | * @param int $b |
| 1543 | 1515 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_Precomp |
| 1544 | 1516 | */ |
| 1545 | - public static function ge_select($pos = 0, $b = 0) |
|
| 1546 | - { |
|
| 1517 | + public static function ge_select($pos = 0, $b = 0) { |
|
| 1547 | 1518 | static $base = null; |
| 1548 | 1519 | if ($base === null) { |
| 1549 | 1520 | $base = array(); |
@@ -1621,8 +1592,7 @@ discard block |
||
| 1621 | 1592 | * @param ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h |
| 1622 | 1593 | * @return string |
| 1623 | 1594 | */ |
| 1624 | - public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) |
|
| 1625 | - { |
|
| 1595 | + public static function ge_tobytes(ParagonIE_Sodium_Core_Curve25519_Ge_P2 $h) { |
|
| 1626 | 1596 | $recip = self::fe_invert($h->Z); |
| 1627 | 1597 | $x = self::fe_mul($h->X, $recip); |
| 1628 | 1598 | $y = self::fe_mul($h->Y, $recip); |
@@ -1768,8 +1738,7 @@ discard block |
||
| 1768 | 1738 | * @param string $a |
| 1769 | 1739 | * @return ParagonIE_Sodium_Core_Curve25519_Ge_P3 |
| 1770 | 1740 | */ |
| 1771 | - public static function ge_scalarmult_base($a) |
|
| 1772 | - { |
|
| 1741 | + public static function ge_scalarmult_base($a) { |
|
| 1773 | 1742 | $e = array(); |
| 1774 | 1743 | $r = new ParagonIE_Sodium_Core_Curve25519_Ge_P1p1(); |
| 1775 | 1744 | |
@@ -1825,8 +1794,7 @@ discard block |
||
| 1825 | 1794 | * @param string $c |
| 1826 | 1795 | * @return string |
| 1827 | 1796 | */ |
| 1828 | - public static function sc_muladd($a, $b, $c) |
|
| 1829 | - { |
|
| 1797 | + public static function sc_muladd($a, $b, $c) { |
|
| 1830 | 1798 | $a0 = 2097151 & self::load_3(self::substr($a, 0, 3)); |
| 1831 | 1799 | $a1 = 2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5); |
| 1832 | 1800 | $a2 = 2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2); |
@@ -2251,8 +2219,7 @@ discard block |
||
| 2251 | 2219 | * @param string $s |
| 2252 | 2220 | * @return string |
| 2253 | 2221 | */ |
| 2254 | - public static function sc_reduce($s) |
|
| 2255 | - { |
|
| 2222 | + public static function sc_reduce($s) { |
|
| 2256 | 2223 | $s0 = 2097151 & self::load_3(self::substr($s, 0, 3)); |
| 2257 | 2224 | $s1 = 2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5); |
| 2258 | 2225 | $s2 = 2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2); |
@@ -117,7 +117,7 @@ |
||
| 117 | 117 | /** |
| 118 | 118 | * @internal You should not use this directly from another application |
| 119 | 119 | * |
| 120 | - * @return array |
|
| 120 | + * @return string[] |
|
| 121 | 121 | */ |
| 122 | 122 | public function __debugInfo() |
| 123 | 123 | { |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core_Curve25519_Fe', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -11,116 +11,116 @@ discard block |
||
| 11 | 11 | */ |
| 12 | 12 | class ParagonIE_Sodium_Core_Curve25519_Fe implements ArrayAccess |
| 13 | 13 | { |
| 14 | - /** |
|
| 15 | - * @var array |
|
| 16 | - */ |
|
| 17 | - protected $container = array(); |
|
| 14 | + /** |
|
| 15 | + * @var array |
|
| 16 | + */ |
|
| 17 | + protected $container = array(); |
|
| 18 | 18 | |
| 19 | - /** |
|
| 20 | - * @var int |
|
| 21 | - */ |
|
| 22 | - protected $size = 10; |
|
| 19 | + /** |
|
| 20 | + * @var int |
|
| 21 | + */ |
|
| 22 | + protected $size = 10; |
|
| 23 | 23 | |
| 24 | - /** |
|
| 25 | - * ParagonIE_Sodium_Core_Curve25519_Fe constructor. |
|
| 26 | - * @param int $size |
|
| 27 | - */ |
|
| 28 | - public function __construct($size = 10) |
|
| 29 | - { |
|
| 30 | - $this->size = 10; |
|
| 31 | - } |
|
| 24 | + /** |
|
| 25 | + * ParagonIE_Sodium_Core_Curve25519_Fe constructor. |
|
| 26 | + * @param int $size |
|
| 27 | + */ |
|
| 28 | + public function __construct($size = 10) |
|
| 29 | + { |
|
| 30 | + $this->size = 10; |
|
| 31 | + } |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * @internal You should not use this directly from another application |
|
| 35 | - * |
|
| 36 | - * @param array $array |
|
| 37 | - * @param bool $save_indexes |
|
| 38 | - * @return self |
|
| 39 | - */ |
|
| 40 | - public static function fromArray($array, $save_indexes = null) |
|
| 41 | - { |
|
| 42 | - $count = count($array); |
|
| 43 | - if ($save_indexes) { |
|
| 44 | - $keys = array_keys($array); |
|
| 45 | - } else { |
|
| 46 | - $keys = range(0, $count - 1); |
|
| 47 | - } |
|
| 48 | - $array = array_values($array); |
|
| 33 | + /** |
|
| 34 | + * @internal You should not use this directly from another application |
|
| 35 | + * |
|
| 36 | + * @param array $array |
|
| 37 | + * @param bool $save_indexes |
|
| 38 | + * @return self |
|
| 39 | + */ |
|
| 40 | + public static function fromArray($array, $save_indexes = null) |
|
| 41 | + { |
|
| 42 | + $count = count($array); |
|
| 43 | + if ($save_indexes) { |
|
| 44 | + $keys = array_keys($array); |
|
| 45 | + } else { |
|
| 46 | + $keys = range(0, $count - 1); |
|
| 47 | + } |
|
| 48 | + $array = array_values($array); |
|
| 49 | 49 | |
| 50 | - $obj = new ParagonIE_Sodium_Core_Curve25519_Fe($count); |
|
| 51 | - if ($save_indexes) { |
|
| 52 | - for ($i = 0; $i < $count; ++$i) { |
|
| 53 | - $obj->offsetSet($keys[$i], $array[$i]); |
|
| 54 | - } |
|
| 55 | - } else { |
|
| 56 | - for ($i = 0; $i < $count; ++$i) { |
|
| 57 | - $obj->offsetSet($i, $array[$i]); |
|
| 58 | - } |
|
| 59 | - } |
|
| 60 | - return $obj; |
|
| 61 | - } |
|
| 50 | + $obj = new ParagonIE_Sodium_Core_Curve25519_Fe($count); |
|
| 51 | + if ($save_indexes) { |
|
| 52 | + for ($i = 0; $i < $count; ++$i) { |
|
| 53 | + $obj->offsetSet($keys[$i], $array[$i]); |
|
| 54 | + } |
|
| 55 | + } else { |
|
| 56 | + for ($i = 0; $i < $count; ++$i) { |
|
| 57 | + $obj->offsetSet($i, $array[$i]); |
|
| 58 | + } |
|
| 59 | + } |
|
| 60 | + return $obj; |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - /** |
|
| 64 | - * @internal You should not use this directly from another application |
|
| 65 | - * |
|
| 66 | - * @param mixed $offset |
|
| 67 | - * @param mixed $value |
|
| 68 | - * @return void |
|
| 69 | - */ |
|
| 70 | - public function offsetSet($offset, $value) |
|
| 71 | - { |
|
| 72 | - if (!is_int($value)) { |
|
| 73 | - throw new InvalidArgumentException('Expected an integer'); |
|
| 74 | - } |
|
| 75 | - if (is_null($offset)) { |
|
| 76 | - $this->container[] = $value; |
|
| 77 | - } else { |
|
| 78 | - $this->container[$offset] = $value; |
|
| 79 | - } |
|
| 80 | - } |
|
| 63 | + /** |
|
| 64 | + * @internal You should not use this directly from another application |
|
| 65 | + * |
|
| 66 | + * @param mixed $offset |
|
| 67 | + * @param mixed $value |
|
| 68 | + * @return void |
|
| 69 | + */ |
|
| 70 | + public function offsetSet($offset, $value) |
|
| 71 | + { |
|
| 72 | + if (!is_int($value)) { |
|
| 73 | + throw new InvalidArgumentException('Expected an integer'); |
|
| 74 | + } |
|
| 75 | + if (is_null($offset)) { |
|
| 76 | + $this->container[] = $value; |
|
| 77 | + } else { |
|
| 78 | + $this->container[$offset] = $value; |
|
| 79 | + } |
|
| 80 | + } |
|
| 81 | 81 | |
| 82 | - /** |
|
| 83 | - * @internal You should not use this directly from another application |
|
| 84 | - * |
|
| 85 | - * @param mixed $offset |
|
| 86 | - * @return bool |
|
| 87 | - */ |
|
| 88 | - public function offsetExists($offset) |
|
| 89 | - { |
|
| 90 | - return isset($this->container[$offset]); |
|
| 91 | - } |
|
| 82 | + /** |
|
| 83 | + * @internal You should not use this directly from another application |
|
| 84 | + * |
|
| 85 | + * @param mixed $offset |
|
| 86 | + * @return bool |
|
| 87 | + */ |
|
| 88 | + public function offsetExists($offset) |
|
| 89 | + { |
|
| 90 | + return isset($this->container[$offset]); |
|
| 91 | + } |
|
| 92 | 92 | |
| 93 | - /** |
|
| 94 | - * @internal You should not use this directly from another application |
|
| 95 | - * |
|
| 96 | - * @param mixed $offset |
|
| 97 | - * @return void |
|
| 98 | - */ |
|
| 99 | - public function offsetUnset($offset) |
|
| 100 | - { |
|
| 101 | - unset($this->container[$offset]); |
|
| 102 | - } |
|
| 93 | + /** |
|
| 94 | + * @internal You should not use this directly from another application |
|
| 95 | + * |
|
| 96 | + * @param mixed $offset |
|
| 97 | + * @return void |
|
| 98 | + */ |
|
| 99 | + public function offsetUnset($offset) |
|
| 100 | + { |
|
| 101 | + unset($this->container[$offset]); |
|
| 102 | + } |
|
| 103 | 103 | |
| 104 | - /** |
|
| 105 | - * @internal You should not use this directly from another application |
|
| 106 | - * |
|
| 107 | - * @param mixed $offset |
|
| 108 | - * @return mixed|null |
|
| 109 | - */ |
|
| 110 | - public function offsetGet($offset) |
|
| 111 | - { |
|
| 112 | - return isset($this->container[$offset]) |
|
| 113 | - ? $this->container[$offset] |
|
| 114 | - : null; |
|
| 115 | - } |
|
| 104 | + /** |
|
| 105 | + * @internal You should not use this directly from another application |
|
| 106 | + * |
|
| 107 | + * @param mixed $offset |
|
| 108 | + * @return mixed|null |
|
| 109 | + */ |
|
| 110 | + public function offsetGet($offset) |
|
| 111 | + { |
|
| 112 | + return isset($this->container[$offset]) |
|
| 113 | + ? $this->container[$offset] |
|
| 114 | + : null; |
|
| 115 | + } |
|
| 116 | 116 | |
| 117 | - /** |
|
| 118 | - * @internal You should not use this directly from another application |
|
| 119 | - * |
|
| 120 | - * @return array |
|
| 121 | - */ |
|
| 122 | - public function __debugInfo() |
|
| 123 | - { |
|
| 124 | - return array(implode(', ', $this->container)); |
|
| 125 | - } |
|
| 117 | + /** |
|
| 118 | + * @internal You should not use this directly from another application |
|
| 119 | + * |
|
| 120 | + * @return array |
|
| 121 | + */ |
|
| 122 | + public function __debugInfo() |
|
| 123 | + { |
|
| 124 | + return array(implode(', ', $this->container)); |
|
| 125 | + } |
|
| 126 | 126 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core_Curve25519_Fe', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core_Curve25519_Fe', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | * ParagonIE_Sodium_Core_Curve25519_Fe constructor. |
| 26 | 26 | * @param int $size |
| 27 | 27 | */ |
| 28 | - public function __construct($size = 10) |
|
| 28 | + public function __construct( $size = 10 ) |
|
| 29 | 29 | { |
| 30 | 30 | $this->size = 10; |
| 31 | 31 | } |
@@ -37,24 +37,24 @@ discard block |
||
| 37 | 37 | * @param bool $save_indexes |
| 38 | 38 | * @return self |
| 39 | 39 | */ |
| 40 | - public static function fromArray($array, $save_indexes = null) |
|
| 40 | + public static function fromArray( $array, $save_indexes = null ) |
|
| 41 | 41 | { |
| 42 | - $count = count($array); |
|
| 43 | - if ($save_indexes) { |
|
| 44 | - $keys = array_keys($array); |
|
| 42 | + $count = count( $array ); |
|
| 43 | + if ( $save_indexes ) { |
|
| 44 | + $keys = array_keys( $array ); |
|
| 45 | 45 | } else { |
| 46 | - $keys = range(0, $count - 1); |
|
| 46 | + $keys = range( 0, $count - 1 ); |
|
| 47 | 47 | } |
| 48 | - $array = array_values($array); |
|
| 48 | + $array = array_values( $array ); |
|
| 49 | 49 | |
| 50 | - $obj = new ParagonIE_Sodium_Core_Curve25519_Fe($count); |
|
| 51 | - if ($save_indexes) { |
|
| 52 | - for ($i = 0; $i < $count; ++$i) { |
|
| 53 | - $obj->offsetSet($keys[$i], $array[$i]); |
|
| 50 | + $obj = new ParagonIE_Sodium_Core_Curve25519_Fe( $count ); |
|
| 51 | + if ( $save_indexes ) { |
|
| 52 | + for ( $i = 0; $i < $count; ++$i ) { |
|
| 53 | + $obj->offsetSet( $keys[$i], $array[$i] ); |
|
| 54 | 54 | } |
| 55 | 55 | } else { |
| 56 | - for ($i = 0; $i < $count; ++$i) { |
|
| 57 | - $obj->offsetSet($i, $array[$i]); |
|
| 56 | + for ( $i = 0; $i < $count; ++$i ) { |
|
| 57 | + $obj->offsetSet( $i, $array[$i] ); |
|
| 58 | 58 | } |
| 59 | 59 | } |
| 60 | 60 | return $obj; |
@@ -67,12 +67,12 @@ discard block |
||
| 67 | 67 | * @param mixed $value |
| 68 | 68 | * @return void |
| 69 | 69 | */ |
| 70 | - public function offsetSet($offset, $value) |
|
| 70 | + public function offsetSet( $offset, $value ) |
|
| 71 | 71 | { |
| 72 | - if (!is_int($value)) { |
|
| 73 | - throw new InvalidArgumentException('Expected an integer'); |
|
| 72 | + if ( ! is_int( $value ) ) { |
|
| 73 | + throw new InvalidArgumentException( 'Expected an integer' ); |
|
| 74 | 74 | } |
| 75 | - if (is_null($offset)) { |
|
| 75 | + if ( is_null( $offset ) ) { |
|
| 76 | 76 | $this->container[] = $value; |
| 77 | 77 | } else { |
| 78 | 78 | $this->container[$offset] = $value; |
@@ -85,9 +85,9 @@ discard block |
||
| 85 | 85 | * @param mixed $offset |
| 86 | 86 | * @return bool |
| 87 | 87 | */ |
| 88 | - public function offsetExists($offset) |
|
| 88 | + public function offsetExists( $offset ) |
|
| 89 | 89 | { |
| 90 | - return isset($this->container[$offset]); |
|
| 90 | + return isset( $this->container[$offset] ); |
|
| 91 | 91 | } |
| 92 | 92 | |
| 93 | 93 | /** |
@@ -96,9 +96,9 @@ discard block |
||
| 96 | 96 | * @param mixed $offset |
| 97 | 97 | * @return void |
| 98 | 98 | */ |
| 99 | - public function offsetUnset($offset) |
|
| 99 | + public function offsetUnset( $offset ) |
|
| 100 | 100 | { |
| 101 | - unset($this->container[$offset]); |
|
| 101 | + unset( $this->container[$offset] ); |
|
| 102 | 102 | } |
| 103 | 103 | |
| 104 | 104 | /** |
@@ -107,9 +107,9 @@ discard block |
||
| 107 | 107 | * @param mixed $offset |
| 108 | 108 | * @return mixed|null |
| 109 | 109 | */ |
| 110 | - public function offsetGet($offset) |
|
| 110 | + public function offsetGet( $offset ) |
|
| 111 | 111 | { |
| 112 | - return isset($this->container[$offset]) |
|
| 112 | + return isset( $this->container[$offset] ) |
|
| 113 | 113 | ? $this->container[$offset] |
| 114 | 114 | : null; |
| 115 | 115 | } |
@@ -121,6 +121,6 @@ discard block |
||
| 121 | 121 | */ |
| 122 | 122 | public function __debugInfo() |
| 123 | 123 | { |
| 124 | - return array(implode(', ', $this->container)); |
|
| 124 | + return array( implode( ', ', $this->container ) ); |
|
| 125 | 125 | } |
| 126 | 126 | } |
@@ -9,8 +9,7 @@ discard block |
||
| 9 | 9 | * |
| 10 | 10 | * This represents a Field Element |
| 11 | 11 | */ |
| 12 | -class ParagonIE_Sodium_Core_Curve25519_Fe implements ArrayAccess |
|
| 13 | -{ |
|
| 12 | +class ParagonIE_Sodium_Core_Curve25519_Fe implements ArrayAccess { |
|
| 14 | 13 | /** |
| 15 | 14 | * @var array |
| 16 | 15 | */ |
@@ -25,8 +24,7 @@ discard block |
||
| 25 | 24 | * ParagonIE_Sodium_Core_Curve25519_Fe constructor. |
| 26 | 25 | * @param int $size |
| 27 | 26 | */ |
| 28 | - public function __construct($size = 10) |
|
| 29 | - { |
|
| 27 | + public function __construct($size = 10) { |
|
| 30 | 28 | $this->size = 10; |
| 31 | 29 | } |
| 32 | 30 | |
@@ -37,8 +35,7 @@ discard block |
||
| 37 | 35 | * @param bool $save_indexes |
| 38 | 36 | * @return self |
| 39 | 37 | */ |
| 40 | - public static function fromArray($array, $save_indexes = null) |
|
| 41 | - { |
|
| 38 | + public static function fromArray($array, $save_indexes = null) { |
|
| 42 | 39 | $count = count($array); |
| 43 | 40 | if ($save_indexes) { |
| 44 | 41 | $keys = array_keys($array); |
@@ -67,8 +64,7 @@ discard block |
||
| 67 | 64 | * @param mixed $value |
| 68 | 65 | * @return void |
| 69 | 66 | */ |
| 70 | - public function offsetSet($offset, $value) |
|
| 71 | - { |
|
| 67 | + public function offsetSet($offset, $value) { |
|
| 72 | 68 | if (!is_int($value)) { |
| 73 | 69 | throw new InvalidArgumentException('Expected an integer'); |
| 74 | 70 | } |
@@ -85,8 +81,7 @@ discard block |
||
| 85 | 81 | * @param mixed $offset |
| 86 | 82 | * @return bool |
| 87 | 83 | */ |
| 88 | - public function offsetExists($offset) |
|
| 89 | - { |
|
| 84 | + public function offsetExists($offset) { |
|
| 90 | 85 | return isset($this->container[$offset]); |
| 91 | 86 | } |
| 92 | 87 | |
@@ -96,8 +91,7 @@ discard block |
||
| 96 | 91 | * @param mixed $offset |
| 97 | 92 | * @return void |
| 98 | 93 | */ |
| 99 | - public function offsetUnset($offset) |
|
| 100 | - { |
|
| 94 | + public function offsetUnset($offset) { |
|
| 101 | 95 | unset($this->container[$offset]); |
| 102 | 96 | } |
| 103 | 97 | |
@@ -107,8 +101,7 @@ discard block |
||
| 107 | 101 | * @param mixed $offset |
| 108 | 102 | * @return mixed|null |
| 109 | 103 | */ |
| 110 | - public function offsetGet($offset) |
|
| 111 | - { |
|
| 104 | + public function offsetGet($offset) { |
|
| 112 | 105 | return isset($this->container[$offset]) |
| 113 | 106 | ? $this->container[$offset] |
| 114 | 107 | : null; |
@@ -119,8 +112,7 @@ discard block |
||
| 119 | 112 | * |
| 120 | 113 | * @return array |
| 121 | 114 | */ |
| 122 | - public function __debugInfo() |
|
| 123 | - { |
|
| 115 | + public function __debugInfo() { |
|
| 124 | 116 | return array(implode(', ', $this->container)); |
| 125 | 117 | } |
| 126 | 118 | } |
@@ -15,7 +15,7 @@ |
||
| 15 | 15 | * @internal You should not use this directly from another application |
| 16 | 16 | * |
| 17 | 17 | * @param int[] $v |
| 18 | - * @return int[] |
|
| 18 | + * @return integer[] |
|
| 19 | 19 | */ |
| 20 | 20 | public static function sipRound(array $v) |
| 21 | 21 | { |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core_SipHash', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -11,290 +11,290 @@ discard block |
||
| 11 | 11 | */ |
| 12 | 12 | class ParagonIE_Sodium_Core_SipHash extends ParagonIE_Sodium_Core_Util |
| 13 | 13 | { |
| 14 | - /** |
|
| 15 | - * @internal You should not use this directly from another application |
|
| 16 | - * |
|
| 17 | - * @param int[] $v |
|
| 18 | - * @return int[] |
|
| 19 | - */ |
|
| 20 | - public static function sipRound(array $v) |
|
| 21 | - { |
|
| 22 | - # v0 += v1; |
|
| 23 | - list($v[0], $v[1]) = self::add( |
|
| 24 | - array($v[0], $v[1]), |
|
| 25 | - array($v[2], $v[3]) |
|
| 26 | - ); |
|
| 27 | - |
|
| 28 | - # v1=ROTL(v1,13); |
|
| 29 | - list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 13); |
|
| 30 | - |
|
| 31 | - # v1 ^= v0; |
|
| 32 | - $v[2] ^= $v[0]; |
|
| 33 | - $v[3] ^= $v[1]; |
|
| 34 | - |
|
| 35 | - # v0=ROTL(v0,32); |
|
| 36 | - list($v[0], $v[1]) = self::rotl_64($v[0], $v[1], 32); |
|
| 37 | - |
|
| 38 | - # v2 += v3; |
|
| 39 | - list($v[4], $v[5]) = self::add( |
|
| 40 | - array($v[4], $v[5]), |
|
| 41 | - array($v[6], $v[7]) |
|
| 42 | - ); |
|
| 43 | - |
|
| 44 | - # v3=ROTL(v3,16); |
|
| 45 | - list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 16); |
|
| 46 | - |
|
| 47 | - # v3 ^= v2; |
|
| 48 | - $v[6] ^= $v[4]; |
|
| 49 | - $v[7] ^= $v[5]; |
|
| 50 | - |
|
| 51 | - # v0 += v3; |
|
| 52 | - list($v[0], $v[1]) = self::add( |
|
| 53 | - array($v[0], $v[1]), |
|
| 54 | - array($v[6], $v[7]) |
|
| 55 | - ); |
|
| 56 | - |
|
| 57 | - # v3=ROTL(v3,21); |
|
| 58 | - list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 21); |
|
| 59 | - |
|
| 60 | - # v3 ^= v0; |
|
| 61 | - $v[6] ^= $v[0]; |
|
| 62 | - $v[7] ^= $v[1]; |
|
| 63 | - |
|
| 64 | - # v2 += v1; |
|
| 65 | - list($v[4], $v[5]) = self::add( |
|
| 66 | - array($v[4], $v[5]), |
|
| 67 | - array($v[2], $v[3]) |
|
| 68 | - ); |
|
| 69 | - |
|
| 70 | - # v1=ROTL(v1,17); |
|
| 71 | - list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 17); |
|
| 72 | - |
|
| 73 | - # v1 ^= v2;; |
|
| 74 | - $v[2] ^= $v[4]; |
|
| 75 | - $v[3] ^= $v[5]; |
|
| 76 | - |
|
| 77 | - # v2=ROTL(v2,32) |
|
| 78 | - list($v[4], $v[5]) = self::rotl_64($v[4], $v[5], 32); |
|
| 79 | - |
|
| 80 | - return $v; |
|
| 81 | - } |
|
| 82 | - |
|
| 83 | - /** |
|
| 84 | - * Add two 32 bit integers representing a 64-bit integer. |
|
| 85 | - * |
|
| 86 | - * @internal You should not use this directly from another application |
|
| 87 | - * |
|
| 88 | - * @param int[] $a |
|
| 89 | - * @param int[] $b |
|
| 90 | - * @return array<int, mixed> |
|
| 91 | - */ |
|
| 92 | - public static function add(array $a, array $b) |
|
| 93 | - { |
|
| 94 | - $x1 = $a[1] + $b[1]; |
|
| 95 | - $c = $x1 >> 32; // Carry if ($a + $b) > 0xffffffff |
|
| 96 | - $x0 = $a[0] + $b[0] + $c; |
|
| 97 | - return array( |
|
| 98 | - $x0 & 0xffffffff, |
|
| 99 | - $x1 & 0xffffffff |
|
| 100 | - ); |
|
| 101 | - } |
|
| 102 | - |
|
| 103 | - /** |
|
| 104 | - * @internal You should not use this directly from another application |
|
| 105 | - * |
|
| 106 | - * @param int $int0 |
|
| 107 | - * @param int $int1 |
|
| 108 | - * @param int $c |
|
| 109 | - * @return array<int, mixed> |
|
| 110 | - */ |
|
| 111 | - public static function rotl_64($int0, $int1, $c) |
|
| 112 | - { |
|
| 113 | - $int0 &= 0xffffffff; |
|
| 114 | - $int1 &= 0xffffffff; |
|
| 115 | - $c &= 63; |
|
| 116 | - if ($c === 32) { |
|
| 117 | - return array($int1, $int0); |
|
| 118 | - } |
|
| 119 | - if ($c > 31) { |
|
| 120 | - $tmp = $int1; |
|
| 121 | - $int1 = $int0; |
|
| 122 | - $int0 = $tmp; |
|
| 123 | - $c &= 31; |
|
| 124 | - } |
|
| 125 | - if ($c === 0) { |
|
| 126 | - return array($int0, $int1); |
|
| 127 | - } |
|
| 128 | - return array( |
|
| 129 | - 0xffffffff & ( |
|
| 130 | - ($int0 << $c) |
|
| 131 | - | |
|
| 132 | - ($int1 >> (32 - $c)) |
|
| 133 | - ), |
|
| 134 | - 0xffffffff & ( |
|
| 135 | - ($int1 << $c) |
|
| 136 | - | |
|
| 137 | - ($int0 >> (32 - $c)) |
|
| 138 | - ), |
|
| 139 | - ); |
|
| 140 | - } |
|
| 141 | - |
|
| 142 | - /** |
|
| 143 | - * Implements Siphash-2-4 using only 32-bit numbers. |
|
| 144 | - * |
|
| 145 | - * When we split an int into two, the higher bits go to the lower index. |
|
| 146 | - * e.g. 0xDEADBEEFAB10C92D becomes [ |
|
| 147 | - * 0 => 0xDEADBEEF, |
|
| 148 | - * 1 => 0xAB10C92D |
|
| 149 | - * ]. |
|
| 150 | - * |
|
| 151 | - * @internal You should not use this directly from another application |
|
| 152 | - * |
|
| 153 | - * @param string $in |
|
| 154 | - * @param string $key |
|
| 155 | - * @return string |
|
| 156 | - */ |
|
| 157 | - public static function sipHash24($in, $key) |
|
| 158 | - { |
|
| 159 | - $inlen = self::strlen($in); |
|
| 160 | - |
|
| 161 | - # /* "somepseudorandomlygeneratedbytes" */ |
|
| 162 | - # u64 v0 = 0x736f6d6570736575ULL; |
|
| 163 | - # u64 v1 = 0x646f72616e646f6dULL; |
|
| 164 | - # u64 v2 = 0x6c7967656e657261ULL; |
|
| 165 | - # u64 v3 = 0x7465646279746573ULL; |
|
| 166 | - $v = array( |
|
| 167 | - 0x736f6d65, // 0 |
|
| 168 | - 0x70736575, // 1 |
|
| 169 | - 0x646f7261, // 2 |
|
| 170 | - 0x6e646f6d, // 3 |
|
| 171 | - 0x6c796765, // 4 |
|
| 172 | - 0x6e657261, // 5 |
|
| 173 | - 0x74656462, // 6 |
|
| 174 | - 0x79746573 // 7 |
|
| 175 | - ); |
|
| 176 | - // v0 => $v[0], $v[1] |
|
| 177 | - // v1 => $v[2], $v[3] |
|
| 178 | - // v2 => $v[4], $v[5] |
|
| 179 | - // v3 => $v[6], $v[7] |
|
| 180 | - |
|
| 181 | - # u64 k0 = LOAD64_LE( k ); |
|
| 182 | - # u64 k1 = LOAD64_LE( k + 8 ); |
|
| 183 | - $k = array( |
|
| 184 | - self::load_4(self::substr($key, 4, 4)), |
|
| 185 | - self::load_4(self::substr($key, 0, 4)), |
|
| 186 | - self::load_4(self::substr($key, 12, 4)), |
|
| 187 | - self::load_4(self::substr($key, 8, 4)) |
|
| 188 | - ); |
|
| 189 | - // k0 => $k[0], $k[1] |
|
| 190 | - // k1 => $k[2], $k[3] |
|
| 191 | - |
|
| 192 | - # b = ( ( u64 )inlen ) << 56; |
|
| 193 | - $b = array( |
|
| 194 | - $inlen << 24, |
|
| 195 | - 0 |
|
| 196 | - ); |
|
| 197 | - // See docblock for why the 0th index gets the higher bits. |
|
| 198 | - |
|
| 199 | - # v3 ^= k1; |
|
| 200 | - $v[6] ^= $k[2]; |
|
| 201 | - $v[7] ^= $k[3]; |
|
| 202 | - # v2 ^= k0; |
|
| 203 | - $v[4] ^= $k[0]; |
|
| 204 | - $v[5] ^= $k[1]; |
|
| 205 | - # v1 ^= k1; |
|
| 206 | - $v[2] ^= $k[2]; |
|
| 207 | - $v[3] ^= $k[3]; |
|
| 208 | - # v0 ^= k0; |
|
| 209 | - $v[0] ^= $k[0]; |
|
| 210 | - $v[1] ^= $k[1]; |
|
| 211 | - |
|
| 212 | - $left = $inlen; |
|
| 213 | - # for ( ; in != end; in += 8 ) |
|
| 214 | - while ($left >= 8) { |
|
| 215 | - # m = LOAD64_LE( in ); |
|
| 216 | - $m = array( |
|
| 217 | - self::load_4(self::substr($in, 4, 4)), |
|
| 218 | - self::load_4(self::substr($in, 0, 4)) |
|
| 219 | - ); |
|
| 220 | - |
|
| 221 | - # v3 ^= m; |
|
| 222 | - $v[6] ^= $m[0]; |
|
| 223 | - $v[7] ^= $m[1]; |
|
| 224 | - |
|
| 225 | - # SIPROUND; |
|
| 226 | - # SIPROUND; |
|
| 227 | - $v = self::sipRound($v); |
|
| 228 | - $v = self::sipRound($v); |
|
| 229 | - |
|
| 230 | - # v0 ^= m; |
|
| 231 | - $v[0] ^= $m[0]; |
|
| 232 | - $v[1] ^= $m[1]; |
|
| 233 | - |
|
| 234 | - $in = self::substr($in, 8); |
|
| 235 | - $left -= 8; |
|
| 236 | - } |
|
| 237 | - |
|
| 238 | - # switch( left ) |
|
| 239 | - # { |
|
| 240 | - # case 7: b |= ( ( u64 )in[ 6] ) << 48; |
|
| 241 | - # case 6: b |= ( ( u64 )in[ 5] ) << 40; |
|
| 242 | - # case 5: b |= ( ( u64 )in[ 4] ) << 32; |
|
| 243 | - # case 4: b |= ( ( u64 )in[ 3] ) << 24; |
|
| 244 | - # case 3: b |= ( ( u64 )in[ 2] ) << 16; |
|
| 245 | - # case 2: b |= ( ( u64 )in[ 1] ) << 8; |
|
| 246 | - # case 1: b |= ( ( u64 )in[ 0] ); break; |
|
| 247 | - # case 0: break; |
|
| 248 | - # } |
|
| 249 | - switch ($left) { |
|
| 250 | - case 7: |
|
| 251 | - $b[0] |= self::chrToInt($in[6]) << 16; |
|
| 252 | - case 6: |
|
| 253 | - $b[0] |= self::chrToInt($in[5]) << 8; |
|
| 254 | - case 5: |
|
| 255 | - $b[0] |= self::chrToInt($in[4]); |
|
| 256 | - case 4: |
|
| 257 | - $b[1] |= self::chrToInt($in[3]) << 24; |
|
| 258 | - case 3: |
|
| 259 | - $b[1] |= self::chrToInt($in[2]) << 16; |
|
| 260 | - case 2: |
|
| 261 | - $b[1] |= self::chrToInt($in[1]) << 8; |
|
| 262 | - case 1: |
|
| 263 | - $b[1] |= self::chrToInt($in[0]); |
|
| 264 | - case 0: |
|
| 265 | - break; |
|
| 266 | - } |
|
| 267 | - // See docblock for why the 0th index gets the higher bits. |
|
| 268 | - |
|
| 269 | - # v3 ^= b; |
|
| 270 | - $v[6] ^= $b[0]; |
|
| 271 | - $v[7] ^= $b[1]; |
|
| 272 | - |
|
| 273 | - # SIPROUND; |
|
| 274 | - # SIPROUND; |
|
| 275 | - $v = self::sipRound($v); |
|
| 276 | - $v = self::sipRound($v); |
|
| 277 | - |
|
| 278 | - # v0 ^= b; |
|
| 279 | - $v[0] ^= $b[0]; |
|
| 280 | - $v[1] ^= $b[1]; |
|
| 281 | - |
|
| 282 | - // Flip the lower 8 bits of v2 which is ($v[4], $v[5]) in our implementation |
|
| 283 | - # v2 ^= 0xff; |
|
| 284 | - $v[5] ^= 0xff; |
|
| 285 | - |
|
| 286 | - # SIPROUND; |
|
| 287 | - # SIPROUND; |
|
| 288 | - # SIPROUND; |
|
| 289 | - # SIPROUND; |
|
| 290 | - $v = self::sipRound($v); |
|
| 291 | - $v = self::sipRound($v); |
|
| 292 | - $v = self::sipRound($v); |
|
| 293 | - $v = self::sipRound($v); |
|
| 294 | - |
|
| 295 | - # b = v0 ^ v1 ^ v2 ^ v3; |
|
| 296 | - # STORE64_LE( out, b ); |
|
| 297 | - return self::store32_le($v[1] ^ $v[3] ^ $v[5] ^ $v[7]) . |
|
| 298 | - self::store32_le($v[0] ^ $v[2] ^ $v[4] ^ $v[6]); |
|
| 299 | - } |
|
| 14 | + /** |
|
| 15 | + * @internal You should not use this directly from another application |
|
| 16 | + * |
|
| 17 | + * @param int[] $v |
|
| 18 | + * @return int[] |
|
| 19 | + */ |
|
| 20 | + public static function sipRound(array $v) |
|
| 21 | + { |
|
| 22 | + # v0 += v1; |
|
| 23 | + list($v[0], $v[1]) = self::add( |
|
| 24 | + array($v[0], $v[1]), |
|
| 25 | + array($v[2], $v[3]) |
|
| 26 | + ); |
|
| 27 | + |
|
| 28 | + # v1=ROTL(v1,13); |
|
| 29 | + list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 13); |
|
| 30 | + |
|
| 31 | + # v1 ^= v0; |
|
| 32 | + $v[2] ^= $v[0]; |
|
| 33 | + $v[3] ^= $v[1]; |
|
| 34 | + |
|
| 35 | + # v0=ROTL(v0,32); |
|
| 36 | + list($v[0], $v[1]) = self::rotl_64($v[0], $v[1], 32); |
|
| 37 | + |
|
| 38 | + # v2 += v3; |
|
| 39 | + list($v[4], $v[5]) = self::add( |
|
| 40 | + array($v[4], $v[5]), |
|
| 41 | + array($v[6], $v[7]) |
|
| 42 | + ); |
|
| 43 | + |
|
| 44 | + # v3=ROTL(v3,16); |
|
| 45 | + list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 16); |
|
| 46 | + |
|
| 47 | + # v3 ^= v2; |
|
| 48 | + $v[6] ^= $v[4]; |
|
| 49 | + $v[7] ^= $v[5]; |
|
| 50 | + |
|
| 51 | + # v0 += v3; |
|
| 52 | + list($v[0], $v[1]) = self::add( |
|
| 53 | + array($v[0], $v[1]), |
|
| 54 | + array($v[6], $v[7]) |
|
| 55 | + ); |
|
| 56 | + |
|
| 57 | + # v3=ROTL(v3,21); |
|
| 58 | + list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 21); |
|
| 59 | + |
|
| 60 | + # v3 ^= v0; |
|
| 61 | + $v[6] ^= $v[0]; |
|
| 62 | + $v[7] ^= $v[1]; |
|
| 63 | + |
|
| 64 | + # v2 += v1; |
|
| 65 | + list($v[4], $v[5]) = self::add( |
|
| 66 | + array($v[4], $v[5]), |
|
| 67 | + array($v[2], $v[3]) |
|
| 68 | + ); |
|
| 69 | + |
|
| 70 | + # v1=ROTL(v1,17); |
|
| 71 | + list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 17); |
|
| 72 | + |
|
| 73 | + # v1 ^= v2;; |
|
| 74 | + $v[2] ^= $v[4]; |
|
| 75 | + $v[3] ^= $v[5]; |
|
| 76 | + |
|
| 77 | + # v2=ROTL(v2,32) |
|
| 78 | + list($v[4], $v[5]) = self::rotl_64($v[4], $v[5], 32); |
|
| 79 | + |
|
| 80 | + return $v; |
|
| 81 | + } |
|
| 82 | + |
|
| 83 | + /** |
|
| 84 | + * Add two 32 bit integers representing a 64-bit integer. |
|
| 85 | + * |
|
| 86 | + * @internal You should not use this directly from another application |
|
| 87 | + * |
|
| 88 | + * @param int[] $a |
|
| 89 | + * @param int[] $b |
|
| 90 | + * @return array<int, mixed> |
|
| 91 | + */ |
|
| 92 | + public static function add(array $a, array $b) |
|
| 93 | + { |
|
| 94 | + $x1 = $a[1] + $b[1]; |
|
| 95 | + $c = $x1 >> 32; // Carry if ($a + $b) > 0xffffffff |
|
| 96 | + $x0 = $a[0] + $b[0] + $c; |
|
| 97 | + return array( |
|
| 98 | + $x0 & 0xffffffff, |
|
| 99 | + $x1 & 0xffffffff |
|
| 100 | + ); |
|
| 101 | + } |
|
| 102 | + |
|
| 103 | + /** |
|
| 104 | + * @internal You should not use this directly from another application |
|
| 105 | + * |
|
| 106 | + * @param int $int0 |
|
| 107 | + * @param int $int1 |
|
| 108 | + * @param int $c |
|
| 109 | + * @return array<int, mixed> |
|
| 110 | + */ |
|
| 111 | + public static function rotl_64($int0, $int1, $c) |
|
| 112 | + { |
|
| 113 | + $int0 &= 0xffffffff; |
|
| 114 | + $int1 &= 0xffffffff; |
|
| 115 | + $c &= 63; |
|
| 116 | + if ($c === 32) { |
|
| 117 | + return array($int1, $int0); |
|
| 118 | + } |
|
| 119 | + if ($c > 31) { |
|
| 120 | + $tmp = $int1; |
|
| 121 | + $int1 = $int0; |
|
| 122 | + $int0 = $tmp; |
|
| 123 | + $c &= 31; |
|
| 124 | + } |
|
| 125 | + if ($c === 0) { |
|
| 126 | + return array($int0, $int1); |
|
| 127 | + } |
|
| 128 | + return array( |
|
| 129 | + 0xffffffff & ( |
|
| 130 | + ($int0 << $c) |
|
| 131 | + | |
|
| 132 | + ($int1 >> (32 - $c)) |
|
| 133 | + ), |
|
| 134 | + 0xffffffff & ( |
|
| 135 | + ($int1 << $c) |
|
| 136 | + | |
|
| 137 | + ($int0 >> (32 - $c)) |
|
| 138 | + ), |
|
| 139 | + ); |
|
| 140 | + } |
|
| 141 | + |
|
| 142 | + /** |
|
| 143 | + * Implements Siphash-2-4 using only 32-bit numbers. |
|
| 144 | + * |
|
| 145 | + * When we split an int into two, the higher bits go to the lower index. |
|
| 146 | + * e.g. 0xDEADBEEFAB10C92D becomes [ |
|
| 147 | + * 0 => 0xDEADBEEF, |
|
| 148 | + * 1 => 0xAB10C92D |
|
| 149 | + * ]. |
|
| 150 | + * |
|
| 151 | + * @internal You should not use this directly from another application |
|
| 152 | + * |
|
| 153 | + * @param string $in |
|
| 154 | + * @param string $key |
|
| 155 | + * @return string |
|
| 156 | + */ |
|
| 157 | + public static function sipHash24($in, $key) |
|
| 158 | + { |
|
| 159 | + $inlen = self::strlen($in); |
|
| 160 | + |
|
| 161 | + # /* "somepseudorandomlygeneratedbytes" */ |
|
| 162 | + # u64 v0 = 0x736f6d6570736575ULL; |
|
| 163 | + # u64 v1 = 0x646f72616e646f6dULL; |
|
| 164 | + # u64 v2 = 0x6c7967656e657261ULL; |
|
| 165 | + # u64 v3 = 0x7465646279746573ULL; |
|
| 166 | + $v = array( |
|
| 167 | + 0x736f6d65, // 0 |
|
| 168 | + 0x70736575, // 1 |
|
| 169 | + 0x646f7261, // 2 |
|
| 170 | + 0x6e646f6d, // 3 |
|
| 171 | + 0x6c796765, // 4 |
|
| 172 | + 0x6e657261, // 5 |
|
| 173 | + 0x74656462, // 6 |
|
| 174 | + 0x79746573 // 7 |
|
| 175 | + ); |
|
| 176 | + // v0 => $v[0], $v[1] |
|
| 177 | + // v1 => $v[2], $v[3] |
|
| 178 | + // v2 => $v[4], $v[5] |
|
| 179 | + // v3 => $v[6], $v[7] |
|
| 180 | + |
|
| 181 | + # u64 k0 = LOAD64_LE( k ); |
|
| 182 | + # u64 k1 = LOAD64_LE( k + 8 ); |
|
| 183 | + $k = array( |
|
| 184 | + self::load_4(self::substr($key, 4, 4)), |
|
| 185 | + self::load_4(self::substr($key, 0, 4)), |
|
| 186 | + self::load_4(self::substr($key, 12, 4)), |
|
| 187 | + self::load_4(self::substr($key, 8, 4)) |
|
| 188 | + ); |
|
| 189 | + // k0 => $k[0], $k[1] |
|
| 190 | + // k1 => $k[2], $k[3] |
|
| 191 | + |
|
| 192 | + # b = ( ( u64 )inlen ) << 56; |
|
| 193 | + $b = array( |
|
| 194 | + $inlen << 24, |
|
| 195 | + 0 |
|
| 196 | + ); |
|
| 197 | + // See docblock for why the 0th index gets the higher bits. |
|
| 198 | + |
|
| 199 | + # v3 ^= k1; |
|
| 200 | + $v[6] ^= $k[2]; |
|
| 201 | + $v[7] ^= $k[3]; |
|
| 202 | + # v2 ^= k0; |
|
| 203 | + $v[4] ^= $k[0]; |
|
| 204 | + $v[5] ^= $k[1]; |
|
| 205 | + # v1 ^= k1; |
|
| 206 | + $v[2] ^= $k[2]; |
|
| 207 | + $v[3] ^= $k[3]; |
|
| 208 | + # v0 ^= k0; |
|
| 209 | + $v[0] ^= $k[0]; |
|
| 210 | + $v[1] ^= $k[1]; |
|
| 211 | + |
|
| 212 | + $left = $inlen; |
|
| 213 | + # for ( ; in != end; in += 8 ) |
|
| 214 | + while ($left >= 8) { |
|
| 215 | + # m = LOAD64_LE( in ); |
|
| 216 | + $m = array( |
|
| 217 | + self::load_4(self::substr($in, 4, 4)), |
|
| 218 | + self::load_4(self::substr($in, 0, 4)) |
|
| 219 | + ); |
|
| 220 | + |
|
| 221 | + # v3 ^= m; |
|
| 222 | + $v[6] ^= $m[0]; |
|
| 223 | + $v[7] ^= $m[1]; |
|
| 224 | + |
|
| 225 | + # SIPROUND; |
|
| 226 | + # SIPROUND; |
|
| 227 | + $v = self::sipRound($v); |
|
| 228 | + $v = self::sipRound($v); |
|
| 229 | + |
|
| 230 | + # v0 ^= m; |
|
| 231 | + $v[0] ^= $m[0]; |
|
| 232 | + $v[1] ^= $m[1]; |
|
| 233 | + |
|
| 234 | + $in = self::substr($in, 8); |
|
| 235 | + $left -= 8; |
|
| 236 | + } |
|
| 237 | + |
|
| 238 | + # switch( left ) |
|
| 239 | + # { |
|
| 240 | + # case 7: b |= ( ( u64 )in[ 6] ) << 48; |
|
| 241 | + # case 6: b |= ( ( u64 )in[ 5] ) << 40; |
|
| 242 | + # case 5: b |= ( ( u64 )in[ 4] ) << 32; |
|
| 243 | + # case 4: b |= ( ( u64 )in[ 3] ) << 24; |
|
| 244 | + # case 3: b |= ( ( u64 )in[ 2] ) << 16; |
|
| 245 | + # case 2: b |= ( ( u64 )in[ 1] ) << 8; |
|
| 246 | + # case 1: b |= ( ( u64 )in[ 0] ); break; |
|
| 247 | + # case 0: break; |
|
| 248 | + # } |
|
| 249 | + switch ($left) { |
|
| 250 | + case 7: |
|
| 251 | + $b[0] |= self::chrToInt($in[6]) << 16; |
|
| 252 | + case 6: |
|
| 253 | + $b[0] |= self::chrToInt($in[5]) << 8; |
|
| 254 | + case 5: |
|
| 255 | + $b[0] |= self::chrToInt($in[4]); |
|
| 256 | + case 4: |
|
| 257 | + $b[1] |= self::chrToInt($in[3]) << 24; |
|
| 258 | + case 3: |
|
| 259 | + $b[1] |= self::chrToInt($in[2]) << 16; |
|
| 260 | + case 2: |
|
| 261 | + $b[1] |= self::chrToInt($in[1]) << 8; |
|
| 262 | + case 1: |
|
| 263 | + $b[1] |= self::chrToInt($in[0]); |
|
| 264 | + case 0: |
|
| 265 | + break; |
|
| 266 | + } |
|
| 267 | + // See docblock for why the 0th index gets the higher bits. |
|
| 268 | + |
|
| 269 | + # v3 ^= b; |
|
| 270 | + $v[6] ^= $b[0]; |
|
| 271 | + $v[7] ^= $b[1]; |
|
| 272 | + |
|
| 273 | + # SIPROUND; |
|
| 274 | + # SIPROUND; |
|
| 275 | + $v = self::sipRound($v); |
|
| 276 | + $v = self::sipRound($v); |
|
| 277 | + |
|
| 278 | + # v0 ^= b; |
|
| 279 | + $v[0] ^= $b[0]; |
|
| 280 | + $v[1] ^= $b[1]; |
|
| 281 | + |
|
| 282 | + // Flip the lower 8 bits of v2 which is ($v[4], $v[5]) in our implementation |
|
| 283 | + # v2 ^= 0xff; |
|
| 284 | + $v[5] ^= 0xff; |
|
| 285 | + |
|
| 286 | + # SIPROUND; |
|
| 287 | + # SIPROUND; |
|
| 288 | + # SIPROUND; |
|
| 289 | + # SIPROUND; |
|
| 290 | + $v = self::sipRound($v); |
|
| 291 | + $v = self::sipRound($v); |
|
| 292 | + $v = self::sipRound($v); |
|
| 293 | + $v = self::sipRound($v); |
|
| 294 | + |
|
| 295 | + # b = v0 ^ v1 ^ v2 ^ v3; |
|
| 296 | + # STORE64_LE( out, b ); |
|
| 297 | + return self::store32_le($v[1] ^ $v[3] ^ $v[5] ^ $v[7]) . |
|
| 298 | + self::store32_le($v[0] ^ $v[2] ^ $v[4] ^ $v[6]); |
|
| 299 | + } |
|
| 300 | 300 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core_SipHash', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core_SipHash', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -17,65 +17,65 @@ discard block |
||
| 17 | 17 | * @param int[] $v |
| 18 | 18 | * @return int[] |
| 19 | 19 | */ |
| 20 | - public static function sipRound(array $v) |
|
| 20 | + public static function sipRound( array $v ) |
|
| 21 | 21 | { |
| 22 | 22 | # v0 += v1; |
| 23 | - list($v[0], $v[1]) = self::add( |
|
| 24 | - array($v[0], $v[1]), |
|
| 25 | - array($v[2], $v[3]) |
|
| 23 | + list( $v[0], $v[1] ) = self::add( |
|
| 24 | + array( $v[0], $v[1] ), |
|
| 25 | + array( $v[2], $v[3] ) |
|
| 26 | 26 | ); |
| 27 | 27 | |
| 28 | 28 | # v1=ROTL(v1,13); |
| 29 | - list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 13); |
|
| 29 | + list( $v[2], $v[3] ) = self::rotl_64( $v[2], $v[3], 13 ); |
|
| 30 | 30 | |
| 31 | 31 | # v1 ^= v0; |
| 32 | 32 | $v[2] ^= $v[0]; |
| 33 | 33 | $v[3] ^= $v[1]; |
| 34 | 34 | |
| 35 | 35 | # v0=ROTL(v0,32); |
| 36 | - list($v[0], $v[1]) = self::rotl_64($v[0], $v[1], 32); |
|
| 36 | + list( $v[0], $v[1] ) = self::rotl_64( $v[0], $v[1], 32 ); |
|
| 37 | 37 | |
| 38 | 38 | # v2 += v3; |
| 39 | - list($v[4], $v[5]) = self::add( |
|
| 40 | - array($v[4], $v[5]), |
|
| 41 | - array($v[6], $v[7]) |
|
| 39 | + list( $v[4], $v[5] ) = self::add( |
|
| 40 | + array( $v[4], $v[5] ), |
|
| 41 | + array( $v[6], $v[7] ) |
|
| 42 | 42 | ); |
| 43 | 43 | |
| 44 | 44 | # v3=ROTL(v3,16); |
| 45 | - list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 16); |
|
| 45 | + list( $v[6], $v[7] ) = self::rotl_64( $v[6], $v[7], 16 ); |
|
| 46 | 46 | |
| 47 | 47 | # v3 ^= v2; |
| 48 | 48 | $v[6] ^= $v[4]; |
| 49 | 49 | $v[7] ^= $v[5]; |
| 50 | 50 | |
| 51 | 51 | # v0 += v3; |
| 52 | - list($v[0], $v[1]) = self::add( |
|
| 53 | - array($v[0], $v[1]), |
|
| 54 | - array($v[6], $v[7]) |
|
| 52 | + list( $v[0], $v[1] ) = self::add( |
|
| 53 | + array( $v[0], $v[1] ), |
|
| 54 | + array( $v[6], $v[7] ) |
|
| 55 | 55 | ); |
| 56 | 56 | |
| 57 | 57 | # v3=ROTL(v3,21); |
| 58 | - list($v[6], $v[7]) = self::rotl_64($v[6], $v[7], 21); |
|
| 58 | + list( $v[6], $v[7] ) = self::rotl_64( $v[6], $v[7], 21 ); |
|
| 59 | 59 | |
| 60 | 60 | # v3 ^= v0; |
| 61 | 61 | $v[6] ^= $v[0]; |
| 62 | 62 | $v[7] ^= $v[1]; |
| 63 | 63 | |
| 64 | 64 | # v2 += v1; |
| 65 | - list($v[4], $v[5]) = self::add( |
|
| 66 | - array($v[4], $v[5]), |
|
| 67 | - array($v[2], $v[3]) |
|
| 65 | + list( $v[4], $v[5] ) = self::add( |
|
| 66 | + array( $v[4], $v[5] ), |
|
| 67 | + array( $v[2], $v[3] ) |
|
| 68 | 68 | ); |
| 69 | 69 | |
| 70 | 70 | # v1=ROTL(v1,17); |
| 71 | - list($v[2], $v[3]) = self::rotl_64($v[2], $v[3], 17); |
|
| 71 | + list( $v[2], $v[3] ) = self::rotl_64( $v[2], $v[3], 17 ); |
|
| 72 | 72 | |
| 73 | 73 | # v1 ^= v2;; |
| 74 | 74 | $v[2] ^= $v[4]; |
| 75 | 75 | $v[3] ^= $v[5]; |
| 76 | 76 | |
| 77 | 77 | # v2=ROTL(v2,32) |
| 78 | - list($v[4], $v[5]) = self::rotl_64($v[4], $v[5], 32); |
|
| 78 | + list( $v[4], $v[5] ) = self::rotl_64( $v[4], $v[5], 32 ); |
|
| 79 | 79 | |
| 80 | 80 | return $v; |
| 81 | 81 | } |
@@ -89,7 +89,7 @@ discard block |
||
| 89 | 89 | * @param int[] $b |
| 90 | 90 | * @return array<int, mixed> |
| 91 | 91 | */ |
| 92 | - public static function add(array $a, array $b) |
|
| 92 | + public static function add( array $a, array $b ) |
|
| 93 | 93 | { |
| 94 | 94 | $x1 = $a[1] + $b[1]; |
| 95 | 95 | $c = $x1 >> 32; // Carry if ($a + $b) > 0xffffffff |
@@ -108,33 +108,33 @@ discard block |
||
| 108 | 108 | * @param int $c |
| 109 | 109 | * @return array<int, mixed> |
| 110 | 110 | */ |
| 111 | - public static function rotl_64($int0, $int1, $c) |
|
| 111 | + public static function rotl_64( $int0, $int1, $c ) |
|
| 112 | 112 | { |
| 113 | 113 | $int0 &= 0xffffffff; |
| 114 | 114 | $int1 &= 0xffffffff; |
| 115 | 115 | $c &= 63; |
| 116 | - if ($c === 32) { |
|
| 117 | - return array($int1, $int0); |
|
| 116 | + if ( $c === 32 ) { |
|
| 117 | + return array( $int1, $int0 ); |
|
| 118 | 118 | } |
| 119 | - if ($c > 31) { |
|
| 119 | + if ( $c > 31 ) { |
|
| 120 | 120 | $tmp = $int1; |
| 121 | 121 | $int1 = $int0; |
| 122 | 122 | $int0 = $tmp; |
| 123 | 123 | $c &= 31; |
| 124 | 124 | } |
| 125 | - if ($c === 0) { |
|
| 126 | - return array($int0, $int1); |
|
| 125 | + if ( $c === 0 ) { |
|
| 126 | + return array( $int0, $int1 ); |
|
| 127 | 127 | } |
| 128 | 128 | return array( |
| 129 | 129 | 0xffffffff & ( |
| 130 | - ($int0 << $c) |
|
| 130 | + ( $int0 << $c ) |
|
| 131 | 131 | | |
| 132 | - ($int1 >> (32 - $c)) |
|
| 132 | + ( $int1 >> ( 32 - $c ) ) |
|
| 133 | 133 | ), |
| 134 | 134 | 0xffffffff & ( |
| 135 | - ($int1 << $c) |
|
| 135 | + ( $int1 << $c ) |
|
| 136 | 136 | | |
| 137 | - ($int0 >> (32 - $c)) |
|
| 137 | + ( $int0 >> ( 32 - $c ) ) |
|
| 138 | 138 | ), |
| 139 | 139 | ); |
| 140 | 140 | } |
@@ -154,9 +154,9 @@ discard block |
||
| 154 | 154 | * @param string $key |
| 155 | 155 | * @return string |
| 156 | 156 | */ |
| 157 | - public static function sipHash24($in, $key) |
|
| 157 | + public static function sipHash24( $in, $key ) |
|
| 158 | 158 | { |
| 159 | - $inlen = self::strlen($in); |
|
| 159 | + $inlen = self::strlen( $in ); |
|
| 160 | 160 | |
| 161 | 161 | # /* "somepseudorandomlygeneratedbytes" */ |
| 162 | 162 | # u64 v0 = 0x736f6d6570736575ULL; |
@@ -181,10 +181,10 @@ discard block |
||
| 181 | 181 | # u64 k0 = LOAD64_LE( k ); |
| 182 | 182 | # u64 k1 = LOAD64_LE( k + 8 ); |
| 183 | 183 | $k = array( |
| 184 | - self::load_4(self::substr($key, 4, 4)), |
|
| 185 | - self::load_4(self::substr($key, 0, 4)), |
|
| 186 | - self::load_4(self::substr($key, 12, 4)), |
|
| 187 | - self::load_4(self::substr($key, 8, 4)) |
|
| 184 | + self::load_4( self::substr( $key, 4, 4 ) ), |
|
| 185 | + self::load_4( self::substr( $key, 0, 4 ) ), |
|
| 186 | + self::load_4( self::substr( $key, 12, 4 ) ), |
|
| 187 | + self::load_4( self::substr( $key, 8, 4 ) ) |
|
| 188 | 188 | ); |
| 189 | 189 | // k0 => $k[0], $k[1] |
| 190 | 190 | // k1 => $k[2], $k[3] |
@@ -211,11 +211,11 @@ discard block |
||
| 211 | 211 | |
| 212 | 212 | $left = $inlen; |
| 213 | 213 | # for ( ; in != end; in += 8 ) |
| 214 | - while ($left >= 8) { |
|
| 214 | + while ( $left >= 8 ) { |
|
| 215 | 215 | # m = LOAD64_LE( in ); |
| 216 | 216 | $m = array( |
| 217 | - self::load_4(self::substr($in, 4, 4)), |
|
| 218 | - self::load_4(self::substr($in, 0, 4)) |
|
| 217 | + self::load_4( self::substr( $in, 4, 4 ) ), |
|
| 218 | + self::load_4( self::substr( $in, 0, 4 ) ) |
|
| 219 | 219 | ); |
| 220 | 220 | |
| 221 | 221 | # v3 ^= m; |
@@ -224,14 +224,14 @@ discard block |
||
| 224 | 224 | |
| 225 | 225 | # SIPROUND; |
| 226 | 226 | # SIPROUND; |
| 227 | - $v = self::sipRound($v); |
|
| 228 | - $v = self::sipRound($v); |
|
| 227 | + $v = self::sipRound( $v ); |
|
| 228 | + $v = self::sipRound( $v ); |
|
| 229 | 229 | |
| 230 | 230 | # v0 ^= m; |
| 231 | 231 | $v[0] ^= $m[0]; |
| 232 | 232 | $v[1] ^= $m[1]; |
| 233 | 233 | |
| 234 | - $in = self::substr($in, 8); |
|
| 234 | + $in = self::substr( $in, 8 ); |
|
| 235 | 235 | $left -= 8; |
| 236 | 236 | } |
| 237 | 237 | |
@@ -246,21 +246,21 @@ discard block |
||
| 246 | 246 | # case 1: b |= ( ( u64 )in[ 0] ); break; |
| 247 | 247 | # case 0: break; |
| 248 | 248 | # } |
| 249 | - switch ($left) { |
|
| 249 | + switch ( $left ) { |
|
| 250 | 250 | case 7: |
| 251 | - $b[0] |= self::chrToInt($in[6]) << 16; |
|
| 251 | + $b[0] |= self::chrToInt( $in[6] ) << 16; |
|
| 252 | 252 | case 6: |
| 253 | - $b[0] |= self::chrToInt($in[5]) << 8; |
|
| 253 | + $b[0] |= self::chrToInt( $in[5] ) << 8; |
|
| 254 | 254 | case 5: |
| 255 | - $b[0] |= self::chrToInt($in[4]); |
|
| 255 | + $b[0] |= self::chrToInt( $in[4] ); |
|
| 256 | 256 | case 4: |
| 257 | - $b[1] |= self::chrToInt($in[3]) << 24; |
|
| 257 | + $b[1] |= self::chrToInt( $in[3] ) << 24; |
|
| 258 | 258 | case 3: |
| 259 | - $b[1] |= self::chrToInt($in[2]) << 16; |
|
| 259 | + $b[1] |= self::chrToInt( $in[2] ) << 16; |
|
| 260 | 260 | case 2: |
| 261 | - $b[1] |= self::chrToInt($in[1]) << 8; |
|
| 261 | + $b[1] |= self::chrToInt( $in[1] ) << 8; |
|
| 262 | 262 | case 1: |
| 263 | - $b[1] |= self::chrToInt($in[0]); |
|
| 263 | + $b[1] |= self::chrToInt( $in[0] ); |
|
| 264 | 264 | case 0: |
| 265 | 265 | break; |
| 266 | 266 | } |
@@ -272,8 +272,8 @@ discard block |
||
| 272 | 272 | |
| 273 | 273 | # SIPROUND; |
| 274 | 274 | # SIPROUND; |
| 275 | - $v = self::sipRound($v); |
|
| 276 | - $v = self::sipRound($v); |
|
| 275 | + $v = self::sipRound( $v ); |
|
| 276 | + $v = self::sipRound( $v ); |
|
| 277 | 277 | |
| 278 | 278 | # v0 ^= b; |
| 279 | 279 | $v[0] ^= $b[0]; |
@@ -287,14 +287,14 @@ discard block |
||
| 287 | 287 | # SIPROUND; |
| 288 | 288 | # SIPROUND; |
| 289 | 289 | # SIPROUND; |
| 290 | - $v = self::sipRound($v); |
|
| 291 | - $v = self::sipRound($v); |
|
| 292 | - $v = self::sipRound($v); |
|
| 293 | - $v = self::sipRound($v); |
|
| 290 | + $v = self::sipRound( $v ); |
|
| 291 | + $v = self::sipRound( $v ); |
|
| 292 | + $v = self::sipRound( $v ); |
|
| 293 | + $v = self::sipRound( $v ); |
|
| 294 | 294 | |
| 295 | 295 | # b = v0 ^ v1 ^ v2 ^ v3; |
| 296 | 296 | # STORE64_LE( out, b ); |
| 297 | - return self::store32_le($v[1] ^ $v[3] ^ $v[5] ^ $v[7]) . |
|
| 298 | - self::store32_le($v[0] ^ $v[2] ^ $v[4] ^ $v[6]); |
|
| 297 | + return self::store32_le( $v[1] ^ $v[3] ^ $v[5] ^ $v[7] ) . |
|
| 298 | + self::store32_le( $v[0] ^ $v[2] ^ $v[4] ^ $v[6] ); |
|
| 299 | 299 | } |
| 300 | 300 | } |
@@ -9,16 +9,14 @@ discard block |
||
| 9 | 9 | * |
| 10 | 10 | * Only uses 32-bit arithmetic, while the original SipHash used 64-bit integers |
| 11 | 11 | */ |
| 12 | -class ParagonIE_Sodium_Core_SipHash extends ParagonIE_Sodium_Core_Util |
|
| 13 | -{ |
|
| 12 | +class ParagonIE_Sodium_Core_SipHash extends ParagonIE_Sodium_Core_Util { |
|
| 14 | 13 | /** |
| 15 | 14 | * @internal You should not use this directly from another application |
| 16 | 15 | * |
| 17 | 16 | * @param int[] $v |
| 18 | 17 | * @return int[] |
| 19 | 18 | */ |
| 20 | - public static function sipRound(array $v) |
|
| 21 | - { |
|
| 19 | + public static function sipRound(array $v) { |
|
| 22 | 20 | # v0 += v1; |
| 23 | 21 | list($v[0], $v[1]) = self::add( |
| 24 | 22 | array($v[0], $v[1]), |
@@ -89,8 +87,7 @@ discard block |
||
| 89 | 87 | * @param int[] $b |
| 90 | 88 | * @return array<int, mixed> |
| 91 | 89 | */ |
| 92 | - public static function add(array $a, array $b) |
|
| 93 | - { |
|
| 90 | + public static function add(array $a, array $b) { |
|
| 94 | 91 | $x1 = $a[1] + $b[1]; |
| 95 | 92 | $c = $x1 >> 32; // Carry if ($a + $b) > 0xffffffff |
| 96 | 93 | $x0 = $a[0] + $b[0] + $c; |
@@ -108,8 +105,7 @@ discard block |
||
| 108 | 105 | * @param int $c |
| 109 | 106 | * @return array<int, mixed> |
| 110 | 107 | */ |
| 111 | - public static function rotl_64($int0, $int1, $c) |
|
| 112 | - { |
|
| 108 | + public static function rotl_64($int0, $int1, $c) { |
|
| 113 | 109 | $int0 &= 0xffffffff; |
| 114 | 110 | $int1 &= 0xffffffff; |
| 115 | 111 | $c &= 63; |
@@ -154,8 +150,7 @@ discard block |
||
| 154 | 150 | * @param string $key |
| 155 | 151 | * @return string |
| 156 | 152 | */ |
| 157 | - public static function sipHash24($in, $key) |
|
| 158 | - { |
|
| 153 | + public static function sipHash24($in, $key) { |
|
| 159 | 154 | $inlen = self::strlen($in); |
| 160 | 155 | |
| 161 | 156 | # /* "somepseudorandomlygeneratedbytes" */ |
@@ -527,7 +527,7 @@ discard block |
||
| 527 | 527 | * |
| 528 | 528 | * @internal You should not use this directly from another application |
| 529 | 529 | * |
| 530 | - * @param int|float $num |
|
| 530 | + * @param integer $num |
|
| 531 | 531 | * @return array<int, int> |
| 532 | 532 | */ |
| 533 | 533 | public static function numericTo64BitInteger($num) |
@@ -834,7 +834,7 @@ discard block |
||
| 834 | 834 | * |
| 835 | 835 | * @internal You should not use this directly from another application |
| 836 | 836 | * |
| 837 | - * @return bool |
|
| 837 | + * @return boolean|null |
|
| 838 | 838 | */ |
| 839 | 839 | protected static function isMbStringOverride() |
| 840 | 840 | { |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core_Util', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -9,843 +9,843 @@ discard block |
||
| 9 | 9 | */ |
| 10 | 10 | abstract class ParagonIE_Sodium_Core_Util |
| 11 | 11 | { |
| 12 | - /** |
|
| 13 | - * Convert a binary string into a hexadecimal string without cache-timing |
|
| 14 | - * leaks |
|
| 15 | - * |
|
| 16 | - * @internal You should not use this directly from another application |
|
| 17 | - * |
|
| 18 | - * @param string $binaryString (raw binary) |
|
| 19 | - * @return string |
|
| 20 | - * @throws TypeError |
|
| 21 | - */ |
|
| 22 | - public static function bin2hex($binaryString) |
|
| 23 | - { |
|
| 24 | - /* Type checks: */ |
|
| 25 | - if (!is_string($binaryString)) { |
|
| 26 | - throw new TypeError('Argument 1 must be a string, ' . gettype($binaryString) . ' given.'); |
|
| 27 | - } |
|
| 28 | - |
|
| 29 | - $hex = ''; |
|
| 30 | - $len = self::strlen($binaryString); |
|
| 31 | - for ($i = 0; $i < $len; ++$i) { |
|
| 32 | - $chunk = unpack('C', self::substr($binaryString, $i, 2)); |
|
| 33 | - $c = $chunk[1] & 0xf; |
|
| 34 | - $b = $chunk[1] >> 4; |
|
| 35 | - $hex .= pack( |
|
| 36 | - 'CC', |
|
| 37 | - (87 + $b + ((($b - 10) >> 8) & ~38)), |
|
| 38 | - (87 + $c + ((($c - 10) >> 8) & ~38)) |
|
| 39 | - ); |
|
| 40 | - } |
|
| 41 | - return $hex; |
|
| 42 | - } |
|
| 43 | - |
|
| 44 | - /** |
|
| 45 | - * Convert a binary string into a hexadecimal string without cache-timing |
|
| 46 | - * leaks, returning uppercase letters (as per RFC 4648) |
|
| 47 | - * |
|
| 48 | - * @internal You should not use this directly from another application |
|
| 49 | - * |
|
| 50 | - * @param string $bin_string (raw binary) |
|
| 51 | - * @return string |
|
| 52 | - */ |
|
| 53 | - public static function bin2hexUpper($bin_string) |
|
| 54 | - { |
|
| 55 | - $hex = ''; |
|
| 56 | - $len = self::strlen($bin_string); |
|
| 57 | - for ($i = 0; $i < $len; ++$i) { |
|
| 58 | - $chunk = unpack('C', self::substr($bin_string, $i, 2)); |
|
| 59 | - /** |
|
| 60 | - * Lower 16 bits |
|
| 61 | - * |
|
| 62 | - * @var int |
|
| 63 | - */ |
|
| 64 | - $c = $chunk[1] & 0xf; |
|
| 65 | - |
|
| 66 | - /** |
|
| 67 | - * Upper 16 bits |
|
| 68 | - * @var int |
|
| 69 | - */ |
|
| 70 | - $b = $chunk[1] >> 4; |
|
| 71 | - |
|
| 72 | - /** |
|
| 73 | - * Use pack() and binary operators to turn the two integers |
|
| 74 | - * into hexadecimal characters. We don't use chr() here, because |
|
| 75 | - * it uses a lookup table internally and we want to avoid |
|
| 76 | - * cache-timing side-channels. |
|
| 77 | - */ |
|
| 78 | - $hex .= pack( |
|
| 79 | - 'CC', |
|
| 80 | - (55 + $b + ((($b - 10) >> 8) & ~6)), |
|
| 81 | - (55 + $c + ((($c - 10) >> 8) & ~6)) |
|
| 82 | - ); |
|
| 83 | - } |
|
| 84 | - return $hex; |
|
| 85 | - } |
|
| 86 | - |
|
| 87 | - /** |
|
| 88 | - * Cache-timing-safe variant of ord() |
|
| 89 | - * |
|
| 90 | - * @internal You should not use this directly from another application |
|
| 91 | - * |
|
| 92 | - * @param string $chr |
|
| 93 | - * @return int |
|
| 94 | - * @throws Error |
|
| 95 | - */ |
|
| 96 | - public static function chrToInt($chr) |
|
| 97 | - { |
|
| 98 | - /* Type checks: */ |
|
| 99 | - if (!is_string($chr)) { |
|
| 100 | - throw new TypeError('Argument 1 must be a string, ' . gettype($chr) . ' given.'); |
|
| 101 | - } |
|
| 102 | - if (self::strlen($chr) !== 1) { |
|
| 103 | - throw new Error('chrToInt() expects a string that is exactly 1 character long'); |
|
| 104 | - } |
|
| 105 | - $chunk = unpack('C', $chr); |
|
| 106 | - return $chunk[1]; |
|
| 107 | - } |
|
| 108 | - |
|
| 109 | - /** |
|
| 110 | - * Compares two strings. |
|
| 111 | - * |
|
| 112 | - * @internal You should not use this directly from another application |
|
| 113 | - * |
|
| 114 | - * @param string $left |
|
| 115 | - * @param string $right |
|
| 116 | - * @param int $len |
|
| 117 | - * @return int |
|
| 118 | - */ |
|
| 119 | - public static function compare($left, $right, $len = null) |
|
| 120 | - { |
|
| 121 | - $leftLen = self::strlen($left); |
|
| 122 | - $rightLen = self::strlen($right); |
|
| 123 | - if ($len === null) { |
|
| 124 | - $len = max($leftLen, $rightLen); |
|
| 125 | - $left = str_pad($left, $len, "\x00", STR_PAD_RIGHT); |
|
| 126 | - $right = str_pad($right, $len, "\x00", STR_PAD_RIGHT); |
|
| 127 | - } |
|
| 128 | - |
|
| 129 | - $gt = 0; |
|
| 130 | - $eq = 1; |
|
| 131 | - $i = $len; |
|
| 132 | - while ($i !== 0) { |
|
| 133 | - --$i; |
|
| 134 | - $gt |= ((self::chrToInt($right[$i]) - self::chrToInt($left[$i])) >> 8) & $eq; |
|
| 135 | - $eq &= ((self::chrToInt($right[$i]) ^ self::chrToInt($left[$i])) - 1) >> 8; |
|
| 136 | - } |
|
| 137 | - return ($gt + $gt + $eq) - 1; |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - /** |
|
| 141 | - * If a variable does not match a given type, throw a TypeError. |
|
| 142 | - * |
|
| 143 | - * @param mixed $mixedVar |
|
| 144 | - * @param string $type |
|
| 145 | - * @param int $argumentIndex |
|
| 146 | - * @throws TypeError |
|
| 147 | - * @throws Error |
|
| 148 | - * @return void |
|
| 149 | - */ |
|
| 150 | - public static function declareScalarType(&$mixedVar = null, $type = 'void', $argumentIndex = 0) |
|
| 151 | - { |
|
| 152 | - if (func_num_args() === 0) { |
|
| 153 | - /* Tautology, by default */ |
|
| 154 | - return; |
|
| 155 | - } |
|
| 156 | - if (func_num_args() === 1) { |
|
| 157 | - throw new TypeError('Declared void, but passed a variable'); |
|
| 158 | - } |
|
| 159 | - $realType = strtolower(gettype($mixedVar)); |
|
| 160 | - $type = strtolower($type); |
|
| 161 | - switch ($type) { |
|
| 162 | - case 'null': |
|
| 163 | - if ($mixedVar !== null) { |
|
| 164 | - throw new TypeError('Argument ' . $argumentIndex . ' must be null, ' . $realType . ' given.'); |
|
| 165 | - } |
|
| 166 | - break; |
|
| 167 | - case 'integer': |
|
| 168 | - case 'int': |
|
| 169 | - $allow = array('int', 'integer'); |
|
| 170 | - if (!in_array($type, $allow)) { |
|
| 171 | - throw new TypeError('Argument ' . $argumentIndex . ' must be an integer, ' . $realType . ' given.'); |
|
| 172 | - } |
|
| 173 | - $mixedVar = (int) $mixedVar; |
|
| 174 | - break; |
|
| 175 | - case 'boolean': |
|
| 176 | - case 'bool': |
|
| 177 | - $allow = array('bool', 'boolean'); |
|
| 178 | - if (!in_array($type, $allow)) { |
|
| 179 | - throw new TypeError('Argument ' . $argumentIndex . ' must be a boolean, ' . $realType . ' given.'); |
|
| 180 | - } |
|
| 181 | - $mixedVar = (bool) $mixedVar; |
|
| 182 | - break; |
|
| 183 | - case 'string': |
|
| 184 | - if (!is_string($mixedVar)) { |
|
| 185 | - throw new TypeError('Argument ' . $argumentIndex . ' must be a string, ' . $realType . ' given.'); |
|
| 186 | - } |
|
| 187 | - $mixedVar = (string) $mixedVar; |
|
| 188 | - break; |
|
| 189 | - case 'decimal': |
|
| 190 | - case 'double': |
|
| 191 | - case 'float': |
|
| 192 | - $allow = array('decimal', 'double', 'float'); |
|
| 193 | - if (!in_array($type, $allow)) { |
|
| 194 | - throw new TypeError('Argument ' . $argumentIndex . ' must be a float, ' . $realType . ' given.'); |
|
| 195 | - } |
|
| 196 | - $mixedVar = (float) $mixedVar; |
|
| 197 | - break; |
|
| 198 | - case 'object': |
|
| 199 | - if (!is_object($mixedVar)) { |
|
| 200 | - throw new TypeError('Argument ' . $argumentIndex . ' must be an object, ' . $realType . ' given.'); |
|
| 201 | - } |
|
| 202 | - break; |
|
| 203 | - case 'array': |
|
| 204 | - if (!is_array($mixedVar)) { |
|
| 205 | - if (is_object($mixedVar)) { |
|
| 206 | - if ($mixedVar instanceof ArrayAccess) { |
|
| 207 | - return; |
|
| 208 | - } |
|
| 209 | - } |
|
| 210 | - throw new TypeError('Argument ' . $argumentIndex . ' must be an array, ' . $realType . ' given.'); |
|
| 211 | - } |
|
| 212 | - break; |
|
| 213 | - default: |
|
| 214 | - throw new Error('Unknown type (' . $realType .') does not match expect type (' . $type . ')'); |
|
| 215 | - } |
|
| 216 | - } |
|
| 217 | - |
|
| 218 | - /** |
|
| 219 | - * Evaluate whether or not two strings are equal (in constant-time) |
|
| 220 | - * |
|
| 221 | - * @param string $left |
|
| 222 | - * @param string $right |
|
| 223 | - * @return bool |
|
| 224 | - * @throws TypeError |
|
| 225 | - */ |
|
| 226 | - public static function hashEquals($left, $right) |
|
| 227 | - { |
|
| 228 | - /* Type checks: */ |
|
| 229 | - if (!is_string($left)) { |
|
| 230 | - throw new TypeError('Argument 1 must be a string, ' . gettype($left) . ' given.'); |
|
| 231 | - } |
|
| 232 | - if (!is_string($right)) { |
|
| 233 | - throw new TypeError('Argument 2 must be a string, ' . gettype($right) . ' given.'); |
|
| 234 | - } |
|
| 235 | - |
|
| 236 | - if (is_callable('hash_equals')) { |
|
| 237 | - return hash_equals($left, $right); |
|
| 238 | - } |
|
| 239 | - $d = 0; |
|
| 240 | - $len = self::strlen($left); |
|
| 241 | - if ($len !== self::strlen($right)) { |
|
| 242 | - return false; |
|
| 243 | - } |
|
| 244 | - for ($i = 0; $i < $len; ++$i) { |
|
| 245 | - $d |= self::chrToInt($left[$i]) ^ self::chrToInt($right[$i]); |
|
| 246 | - } |
|
| 247 | - |
|
| 248 | - if ($d !== 0) { |
|
| 249 | - return false; |
|
| 250 | - } |
|
| 251 | - return $left === $right; |
|
| 252 | - } |
|
| 253 | - |
|
| 254 | - /** |
|
| 255 | - * Convert a hexadecimal string into a binary string without cache-timing |
|
| 256 | - * leaks |
|
| 257 | - * |
|
| 258 | - * @internal You should not use this directly from another application |
|
| 259 | - * |
|
| 260 | - * @param string $hexString |
|
| 261 | - * @param bool $strictPadding |
|
| 262 | - * @return string (raw binary) |
|
| 263 | - * @throws RangeException |
|
| 264 | - * @throws TypeError |
|
| 265 | - */ |
|
| 266 | - public static function hex2bin($hexString, $strictPadding = false) |
|
| 267 | - { |
|
| 268 | - /* Type checks: */ |
|
| 269 | - if (!is_string($hexString)) { |
|
| 270 | - throw new TypeError('Argument 1 must be a string, ' . gettype($hexString) . ' given.'); |
|
| 271 | - } |
|
| 272 | - |
|
| 273 | - $hex_pos = 0; |
|
| 274 | - $bin = ''; |
|
| 275 | - $c_acc = 0; |
|
| 276 | - $hex_len = self::strlen($hexString); |
|
| 277 | - $state = 0; |
|
| 278 | - if (($hex_len & 1) !== 0) { |
|
| 279 | - if ($strictPadding) { |
|
| 280 | - throw new RangeException( |
|
| 281 | - 'Expected an even number of hexadecimal characters' |
|
| 282 | - ); |
|
| 283 | - } else { |
|
| 284 | - $hexString = '0' . $hexString; |
|
| 285 | - ++$hex_len; |
|
| 286 | - } |
|
| 287 | - } |
|
| 288 | - |
|
| 289 | - $chunk = unpack('C*', $hexString); |
|
| 290 | - while ($hex_pos < $hex_len) { |
|
| 291 | - ++$hex_pos; |
|
| 292 | - $c = $chunk[$hex_pos]; |
|
| 293 | - $c_num = $c ^ 48; |
|
| 294 | - $c_num0 = ($c_num - 10) >> 8; |
|
| 295 | - $c_alpha = ($c & ~32) - 55; |
|
| 296 | - $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; |
|
| 297 | - if (($c_num0 | $c_alpha0) === 0) { |
|
| 298 | - throw new RangeException( |
|
| 299 | - 'hex2bin() only expects hexadecimal characters' |
|
| 300 | - ); |
|
| 301 | - } |
|
| 302 | - $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); |
|
| 303 | - if ($state === 0) { |
|
| 304 | - $c_acc = $c_val * 16; |
|
| 305 | - } else { |
|
| 306 | - $bin .= pack('C', $c_acc | $c_val); |
|
| 307 | - } |
|
| 308 | - $state ^= 1; |
|
| 309 | - } |
|
| 310 | - return $bin; |
|
| 311 | - } |
|
| 312 | - |
|
| 313 | - /** |
|
| 314 | - * Turn an array of integers into a string |
|
| 315 | - * |
|
| 316 | - * @internal You should not use this directly from another application |
|
| 317 | - * |
|
| 318 | - * @param array<int, int> $ints |
|
| 319 | - * @return string |
|
| 320 | - */ |
|
| 321 | - public static function intArrayToString(array $ints) |
|
| 322 | - { |
|
| 323 | - $args = $ints; |
|
| 324 | - foreach ($args as $i => $v) { |
|
| 325 | - $args[$i] = $v & 0xff; |
|
| 326 | - } |
|
| 327 | - array_unshift($args, str_repeat('C', count($ints))); |
|
| 328 | - return call_user_func_array('pack', $args); |
|
| 329 | - } |
|
| 330 | - |
|
| 331 | - /** |
|
| 332 | - * Cache-timing-safe variant of ord() |
|
| 333 | - * |
|
| 334 | - * @internal You should not use this directly from another application |
|
| 335 | - * |
|
| 336 | - * @param int $int |
|
| 337 | - * @return string |
|
| 338 | - * @throws TypeError |
|
| 339 | - */ |
|
| 340 | - public static function intToChr($int) |
|
| 341 | - { |
|
| 342 | - return pack('C', $int); |
|
| 343 | - } |
|
| 344 | - |
|
| 345 | - /** |
|
| 346 | - * Load a 3 character substring into an integer |
|
| 347 | - * |
|
| 348 | - * @internal You should not use this directly from another application |
|
| 349 | - * |
|
| 350 | - * @param string $string |
|
| 351 | - * @return int |
|
| 352 | - * @throws RangeException |
|
| 353 | - * @throws TypeError |
|
| 354 | - */ |
|
| 355 | - public static function load_3($string) |
|
| 356 | - { |
|
| 357 | - /* Type checks: */ |
|
| 358 | - if (!is_string($string)) { |
|
| 359 | - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 360 | - } |
|
| 361 | - |
|
| 362 | - /* Input validation: */ |
|
| 363 | - if (self::strlen($string) < 3) { |
|
| 364 | - throw new RangeException( |
|
| 365 | - 'String must be 3 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 366 | - ); |
|
| 367 | - } |
|
| 368 | - $result = self::chrToInt($string[0]); |
|
| 369 | - $result |= self::chrToInt($string[1]) << 8; |
|
| 370 | - $result |= self::chrToInt($string[2]) << 16; |
|
| 371 | - return $result & 0xffffff; |
|
| 372 | - } |
|
| 373 | - |
|
| 374 | - /** |
|
| 375 | - * Load a 4 character substring into an integer |
|
| 376 | - * |
|
| 377 | - * @internal You should not use this directly from another application |
|
| 378 | - * |
|
| 379 | - * @param string $string |
|
| 380 | - * @return int |
|
| 381 | - * @throws RangeException |
|
| 382 | - * @throws TypeError |
|
| 383 | - */ |
|
| 384 | - public static function load_4($string) |
|
| 385 | - { |
|
| 386 | - /* Type checks: */ |
|
| 387 | - if (!is_string($string)) { |
|
| 388 | - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 389 | - } |
|
| 390 | - |
|
| 391 | - /* Input validation: */ |
|
| 392 | - if (self::strlen($string) < 4) { |
|
| 393 | - throw new RangeException( |
|
| 394 | - 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 395 | - ); |
|
| 396 | - } |
|
| 397 | - $result = (self::chrToInt($string[0]) & 0xff); |
|
| 398 | - $result |= (self::chrToInt($string[1]) & 0xff) << 8; |
|
| 399 | - $result |= (self::chrToInt($string[2]) & 0xff) << 16; |
|
| 400 | - $result |= (self::chrToInt($string[3]) & 0xff) << 24; |
|
| 401 | - return $result & 0xffffffff; |
|
| 402 | - } |
|
| 403 | - |
|
| 404 | - /** |
|
| 405 | - * Load a 8 character substring into an integer |
|
| 406 | - * |
|
| 407 | - * @internal You should not use this directly from another application |
|
| 408 | - * |
|
| 409 | - * @param string $string |
|
| 410 | - * @return int |
|
| 411 | - * @throws RangeException |
|
| 412 | - * @throws TypeError |
|
| 413 | - */ |
|
| 414 | - public static function load64_le($string) |
|
| 415 | - { |
|
| 416 | - /* Type checks: */ |
|
| 417 | - if (!is_string($string)) { |
|
| 418 | - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 419 | - } |
|
| 420 | - |
|
| 421 | - /* Input validation: */ |
|
| 422 | - if (self::strlen($string) < 4) { |
|
| 423 | - throw new RangeException( |
|
| 424 | - 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 425 | - ); |
|
| 426 | - } |
|
| 427 | - $result = (self::chrToInt($string[0]) & 0xff); |
|
| 428 | - $result |= (self::chrToInt($string[1]) & 0xff) << 8; |
|
| 429 | - $result |= (self::chrToInt($string[2]) & 0xff) << 16; |
|
| 430 | - $result |= (self::chrToInt($string[3]) & 0xff) << 24; |
|
| 431 | - $result |= (self::chrToInt($string[4]) & 0xff) << 32; |
|
| 432 | - $result |= (self::chrToInt($string[5]) & 0xff) << 40; |
|
| 433 | - $result |= (self::chrToInt($string[6]) & 0xff) << 48; |
|
| 434 | - $result |= (self::chrToInt($string[7]) & 0xff) << 56; |
|
| 435 | - return (int) $result; |
|
| 436 | - } |
|
| 437 | - |
|
| 438 | - /** |
|
| 439 | - * @internal You should not use this directly from another application |
|
| 440 | - * |
|
| 441 | - * @param string $left |
|
| 442 | - * @param string $right |
|
| 443 | - * @return int |
|
| 444 | - */ |
|
| 445 | - public static function memcmp($left, $right) |
|
| 446 | - { |
|
| 447 | - if (self::hashEquals($left, $right)) { |
|
| 448 | - return 0; |
|
| 449 | - } |
|
| 450 | - return -1; |
|
| 451 | - } |
|
| 452 | - |
|
| 453 | - /** |
|
| 454 | - * Multiply two integers in constant-time |
|
| 455 | - * |
|
| 456 | - * Micro-architecture timing side-channels caused by how your CPU |
|
| 457 | - * implements multiplication are best prevented by never using the |
|
| 458 | - * multiplication operators and ensuring that our code always takes |
|
| 459 | - * the same number of operations to complete, regardless of the values |
|
| 460 | - * of $a and $b. |
|
| 461 | - * |
|
| 462 | - * @internal You should not use this directly from another application |
|
| 463 | - * |
|
| 464 | - * @param int $a |
|
| 465 | - * @param int $b |
|
| 466 | - * @param int $size Limits the number of operations (useful for small, |
|
| 467 | - * constant operands) |
|
| 468 | - * @return int |
|
| 469 | - */ |
|
| 470 | - public static function mul($a, $b, $size = 0) |
|
| 471 | - { |
|
| 472 | - if (ParagonIE_Sodium_Compat::$fastMult) { |
|
| 473 | - return (int) ($a * $b); |
|
| 474 | - } |
|
| 475 | - |
|
| 476 | - static $defaultSize = null; |
|
| 477 | - if (!$defaultSize) { |
|
| 478 | - $defaultSize = (PHP_INT_SIZE << 3) - 1; |
|
| 479 | - } |
|
| 480 | - if ($size < 1) { |
|
| 481 | - $size = $defaultSize; |
|
| 482 | - } |
|
| 483 | - |
|
| 484 | - $c = 0; |
|
| 485 | - |
|
| 486 | - /** |
|
| 487 | - * Mask is either -1 or 0. |
|
| 488 | - * |
|
| 489 | - * -1 in binary looks like 0x1111 ... 1111 |
|
| 490 | - * 0 in binary looks like 0x0000 ... 0000 |
|
| 491 | - * |
|
| 492 | - * @var int |
|
| 493 | - */ |
|
| 494 | - $mask = -(($b >> $size) & 1); |
|
| 495 | - |
|
| 496 | - /** |
|
| 497 | - * Ensure $b is a positive integer, without creating |
|
| 498 | - * a branching side-channel |
|
| 499 | - */ |
|
| 500 | - $b = ($b & ~$mask) | ($mask & -$b); |
|
| 501 | - |
|
| 502 | - /** |
|
| 503 | - * This loop always runs 32 times when PHP_INT_SIZE is 4. |
|
| 504 | - * This loop always runs 64 times when PHP_INT_SIZE is 8. |
|
| 505 | - */ |
|
| 506 | - for ($i = $size; $i >= 0; --$i) { |
|
| 507 | - $c += (int) ($a & -($b & 1)); |
|
| 508 | - $a <<= 1; |
|
| 509 | - $b >>= 1; |
|
| 510 | - } |
|
| 511 | - |
|
| 512 | - /** |
|
| 513 | - * If $b was negative, we then apply the same value to $c here. |
|
| 514 | - * It doesn't matter much if $a was negative; the $c += above would |
|
| 515 | - * have produced a negative integer to begin with. But a negative $b |
|
| 516 | - * makes $b >>= 1 never return 0, so we would end up with incorrect |
|
| 517 | - * results. |
|
| 518 | - * |
|
| 519 | - * The end result is what we'd expect from integer multiplication. |
|
| 520 | - */ |
|
| 521 | - return (int) (($c & ~$mask) | ($mask & -$c)); |
|
| 522 | - } |
|
| 523 | - |
|
| 524 | - /** |
|
| 525 | - * Convert any arbitrary numbers into two 32-bit integers that represent |
|
| 526 | - * a 64-bit integer. |
|
| 527 | - * |
|
| 528 | - * @internal You should not use this directly from another application |
|
| 529 | - * |
|
| 530 | - * @param int|float $num |
|
| 531 | - * @return array<int, int> |
|
| 532 | - */ |
|
| 533 | - public static function numericTo64BitInteger($num) |
|
| 534 | - { |
|
| 535 | - $high = 0; |
|
| 536 | - $low = $num & 0xffffffff; |
|
| 537 | - |
|
| 538 | - if ((+(abs($num))) >= 1) { |
|
| 539 | - if ($num > 0) { |
|
| 540 | - $high = min((+(floor($num/4294967296))), 4294967295); |
|
| 541 | - } else { |
|
| 542 | - $high = ~~((+(ceil(($num - (+((~~($num)))))/4294967296)))); |
|
| 543 | - } |
|
| 544 | - } |
|
| 545 | - return array((int) $high, (int) $low); |
|
| 546 | - } |
|
| 547 | - |
|
| 548 | - /** |
|
| 549 | - * Store a 24-bit integer into a string, treating it as big-endian. |
|
| 550 | - * |
|
| 551 | - * @internal You should not use this directly from another application |
|
| 552 | - * |
|
| 553 | - * @param int $int |
|
| 554 | - * @return string |
|
| 555 | - * @throws TypeError |
|
| 556 | - */ |
|
| 557 | - public static function store_3($int) |
|
| 558 | - { |
|
| 559 | - /* Type checks: */ |
|
| 560 | - if (!is_int($int)) { |
|
| 561 | - if (is_numeric($int)) { |
|
| 562 | - $int = (int) $int; |
|
| 563 | - } else { |
|
| 564 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 565 | - } |
|
| 566 | - } |
|
| 567 | - |
|
| 568 | - return self::intToChr(($int >> 16) & 0xff) . |
|
| 569 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 570 | - self::intToChr($int & 0xff); |
|
| 571 | - } |
|
| 572 | - |
|
| 573 | - /** |
|
| 574 | - * Store a 32-bit integer into a string, treating it as little-endian. |
|
| 575 | - * |
|
| 576 | - * @internal You should not use this directly from another application |
|
| 577 | - * |
|
| 578 | - * @param int $int |
|
| 579 | - * @return string |
|
| 580 | - * @throws TypeError |
|
| 581 | - */ |
|
| 582 | - public static function store32_le($int) |
|
| 583 | - { |
|
| 584 | - /* Type checks: */ |
|
| 585 | - if (!is_int($int)) { |
|
| 586 | - if (is_numeric($int)) { |
|
| 587 | - $int = (int) $int; |
|
| 588 | - } else { |
|
| 589 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 590 | - } |
|
| 591 | - } |
|
| 592 | - |
|
| 593 | - return self::intToChr($int & 0xff) . |
|
| 594 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 595 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 596 | - self::intToChr(($int >> 24) & 0xff); |
|
| 597 | - } |
|
| 598 | - |
|
| 599 | - /** |
|
| 600 | - * Store a 32-bit integer into a string, treating it as big-endian. |
|
| 601 | - * |
|
| 602 | - * @internal You should not use this directly from another application |
|
| 603 | - * |
|
| 604 | - * @param int $int |
|
| 605 | - * @return string |
|
| 606 | - * @throws TypeError |
|
| 607 | - */ |
|
| 608 | - public static function store_4($int) |
|
| 609 | - { |
|
| 610 | - /* Type checks: */ |
|
| 611 | - if (!is_int($int)) { |
|
| 612 | - if (is_numeric($int)) { |
|
| 613 | - $int = (int) $int; |
|
| 614 | - } else { |
|
| 615 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 616 | - } |
|
| 617 | - } |
|
| 618 | - |
|
| 619 | - return self::intToChr(($int >> 24) & 0xff) . |
|
| 620 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 621 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 622 | - self::intToChr($int & 0xff); |
|
| 623 | - } |
|
| 624 | - |
|
| 625 | - /** |
|
| 626 | - * Stores a 64-bit integer as an string, treating it as little-endian. |
|
| 627 | - * |
|
| 628 | - * @internal You should not use this directly from another application |
|
| 629 | - * |
|
| 630 | - * @param int $int |
|
| 631 | - * @return string |
|
| 632 | - * @throws TypeError |
|
| 633 | - */ |
|
| 634 | - public static function store64_le($int) |
|
| 635 | - { |
|
| 636 | - /* Type checks: */ |
|
| 637 | - if (!is_int($int)) { |
|
| 638 | - if (is_numeric($int)) { |
|
| 639 | - $int = (int) $int; |
|
| 640 | - } else { |
|
| 641 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 642 | - } |
|
| 643 | - } |
|
| 644 | - |
|
| 645 | - if (PHP_INT_SIZE === 8) { |
|
| 646 | - return self::intToChr($int & 0xff) . |
|
| 647 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 648 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 649 | - self::intToChr(($int >> 24) & 0xff) . |
|
| 650 | - self::intToChr(($int >> 32) & 0xff) . |
|
| 651 | - self::intToChr(($int >> 40) & 0xff) . |
|
| 652 | - self::intToChr(($int >> 48) & 0xff) . |
|
| 653 | - self::intToChr(($int >> 56) & 0xff); |
|
| 654 | - } |
|
| 655 | - if ($int > PHP_INT_MAX) { |
|
| 656 | - list($hiB, $int) = self::numericTo64BitInteger($int); |
|
| 657 | - } else { |
|
| 658 | - $hiB = 0; |
|
| 659 | - } |
|
| 660 | - return |
|
| 661 | - self::intToChr(($int ) & 0xff) . |
|
| 662 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 663 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 664 | - self::intToChr(($int >> 24) & 0xff) . |
|
| 665 | - self::intToChr($hiB & 0xff) . |
|
| 666 | - self::intToChr(($hiB >> 8) & 0xff) . |
|
| 667 | - self::intToChr(($hiB >> 16) & 0xff) . |
|
| 668 | - self::intToChr(($hiB >> 24) & 0xff); |
|
| 669 | - } |
|
| 670 | - |
|
| 671 | - /** |
|
| 672 | - * Safe string length |
|
| 673 | - * |
|
| 674 | - * @internal You should not use this directly from another application |
|
| 675 | - * |
|
| 676 | - * @ref mbstring.func_overload |
|
| 677 | - * |
|
| 678 | - * @param string $str |
|
| 679 | - * @return int |
|
| 680 | - * @throws TypeError |
|
| 681 | - */ |
|
| 682 | - public static function strlen($str) |
|
| 683 | - { |
|
| 684 | - /* Type checks: */ |
|
| 685 | - if (!is_string($str)) { |
|
| 686 | - throw new TypeError('String expected'); |
|
| 687 | - } |
|
| 688 | - |
|
| 689 | - return (int) ( |
|
| 690 | - self::isMbStringOverride() |
|
| 691 | - ? mb_strlen($str, '8bit') |
|
| 692 | - : strlen($str) |
|
| 693 | - ); |
|
| 694 | - } |
|
| 695 | - |
|
| 696 | - /** |
|
| 697 | - * Turn a string into an array of integers |
|
| 698 | - * |
|
| 699 | - * @internal You should not use this directly from another application |
|
| 700 | - * |
|
| 701 | - * @param string $string |
|
| 702 | - * @return array<int, int> |
|
| 703 | - * @throws TypeError |
|
| 704 | - */ |
|
| 705 | - public static function stringToIntArray($string) |
|
| 706 | - { |
|
| 707 | - if (!is_string($string)) { |
|
| 708 | - throw new TypeError('String expected'); |
|
| 709 | - } |
|
| 710 | - /** |
|
| 711 | - * @var array<int, int> |
|
| 712 | - */ |
|
| 713 | - $values = array_values( |
|
| 714 | - unpack('C*', $string) |
|
| 715 | - ); |
|
| 716 | - return $values; |
|
| 717 | - } |
|
| 718 | - |
|
| 719 | - /** |
|
| 720 | - * Safe substring |
|
| 721 | - * |
|
| 722 | - * @internal You should not use this directly from another application |
|
| 723 | - * |
|
| 724 | - * @ref mbstring.func_overload |
|
| 725 | - * |
|
| 726 | - * @param string $str |
|
| 727 | - * @param int $start |
|
| 728 | - * @param int $length |
|
| 729 | - * @return string |
|
| 730 | - * @throws TypeError |
|
| 731 | - */ |
|
| 732 | - public static function substr($str, $start = 0, $length = null) |
|
| 733 | - { |
|
| 734 | - /* Type checks: */ |
|
| 735 | - if (!is_string($str)) { |
|
| 736 | - throw new TypeError('String expected'); |
|
| 737 | - } |
|
| 738 | - |
|
| 739 | - if ($length === 0) { |
|
| 740 | - return ''; |
|
| 741 | - } |
|
| 742 | - |
|
| 743 | - if (self::isMbStringOverride()) { |
|
| 744 | - if (PHP_VERSION_ID < 50400 && $length === null) { |
|
| 745 | - $length = self::strlen($str); |
|
| 746 | - } |
|
| 747 | - $sub = (string) mb_substr($str, $start, $length, '8bit'); |
|
| 748 | - } elseif ($length === null) { |
|
| 749 | - $sub = (string) substr($str, $start); |
|
| 750 | - } else { |
|
| 751 | - $sub = (string) substr($str, $start, $length); |
|
| 752 | - } |
|
| 753 | - if (isset($sub)) { |
|
| 754 | - return $sub; |
|
| 755 | - } |
|
| 756 | - return ''; |
|
| 757 | - } |
|
| 758 | - |
|
| 759 | - /** |
|
| 760 | - * Compare a 16-character byte string in constant time. |
|
| 761 | - * |
|
| 762 | - * @internal You should not use this directly from another application |
|
| 763 | - * |
|
| 764 | - * @param string $a |
|
| 765 | - * @param string $b |
|
| 766 | - * @return bool |
|
| 767 | - * @throws TypeError |
|
| 768 | - */ |
|
| 769 | - public static function verify_16($a, $b) |
|
| 770 | - { |
|
| 771 | - /* Type checks: */ |
|
| 772 | - if (!is_string($a)) { |
|
| 773 | - throw new TypeError('String expected'); |
|
| 774 | - } |
|
| 775 | - if (!is_string($b)) { |
|
| 776 | - throw new TypeError('String expected'); |
|
| 777 | - } |
|
| 778 | - return self::hashEquals( |
|
| 779 | - self::substr($a, 0, 16), |
|
| 780 | - self::substr($b, 0, 16) |
|
| 781 | - ); |
|
| 782 | - } |
|
| 783 | - |
|
| 784 | - /** |
|
| 785 | - * Compare a 32-character byte string in constant time. |
|
| 786 | - * |
|
| 787 | - * @internal You should not use this directly from another application |
|
| 788 | - * |
|
| 789 | - * @param string $a |
|
| 790 | - * @param string $b |
|
| 791 | - * @return bool |
|
| 792 | - * @throws TypeError |
|
| 793 | - */ |
|
| 794 | - public static function verify_32($a, $b) |
|
| 795 | - { |
|
| 796 | - /* Type checks: */ |
|
| 797 | - if (!is_string($a)) { |
|
| 798 | - throw new TypeError('String expected'); |
|
| 799 | - } |
|
| 800 | - if (!is_string($b)) { |
|
| 801 | - throw new TypeError('String expected'); |
|
| 802 | - } |
|
| 803 | - return self::hashEquals( |
|
| 804 | - self::substr($a, 0, 32), |
|
| 805 | - self::substr($b, 0, 32) |
|
| 806 | - ); |
|
| 807 | - } |
|
| 808 | - |
|
| 809 | - /** |
|
| 810 | - * Calculate $a ^ $b for two strings. |
|
| 811 | - * |
|
| 812 | - * @internal You should not use this directly from another application |
|
| 813 | - * |
|
| 814 | - * @param string $a |
|
| 815 | - * @param string $b |
|
| 816 | - * @return string |
|
| 817 | - * @throws TypeError |
|
| 818 | - */ |
|
| 819 | - public static function xorStrings($a, $b) |
|
| 820 | - { |
|
| 821 | - /* Type checks: */ |
|
| 822 | - if (!is_string($a)) { |
|
| 823 | - throw new TypeError('Argument 1 must be a string'); |
|
| 824 | - } |
|
| 825 | - if (!is_string($b)) { |
|
| 826 | - throw new TypeError('Argument 2 must be a string'); |
|
| 827 | - } |
|
| 828 | - |
|
| 829 | - return $a ^ $b; |
|
| 830 | - } |
|
| 831 | - |
|
| 832 | - /** |
|
| 833 | - * Returns whether or not mbstring.func_overload is in effect. |
|
| 834 | - * |
|
| 835 | - * @internal You should not use this directly from another application |
|
| 836 | - * |
|
| 837 | - * @return bool |
|
| 838 | - */ |
|
| 839 | - protected static function isMbStringOverride() |
|
| 840 | - { |
|
| 841 | - static $mbstring = null; |
|
| 842 | - |
|
| 843 | - if ($mbstring === null) { |
|
| 844 | - $mbstring = extension_loaded('mbstring') |
|
| 845 | - && |
|
| 846 | - (ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING); |
|
| 847 | - } |
|
| 848 | - |
|
| 849 | - return $mbstring; |
|
| 850 | - } |
|
| 12 | + /** |
|
| 13 | + * Convert a binary string into a hexadecimal string without cache-timing |
|
| 14 | + * leaks |
|
| 15 | + * |
|
| 16 | + * @internal You should not use this directly from another application |
|
| 17 | + * |
|
| 18 | + * @param string $binaryString (raw binary) |
|
| 19 | + * @return string |
|
| 20 | + * @throws TypeError |
|
| 21 | + */ |
|
| 22 | + public static function bin2hex($binaryString) |
|
| 23 | + { |
|
| 24 | + /* Type checks: */ |
|
| 25 | + if (!is_string($binaryString)) { |
|
| 26 | + throw new TypeError('Argument 1 must be a string, ' . gettype($binaryString) . ' given.'); |
|
| 27 | + } |
|
| 28 | + |
|
| 29 | + $hex = ''; |
|
| 30 | + $len = self::strlen($binaryString); |
|
| 31 | + for ($i = 0; $i < $len; ++$i) { |
|
| 32 | + $chunk = unpack('C', self::substr($binaryString, $i, 2)); |
|
| 33 | + $c = $chunk[1] & 0xf; |
|
| 34 | + $b = $chunk[1] >> 4; |
|
| 35 | + $hex .= pack( |
|
| 36 | + 'CC', |
|
| 37 | + (87 + $b + ((($b - 10) >> 8) & ~38)), |
|
| 38 | + (87 + $c + ((($c - 10) >> 8) & ~38)) |
|
| 39 | + ); |
|
| 40 | + } |
|
| 41 | + return $hex; |
|
| 42 | + } |
|
| 43 | + |
|
| 44 | + /** |
|
| 45 | + * Convert a binary string into a hexadecimal string without cache-timing |
|
| 46 | + * leaks, returning uppercase letters (as per RFC 4648) |
|
| 47 | + * |
|
| 48 | + * @internal You should not use this directly from another application |
|
| 49 | + * |
|
| 50 | + * @param string $bin_string (raw binary) |
|
| 51 | + * @return string |
|
| 52 | + */ |
|
| 53 | + public static function bin2hexUpper($bin_string) |
|
| 54 | + { |
|
| 55 | + $hex = ''; |
|
| 56 | + $len = self::strlen($bin_string); |
|
| 57 | + for ($i = 0; $i < $len; ++$i) { |
|
| 58 | + $chunk = unpack('C', self::substr($bin_string, $i, 2)); |
|
| 59 | + /** |
|
| 60 | + * Lower 16 bits |
|
| 61 | + * |
|
| 62 | + * @var int |
|
| 63 | + */ |
|
| 64 | + $c = $chunk[1] & 0xf; |
|
| 65 | + |
|
| 66 | + /** |
|
| 67 | + * Upper 16 bits |
|
| 68 | + * @var int |
|
| 69 | + */ |
|
| 70 | + $b = $chunk[1] >> 4; |
|
| 71 | + |
|
| 72 | + /** |
|
| 73 | + * Use pack() and binary operators to turn the two integers |
|
| 74 | + * into hexadecimal characters. We don't use chr() here, because |
|
| 75 | + * it uses a lookup table internally and we want to avoid |
|
| 76 | + * cache-timing side-channels. |
|
| 77 | + */ |
|
| 78 | + $hex .= pack( |
|
| 79 | + 'CC', |
|
| 80 | + (55 + $b + ((($b - 10) >> 8) & ~6)), |
|
| 81 | + (55 + $c + ((($c - 10) >> 8) & ~6)) |
|
| 82 | + ); |
|
| 83 | + } |
|
| 84 | + return $hex; |
|
| 85 | + } |
|
| 86 | + |
|
| 87 | + /** |
|
| 88 | + * Cache-timing-safe variant of ord() |
|
| 89 | + * |
|
| 90 | + * @internal You should not use this directly from another application |
|
| 91 | + * |
|
| 92 | + * @param string $chr |
|
| 93 | + * @return int |
|
| 94 | + * @throws Error |
|
| 95 | + */ |
|
| 96 | + public static function chrToInt($chr) |
|
| 97 | + { |
|
| 98 | + /* Type checks: */ |
|
| 99 | + if (!is_string($chr)) { |
|
| 100 | + throw new TypeError('Argument 1 must be a string, ' . gettype($chr) . ' given.'); |
|
| 101 | + } |
|
| 102 | + if (self::strlen($chr) !== 1) { |
|
| 103 | + throw new Error('chrToInt() expects a string that is exactly 1 character long'); |
|
| 104 | + } |
|
| 105 | + $chunk = unpack('C', $chr); |
|
| 106 | + return $chunk[1]; |
|
| 107 | + } |
|
| 108 | + |
|
| 109 | + /** |
|
| 110 | + * Compares two strings. |
|
| 111 | + * |
|
| 112 | + * @internal You should not use this directly from another application |
|
| 113 | + * |
|
| 114 | + * @param string $left |
|
| 115 | + * @param string $right |
|
| 116 | + * @param int $len |
|
| 117 | + * @return int |
|
| 118 | + */ |
|
| 119 | + public static function compare($left, $right, $len = null) |
|
| 120 | + { |
|
| 121 | + $leftLen = self::strlen($left); |
|
| 122 | + $rightLen = self::strlen($right); |
|
| 123 | + if ($len === null) { |
|
| 124 | + $len = max($leftLen, $rightLen); |
|
| 125 | + $left = str_pad($left, $len, "\x00", STR_PAD_RIGHT); |
|
| 126 | + $right = str_pad($right, $len, "\x00", STR_PAD_RIGHT); |
|
| 127 | + } |
|
| 128 | + |
|
| 129 | + $gt = 0; |
|
| 130 | + $eq = 1; |
|
| 131 | + $i = $len; |
|
| 132 | + while ($i !== 0) { |
|
| 133 | + --$i; |
|
| 134 | + $gt |= ((self::chrToInt($right[$i]) - self::chrToInt($left[$i])) >> 8) & $eq; |
|
| 135 | + $eq &= ((self::chrToInt($right[$i]) ^ self::chrToInt($left[$i])) - 1) >> 8; |
|
| 136 | + } |
|
| 137 | + return ($gt + $gt + $eq) - 1; |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + /** |
|
| 141 | + * If a variable does not match a given type, throw a TypeError. |
|
| 142 | + * |
|
| 143 | + * @param mixed $mixedVar |
|
| 144 | + * @param string $type |
|
| 145 | + * @param int $argumentIndex |
|
| 146 | + * @throws TypeError |
|
| 147 | + * @throws Error |
|
| 148 | + * @return void |
|
| 149 | + */ |
|
| 150 | + public static function declareScalarType(&$mixedVar = null, $type = 'void', $argumentIndex = 0) |
|
| 151 | + { |
|
| 152 | + if (func_num_args() === 0) { |
|
| 153 | + /* Tautology, by default */ |
|
| 154 | + return; |
|
| 155 | + } |
|
| 156 | + if (func_num_args() === 1) { |
|
| 157 | + throw new TypeError('Declared void, but passed a variable'); |
|
| 158 | + } |
|
| 159 | + $realType = strtolower(gettype($mixedVar)); |
|
| 160 | + $type = strtolower($type); |
|
| 161 | + switch ($type) { |
|
| 162 | + case 'null': |
|
| 163 | + if ($mixedVar !== null) { |
|
| 164 | + throw new TypeError('Argument ' . $argumentIndex . ' must be null, ' . $realType . ' given.'); |
|
| 165 | + } |
|
| 166 | + break; |
|
| 167 | + case 'integer': |
|
| 168 | + case 'int': |
|
| 169 | + $allow = array('int', 'integer'); |
|
| 170 | + if (!in_array($type, $allow)) { |
|
| 171 | + throw new TypeError('Argument ' . $argumentIndex . ' must be an integer, ' . $realType . ' given.'); |
|
| 172 | + } |
|
| 173 | + $mixedVar = (int) $mixedVar; |
|
| 174 | + break; |
|
| 175 | + case 'boolean': |
|
| 176 | + case 'bool': |
|
| 177 | + $allow = array('bool', 'boolean'); |
|
| 178 | + if (!in_array($type, $allow)) { |
|
| 179 | + throw new TypeError('Argument ' . $argumentIndex . ' must be a boolean, ' . $realType . ' given.'); |
|
| 180 | + } |
|
| 181 | + $mixedVar = (bool) $mixedVar; |
|
| 182 | + break; |
|
| 183 | + case 'string': |
|
| 184 | + if (!is_string($mixedVar)) { |
|
| 185 | + throw new TypeError('Argument ' . $argumentIndex . ' must be a string, ' . $realType . ' given.'); |
|
| 186 | + } |
|
| 187 | + $mixedVar = (string) $mixedVar; |
|
| 188 | + break; |
|
| 189 | + case 'decimal': |
|
| 190 | + case 'double': |
|
| 191 | + case 'float': |
|
| 192 | + $allow = array('decimal', 'double', 'float'); |
|
| 193 | + if (!in_array($type, $allow)) { |
|
| 194 | + throw new TypeError('Argument ' . $argumentIndex . ' must be a float, ' . $realType . ' given.'); |
|
| 195 | + } |
|
| 196 | + $mixedVar = (float) $mixedVar; |
|
| 197 | + break; |
|
| 198 | + case 'object': |
|
| 199 | + if (!is_object($mixedVar)) { |
|
| 200 | + throw new TypeError('Argument ' . $argumentIndex . ' must be an object, ' . $realType . ' given.'); |
|
| 201 | + } |
|
| 202 | + break; |
|
| 203 | + case 'array': |
|
| 204 | + if (!is_array($mixedVar)) { |
|
| 205 | + if (is_object($mixedVar)) { |
|
| 206 | + if ($mixedVar instanceof ArrayAccess) { |
|
| 207 | + return; |
|
| 208 | + } |
|
| 209 | + } |
|
| 210 | + throw new TypeError('Argument ' . $argumentIndex . ' must be an array, ' . $realType . ' given.'); |
|
| 211 | + } |
|
| 212 | + break; |
|
| 213 | + default: |
|
| 214 | + throw new Error('Unknown type (' . $realType .') does not match expect type (' . $type . ')'); |
|
| 215 | + } |
|
| 216 | + } |
|
| 217 | + |
|
| 218 | + /** |
|
| 219 | + * Evaluate whether or not two strings are equal (in constant-time) |
|
| 220 | + * |
|
| 221 | + * @param string $left |
|
| 222 | + * @param string $right |
|
| 223 | + * @return bool |
|
| 224 | + * @throws TypeError |
|
| 225 | + */ |
|
| 226 | + public static function hashEquals($left, $right) |
|
| 227 | + { |
|
| 228 | + /* Type checks: */ |
|
| 229 | + if (!is_string($left)) { |
|
| 230 | + throw new TypeError('Argument 1 must be a string, ' . gettype($left) . ' given.'); |
|
| 231 | + } |
|
| 232 | + if (!is_string($right)) { |
|
| 233 | + throw new TypeError('Argument 2 must be a string, ' . gettype($right) . ' given.'); |
|
| 234 | + } |
|
| 235 | + |
|
| 236 | + if (is_callable('hash_equals')) { |
|
| 237 | + return hash_equals($left, $right); |
|
| 238 | + } |
|
| 239 | + $d = 0; |
|
| 240 | + $len = self::strlen($left); |
|
| 241 | + if ($len !== self::strlen($right)) { |
|
| 242 | + return false; |
|
| 243 | + } |
|
| 244 | + for ($i = 0; $i < $len; ++$i) { |
|
| 245 | + $d |= self::chrToInt($left[$i]) ^ self::chrToInt($right[$i]); |
|
| 246 | + } |
|
| 247 | + |
|
| 248 | + if ($d !== 0) { |
|
| 249 | + return false; |
|
| 250 | + } |
|
| 251 | + return $left === $right; |
|
| 252 | + } |
|
| 253 | + |
|
| 254 | + /** |
|
| 255 | + * Convert a hexadecimal string into a binary string without cache-timing |
|
| 256 | + * leaks |
|
| 257 | + * |
|
| 258 | + * @internal You should not use this directly from another application |
|
| 259 | + * |
|
| 260 | + * @param string $hexString |
|
| 261 | + * @param bool $strictPadding |
|
| 262 | + * @return string (raw binary) |
|
| 263 | + * @throws RangeException |
|
| 264 | + * @throws TypeError |
|
| 265 | + */ |
|
| 266 | + public static function hex2bin($hexString, $strictPadding = false) |
|
| 267 | + { |
|
| 268 | + /* Type checks: */ |
|
| 269 | + if (!is_string($hexString)) { |
|
| 270 | + throw new TypeError('Argument 1 must be a string, ' . gettype($hexString) . ' given.'); |
|
| 271 | + } |
|
| 272 | + |
|
| 273 | + $hex_pos = 0; |
|
| 274 | + $bin = ''; |
|
| 275 | + $c_acc = 0; |
|
| 276 | + $hex_len = self::strlen($hexString); |
|
| 277 | + $state = 0; |
|
| 278 | + if (($hex_len & 1) !== 0) { |
|
| 279 | + if ($strictPadding) { |
|
| 280 | + throw new RangeException( |
|
| 281 | + 'Expected an even number of hexadecimal characters' |
|
| 282 | + ); |
|
| 283 | + } else { |
|
| 284 | + $hexString = '0' . $hexString; |
|
| 285 | + ++$hex_len; |
|
| 286 | + } |
|
| 287 | + } |
|
| 288 | + |
|
| 289 | + $chunk = unpack('C*', $hexString); |
|
| 290 | + while ($hex_pos < $hex_len) { |
|
| 291 | + ++$hex_pos; |
|
| 292 | + $c = $chunk[$hex_pos]; |
|
| 293 | + $c_num = $c ^ 48; |
|
| 294 | + $c_num0 = ($c_num - 10) >> 8; |
|
| 295 | + $c_alpha = ($c & ~32) - 55; |
|
| 296 | + $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; |
|
| 297 | + if (($c_num0 | $c_alpha0) === 0) { |
|
| 298 | + throw new RangeException( |
|
| 299 | + 'hex2bin() only expects hexadecimal characters' |
|
| 300 | + ); |
|
| 301 | + } |
|
| 302 | + $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); |
|
| 303 | + if ($state === 0) { |
|
| 304 | + $c_acc = $c_val * 16; |
|
| 305 | + } else { |
|
| 306 | + $bin .= pack('C', $c_acc | $c_val); |
|
| 307 | + } |
|
| 308 | + $state ^= 1; |
|
| 309 | + } |
|
| 310 | + return $bin; |
|
| 311 | + } |
|
| 312 | + |
|
| 313 | + /** |
|
| 314 | + * Turn an array of integers into a string |
|
| 315 | + * |
|
| 316 | + * @internal You should not use this directly from another application |
|
| 317 | + * |
|
| 318 | + * @param array<int, int> $ints |
|
| 319 | + * @return string |
|
| 320 | + */ |
|
| 321 | + public static function intArrayToString(array $ints) |
|
| 322 | + { |
|
| 323 | + $args = $ints; |
|
| 324 | + foreach ($args as $i => $v) { |
|
| 325 | + $args[$i] = $v & 0xff; |
|
| 326 | + } |
|
| 327 | + array_unshift($args, str_repeat('C', count($ints))); |
|
| 328 | + return call_user_func_array('pack', $args); |
|
| 329 | + } |
|
| 330 | + |
|
| 331 | + /** |
|
| 332 | + * Cache-timing-safe variant of ord() |
|
| 333 | + * |
|
| 334 | + * @internal You should not use this directly from another application |
|
| 335 | + * |
|
| 336 | + * @param int $int |
|
| 337 | + * @return string |
|
| 338 | + * @throws TypeError |
|
| 339 | + */ |
|
| 340 | + public static function intToChr($int) |
|
| 341 | + { |
|
| 342 | + return pack('C', $int); |
|
| 343 | + } |
|
| 344 | + |
|
| 345 | + /** |
|
| 346 | + * Load a 3 character substring into an integer |
|
| 347 | + * |
|
| 348 | + * @internal You should not use this directly from another application |
|
| 349 | + * |
|
| 350 | + * @param string $string |
|
| 351 | + * @return int |
|
| 352 | + * @throws RangeException |
|
| 353 | + * @throws TypeError |
|
| 354 | + */ |
|
| 355 | + public static function load_3($string) |
|
| 356 | + { |
|
| 357 | + /* Type checks: */ |
|
| 358 | + if (!is_string($string)) { |
|
| 359 | + throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 360 | + } |
|
| 361 | + |
|
| 362 | + /* Input validation: */ |
|
| 363 | + if (self::strlen($string) < 3) { |
|
| 364 | + throw new RangeException( |
|
| 365 | + 'String must be 3 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 366 | + ); |
|
| 367 | + } |
|
| 368 | + $result = self::chrToInt($string[0]); |
|
| 369 | + $result |= self::chrToInt($string[1]) << 8; |
|
| 370 | + $result |= self::chrToInt($string[2]) << 16; |
|
| 371 | + return $result & 0xffffff; |
|
| 372 | + } |
|
| 373 | + |
|
| 374 | + /** |
|
| 375 | + * Load a 4 character substring into an integer |
|
| 376 | + * |
|
| 377 | + * @internal You should not use this directly from another application |
|
| 378 | + * |
|
| 379 | + * @param string $string |
|
| 380 | + * @return int |
|
| 381 | + * @throws RangeException |
|
| 382 | + * @throws TypeError |
|
| 383 | + */ |
|
| 384 | + public static function load_4($string) |
|
| 385 | + { |
|
| 386 | + /* Type checks: */ |
|
| 387 | + if (!is_string($string)) { |
|
| 388 | + throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 389 | + } |
|
| 390 | + |
|
| 391 | + /* Input validation: */ |
|
| 392 | + if (self::strlen($string) < 4) { |
|
| 393 | + throw new RangeException( |
|
| 394 | + 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 395 | + ); |
|
| 396 | + } |
|
| 397 | + $result = (self::chrToInt($string[0]) & 0xff); |
|
| 398 | + $result |= (self::chrToInt($string[1]) & 0xff) << 8; |
|
| 399 | + $result |= (self::chrToInt($string[2]) & 0xff) << 16; |
|
| 400 | + $result |= (self::chrToInt($string[3]) & 0xff) << 24; |
|
| 401 | + return $result & 0xffffffff; |
|
| 402 | + } |
|
| 403 | + |
|
| 404 | + /** |
|
| 405 | + * Load a 8 character substring into an integer |
|
| 406 | + * |
|
| 407 | + * @internal You should not use this directly from another application |
|
| 408 | + * |
|
| 409 | + * @param string $string |
|
| 410 | + * @return int |
|
| 411 | + * @throws RangeException |
|
| 412 | + * @throws TypeError |
|
| 413 | + */ |
|
| 414 | + public static function load64_le($string) |
|
| 415 | + { |
|
| 416 | + /* Type checks: */ |
|
| 417 | + if (!is_string($string)) { |
|
| 418 | + throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 419 | + } |
|
| 420 | + |
|
| 421 | + /* Input validation: */ |
|
| 422 | + if (self::strlen($string) < 4) { |
|
| 423 | + throw new RangeException( |
|
| 424 | + 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 425 | + ); |
|
| 426 | + } |
|
| 427 | + $result = (self::chrToInt($string[0]) & 0xff); |
|
| 428 | + $result |= (self::chrToInt($string[1]) & 0xff) << 8; |
|
| 429 | + $result |= (self::chrToInt($string[2]) & 0xff) << 16; |
|
| 430 | + $result |= (self::chrToInt($string[3]) & 0xff) << 24; |
|
| 431 | + $result |= (self::chrToInt($string[4]) & 0xff) << 32; |
|
| 432 | + $result |= (self::chrToInt($string[5]) & 0xff) << 40; |
|
| 433 | + $result |= (self::chrToInt($string[6]) & 0xff) << 48; |
|
| 434 | + $result |= (self::chrToInt($string[7]) & 0xff) << 56; |
|
| 435 | + return (int) $result; |
|
| 436 | + } |
|
| 437 | + |
|
| 438 | + /** |
|
| 439 | + * @internal You should not use this directly from another application |
|
| 440 | + * |
|
| 441 | + * @param string $left |
|
| 442 | + * @param string $right |
|
| 443 | + * @return int |
|
| 444 | + */ |
|
| 445 | + public static function memcmp($left, $right) |
|
| 446 | + { |
|
| 447 | + if (self::hashEquals($left, $right)) { |
|
| 448 | + return 0; |
|
| 449 | + } |
|
| 450 | + return -1; |
|
| 451 | + } |
|
| 452 | + |
|
| 453 | + /** |
|
| 454 | + * Multiply two integers in constant-time |
|
| 455 | + * |
|
| 456 | + * Micro-architecture timing side-channels caused by how your CPU |
|
| 457 | + * implements multiplication are best prevented by never using the |
|
| 458 | + * multiplication operators and ensuring that our code always takes |
|
| 459 | + * the same number of operations to complete, regardless of the values |
|
| 460 | + * of $a and $b. |
|
| 461 | + * |
|
| 462 | + * @internal You should not use this directly from another application |
|
| 463 | + * |
|
| 464 | + * @param int $a |
|
| 465 | + * @param int $b |
|
| 466 | + * @param int $size Limits the number of operations (useful for small, |
|
| 467 | + * constant operands) |
|
| 468 | + * @return int |
|
| 469 | + */ |
|
| 470 | + public static function mul($a, $b, $size = 0) |
|
| 471 | + { |
|
| 472 | + if (ParagonIE_Sodium_Compat::$fastMult) { |
|
| 473 | + return (int) ($a * $b); |
|
| 474 | + } |
|
| 475 | + |
|
| 476 | + static $defaultSize = null; |
|
| 477 | + if (!$defaultSize) { |
|
| 478 | + $defaultSize = (PHP_INT_SIZE << 3) - 1; |
|
| 479 | + } |
|
| 480 | + if ($size < 1) { |
|
| 481 | + $size = $defaultSize; |
|
| 482 | + } |
|
| 483 | + |
|
| 484 | + $c = 0; |
|
| 485 | + |
|
| 486 | + /** |
|
| 487 | + * Mask is either -1 or 0. |
|
| 488 | + * |
|
| 489 | + * -1 in binary looks like 0x1111 ... 1111 |
|
| 490 | + * 0 in binary looks like 0x0000 ... 0000 |
|
| 491 | + * |
|
| 492 | + * @var int |
|
| 493 | + */ |
|
| 494 | + $mask = -(($b >> $size) & 1); |
|
| 495 | + |
|
| 496 | + /** |
|
| 497 | + * Ensure $b is a positive integer, without creating |
|
| 498 | + * a branching side-channel |
|
| 499 | + */ |
|
| 500 | + $b = ($b & ~$mask) | ($mask & -$b); |
|
| 501 | + |
|
| 502 | + /** |
|
| 503 | + * This loop always runs 32 times when PHP_INT_SIZE is 4. |
|
| 504 | + * This loop always runs 64 times when PHP_INT_SIZE is 8. |
|
| 505 | + */ |
|
| 506 | + for ($i = $size; $i >= 0; --$i) { |
|
| 507 | + $c += (int) ($a & -($b & 1)); |
|
| 508 | + $a <<= 1; |
|
| 509 | + $b >>= 1; |
|
| 510 | + } |
|
| 511 | + |
|
| 512 | + /** |
|
| 513 | + * If $b was negative, we then apply the same value to $c here. |
|
| 514 | + * It doesn't matter much if $a was negative; the $c += above would |
|
| 515 | + * have produced a negative integer to begin with. But a negative $b |
|
| 516 | + * makes $b >>= 1 never return 0, so we would end up with incorrect |
|
| 517 | + * results. |
|
| 518 | + * |
|
| 519 | + * The end result is what we'd expect from integer multiplication. |
|
| 520 | + */ |
|
| 521 | + return (int) (($c & ~$mask) | ($mask & -$c)); |
|
| 522 | + } |
|
| 523 | + |
|
| 524 | + /** |
|
| 525 | + * Convert any arbitrary numbers into two 32-bit integers that represent |
|
| 526 | + * a 64-bit integer. |
|
| 527 | + * |
|
| 528 | + * @internal You should not use this directly from another application |
|
| 529 | + * |
|
| 530 | + * @param int|float $num |
|
| 531 | + * @return array<int, int> |
|
| 532 | + */ |
|
| 533 | + public static function numericTo64BitInteger($num) |
|
| 534 | + { |
|
| 535 | + $high = 0; |
|
| 536 | + $low = $num & 0xffffffff; |
|
| 537 | + |
|
| 538 | + if ((+(abs($num))) >= 1) { |
|
| 539 | + if ($num > 0) { |
|
| 540 | + $high = min((+(floor($num/4294967296))), 4294967295); |
|
| 541 | + } else { |
|
| 542 | + $high = ~~((+(ceil(($num - (+((~~($num)))))/4294967296)))); |
|
| 543 | + } |
|
| 544 | + } |
|
| 545 | + return array((int) $high, (int) $low); |
|
| 546 | + } |
|
| 547 | + |
|
| 548 | + /** |
|
| 549 | + * Store a 24-bit integer into a string, treating it as big-endian. |
|
| 550 | + * |
|
| 551 | + * @internal You should not use this directly from another application |
|
| 552 | + * |
|
| 553 | + * @param int $int |
|
| 554 | + * @return string |
|
| 555 | + * @throws TypeError |
|
| 556 | + */ |
|
| 557 | + public static function store_3($int) |
|
| 558 | + { |
|
| 559 | + /* Type checks: */ |
|
| 560 | + if (!is_int($int)) { |
|
| 561 | + if (is_numeric($int)) { |
|
| 562 | + $int = (int) $int; |
|
| 563 | + } else { |
|
| 564 | + throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 565 | + } |
|
| 566 | + } |
|
| 567 | + |
|
| 568 | + return self::intToChr(($int >> 16) & 0xff) . |
|
| 569 | + self::intToChr(($int >> 8) & 0xff) . |
|
| 570 | + self::intToChr($int & 0xff); |
|
| 571 | + } |
|
| 572 | + |
|
| 573 | + /** |
|
| 574 | + * Store a 32-bit integer into a string, treating it as little-endian. |
|
| 575 | + * |
|
| 576 | + * @internal You should not use this directly from another application |
|
| 577 | + * |
|
| 578 | + * @param int $int |
|
| 579 | + * @return string |
|
| 580 | + * @throws TypeError |
|
| 581 | + */ |
|
| 582 | + public static function store32_le($int) |
|
| 583 | + { |
|
| 584 | + /* Type checks: */ |
|
| 585 | + if (!is_int($int)) { |
|
| 586 | + if (is_numeric($int)) { |
|
| 587 | + $int = (int) $int; |
|
| 588 | + } else { |
|
| 589 | + throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 590 | + } |
|
| 591 | + } |
|
| 592 | + |
|
| 593 | + return self::intToChr($int & 0xff) . |
|
| 594 | + self::intToChr(($int >> 8) & 0xff) . |
|
| 595 | + self::intToChr(($int >> 16) & 0xff) . |
|
| 596 | + self::intToChr(($int >> 24) & 0xff); |
|
| 597 | + } |
|
| 598 | + |
|
| 599 | + /** |
|
| 600 | + * Store a 32-bit integer into a string, treating it as big-endian. |
|
| 601 | + * |
|
| 602 | + * @internal You should not use this directly from another application |
|
| 603 | + * |
|
| 604 | + * @param int $int |
|
| 605 | + * @return string |
|
| 606 | + * @throws TypeError |
|
| 607 | + */ |
|
| 608 | + public static function store_4($int) |
|
| 609 | + { |
|
| 610 | + /* Type checks: */ |
|
| 611 | + if (!is_int($int)) { |
|
| 612 | + if (is_numeric($int)) { |
|
| 613 | + $int = (int) $int; |
|
| 614 | + } else { |
|
| 615 | + throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 616 | + } |
|
| 617 | + } |
|
| 618 | + |
|
| 619 | + return self::intToChr(($int >> 24) & 0xff) . |
|
| 620 | + self::intToChr(($int >> 16) & 0xff) . |
|
| 621 | + self::intToChr(($int >> 8) & 0xff) . |
|
| 622 | + self::intToChr($int & 0xff); |
|
| 623 | + } |
|
| 624 | + |
|
| 625 | + /** |
|
| 626 | + * Stores a 64-bit integer as an string, treating it as little-endian. |
|
| 627 | + * |
|
| 628 | + * @internal You should not use this directly from another application |
|
| 629 | + * |
|
| 630 | + * @param int $int |
|
| 631 | + * @return string |
|
| 632 | + * @throws TypeError |
|
| 633 | + */ |
|
| 634 | + public static function store64_le($int) |
|
| 635 | + { |
|
| 636 | + /* Type checks: */ |
|
| 637 | + if (!is_int($int)) { |
|
| 638 | + if (is_numeric($int)) { |
|
| 639 | + $int = (int) $int; |
|
| 640 | + } else { |
|
| 641 | + throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 642 | + } |
|
| 643 | + } |
|
| 644 | + |
|
| 645 | + if (PHP_INT_SIZE === 8) { |
|
| 646 | + return self::intToChr($int & 0xff) . |
|
| 647 | + self::intToChr(($int >> 8) & 0xff) . |
|
| 648 | + self::intToChr(($int >> 16) & 0xff) . |
|
| 649 | + self::intToChr(($int >> 24) & 0xff) . |
|
| 650 | + self::intToChr(($int >> 32) & 0xff) . |
|
| 651 | + self::intToChr(($int >> 40) & 0xff) . |
|
| 652 | + self::intToChr(($int >> 48) & 0xff) . |
|
| 653 | + self::intToChr(($int >> 56) & 0xff); |
|
| 654 | + } |
|
| 655 | + if ($int > PHP_INT_MAX) { |
|
| 656 | + list($hiB, $int) = self::numericTo64BitInteger($int); |
|
| 657 | + } else { |
|
| 658 | + $hiB = 0; |
|
| 659 | + } |
|
| 660 | + return |
|
| 661 | + self::intToChr(($int ) & 0xff) . |
|
| 662 | + self::intToChr(($int >> 8) & 0xff) . |
|
| 663 | + self::intToChr(($int >> 16) & 0xff) . |
|
| 664 | + self::intToChr(($int >> 24) & 0xff) . |
|
| 665 | + self::intToChr($hiB & 0xff) . |
|
| 666 | + self::intToChr(($hiB >> 8) & 0xff) . |
|
| 667 | + self::intToChr(($hiB >> 16) & 0xff) . |
|
| 668 | + self::intToChr(($hiB >> 24) & 0xff); |
|
| 669 | + } |
|
| 670 | + |
|
| 671 | + /** |
|
| 672 | + * Safe string length |
|
| 673 | + * |
|
| 674 | + * @internal You should not use this directly from another application |
|
| 675 | + * |
|
| 676 | + * @ref mbstring.func_overload |
|
| 677 | + * |
|
| 678 | + * @param string $str |
|
| 679 | + * @return int |
|
| 680 | + * @throws TypeError |
|
| 681 | + */ |
|
| 682 | + public static function strlen($str) |
|
| 683 | + { |
|
| 684 | + /* Type checks: */ |
|
| 685 | + if (!is_string($str)) { |
|
| 686 | + throw new TypeError('String expected'); |
|
| 687 | + } |
|
| 688 | + |
|
| 689 | + return (int) ( |
|
| 690 | + self::isMbStringOverride() |
|
| 691 | + ? mb_strlen($str, '8bit') |
|
| 692 | + : strlen($str) |
|
| 693 | + ); |
|
| 694 | + } |
|
| 695 | + |
|
| 696 | + /** |
|
| 697 | + * Turn a string into an array of integers |
|
| 698 | + * |
|
| 699 | + * @internal You should not use this directly from another application |
|
| 700 | + * |
|
| 701 | + * @param string $string |
|
| 702 | + * @return array<int, int> |
|
| 703 | + * @throws TypeError |
|
| 704 | + */ |
|
| 705 | + public static function stringToIntArray($string) |
|
| 706 | + { |
|
| 707 | + if (!is_string($string)) { |
|
| 708 | + throw new TypeError('String expected'); |
|
| 709 | + } |
|
| 710 | + /** |
|
| 711 | + * @var array<int, int> |
|
| 712 | + */ |
|
| 713 | + $values = array_values( |
|
| 714 | + unpack('C*', $string) |
|
| 715 | + ); |
|
| 716 | + return $values; |
|
| 717 | + } |
|
| 718 | + |
|
| 719 | + /** |
|
| 720 | + * Safe substring |
|
| 721 | + * |
|
| 722 | + * @internal You should not use this directly from another application |
|
| 723 | + * |
|
| 724 | + * @ref mbstring.func_overload |
|
| 725 | + * |
|
| 726 | + * @param string $str |
|
| 727 | + * @param int $start |
|
| 728 | + * @param int $length |
|
| 729 | + * @return string |
|
| 730 | + * @throws TypeError |
|
| 731 | + */ |
|
| 732 | + public static function substr($str, $start = 0, $length = null) |
|
| 733 | + { |
|
| 734 | + /* Type checks: */ |
|
| 735 | + if (!is_string($str)) { |
|
| 736 | + throw new TypeError('String expected'); |
|
| 737 | + } |
|
| 738 | + |
|
| 739 | + if ($length === 0) { |
|
| 740 | + return ''; |
|
| 741 | + } |
|
| 742 | + |
|
| 743 | + if (self::isMbStringOverride()) { |
|
| 744 | + if (PHP_VERSION_ID < 50400 && $length === null) { |
|
| 745 | + $length = self::strlen($str); |
|
| 746 | + } |
|
| 747 | + $sub = (string) mb_substr($str, $start, $length, '8bit'); |
|
| 748 | + } elseif ($length === null) { |
|
| 749 | + $sub = (string) substr($str, $start); |
|
| 750 | + } else { |
|
| 751 | + $sub = (string) substr($str, $start, $length); |
|
| 752 | + } |
|
| 753 | + if (isset($sub)) { |
|
| 754 | + return $sub; |
|
| 755 | + } |
|
| 756 | + return ''; |
|
| 757 | + } |
|
| 758 | + |
|
| 759 | + /** |
|
| 760 | + * Compare a 16-character byte string in constant time. |
|
| 761 | + * |
|
| 762 | + * @internal You should not use this directly from another application |
|
| 763 | + * |
|
| 764 | + * @param string $a |
|
| 765 | + * @param string $b |
|
| 766 | + * @return bool |
|
| 767 | + * @throws TypeError |
|
| 768 | + */ |
|
| 769 | + public static function verify_16($a, $b) |
|
| 770 | + { |
|
| 771 | + /* Type checks: */ |
|
| 772 | + if (!is_string($a)) { |
|
| 773 | + throw new TypeError('String expected'); |
|
| 774 | + } |
|
| 775 | + if (!is_string($b)) { |
|
| 776 | + throw new TypeError('String expected'); |
|
| 777 | + } |
|
| 778 | + return self::hashEquals( |
|
| 779 | + self::substr($a, 0, 16), |
|
| 780 | + self::substr($b, 0, 16) |
|
| 781 | + ); |
|
| 782 | + } |
|
| 783 | + |
|
| 784 | + /** |
|
| 785 | + * Compare a 32-character byte string in constant time. |
|
| 786 | + * |
|
| 787 | + * @internal You should not use this directly from another application |
|
| 788 | + * |
|
| 789 | + * @param string $a |
|
| 790 | + * @param string $b |
|
| 791 | + * @return bool |
|
| 792 | + * @throws TypeError |
|
| 793 | + */ |
|
| 794 | + public static function verify_32($a, $b) |
|
| 795 | + { |
|
| 796 | + /* Type checks: */ |
|
| 797 | + if (!is_string($a)) { |
|
| 798 | + throw new TypeError('String expected'); |
|
| 799 | + } |
|
| 800 | + if (!is_string($b)) { |
|
| 801 | + throw new TypeError('String expected'); |
|
| 802 | + } |
|
| 803 | + return self::hashEquals( |
|
| 804 | + self::substr($a, 0, 32), |
|
| 805 | + self::substr($b, 0, 32) |
|
| 806 | + ); |
|
| 807 | + } |
|
| 808 | + |
|
| 809 | + /** |
|
| 810 | + * Calculate $a ^ $b for two strings. |
|
| 811 | + * |
|
| 812 | + * @internal You should not use this directly from another application |
|
| 813 | + * |
|
| 814 | + * @param string $a |
|
| 815 | + * @param string $b |
|
| 816 | + * @return string |
|
| 817 | + * @throws TypeError |
|
| 818 | + */ |
|
| 819 | + public static function xorStrings($a, $b) |
|
| 820 | + { |
|
| 821 | + /* Type checks: */ |
|
| 822 | + if (!is_string($a)) { |
|
| 823 | + throw new TypeError('Argument 1 must be a string'); |
|
| 824 | + } |
|
| 825 | + if (!is_string($b)) { |
|
| 826 | + throw new TypeError('Argument 2 must be a string'); |
|
| 827 | + } |
|
| 828 | + |
|
| 829 | + return $a ^ $b; |
|
| 830 | + } |
|
| 831 | + |
|
| 832 | + /** |
|
| 833 | + * Returns whether or not mbstring.func_overload is in effect. |
|
| 834 | + * |
|
| 835 | + * @internal You should not use this directly from another application |
|
| 836 | + * |
|
| 837 | + * @return bool |
|
| 838 | + */ |
|
| 839 | + protected static function isMbStringOverride() |
|
| 840 | + { |
|
| 841 | + static $mbstring = null; |
|
| 842 | + |
|
| 843 | + if ($mbstring === null) { |
|
| 844 | + $mbstring = extension_loaded('mbstring') |
|
| 845 | + && |
|
| 846 | + (ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING); |
|
| 847 | + } |
|
| 848 | + |
|
| 849 | + return $mbstring; |
|
| 850 | + } |
|
| 851 | 851 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core_Util', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core_Util', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -19,23 +19,23 @@ discard block |
||
| 19 | 19 | * @return string |
| 20 | 20 | * @throws TypeError |
| 21 | 21 | */ |
| 22 | - public static function bin2hex($binaryString) |
|
| 22 | + public static function bin2hex( $binaryString ) |
|
| 23 | 23 | { |
| 24 | 24 | /* Type checks: */ |
| 25 | - if (!is_string($binaryString)) { |
|
| 26 | - throw new TypeError('Argument 1 must be a string, ' . gettype($binaryString) . ' given.'); |
|
| 25 | + if ( ! is_string( $binaryString ) ) { |
|
| 26 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $binaryString ) . ' given.' ); |
|
| 27 | 27 | } |
| 28 | 28 | |
| 29 | 29 | $hex = ''; |
| 30 | - $len = self::strlen($binaryString); |
|
| 31 | - for ($i = 0; $i < $len; ++$i) { |
|
| 32 | - $chunk = unpack('C', self::substr($binaryString, $i, 2)); |
|
| 30 | + $len = self::strlen( $binaryString ); |
|
| 31 | + for ( $i = 0; $i < $len; ++$i ) { |
|
| 32 | + $chunk = unpack( 'C', self::substr( $binaryString, $i, 2 ) ); |
|
| 33 | 33 | $c = $chunk[1] & 0xf; |
| 34 | 34 | $b = $chunk[1] >> 4; |
| 35 | 35 | $hex .= pack( |
| 36 | 36 | 'CC', |
| 37 | - (87 + $b + ((($b - 10) >> 8) & ~38)), |
|
| 38 | - (87 + $c + ((($c - 10) >> 8) & ~38)) |
|
| 37 | + ( 87 + $b + ( ( ( $b - 10 ) >> 8 ) & ~38 ) ), |
|
| 38 | + ( 87 + $c + ( ( ( $c - 10 ) >> 8 ) & ~38 ) ) |
|
| 39 | 39 | ); |
| 40 | 40 | } |
| 41 | 41 | return $hex; |
@@ -50,12 +50,12 @@ discard block |
||
| 50 | 50 | * @param string $bin_string (raw binary) |
| 51 | 51 | * @return string |
| 52 | 52 | */ |
| 53 | - public static function bin2hexUpper($bin_string) |
|
| 53 | + public static function bin2hexUpper( $bin_string ) |
|
| 54 | 54 | { |
| 55 | 55 | $hex = ''; |
| 56 | - $len = self::strlen($bin_string); |
|
| 57 | - for ($i = 0; $i < $len; ++$i) { |
|
| 58 | - $chunk = unpack('C', self::substr($bin_string, $i, 2)); |
|
| 56 | + $len = self::strlen( $bin_string ); |
|
| 57 | + for ( $i = 0; $i < $len; ++$i ) { |
|
| 58 | + $chunk = unpack( 'C', self::substr( $bin_string, $i, 2 ) ); |
|
| 59 | 59 | /** |
| 60 | 60 | * Lower 16 bits |
| 61 | 61 | * |
@@ -77,8 +77,8 @@ discard block |
||
| 77 | 77 | */ |
| 78 | 78 | $hex .= pack( |
| 79 | 79 | 'CC', |
| 80 | - (55 + $b + ((($b - 10) >> 8) & ~6)), |
|
| 81 | - (55 + $c + ((($c - 10) >> 8) & ~6)) |
|
| 80 | + ( 55 + $b + ( ( ( $b - 10 ) >> 8 ) & ~6 ) ), |
|
| 81 | + ( 55 + $c + ( ( ( $c - 10 ) >> 8 ) & ~6 ) ) |
|
| 82 | 82 | ); |
| 83 | 83 | } |
| 84 | 84 | return $hex; |
@@ -93,16 +93,16 @@ discard block |
||
| 93 | 93 | * @return int |
| 94 | 94 | * @throws Error |
| 95 | 95 | */ |
| 96 | - public static function chrToInt($chr) |
|
| 96 | + public static function chrToInt( $chr ) |
|
| 97 | 97 | { |
| 98 | 98 | /* Type checks: */ |
| 99 | - if (!is_string($chr)) { |
|
| 100 | - throw new TypeError('Argument 1 must be a string, ' . gettype($chr) . ' given.'); |
|
| 99 | + if ( ! is_string( $chr ) ) { |
|
| 100 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $chr ) . ' given.' ); |
|
| 101 | 101 | } |
| 102 | - if (self::strlen($chr) !== 1) { |
|
| 103 | - throw new Error('chrToInt() expects a string that is exactly 1 character long'); |
|
| 102 | + if ( self::strlen( $chr ) !== 1 ) { |
|
| 103 | + throw new Error( 'chrToInt() expects a string that is exactly 1 character long' ); |
|
| 104 | 104 | } |
| 105 | - $chunk = unpack('C', $chr); |
|
| 105 | + $chunk = unpack( 'C', $chr ); |
|
| 106 | 106 | return $chunk[1]; |
| 107 | 107 | } |
| 108 | 108 | |
@@ -116,25 +116,25 @@ discard block |
||
| 116 | 116 | * @param int $len |
| 117 | 117 | * @return int |
| 118 | 118 | */ |
| 119 | - public static function compare($left, $right, $len = null) |
|
| 119 | + public static function compare( $left, $right, $len = null ) |
|
| 120 | 120 | { |
| 121 | - $leftLen = self::strlen($left); |
|
| 122 | - $rightLen = self::strlen($right); |
|
| 123 | - if ($len === null) { |
|
| 124 | - $len = max($leftLen, $rightLen); |
|
| 125 | - $left = str_pad($left, $len, "\x00", STR_PAD_RIGHT); |
|
| 126 | - $right = str_pad($right, $len, "\x00", STR_PAD_RIGHT); |
|
| 121 | + $leftLen = self::strlen( $left ); |
|
| 122 | + $rightLen = self::strlen( $right ); |
|
| 123 | + if ( $len === null ) { |
|
| 124 | + $len = max( $leftLen, $rightLen ); |
|
| 125 | + $left = str_pad( $left, $len, "\x00", STR_PAD_RIGHT ); |
|
| 126 | + $right = str_pad( $right, $len, "\x00", STR_PAD_RIGHT ); |
|
| 127 | 127 | } |
| 128 | 128 | |
| 129 | 129 | $gt = 0; |
| 130 | 130 | $eq = 1; |
| 131 | 131 | $i = $len; |
| 132 | - while ($i !== 0) { |
|
| 132 | + while ( $i !== 0 ) { |
|
| 133 | 133 | --$i; |
| 134 | - $gt |= ((self::chrToInt($right[$i]) - self::chrToInt($left[$i])) >> 8) & $eq; |
|
| 135 | - $eq &= ((self::chrToInt($right[$i]) ^ self::chrToInt($left[$i])) - 1) >> 8; |
|
| 134 | + $gt |= ( ( self::chrToInt( $right[$i] ) - self::chrToInt( $left[$i] ) ) >> 8 ) & $eq; |
|
| 135 | + $eq &= ( ( self::chrToInt( $right[$i] ) ^ self::chrToInt( $left[$i] ) ) - 1 ) >> 8; |
|
| 136 | 136 | } |
| 137 | - return ($gt + $gt + $eq) - 1; |
|
| 137 | + return ( $gt + $gt + $eq ) - 1; |
|
| 138 | 138 | } |
| 139 | 139 | |
| 140 | 140 | /** |
@@ -147,71 +147,71 @@ discard block |
||
| 147 | 147 | * @throws Error |
| 148 | 148 | * @return void |
| 149 | 149 | */ |
| 150 | - public static function declareScalarType(&$mixedVar = null, $type = 'void', $argumentIndex = 0) |
|
| 150 | + public static function declareScalarType( &$mixedVar = null, $type = 'void', $argumentIndex = 0 ) |
|
| 151 | 151 | { |
| 152 | - if (func_num_args() === 0) { |
|
| 152 | + if ( func_num_args() === 0 ) { |
|
| 153 | 153 | /* Tautology, by default */ |
| 154 | 154 | return; |
| 155 | 155 | } |
| 156 | - if (func_num_args() === 1) { |
|
| 157 | - throw new TypeError('Declared void, but passed a variable'); |
|
| 156 | + if ( func_num_args() === 1 ) { |
|
| 157 | + throw new TypeError( 'Declared void, but passed a variable' ); |
|
| 158 | 158 | } |
| 159 | - $realType = strtolower(gettype($mixedVar)); |
|
| 160 | - $type = strtolower($type); |
|
| 161 | - switch ($type) { |
|
| 159 | + $realType = strtolower( gettype( $mixedVar ) ); |
|
| 160 | + $type = strtolower( $type ); |
|
| 161 | + switch ( $type ) { |
|
| 162 | 162 | case 'null': |
| 163 | - if ($mixedVar !== null) { |
|
| 164 | - throw new TypeError('Argument ' . $argumentIndex . ' must be null, ' . $realType . ' given.'); |
|
| 163 | + if ( $mixedVar !== null ) { |
|
| 164 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be null, ' . $realType . ' given.' ); |
|
| 165 | 165 | } |
| 166 | 166 | break; |
| 167 | 167 | case 'integer': |
| 168 | 168 | case 'int': |
| 169 | - $allow = array('int', 'integer'); |
|
| 170 | - if (!in_array($type, $allow)) { |
|
| 171 | - throw new TypeError('Argument ' . $argumentIndex . ' must be an integer, ' . $realType . ' given.'); |
|
| 169 | + $allow = array( 'int', 'integer' ); |
|
| 170 | + if ( ! in_array( $type, $allow ) ) { |
|
| 171 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be an integer, ' . $realType . ' given.' ); |
|
| 172 | 172 | } |
| 173 | 173 | $mixedVar = (int) $mixedVar; |
| 174 | 174 | break; |
| 175 | 175 | case 'boolean': |
| 176 | 176 | case 'bool': |
| 177 | - $allow = array('bool', 'boolean'); |
|
| 178 | - if (!in_array($type, $allow)) { |
|
| 179 | - throw new TypeError('Argument ' . $argumentIndex . ' must be a boolean, ' . $realType . ' given.'); |
|
| 177 | + $allow = array( 'bool', 'boolean' ); |
|
| 178 | + if ( ! in_array( $type, $allow ) ) { |
|
| 179 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be a boolean, ' . $realType . ' given.' ); |
|
| 180 | 180 | } |
| 181 | 181 | $mixedVar = (bool) $mixedVar; |
| 182 | 182 | break; |
| 183 | 183 | case 'string': |
| 184 | - if (!is_string($mixedVar)) { |
|
| 185 | - throw new TypeError('Argument ' . $argumentIndex . ' must be a string, ' . $realType . ' given.'); |
|
| 184 | + if ( ! is_string( $mixedVar ) ) { |
|
| 185 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be a string, ' . $realType . ' given.' ); |
|
| 186 | 186 | } |
| 187 | 187 | $mixedVar = (string) $mixedVar; |
| 188 | 188 | break; |
| 189 | 189 | case 'decimal': |
| 190 | 190 | case 'double': |
| 191 | 191 | case 'float': |
| 192 | - $allow = array('decimal', 'double', 'float'); |
|
| 193 | - if (!in_array($type, $allow)) { |
|
| 194 | - throw new TypeError('Argument ' . $argumentIndex . ' must be a float, ' . $realType . ' given.'); |
|
| 192 | + $allow = array( 'decimal', 'double', 'float' ); |
|
| 193 | + if ( ! in_array( $type, $allow ) ) { |
|
| 194 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be a float, ' . $realType . ' given.' ); |
|
| 195 | 195 | } |
| 196 | 196 | $mixedVar = (float) $mixedVar; |
| 197 | 197 | break; |
| 198 | 198 | case 'object': |
| 199 | - if (!is_object($mixedVar)) { |
|
| 200 | - throw new TypeError('Argument ' . $argumentIndex . ' must be an object, ' . $realType . ' given.'); |
|
| 199 | + if ( ! is_object( $mixedVar ) ) { |
|
| 200 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be an object, ' . $realType . ' given.' ); |
|
| 201 | 201 | } |
| 202 | 202 | break; |
| 203 | 203 | case 'array': |
| 204 | - if (!is_array($mixedVar)) { |
|
| 205 | - if (is_object($mixedVar)) { |
|
| 206 | - if ($mixedVar instanceof ArrayAccess) { |
|
| 204 | + if ( ! is_array( $mixedVar ) ) { |
|
| 205 | + if ( is_object( $mixedVar ) ) { |
|
| 206 | + if ( $mixedVar instanceof ArrayAccess ) { |
|
| 207 | 207 | return; |
| 208 | 208 | } |
| 209 | 209 | } |
| 210 | - throw new TypeError('Argument ' . $argumentIndex . ' must be an array, ' . $realType . ' given.'); |
|
| 210 | + throw new TypeError( 'Argument ' . $argumentIndex . ' must be an array, ' . $realType . ' given.' ); |
|
| 211 | 211 | } |
| 212 | 212 | break; |
| 213 | 213 | default: |
| 214 | - throw new Error('Unknown type (' . $realType .') does not match expect type (' . $type . ')'); |
|
| 214 | + throw new Error( 'Unknown type (' . $realType . ') does not match expect type (' . $type . ')' ); |
|
| 215 | 215 | } |
| 216 | 216 | } |
| 217 | 217 | |
@@ -223,29 +223,29 @@ discard block |
||
| 223 | 223 | * @return bool |
| 224 | 224 | * @throws TypeError |
| 225 | 225 | */ |
| 226 | - public static function hashEquals($left, $right) |
|
| 226 | + public static function hashEquals( $left, $right ) |
|
| 227 | 227 | { |
| 228 | 228 | /* Type checks: */ |
| 229 | - if (!is_string($left)) { |
|
| 230 | - throw new TypeError('Argument 1 must be a string, ' . gettype($left) . ' given.'); |
|
| 229 | + if ( ! is_string( $left ) ) { |
|
| 230 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $left ) . ' given.' ); |
|
| 231 | 231 | } |
| 232 | - if (!is_string($right)) { |
|
| 233 | - throw new TypeError('Argument 2 must be a string, ' . gettype($right) . ' given.'); |
|
| 232 | + if ( ! is_string( $right ) ) { |
|
| 233 | + throw new TypeError( 'Argument 2 must be a string, ' . gettype( $right ) . ' given.' ); |
|
| 234 | 234 | } |
| 235 | 235 | |
| 236 | - if (is_callable('hash_equals')) { |
|
| 237 | - return hash_equals($left, $right); |
|
| 236 | + if ( is_callable( 'hash_equals' ) ) { |
|
| 237 | + return hash_equals( $left, $right ); |
|
| 238 | 238 | } |
| 239 | 239 | $d = 0; |
| 240 | - $len = self::strlen($left); |
|
| 241 | - if ($len !== self::strlen($right)) { |
|
| 240 | + $len = self::strlen( $left ); |
|
| 241 | + if ( $len !== self::strlen( $right ) ) { |
|
| 242 | 242 | return false; |
| 243 | 243 | } |
| 244 | - for ($i = 0; $i < $len; ++$i) { |
|
| 245 | - $d |= self::chrToInt($left[$i]) ^ self::chrToInt($right[$i]); |
|
| 244 | + for ( $i = 0; $i < $len; ++$i ) { |
|
| 245 | + $d |= self::chrToInt( $left[$i] ) ^ self::chrToInt( $right[$i] ); |
|
| 246 | 246 | } |
| 247 | 247 | |
| 248 | - if ($d !== 0) { |
|
| 248 | + if ( $d !== 0 ) { |
|
| 249 | 249 | return false; |
| 250 | 250 | } |
| 251 | 251 | return $left === $right; |
@@ -263,20 +263,20 @@ discard block |
||
| 263 | 263 | * @throws RangeException |
| 264 | 264 | * @throws TypeError |
| 265 | 265 | */ |
| 266 | - public static function hex2bin($hexString, $strictPadding = false) |
|
| 266 | + public static function hex2bin( $hexString, $strictPadding = false ) |
|
| 267 | 267 | { |
| 268 | 268 | /* Type checks: */ |
| 269 | - if (!is_string($hexString)) { |
|
| 270 | - throw new TypeError('Argument 1 must be a string, ' . gettype($hexString) . ' given.'); |
|
| 269 | + if ( ! is_string( $hexString ) ) { |
|
| 270 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $hexString ) . ' given.' ); |
|
| 271 | 271 | } |
| 272 | 272 | |
| 273 | 273 | $hex_pos = 0; |
| 274 | 274 | $bin = ''; |
| 275 | 275 | $c_acc = 0; |
| 276 | - $hex_len = self::strlen($hexString); |
|
| 276 | + $hex_len = self::strlen( $hexString ); |
|
| 277 | 277 | $state = 0; |
| 278 | - if (($hex_len & 1) !== 0) { |
|
| 279 | - if ($strictPadding) { |
|
| 278 | + if ( ( $hex_len & 1 ) !== 0 ) { |
|
| 279 | + if ( $strictPadding ) { |
|
| 280 | 280 | throw new RangeException( |
| 281 | 281 | 'Expected an even number of hexadecimal characters' |
| 282 | 282 | ); |
@@ -286,24 +286,24 @@ discard block |
||
| 286 | 286 | } |
| 287 | 287 | } |
| 288 | 288 | |
| 289 | - $chunk = unpack('C*', $hexString); |
|
| 290 | - while ($hex_pos < $hex_len) { |
|
| 289 | + $chunk = unpack( 'C*', $hexString ); |
|
| 290 | + while ( $hex_pos < $hex_len ) { |
|
| 291 | 291 | ++$hex_pos; |
| 292 | 292 | $c = $chunk[$hex_pos]; |
| 293 | 293 | $c_num = $c ^ 48; |
| 294 | - $c_num0 = ($c_num - 10) >> 8; |
|
| 295 | - $c_alpha = ($c & ~32) - 55; |
|
| 296 | - $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; |
|
| 297 | - if (($c_num0 | $c_alpha0) === 0) { |
|
| 294 | + $c_num0 = ( $c_num - 10 ) >> 8; |
|
| 295 | + $c_alpha = ( $c & ~32 ) - 55; |
|
| 296 | + $c_alpha0 = ( ( $c_alpha - 10 ) ^ ( $c_alpha - 16 ) ) >> 8; |
|
| 297 | + if ( ( $c_num0 | $c_alpha0 ) === 0 ) { |
|
| 298 | 298 | throw new RangeException( |
| 299 | 299 | 'hex2bin() only expects hexadecimal characters' |
| 300 | 300 | ); |
| 301 | 301 | } |
| 302 | - $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); |
|
| 303 | - if ($state === 0) { |
|
| 302 | + $c_val = ( $c_num0 & $c_num ) | ( $c_alpha & $c_alpha0 ); |
|
| 303 | + if ( $state === 0 ) { |
|
| 304 | 304 | $c_acc = $c_val * 16; |
| 305 | 305 | } else { |
| 306 | - $bin .= pack('C', $c_acc | $c_val); |
|
| 306 | + $bin .= pack( 'C', $c_acc | $c_val ); |
|
| 307 | 307 | } |
| 308 | 308 | $state ^= 1; |
| 309 | 309 | } |
@@ -318,14 +318,14 @@ discard block |
||
| 318 | 318 | * @param array<int, int> $ints |
| 319 | 319 | * @return string |
| 320 | 320 | */ |
| 321 | - public static function intArrayToString(array $ints) |
|
| 321 | + public static function intArrayToString( array $ints ) |
|
| 322 | 322 | { |
| 323 | 323 | $args = $ints; |
| 324 | - foreach ($args as $i => $v) { |
|
| 324 | + foreach ( $args as $i => $v ) { |
|
| 325 | 325 | $args[$i] = $v & 0xff; |
| 326 | 326 | } |
| 327 | - array_unshift($args, str_repeat('C', count($ints))); |
|
| 328 | - return call_user_func_array('pack', $args); |
|
| 327 | + array_unshift( $args, str_repeat( 'C', count( $ints ) ) ); |
|
| 328 | + return call_user_func_array( 'pack', $args ); |
|
| 329 | 329 | } |
| 330 | 330 | |
| 331 | 331 | /** |
@@ -337,9 +337,9 @@ discard block |
||
| 337 | 337 | * @return string |
| 338 | 338 | * @throws TypeError |
| 339 | 339 | */ |
| 340 | - public static function intToChr($int) |
|
| 340 | + public static function intToChr( $int ) |
|
| 341 | 341 | { |
| 342 | - return pack('C', $int); |
|
| 342 | + return pack( 'C', $int ); |
|
| 343 | 343 | } |
| 344 | 344 | |
| 345 | 345 | /** |
@@ -352,22 +352,22 @@ discard block |
||
| 352 | 352 | * @throws RangeException |
| 353 | 353 | * @throws TypeError |
| 354 | 354 | */ |
| 355 | - public static function load_3($string) |
|
| 355 | + public static function load_3( $string ) |
|
| 356 | 356 | { |
| 357 | 357 | /* Type checks: */ |
| 358 | - if (!is_string($string)) { |
|
| 359 | - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 358 | + if ( ! is_string( $string ) ) { |
|
| 359 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $string ) . ' given.' ); |
|
| 360 | 360 | } |
| 361 | 361 | |
| 362 | 362 | /* Input validation: */ |
| 363 | - if (self::strlen($string) < 3) { |
|
| 363 | + if ( self::strlen( $string ) < 3 ) { |
|
| 364 | 364 | throw new RangeException( |
| 365 | - 'String must be 3 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 365 | + 'String must be 3 bytes or more; ' . self::strlen( $string ) . ' given.' |
|
| 366 | 366 | ); |
| 367 | 367 | } |
| 368 | - $result = self::chrToInt($string[0]); |
|
| 369 | - $result |= self::chrToInt($string[1]) << 8; |
|
| 370 | - $result |= self::chrToInt($string[2]) << 16; |
|
| 368 | + $result = self::chrToInt( $string[0] ); |
|
| 369 | + $result |= self::chrToInt( $string[1] ) << 8; |
|
| 370 | + $result |= self::chrToInt( $string[2] ) << 16; |
|
| 371 | 371 | return $result & 0xffffff; |
| 372 | 372 | } |
| 373 | 373 | |
@@ -381,23 +381,23 @@ discard block |
||
| 381 | 381 | * @throws RangeException |
| 382 | 382 | * @throws TypeError |
| 383 | 383 | */ |
| 384 | - public static function load_4($string) |
|
| 384 | + public static function load_4( $string ) |
|
| 385 | 385 | { |
| 386 | 386 | /* Type checks: */ |
| 387 | - if (!is_string($string)) { |
|
| 388 | - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 387 | + if ( ! is_string( $string ) ) { |
|
| 388 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $string ) . ' given.' ); |
|
| 389 | 389 | } |
| 390 | 390 | |
| 391 | 391 | /* Input validation: */ |
| 392 | - if (self::strlen($string) < 4) { |
|
| 392 | + if ( self::strlen( $string ) < 4 ) { |
|
| 393 | 393 | throw new RangeException( |
| 394 | - 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 394 | + 'String must be 4 bytes or more; ' . self::strlen( $string ) . ' given.' |
|
| 395 | 395 | ); |
| 396 | 396 | } |
| 397 | - $result = (self::chrToInt($string[0]) & 0xff); |
|
| 398 | - $result |= (self::chrToInt($string[1]) & 0xff) << 8; |
|
| 399 | - $result |= (self::chrToInt($string[2]) & 0xff) << 16; |
|
| 400 | - $result |= (self::chrToInt($string[3]) & 0xff) << 24; |
|
| 397 | + $result = ( self::chrToInt( $string[0] ) & 0xff ); |
|
| 398 | + $result |= ( self::chrToInt( $string[1] ) & 0xff ) << 8; |
|
| 399 | + $result |= ( self::chrToInt( $string[2] ) & 0xff ) << 16; |
|
| 400 | + $result |= ( self::chrToInt( $string[3] ) & 0xff ) << 24; |
|
| 401 | 401 | return $result & 0xffffffff; |
| 402 | 402 | } |
| 403 | 403 | |
@@ -411,27 +411,27 @@ discard block |
||
| 411 | 411 | * @throws RangeException |
| 412 | 412 | * @throws TypeError |
| 413 | 413 | */ |
| 414 | - public static function load64_le($string) |
|
| 414 | + public static function load64_le( $string ) |
|
| 415 | 415 | { |
| 416 | 416 | /* Type checks: */ |
| 417 | - if (!is_string($string)) { |
|
| 418 | - throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
|
| 417 | + if ( ! is_string( $string ) ) { |
|
| 418 | + throw new TypeError( 'Argument 1 must be a string, ' . gettype( $string ) . ' given.' ); |
|
| 419 | 419 | } |
| 420 | 420 | |
| 421 | 421 | /* Input validation: */ |
| 422 | - if (self::strlen($string) < 4) { |
|
| 422 | + if ( self::strlen( $string ) < 4 ) { |
|
| 423 | 423 | throw new RangeException( |
| 424 | - 'String must be 4 bytes or more; ' . self::strlen($string) . ' given.' |
|
| 424 | + 'String must be 4 bytes or more; ' . self::strlen( $string ) . ' given.' |
|
| 425 | 425 | ); |
| 426 | 426 | } |
| 427 | - $result = (self::chrToInt($string[0]) & 0xff); |
|
| 428 | - $result |= (self::chrToInt($string[1]) & 0xff) << 8; |
|
| 429 | - $result |= (self::chrToInt($string[2]) & 0xff) << 16; |
|
| 430 | - $result |= (self::chrToInt($string[3]) & 0xff) << 24; |
|
| 431 | - $result |= (self::chrToInt($string[4]) & 0xff) << 32; |
|
| 432 | - $result |= (self::chrToInt($string[5]) & 0xff) << 40; |
|
| 433 | - $result |= (self::chrToInt($string[6]) & 0xff) << 48; |
|
| 434 | - $result |= (self::chrToInt($string[7]) & 0xff) << 56; |
|
| 427 | + $result = ( self::chrToInt( $string[0] ) & 0xff ); |
|
| 428 | + $result |= ( self::chrToInt( $string[1] ) & 0xff ) << 8; |
|
| 429 | + $result |= ( self::chrToInt( $string[2] ) & 0xff ) << 16; |
|
| 430 | + $result |= ( self::chrToInt( $string[3] ) & 0xff ) << 24; |
|
| 431 | + $result |= ( self::chrToInt( $string[4] ) & 0xff ) << 32; |
|
| 432 | + $result |= ( self::chrToInt( $string[5] ) & 0xff ) << 40; |
|
| 433 | + $result |= ( self::chrToInt( $string[6] ) & 0xff ) << 48; |
|
| 434 | + $result |= ( self::chrToInt( $string[7] ) & 0xff ) << 56; |
|
| 435 | 435 | return (int) $result; |
| 436 | 436 | } |
| 437 | 437 | |
@@ -442,9 +442,9 @@ discard block |
||
| 442 | 442 | * @param string $right |
| 443 | 443 | * @return int |
| 444 | 444 | */ |
| 445 | - public static function memcmp($left, $right) |
|
| 445 | + public static function memcmp( $left, $right ) |
|
| 446 | 446 | { |
| 447 | - if (self::hashEquals($left, $right)) { |
|
| 447 | + if ( self::hashEquals( $left, $right ) ) { |
|
| 448 | 448 | return 0; |
| 449 | 449 | } |
| 450 | 450 | return -1; |
@@ -467,17 +467,17 @@ discard block |
||
| 467 | 467 | * constant operands) |
| 468 | 468 | * @return int |
| 469 | 469 | */ |
| 470 | - public static function mul($a, $b, $size = 0) |
|
| 470 | + public static function mul( $a, $b, $size = 0 ) |
|
| 471 | 471 | { |
| 472 | - if (ParagonIE_Sodium_Compat::$fastMult) { |
|
| 473 | - return (int) ($a * $b); |
|
| 472 | + if ( ParagonIE_Sodium_Compat::$fastMult ) { |
|
| 473 | + return (int) ( $a * $b ); |
|
| 474 | 474 | } |
| 475 | 475 | |
| 476 | 476 | static $defaultSize = null; |
| 477 | - if (!$defaultSize) { |
|
| 478 | - $defaultSize = (PHP_INT_SIZE << 3) - 1; |
|
| 477 | + if ( ! $defaultSize ) { |
|
| 478 | + $defaultSize = ( PHP_INT_SIZE << 3 ) - 1; |
|
| 479 | 479 | } |
| 480 | - if ($size < 1) { |
|
| 480 | + if ( $size < 1 ) { |
|
| 481 | 481 | $size = $defaultSize; |
| 482 | 482 | } |
| 483 | 483 | |
@@ -491,20 +491,20 @@ discard block |
||
| 491 | 491 | * |
| 492 | 492 | * @var int |
| 493 | 493 | */ |
| 494 | - $mask = -(($b >> $size) & 1); |
|
| 494 | + $mask = -( ( $b >> $size ) & 1 ); |
|
| 495 | 495 | |
| 496 | 496 | /** |
| 497 | 497 | * Ensure $b is a positive integer, without creating |
| 498 | 498 | * a branching side-channel |
| 499 | 499 | */ |
| 500 | - $b = ($b & ~$mask) | ($mask & -$b); |
|
| 500 | + $b = ( $b & ~$mask ) | ( $mask & -$b ); |
|
| 501 | 501 | |
| 502 | 502 | /** |
| 503 | 503 | * This loop always runs 32 times when PHP_INT_SIZE is 4. |
| 504 | 504 | * This loop always runs 64 times when PHP_INT_SIZE is 8. |
| 505 | 505 | */ |
| 506 | - for ($i = $size; $i >= 0; --$i) { |
|
| 507 | - $c += (int) ($a & -($b & 1)); |
|
| 506 | + for ( $i = $size; $i >= 0; --$i ) { |
|
| 507 | + $c += (int) ( $a & -( $b & 1 ) ); |
|
| 508 | 508 | $a <<= 1; |
| 509 | 509 | $b >>= 1; |
| 510 | 510 | } |
@@ -518,7 +518,7 @@ discard block |
||
| 518 | 518 | * |
| 519 | 519 | * The end result is what we'd expect from integer multiplication. |
| 520 | 520 | */ |
| 521 | - return (int) (($c & ~$mask) | ($mask & -$c)); |
|
| 521 | + return (int) ( ( $c & ~$mask ) | ( $mask & -$c ) ); |
|
| 522 | 522 | } |
| 523 | 523 | |
| 524 | 524 | /** |
@@ -530,19 +530,19 @@ discard block |
||
| 530 | 530 | * @param int|float $num |
| 531 | 531 | * @return array<int, int> |
| 532 | 532 | */ |
| 533 | - public static function numericTo64BitInteger($num) |
|
| 533 | + public static function numericTo64BitInteger( $num ) |
|
| 534 | 534 | { |
| 535 | 535 | $high = 0; |
| 536 | 536 | $low = $num & 0xffffffff; |
| 537 | 537 | |
| 538 | - if ((+(abs($num))) >= 1) { |
|
| 539 | - if ($num > 0) { |
|
| 540 | - $high = min((+(floor($num/4294967296))), 4294967295); |
|
| 538 | + if ( (+( abs( $num ) )) >= 1 ) { |
|
| 539 | + if ( $num > 0 ) { |
|
| 540 | + $high = min( (+( floor( $num / 4294967296 ) )), 4294967295 ); |
|
| 541 | 541 | } else { |
| 542 | - $high = ~~((+(ceil(($num - (+((~~($num)))))/4294967296)))); |
|
| 542 | + $high = ~~( (+( ceil( ( $num - (+( ( ~~( $num ) ) )) ) / 4294967296 ) )) ); |
|
| 543 | 543 | } |
| 544 | 544 | } |
| 545 | - return array((int) $high, (int) $low); |
|
| 545 | + return array( (int) $high, (int) $low ); |
|
| 546 | 546 | } |
| 547 | 547 | |
| 548 | 548 | /** |
@@ -554,20 +554,20 @@ discard block |
||
| 554 | 554 | * @return string |
| 555 | 555 | * @throws TypeError |
| 556 | 556 | */ |
| 557 | - public static function store_3($int) |
|
| 557 | + public static function store_3( $int ) |
|
| 558 | 558 | { |
| 559 | 559 | /* Type checks: */ |
| 560 | - if (!is_int($int)) { |
|
| 561 | - if (is_numeric($int)) { |
|
| 560 | + if ( ! is_int( $int ) ) { |
|
| 561 | + if ( is_numeric( $int ) ) { |
|
| 562 | 562 | $int = (int) $int; |
| 563 | 563 | } else { |
| 564 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 564 | + throw new TypeError( 'Argument 1 must be an integer, ' . gettype( $int ) . ' given.' ); |
|
| 565 | 565 | } |
| 566 | 566 | } |
| 567 | 567 | |
| 568 | - return self::intToChr(($int >> 16) & 0xff) . |
|
| 569 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 570 | - self::intToChr($int & 0xff); |
|
| 568 | + return self::intToChr( ( $int >> 16 ) & 0xff ) . |
|
| 569 | + self::intToChr( ( $int >> 8 ) & 0xff ) . |
|
| 570 | + self::intToChr( $int & 0xff ); |
|
| 571 | 571 | } |
| 572 | 572 | |
| 573 | 573 | /** |
@@ -579,21 +579,21 @@ discard block |
||
| 579 | 579 | * @return string |
| 580 | 580 | * @throws TypeError |
| 581 | 581 | */ |
| 582 | - public static function store32_le($int) |
|
| 582 | + public static function store32_le( $int ) |
|
| 583 | 583 | { |
| 584 | 584 | /* Type checks: */ |
| 585 | - if (!is_int($int)) { |
|
| 586 | - if (is_numeric($int)) { |
|
| 585 | + if ( ! is_int( $int ) ) { |
|
| 586 | + if ( is_numeric( $int ) ) { |
|
| 587 | 587 | $int = (int) $int; |
| 588 | 588 | } else { |
| 589 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 589 | + throw new TypeError( 'Argument 1 must be an integer, ' . gettype( $int ) . ' given.' ); |
|
| 590 | 590 | } |
| 591 | 591 | } |
| 592 | 592 | |
| 593 | - return self::intToChr($int & 0xff) . |
|
| 594 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 595 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 596 | - self::intToChr(($int >> 24) & 0xff); |
|
| 593 | + return self::intToChr( $int & 0xff ) . |
|
| 594 | + self::intToChr( ( $int >> 8 ) & 0xff ) . |
|
| 595 | + self::intToChr( ( $int >> 16 ) & 0xff ) . |
|
| 596 | + self::intToChr( ( $int >> 24 ) & 0xff ); |
|
| 597 | 597 | } |
| 598 | 598 | |
| 599 | 599 | /** |
@@ -605,21 +605,21 @@ discard block |
||
| 605 | 605 | * @return string |
| 606 | 606 | * @throws TypeError |
| 607 | 607 | */ |
| 608 | - public static function store_4($int) |
|
| 608 | + public static function store_4( $int ) |
|
| 609 | 609 | { |
| 610 | 610 | /* Type checks: */ |
| 611 | - if (!is_int($int)) { |
|
| 612 | - if (is_numeric($int)) { |
|
| 611 | + if ( ! is_int( $int ) ) { |
|
| 612 | + if ( is_numeric( $int ) ) { |
|
| 613 | 613 | $int = (int) $int; |
| 614 | 614 | } else { |
| 615 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 615 | + throw new TypeError( 'Argument 1 must be an integer, ' . gettype( $int ) . ' given.' ); |
|
| 616 | 616 | } |
| 617 | 617 | } |
| 618 | 618 | |
| 619 | - return self::intToChr(($int >> 24) & 0xff) . |
|
| 620 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 621 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 622 | - self::intToChr($int & 0xff); |
|
| 619 | + return self::intToChr( ( $int >> 24 ) & 0xff ) . |
|
| 620 | + self::intToChr( ( $int >> 16 ) & 0xff ) . |
|
| 621 | + self::intToChr( ( $int >> 8 ) & 0xff ) . |
|
| 622 | + self::intToChr( $int & 0xff ); |
|
| 623 | 623 | } |
| 624 | 624 | |
| 625 | 625 | /** |
@@ -631,41 +631,41 @@ discard block |
||
| 631 | 631 | * @return string |
| 632 | 632 | * @throws TypeError |
| 633 | 633 | */ |
| 634 | - public static function store64_le($int) |
|
| 634 | + public static function store64_le( $int ) |
|
| 635 | 635 | { |
| 636 | 636 | /* Type checks: */ |
| 637 | - if (!is_int($int)) { |
|
| 638 | - if (is_numeric($int)) { |
|
| 637 | + if ( ! is_int( $int ) ) { |
|
| 638 | + if ( is_numeric( $int ) ) { |
|
| 639 | 639 | $int = (int) $int; |
| 640 | 640 | } else { |
| 641 | - throw new TypeError('Argument 1 must be an integer, ' . gettype($int) . ' given.'); |
|
| 641 | + throw new TypeError( 'Argument 1 must be an integer, ' . gettype( $int ) . ' given.' ); |
|
| 642 | 642 | } |
| 643 | 643 | } |
| 644 | 644 | |
| 645 | - if (PHP_INT_SIZE === 8) { |
|
| 646 | - return self::intToChr($int & 0xff) . |
|
| 647 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 648 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 649 | - self::intToChr(($int >> 24) & 0xff) . |
|
| 650 | - self::intToChr(($int >> 32) & 0xff) . |
|
| 651 | - self::intToChr(($int >> 40) & 0xff) . |
|
| 652 | - self::intToChr(($int >> 48) & 0xff) . |
|
| 653 | - self::intToChr(($int >> 56) & 0xff); |
|
| 645 | + if ( PHP_INT_SIZE === 8 ) { |
|
| 646 | + return self::intToChr( $int & 0xff ) . |
|
| 647 | + self::intToChr( ( $int >> 8 ) & 0xff ) . |
|
| 648 | + self::intToChr( ( $int >> 16 ) & 0xff ) . |
|
| 649 | + self::intToChr( ( $int >> 24 ) & 0xff ) . |
|
| 650 | + self::intToChr( ( $int >> 32 ) & 0xff ) . |
|
| 651 | + self::intToChr( ( $int >> 40 ) & 0xff ) . |
|
| 652 | + self::intToChr( ( $int >> 48 ) & 0xff ) . |
|
| 653 | + self::intToChr( ( $int >> 56 ) & 0xff ); |
|
| 654 | 654 | } |
| 655 | - if ($int > PHP_INT_MAX) { |
|
| 656 | - list($hiB, $int) = self::numericTo64BitInteger($int); |
|
| 655 | + if ( $int > PHP_INT_MAX ) { |
|
| 656 | + list( $hiB, $int ) = self::numericTo64BitInteger( $int ); |
|
| 657 | 657 | } else { |
| 658 | 658 | $hiB = 0; |
| 659 | 659 | } |
| 660 | 660 | return |
| 661 | - self::intToChr(($int ) & 0xff) . |
|
| 662 | - self::intToChr(($int >> 8) & 0xff) . |
|
| 663 | - self::intToChr(($int >> 16) & 0xff) . |
|
| 664 | - self::intToChr(($int >> 24) & 0xff) . |
|
| 665 | - self::intToChr($hiB & 0xff) . |
|
| 666 | - self::intToChr(($hiB >> 8) & 0xff) . |
|
| 667 | - self::intToChr(($hiB >> 16) & 0xff) . |
|
| 668 | - self::intToChr(($hiB >> 24) & 0xff); |
|
| 661 | + self::intToChr( ( $int ) & 0xff ) . |
|
| 662 | + self::intToChr( ( $int >> 8 ) & 0xff ) . |
|
| 663 | + self::intToChr( ( $int >> 16 ) & 0xff ) . |
|
| 664 | + self::intToChr( ( $int >> 24 ) & 0xff ) . |
|
| 665 | + self::intToChr( $hiB & 0xff ) . |
|
| 666 | + self::intToChr( ( $hiB >> 8 ) & 0xff ) . |
|
| 667 | + self::intToChr( ( $hiB >> 16 ) & 0xff ) . |
|
| 668 | + self::intToChr( ( $hiB >> 24 ) & 0xff ); |
|
| 669 | 669 | } |
| 670 | 670 | |
| 671 | 671 | /** |
@@ -679,17 +679,17 @@ discard block |
||
| 679 | 679 | * @return int |
| 680 | 680 | * @throws TypeError |
| 681 | 681 | */ |
| 682 | - public static function strlen($str) |
|
| 682 | + public static function strlen( $str ) |
|
| 683 | 683 | { |
| 684 | 684 | /* Type checks: */ |
| 685 | - if (!is_string($str)) { |
|
| 686 | - throw new TypeError('String expected'); |
|
| 685 | + if ( ! is_string( $str ) ) { |
|
| 686 | + throw new TypeError( 'String expected' ); |
|
| 687 | 687 | } |
| 688 | 688 | |
| 689 | 689 | return (int) ( |
| 690 | 690 | self::isMbStringOverride() |
| 691 | - ? mb_strlen($str, '8bit') |
|
| 692 | - : strlen($str) |
|
| 691 | + ? mb_strlen( $str, '8bit' ) |
|
| 692 | + : strlen( $str ) |
|
| 693 | 693 | ); |
| 694 | 694 | } |
| 695 | 695 | |
@@ -702,16 +702,16 @@ discard block |
||
| 702 | 702 | * @return array<int, int> |
| 703 | 703 | * @throws TypeError |
| 704 | 704 | */ |
| 705 | - public static function stringToIntArray($string) |
|
| 705 | + public static function stringToIntArray( $string ) |
|
| 706 | 706 | { |
| 707 | - if (!is_string($string)) { |
|
| 708 | - throw new TypeError('String expected'); |
|
| 707 | + if ( ! is_string( $string ) ) { |
|
| 708 | + throw new TypeError( 'String expected' ); |
|
| 709 | 709 | } |
| 710 | 710 | /** |
| 711 | 711 | * @var array<int, int> |
| 712 | 712 | */ |
| 713 | 713 | $values = array_values( |
| 714 | - unpack('C*', $string) |
|
| 714 | + unpack( 'C*', $string ) |
|
| 715 | 715 | ); |
| 716 | 716 | return $values; |
| 717 | 717 | } |
@@ -729,28 +729,28 @@ discard block |
||
| 729 | 729 | * @return string |
| 730 | 730 | * @throws TypeError |
| 731 | 731 | */ |
| 732 | - public static function substr($str, $start = 0, $length = null) |
|
| 732 | + public static function substr( $str, $start = 0, $length = null ) |
|
| 733 | 733 | { |
| 734 | 734 | /* Type checks: */ |
| 735 | - if (!is_string($str)) { |
|
| 736 | - throw new TypeError('String expected'); |
|
| 735 | + if ( ! is_string( $str ) ) { |
|
| 736 | + throw new TypeError( 'String expected' ); |
|
| 737 | 737 | } |
| 738 | 738 | |
| 739 | - if ($length === 0) { |
|
| 739 | + if ( $length === 0 ) { |
|
| 740 | 740 | return ''; |
| 741 | 741 | } |
| 742 | 742 | |
| 743 | - if (self::isMbStringOverride()) { |
|
| 744 | - if (PHP_VERSION_ID < 50400 && $length === null) { |
|
| 745 | - $length = self::strlen($str); |
|
| 743 | + if ( self::isMbStringOverride() ) { |
|
| 744 | + if ( PHP_VERSION_ID < 50400 && $length === null ) { |
|
| 745 | + $length = self::strlen( $str ); |
|
| 746 | 746 | } |
| 747 | - $sub = (string) mb_substr($str, $start, $length, '8bit'); |
|
| 748 | - } elseif ($length === null) { |
|
| 749 | - $sub = (string) substr($str, $start); |
|
| 747 | + $sub = (string) mb_substr( $str, $start, $length, '8bit' ); |
|
| 748 | + } elseif ( $length === null ) { |
|
| 749 | + $sub = (string) substr( $str, $start ); |
|
| 750 | 750 | } else { |
| 751 | - $sub = (string) substr($str, $start, $length); |
|
| 751 | + $sub = (string) substr( $str, $start, $length ); |
|
| 752 | 752 | } |
| 753 | - if (isset($sub)) { |
|
| 753 | + if ( isset( $sub ) ) { |
|
| 754 | 754 | return $sub; |
| 755 | 755 | } |
| 756 | 756 | return ''; |
@@ -766,18 +766,18 @@ discard block |
||
| 766 | 766 | * @return bool |
| 767 | 767 | * @throws TypeError |
| 768 | 768 | */ |
| 769 | - public static function verify_16($a, $b) |
|
| 769 | + public static function verify_16( $a, $b ) |
|
| 770 | 770 | { |
| 771 | 771 | /* Type checks: */ |
| 772 | - if (!is_string($a)) { |
|
| 773 | - throw new TypeError('String expected'); |
|
| 772 | + if ( ! is_string( $a ) ) { |
|
| 773 | + throw new TypeError( 'String expected' ); |
|
| 774 | 774 | } |
| 775 | - if (!is_string($b)) { |
|
| 776 | - throw new TypeError('String expected'); |
|
| 775 | + if ( ! is_string( $b ) ) { |
|
| 776 | + throw new TypeError( 'String expected' ); |
|
| 777 | 777 | } |
| 778 | 778 | return self::hashEquals( |
| 779 | - self::substr($a, 0, 16), |
|
| 780 | - self::substr($b, 0, 16) |
|
| 779 | + self::substr( $a, 0, 16 ), |
|
| 780 | + self::substr( $b, 0, 16 ) |
|
| 781 | 781 | ); |
| 782 | 782 | } |
| 783 | 783 | |
@@ -791,18 +791,18 @@ discard block |
||
| 791 | 791 | * @return bool |
| 792 | 792 | * @throws TypeError |
| 793 | 793 | */ |
| 794 | - public static function verify_32($a, $b) |
|
| 794 | + public static function verify_32( $a, $b ) |
|
| 795 | 795 | { |
| 796 | 796 | /* Type checks: */ |
| 797 | - if (!is_string($a)) { |
|
| 798 | - throw new TypeError('String expected'); |
|
| 797 | + if ( ! is_string( $a ) ) { |
|
| 798 | + throw new TypeError( 'String expected' ); |
|
| 799 | 799 | } |
| 800 | - if (!is_string($b)) { |
|
| 801 | - throw new TypeError('String expected'); |
|
| 800 | + if ( ! is_string( $b ) ) { |
|
| 801 | + throw new TypeError( 'String expected' ); |
|
| 802 | 802 | } |
| 803 | 803 | return self::hashEquals( |
| 804 | - self::substr($a, 0, 32), |
|
| 805 | - self::substr($b, 0, 32) |
|
| 804 | + self::substr( $a, 0, 32 ), |
|
| 805 | + self::substr( $b, 0, 32 ) |
|
| 806 | 806 | ); |
| 807 | 807 | } |
| 808 | 808 | |
@@ -816,14 +816,14 @@ discard block |
||
| 816 | 816 | * @return string |
| 817 | 817 | * @throws TypeError |
| 818 | 818 | */ |
| 819 | - public static function xorStrings($a, $b) |
|
| 819 | + public static function xorStrings( $a, $b ) |
|
| 820 | 820 | { |
| 821 | 821 | /* Type checks: */ |
| 822 | - if (!is_string($a)) { |
|
| 823 | - throw new TypeError('Argument 1 must be a string'); |
|
| 822 | + if ( ! is_string( $a ) ) { |
|
| 823 | + throw new TypeError( 'Argument 1 must be a string' ); |
|
| 824 | 824 | } |
| 825 | - if (!is_string($b)) { |
|
| 826 | - throw new TypeError('Argument 2 must be a string'); |
|
| 825 | + if ( ! is_string( $b ) ) { |
|
| 826 | + throw new TypeError( 'Argument 2 must be a string' ); |
|
| 827 | 827 | } |
| 828 | 828 | |
| 829 | 829 | return $a ^ $b; |
@@ -840,10 +840,10 @@ discard block |
||
| 840 | 840 | { |
| 841 | 841 | static $mbstring = null; |
| 842 | 842 | |
| 843 | - if ($mbstring === null) { |
|
| 844 | - $mbstring = extension_loaded('mbstring') |
|
| 843 | + if ( $mbstring === null ) { |
|
| 844 | + $mbstring = extension_loaded( 'mbstring' ) |
|
| 845 | 845 | && |
| 846 | - (ini_get('mbstring.func_overload') & MB_OVERLOAD_STRING); |
|
| 846 | + ( ini_get( 'mbstring.func_overload' ) & MB_OVERLOAD_STRING ); |
|
| 847 | 847 | } |
| 848 | 848 | |
| 849 | 849 | return $mbstring; |
@@ -7,8 +7,7 @@ discard block |
||
| 7 | 7 | /** |
| 8 | 8 | * Class ParagonIE_Sodium_Core_Util |
| 9 | 9 | */ |
| 10 | -abstract class ParagonIE_Sodium_Core_Util |
|
| 11 | -{ |
|
| 10 | +abstract class ParagonIE_Sodium_Core_Util { |
|
| 12 | 11 | /** |
| 13 | 12 | * Convert a binary string into a hexadecimal string without cache-timing |
| 14 | 13 | * leaks |
@@ -19,8 +18,7 @@ discard block |
||
| 19 | 18 | * @return string |
| 20 | 19 | * @throws TypeError |
| 21 | 20 | */ |
| 22 | - public static function bin2hex($binaryString) |
|
| 23 | - { |
|
| 21 | + public static function bin2hex($binaryString) { |
|
| 24 | 22 | /* Type checks: */ |
| 25 | 23 | if (!is_string($binaryString)) { |
| 26 | 24 | throw new TypeError('Argument 1 must be a string, ' . gettype($binaryString) . ' given.'); |
@@ -50,8 +48,7 @@ discard block |
||
| 50 | 48 | * @param string $bin_string (raw binary) |
| 51 | 49 | * @return string |
| 52 | 50 | */ |
| 53 | - public static function bin2hexUpper($bin_string) |
|
| 54 | - { |
|
| 51 | + public static function bin2hexUpper($bin_string) { |
|
| 55 | 52 | $hex = ''; |
| 56 | 53 | $len = self::strlen($bin_string); |
| 57 | 54 | for ($i = 0; $i < $len; ++$i) { |
@@ -93,8 +90,7 @@ discard block |
||
| 93 | 90 | * @return int |
| 94 | 91 | * @throws Error |
| 95 | 92 | */ |
| 96 | - public static function chrToInt($chr) |
|
| 97 | - { |
|
| 93 | + public static function chrToInt($chr) { |
|
| 98 | 94 | /* Type checks: */ |
| 99 | 95 | if (!is_string($chr)) { |
| 100 | 96 | throw new TypeError('Argument 1 must be a string, ' . gettype($chr) . ' given.'); |
@@ -116,8 +112,7 @@ discard block |
||
| 116 | 112 | * @param int $len |
| 117 | 113 | * @return int |
| 118 | 114 | */ |
| 119 | - public static function compare($left, $right, $len = null) |
|
| 120 | - { |
|
| 115 | + public static function compare($left, $right, $len = null) { |
|
| 121 | 116 | $leftLen = self::strlen($left); |
| 122 | 117 | $rightLen = self::strlen($right); |
| 123 | 118 | if ($len === null) { |
@@ -147,8 +142,7 @@ discard block |
||
| 147 | 142 | * @throws Error |
| 148 | 143 | * @return void |
| 149 | 144 | */ |
| 150 | - public static function declareScalarType(&$mixedVar = null, $type = 'void', $argumentIndex = 0) |
|
| 151 | - { |
|
| 145 | + public static function declareScalarType(&$mixedVar = null, $type = 'void', $argumentIndex = 0) { |
|
| 152 | 146 | if (func_num_args() === 0) { |
| 153 | 147 | /* Tautology, by default */ |
| 154 | 148 | return; |
@@ -223,8 +217,7 @@ discard block |
||
| 223 | 217 | * @return bool |
| 224 | 218 | * @throws TypeError |
| 225 | 219 | */ |
| 226 | - public static function hashEquals($left, $right) |
|
| 227 | - { |
|
| 220 | + public static function hashEquals($left, $right) { |
|
| 228 | 221 | /* Type checks: */ |
| 229 | 222 | if (!is_string($left)) { |
| 230 | 223 | throw new TypeError('Argument 1 must be a string, ' . gettype($left) . ' given.'); |
@@ -263,8 +256,7 @@ discard block |
||
| 263 | 256 | * @throws RangeException |
| 264 | 257 | * @throws TypeError |
| 265 | 258 | */ |
| 266 | - public static function hex2bin($hexString, $strictPadding = false) |
|
| 267 | - { |
|
| 259 | + public static function hex2bin($hexString, $strictPadding = false) { |
|
| 268 | 260 | /* Type checks: */ |
| 269 | 261 | if (!is_string($hexString)) { |
| 270 | 262 | throw new TypeError('Argument 1 must be a string, ' . gettype($hexString) . ' given.'); |
@@ -318,8 +310,7 @@ discard block |
||
| 318 | 310 | * @param array<int, int> $ints |
| 319 | 311 | * @return string |
| 320 | 312 | */ |
| 321 | - public static function intArrayToString(array $ints) |
|
| 322 | - { |
|
| 313 | + public static function intArrayToString(array $ints) { |
|
| 323 | 314 | $args = $ints; |
| 324 | 315 | foreach ($args as $i => $v) { |
| 325 | 316 | $args[$i] = $v & 0xff; |
@@ -337,8 +328,7 @@ discard block |
||
| 337 | 328 | * @return string |
| 338 | 329 | * @throws TypeError |
| 339 | 330 | */ |
| 340 | - public static function intToChr($int) |
|
| 341 | - { |
|
| 331 | + public static function intToChr($int) { |
|
| 342 | 332 | return pack('C', $int); |
| 343 | 333 | } |
| 344 | 334 | |
@@ -352,8 +342,7 @@ discard block |
||
| 352 | 342 | * @throws RangeException |
| 353 | 343 | * @throws TypeError |
| 354 | 344 | */ |
| 355 | - public static function load_3($string) |
|
| 356 | - { |
|
| 345 | + public static function load_3($string) { |
|
| 357 | 346 | /* Type checks: */ |
| 358 | 347 | if (!is_string($string)) { |
| 359 | 348 | throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
@@ -381,8 +370,7 @@ discard block |
||
| 381 | 370 | * @throws RangeException |
| 382 | 371 | * @throws TypeError |
| 383 | 372 | */ |
| 384 | - public static function load_4($string) |
|
| 385 | - { |
|
| 373 | + public static function load_4($string) { |
|
| 386 | 374 | /* Type checks: */ |
| 387 | 375 | if (!is_string($string)) { |
| 388 | 376 | throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
@@ -411,8 +399,7 @@ discard block |
||
| 411 | 399 | * @throws RangeException |
| 412 | 400 | * @throws TypeError |
| 413 | 401 | */ |
| 414 | - public static function load64_le($string) |
|
| 415 | - { |
|
| 402 | + public static function load64_le($string) { |
|
| 416 | 403 | /* Type checks: */ |
| 417 | 404 | if (!is_string($string)) { |
| 418 | 405 | throw new TypeError('Argument 1 must be a string, ' . gettype($string) . ' given.'); |
@@ -442,8 +429,7 @@ discard block |
||
| 442 | 429 | * @param string $right |
| 443 | 430 | * @return int |
| 444 | 431 | */ |
| 445 | - public static function memcmp($left, $right) |
|
| 446 | - { |
|
| 432 | + public static function memcmp($left, $right) { |
|
| 447 | 433 | if (self::hashEquals($left, $right)) { |
| 448 | 434 | return 0; |
| 449 | 435 | } |
@@ -467,8 +453,7 @@ discard block |
||
| 467 | 453 | * constant operands) |
| 468 | 454 | * @return int |
| 469 | 455 | */ |
| 470 | - public static function mul($a, $b, $size = 0) |
|
| 471 | - { |
|
| 456 | + public static function mul($a, $b, $size = 0) { |
|
| 472 | 457 | if (ParagonIE_Sodium_Compat::$fastMult) { |
| 473 | 458 | return (int) ($a * $b); |
| 474 | 459 | } |
@@ -530,8 +515,7 @@ discard block |
||
| 530 | 515 | * @param int|float $num |
| 531 | 516 | * @return array<int, int> |
| 532 | 517 | */ |
| 533 | - public static function numericTo64BitInteger($num) |
|
| 534 | - { |
|
| 518 | + public static function numericTo64BitInteger($num) { |
|
| 535 | 519 | $high = 0; |
| 536 | 520 | $low = $num & 0xffffffff; |
| 537 | 521 | |
@@ -554,8 +538,7 @@ discard block |
||
| 554 | 538 | * @return string |
| 555 | 539 | * @throws TypeError |
| 556 | 540 | */ |
| 557 | - public static function store_3($int) |
|
| 558 | - { |
|
| 541 | + public static function store_3($int) { |
|
| 559 | 542 | /* Type checks: */ |
| 560 | 543 | if (!is_int($int)) { |
| 561 | 544 | if (is_numeric($int)) { |
@@ -579,8 +562,7 @@ discard block |
||
| 579 | 562 | * @return string |
| 580 | 563 | * @throws TypeError |
| 581 | 564 | */ |
| 582 | - public static function store32_le($int) |
|
| 583 | - { |
|
| 565 | + public static function store32_le($int) { |
|
| 584 | 566 | /* Type checks: */ |
| 585 | 567 | if (!is_int($int)) { |
| 586 | 568 | if (is_numeric($int)) { |
@@ -605,8 +587,7 @@ discard block |
||
| 605 | 587 | * @return string |
| 606 | 588 | * @throws TypeError |
| 607 | 589 | */ |
| 608 | - public static function store_4($int) |
|
| 609 | - { |
|
| 590 | + public static function store_4($int) { |
|
| 610 | 591 | /* Type checks: */ |
| 611 | 592 | if (!is_int($int)) { |
| 612 | 593 | if (is_numeric($int)) { |
@@ -631,8 +612,7 @@ discard block |
||
| 631 | 612 | * @return string |
| 632 | 613 | * @throws TypeError |
| 633 | 614 | */ |
| 634 | - public static function store64_le($int) |
|
| 635 | - { |
|
| 615 | + public static function store64_le($int) { |
|
| 636 | 616 | /* Type checks: */ |
| 637 | 617 | if (!is_int($int)) { |
| 638 | 618 | if (is_numeric($int)) { |
@@ -679,8 +659,7 @@ discard block |
||
| 679 | 659 | * @return int |
| 680 | 660 | * @throws TypeError |
| 681 | 661 | */ |
| 682 | - public static function strlen($str) |
|
| 683 | - { |
|
| 662 | + public static function strlen($str) { |
|
| 684 | 663 | /* Type checks: */ |
| 685 | 664 | if (!is_string($str)) { |
| 686 | 665 | throw new TypeError('String expected'); |
@@ -702,8 +681,7 @@ discard block |
||
| 702 | 681 | * @return array<int, int> |
| 703 | 682 | * @throws TypeError |
| 704 | 683 | */ |
| 705 | - public static function stringToIntArray($string) |
|
| 706 | - { |
|
| 684 | + public static function stringToIntArray($string) { |
|
| 707 | 685 | if (!is_string($string)) { |
| 708 | 686 | throw new TypeError('String expected'); |
| 709 | 687 | } |
@@ -729,8 +707,7 @@ discard block |
||
| 729 | 707 | * @return string |
| 730 | 708 | * @throws TypeError |
| 731 | 709 | */ |
| 732 | - public static function substr($str, $start = 0, $length = null) |
|
| 733 | - { |
|
| 710 | + public static function substr($str, $start = 0, $length = null) { |
|
| 734 | 711 | /* Type checks: */ |
| 735 | 712 | if (!is_string($str)) { |
| 736 | 713 | throw new TypeError('String expected'); |
@@ -766,8 +743,7 @@ discard block |
||
| 766 | 743 | * @return bool |
| 767 | 744 | * @throws TypeError |
| 768 | 745 | */ |
| 769 | - public static function verify_16($a, $b) |
|
| 770 | - { |
|
| 746 | + public static function verify_16($a, $b) { |
|
| 771 | 747 | /* Type checks: */ |
| 772 | 748 | if (!is_string($a)) { |
| 773 | 749 | throw new TypeError('String expected'); |
@@ -791,8 +767,7 @@ discard block |
||
| 791 | 767 | * @return bool |
| 792 | 768 | * @throws TypeError |
| 793 | 769 | */ |
| 794 | - public static function verify_32($a, $b) |
|
| 795 | - { |
|
| 770 | + public static function verify_32($a, $b) { |
|
| 796 | 771 | /* Type checks: */ |
| 797 | 772 | if (!is_string($a)) { |
| 798 | 773 | throw new TypeError('String expected'); |
@@ -816,8 +791,7 @@ discard block |
||
| 816 | 791 | * @return string |
| 817 | 792 | * @throws TypeError |
| 818 | 793 | */ |
| 819 | - public static function xorStrings($a, $b) |
|
| 820 | - { |
|
| 794 | + public static function xorStrings($a, $b) { |
|
| 821 | 795 | /* Type checks: */ |
| 822 | 796 | if (!is_string($a)) { |
| 823 | 797 | throw new TypeError('Argument 1 must be a string'); |
@@ -836,8 +810,7 @@ discard block |
||
| 836 | 810 | * |
| 837 | 811 | * @return bool |
| 838 | 812 | */ |
| 839 | - protected static function isMbStringOverride() |
|
| 840 | - { |
|
| 813 | + protected static function isMbStringOverride() { |
|
| 841 | 814 | static $mbstring = null; |
| 842 | 815 | |
| 843 | 816 | if ($mbstring === null) { |
@@ -1960,7 +1960,7 @@ |
||
| 1960 | 1960 | /** |
| 1961 | 1961 | * @internal You should not use this directly from another application |
| 1962 | 1962 | * |
| 1963 | - * @param string $a |
|
| 1963 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $a |
|
| 1964 | 1964 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A |
| 1965 | 1965 | * @param string $b |
| 1966 | 1966 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
@@ -1,7 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (class_exists('ParagonIE_Sodium_Core32_Curve25519', false)) { |
| 4 | - return; |
|
| 4 | + return; |
|
| 5 | 5 | } |
| 6 | 6 | |
| 7 | 7 | /** |
@@ -15,253 +15,253 @@ discard block |
||
| 15 | 15 | */ |
| 16 | 16 | abstract class ParagonIE_Sodium_Core32_Curve25519 extends ParagonIE_Sodium_Core32_Curve25519_H |
| 17 | 17 | { |
| 18 | - /** |
|
| 19 | - * Get a field element of size 10 with a value of 0 |
|
| 20 | - * |
|
| 21 | - * @internal You should not use this directly from another application |
|
| 22 | - * |
|
| 23 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | - */ |
|
| 25 | - public static function fe_0() |
|
| 26 | - { |
|
| 27 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 28 | - array( |
|
| 29 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 30 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 31 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 32 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 33 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 34 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 35 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 36 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 37 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 38 | - new ParagonIE_Sodium_Core32_Int32() |
|
| 39 | - ) |
|
| 40 | - ); |
|
| 41 | - } |
|
| 42 | - |
|
| 43 | - /** |
|
| 44 | - * Get a field element of size 10 with a value of 1 |
|
| 45 | - * |
|
| 46 | - * @internal You should not use this directly from another application |
|
| 47 | - * |
|
| 48 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 49 | - */ |
|
| 50 | - public static function fe_1() |
|
| 51 | - { |
|
| 52 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 53 | - array( |
|
| 54 | - ParagonIE_Sodium_Core32_Int32::fromInt(1), |
|
| 55 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 56 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 57 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 58 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 59 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 60 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 61 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 62 | - new ParagonIE_Sodium_Core32_Int32(), |
|
| 63 | - new ParagonIE_Sodium_Core32_Int32() |
|
| 64 | - ) |
|
| 65 | - ); |
|
| 66 | - } |
|
| 67 | - |
|
| 68 | - /** |
|
| 69 | - * Add two field elements. |
|
| 70 | - * |
|
| 71 | - * @internal You should not use this directly from another application |
|
| 72 | - * |
|
| 73 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 74 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 75 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 76 | - */ |
|
| 77 | - public static function fe_add( |
|
| 78 | - ParagonIE_Sodium_Core32_Curve25519_Fe $f, |
|
| 79 | - ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 80 | - ) { |
|
| 81 | - $arr = array(); |
|
| 82 | - for ($i = 0; $i < 10; ++$i) { |
|
| 83 | - $arr[$i] = $f[$i]->addInt32($g[$i]); |
|
| 84 | - } |
|
| 85 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($arr); |
|
| 86 | - } |
|
| 87 | - |
|
| 88 | - /** |
|
| 89 | - * Constant-time conditional move. |
|
| 90 | - * |
|
| 91 | - * @internal You should not use this directly from another application |
|
| 92 | - * |
|
| 93 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 94 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 95 | - * @param int $b |
|
| 96 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 97 | - * @throws TypeError |
|
| 98 | - */ |
|
| 99 | - public static function fe_cmov( |
|
| 100 | - ParagonIE_Sodium_Core32_Curve25519_Fe $f, |
|
| 101 | - ParagonIE_Sodium_Core32_Curve25519_Fe $g, |
|
| 102 | - $b = 0 |
|
| 103 | - ) { |
|
| 104 | - $h = array(); |
|
| 105 | - for ($i = 0; $i < 10; ++$i) { |
|
| 106 | - if (!($f[$i] instanceof ParagonIE_Sodium_Core32_Int32)) { |
|
| 107 | - throw new TypeError(); |
|
| 108 | - } |
|
| 109 | - $h[$i] = $f[$i]->xorInt32( |
|
| 110 | - $f[$i]->xorInt32($g[$i])->mask($b) |
|
| 111 | - ); |
|
| 112 | - } |
|
| 113 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($h); |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - /** |
|
| 117 | - * Create a copy of a field element. |
|
| 118 | - * |
|
| 119 | - * @internal You should not use this directly from another application |
|
| 120 | - * |
|
| 121 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 122 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 123 | - */ |
|
| 124 | - public static function fe_copy(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 125 | - { |
|
| 126 | - $h = clone $f; |
|
| 127 | - return $h; |
|
| 128 | - } |
|
| 129 | - |
|
| 130 | - /** |
|
| 131 | - * Give: 32-byte string. |
|
| 132 | - * Receive: A field element object to use for internal calculations. |
|
| 133 | - * |
|
| 134 | - * @internal You should not use this directly from another application |
|
| 135 | - * |
|
| 136 | - * @param string $s |
|
| 137 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 138 | - * @throws RangeException |
|
| 139 | - */ |
|
| 140 | - public static function fe_frombytes($s) |
|
| 141 | - { |
|
| 142 | - if (self::strlen($s) !== 32) { |
|
| 143 | - throw new RangeException('Expected a 32-byte string.'); |
|
| 144 | - } |
|
| 145 | - /** @var ParagonIE_Sodium_Core32_Int32 $h0 */ |
|
| 146 | - $h0 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 147 | - self::load_4($s) |
|
| 148 | - ); |
|
| 149 | - /** @var ParagonIE_Sodium_Core32_Int32 $h1 */ |
|
| 150 | - $h1 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 151 | - self::load_3(self::substr($s, 4, 3)) << 6 |
|
| 152 | - ); |
|
| 153 | - /** @var ParagonIE_Sodium_Core32_Int32 $h2 */ |
|
| 154 | - $h2 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 155 | - self::load_3(self::substr($s, 7, 3)) << 5 |
|
| 156 | - ); |
|
| 157 | - /** @var ParagonIE_Sodium_Core32_Int32 $h3 */ |
|
| 158 | - $h3 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 159 | - self::load_3(self::substr($s, 10, 3)) << 3 |
|
| 160 | - ); |
|
| 161 | - /** @var ParagonIE_Sodium_Core32_Int32 $h4 */ |
|
| 162 | - $h4 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 163 | - self::load_3(self::substr($s, 13, 3)) << 2 |
|
| 164 | - ); |
|
| 165 | - /** @var ParagonIE_Sodium_Core32_Int32 $h5 */ |
|
| 166 | - $h5 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 167 | - self::load_4(self::substr($s, 16, 4)) |
|
| 168 | - ); |
|
| 169 | - /** @var ParagonIE_Sodium_Core32_Int32 $h6 */ |
|
| 170 | - $h6 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 171 | - self::load_3(self::substr($s, 20, 3)) << 7 |
|
| 172 | - ); |
|
| 173 | - /** @var ParagonIE_Sodium_Core32_Int32 $h7 */ |
|
| 174 | - $h7 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 175 | - self::load_3(self::substr($s, 23, 3)) << 5 |
|
| 176 | - ); |
|
| 177 | - /** @var ParagonIE_Sodium_Core32_Int32 $h8 */ |
|
| 178 | - $h8 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 179 | - self::load_3(self::substr($s, 26, 3)) << 4 |
|
| 180 | - ); |
|
| 181 | - /** @var ParagonIE_Sodium_Core32_Int32 $h9 */ |
|
| 182 | - $h9 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 183 | - (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2 |
|
| 184 | - ); |
|
| 185 | - |
|
| 186 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 187 | - $h0 = $h0->addInt32($carry9->mulInt(19)); |
|
| 188 | - $h9 = $h9->subInt32($carry9->shiftLeft(25)); |
|
| 189 | - |
|
| 190 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 191 | - $h2 = $h2->addInt32($carry1); |
|
| 192 | - $h1 = $h1->subInt32($carry1->shiftLeft(25)); |
|
| 193 | - |
|
| 194 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 195 | - $h4 = $h4->addInt32($carry3); |
|
| 196 | - $h3 = $h3->subInt32($carry3->shiftLeft(25)); |
|
| 197 | - |
|
| 198 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 199 | - $h6 = $h6->addInt32($carry5); |
|
| 200 | - $h5 = $h5->subInt32($carry5->shiftLeft(25)); |
|
| 201 | - |
|
| 202 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 203 | - $h8 = $h8->addInt32($carry7); |
|
| 204 | - $h7 = $h7->subInt32($carry7->shiftLeft(25)); |
|
| 205 | - |
|
| 206 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 207 | - $h1 = $h1->addInt32($carry0); |
|
| 208 | - $h0 = $h0->subInt32($carry0->shiftLeft(26)); |
|
| 209 | - |
|
| 210 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 211 | - $h3 = $h3->addInt32($carry2); |
|
| 212 | - $h2 = $h2->subInt32($carry2->shiftLeft(26)); |
|
| 213 | - |
|
| 214 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 215 | - $h5 = $h5->addInt32($carry4); |
|
| 216 | - $h4 = $h4->subInt32($carry4->shiftLeft(26)); |
|
| 217 | - |
|
| 218 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 219 | - $h7 = $h7->addInt32($carry6); |
|
| 220 | - $h6 = $h6->subInt32($carry6->shiftLeft(26)); |
|
| 221 | - |
|
| 222 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 223 | - $h9 = $h9->addInt32($carry8); |
|
| 224 | - $h8 = $h8->subInt32($carry8->shiftLeft(26)); |
|
| 225 | - |
|
| 226 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 227 | - array($h0, $h1, $h2,$h3, $h4, $h5, $h6, $h7, $h8, $h9) |
|
| 228 | - ); |
|
| 229 | - } |
|
| 230 | - |
|
| 231 | - /** |
|
| 232 | - * Convert a field element to a byte string. |
|
| 233 | - * |
|
| 234 | - * @internal You should not use this directly from another application |
|
| 235 | - * |
|
| 236 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $h |
|
| 237 | - * @return string |
|
| 238 | - */ |
|
| 239 | - public static function fe_tobytes(ParagonIE_Sodium_Core32_Curve25519_Fe $h) |
|
| 240 | - { |
|
| 241 | - /** |
|
| 242 | - * @var ParagonIE_Sodium_Core32_Int64[] $f |
|
| 243 | - * @var ParagonIE_Sodium_Core32_Int64 $q |
|
| 244 | - */ |
|
| 245 | - $f = array(); |
|
| 246 | - |
|
| 247 | - for ($i = 0; $i < 10; ++$i) { |
|
| 248 | - $f[$i] = $h[$i]->toInt64(); |
|
| 249 | - } |
|
| 250 | - |
|
| 251 | - $q = $f[9]->mulInt(19, 5)->addInt(1 << 14)->shiftRight(25) |
|
| 252 | - ->addInt64($f[0])->shiftRight(26) |
|
| 253 | - ->addInt64($f[1])->shiftRight(25) |
|
| 254 | - ->addInt64($f[2])->shiftRight(26) |
|
| 255 | - ->addInt64($f[3])->shiftRight(25) |
|
| 256 | - ->addInt64($f[4])->shiftRight(26) |
|
| 257 | - ->addInt64($f[5])->shiftRight(25) |
|
| 258 | - ->addInt64($f[6])->shiftRight(26) |
|
| 259 | - ->addInt64($f[7])->shiftRight(25) |
|
| 260 | - ->addInt64($f[8])->shiftRight(26) |
|
| 261 | - ->addInt64($f[9])->shiftRight(25); |
|
| 262 | - |
|
| 263 | - |
|
| 264 | - /* |
|
| 18 | + /** |
|
| 19 | + * Get a field element of size 10 with a value of 0 |
|
| 20 | + * |
|
| 21 | + * @internal You should not use this directly from another application |
|
| 22 | + * |
|
| 23 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 24 | + */ |
|
| 25 | + public static function fe_0() |
|
| 26 | + { |
|
| 27 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 28 | + array( |
|
| 29 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 30 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 31 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 32 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 33 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 34 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 35 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 36 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 37 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 38 | + new ParagonIE_Sodium_Core32_Int32() |
|
| 39 | + ) |
|
| 40 | + ); |
|
| 41 | + } |
|
| 42 | + |
|
| 43 | + /** |
|
| 44 | + * Get a field element of size 10 with a value of 1 |
|
| 45 | + * |
|
| 46 | + * @internal You should not use this directly from another application |
|
| 47 | + * |
|
| 48 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 49 | + */ |
|
| 50 | + public static function fe_1() |
|
| 51 | + { |
|
| 52 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 53 | + array( |
|
| 54 | + ParagonIE_Sodium_Core32_Int32::fromInt(1), |
|
| 55 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 56 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 57 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 58 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 59 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 60 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 61 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 62 | + new ParagonIE_Sodium_Core32_Int32(), |
|
| 63 | + new ParagonIE_Sodium_Core32_Int32() |
|
| 64 | + ) |
|
| 65 | + ); |
|
| 66 | + } |
|
| 67 | + |
|
| 68 | + /** |
|
| 69 | + * Add two field elements. |
|
| 70 | + * |
|
| 71 | + * @internal You should not use this directly from another application |
|
| 72 | + * |
|
| 73 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 74 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 75 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 76 | + */ |
|
| 77 | + public static function fe_add( |
|
| 78 | + ParagonIE_Sodium_Core32_Curve25519_Fe $f, |
|
| 79 | + ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 80 | + ) { |
|
| 81 | + $arr = array(); |
|
| 82 | + for ($i = 0; $i < 10; ++$i) { |
|
| 83 | + $arr[$i] = $f[$i]->addInt32($g[$i]); |
|
| 84 | + } |
|
| 85 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($arr); |
|
| 86 | + } |
|
| 87 | + |
|
| 88 | + /** |
|
| 89 | + * Constant-time conditional move. |
|
| 90 | + * |
|
| 91 | + * @internal You should not use this directly from another application |
|
| 92 | + * |
|
| 93 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 94 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 95 | + * @param int $b |
|
| 96 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 97 | + * @throws TypeError |
|
| 98 | + */ |
|
| 99 | + public static function fe_cmov( |
|
| 100 | + ParagonIE_Sodium_Core32_Curve25519_Fe $f, |
|
| 101 | + ParagonIE_Sodium_Core32_Curve25519_Fe $g, |
|
| 102 | + $b = 0 |
|
| 103 | + ) { |
|
| 104 | + $h = array(); |
|
| 105 | + for ($i = 0; $i < 10; ++$i) { |
|
| 106 | + if (!($f[$i] instanceof ParagonIE_Sodium_Core32_Int32)) { |
|
| 107 | + throw new TypeError(); |
|
| 108 | + } |
|
| 109 | + $h[$i] = $f[$i]->xorInt32( |
|
| 110 | + $f[$i]->xorInt32($g[$i])->mask($b) |
|
| 111 | + ); |
|
| 112 | + } |
|
| 113 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($h); |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + /** |
|
| 117 | + * Create a copy of a field element. |
|
| 118 | + * |
|
| 119 | + * @internal You should not use this directly from another application |
|
| 120 | + * |
|
| 121 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 122 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 123 | + */ |
|
| 124 | + public static function fe_copy(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 125 | + { |
|
| 126 | + $h = clone $f; |
|
| 127 | + return $h; |
|
| 128 | + } |
|
| 129 | + |
|
| 130 | + /** |
|
| 131 | + * Give: 32-byte string. |
|
| 132 | + * Receive: A field element object to use for internal calculations. |
|
| 133 | + * |
|
| 134 | + * @internal You should not use this directly from another application |
|
| 135 | + * |
|
| 136 | + * @param string $s |
|
| 137 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 138 | + * @throws RangeException |
|
| 139 | + */ |
|
| 140 | + public static function fe_frombytes($s) |
|
| 141 | + { |
|
| 142 | + if (self::strlen($s) !== 32) { |
|
| 143 | + throw new RangeException('Expected a 32-byte string.'); |
|
| 144 | + } |
|
| 145 | + /** @var ParagonIE_Sodium_Core32_Int32 $h0 */ |
|
| 146 | + $h0 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 147 | + self::load_4($s) |
|
| 148 | + ); |
|
| 149 | + /** @var ParagonIE_Sodium_Core32_Int32 $h1 */ |
|
| 150 | + $h1 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 151 | + self::load_3(self::substr($s, 4, 3)) << 6 |
|
| 152 | + ); |
|
| 153 | + /** @var ParagonIE_Sodium_Core32_Int32 $h2 */ |
|
| 154 | + $h2 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 155 | + self::load_3(self::substr($s, 7, 3)) << 5 |
|
| 156 | + ); |
|
| 157 | + /** @var ParagonIE_Sodium_Core32_Int32 $h3 */ |
|
| 158 | + $h3 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 159 | + self::load_3(self::substr($s, 10, 3)) << 3 |
|
| 160 | + ); |
|
| 161 | + /** @var ParagonIE_Sodium_Core32_Int32 $h4 */ |
|
| 162 | + $h4 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 163 | + self::load_3(self::substr($s, 13, 3)) << 2 |
|
| 164 | + ); |
|
| 165 | + /** @var ParagonIE_Sodium_Core32_Int32 $h5 */ |
|
| 166 | + $h5 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 167 | + self::load_4(self::substr($s, 16, 4)) |
|
| 168 | + ); |
|
| 169 | + /** @var ParagonIE_Sodium_Core32_Int32 $h6 */ |
|
| 170 | + $h6 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 171 | + self::load_3(self::substr($s, 20, 3)) << 7 |
|
| 172 | + ); |
|
| 173 | + /** @var ParagonIE_Sodium_Core32_Int32 $h7 */ |
|
| 174 | + $h7 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 175 | + self::load_3(self::substr($s, 23, 3)) << 5 |
|
| 176 | + ); |
|
| 177 | + /** @var ParagonIE_Sodium_Core32_Int32 $h8 */ |
|
| 178 | + $h8 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 179 | + self::load_3(self::substr($s, 26, 3)) << 4 |
|
| 180 | + ); |
|
| 181 | + /** @var ParagonIE_Sodium_Core32_Int32 $h9 */ |
|
| 182 | + $h9 = ParagonIE_Sodium_Core32_Int32::fromInt( |
|
| 183 | + (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2 |
|
| 184 | + ); |
|
| 185 | + |
|
| 186 | + $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 187 | + $h0 = $h0->addInt32($carry9->mulInt(19)); |
|
| 188 | + $h9 = $h9->subInt32($carry9->shiftLeft(25)); |
|
| 189 | + |
|
| 190 | + $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 191 | + $h2 = $h2->addInt32($carry1); |
|
| 192 | + $h1 = $h1->subInt32($carry1->shiftLeft(25)); |
|
| 193 | + |
|
| 194 | + $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 195 | + $h4 = $h4->addInt32($carry3); |
|
| 196 | + $h3 = $h3->subInt32($carry3->shiftLeft(25)); |
|
| 197 | + |
|
| 198 | + $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 199 | + $h6 = $h6->addInt32($carry5); |
|
| 200 | + $h5 = $h5->subInt32($carry5->shiftLeft(25)); |
|
| 201 | + |
|
| 202 | + $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 203 | + $h8 = $h8->addInt32($carry7); |
|
| 204 | + $h7 = $h7->subInt32($carry7->shiftLeft(25)); |
|
| 205 | + |
|
| 206 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 207 | + $h1 = $h1->addInt32($carry0); |
|
| 208 | + $h0 = $h0->subInt32($carry0->shiftLeft(26)); |
|
| 209 | + |
|
| 210 | + $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 211 | + $h3 = $h3->addInt32($carry2); |
|
| 212 | + $h2 = $h2->subInt32($carry2->shiftLeft(26)); |
|
| 213 | + |
|
| 214 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 215 | + $h5 = $h5->addInt32($carry4); |
|
| 216 | + $h4 = $h4->subInt32($carry4->shiftLeft(26)); |
|
| 217 | + |
|
| 218 | + $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 219 | + $h7 = $h7->addInt32($carry6); |
|
| 220 | + $h6 = $h6->subInt32($carry6->shiftLeft(26)); |
|
| 221 | + |
|
| 222 | + $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 223 | + $h9 = $h9->addInt32($carry8); |
|
| 224 | + $h8 = $h8->subInt32($carry8->shiftLeft(26)); |
|
| 225 | + |
|
| 226 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 227 | + array($h0, $h1, $h2,$h3, $h4, $h5, $h6, $h7, $h8, $h9) |
|
| 228 | + ); |
|
| 229 | + } |
|
| 230 | + |
|
| 231 | + /** |
|
| 232 | + * Convert a field element to a byte string. |
|
| 233 | + * |
|
| 234 | + * @internal You should not use this directly from another application |
|
| 235 | + * |
|
| 236 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $h |
|
| 237 | + * @return string |
|
| 238 | + */ |
|
| 239 | + public static function fe_tobytes(ParagonIE_Sodium_Core32_Curve25519_Fe $h) |
|
| 240 | + { |
|
| 241 | + /** |
|
| 242 | + * @var ParagonIE_Sodium_Core32_Int64[] $f |
|
| 243 | + * @var ParagonIE_Sodium_Core32_Int64 $q |
|
| 244 | + */ |
|
| 245 | + $f = array(); |
|
| 246 | + |
|
| 247 | + for ($i = 0; $i < 10; ++$i) { |
|
| 248 | + $f[$i] = $h[$i]->toInt64(); |
|
| 249 | + } |
|
| 250 | + |
|
| 251 | + $q = $f[9]->mulInt(19, 5)->addInt(1 << 14)->shiftRight(25) |
|
| 252 | + ->addInt64($f[0])->shiftRight(26) |
|
| 253 | + ->addInt64($f[1])->shiftRight(25) |
|
| 254 | + ->addInt64($f[2])->shiftRight(26) |
|
| 255 | + ->addInt64($f[3])->shiftRight(25) |
|
| 256 | + ->addInt64($f[4])->shiftRight(26) |
|
| 257 | + ->addInt64($f[5])->shiftRight(25) |
|
| 258 | + ->addInt64($f[6])->shiftRight(26) |
|
| 259 | + ->addInt64($f[7])->shiftRight(25) |
|
| 260 | + ->addInt64($f[8])->shiftRight(26) |
|
| 261 | + ->addInt64($f[9])->shiftRight(25); |
|
| 262 | + |
|
| 263 | + |
|
| 264 | + /* |
|
| 265 | 265 | $q = (self::mul(19, $f[9]) + (1 << 24)) >> 25; |
| 266 | 266 | $q = ($f[0] + $q) >> 26; |
| 267 | 267 | $q = ($f[1] + $q) >> 25; |
@@ -276,3106 +276,3106 @@ discard block |
||
| 276 | 276 | |
| 277 | 277 | $f[0] += self::mul(19, $q); |
| 278 | 278 | */ |
| 279 | - $f[0] = $f[0]->addInt64($q->mulInt(19, 5)); |
|
| 280 | - |
|
| 281 | - $carry0 = $f[0]->shiftRight(26); |
|
| 282 | - $f[1] = $f[1]->addInt64($carry0); |
|
| 283 | - $f[0] = $f[0]->subInt64($carry0->shiftLeft(26)); |
|
| 284 | - |
|
| 285 | - $carry1 = $f[1]->shiftRight(25); |
|
| 286 | - $f[2] = $f[2]->addInt64($carry1); |
|
| 287 | - $f[1] = $f[1]->subInt64($carry1->shiftLeft(25)); |
|
| 288 | - |
|
| 289 | - $carry2 = $f[2]->shiftRight(26); |
|
| 290 | - $f[3] = $f[3]->addInt64($carry2); |
|
| 291 | - $f[2] = $f[2]->subInt64($carry2->shiftLeft(26)); |
|
| 292 | - |
|
| 293 | - $carry3 = $f[3]->shiftRight(25); |
|
| 294 | - $f[4] = $f[4]->addInt64($carry3); |
|
| 295 | - $f[3] = $f[3]->subInt64($carry3->shiftLeft(25)); |
|
| 296 | - |
|
| 297 | - $carry4 = $f[4]->shiftRight(26); |
|
| 298 | - $f[5] = $f[5]->addInt64($carry4); |
|
| 299 | - $f[4] = $f[4]->subInt64($carry4->shiftLeft(26)); |
|
| 300 | - |
|
| 301 | - $carry5 = $f[5]->shiftRight(25); |
|
| 302 | - $f[6] = $f[6]->addInt64($carry5); |
|
| 303 | - $f[5] = $f[5]->subInt64($carry5->shiftLeft(25)); |
|
| 304 | - |
|
| 305 | - $carry6 = $f[6]->shiftRight(26); |
|
| 306 | - $f[7] = $f[7]->addInt64($carry6); |
|
| 307 | - $f[6] = $f[6]->subInt64($carry6->shiftLeft(26)); |
|
| 308 | - |
|
| 309 | - $carry7 = $f[7]->shiftRight(25); |
|
| 310 | - $f[8] = $f[8]->addInt64($carry7); |
|
| 311 | - $f[7] = $f[7]->subInt64($carry7->shiftLeft(25)); |
|
| 312 | - |
|
| 313 | - $carry8 = $f[8]->shiftRight(26); |
|
| 314 | - $f[9] = $f[9]->addInt64($carry8); |
|
| 315 | - $f[8] = $f[8]->subInt64($carry8->shiftLeft(26)); |
|
| 316 | - |
|
| 317 | - $carry9 = $f[9]->shiftRight(25); |
|
| 318 | - $f[9] = $f[9]->subInt64($carry9->shiftLeft(25)); |
|
| 319 | - |
|
| 320 | - /** |
|
| 321 | - * @var int $h0 |
|
| 322 | - * @var int $h1 |
|
| 323 | - * @var int $h2 |
|
| 324 | - * @var int $h3 |
|
| 325 | - * @var int $h4 |
|
| 326 | - * @var int $h5 |
|
| 327 | - * @var int $h6 |
|
| 328 | - * @var int $h7 |
|
| 329 | - * @var int $h8 |
|
| 330 | - * @var int $h9 |
|
| 331 | - */ |
|
| 332 | - $h0 = $f[0]->toInt32()->toInt(); |
|
| 333 | - $h1 = $f[1]->toInt32()->toInt(); |
|
| 334 | - $h2 = $f[2]->toInt32()->toInt(); |
|
| 335 | - $h3 = $f[3]->toInt32()->toInt(); |
|
| 336 | - $h4 = $f[4]->toInt32()->toInt(); |
|
| 337 | - $h5 = $f[5]->toInt32()->toInt(); |
|
| 338 | - $h6 = $f[6]->toInt32()->toInt(); |
|
| 339 | - $h7 = $f[7]->toInt32()->toInt(); |
|
| 340 | - $h8 = $f[8]->toInt32()->toInt(); |
|
| 341 | - $h9 = $f[9]->toInt32()->toInt(); |
|
| 342 | - |
|
| 343 | - /** |
|
| 344 | - * @var array<int, int> |
|
| 345 | - */ |
|
| 346 | - $s = array( |
|
| 347 | - (int) (($h0 >> 0) & 0xff), |
|
| 348 | - (int) (($h0 >> 8) & 0xff), |
|
| 349 | - (int) (($h0 >> 16) & 0xff), |
|
| 350 | - (int) ((($h0 >> 24) | ($h1 << 2)) & 0xff), |
|
| 351 | - (int) (($h1 >> 6) & 0xff), |
|
| 352 | - (int) (($h1 >> 14) & 0xff), |
|
| 353 | - (int) ((($h1 >> 22) | ($h2 << 3)) & 0xff), |
|
| 354 | - (int) (($h2 >> 5) & 0xff), |
|
| 355 | - (int) (($h2 >> 13) & 0xff), |
|
| 356 | - (int) ((($h2 >> 21) | ($h3 << 5)) & 0xff), |
|
| 357 | - (int) (($h3 >> 3) & 0xff), |
|
| 358 | - (int) (($h3 >> 11) & 0xff), |
|
| 359 | - (int) ((($h3 >> 19) | ($h4 << 6)) & 0xff), |
|
| 360 | - (int) (($h4 >> 2) & 0xff), |
|
| 361 | - (int) (($h4 >> 10) & 0xff), |
|
| 362 | - (int) (($h4 >> 18) & 0xff), |
|
| 363 | - (int) (($h5 >> 0) & 0xff), |
|
| 364 | - (int) (($h5 >> 8) & 0xff), |
|
| 365 | - (int) (($h5 >> 16) & 0xff), |
|
| 366 | - (int) ((($h5 >> 24) | ($h6 << 1)) & 0xff), |
|
| 367 | - (int) (($h6 >> 7) & 0xff), |
|
| 368 | - (int) (($h6 >> 15) & 0xff), |
|
| 369 | - (int) ((($h6 >> 23) | ($h7 << 3)) & 0xff), |
|
| 370 | - (int) (($h7 >> 5) & 0xff), |
|
| 371 | - (int) (($h7 >> 13) & 0xff), |
|
| 372 | - (int) ((($h7 >> 21) | ($h8 << 4)) & 0xff), |
|
| 373 | - (int) (($h8 >> 4) & 0xff), |
|
| 374 | - (int) (($h8 >> 12) & 0xff), |
|
| 375 | - (int) ((($h8 >> 20) | ($h9 << 6)) & 0xff), |
|
| 376 | - (int) (($h9 >> 2) & 0xff), |
|
| 377 | - (int) (($h9 >> 10) & 0xff), |
|
| 378 | - (int) (($h9 >> 18) & 0xff) |
|
| 379 | - ); |
|
| 380 | - return self::intArrayToString($s); |
|
| 381 | - } |
|
| 382 | - |
|
| 383 | - /** |
|
| 384 | - * Is a field element negative? (1 = yes, 0 = no. Used in calculations.) |
|
| 385 | - * |
|
| 386 | - * @internal You should not use this directly from another application |
|
| 387 | - * |
|
| 388 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 389 | - * @return int |
|
| 390 | - */ |
|
| 391 | - public static function fe_isnegative(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 392 | - { |
|
| 393 | - $str = self::fe_tobytes($f); |
|
| 394 | - return self::chrToInt($str[0]) & 1; |
|
| 395 | - } |
|
| 396 | - |
|
| 397 | - /** |
|
| 398 | - * Returns 0 if this field element results in all NUL bytes. |
|
| 399 | - * |
|
| 400 | - * @internal You should not use this directly from another application |
|
| 401 | - * |
|
| 402 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 403 | - * @return bool |
|
| 404 | - */ |
|
| 405 | - public static function fe_isnonzero(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 406 | - { |
|
| 407 | - static $zero; |
|
| 408 | - if ($zero === null) { |
|
| 409 | - $zero = str_repeat("\x00", 32); |
|
| 410 | - } |
|
| 411 | - $str = self::fe_tobytes($f); |
|
| 412 | - return !self::verify_32($str, $zero); |
|
| 413 | - } |
|
| 414 | - |
|
| 415 | - /** |
|
| 416 | - * Multiply two field elements |
|
| 417 | - * |
|
| 418 | - * h = f * g |
|
| 419 | - * |
|
| 420 | - * @internal You should not use this directly from another application |
|
| 421 | - * |
|
| 422 | - * @security Is multiplication a source of timing leaks? If so, can we do |
|
| 423 | - * anything to prevent that from happening? |
|
| 424 | - * |
|
| 425 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 426 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 427 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 428 | - */ |
|
| 429 | - public static function fe_mul( |
|
| 430 | - ParagonIE_Sodium_Core32_Curve25519_Fe $f, |
|
| 431 | - ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 432 | - ) { |
|
| 433 | - /** |
|
| 434 | - * @var ParagonIE_Sodium_Core32_Int32[] $f |
|
| 435 | - * @var ParagonIE_Sodium_Core32_Int32[] $g |
|
| 436 | - * @var ParagonIE_Sodium_Core32_Int64 $f0 |
|
| 437 | - * @var ParagonIE_Sodium_Core32_Int64 $f1 |
|
| 438 | - * @var ParagonIE_Sodium_Core32_Int64 $f2 |
|
| 439 | - * @var ParagonIE_Sodium_Core32_Int64 $f3 |
|
| 440 | - * @var ParagonIE_Sodium_Core32_Int64 $f4 |
|
| 441 | - * @var ParagonIE_Sodium_Core32_Int64 $f5 |
|
| 442 | - * @var ParagonIE_Sodium_Core32_Int64 $f6 |
|
| 443 | - * @var ParagonIE_Sodium_Core32_Int64 $f7 |
|
| 444 | - * @var ParagonIE_Sodium_Core32_Int64 $f8 |
|
| 445 | - * @var ParagonIE_Sodium_Core32_Int64 $f9 |
|
| 446 | - * @var ParagonIE_Sodium_Core32_Int64 $g0 |
|
| 447 | - * @var ParagonIE_Sodium_Core32_Int64 $g1 |
|
| 448 | - * @var ParagonIE_Sodium_Core32_Int64 $g2 |
|
| 449 | - * @var ParagonIE_Sodium_Core32_Int64 $g3 |
|
| 450 | - * @var ParagonIE_Sodium_Core32_Int64 $g4 |
|
| 451 | - * @var ParagonIE_Sodium_Core32_Int64 $g5 |
|
| 452 | - * @var ParagonIE_Sodium_Core32_Int64 $g6 |
|
| 453 | - * @var ParagonIE_Sodium_Core32_Int64 $g7 |
|
| 454 | - * @var ParagonIE_Sodium_Core32_Int64 $g8 |
|
| 455 | - * @var ParagonIE_Sodium_Core32_Int64 $g9 |
|
| 456 | - */ |
|
| 457 | - $f0 = $f[0]->toInt64(); |
|
| 458 | - $f1 = $f[1]->toInt64(); |
|
| 459 | - $f2 = $f[2]->toInt64(); |
|
| 460 | - $f3 = $f[3]->toInt64(); |
|
| 461 | - $f4 = $f[4]->toInt64(); |
|
| 462 | - $f5 = $f[5]->toInt64(); |
|
| 463 | - $f6 = $f[6]->toInt64(); |
|
| 464 | - $f7 = $f[7]->toInt64(); |
|
| 465 | - $f8 = $f[8]->toInt64(); |
|
| 466 | - $f9 = $f[9]->toInt64(); |
|
| 467 | - $g0 = $g[0]->toInt64(); |
|
| 468 | - $g1 = $g[1]->toInt64(); |
|
| 469 | - $g2 = $g[2]->toInt64(); |
|
| 470 | - $g3 = $g[3]->toInt64(); |
|
| 471 | - $g4 = $g[4]->toInt64(); |
|
| 472 | - $g5 = $g[5]->toInt64(); |
|
| 473 | - $g6 = $g[6]->toInt64(); |
|
| 474 | - $g7 = $g[7]->toInt64(); |
|
| 475 | - $g8 = $g[8]->toInt64(); |
|
| 476 | - $g9 = $g[9]->toInt64(); |
|
| 477 | - $g1_19 = $g1->mulInt(19, 5); /* 2^4 <= 19 <= 2^5, but we only want 5 bits */ |
|
| 478 | - $g2_19 = $g2->mulInt(19, 5); |
|
| 479 | - $g3_19 = $g3->mulInt(19, 5); |
|
| 480 | - $g4_19 = $g4->mulInt(19, 5); |
|
| 481 | - $g5_19 = $g5->mulInt(19, 5); |
|
| 482 | - $g6_19 = $g6->mulInt(19, 5); |
|
| 483 | - $g7_19 = $g7->mulInt(19, 5); |
|
| 484 | - $g8_19 = $g8->mulInt(19, 5); |
|
| 485 | - $g9_19 = $g9->mulInt(19, 5); |
|
| 486 | - /** @var ParagonIE_Sodium_Core32_Int64 $f1_2 */ |
|
| 487 | - $f1_2 = $f1->shiftLeft(1); |
|
| 488 | - /** @var ParagonIE_Sodium_Core32_Int64 $f3_2 */ |
|
| 489 | - $f3_2 = $f3->shiftLeft(1); |
|
| 490 | - /** @var ParagonIE_Sodium_Core32_Int64 $f5_2 */ |
|
| 491 | - $f5_2 = $f5->shiftLeft(1); |
|
| 492 | - /** @var ParagonIE_Sodium_Core32_Int64 $f7_2 */ |
|
| 493 | - $f7_2 = $f7->shiftLeft(1); |
|
| 494 | - /** @var ParagonIE_Sodium_Core32_Int64 $f9_2 */ |
|
| 495 | - $f9_2 = $f9->shiftLeft(1); |
|
| 496 | - $f0g0 = $f0->mulInt64($g0); |
|
| 497 | - $f0g1 = $f0->mulInt64($g1); |
|
| 498 | - $f0g2 = $f0->mulInt64($g2); |
|
| 499 | - $f0g3 = $f0->mulInt64($g3); |
|
| 500 | - $f0g4 = $f0->mulInt64($g4); |
|
| 501 | - $f0g5 = $f0->mulInt64($g5); |
|
| 502 | - $f0g6 = $f0->mulInt64($g6); |
|
| 503 | - $f0g7 = $f0->mulInt64($g7); |
|
| 504 | - $f0g8 = $f0->mulInt64($g8); |
|
| 505 | - $f0g9 = $f0->mulInt64($g9); |
|
| 506 | - $f1g0 = $f1->mulInt64($g0); |
|
| 507 | - $f1g1_2 = $f1_2->mulInt64($g1); |
|
| 508 | - $f1g2 = $f1->mulInt64($g2); |
|
| 509 | - $f1g3_2 = $f1_2->mulInt64($g3); |
|
| 510 | - $f1g4 = $f1->mulInt64($g4); |
|
| 511 | - $f1g5_2 = $f1_2->mulInt64($g5); |
|
| 512 | - $f1g6 = $f1->mulInt64($g6); |
|
| 513 | - $f1g7_2 = $f1_2->mulInt64($g7); |
|
| 514 | - $f1g8 = $f1->mulInt64($g8); |
|
| 515 | - $f1g9_38 = $f1_2->mulInt64($g9_19); |
|
| 516 | - $f2g0 = $f2->mulInt64($g0); |
|
| 517 | - $f2g1 = $f2->mulInt64($g1); |
|
| 518 | - $f2g2 = $f2->mulInt64($g2); |
|
| 519 | - $f2g3 = $f2->mulInt64($g3); |
|
| 520 | - $f2g4 = $f2->mulInt64($g4); |
|
| 521 | - $f2g5 = $f2->mulInt64($g5); |
|
| 522 | - $f2g6 = $f2->mulInt64($g6); |
|
| 523 | - $f2g7 = $f2->mulInt64($g7); |
|
| 524 | - $f2g8_19 = $f2->mulInt64($g8_19); |
|
| 525 | - $f2g9_19 = $f2->mulInt64($g9_19); |
|
| 526 | - $f3g0 = $f3->mulInt64($g0); |
|
| 527 | - $f3g1_2 = $f3_2->mulInt64($g1); |
|
| 528 | - $f3g2 = $f3->mulInt64($g2); |
|
| 529 | - $f3g3_2 = $f3_2->mulInt64($g3); |
|
| 530 | - $f3g4 = $f3->mulInt64($g4); |
|
| 531 | - $f3g5_2 = $f3_2->mulInt64($g5); |
|
| 532 | - $f3g6 = $f3->mulInt64($g6); |
|
| 533 | - $f3g7_38 = $f3_2->mulInt64($g7_19); |
|
| 534 | - $f3g8_19 = $f3->mulInt64($g8_19); |
|
| 535 | - $f3g9_38 = $f3_2->mulInt64($g9_19); |
|
| 536 | - $f4g0 = $f4->mulInt64($g0); |
|
| 537 | - $f4g1 = $f4->mulInt64($g1); |
|
| 538 | - $f4g2 = $f4->mulInt64($g2); |
|
| 539 | - $f4g3 = $f4->mulInt64($g3); |
|
| 540 | - $f4g4 = $f4->mulInt64($g4); |
|
| 541 | - $f4g5 = $f4->mulInt64($g5); |
|
| 542 | - $f4g6_19 = $f4->mulInt64($g6_19); |
|
| 543 | - $f4g7_19 = $f4->mulInt64($g7_19); |
|
| 544 | - $f4g8_19 = $f4->mulInt64($g8_19); |
|
| 545 | - $f4g9_19 = $f4->mulInt64($g9_19); |
|
| 546 | - $f5g0 = $f5->mulInt64($g0); |
|
| 547 | - $f5g1_2 = $f5_2->mulInt64($g1); |
|
| 548 | - $f5g2 = $f5->mulInt64($g2); |
|
| 549 | - $f5g3_2 = $f5_2->mulInt64($g3); |
|
| 550 | - $f5g4 = $f5->mulInt64($g4); |
|
| 551 | - $f5g5_38 = $f5_2->mulInt64($g5_19); |
|
| 552 | - $f5g6_19 = $f5->mulInt64($g6_19); |
|
| 553 | - $f5g7_38 = $f5_2->mulInt64($g7_19); |
|
| 554 | - $f5g8_19 = $f5->mulInt64($g8_19); |
|
| 555 | - $f5g9_38 = $f5_2->mulInt64($g9_19); |
|
| 556 | - $f6g0 = $f6->mulInt64($g0); |
|
| 557 | - $f6g1 = $f6->mulInt64($g1); |
|
| 558 | - $f6g2 = $f6->mulInt64($g2); |
|
| 559 | - $f6g3 = $f6->mulInt64($g3); |
|
| 560 | - $f6g4_19 = $f6->mulInt64($g4_19); |
|
| 561 | - $f6g5_19 = $f6->mulInt64($g5_19); |
|
| 562 | - $f6g6_19 = $f6->mulInt64($g6_19); |
|
| 563 | - $f6g7_19 = $f6->mulInt64($g7_19); |
|
| 564 | - $f6g8_19 = $f6->mulInt64($g8_19); |
|
| 565 | - $f6g9_19 = $f6->mulInt64($g9_19); |
|
| 566 | - $f7g0 = $f7->mulInt64($g0); |
|
| 567 | - $f7g1_2 = $f7_2->mulInt64($g1); |
|
| 568 | - $f7g2 = $f7->mulInt64($g2); |
|
| 569 | - $f7g3_38 = $f7_2->mulInt64($g3_19); |
|
| 570 | - $f7g4_19 = $f7->mulInt64($g4_19); |
|
| 571 | - $f7g5_38 = $f7_2->mulInt64($g5_19); |
|
| 572 | - $f7g6_19 = $f7->mulInt64($g6_19); |
|
| 573 | - $f7g7_38 = $f7_2->mulInt64($g7_19); |
|
| 574 | - $f7g8_19 = $f7->mulInt64($g8_19); |
|
| 575 | - $f7g9_38 = $f7_2->mulInt64($g9_19); |
|
| 576 | - $f8g0 = $f8->mulInt64($g0); |
|
| 577 | - $f8g1 = $f8->mulInt64($g1); |
|
| 578 | - $f8g2_19 = $f8->mulInt64($g2_19); |
|
| 579 | - $f8g3_19 = $f8->mulInt64($g3_19); |
|
| 580 | - $f8g4_19 = $f8->mulInt64($g4_19); |
|
| 581 | - $f8g5_19 = $f8->mulInt64($g5_19); |
|
| 582 | - $f8g6_19 = $f8->mulInt64($g6_19); |
|
| 583 | - $f8g7_19 = $f8->mulInt64($g7_19); |
|
| 584 | - $f8g8_19 = $f8->mulInt64($g8_19); |
|
| 585 | - $f8g9_19 = $f8->mulInt64($g9_19); |
|
| 586 | - $f9g0 = $f9->mulInt64($g0); |
|
| 587 | - $f9g1_38 = $f9_2->mulInt64($g1_19); |
|
| 588 | - $f9g2_19 = $f9->mulInt64($g2_19); |
|
| 589 | - $f9g3_38 = $f9_2->mulInt64($g3_19); |
|
| 590 | - $f9g4_19 = $f9->mulInt64($g4_19); |
|
| 591 | - $f9g5_38 = $f9_2->mulInt64($g5_19); |
|
| 592 | - $f9g6_19 = $f9->mulInt64($g6_19); |
|
| 593 | - $f9g7_38 = $f9_2->mulInt64($g7_19); |
|
| 594 | - $f9g8_19 = $f9->mulInt64($g8_19); |
|
| 595 | - $f9g9_38 = $f9_2->mulInt64($g9_19); |
|
| 596 | - |
|
| 597 | - // $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; |
|
| 598 | - $h0 = $f0g0->addInt64($f1g9_38)->addInt64($f2g8_19)->addInt64($f3g7_38) |
|
| 599 | - ->addInt64($f4g6_19)->addInt64($f5g5_38)->addInt64($f6g4_19) |
|
| 600 | - ->addInt64($f7g3_38)->addInt64($f8g2_19)->addInt64($f9g1_38); |
|
| 601 | - |
|
| 602 | - // $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
|
| 603 | - $h1 = $f0g1->addInt64($f1g0)->addInt64($f2g9_19)->addInt64($f3g8_19) |
|
| 604 | - ->addInt64($f4g7_19)->addInt64($f5g6_19)->addInt64($f6g5_19) |
|
| 605 | - ->addInt64($f7g4_19)->addInt64($f8g3_19)->addInt64($f9g2_19); |
|
| 606 | - |
|
| 607 | - // $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
|
| 608 | - $h2 = $f0g2->addInt64($f1g1_2)->addInt64($f2g0)->addInt64($f3g9_38) |
|
| 609 | - ->addInt64($f4g8_19)->addInt64($f5g7_38)->addInt64($f6g6_19) |
|
| 610 | - ->addInt64($f7g5_38)->addInt64($f8g4_19)->addInt64($f9g3_38); |
|
| 611 | - |
|
| 612 | - // $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
|
| 613 | - $h3 = $f0g3->addInt64($f1g2)->addInt64($f2g1)->addInt64($f3g0) |
|
| 614 | - ->addInt64($f4g9_19)->addInt64($f5g8_19)->addInt64($f6g7_19) |
|
| 615 | - ->addInt64($f7g6_19)->addInt64($f8g5_19)->addInt64($f9g4_19); |
|
| 616 | - |
|
| 617 | - // $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
|
| 618 | - $h4 = $f0g4->addInt64($f1g3_2)->addInt64($f2g2)->addInt64($f3g1_2) |
|
| 619 | - ->addInt64($f4g0)->addInt64($f5g9_38)->addInt64($f6g8_19) |
|
| 620 | - ->addInt64($f7g7_38)->addInt64($f8g6_19)->addInt64($f9g5_38); |
|
| 621 | - |
|
| 622 | - // $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
|
| 623 | - $h5 = $f0g5->addInt64($f1g4)->addInt64($f2g3)->addInt64($f3g2) |
|
| 624 | - ->addInt64($f4g1)->addInt64($f5g0)->addInt64($f6g9_19) |
|
| 625 | - ->addInt64($f7g8_19)->addInt64($f8g7_19)->addInt64($f9g6_19); |
|
| 626 | - |
|
| 627 | - // $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
|
| 628 | - $h6 = $f0g6->addInt64($f1g5_2)->addInt64($f2g4)->addInt64($f3g3_2) |
|
| 629 | - ->addInt64($f4g2)->addInt64($f5g1_2)->addInt64($f6g0) |
|
| 630 | - ->addInt64($f7g9_38)->addInt64($f8g8_19)->addInt64($f9g7_38); |
|
| 631 | - |
|
| 632 | - // $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
|
| 633 | - $h7 = $f0g7->addInt64($f1g6)->addInt64($f2g5)->addInt64($f3g4) |
|
| 634 | - ->addInt64($f4g3)->addInt64($f5g2)->addInt64($f6g1) |
|
| 635 | - ->addInt64($f7g0)->addInt64($f8g9_19)->addInt64($f9g8_19); |
|
| 636 | - |
|
| 637 | - // $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
|
| 638 | - $h8 = $f0g8->addInt64($f1g7_2)->addInt64($f2g6)->addInt64($f3g5_2) |
|
| 639 | - ->addInt64($f4g4)->addInt64($f5g3_2)->addInt64($f6g2) |
|
| 640 | - ->addInt64($f7g1_2)->addInt64($f8g0)->addInt64($f9g9_38); |
|
| 641 | - |
|
| 642 | - // $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; |
|
| 643 | - $h9 = $f0g9->addInt64($f1g8)->addInt64($f2g7)->addInt64($f3g6) |
|
| 644 | - ->addInt64($f4g5)->addInt64($f5g4)->addInt64($f6g3) |
|
| 645 | - ->addInt64($f7g2)->addInt64($f8g1)->addInt64($f9g0); |
|
| 646 | - |
|
| 647 | - /** |
|
| 648 | - * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 649 | - * @var ParagonIE_Sodium_Core32_Int64 $h1 |
|
| 650 | - * @var ParagonIE_Sodium_Core32_Int64 $h2 |
|
| 651 | - * @var ParagonIE_Sodium_Core32_Int64 $h3 |
|
| 652 | - * @var ParagonIE_Sodium_Core32_Int64 $h4 |
|
| 653 | - * @var ParagonIE_Sodium_Core32_Int64 $h5 |
|
| 654 | - * @var ParagonIE_Sodium_Core32_Int64 $h6 |
|
| 655 | - * @var ParagonIE_Sodium_Core32_Int64 $h7 |
|
| 656 | - * @var ParagonIE_Sodium_Core32_Int64 $h8 |
|
| 657 | - * @var ParagonIE_Sodium_Core32_Int64 $h9 |
|
| 658 | - * @var ParagonIE_Sodium_Core32_Int64 $carry0 |
|
| 659 | - * @var ParagonIE_Sodium_Core32_Int64 $carry1 |
|
| 660 | - * @var ParagonIE_Sodium_Core32_Int64 $carry2 |
|
| 661 | - * @var ParagonIE_Sodium_Core32_Int64 $carry3 |
|
| 662 | - * @var ParagonIE_Sodium_Core32_Int64 $carry4 |
|
| 663 | - * @var ParagonIE_Sodium_Core32_Int64 $carry5 |
|
| 664 | - * @var ParagonIE_Sodium_Core32_Int64 $carry6 |
|
| 665 | - * @var ParagonIE_Sodium_Core32_Int64 $carry7 |
|
| 666 | - * @var ParagonIE_Sodium_Core32_Int64 $carry8 |
|
| 667 | - * @var ParagonIE_Sodium_Core32_Int64 $carry9 |
|
| 668 | - */ |
|
| 669 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 670 | - $h1 = $h1->addInt64($carry0); |
|
| 671 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 672 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 673 | - $h5 = $h5->addInt64($carry4); |
|
| 674 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 675 | - |
|
| 676 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 677 | - $h2 = $h2->addInt64($carry1); |
|
| 678 | - $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 679 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 680 | - $h6 = $h6->addInt64($carry5); |
|
| 681 | - $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 682 | - |
|
| 683 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 684 | - $h3 = $h3->addInt64($carry2); |
|
| 685 | - $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 686 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 687 | - $h7 = $h7->addInt64($carry6); |
|
| 688 | - $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 689 | - |
|
| 690 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 691 | - $h4 = $h4->addInt64($carry3); |
|
| 692 | - $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 693 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 694 | - $h8 = $h8->addInt64($carry7); |
|
| 695 | - $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 696 | - |
|
| 697 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 698 | - $h5 = $h5->addInt64($carry4); |
|
| 699 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 700 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 701 | - $h9 = $h9->addInt64($carry8); |
|
| 702 | - $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 703 | - |
|
| 704 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 705 | - $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 706 | - $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 707 | - |
|
| 708 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 709 | - $h1 = $h1->addInt64($carry0); |
|
| 710 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 711 | - |
|
| 712 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 713 | - array( |
|
| 714 | - $h0->toInt32(), |
|
| 715 | - $h1->toInt32(), |
|
| 716 | - $h2->toInt32(), |
|
| 717 | - $h3->toInt32(), |
|
| 718 | - $h4->toInt32(), |
|
| 719 | - $h5->toInt32(), |
|
| 720 | - $h6->toInt32(), |
|
| 721 | - $h7->toInt32(), |
|
| 722 | - $h8->toInt32(), |
|
| 723 | - $h9->toInt32() |
|
| 724 | - ) |
|
| 725 | - ); |
|
| 726 | - } |
|
| 727 | - |
|
| 728 | - /** |
|
| 729 | - * Get the negative values for each piece of the field element. |
|
| 730 | - * |
|
| 731 | - * h = -f |
|
| 732 | - * |
|
| 733 | - * @internal You should not use this directly from another application |
|
| 734 | - * |
|
| 735 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 736 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 737 | - */ |
|
| 738 | - public static function fe_neg(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 739 | - { |
|
| 740 | - $h = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 741 | - for ($i = 0; $i < 10; ++$i) { |
|
| 742 | - $h[$i] = $h[$i]->subInt32($f[$i]); |
|
| 743 | - } |
|
| 744 | - return $h; |
|
| 745 | - } |
|
| 746 | - |
|
| 747 | - /** |
|
| 748 | - * Square a field element |
|
| 749 | - * |
|
| 750 | - * h = f * f |
|
| 751 | - * |
|
| 752 | - * @internal You should not use this directly from another application |
|
| 753 | - * |
|
| 754 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 755 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 756 | - */ |
|
| 757 | - public static function fe_sq(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 758 | - { |
|
| 759 | - /** |
|
| 760 | - * @var ParagonIE_Sodium_Core32_Int64 $f0 |
|
| 761 | - * @var ParagonIE_Sodium_Core32_Int64 $f1 |
|
| 762 | - * @var ParagonIE_Sodium_Core32_Int64 $f2 |
|
| 763 | - * @var ParagonIE_Sodium_Core32_Int64 $f3 |
|
| 764 | - * @var ParagonIE_Sodium_Core32_Int64 $f4 |
|
| 765 | - * @var ParagonIE_Sodium_Core32_Int64 $f5 |
|
| 766 | - * @var ParagonIE_Sodium_Core32_Int64 $f6 |
|
| 767 | - * @var ParagonIE_Sodium_Core32_Int64 $f7 |
|
| 768 | - * @var ParagonIE_Sodium_Core32_Int64 $f8 |
|
| 769 | - * @var ParagonIE_Sodium_Core32_Int64 $f9 |
|
| 770 | - */ |
|
| 771 | - $f0 = $f[0]->toInt64(); |
|
| 772 | - $f1 = $f[1]->toInt64(); |
|
| 773 | - $f2 = $f[2]->toInt64(); |
|
| 774 | - $f3 = $f[3]->toInt64(); |
|
| 775 | - $f4 = $f[4]->toInt64(); |
|
| 776 | - $f5 = $f[5]->toInt64(); |
|
| 777 | - $f6 = $f[6]->toInt64(); |
|
| 778 | - $f7 = $f[7]->toInt64(); |
|
| 779 | - $f8 = $f[8]->toInt64(); |
|
| 780 | - $f9 = $f[9]->toInt64(); |
|
| 781 | - |
|
| 782 | - /** @var ParagonIE_Sodium_Core32_Int64 $f0_2 */ |
|
| 783 | - $f0_2 = $f0->shiftLeft(1); |
|
| 784 | - $f1_2 = $f1->shiftLeft(1); |
|
| 785 | - $f2_2 = $f2->shiftLeft(1); |
|
| 786 | - $f3_2 = $f3->shiftLeft(1); |
|
| 787 | - $f4_2 = $f4->shiftLeft(1); |
|
| 788 | - $f5_2 = $f5->shiftLeft(1); |
|
| 789 | - $f6_2 = $f6->shiftLeft(1); |
|
| 790 | - $f7_2 = $f7->shiftLeft(1); |
|
| 791 | - $f5_38 = $f5->mulInt(38, 6); |
|
| 792 | - $f6_19 = $f6->mulInt(19, 5); |
|
| 793 | - $f7_38 = $f7->mulInt(38, 6); |
|
| 794 | - $f8_19 = $f8->mulInt(19, 5); |
|
| 795 | - $f9_38 = $f9->mulInt(38, 6); |
|
| 796 | - /** @var ParagonIE_Sodium_Core32_Int64 $f0f0*/ |
|
| 797 | - $f0f0 = $f0->mulInt64($f0); |
|
| 798 | - $f0f1_2 = $f0_2->mulInt64($f1); |
|
| 799 | - $f0f2_2 = $f0_2->mulInt64($f2); |
|
| 800 | - $f0f3_2 = $f0_2->mulInt64($f3); |
|
| 801 | - $f0f4_2 = $f0_2->mulInt64($f4); |
|
| 802 | - $f0f5_2 = $f0_2->mulInt64($f5); |
|
| 803 | - $f0f6_2 = $f0_2->mulInt64($f6); |
|
| 804 | - $f0f7_2 = $f0_2->mulInt64($f7); |
|
| 805 | - $f0f8_2 = $f0_2->mulInt64($f8); |
|
| 806 | - $f0f9_2 = $f0_2->mulInt64($f9); |
|
| 807 | - $f1f1_2 = $f1_2->mulInt64($f1); |
|
| 808 | - $f1f2_2 = $f1_2->mulInt64($f2); |
|
| 809 | - $f1f3_4 = $f1_2->mulInt64($f3_2); |
|
| 810 | - $f1f4_2 = $f1_2->mulInt64($f4); |
|
| 811 | - $f1f5_4 = $f1_2->mulInt64($f5_2); |
|
| 812 | - $f1f6_2 = $f1_2->mulInt64($f6); |
|
| 813 | - $f1f7_4 = $f1_2->mulInt64($f7_2); |
|
| 814 | - $f1f8_2 = $f1_2->mulInt64($f8); |
|
| 815 | - $f1f9_76 = $f1_2->mulInt64($f9_38); |
|
| 816 | - $f2f2 = $f2->mulInt64($f2); |
|
| 817 | - $f2f3_2 = $f2_2->mulInt64($f3); |
|
| 818 | - $f2f4_2 = $f2_2->mulInt64($f4); |
|
| 819 | - $f2f5_2 = $f2_2->mulInt64($f5); |
|
| 820 | - $f2f6_2 = $f2_2->mulInt64($f6); |
|
| 821 | - $f2f7_2 = $f2_2->mulInt64($f7); |
|
| 822 | - $f2f8_38 = $f2_2->mulInt64($f8_19); |
|
| 823 | - $f2f9_38 = $f2->mulInt64($f9_38); |
|
| 824 | - $f3f3_2 = $f3_2->mulInt64($f3); |
|
| 825 | - $f3f4_2 = $f3_2->mulInt64($f4); |
|
| 826 | - $f3f5_4 = $f3_2->mulInt64($f5_2); |
|
| 827 | - $f3f6_2 = $f3_2->mulInt64($f6); |
|
| 828 | - $f3f7_76 = $f3_2->mulInt64($f7_38); |
|
| 829 | - $f3f8_38 = $f3_2->mulInt64($f8_19); |
|
| 830 | - $f3f9_76 = $f3_2->mulInt64($f9_38); |
|
| 831 | - $f4f4 = $f4->mulInt64($f4); |
|
| 832 | - $f4f5_2 = $f4_2->mulInt64($f5); |
|
| 833 | - $f4f6_38 = $f4_2->mulInt64($f6_19); |
|
| 834 | - $f4f7_38 = $f4->mulInt64($f7_38); |
|
| 835 | - $f4f8_38 = $f4_2->mulInt64($f8_19); |
|
| 836 | - $f4f9_38 = $f4->mulInt64($f9_38); |
|
| 837 | - $f5f5_38 = $f5->mulInt64($f5_38); |
|
| 838 | - $f5f6_38 = $f5_2->mulInt64($f6_19); |
|
| 839 | - $f5f7_76 = $f5_2->mulInt64($f7_38); |
|
| 840 | - $f5f8_38 = $f5_2->mulInt64($f8_19); |
|
| 841 | - $f5f9_76 = $f5_2->mulInt64($f9_38); |
|
| 842 | - $f6f6_19 = $f6->mulInt64($f6_19); |
|
| 843 | - $f6f7_38 = $f6->mulInt64($f7_38); |
|
| 844 | - $f6f8_38 = $f6_2->mulInt64($f8_19); |
|
| 845 | - $f6f9_38 = $f6->mulInt64($f9_38); |
|
| 846 | - $f7f7_38 = $f7->mulInt64($f7_38); |
|
| 847 | - $f7f8_38 = $f7_2->mulInt64($f8_19); |
|
| 848 | - $f7f9_76 = $f7_2->mulInt64($f9_38); |
|
| 849 | - $f8f8_19 = $f8->mulInt64($f8_19); |
|
| 850 | - $f8f9_38 = $f8->mulInt64($f9_38); |
|
| 851 | - $f9f9_38 = $f9->mulInt64($f9_38); |
|
| 852 | - |
|
| 853 | - $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); |
|
| 854 | - $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); |
|
| 855 | - $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); |
|
| 856 | - $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); |
|
| 857 | - $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); |
|
| 858 | - $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); |
|
| 859 | - $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); |
|
| 860 | - $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); |
|
| 861 | - $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); |
|
| 862 | - $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); |
|
| 863 | - |
|
| 864 | - /** |
|
| 865 | - * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 866 | - * @var ParagonIE_Sodium_Core32_Int64 $h1 |
|
| 867 | - * @var ParagonIE_Sodium_Core32_Int64 $h2 |
|
| 868 | - * @var ParagonIE_Sodium_Core32_Int64 $h3 |
|
| 869 | - * @var ParagonIE_Sodium_Core32_Int64 $h4 |
|
| 870 | - * @var ParagonIE_Sodium_Core32_Int64 $h5 |
|
| 871 | - * @var ParagonIE_Sodium_Core32_Int64 $h6 |
|
| 872 | - * @var ParagonIE_Sodium_Core32_Int64 $h7 |
|
| 873 | - * @var ParagonIE_Sodium_Core32_Int64 $h8 |
|
| 874 | - * @var ParagonIE_Sodium_Core32_Int64 $h9 |
|
| 875 | - */ |
|
| 876 | - |
|
| 877 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 878 | - $h1 = $h1->addInt64($carry0); |
|
| 879 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 880 | - |
|
| 881 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 882 | - $h5 = $h5->addInt64($carry4); |
|
| 883 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 884 | - |
|
| 885 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 886 | - $h2 = $h2->addInt64($carry1); |
|
| 887 | - $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 888 | - |
|
| 889 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 890 | - $h6 = $h6->addInt64($carry5); |
|
| 891 | - $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 892 | - |
|
| 893 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 894 | - $h3 = $h3->addInt64($carry2); |
|
| 895 | - $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 896 | - |
|
| 897 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 898 | - $h7 = $h7->addInt64($carry6); |
|
| 899 | - $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 900 | - |
|
| 901 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 902 | - $h4 = $h4->addInt64($carry3); |
|
| 903 | - $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 904 | - |
|
| 905 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 906 | - $h8 = $h8->addInt64($carry7); |
|
| 907 | - $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 908 | - |
|
| 909 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 910 | - $h5 = $h5->addInt64($carry4); |
|
| 911 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 912 | - |
|
| 913 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 914 | - $h9 = $h9->addInt64($carry8); |
|
| 915 | - $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 916 | - |
|
| 917 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 918 | - $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 919 | - $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 920 | - |
|
| 921 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 922 | - $h1 = $h1->addInt64($carry0); |
|
| 923 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 924 | - |
|
| 925 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 926 | - array( |
|
| 927 | - $h0->toInt32(), |
|
| 928 | - $h1->toInt32(), |
|
| 929 | - $h2->toInt32(), |
|
| 930 | - $h3->toInt32(), |
|
| 931 | - $h4->toInt32(), |
|
| 932 | - $h5->toInt32(), |
|
| 933 | - $h6->toInt32(), |
|
| 934 | - $h7->toInt32(), |
|
| 935 | - $h8->toInt32(), |
|
| 936 | - $h9->toInt32() |
|
| 937 | - ) |
|
| 938 | - ); |
|
| 939 | - } |
|
| 940 | - |
|
| 941 | - /** |
|
| 942 | - * Square and double a field element |
|
| 943 | - * |
|
| 944 | - * h = 2 * f * f |
|
| 945 | - * |
|
| 946 | - * @internal You should not use this directly from another application |
|
| 947 | - * |
|
| 948 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 949 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 950 | - */ |
|
| 951 | - public static function fe_sq2(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 952 | - { |
|
| 953 | - /** |
|
| 954 | - * @var ParagonIE_Sodium_Core32_Int64 $f0 |
|
| 955 | - * @var ParagonIE_Sodium_Core32_Int64 $f1 |
|
| 956 | - * @var ParagonIE_Sodium_Core32_Int64 $f2 |
|
| 957 | - * @var ParagonIE_Sodium_Core32_Int64 $f3 |
|
| 958 | - * @var ParagonIE_Sodium_Core32_Int64 $f4 |
|
| 959 | - * @var ParagonIE_Sodium_Core32_Int64 $f5 |
|
| 960 | - * @var ParagonIE_Sodium_Core32_Int64 $f6 |
|
| 961 | - * @var ParagonIE_Sodium_Core32_Int64 $f7 |
|
| 962 | - * @var ParagonIE_Sodium_Core32_Int64 $f8 |
|
| 963 | - * @var ParagonIE_Sodium_Core32_Int64 $f9 |
|
| 964 | - * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 965 | - */ |
|
| 966 | - $f0 = $f[0]->toInt64(); |
|
| 967 | - $f1 = $f[1]->toInt64(); |
|
| 968 | - $f2 = $f[2]->toInt64(); |
|
| 969 | - $f3 = $f[3]->toInt64(); |
|
| 970 | - $f4 = $f[4]->toInt64(); |
|
| 971 | - $f5 = $f[5]->toInt64(); |
|
| 972 | - $f6 = $f[6]->toInt64(); |
|
| 973 | - $f7 = $f[7]->toInt64(); |
|
| 974 | - $f8 = $f[8]->toInt64(); |
|
| 975 | - $f9 = $f[9]->toInt64(); |
|
| 976 | - |
|
| 977 | - $f0_2 = $f0->shiftLeft(1); |
|
| 978 | - $f1_2 = $f1->shiftLeft(1); |
|
| 979 | - $f2_2 = $f2->shiftLeft(1); |
|
| 980 | - $f3_2 = $f3->shiftLeft(1); |
|
| 981 | - $f4_2 = $f4->shiftLeft(1); |
|
| 982 | - $f5_2 = $f5->shiftLeft(1); |
|
| 983 | - $f6_2 = $f6->shiftLeft(1); |
|
| 984 | - $f7_2 = $f7->shiftLeft(1); |
|
| 985 | - $f5_38 = $f5->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 986 | - $f6_19 = $f6->mulInt(19, 5); /* 1.959375*2^30 */ |
|
| 987 | - $f7_38 = $f7->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 988 | - $f8_19 = $f8->mulInt(19, 5); /* 1.959375*2^30 */ |
|
| 989 | - $f9_38 = $f9->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 990 | - $f0f0 = $f0->mulInt64($f0); |
|
| 991 | - $f0f1_2 = $f0_2->mulInt64($f1); |
|
| 992 | - $f0f2_2 = $f0_2->mulInt64($f2); |
|
| 993 | - $f0f3_2 = $f0_2->mulInt64($f3); |
|
| 994 | - $f0f4_2 = $f0_2->mulInt64($f4); |
|
| 995 | - $f0f5_2 = $f0_2->mulInt64($f5); |
|
| 996 | - $f0f6_2 = $f0_2->mulInt64($f6); |
|
| 997 | - $f0f7_2 = $f0_2->mulInt64($f7); |
|
| 998 | - $f0f8_2 = $f0_2->mulInt64($f8); |
|
| 999 | - $f0f9_2 = $f0_2->mulInt64($f9); |
|
| 1000 | - $f1f1_2 = $f1_2->mulInt64($f1); |
|
| 1001 | - $f1f2_2 = $f1_2->mulInt64($f2); |
|
| 1002 | - $f1f3_4 = $f1_2->mulInt64($f3_2); |
|
| 1003 | - $f1f4_2 = $f1_2->mulInt64($f4); |
|
| 1004 | - $f1f5_4 = $f1_2->mulInt64($f5_2); |
|
| 1005 | - $f1f6_2 = $f1_2->mulInt64($f6); |
|
| 1006 | - $f1f7_4 = $f1_2->mulInt64($f7_2); |
|
| 1007 | - $f1f8_2 = $f1_2->mulInt64($f8); |
|
| 1008 | - $f1f9_76 = $f1_2->mulInt64($f9_38); |
|
| 1009 | - $f2f2 = $f2->mulInt64($f2); |
|
| 1010 | - $f2f3_2 = $f2_2->mulInt64($f3); |
|
| 1011 | - $f2f4_2 = $f2_2->mulInt64($f4); |
|
| 1012 | - $f2f5_2 = $f2_2->mulInt64($f5); |
|
| 1013 | - $f2f6_2 = $f2_2->mulInt64($f6); |
|
| 1014 | - $f2f7_2 = $f2_2->mulInt64($f7); |
|
| 1015 | - $f2f8_38 = $f2_2->mulInt64($f8_19); |
|
| 1016 | - $f2f9_38 = $f2->mulInt64($f9_38); |
|
| 1017 | - $f3f3_2 = $f3_2->mulInt64($f3); |
|
| 1018 | - $f3f4_2 = $f3_2->mulInt64($f4); |
|
| 1019 | - $f3f5_4 = $f3_2->mulInt64($f5_2); |
|
| 1020 | - $f3f6_2 = $f3_2->mulInt64($f6); |
|
| 1021 | - $f3f7_76 = $f3_2->mulInt64($f7_38); |
|
| 1022 | - $f3f8_38 = $f3_2->mulInt64($f8_19); |
|
| 1023 | - $f3f9_76 = $f3_2->mulInt64($f9_38); |
|
| 1024 | - $f4f4 = $f4->mulInt64($f4); |
|
| 1025 | - $f4f5_2 = $f4_2->mulInt64($f5); |
|
| 1026 | - $f4f6_38 = $f4_2->mulInt64($f6_19); |
|
| 1027 | - $f4f7_38 = $f4->mulInt64($f7_38); |
|
| 1028 | - $f4f8_38 = $f4_2->mulInt64($f8_19); |
|
| 1029 | - $f4f9_38 = $f4->mulInt64($f9_38); |
|
| 1030 | - $f5f5_38 = $f5->mulInt64($f5_38); |
|
| 1031 | - $f5f6_38 = $f5_2->mulInt64($f6_19); |
|
| 1032 | - $f5f7_76 = $f5_2->mulInt64($f7_38); |
|
| 1033 | - $f5f8_38 = $f5_2->mulInt64($f8_19); |
|
| 1034 | - $f5f9_76 = $f5_2->mulInt64($f9_38); |
|
| 1035 | - $f6f6_19 = $f6->mulInt64($f6_19); |
|
| 1036 | - $f6f7_38 = $f6->mulInt64($f7_38); |
|
| 1037 | - $f6f8_38 = $f6_2->mulInt64($f8_19); |
|
| 1038 | - $f6f9_38 = $f6->mulInt64($f9_38); |
|
| 1039 | - $f7f7_38 = $f7->mulInt64($f7_38); |
|
| 1040 | - $f7f8_38 = $f7_2->mulInt64($f8_19); |
|
| 1041 | - $f7f9_76 = $f7_2->mulInt64($f9_38); |
|
| 1042 | - $f8f8_19 = $f8->mulInt64($f8_19); |
|
| 1043 | - $f8f9_38 = $f8->mulInt64($f9_38); |
|
| 1044 | - $f9f9_38 = $f9->mulInt64($f9_38); |
|
| 1045 | - |
|
| 1046 | - $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); |
|
| 1047 | - $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); |
|
| 1048 | - $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); |
|
| 1049 | - $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); |
|
| 1050 | - $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); |
|
| 1051 | - $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); |
|
| 1052 | - $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); |
|
| 1053 | - $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); |
|
| 1054 | - $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); |
|
| 1055 | - $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); |
|
| 1056 | - |
|
| 1057 | - /* |
|
| 279 | + $f[0] = $f[0]->addInt64($q->mulInt(19, 5)); |
|
| 280 | + |
|
| 281 | + $carry0 = $f[0]->shiftRight(26); |
|
| 282 | + $f[1] = $f[1]->addInt64($carry0); |
|
| 283 | + $f[0] = $f[0]->subInt64($carry0->shiftLeft(26)); |
|
| 284 | + |
|
| 285 | + $carry1 = $f[1]->shiftRight(25); |
|
| 286 | + $f[2] = $f[2]->addInt64($carry1); |
|
| 287 | + $f[1] = $f[1]->subInt64($carry1->shiftLeft(25)); |
|
| 288 | + |
|
| 289 | + $carry2 = $f[2]->shiftRight(26); |
|
| 290 | + $f[3] = $f[3]->addInt64($carry2); |
|
| 291 | + $f[2] = $f[2]->subInt64($carry2->shiftLeft(26)); |
|
| 292 | + |
|
| 293 | + $carry3 = $f[3]->shiftRight(25); |
|
| 294 | + $f[4] = $f[4]->addInt64($carry3); |
|
| 295 | + $f[3] = $f[3]->subInt64($carry3->shiftLeft(25)); |
|
| 296 | + |
|
| 297 | + $carry4 = $f[4]->shiftRight(26); |
|
| 298 | + $f[5] = $f[5]->addInt64($carry4); |
|
| 299 | + $f[4] = $f[4]->subInt64($carry4->shiftLeft(26)); |
|
| 300 | + |
|
| 301 | + $carry5 = $f[5]->shiftRight(25); |
|
| 302 | + $f[6] = $f[6]->addInt64($carry5); |
|
| 303 | + $f[5] = $f[5]->subInt64($carry5->shiftLeft(25)); |
|
| 304 | + |
|
| 305 | + $carry6 = $f[6]->shiftRight(26); |
|
| 306 | + $f[7] = $f[7]->addInt64($carry6); |
|
| 307 | + $f[6] = $f[6]->subInt64($carry6->shiftLeft(26)); |
|
| 308 | + |
|
| 309 | + $carry7 = $f[7]->shiftRight(25); |
|
| 310 | + $f[8] = $f[8]->addInt64($carry7); |
|
| 311 | + $f[7] = $f[7]->subInt64($carry7->shiftLeft(25)); |
|
| 312 | + |
|
| 313 | + $carry8 = $f[8]->shiftRight(26); |
|
| 314 | + $f[9] = $f[9]->addInt64($carry8); |
|
| 315 | + $f[8] = $f[8]->subInt64($carry8->shiftLeft(26)); |
|
| 316 | + |
|
| 317 | + $carry9 = $f[9]->shiftRight(25); |
|
| 318 | + $f[9] = $f[9]->subInt64($carry9->shiftLeft(25)); |
|
| 319 | + |
|
| 320 | + /** |
|
| 321 | + * @var int $h0 |
|
| 322 | + * @var int $h1 |
|
| 323 | + * @var int $h2 |
|
| 324 | + * @var int $h3 |
|
| 325 | + * @var int $h4 |
|
| 326 | + * @var int $h5 |
|
| 327 | + * @var int $h6 |
|
| 328 | + * @var int $h7 |
|
| 329 | + * @var int $h8 |
|
| 330 | + * @var int $h9 |
|
| 331 | + */ |
|
| 332 | + $h0 = $f[0]->toInt32()->toInt(); |
|
| 333 | + $h1 = $f[1]->toInt32()->toInt(); |
|
| 334 | + $h2 = $f[2]->toInt32()->toInt(); |
|
| 335 | + $h3 = $f[3]->toInt32()->toInt(); |
|
| 336 | + $h4 = $f[4]->toInt32()->toInt(); |
|
| 337 | + $h5 = $f[5]->toInt32()->toInt(); |
|
| 338 | + $h6 = $f[6]->toInt32()->toInt(); |
|
| 339 | + $h7 = $f[7]->toInt32()->toInt(); |
|
| 340 | + $h8 = $f[8]->toInt32()->toInt(); |
|
| 341 | + $h9 = $f[9]->toInt32()->toInt(); |
|
| 342 | + |
|
| 343 | + /** |
|
| 344 | + * @var array<int, int> |
|
| 345 | + */ |
|
| 346 | + $s = array( |
|
| 347 | + (int) (($h0 >> 0) & 0xff), |
|
| 348 | + (int) (($h0 >> 8) & 0xff), |
|
| 349 | + (int) (($h0 >> 16) & 0xff), |
|
| 350 | + (int) ((($h0 >> 24) | ($h1 << 2)) & 0xff), |
|
| 351 | + (int) (($h1 >> 6) & 0xff), |
|
| 352 | + (int) (($h1 >> 14) & 0xff), |
|
| 353 | + (int) ((($h1 >> 22) | ($h2 << 3)) & 0xff), |
|
| 354 | + (int) (($h2 >> 5) & 0xff), |
|
| 355 | + (int) (($h2 >> 13) & 0xff), |
|
| 356 | + (int) ((($h2 >> 21) | ($h3 << 5)) & 0xff), |
|
| 357 | + (int) (($h3 >> 3) & 0xff), |
|
| 358 | + (int) (($h3 >> 11) & 0xff), |
|
| 359 | + (int) ((($h3 >> 19) | ($h4 << 6)) & 0xff), |
|
| 360 | + (int) (($h4 >> 2) & 0xff), |
|
| 361 | + (int) (($h4 >> 10) & 0xff), |
|
| 362 | + (int) (($h4 >> 18) & 0xff), |
|
| 363 | + (int) (($h5 >> 0) & 0xff), |
|
| 364 | + (int) (($h5 >> 8) & 0xff), |
|
| 365 | + (int) (($h5 >> 16) & 0xff), |
|
| 366 | + (int) ((($h5 >> 24) | ($h6 << 1)) & 0xff), |
|
| 367 | + (int) (($h6 >> 7) & 0xff), |
|
| 368 | + (int) (($h6 >> 15) & 0xff), |
|
| 369 | + (int) ((($h6 >> 23) | ($h7 << 3)) & 0xff), |
|
| 370 | + (int) (($h7 >> 5) & 0xff), |
|
| 371 | + (int) (($h7 >> 13) & 0xff), |
|
| 372 | + (int) ((($h7 >> 21) | ($h8 << 4)) & 0xff), |
|
| 373 | + (int) (($h8 >> 4) & 0xff), |
|
| 374 | + (int) (($h8 >> 12) & 0xff), |
|
| 375 | + (int) ((($h8 >> 20) | ($h9 << 6)) & 0xff), |
|
| 376 | + (int) (($h9 >> 2) & 0xff), |
|
| 377 | + (int) (($h9 >> 10) & 0xff), |
|
| 378 | + (int) (($h9 >> 18) & 0xff) |
|
| 379 | + ); |
|
| 380 | + return self::intArrayToString($s); |
|
| 381 | + } |
|
| 382 | + |
|
| 383 | + /** |
|
| 384 | + * Is a field element negative? (1 = yes, 0 = no. Used in calculations.) |
|
| 385 | + * |
|
| 386 | + * @internal You should not use this directly from another application |
|
| 387 | + * |
|
| 388 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 389 | + * @return int |
|
| 390 | + */ |
|
| 391 | + public static function fe_isnegative(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 392 | + { |
|
| 393 | + $str = self::fe_tobytes($f); |
|
| 394 | + return self::chrToInt($str[0]) & 1; |
|
| 395 | + } |
|
| 396 | + |
|
| 397 | + /** |
|
| 398 | + * Returns 0 if this field element results in all NUL bytes. |
|
| 399 | + * |
|
| 400 | + * @internal You should not use this directly from another application |
|
| 401 | + * |
|
| 402 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 403 | + * @return bool |
|
| 404 | + */ |
|
| 405 | + public static function fe_isnonzero(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 406 | + { |
|
| 407 | + static $zero; |
|
| 408 | + if ($zero === null) { |
|
| 409 | + $zero = str_repeat("\x00", 32); |
|
| 410 | + } |
|
| 411 | + $str = self::fe_tobytes($f); |
|
| 412 | + return !self::verify_32($str, $zero); |
|
| 413 | + } |
|
| 414 | + |
|
| 415 | + /** |
|
| 416 | + * Multiply two field elements |
|
| 417 | + * |
|
| 418 | + * h = f * g |
|
| 419 | + * |
|
| 420 | + * @internal You should not use this directly from another application |
|
| 421 | + * |
|
| 422 | + * @security Is multiplication a source of timing leaks? If so, can we do |
|
| 423 | + * anything to prevent that from happening? |
|
| 424 | + * |
|
| 425 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 426 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 427 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 428 | + */ |
|
| 429 | + public static function fe_mul( |
|
| 430 | + ParagonIE_Sodium_Core32_Curve25519_Fe $f, |
|
| 431 | + ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 432 | + ) { |
|
| 433 | + /** |
|
| 434 | + * @var ParagonIE_Sodium_Core32_Int32[] $f |
|
| 435 | + * @var ParagonIE_Sodium_Core32_Int32[] $g |
|
| 436 | + * @var ParagonIE_Sodium_Core32_Int64 $f0 |
|
| 437 | + * @var ParagonIE_Sodium_Core32_Int64 $f1 |
|
| 438 | + * @var ParagonIE_Sodium_Core32_Int64 $f2 |
|
| 439 | + * @var ParagonIE_Sodium_Core32_Int64 $f3 |
|
| 440 | + * @var ParagonIE_Sodium_Core32_Int64 $f4 |
|
| 441 | + * @var ParagonIE_Sodium_Core32_Int64 $f5 |
|
| 442 | + * @var ParagonIE_Sodium_Core32_Int64 $f6 |
|
| 443 | + * @var ParagonIE_Sodium_Core32_Int64 $f7 |
|
| 444 | + * @var ParagonIE_Sodium_Core32_Int64 $f8 |
|
| 445 | + * @var ParagonIE_Sodium_Core32_Int64 $f9 |
|
| 446 | + * @var ParagonIE_Sodium_Core32_Int64 $g0 |
|
| 447 | + * @var ParagonIE_Sodium_Core32_Int64 $g1 |
|
| 448 | + * @var ParagonIE_Sodium_Core32_Int64 $g2 |
|
| 449 | + * @var ParagonIE_Sodium_Core32_Int64 $g3 |
|
| 450 | + * @var ParagonIE_Sodium_Core32_Int64 $g4 |
|
| 451 | + * @var ParagonIE_Sodium_Core32_Int64 $g5 |
|
| 452 | + * @var ParagonIE_Sodium_Core32_Int64 $g6 |
|
| 453 | + * @var ParagonIE_Sodium_Core32_Int64 $g7 |
|
| 454 | + * @var ParagonIE_Sodium_Core32_Int64 $g8 |
|
| 455 | + * @var ParagonIE_Sodium_Core32_Int64 $g9 |
|
| 456 | + */ |
|
| 457 | + $f0 = $f[0]->toInt64(); |
|
| 458 | + $f1 = $f[1]->toInt64(); |
|
| 459 | + $f2 = $f[2]->toInt64(); |
|
| 460 | + $f3 = $f[3]->toInt64(); |
|
| 461 | + $f4 = $f[4]->toInt64(); |
|
| 462 | + $f5 = $f[5]->toInt64(); |
|
| 463 | + $f6 = $f[6]->toInt64(); |
|
| 464 | + $f7 = $f[7]->toInt64(); |
|
| 465 | + $f8 = $f[8]->toInt64(); |
|
| 466 | + $f9 = $f[9]->toInt64(); |
|
| 467 | + $g0 = $g[0]->toInt64(); |
|
| 468 | + $g1 = $g[1]->toInt64(); |
|
| 469 | + $g2 = $g[2]->toInt64(); |
|
| 470 | + $g3 = $g[3]->toInt64(); |
|
| 471 | + $g4 = $g[4]->toInt64(); |
|
| 472 | + $g5 = $g[5]->toInt64(); |
|
| 473 | + $g6 = $g[6]->toInt64(); |
|
| 474 | + $g7 = $g[7]->toInt64(); |
|
| 475 | + $g8 = $g[8]->toInt64(); |
|
| 476 | + $g9 = $g[9]->toInt64(); |
|
| 477 | + $g1_19 = $g1->mulInt(19, 5); /* 2^4 <= 19 <= 2^5, but we only want 5 bits */ |
|
| 478 | + $g2_19 = $g2->mulInt(19, 5); |
|
| 479 | + $g3_19 = $g3->mulInt(19, 5); |
|
| 480 | + $g4_19 = $g4->mulInt(19, 5); |
|
| 481 | + $g5_19 = $g5->mulInt(19, 5); |
|
| 482 | + $g6_19 = $g6->mulInt(19, 5); |
|
| 483 | + $g7_19 = $g7->mulInt(19, 5); |
|
| 484 | + $g8_19 = $g8->mulInt(19, 5); |
|
| 485 | + $g9_19 = $g9->mulInt(19, 5); |
|
| 486 | + /** @var ParagonIE_Sodium_Core32_Int64 $f1_2 */ |
|
| 487 | + $f1_2 = $f1->shiftLeft(1); |
|
| 488 | + /** @var ParagonIE_Sodium_Core32_Int64 $f3_2 */ |
|
| 489 | + $f3_2 = $f3->shiftLeft(1); |
|
| 490 | + /** @var ParagonIE_Sodium_Core32_Int64 $f5_2 */ |
|
| 491 | + $f5_2 = $f5->shiftLeft(1); |
|
| 492 | + /** @var ParagonIE_Sodium_Core32_Int64 $f7_2 */ |
|
| 493 | + $f7_2 = $f7->shiftLeft(1); |
|
| 494 | + /** @var ParagonIE_Sodium_Core32_Int64 $f9_2 */ |
|
| 495 | + $f9_2 = $f9->shiftLeft(1); |
|
| 496 | + $f0g0 = $f0->mulInt64($g0); |
|
| 497 | + $f0g1 = $f0->mulInt64($g1); |
|
| 498 | + $f0g2 = $f0->mulInt64($g2); |
|
| 499 | + $f0g3 = $f0->mulInt64($g3); |
|
| 500 | + $f0g4 = $f0->mulInt64($g4); |
|
| 501 | + $f0g5 = $f0->mulInt64($g5); |
|
| 502 | + $f0g6 = $f0->mulInt64($g6); |
|
| 503 | + $f0g7 = $f0->mulInt64($g7); |
|
| 504 | + $f0g8 = $f0->mulInt64($g8); |
|
| 505 | + $f0g9 = $f0->mulInt64($g9); |
|
| 506 | + $f1g0 = $f1->mulInt64($g0); |
|
| 507 | + $f1g1_2 = $f1_2->mulInt64($g1); |
|
| 508 | + $f1g2 = $f1->mulInt64($g2); |
|
| 509 | + $f1g3_2 = $f1_2->mulInt64($g3); |
|
| 510 | + $f1g4 = $f1->mulInt64($g4); |
|
| 511 | + $f1g5_2 = $f1_2->mulInt64($g5); |
|
| 512 | + $f1g6 = $f1->mulInt64($g6); |
|
| 513 | + $f1g7_2 = $f1_2->mulInt64($g7); |
|
| 514 | + $f1g8 = $f1->mulInt64($g8); |
|
| 515 | + $f1g9_38 = $f1_2->mulInt64($g9_19); |
|
| 516 | + $f2g0 = $f2->mulInt64($g0); |
|
| 517 | + $f2g1 = $f2->mulInt64($g1); |
|
| 518 | + $f2g2 = $f2->mulInt64($g2); |
|
| 519 | + $f2g3 = $f2->mulInt64($g3); |
|
| 520 | + $f2g4 = $f2->mulInt64($g4); |
|
| 521 | + $f2g5 = $f2->mulInt64($g5); |
|
| 522 | + $f2g6 = $f2->mulInt64($g6); |
|
| 523 | + $f2g7 = $f2->mulInt64($g7); |
|
| 524 | + $f2g8_19 = $f2->mulInt64($g8_19); |
|
| 525 | + $f2g9_19 = $f2->mulInt64($g9_19); |
|
| 526 | + $f3g0 = $f3->mulInt64($g0); |
|
| 527 | + $f3g1_2 = $f3_2->mulInt64($g1); |
|
| 528 | + $f3g2 = $f3->mulInt64($g2); |
|
| 529 | + $f3g3_2 = $f3_2->mulInt64($g3); |
|
| 530 | + $f3g4 = $f3->mulInt64($g4); |
|
| 531 | + $f3g5_2 = $f3_2->mulInt64($g5); |
|
| 532 | + $f3g6 = $f3->mulInt64($g6); |
|
| 533 | + $f3g7_38 = $f3_2->mulInt64($g7_19); |
|
| 534 | + $f3g8_19 = $f3->mulInt64($g8_19); |
|
| 535 | + $f3g9_38 = $f3_2->mulInt64($g9_19); |
|
| 536 | + $f4g0 = $f4->mulInt64($g0); |
|
| 537 | + $f4g1 = $f4->mulInt64($g1); |
|
| 538 | + $f4g2 = $f4->mulInt64($g2); |
|
| 539 | + $f4g3 = $f4->mulInt64($g3); |
|
| 540 | + $f4g4 = $f4->mulInt64($g4); |
|
| 541 | + $f4g5 = $f4->mulInt64($g5); |
|
| 542 | + $f4g6_19 = $f4->mulInt64($g6_19); |
|
| 543 | + $f4g7_19 = $f4->mulInt64($g7_19); |
|
| 544 | + $f4g8_19 = $f4->mulInt64($g8_19); |
|
| 545 | + $f4g9_19 = $f4->mulInt64($g9_19); |
|
| 546 | + $f5g0 = $f5->mulInt64($g0); |
|
| 547 | + $f5g1_2 = $f5_2->mulInt64($g1); |
|
| 548 | + $f5g2 = $f5->mulInt64($g2); |
|
| 549 | + $f5g3_2 = $f5_2->mulInt64($g3); |
|
| 550 | + $f5g4 = $f5->mulInt64($g4); |
|
| 551 | + $f5g5_38 = $f5_2->mulInt64($g5_19); |
|
| 552 | + $f5g6_19 = $f5->mulInt64($g6_19); |
|
| 553 | + $f5g7_38 = $f5_2->mulInt64($g7_19); |
|
| 554 | + $f5g8_19 = $f5->mulInt64($g8_19); |
|
| 555 | + $f5g9_38 = $f5_2->mulInt64($g9_19); |
|
| 556 | + $f6g0 = $f6->mulInt64($g0); |
|
| 557 | + $f6g1 = $f6->mulInt64($g1); |
|
| 558 | + $f6g2 = $f6->mulInt64($g2); |
|
| 559 | + $f6g3 = $f6->mulInt64($g3); |
|
| 560 | + $f6g4_19 = $f6->mulInt64($g4_19); |
|
| 561 | + $f6g5_19 = $f6->mulInt64($g5_19); |
|
| 562 | + $f6g6_19 = $f6->mulInt64($g6_19); |
|
| 563 | + $f6g7_19 = $f6->mulInt64($g7_19); |
|
| 564 | + $f6g8_19 = $f6->mulInt64($g8_19); |
|
| 565 | + $f6g9_19 = $f6->mulInt64($g9_19); |
|
| 566 | + $f7g0 = $f7->mulInt64($g0); |
|
| 567 | + $f7g1_2 = $f7_2->mulInt64($g1); |
|
| 568 | + $f7g2 = $f7->mulInt64($g2); |
|
| 569 | + $f7g3_38 = $f7_2->mulInt64($g3_19); |
|
| 570 | + $f7g4_19 = $f7->mulInt64($g4_19); |
|
| 571 | + $f7g5_38 = $f7_2->mulInt64($g5_19); |
|
| 572 | + $f7g6_19 = $f7->mulInt64($g6_19); |
|
| 573 | + $f7g7_38 = $f7_2->mulInt64($g7_19); |
|
| 574 | + $f7g8_19 = $f7->mulInt64($g8_19); |
|
| 575 | + $f7g9_38 = $f7_2->mulInt64($g9_19); |
|
| 576 | + $f8g0 = $f8->mulInt64($g0); |
|
| 577 | + $f8g1 = $f8->mulInt64($g1); |
|
| 578 | + $f8g2_19 = $f8->mulInt64($g2_19); |
|
| 579 | + $f8g3_19 = $f8->mulInt64($g3_19); |
|
| 580 | + $f8g4_19 = $f8->mulInt64($g4_19); |
|
| 581 | + $f8g5_19 = $f8->mulInt64($g5_19); |
|
| 582 | + $f8g6_19 = $f8->mulInt64($g6_19); |
|
| 583 | + $f8g7_19 = $f8->mulInt64($g7_19); |
|
| 584 | + $f8g8_19 = $f8->mulInt64($g8_19); |
|
| 585 | + $f8g9_19 = $f8->mulInt64($g9_19); |
|
| 586 | + $f9g0 = $f9->mulInt64($g0); |
|
| 587 | + $f9g1_38 = $f9_2->mulInt64($g1_19); |
|
| 588 | + $f9g2_19 = $f9->mulInt64($g2_19); |
|
| 589 | + $f9g3_38 = $f9_2->mulInt64($g3_19); |
|
| 590 | + $f9g4_19 = $f9->mulInt64($g4_19); |
|
| 591 | + $f9g5_38 = $f9_2->mulInt64($g5_19); |
|
| 592 | + $f9g6_19 = $f9->mulInt64($g6_19); |
|
| 593 | + $f9g7_38 = $f9_2->mulInt64($g7_19); |
|
| 594 | + $f9g8_19 = $f9->mulInt64($g8_19); |
|
| 595 | + $f9g9_38 = $f9_2->mulInt64($g9_19); |
|
| 596 | + |
|
| 597 | + // $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; |
|
| 598 | + $h0 = $f0g0->addInt64($f1g9_38)->addInt64($f2g8_19)->addInt64($f3g7_38) |
|
| 599 | + ->addInt64($f4g6_19)->addInt64($f5g5_38)->addInt64($f6g4_19) |
|
| 600 | + ->addInt64($f7g3_38)->addInt64($f8g2_19)->addInt64($f9g1_38); |
|
| 601 | + |
|
| 602 | + // $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
|
| 603 | + $h1 = $f0g1->addInt64($f1g0)->addInt64($f2g9_19)->addInt64($f3g8_19) |
|
| 604 | + ->addInt64($f4g7_19)->addInt64($f5g6_19)->addInt64($f6g5_19) |
|
| 605 | + ->addInt64($f7g4_19)->addInt64($f8g3_19)->addInt64($f9g2_19); |
|
| 606 | + |
|
| 607 | + // $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
|
| 608 | + $h2 = $f0g2->addInt64($f1g1_2)->addInt64($f2g0)->addInt64($f3g9_38) |
|
| 609 | + ->addInt64($f4g8_19)->addInt64($f5g7_38)->addInt64($f6g6_19) |
|
| 610 | + ->addInt64($f7g5_38)->addInt64($f8g4_19)->addInt64($f9g3_38); |
|
| 611 | + |
|
| 612 | + // $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
|
| 613 | + $h3 = $f0g3->addInt64($f1g2)->addInt64($f2g1)->addInt64($f3g0) |
|
| 614 | + ->addInt64($f4g9_19)->addInt64($f5g8_19)->addInt64($f6g7_19) |
|
| 615 | + ->addInt64($f7g6_19)->addInt64($f8g5_19)->addInt64($f9g4_19); |
|
| 616 | + |
|
| 617 | + // $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
|
| 618 | + $h4 = $f0g4->addInt64($f1g3_2)->addInt64($f2g2)->addInt64($f3g1_2) |
|
| 619 | + ->addInt64($f4g0)->addInt64($f5g9_38)->addInt64($f6g8_19) |
|
| 620 | + ->addInt64($f7g7_38)->addInt64($f8g6_19)->addInt64($f9g5_38); |
|
| 621 | + |
|
| 622 | + // $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
|
| 623 | + $h5 = $f0g5->addInt64($f1g4)->addInt64($f2g3)->addInt64($f3g2) |
|
| 624 | + ->addInt64($f4g1)->addInt64($f5g0)->addInt64($f6g9_19) |
|
| 625 | + ->addInt64($f7g8_19)->addInt64($f8g7_19)->addInt64($f9g6_19); |
|
| 626 | + |
|
| 627 | + // $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
|
| 628 | + $h6 = $f0g6->addInt64($f1g5_2)->addInt64($f2g4)->addInt64($f3g3_2) |
|
| 629 | + ->addInt64($f4g2)->addInt64($f5g1_2)->addInt64($f6g0) |
|
| 630 | + ->addInt64($f7g9_38)->addInt64($f8g8_19)->addInt64($f9g7_38); |
|
| 631 | + |
|
| 632 | + // $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
|
| 633 | + $h7 = $f0g7->addInt64($f1g6)->addInt64($f2g5)->addInt64($f3g4) |
|
| 634 | + ->addInt64($f4g3)->addInt64($f5g2)->addInt64($f6g1) |
|
| 635 | + ->addInt64($f7g0)->addInt64($f8g9_19)->addInt64($f9g8_19); |
|
| 636 | + |
|
| 637 | + // $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
|
| 638 | + $h8 = $f0g8->addInt64($f1g7_2)->addInt64($f2g6)->addInt64($f3g5_2) |
|
| 639 | + ->addInt64($f4g4)->addInt64($f5g3_2)->addInt64($f6g2) |
|
| 640 | + ->addInt64($f7g1_2)->addInt64($f8g0)->addInt64($f9g9_38); |
|
| 641 | + |
|
| 642 | + // $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; |
|
| 643 | + $h9 = $f0g9->addInt64($f1g8)->addInt64($f2g7)->addInt64($f3g6) |
|
| 644 | + ->addInt64($f4g5)->addInt64($f5g4)->addInt64($f6g3) |
|
| 645 | + ->addInt64($f7g2)->addInt64($f8g1)->addInt64($f9g0); |
|
| 646 | + |
|
| 647 | + /** |
|
| 648 | + * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 649 | + * @var ParagonIE_Sodium_Core32_Int64 $h1 |
|
| 650 | + * @var ParagonIE_Sodium_Core32_Int64 $h2 |
|
| 651 | + * @var ParagonIE_Sodium_Core32_Int64 $h3 |
|
| 652 | + * @var ParagonIE_Sodium_Core32_Int64 $h4 |
|
| 653 | + * @var ParagonIE_Sodium_Core32_Int64 $h5 |
|
| 654 | + * @var ParagonIE_Sodium_Core32_Int64 $h6 |
|
| 655 | + * @var ParagonIE_Sodium_Core32_Int64 $h7 |
|
| 656 | + * @var ParagonIE_Sodium_Core32_Int64 $h8 |
|
| 657 | + * @var ParagonIE_Sodium_Core32_Int64 $h9 |
|
| 658 | + * @var ParagonIE_Sodium_Core32_Int64 $carry0 |
|
| 659 | + * @var ParagonIE_Sodium_Core32_Int64 $carry1 |
|
| 660 | + * @var ParagonIE_Sodium_Core32_Int64 $carry2 |
|
| 661 | + * @var ParagonIE_Sodium_Core32_Int64 $carry3 |
|
| 662 | + * @var ParagonIE_Sodium_Core32_Int64 $carry4 |
|
| 663 | + * @var ParagonIE_Sodium_Core32_Int64 $carry5 |
|
| 664 | + * @var ParagonIE_Sodium_Core32_Int64 $carry6 |
|
| 665 | + * @var ParagonIE_Sodium_Core32_Int64 $carry7 |
|
| 666 | + * @var ParagonIE_Sodium_Core32_Int64 $carry8 |
|
| 667 | + * @var ParagonIE_Sodium_Core32_Int64 $carry9 |
|
| 668 | + */ |
|
| 669 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 670 | + $h1 = $h1->addInt64($carry0); |
|
| 671 | + $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 672 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 673 | + $h5 = $h5->addInt64($carry4); |
|
| 674 | + $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 675 | + |
|
| 676 | + $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 677 | + $h2 = $h2->addInt64($carry1); |
|
| 678 | + $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 679 | + $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 680 | + $h6 = $h6->addInt64($carry5); |
|
| 681 | + $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 682 | + |
|
| 683 | + $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 684 | + $h3 = $h3->addInt64($carry2); |
|
| 685 | + $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 686 | + $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 687 | + $h7 = $h7->addInt64($carry6); |
|
| 688 | + $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 689 | + |
|
| 690 | + $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 691 | + $h4 = $h4->addInt64($carry3); |
|
| 692 | + $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 693 | + $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 694 | + $h8 = $h8->addInt64($carry7); |
|
| 695 | + $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 696 | + |
|
| 697 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 698 | + $h5 = $h5->addInt64($carry4); |
|
| 699 | + $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 700 | + $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 701 | + $h9 = $h9->addInt64($carry8); |
|
| 702 | + $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 703 | + |
|
| 704 | + $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 705 | + $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 706 | + $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 707 | + |
|
| 708 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 709 | + $h1 = $h1->addInt64($carry0); |
|
| 710 | + $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 711 | + |
|
| 712 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 713 | + array( |
|
| 714 | + $h0->toInt32(), |
|
| 715 | + $h1->toInt32(), |
|
| 716 | + $h2->toInt32(), |
|
| 717 | + $h3->toInt32(), |
|
| 718 | + $h4->toInt32(), |
|
| 719 | + $h5->toInt32(), |
|
| 720 | + $h6->toInt32(), |
|
| 721 | + $h7->toInt32(), |
|
| 722 | + $h8->toInt32(), |
|
| 723 | + $h9->toInt32() |
|
| 724 | + ) |
|
| 725 | + ); |
|
| 726 | + } |
|
| 727 | + |
|
| 728 | + /** |
|
| 729 | + * Get the negative values for each piece of the field element. |
|
| 730 | + * |
|
| 731 | + * h = -f |
|
| 732 | + * |
|
| 733 | + * @internal You should not use this directly from another application |
|
| 734 | + * |
|
| 735 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 736 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 737 | + */ |
|
| 738 | + public static function fe_neg(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 739 | + { |
|
| 740 | + $h = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
|
| 741 | + for ($i = 0; $i < 10; ++$i) { |
|
| 742 | + $h[$i] = $h[$i]->subInt32($f[$i]); |
|
| 743 | + } |
|
| 744 | + return $h; |
|
| 745 | + } |
|
| 746 | + |
|
| 747 | + /** |
|
| 748 | + * Square a field element |
|
| 749 | + * |
|
| 750 | + * h = f * f |
|
| 751 | + * |
|
| 752 | + * @internal You should not use this directly from another application |
|
| 753 | + * |
|
| 754 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 755 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 756 | + */ |
|
| 757 | + public static function fe_sq(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 758 | + { |
|
| 759 | + /** |
|
| 760 | + * @var ParagonIE_Sodium_Core32_Int64 $f0 |
|
| 761 | + * @var ParagonIE_Sodium_Core32_Int64 $f1 |
|
| 762 | + * @var ParagonIE_Sodium_Core32_Int64 $f2 |
|
| 763 | + * @var ParagonIE_Sodium_Core32_Int64 $f3 |
|
| 764 | + * @var ParagonIE_Sodium_Core32_Int64 $f4 |
|
| 765 | + * @var ParagonIE_Sodium_Core32_Int64 $f5 |
|
| 766 | + * @var ParagonIE_Sodium_Core32_Int64 $f6 |
|
| 767 | + * @var ParagonIE_Sodium_Core32_Int64 $f7 |
|
| 768 | + * @var ParagonIE_Sodium_Core32_Int64 $f8 |
|
| 769 | + * @var ParagonIE_Sodium_Core32_Int64 $f9 |
|
| 770 | + */ |
|
| 771 | + $f0 = $f[0]->toInt64(); |
|
| 772 | + $f1 = $f[1]->toInt64(); |
|
| 773 | + $f2 = $f[2]->toInt64(); |
|
| 774 | + $f3 = $f[3]->toInt64(); |
|
| 775 | + $f4 = $f[4]->toInt64(); |
|
| 776 | + $f5 = $f[5]->toInt64(); |
|
| 777 | + $f6 = $f[6]->toInt64(); |
|
| 778 | + $f7 = $f[7]->toInt64(); |
|
| 779 | + $f8 = $f[8]->toInt64(); |
|
| 780 | + $f9 = $f[9]->toInt64(); |
|
| 781 | + |
|
| 782 | + /** @var ParagonIE_Sodium_Core32_Int64 $f0_2 */ |
|
| 783 | + $f0_2 = $f0->shiftLeft(1); |
|
| 784 | + $f1_2 = $f1->shiftLeft(1); |
|
| 785 | + $f2_2 = $f2->shiftLeft(1); |
|
| 786 | + $f3_2 = $f3->shiftLeft(1); |
|
| 787 | + $f4_2 = $f4->shiftLeft(1); |
|
| 788 | + $f5_2 = $f5->shiftLeft(1); |
|
| 789 | + $f6_2 = $f6->shiftLeft(1); |
|
| 790 | + $f7_2 = $f7->shiftLeft(1); |
|
| 791 | + $f5_38 = $f5->mulInt(38, 6); |
|
| 792 | + $f6_19 = $f6->mulInt(19, 5); |
|
| 793 | + $f7_38 = $f7->mulInt(38, 6); |
|
| 794 | + $f8_19 = $f8->mulInt(19, 5); |
|
| 795 | + $f9_38 = $f9->mulInt(38, 6); |
|
| 796 | + /** @var ParagonIE_Sodium_Core32_Int64 $f0f0*/ |
|
| 797 | + $f0f0 = $f0->mulInt64($f0); |
|
| 798 | + $f0f1_2 = $f0_2->mulInt64($f1); |
|
| 799 | + $f0f2_2 = $f0_2->mulInt64($f2); |
|
| 800 | + $f0f3_2 = $f0_2->mulInt64($f3); |
|
| 801 | + $f0f4_2 = $f0_2->mulInt64($f4); |
|
| 802 | + $f0f5_2 = $f0_2->mulInt64($f5); |
|
| 803 | + $f0f6_2 = $f0_2->mulInt64($f6); |
|
| 804 | + $f0f7_2 = $f0_2->mulInt64($f7); |
|
| 805 | + $f0f8_2 = $f0_2->mulInt64($f8); |
|
| 806 | + $f0f9_2 = $f0_2->mulInt64($f9); |
|
| 807 | + $f1f1_2 = $f1_2->mulInt64($f1); |
|
| 808 | + $f1f2_2 = $f1_2->mulInt64($f2); |
|
| 809 | + $f1f3_4 = $f1_2->mulInt64($f3_2); |
|
| 810 | + $f1f4_2 = $f1_2->mulInt64($f4); |
|
| 811 | + $f1f5_4 = $f1_2->mulInt64($f5_2); |
|
| 812 | + $f1f6_2 = $f1_2->mulInt64($f6); |
|
| 813 | + $f1f7_4 = $f1_2->mulInt64($f7_2); |
|
| 814 | + $f1f8_2 = $f1_2->mulInt64($f8); |
|
| 815 | + $f1f9_76 = $f1_2->mulInt64($f9_38); |
|
| 816 | + $f2f2 = $f2->mulInt64($f2); |
|
| 817 | + $f2f3_2 = $f2_2->mulInt64($f3); |
|
| 818 | + $f2f4_2 = $f2_2->mulInt64($f4); |
|
| 819 | + $f2f5_2 = $f2_2->mulInt64($f5); |
|
| 820 | + $f2f6_2 = $f2_2->mulInt64($f6); |
|
| 821 | + $f2f7_2 = $f2_2->mulInt64($f7); |
|
| 822 | + $f2f8_38 = $f2_2->mulInt64($f8_19); |
|
| 823 | + $f2f9_38 = $f2->mulInt64($f9_38); |
|
| 824 | + $f3f3_2 = $f3_2->mulInt64($f3); |
|
| 825 | + $f3f4_2 = $f3_2->mulInt64($f4); |
|
| 826 | + $f3f5_4 = $f3_2->mulInt64($f5_2); |
|
| 827 | + $f3f6_2 = $f3_2->mulInt64($f6); |
|
| 828 | + $f3f7_76 = $f3_2->mulInt64($f7_38); |
|
| 829 | + $f3f8_38 = $f3_2->mulInt64($f8_19); |
|
| 830 | + $f3f9_76 = $f3_2->mulInt64($f9_38); |
|
| 831 | + $f4f4 = $f4->mulInt64($f4); |
|
| 832 | + $f4f5_2 = $f4_2->mulInt64($f5); |
|
| 833 | + $f4f6_38 = $f4_2->mulInt64($f6_19); |
|
| 834 | + $f4f7_38 = $f4->mulInt64($f7_38); |
|
| 835 | + $f4f8_38 = $f4_2->mulInt64($f8_19); |
|
| 836 | + $f4f9_38 = $f4->mulInt64($f9_38); |
|
| 837 | + $f5f5_38 = $f5->mulInt64($f5_38); |
|
| 838 | + $f5f6_38 = $f5_2->mulInt64($f6_19); |
|
| 839 | + $f5f7_76 = $f5_2->mulInt64($f7_38); |
|
| 840 | + $f5f8_38 = $f5_2->mulInt64($f8_19); |
|
| 841 | + $f5f9_76 = $f5_2->mulInt64($f9_38); |
|
| 842 | + $f6f6_19 = $f6->mulInt64($f6_19); |
|
| 843 | + $f6f7_38 = $f6->mulInt64($f7_38); |
|
| 844 | + $f6f8_38 = $f6_2->mulInt64($f8_19); |
|
| 845 | + $f6f9_38 = $f6->mulInt64($f9_38); |
|
| 846 | + $f7f7_38 = $f7->mulInt64($f7_38); |
|
| 847 | + $f7f8_38 = $f7_2->mulInt64($f8_19); |
|
| 848 | + $f7f9_76 = $f7_2->mulInt64($f9_38); |
|
| 849 | + $f8f8_19 = $f8->mulInt64($f8_19); |
|
| 850 | + $f8f9_38 = $f8->mulInt64($f9_38); |
|
| 851 | + $f9f9_38 = $f9->mulInt64($f9_38); |
|
| 852 | + |
|
| 853 | + $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); |
|
| 854 | + $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); |
|
| 855 | + $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); |
|
| 856 | + $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); |
|
| 857 | + $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); |
|
| 858 | + $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); |
|
| 859 | + $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); |
|
| 860 | + $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); |
|
| 861 | + $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); |
|
| 862 | + $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); |
|
| 863 | + |
|
| 864 | + /** |
|
| 865 | + * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 866 | + * @var ParagonIE_Sodium_Core32_Int64 $h1 |
|
| 867 | + * @var ParagonIE_Sodium_Core32_Int64 $h2 |
|
| 868 | + * @var ParagonIE_Sodium_Core32_Int64 $h3 |
|
| 869 | + * @var ParagonIE_Sodium_Core32_Int64 $h4 |
|
| 870 | + * @var ParagonIE_Sodium_Core32_Int64 $h5 |
|
| 871 | + * @var ParagonIE_Sodium_Core32_Int64 $h6 |
|
| 872 | + * @var ParagonIE_Sodium_Core32_Int64 $h7 |
|
| 873 | + * @var ParagonIE_Sodium_Core32_Int64 $h8 |
|
| 874 | + * @var ParagonIE_Sodium_Core32_Int64 $h9 |
|
| 875 | + */ |
|
| 876 | + |
|
| 877 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 878 | + $h1 = $h1->addInt64($carry0); |
|
| 879 | + $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 880 | + |
|
| 881 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 882 | + $h5 = $h5->addInt64($carry4); |
|
| 883 | + $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 884 | + |
|
| 885 | + $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 886 | + $h2 = $h2->addInt64($carry1); |
|
| 887 | + $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 888 | + |
|
| 889 | + $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 890 | + $h6 = $h6->addInt64($carry5); |
|
| 891 | + $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 892 | + |
|
| 893 | + $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 894 | + $h3 = $h3->addInt64($carry2); |
|
| 895 | + $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 896 | + |
|
| 897 | + $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 898 | + $h7 = $h7->addInt64($carry6); |
|
| 899 | + $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 900 | + |
|
| 901 | + $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 902 | + $h4 = $h4->addInt64($carry3); |
|
| 903 | + $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 904 | + |
|
| 905 | + $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 906 | + $h8 = $h8->addInt64($carry7); |
|
| 907 | + $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 908 | + |
|
| 909 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 910 | + $h5 = $h5->addInt64($carry4); |
|
| 911 | + $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 912 | + |
|
| 913 | + $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 914 | + $h9 = $h9->addInt64($carry8); |
|
| 915 | + $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 916 | + |
|
| 917 | + $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 918 | + $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 919 | + $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 920 | + |
|
| 921 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 922 | + $h1 = $h1->addInt64($carry0); |
|
| 923 | + $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 924 | + |
|
| 925 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 926 | + array( |
|
| 927 | + $h0->toInt32(), |
|
| 928 | + $h1->toInt32(), |
|
| 929 | + $h2->toInt32(), |
|
| 930 | + $h3->toInt32(), |
|
| 931 | + $h4->toInt32(), |
|
| 932 | + $h5->toInt32(), |
|
| 933 | + $h6->toInt32(), |
|
| 934 | + $h7->toInt32(), |
|
| 935 | + $h8->toInt32(), |
|
| 936 | + $h9->toInt32() |
|
| 937 | + ) |
|
| 938 | + ); |
|
| 939 | + } |
|
| 940 | + |
|
| 941 | + /** |
|
| 942 | + * Square and double a field element |
|
| 943 | + * |
|
| 944 | + * h = 2 * f * f |
|
| 945 | + * |
|
| 946 | + * @internal You should not use this directly from another application |
|
| 947 | + * |
|
| 948 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 949 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 950 | + */ |
|
| 951 | + public static function fe_sq2(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 952 | + { |
|
| 953 | + /** |
|
| 954 | + * @var ParagonIE_Sodium_Core32_Int64 $f0 |
|
| 955 | + * @var ParagonIE_Sodium_Core32_Int64 $f1 |
|
| 956 | + * @var ParagonIE_Sodium_Core32_Int64 $f2 |
|
| 957 | + * @var ParagonIE_Sodium_Core32_Int64 $f3 |
|
| 958 | + * @var ParagonIE_Sodium_Core32_Int64 $f4 |
|
| 959 | + * @var ParagonIE_Sodium_Core32_Int64 $f5 |
|
| 960 | + * @var ParagonIE_Sodium_Core32_Int64 $f6 |
|
| 961 | + * @var ParagonIE_Sodium_Core32_Int64 $f7 |
|
| 962 | + * @var ParagonIE_Sodium_Core32_Int64 $f8 |
|
| 963 | + * @var ParagonIE_Sodium_Core32_Int64 $f9 |
|
| 964 | + * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 965 | + */ |
|
| 966 | + $f0 = $f[0]->toInt64(); |
|
| 967 | + $f1 = $f[1]->toInt64(); |
|
| 968 | + $f2 = $f[2]->toInt64(); |
|
| 969 | + $f3 = $f[3]->toInt64(); |
|
| 970 | + $f4 = $f[4]->toInt64(); |
|
| 971 | + $f5 = $f[5]->toInt64(); |
|
| 972 | + $f6 = $f[6]->toInt64(); |
|
| 973 | + $f7 = $f[7]->toInt64(); |
|
| 974 | + $f8 = $f[8]->toInt64(); |
|
| 975 | + $f9 = $f[9]->toInt64(); |
|
| 976 | + |
|
| 977 | + $f0_2 = $f0->shiftLeft(1); |
|
| 978 | + $f1_2 = $f1->shiftLeft(1); |
|
| 979 | + $f2_2 = $f2->shiftLeft(1); |
|
| 980 | + $f3_2 = $f3->shiftLeft(1); |
|
| 981 | + $f4_2 = $f4->shiftLeft(1); |
|
| 982 | + $f5_2 = $f5->shiftLeft(1); |
|
| 983 | + $f6_2 = $f6->shiftLeft(1); |
|
| 984 | + $f7_2 = $f7->shiftLeft(1); |
|
| 985 | + $f5_38 = $f5->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 986 | + $f6_19 = $f6->mulInt(19, 5); /* 1.959375*2^30 */ |
|
| 987 | + $f7_38 = $f7->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 988 | + $f8_19 = $f8->mulInt(19, 5); /* 1.959375*2^30 */ |
|
| 989 | + $f9_38 = $f9->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 990 | + $f0f0 = $f0->mulInt64($f0); |
|
| 991 | + $f0f1_2 = $f0_2->mulInt64($f1); |
|
| 992 | + $f0f2_2 = $f0_2->mulInt64($f2); |
|
| 993 | + $f0f3_2 = $f0_2->mulInt64($f3); |
|
| 994 | + $f0f4_2 = $f0_2->mulInt64($f4); |
|
| 995 | + $f0f5_2 = $f0_2->mulInt64($f5); |
|
| 996 | + $f0f6_2 = $f0_2->mulInt64($f6); |
|
| 997 | + $f0f7_2 = $f0_2->mulInt64($f7); |
|
| 998 | + $f0f8_2 = $f0_2->mulInt64($f8); |
|
| 999 | + $f0f9_2 = $f0_2->mulInt64($f9); |
|
| 1000 | + $f1f1_2 = $f1_2->mulInt64($f1); |
|
| 1001 | + $f1f2_2 = $f1_2->mulInt64($f2); |
|
| 1002 | + $f1f3_4 = $f1_2->mulInt64($f3_2); |
|
| 1003 | + $f1f4_2 = $f1_2->mulInt64($f4); |
|
| 1004 | + $f1f5_4 = $f1_2->mulInt64($f5_2); |
|
| 1005 | + $f1f6_2 = $f1_2->mulInt64($f6); |
|
| 1006 | + $f1f7_4 = $f1_2->mulInt64($f7_2); |
|
| 1007 | + $f1f8_2 = $f1_2->mulInt64($f8); |
|
| 1008 | + $f1f9_76 = $f1_2->mulInt64($f9_38); |
|
| 1009 | + $f2f2 = $f2->mulInt64($f2); |
|
| 1010 | + $f2f3_2 = $f2_2->mulInt64($f3); |
|
| 1011 | + $f2f4_2 = $f2_2->mulInt64($f4); |
|
| 1012 | + $f2f5_2 = $f2_2->mulInt64($f5); |
|
| 1013 | + $f2f6_2 = $f2_2->mulInt64($f6); |
|
| 1014 | + $f2f7_2 = $f2_2->mulInt64($f7); |
|
| 1015 | + $f2f8_38 = $f2_2->mulInt64($f8_19); |
|
| 1016 | + $f2f9_38 = $f2->mulInt64($f9_38); |
|
| 1017 | + $f3f3_2 = $f3_2->mulInt64($f3); |
|
| 1018 | + $f3f4_2 = $f3_2->mulInt64($f4); |
|
| 1019 | + $f3f5_4 = $f3_2->mulInt64($f5_2); |
|
| 1020 | + $f3f6_2 = $f3_2->mulInt64($f6); |
|
| 1021 | + $f3f7_76 = $f3_2->mulInt64($f7_38); |
|
| 1022 | + $f3f8_38 = $f3_2->mulInt64($f8_19); |
|
| 1023 | + $f3f9_76 = $f3_2->mulInt64($f9_38); |
|
| 1024 | + $f4f4 = $f4->mulInt64($f4); |
|
| 1025 | + $f4f5_2 = $f4_2->mulInt64($f5); |
|
| 1026 | + $f4f6_38 = $f4_2->mulInt64($f6_19); |
|
| 1027 | + $f4f7_38 = $f4->mulInt64($f7_38); |
|
| 1028 | + $f4f8_38 = $f4_2->mulInt64($f8_19); |
|
| 1029 | + $f4f9_38 = $f4->mulInt64($f9_38); |
|
| 1030 | + $f5f5_38 = $f5->mulInt64($f5_38); |
|
| 1031 | + $f5f6_38 = $f5_2->mulInt64($f6_19); |
|
| 1032 | + $f5f7_76 = $f5_2->mulInt64($f7_38); |
|
| 1033 | + $f5f8_38 = $f5_2->mulInt64($f8_19); |
|
| 1034 | + $f5f9_76 = $f5_2->mulInt64($f9_38); |
|
| 1035 | + $f6f6_19 = $f6->mulInt64($f6_19); |
|
| 1036 | + $f6f7_38 = $f6->mulInt64($f7_38); |
|
| 1037 | + $f6f8_38 = $f6_2->mulInt64($f8_19); |
|
| 1038 | + $f6f9_38 = $f6->mulInt64($f9_38); |
|
| 1039 | + $f7f7_38 = $f7->mulInt64($f7_38); |
|
| 1040 | + $f7f8_38 = $f7_2->mulInt64($f8_19); |
|
| 1041 | + $f7f9_76 = $f7_2->mulInt64($f9_38); |
|
| 1042 | + $f8f8_19 = $f8->mulInt64($f8_19); |
|
| 1043 | + $f8f9_38 = $f8->mulInt64($f9_38); |
|
| 1044 | + $f9f9_38 = $f9->mulInt64($f9_38); |
|
| 1045 | + |
|
| 1046 | + $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); |
|
| 1047 | + $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); |
|
| 1048 | + $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); |
|
| 1049 | + $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); |
|
| 1050 | + $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); |
|
| 1051 | + $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); |
|
| 1052 | + $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); |
|
| 1053 | + $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); |
|
| 1054 | + $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); |
|
| 1055 | + $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); |
|
| 1056 | + |
|
| 1057 | + /* |
|
| 1058 | 1058 | $h6 = (int) ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19); |
| 1059 | 1059 | $h7 = (int) ($f0f7_2 + $f1f6_2 + $f2f5_2 + $f3f4_2 + $f8f9_38); |
| 1060 | 1060 | $h8 = (int) ($f0f8_2 + $f1f7_4 + $f2f6_2 + $f3f5_4 + $f4f4 + $f9f9_38); |
| 1061 | 1061 | */ |
| 1062 | 1062 | |
| 1063 | - /** |
|
| 1064 | - * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 1065 | - * @var ParagonIE_Sodium_Core32_Int64 $h1 |
|
| 1066 | - * @var ParagonIE_Sodium_Core32_Int64 $h2 |
|
| 1067 | - * @var ParagonIE_Sodium_Core32_Int64 $h3 |
|
| 1068 | - * @var ParagonIE_Sodium_Core32_Int64 $h4 |
|
| 1069 | - * @var ParagonIE_Sodium_Core32_Int64 $h5 |
|
| 1070 | - * @var ParagonIE_Sodium_Core32_Int64 $h6 |
|
| 1071 | - * @var ParagonIE_Sodium_Core32_Int64 $h7 |
|
| 1072 | - * @var ParagonIE_Sodium_Core32_Int64 $h8 |
|
| 1073 | - * @var ParagonIE_Sodium_Core32_Int64 $h9 |
|
| 1074 | - */ |
|
| 1075 | - $h0 = $h0->shiftLeft(1); |
|
| 1076 | - $h1 = $h1->shiftLeft(1); |
|
| 1077 | - $h2 = $h2->shiftLeft(1); |
|
| 1078 | - $h3 = $h3->shiftLeft(1); |
|
| 1079 | - $h4 = $h4->shiftLeft(1); |
|
| 1080 | - $h5 = $h5->shiftLeft(1); |
|
| 1081 | - $h6 = $h6->shiftLeft(1); |
|
| 1082 | - $h7 = $h7->shiftLeft(1); |
|
| 1083 | - $h8 = $h8->shiftLeft(1); |
|
| 1084 | - $h9 = $h9->shiftLeft(1); |
|
| 1085 | - |
|
| 1086 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 1087 | - $h1 = $h1->addInt64($carry0); |
|
| 1088 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 1089 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 1090 | - $h5 = $h5->addInt64($carry4); |
|
| 1091 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 1092 | - |
|
| 1093 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 1094 | - $h2 = $h2->addInt64($carry1); |
|
| 1095 | - $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 1096 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 1097 | - $h6 = $h6->addInt64($carry5); |
|
| 1098 | - $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 1099 | - |
|
| 1100 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 1101 | - $h3 = $h3->addInt64($carry2); |
|
| 1102 | - $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 1103 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 1104 | - $h7 = $h7->addInt64($carry6); |
|
| 1105 | - $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 1106 | - |
|
| 1107 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 1108 | - $h4 = $h4->addInt64($carry3); |
|
| 1109 | - $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 1110 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 1111 | - $h8 = $h8->addInt64($carry7); |
|
| 1112 | - $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 1113 | - |
|
| 1114 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 1115 | - $h5 = $h5->addInt64($carry4); |
|
| 1116 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 1117 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 1118 | - $h9 = $h9->addInt64($carry8); |
|
| 1119 | - $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 1120 | - |
|
| 1121 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 1122 | - $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 1123 | - $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 1124 | - |
|
| 1125 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 1126 | - $h1 = $h1->addInt64($carry0); |
|
| 1127 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 1128 | - |
|
| 1129 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1130 | - array( |
|
| 1131 | - $h0->toInt32(), |
|
| 1132 | - $h1->toInt32(), |
|
| 1133 | - $h2->toInt32(), |
|
| 1134 | - $h3->toInt32(), |
|
| 1135 | - $h4->toInt32(), |
|
| 1136 | - $h5->toInt32(), |
|
| 1137 | - $h6->toInt32(), |
|
| 1138 | - $h7->toInt32(), |
|
| 1139 | - $h8->toInt32(), |
|
| 1140 | - $h9->toInt32() |
|
| 1141 | - ) |
|
| 1142 | - ); |
|
| 1063 | + /** |
|
| 1064 | + * @var ParagonIE_Sodium_Core32_Int64 $h0 |
|
| 1065 | + * @var ParagonIE_Sodium_Core32_Int64 $h1 |
|
| 1066 | + * @var ParagonIE_Sodium_Core32_Int64 $h2 |
|
| 1067 | + * @var ParagonIE_Sodium_Core32_Int64 $h3 |
|
| 1068 | + * @var ParagonIE_Sodium_Core32_Int64 $h4 |
|
| 1069 | + * @var ParagonIE_Sodium_Core32_Int64 $h5 |
|
| 1070 | + * @var ParagonIE_Sodium_Core32_Int64 $h6 |
|
| 1071 | + * @var ParagonIE_Sodium_Core32_Int64 $h7 |
|
| 1072 | + * @var ParagonIE_Sodium_Core32_Int64 $h8 |
|
| 1073 | + * @var ParagonIE_Sodium_Core32_Int64 $h9 |
|
| 1074 | + */ |
|
| 1075 | + $h0 = $h0->shiftLeft(1); |
|
| 1076 | + $h1 = $h1->shiftLeft(1); |
|
| 1077 | + $h2 = $h2->shiftLeft(1); |
|
| 1078 | + $h3 = $h3->shiftLeft(1); |
|
| 1079 | + $h4 = $h4->shiftLeft(1); |
|
| 1080 | + $h5 = $h5->shiftLeft(1); |
|
| 1081 | + $h6 = $h6->shiftLeft(1); |
|
| 1082 | + $h7 = $h7->shiftLeft(1); |
|
| 1083 | + $h8 = $h8->shiftLeft(1); |
|
| 1084 | + $h9 = $h9->shiftLeft(1); |
|
| 1085 | + |
|
| 1086 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 1087 | + $h1 = $h1->addInt64($carry0); |
|
| 1088 | + $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 1089 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 1090 | + $h5 = $h5->addInt64($carry4); |
|
| 1091 | + $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 1092 | + |
|
| 1093 | + $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 1094 | + $h2 = $h2->addInt64($carry1); |
|
| 1095 | + $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 1096 | + $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 1097 | + $h6 = $h6->addInt64($carry5); |
|
| 1098 | + $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 1099 | + |
|
| 1100 | + $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 1101 | + $h3 = $h3->addInt64($carry2); |
|
| 1102 | + $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 1103 | + $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 1104 | + $h7 = $h7->addInt64($carry6); |
|
| 1105 | + $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 1106 | + |
|
| 1107 | + $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 1108 | + $h4 = $h4->addInt64($carry3); |
|
| 1109 | + $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 1110 | + $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 1111 | + $h8 = $h8->addInt64($carry7); |
|
| 1112 | + $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 1113 | + |
|
| 1114 | + $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 1115 | + $h5 = $h5->addInt64($carry4); |
|
| 1116 | + $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 1117 | + $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 1118 | + $h9 = $h9->addInt64($carry8); |
|
| 1119 | + $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 1120 | + |
|
| 1121 | + $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 1122 | + $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 1123 | + $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 1124 | + |
|
| 1125 | + $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 1126 | + $h1 = $h1->addInt64($carry0); |
|
| 1127 | + $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 1128 | + |
|
| 1129 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1130 | + array( |
|
| 1131 | + $h0->toInt32(), |
|
| 1132 | + $h1->toInt32(), |
|
| 1133 | + $h2->toInt32(), |
|
| 1134 | + $h3->toInt32(), |
|
| 1135 | + $h4->toInt32(), |
|
| 1136 | + $h5->toInt32(), |
|
| 1137 | + $h6->toInt32(), |
|
| 1138 | + $h7->toInt32(), |
|
| 1139 | + $h8->toInt32(), |
|
| 1140 | + $h9->toInt32() |
|
| 1141 | + ) |
|
| 1142 | + ); |
|
| 1143 | 1143 | /* |
| 1144 | 1144 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1145 | 1145 | array($h0, $h1, $h2, $h3, $h4, $h5, $h6, $h7, $h8, $h9) |
| 1146 | 1146 | ); |
| 1147 | 1147 | */ |
| 1148 | - } |
|
| 1149 | - |
|
| 1150 | - /** |
|
| 1151 | - * @internal You should not use this directly from another application |
|
| 1152 | - * |
|
| 1153 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $Z |
|
| 1154 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 1155 | - */ |
|
| 1156 | - public static function fe_invert(ParagonIE_Sodium_Core32_Curve25519_Fe $Z) |
|
| 1157 | - { |
|
| 1158 | - $z = clone $Z; |
|
| 1159 | - $t0 = self::fe_sq($z); |
|
| 1160 | - $t1 = self::fe_sq($t0); |
|
| 1161 | - $t1 = self::fe_sq($t1); |
|
| 1162 | - $t1 = self::fe_mul($z, $t1); |
|
| 1163 | - $t0 = self::fe_mul($t0, $t1); |
|
| 1164 | - $t2 = self::fe_sq($t0); |
|
| 1165 | - $t1 = self::fe_mul($t1, $t2); |
|
| 1166 | - $t2 = self::fe_sq($t1); |
|
| 1167 | - for ($i = 1; $i < 5; ++$i) { |
|
| 1168 | - $t2 = self::fe_sq($t2); |
|
| 1169 | - } |
|
| 1170 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1171 | - $t2 = self::fe_sq($t1); |
|
| 1172 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1173 | - $t2 = self::fe_sq($t2); |
|
| 1174 | - } |
|
| 1175 | - $t2 = self::fe_mul($t2, $t1); |
|
| 1176 | - $t3 = self::fe_sq($t2); |
|
| 1177 | - for ($i = 1; $i < 20; ++$i) { |
|
| 1178 | - $t3 = self::fe_sq($t3); |
|
| 1179 | - } |
|
| 1180 | - $t2 = self::fe_mul($t3, $t2); |
|
| 1181 | - $t2 = self::fe_sq($t2); |
|
| 1182 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1183 | - $t2 = self::fe_sq($t2); |
|
| 1184 | - } |
|
| 1185 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1186 | - $t2 = self::fe_sq($t1); |
|
| 1187 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1188 | - $t2 = self::fe_sq($t2); |
|
| 1189 | - } |
|
| 1190 | - $t2 = self::fe_mul($t2, $t1); |
|
| 1191 | - $t3 = self::fe_sq($t2); |
|
| 1192 | - for ($i = 1; $i < 100; ++$i) { |
|
| 1193 | - $t3 = self::fe_sq($t3); |
|
| 1194 | - } |
|
| 1195 | - $t2 = self::fe_mul($t3, $t2); |
|
| 1196 | - $t2 = self::fe_sq($t2); |
|
| 1197 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1198 | - $t2 = self::fe_sq($t2); |
|
| 1199 | - } |
|
| 1200 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1201 | - $t1 = self::fe_sq($t1); |
|
| 1202 | - for ($i = 1; $i < 5; ++$i) { |
|
| 1203 | - $t1 = self::fe_sq($t1); |
|
| 1204 | - } |
|
| 1205 | - return self::fe_mul($t1, $t0); |
|
| 1206 | - } |
|
| 1207 | - |
|
| 1208 | - /** |
|
| 1209 | - * @internal You should not use this directly from another application |
|
| 1210 | - * |
|
| 1211 | - * @ref https://github.com/jedisct1/libsodium/blob/68564326e1e9dc57ef03746f85734232d20ca6fb/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1054-L1106 |
|
| 1212 | - * |
|
| 1213 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $z |
|
| 1214 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 1215 | - */ |
|
| 1216 | - public static function fe_pow22523(ParagonIE_Sodium_Core32_Curve25519_Fe $z) |
|
| 1217 | - { |
|
| 1218 | - # fe_sq(t0, z); |
|
| 1219 | - # fe_sq(t1, t0); |
|
| 1220 | - # fe_sq(t1, t1); |
|
| 1221 | - # fe_mul(t1, z, t1); |
|
| 1222 | - # fe_mul(t0, t0, t1); |
|
| 1223 | - # fe_sq(t0, t0); |
|
| 1224 | - # fe_mul(t0, t1, t0); |
|
| 1225 | - # fe_sq(t1, t0); |
|
| 1226 | - $t0 = self::fe_sq($z); |
|
| 1227 | - $t1 = self::fe_sq($t0); |
|
| 1228 | - $t1 = self::fe_sq($t1); |
|
| 1229 | - $t1 = self::fe_mul($z, $t1); |
|
| 1230 | - $t0 = self::fe_mul($t0, $t1); |
|
| 1231 | - $t0 = self::fe_sq($t0); |
|
| 1232 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1233 | - $t1 = self::fe_sq($t0); |
|
| 1234 | - |
|
| 1235 | - # for (i = 1; i < 5; ++i) { |
|
| 1236 | - # fe_sq(t1, t1); |
|
| 1237 | - # } |
|
| 1238 | - for ($i = 1; $i < 5; ++$i) { |
|
| 1239 | - $t1 = self::fe_sq($t1); |
|
| 1240 | - } |
|
| 1241 | - |
|
| 1242 | - # fe_mul(t0, t1, t0); |
|
| 1243 | - # fe_sq(t1, t0); |
|
| 1244 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1245 | - $t1 = self::fe_sq($t0); |
|
| 1246 | - |
|
| 1247 | - # for (i = 1; i < 10; ++i) { |
|
| 1248 | - # fe_sq(t1, t1); |
|
| 1249 | - # } |
|
| 1250 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1251 | - $t1 = self::fe_sq($t1); |
|
| 1252 | - } |
|
| 1253 | - |
|
| 1254 | - # fe_mul(t1, t1, t0); |
|
| 1255 | - # fe_sq(t2, t1); |
|
| 1256 | - $t1 = self::fe_mul($t1, $t0); |
|
| 1257 | - $t2 = self::fe_sq($t1); |
|
| 1258 | - |
|
| 1259 | - # for (i = 1; i < 20; ++i) { |
|
| 1260 | - # fe_sq(t2, t2); |
|
| 1261 | - # } |
|
| 1262 | - for ($i = 1; $i < 20; ++$i) { |
|
| 1263 | - $t2 = self::fe_sq($t2); |
|
| 1264 | - } |
|
| 1265 | - |
|
| 1266 | - # fe_mul(t1, t2, t1); |
|
| 1267 | - # fe_sq(t1, t1); |
|
| 1268 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1269 | - $t1 = self::fe_sq($t1); |
|
| 1270 | - |
|
| 1271 | - # for (i = 1; i < 10; ++i) { |
|
| 1272 | - # fe_sq(t1, t1); |
|
| 1273 | - # } |
|
| 1274 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1275 | - $t1 = self::fe_sq($t1); |
|
| 1276 | - } |
|
| 1277 | - |
|
| 1278 | - # fe_mul(t0, t1, t0); |
|
| 1279 | - # fe_sq(t1, t0); |
|
| 1280 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1281 | - $t1 = self::fe_sq($t0); |
|
| 1282 | - |
|
| 1283 | - # for (i = 1; i < 50; ++i) { |
|
| 1284 | - # fe_sq(t1, t1); |
|
| 1285 | - # } |
|
| 1286 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1287 | - $t1 = self::fe_sq($t1); |
|
| 1288 | - } |
|
| 1289 | - |
|
| 1290 | - # fe_mul(t1, t1, t0); |
|
| 1291 | - # fe_sq(t2, t1); |
|
| 1292 | - $t1 = self::fe_mul($t1, $t0); |
|
| 1293 | - $t2 = self::fe_sq($t1); |
|
| 1294 | - |
|
| 1295 | - # for (i = 1; i < 100; ++i) { |
|
| 1296 | - # fe_sq(t2, t2); |
|
| 1297 | - # } |
|
| 1298 | - for ($i = 1; $i < 100; ++$i) { |
|
| 1299 | - $t2 = self::fe_sq($t2); |
|
| 1300 | - } |
|
| 1301 | - |
|
| 1302 | - # fe_mul(t1, t2, t1); |
|
| 1303 | - # fe_sq(t1, t1); |
|
| 1304 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1305 | - $t1 = self::fe_sq($t1); |
|
| 1306 | - |
|
| 1307 | - # for (i = 1; i < 50; ++i) { |
|
| 1308 | - # fe_sq(t1, t1); |
|
| 1309 | - # } |
|
| 1310 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1311 | - $t1 = self::fe_sq($t1); |
|
| 1312 | - } |
|
| 1313 | - |
|
| 1314 | - # fe_mul(t0, t1, t0); |
|
| 1315 | - # fe_sq(t0, t0); |
|
| 1316 | - # fe_sq(t0, t0); |
|
| 1317 | - # fe_mul(out, t0, z); |
|
| 1318 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1319 | - $t0 = self::fe_sq($t0); |
|
| 1320 | - $t0 = self::fe_sq($t0); |
|
| 1321 | - return self::fe_mul($t0, $z); |
|
| 1322 | - } |
|
| 1323 | - |
|
| 1324 | - /** |
|
| 1325 | - * Subtract two field elements. |
|
| 1326 | - * |
|
| 1327 | - * h = f - g |
|
| 1328 | - * |
|
| 1329 | - * Preconditions: |
|
| 1330 | - * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1331 | - * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1332 | - * |
|
| 1333 | - * Postconditions: |
|
| 1334 | - * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. |
|
| 1335 | - * |
|
| 1336 | - * @internal You should not use this directly from another application |
|
| 1337 | - * |
|
| 1338 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 1339 | - * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 1340 | - * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 1341 | - */ |
|
| 1342 | - public static function fe_sub(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) |
|
| 1343 | - { |
|
| 1344 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1345 | - array( |
|
| 1346 | - $f[0]->subInt32($g[0]), |
|
| 1347 | - $f[1]->subInt32($g[1]), |
|
| 1348 | - $f[2]->subInt32($g[2]), |
|
| 1349 | - $f[3]->subInt32($g[3]), |
|
| 1350 | - $f[4]->subInt32($g[4]), |
|
| 1351 | - $f[5]->subInt32($g[5]), |
|
| 1352 | - $f[6]->subInt32($g[6]), |
|
| 1353 | - $f[7]->subInt32($g[7]), |
|
| 1354 | - $f[8]->subInt32($g[8]), |
|
| 1355 | - $f[9]->subInt32($g[9]) |
|
| 1356 | - ) |
|
| 1357 | - ); |
|
| 1358 | - } |
|
| 1359 | - |
|
| 1360 | - /** |
|
| 1361 | - * Add two group elements. |
|
| 1362 | - * |
|
| 1363 | - * r = p + q |
|
| 1364 | - * |
|
| 1365 | - * @internal You should not use this directly from another application |
|
| 1366 | - * |
|
| 1367 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1368 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1369 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1370 | - */ |
|
| 1371 | - public static function ge_add( |
|
| 1372 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1373 | - ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1374 | - ) { |
|
| 1375 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 1376 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1377 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1378 | - $r->Z = self::fe_mul($r->X, $q->YplusX); |
|
| 1379 | - $r->Y = self::fe_mul($r->Y, $q->YminusX); |
|
| 1380 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1381 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1382 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1383 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1384 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1385 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1386 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1387 | - return $r; |
|
| 1388 | - } |
|
| 1389 | - |
|
| 1390 | - /** |
|
| 1391 | - * @internal You should not use this directly from another application |
|
| 1392 | - * |
|
| 1393 | - * @ref https://github.com/jedisct1/libsodium/blob/157c4a80c13b117608aeae12178b2d38825f9f8f/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1185-L1215 |
|
| 1394 | - * @param string $a |
|
| 1395 | - * @return array<int, mixed> |
|
| 1396 | - */ |
|
| 1397 | - public static function slide($a) |
|
| 1398 | - { |
|
| 1399 | - if (self::strlen($a) < 256) { |
|
| 1400 | - if (self::strlen($a) < 16) { |
|
| 1401 | - $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
|
| 1402 | - } |
|
| 1403 | - } |
|
| 1404 | - $r = array(); |
|
| 1405 | - for ($i = 0; $i < 256; ++$i) { |
|
| 1406 | - $r[$i] = 1 & ( |
|
| 1407 | - self::chrToInt($a[$i >> 3]) |
|
| 1408 | - >> |
|
| 1409 | - ($i & 7) |
|
| 1410 | - ); |
|
| 1411 | - } |
|
| 1412 | - |
|
| 1413 | - for ($i = 0;$i < 256;++$i) { |
|
| 1414 | - if ($r[$i]) { |
|
| 1415 | - for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { |
|
| 1416 | - if ($r[$i + $b]) { |
|
| 1417 | - if ($r[$i] + ($r[$i + $b] << $b) <= 15) { |
|
| 1418 | - $r[$i] += $r[$i + $b] << $b; |
|
| 1419 | - $r[$i + $b] = 0; |
|
| 1420 | - } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { |
|
| 1421 | - $r[$i] -= $r[$i + $b] << $b; |
|
| 1422 | - for ($k = $i + $b; $k < 256; ++$k) { |
|
| 1423 | - if (!$r[$k]) { |
|
| 1424 | - $r[$k] = 1; |
|
| 1425 | - break; |
|
| 1426 | - } |
|
| 1427 | - $r[$k] = 0; |
|
| 1428 | - } |
|
| 1429 | - } else { |
|
| 1430 | - break; |
|
| 1431 | - } |
|
| 1432 | - } |
|
| 1433 | - } |
|
| 1434 | - } |
|
| 1435 | - } |
|
| 1436 | - return $r; |
|
| 1437 | - } |
|
| 1438 | - |
|
| 1439 | - /** |
|
| 1440 | - * @internal You should not use this directly from another application |
|
| 1441 | - * |
|
| 1442 | - * @param string $s |
|
| 1443 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 1444 | - */ |
|
| 1445 | - public static function ge_frombytes_negate_vartime($s) |
|
| 1446 | - { |
|
| 1447 | - static $d = null; |
|
| 1448 | - if (!$d) { |
|
| 1449 | - $d = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1450 | - array( |
|
| 1451 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[0]), |
|
| 1452 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[1]), |
|
| 1453 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[2]), |
|
| 1454 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[3]), |
|
| 1455 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[4]), |
|
| 1456 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[5]), |
|
| 1457 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[6]), |
|
| 1458 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[7]), |
|
| 1459 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[8]), |
|
| 1460 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[9]) |
|
| 1461 | - ) |
|
| 1462 | - ); |
|
| 1463 | - } |
|
| 1464 | - |
|
| 1465 | - # fe_frombytes(h->Y,s); |
|
| 1466 | - # fe_1(h->Z); |
|
| 1467 | - $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( |
|
| 1468 | - self::fe_0(), |
|
| 1469 | - self::fe_frombytes($s), |
|
| 1470 | - self::fe_1() |
|
| 1471 | - ); |
|
| 1472 | - |
|
| 1473 | - # fe_sq(u,h->Y); |
|
| 1474 | - # fe_mul(v,u,d); |
|
| 1475 | - # fe_sub(u,u,h->Z); /* u = y^2-1 */ |
|
| 1476 | - # fe_add(v,v,h->Z); /* v = dy^2+1 */ |
|
| 1477 | - $u = self::fe_sq($h->Y); |
|
| 1478 | - $v = self::fe_mul($u, $d); |
|
| 1479 | - $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ |
|
| 1480 | - $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ |
|
| 1481 | - |
|
| 1482 | - # fe_sq(v3,v); |
|
| 1483 | - # fe_mul(v3,v3,v); /* v3 = v^3 */ |
|
| 1484 | - # fe_sq(h->X,v3); |
|
| 1485 | - # fe_mul(h->X,h->X,v); |
|
| 1486 | - # fe_mul(h->X,h->X,u); /* x = uv^7 */ |
|
| 1487 | - $v3 = self::fe_sq($v); |
|
| 1488 | - $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ |
|
| 1489 | - $h->X = self::fe_sq($v3); |
|
| 1490 | - $h->X = self::fe_mul($h->X, $v); |
|
| 1491 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ |
|
| 1492 | - |
|
| 1493 | - # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1494 | - # fe_mul(h->X,h->X,v3); |
|
| 1495 | - # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1496 | - $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1497 | - $h->X = self::fe_mul($h->X, $v3); |
|
| 1498 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1499 | - |
|
| 1500 | - # fe_sq(vxx,h->X); |
|
| 1501 | - # fe_mul(vxx,vxx,v); |
|
| 1502 | - # fe_sub(check,vxx,u); /* vx^2-u */ |
|
| 1503 | - $vxx = self::fe_sq($h->X); |
|
| 1504 | - $vxx = self::fe_mul($vxx, $v); |
|
| 1505 | - $check = self::fe_sub($vxx, $u); /* vx^2 - u */ |
|
| 1506 | - |
|
| 1507 | - # if (fe_isnonzero(check)) { |
|
| 1508 | - # fe_add(check,vxx,u); /* vx^2+u */ |
|
| 1509 | - # if (fe_isnonzero(check)) { |
|
| 1510 | - # return -1; |
|
| 1511 | - # } |
|
| 1512 | - # fe_mul(h->X,h->X,sqrtm1); |
|
| 1513 | - # } |
|
| 1514 | - if (self::fe_isnonzero($check)) { |
|
| 1515 | - $check = self::fe_add($vxx, $u); /* vx^2 + u */ |
|
| 1516 | - if (self::fe_isnonzero($check)) { |
|
| 1517 | - throw new RangeException('Internal check failed.'); |
|
| 1518 | - } |
|
| 1519 | - $h->X = self::fe_mul( |
|
| 1520 | - $h->X, |
|
| 1521 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(self::$sqrtm1) |
|
| 1522 | - ); |
|
| 1523 | - } |
|
| 1524 | - |
|
| 1525 | - # if (fe_isnegative(h->X) == (s[31] >> 7)) { |
|
| 1526 | - # fe_neg(h->X,h->X); |
|
| 1527 | - # } |
|
| 1528 | - $i = self::chrToInt($s[31]); |
|
| 1529 | - if (self::fe_isnegative($h->X) === ($i >> 7)) { |
|
| 1530 | - $h->X = self::fe_neg($h->X); |
|
| 1531 | - } |
|
| 1532 | - |
|
| 1533 | - # fe_mul(h->T,h->X,h->Y); |
|
| 1534 | - $h->T = self::fe_mul($h->X, $h->Y); |
|
| 1535 | - return $h; |
|
| 1536 | - } |
|
| 1537 | - |
|
| 1538 | - /** |
|
| 1539 | - * @internal You should not use this directly from another application |
|
| 1540 | - * |
|
| 1541 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R |
|
| 1542 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1543 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1544 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1545 | - */ |
|
| 1546 | - public static function ge_madd( |
|
| 1547 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R, |
|
| 1548 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1549 | - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1550 | - ) { |
|
| 1551 | - $r = clone $R; |
|
| 1552 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1553 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1554 | - $r->Z = self::fe_mul($r->X, $q->yplusx); |
|
| 1555 | - $r->Y = self::fe_mul($r->Y, $q->yminusx); |
|
| 1556 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1557 | - $t0 = self::fe_add(clone $p->Z, clone $p->Z); |
|
| 1558 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1559 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1560 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1561 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1562 | - |
|
| 1563 | - return $r; |
|
| 1564 | - } |
|
| 1565 | - |
|
| 1566 | - /** |
|
| 1567 | - * @internal You should not use this directly from another application |
|
| 1568 | - * |
|
| 1569 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R |
|
| 1570 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1571 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1572 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1573 | - */ |
|
| 1574 | - public static function ge_msub( |
|
| 1575 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R, |
|
| 1576 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1577 | - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1578 | - ) { |
|
| 1579 | - $r = clone $R; |
|
| 1580 | - |
|
| 1581 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1582 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1583 | - $r->Z = self::fe_mul($r->X, $q->yminusx); |
|
| 1584 | - $r->Y = self::fe_mul($r->Y, $q->yplusx); |
|
| 1585 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1586 | - $t0 = self::fe_add($p->Z, $p->Z); |
|
| 1587 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1588 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1589 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1590 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1591 | - |
|
| 1592 | - return $r; |
|
| 1593 | - } |
|
| 1594 | - |
|
| 1595 | - /** |
|
| 1596 | - * @internal You should not use this directly from another application |
|
| 1597 | - * |
|
| 1598 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
|
| 1599 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1600 | - */ |
|
| 1601 | - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1602 | - { |
|
| 1603 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P2(); |
|
| 1604 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1605 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1606 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1607 | - return $r; |
|
| 1608 | - } |
|
| 1609 | - |
|
| 1610 | - /** |
|
| 1611 | - * @internal You should not use this directly from another application |
|
| 1612 | - * |
|
| 1613 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
|
| 1614 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 1615 | - */ |
|
| 1616 | - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1617 | - { |
|
| 1618 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3(); |
|
| 1619 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1620 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1621 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1622 | - $r->T = self::fe_mul($p->X, $p->Y); |
|
| 1623 | - return $r; |
|
| 1624 | - } |
|
| 1625 | - |
|
| 1626 | - /** |
|
| 1627 | - * @internal You should not use this directly from another application |
|
| 1628 | - * |
|
| 1629 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1630 | - */ |
|
| 1631 | - public static function ge_p2_0() |
|
| 1632 | - { |
|
| 1633 | - return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
|
| 1634 | - self::fe_0(), |
|
| 1635 | - self::fe_1(), |
|
| 1636 | - self::fe_1() |
|
| 1637 | - ); |
|
| 1638 | - } |
|
| 1639 | - |
|
| 1640 | - /** |
|
| 1641 | - * @internal You should not use this directly from another application |
|
| 1642 | - * |
|
| 1643 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p |
|
| 1644 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1645 | - */ |
|
| 1646 | - public static function ge_p2_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p) |
|
| 1647 | - { |
|
| 1648 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 1649 | - |
|
| 1650 | - $r->X = self::fe_sq($p->X); |
|
| 1651 | - $r->Z = self::fe_sq($p->Y); |
|
| 1652 | - $r->T = self::fe_sq2($p->Z); |
|
| 1653 | - $r->Y = self::fe_add($p->X, $p->Y); |
|
| 1654 | - $t0 = self::fe_sq($r->Y); |
|
| 1655 | - $r->Y = self::fe_add($r->Z, $r->X); |
|
| 1656 | - $r->Z = self::fe_sub($r->Z, $r->X); |
|
| 1657 | - $r->X = self::fe_sub($t0, $r->Y); |
|
| 1658 | - $r->T = self::fe_sub($r->T, $r->Z); |
|
| 1659 | - |
|
| 1660 | - return $r; |
|
| 1661 | - } |
|
| 1662 | - |
|
| 1663 | - /** |
|
| 1664 | - * @internal You should not use this directly from another application |
|
| 1665 | - * |
|
| 1666 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 1667 | - */ |
|
| 1668 | - public static function ge_p3_0() |
|
| 1669 | - { |
|
| 1670 | - return new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( |
|
| 1671 | - self::fe_0(), |
|
| 1672 | - self::fe_1(), |
|
| 1673 | - self::fe_1(), |
|
| 1674 | - self::fe_0() |
|
| 1675 | - ); |
|
| 1676 | - } |
|
| 1677 | - |
|
| 1678 | - /** |
|
| 1679 | - * @internal You should not use this directly from another application |
|
| 1680 | - * |
|
| 1681 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1682 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
|
| 1683 | - */ |
|
| 1684 | - public static function ge_p3_to_cached(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1685 | - { |
|
| 1686 | - static $d2 = null; |
|
| 1687 | - if ($d2 === null) { |
|
| 1688 | - $d2 = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1689 | - array( |
|
| 1690 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[0]), |
|
| 1691 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[1]), |
|
| 1692 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[2]), |
|
| 1693 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[3]), |
|
| 1694 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[4]), |
|
| 1695 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[5]), |
|
| 1696 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[6]), |
|
| 1697 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[7]), |
|
| 1698 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[8]), |
|
| 1699 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[9]) |
|
| 1700 | - ) |
|
| 1701 | - ); |
|
| 1702 | - } |
|
| 1703 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached(); |
|
| 1704 | - $r->YplusX = self::fe_add($p->Y, $p->X); |
|
| 1705 | - $r->YminusX = self::fe_sub($p->Y, $p->X); |
|
| 1706 | - $r->Z = self::fe_copy($p->Z); |
|
| 1707 | - $r->T2d = self::fe_mul($p->T, $d2); |
|
| 1708 | - return $r; |
|
| 1709 | - } |
|
| 1710 | - |
|
| 1711 | - /** |
|
| 1712 | - * @internal You should not use this directly from another application |
|
| 1713 | - * |
|
| 1714 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1715 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1716 | - */ |
|
| 1717 | - public static function ge_p3_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1718 | - { |
|
| 1719 | - return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
|
| 1720 | - $p->X, |
|
| 1721 | - $p->Y, |
|
| 1722 | - $p->Z |
|
| 1723 | - ); |
|
| 1724 | - } |
|
| 1725 | - |
|
| 1726 | - /** |
|
| 1727 | - * @internal You should not use this directly from another application |
|
| 1728 | - * |
|
| 1729 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h |
|
| 1730 | - * @return string |
|
| 1731 | - */ |
|
| 1732 | - public static function ge_p3_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h) |
|
| 1733 | - { |
|
| 1734 | - $recip = self::fe_invert($h->Z); |
|
| 1735 | - $x = self::fe_mul($h->X, $recip); |
|
| 1736 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1737 | - $s = self::fe_tobytes($y); |
|
| 1738 | - $s[31] = self::intToChr( |
|
| 1739 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1740 | - ); |
|
| 1741 | - return $s; |
|
| 1742 | - } |
|
| 1743 | - |
|
| 1744 | - /** |
|
| 1745 | - * @internal You should not use this directly from another application |
|
| 1746 | - * |
|
| 1747 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1748 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1749 | - */ |
|
| 1750 | - public static function ge_p3_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1751 | - { |
|
| 1752 | - $q = self::ge_p3_to_p2($p); |
|
| 1753 | - return self::ge_p2_dbl($q); |
|
| 1754 | - } |
|
| 1755 | - |
|
| 1756 | - /** |
|
| 1757 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 1758 | - */ |
|
| 1759 | - public static function ge_precomp_0() |
|
| 1760 | - { |
|
| 1761 | - return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1762 | - self::fe_1(), |
|
| 1763 | - self::fe_1(), |
|
| 1764 | - self::fe_0() |
|
| 1765 | - ); |
|
| 1766 | - } |
|
| 1767 | - |
|
| 1768 | - /** |
|
| 1769 | - * @internal You should not use this directly from another application |
|
| 1770 | - * |
|
| 1771 | - * @param int $b |
|
| 1772 | - * @param int $c |
|
| 1773 | - * @return int |
|
| 1774 | - */ |
|
| 1775 | - public static function equal($b, $c) |
|
| 1776 | - { |
|
| 1777 | - return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
|
| 1778 | - } |
|
| 1779 | - |
|
| 1780 | - /** |
|
| 1781 | - * @internal You should not use this directly from another application |
|
| 1782 | - * |
|
| 1783 | - * @param int $char |
|
| 1784 | - * @return int (1 = yes, 0 = no) |
|
| 1785 | - */ |
|
| 1786 | - public static function negative($char) |
|
| 1787 | - { |
|
| 1788 | - if (is_int($char)) { |
|
| 1789 | - return $char < 0 ? 1 : 0; |
|
| 1790 | - } |
|
| 1791 | - $x = self::chrToInt(self::substr($char, 0, 1)); |
|
| 1792 | - if (PHP_INT_SIZE === 8) { |
|
| 1793 | - return $x >> 63; |
|
| 1794 | - } |
|
| 1795 | - return $x >> 31; |
|
| 1796 | - } |
|
| 1797 | - |
|
| 1798 | - /** |
|
| 1799 | - * Conditional move |
|
| 1800 | - * |
|
| 1801 | - * @internal You should not use this directly from another application |
|
| 1802 | - * |
|
| 1803 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $t |
|
| 1804 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u |
|
| 1805 | - * @param int $b |
|
| 1806 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 1807 | - */ |
|
| 1808 | - public static function cmov( |
|
| 1809 | - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $t, |
|
| 1810 | - ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u, |
|
| 1811 | - $b |
|
| 1812 | - ) { |
|
| 1813 | - if (!is_int($b)) { |
|
| 1814 | - throw new InvalidArgumentException('Expected an integer.'); |
|
| 1815 | - } |
|
| 1816 | - return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1817 | - self::fe_cmov($t->yplusx, $u->yplusx, $b), |
|
| 1818 | - self::fe_cmov($t->yminusx, $u->yminusx, $b), |
|
| 1819 | - self::fe_cmov($t->xy2d, $u->xy2d, $b) |
|
| 1820 | - ); |
|
| 1821 | - } |
|
| 1822 | - |
|
| 1823 | - /** |
|
| 1824 | - * @internal You should not use this directly from another application |
|
| 1825 | - * |
|
| 1826 | - * @param int $pos |
|
| 1827 | - * @param int $b |
|
| 1828 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 1829 | - */ |
|
| 1830 | - public static function ge_select($pos = 0, $b = 0) |
|
| 1831 | - { |
|
| 1832 | - static $base = null; |
|
| 1833 | - if ($base === null) { |
|
| 1834 | - $base = array(); |
|
| 1835 | - foreach (self::$base as $i => $bas) { |
|
| 1836 | - for ($j = 0; $j < 8; ++$j) { |
|
| 1837 | - $base[$i][$j] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1838 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1839 | - array( |
|
| 1840 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][0]), |
|
| 1841 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][1]), |
|
| 1842 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][2]), |
|
| 1843 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][3]), |
|
| 1844 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][4]), |
|
| 1845 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][5]), |
|
| 1846 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][6]), |
|
| 1847 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][7]), |
|
| 1848 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][8]), |
|
| 1849 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][9]) |
|
| 1850 | - ) |
|
| 1851 | - ), |
|
| 1852 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1853 | - array( |
|
| 1854 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][0]), |
|
| 1855 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][1]), |
|
| 1856 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][2]), |
|
| 1857 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][3]), |
|
| 1858 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][4]), |
|
| 1859 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][5]), |
|
| 1860 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][6]), |
|
| 1861 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][7]), |
|
| 1862 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][8]), |
|
| 1863 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][9]) |
|
| 1864 | - ) |
|
| 1865 | - ), |
|
| 1866 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1867 | - array( |
|
| 1868 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][0]), |
|
| 1869 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][1]), |
|
| 1870 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][2]), |
|
| 1871 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][3]), |
|
| 1872 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][4]), |
|
| 1873 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][5]), |
|
| 1874 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][6]), |
|
| 1875 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][7]), |
|
| 1876 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][8]), |
|
| 1877 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][9]) |
|
| 1878 | - ) |
|
| 1879 | - ) |
|
| 1880 | - ); |
|
| 1881 | - } |
|
| 1882 | - } |
|
| 1883 | - } |
|
| 1884 | - if (!is_int($pos)) { |
|
| 1885 | - throw new InvalidArgumentException('Position must be an integer'); |
|
| 1886 | - } |
|
| 1887 | - if ($pos < 0 || $pos > 31) { |
|
| 1888 | - throw new RangeException('Position is out of range [0, 31]'); |
|
| 1889 | - } |
|
| 1890 | - |
|
| 1891 | - $bnegative = self::negative($b); |
|
| 1892 | - $babs = $b - (((-$bnegative) & $b) << 1); |
|
| 1893 | - |
|
| 1894 | - $t = self::ge_precomp_0(); |
|
| 1895 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1896 | - $t = self::cmov( |
|
| 1897 | - $t, |
|
| 1898 | - $base[$pos][$i], |
|
| 1899 | - self::equal($babs, $i + 1) |
|
| 1900 | - ); |
|
| 1901 | - } |
|
| 1902 | - $minusT = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1903 | - self::fe_copy($t->yminusx), |
|
| 1904 | - self::fe_copy($t->yplusx), |
|
| 1905 | - self::fe_neg($t->xy2d) |
|
| 1906 | - ); |
|
| 1907 | - return self::cmov($t, $minusT, -$bnegative); |
|
| 1908 | - } |
|
| 1909 | - |
|
| 1910 | - /** |
|
| 1911 | - * Subtract two group elements. |
|
| 1912 | - * |
|
| 1913 | - * r = p - q |
|
| 1914 | - * |
|
| 1915 | - * @internal You should not use this directly from another application |
|
| 1916 | - * |
|
| 1917 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1918 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1919 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1920 | - */ |
|
| 1921 | - public static function ge_sub( |
|
| 1922 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1923 | - ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1924 | - ) { |
|
| 1925 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 1926 | - |
|
| 1927 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1928 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1929 | - $r->Z = self::fe_mul($r->X, $q->YminusX); |
|
| 1930 | - $r->Y = self::fe_mul($r->Y, $q->YplusX); |
|
| 1931 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1932 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1933 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1934 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1935 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1936 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1937 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1938 | - |
|
| 1939 | - return $r; |
|
| 1940 | - } |
|
| 1941 | - |
|
| 1942 | - /** |
|
| 1943 | - * Convert a group element to a byte string. |
|
| 1944 | - * |
|
| 1945 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h |
|
| 1946 | - * @return string |
|
| 1947 | - */ |
|
| 1948 | - public static function ge_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h) |
|
| 1949 | - { |
|
| 1950 | - $recip = self::fe_invert($h->Z); |
|
| 1951 | - $x = self::fe_mul($h->X, $recip); |
|
| 1952 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1953 | - $s = self::fe_tobytes($y); |
|
| 1954 | - $s[31] = self::intToChr( |
|
| 1955 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1956 | - ); |
|
| 1957 | - return $s; |
|
| 1958 | - } |
|
| 1959 | - |
|
| 1960 | - /** |
|
| 1961 | - * @internal You should not use this directly from another application |
|
| 1962 | - * |
|
| 1963 | - * @param string $a |
|
| 1964 | - * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A |
|
| 1965 | - * @param string $b |
|
| 1966 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1967 | - */ |
|
| 1968 | - public static function ge_double_scalarmult_vartime( |
|
| 1969 | - $a, |
|
| 1970 | - ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A, |
|
| 1971 | - $b |
|
| 1972 | - ) { |
|
| 1973 | - /** |
|
| 1974 | - * @var ParagonIE_Sodium_Core32_Curve25519_Ge_Cached[] |
|
| 1975 | - */ |
|
| 1976 | - $Ai = array(); |
|
| 1977 | - |
|
| 1978 | - /** |
|
| 1979 | - * @var ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp[] |
|
| 1980 | - */ |
|
| 1981 | - static $Bi = array(); |
|
| 1982 | - if (!$Bi) { |
|
| 1983 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1984 | - |
|
| 1985 | - $Bi[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1986 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1987 | - array( |
|
| 1988 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][0]), |
|
| 1989 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][1]), |
|
| 1990 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][2]), |
|
| 1991 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][3]), |
|
| 1992 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][4]), |
|
| 1993 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][5]), |
|
| 1994 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][6]), |
|
| 1995 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][7]), |
|
| 1996 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][8]), |
|
| 1997 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][9]) |
|
| 1998 | - ) |
|
| 1999 | - ), |
|
| 2000 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 2001 | - array( |
|
| 2002 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][0]), |
|
| 2003 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][1]), |
|
| 2004 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][2]), |
|
| 2005 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][3]), |
|
| 2006 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][4]), |
|
| 2007 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][5]), |
|
| 2008 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][6]), |
|
| 2009 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][7]), |
|
| 2010 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][8]), |
|
| 2011 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][9]) |
|
| 2012 | - ) |
|
| 2013 | - ), |
|
| 2014 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 2015 | - array( |
|
| 2016 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][0]), |
|
| 2017 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][1]), |
|
| 2018 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][2]), |
|
| 2019 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][3]), |
|
| 2020 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][4]), |
|
| 2021 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][5]), |
|
| 2022 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][6]), |
|
| 2023 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][7]), |
|
| 2024 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][8]), |
|
| 2025 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][9]) |
|
| 2026 | - ) |
|
| 2027 | - ) |
|
| 2028 | - ); |
|
| 2029 | - } |
|
| 2030 | - } |
|
| 2031 | - for ($i = 0; $i < 8; ++$i) { |
|
| 2032 | - $Ai[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached( |
|
| 2033 | - self::fe_0(), |
|
| 2034 | - self::fe_0(), |
|
| 2035 | - self::fe_0(), |
|
| 2036 | - self::fe_0() |
|
| 2037 | - ); |
|
| 2038 | - } |
|
| 2039 | - |
|
| 2040 | - # slide(aslide,a); |
|
| 2041 | - # slide(bslide,b); |
|
| 2042 | - $aslide = self::slide($a); |
|
| 2043 | - $bslide = self::slide($b); |
|
| 2044 | - |
|
| 2045 | - # ge_p3_to_cached(&Ai[0],A); |
|
| 2046 | - # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); |
|
| 2047 | - $Ai[0] = self::ge_p3_to_cached($A); |
|
| 2048 | - $t = self::ge_p3_dbl($A); |
|
| 2049 | - $A2 = self::ge_p1p1_to_p3($t); |
|
| 2050 | - |
|
| 2051 | - # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); |
|
| 2052 | - # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); |
|
| 2053 | - # ge_add(&t,&A2,&Ai[2]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[3],&u); |
|
| 2054 | - # ge_add(&t,&A2,&Ai[3]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[4],&u); |
|
| 2055 | - # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); |
|
| 2056 | - # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); |
|
| 2057 | - # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); |
|
| 2058 | - for ($i = 0; $i < 7; ++$i) { |
|
| 2059 | - $t = self::ge_add($A2, $Ai[$i]); |
|
| 2060 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2061 | - $Ai[$i + 1] = self::ge_p3_to_cached($u); |
|
| 2062 | - } |
|
| 2063 | - |
|
| 2064 | - # ge_p2_0(r); |
|
| 2065 | - $r = self::ge_p2_0(); |
|
| 2066 | - |
|
| 2067 | - # for (i = 255;i >= 0;--i) { |
|
| 2068 | - # if (aslide[i] || bslide[i]) break; |
|
| 2069 | - # } |
|
| 2070 | - $i = 255; |
|
| 2071 | - for (; $i >= 0; --$i) { |
|
| 2072 | - if ($aslide[$i] || $bslide[$i]) { |
|
| 2073 | - break; |
|
| 2074 | - } |
|
| 2075 | - } |
|
| 2076 | - |
|
| 2077 | - # for (;i >= 0;--i) { |
|
| 2078 | - for (; $i >= 0; --$i) { |
|
| 2079 | - # ge_p2_dbl(&t,r); |
|
| 2080 | - $t = self::ge_p2_dbl($r); |
|
| 2081 | - |
|
| 2082 | - # if (aslide[i] > 0) { |
|
| 2083 | - if ($aslide[$i] > 0) { |
|
| 2084 | - # ge_p1p1_to_p3(&u,&t); |
|
| 2085 | - # ge_add(&t,&u,&Ai[aslide[i]/2]); |
|
| 2086 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2087 | - $t = self::ge_add( |
|
| 2088 | - $u, |
|
| 2089 | - $Ai[(int) floor($aslide[$i] / 2)] |
|
| 2090 | - ); |
|
| 2091 | - # } else if (aslide[i] < 0) { |
|
| 2092 | - } elseif ($aslide[$i] < 0) { |
|
| 2093 | - # ge_p1p1_to_p3(&u,&t); |
|
| 2094 | - # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); |
|
| 2095 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2096 | - $t = self::ge_sub( |
|
| 2097 | - $u, |
|
| 2098 | - $Ai[(int) floor(-$aslide[$i] / 2)] |
|
| 2099 | - ); |
|
| 2100 | - } |
|
| 2101 | - |
|
| 2102 | - # if (bslide[i] > 0) { |
|
| 2103 | - if ($bslide[$i] > 0) { |
|
| 2104 | - # ge_p1p1_to_p3(&u,&t); |
|
| 2105 | - # ge_madd(&t,&u,&Bi[bslide[i]/2]); |
|
| 2106 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2107 | - $t = self::ge_madd( |
|
| 2108 | - $t, |
|
| 2109 | - $u, |
|
| 2110 | - $Bi[(int) floor($bslide[$i] / 2)] |
|
| 2111 | - ); |
|
| 2112 | - # } else if (bslide[i] < 0) { |
|
| 2113 | - } elseif ($bslide[$i] < 0) { |
|
| 2114 | - # ge_p1p1_to_p3(&u,&t); |
|
| 2115 | - # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); |
|
| 2116 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2117 | - $t = self::ge_msub( |
|
| 2118 | - $t, |
|
| 2119 | - $u, |
|
| 2120 | - $Bi[(int) floor(-$bslide[$i] / 2)] |
|
| 2121 | - ); |
|
| 2122 | - } |
|
| 2123 | - # ge_p1p1_to_p2(r,&t); |
|
| 2124 | - $r = self::ge_p1p1_to_p2($t); |
|
| 2125 | - } |
|
| 2126 | - return $r; |
|
| 2127 | - } |
|
| 2128 | - |
|
| 2129 | - /** |
|
| 2130 | - * @internal You should not use this directly from another application |
|
| 2131 | - * |
|
| 2132 | - * @param string $a |
|
| 2133 | - * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 2134 | - */ |
|
| 2135 | - public static function ge_scalarmult_base($a) |
|
| 2136 | - { |
|
| 2137 | - $e = array(); |
|
| 2138 | - $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 2139 | - |
|
| 2140 | - for ($i = 0; $i < 32; ++$i) { |
|
| 2141 | - $e[$i << 1] = self::chrToInt($a[$i]) & 15; |
|
| 2142 | - $e[($i << 1) + 1] = (self::chrToInt($a[$i]) >> 4) & 15; |
|
| 2143 | - } |
|
| 2144 | - |
|
| 2145 | - $carry = 0; |
|
| 2146 | - for ($i = 0; $i < 63; ++$i) { |
|
| 2147 | - $e[$i] += $carry; |
|
| 2148 | - $carry = $e[$i] + 8; |
|
| 2149 | - $carry >>= 4; |
|
| 2150 | - $e[$i] -= $carry << 4; |
|
| 2151 | - } |
|
| 2152 | - $e[63] += $carry; |
|
| 2153 | - |
|
| 2154 | - $h = self::ge_p3_0(); |
|
| 2155 | - |
|
| 2156 | - for ($i = 1; $i < 64; $i += 2) { |
|
| 2157 | - $t = self::ge_select((int) floor($i / 2), $e[$i]); |
|
| 2158 | - $r = self::ge_madd($r, $h, $t); |
|
| 2159 | - $h = self::ge_p1p1_to_p3($r); |
|
| 2160 | - } |
|
| 2161 | - |
|
| 2162 | - $r = self::ge_p3_dbl($h); |
|
| 2163 | - |
|
| 2164 | - $s = self::ge_p1p1_to_p2($r); |
|
| 2165 | - $r = self::ge_p2_dbl($s); |
|
| 2166 | - $s = self::ge_p1p1_to_p2($r); |
|
| 2167 | - $r = self::ge_p2_dbl($s); |
|
| 2168 | - $s = self::ge_p1p1_to_p2($r); |
|
| 2169 | - $r = self::ge_p2_dbl($s); |
|
| 2170 | - |
|
| 2171 | - $h = self::ge_p1p1_to_p3($r); |
|
| 2172 | - |
|
| 2173 | - for ($i = 0; $i < 64; $i += 2) { |
|
| 2174 | - $t = self::ge_select($i >> 1, $e[$i]); |
|
| 2175 | - $r = self::ge_madd($r, $h, $t); |
|
| 2176 | - $h = self::ge_p1p1_to_p3($r); |
|
| 2177 | - } |
|
| 2178 | - return $h; |
|
| 2179 | - } |
|
| 2180 | - |
|
| 2181 | - /** |
|
| 2182 | - * Calculates (ab + c) mod l |
|
| 2183 | - * where l = 2^252 + 27742317777372353535851937790883648493 |
|
| 2184 | - * |
|
| 2185 | - * @internal You should not use this directly from another application |
|
| 2186 | - * |
|
| 2187 | - * @param string $a |
|
| 2188 | - * @param string $b |
|
| 2189 | - * @param string $c |
|
| 2190 | - * @return string |
|
| 2191 | - */ |
|
| 2192 | - public static function sc_muladd($a, $b, $c) |
|
| 2193 | - { |
|
| 2194 | - $a0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 0, 3)))->toInt64(); |
|
| 2195 | - $a1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5))->toInt64(); |
|
| 2196 | - $a2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2))->toInt64(); |
|
| 2197 | - $a3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7))->toInt64(); |
|
| 2198 | - $a4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4))->toInt64(); |
|
| 2199 | - $a5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1))->toInt64(); |
|
| 2200 | - $a6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6))->toInt64(); |
|
| 2201 | - $a7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3))->toInt64(); |
|
| 2202 | - $a8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 21, 3)))->toInt64(); |
|
| 2203 | - $a9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5))->toInt64(); |
|
| 2204 | - $a10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2))->toInt64(); |
|
| 2205 | - $a11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($a, 28, 4)) >> 7))->toInt64(); |
|
| 2206 | - $b0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($b, 0, 3)))->toInt64(); |
|
| 2207 | - $b1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5))->toInt64(); |
|
| 2208 | - $b2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2))->toInt64(); |
|
| 2209 | - $b3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7))->toInt64(); |
|
| 2210 | - $b4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4))->toInt64(); |
|
| 2211 | - $b5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1))->toInt64(); |
|
| 2212 | - $b6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6))->toInt64(); |
|
| 2213 | - $b7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3))->toInt64(); |
|
| 2214 | - $b8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($b, 21, 3)))->toInt64(); |
|
| 2215 | - $b9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5))->toInt64(); |
|
| 2216 | - $b10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2))->toInt64(); |
|
| 2217 | - $b11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($b, 28, 4)) >> 7))->toInt64(); |
|
| 2218 | - $c0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($c, 0, 3)))->toInt64(); |
|
| 2219 | - $c1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5))->toInt64(); |
|
| 2220 | - $c2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2))->toInt64(); |
|
| 2221 | - $c3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7))->toInt64(); |
|
| 2222 | - $c4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4))->toInt64(); |
|
| 2223 | - $c5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1))->toInt64(); |
|
| 2224 | - $c6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6))->toInt64(); |
|
| 2225 | - $c7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3))->toInt64(); |
|
| 2226 | - $c8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($c, 21, 3)))->toInt64(); |
|
| 2227 | - $c9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5))->toInt64(); |
|
| 2228 | - $c10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2))->toInt64(); |
|
| 2229 | - $c11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($c, 28, 4)) >> 7))->toInt64(); |
|
| 2230 | - |
|
| 2231 | - /* Can't really avoid the pyramid here: */ |
|
| 2232 | - /** |
|
| 2233 | - * @var ParagonIE_Sodium_Core32_Int64 $s0 |
|
| 2234 | - * @var ParagonIE_Sodium_Core32_Int64 $s1 |
|
| 2235 | - * @var ParagonIE_Sodium_Core32_Int64 $s2 |
|
| 2236 | - * @var ParagonIE_Sodium_Core32_Int64 $s3 |
|
| 2237 | - * @var ParagonIE_Sodium_Core32_Int64 $s4 |
|
| 2238 | - * @var ParagonIE_Sodium_Core32_Int64 $s5 |
|
| 2239 | - * @var ParagonIE_Sodium_Core32_Int64 $s6 |
|
| 2240 | - * @var ParagonIE_Sodium_Core32_Int64 $s7 |
|
| 2241 | - * @var ParagonIE_Sodium_Core32_Int64 $s8 |
|
| 2242 | - * @var ParagonIE_Sodium_Core32_Int64 $s9 |
|
| 2243 | - * @var ParagonIE_Sodium_Core32_Int64 $s10 |
|
| 2244 | - * @var ParagonIE_Sodium_Core32_Int64 $s11 |
|
| 2245 | - * @var ParagonIE_Sodium_Core32_Int64 $s12 |
|
| 2246 | - * @var ParagonIE_Sodium_Core32_Int64 $s13 |
|
| 2247 | - * @var ParagonIE_Sodium_Core32_Int64 $s14 |
|
| 2248 | - * @var ParagonIE_Sodium_Core32_Int64 $s15 |
|
| 2249 | - * @var ParagonIE_Sodium_Core32_Int64 $s16 |
|
| 2250 | - * @var ParagonIE_Sodium_Core32_Int64 $s17 |
|
| 2251 | - * @var ParagonIE_Sodium_Core32_Int64 $s18 |
|
| 2252 | - * @var ParagonIE_Sodium_Core32_Int64 $s19 |
|
| 2253 | - * @var ParagonIE_Sodium_Core32_Int64 $s20 |
|
| 2254 | - * @var ParagonIE_Sodium_Core32_Int64 $s21 |
|
| 2255 | - * @var ParagonIE_Sodium_Core32_Int64 $s22 |
|
| 2256 | - * @var ParagonIE_Sodium_Core32_Int64 $s23 |
|
| 2257 | - */ |
|
| 2258 | - |
|
| 2259 | - $s0 = $c0->addInt64($a0->mulInt64($b0)); |
|
| 2260 | - $s1 = $c1->addInt64($a0->mulInt64($b1))->addInt64($a1->mulInt64($b0)); |
|
| 2261 | - $s2 = $c2->addInt64($a0->mulInt64($b2))->addInt64($a1->mulInt64($b1))->addInt64($a2->mulInt64($b0)); |
|
| 2262 | - $s3 = $c3->addInt64($a0->mulInt64($b3))->addInt64($a1->mulInt64($b2))->addInt64($a2->mulInt64($b1))->addInt64($a3->mulInt64($b0)); |
|
| 2263 | - $s4 = $c4->addInt64($a0->mulInt64($b4))->addInt64($a1->mulInt64($b3))->addInt64($a2->mulInt64($b2))->addInt64($a3->mulInt64($b1))->addInt64($a4->mulInt64($b0)); |
|
| 2264 | - $s5 = $c5->addInt64($a0->mulInt64($b5))->addInt64($a1->mulInt64($b4))->addInt64($a2->mulInt64($b3))->addInt64($a3->mulInt64($b2))->addInt64($a4->mulInt64($b1))->addInt64($a5->mulInt64($b0)); |
|
| 2265 | - $s6 = $c6->addInt64($a0->mulInt64($b6))->addInt64($a1->mulInt64($b5))->addInt64($a2->mulInt64($b4))->addInt64($a3->mulInt64($b3))->addInt64($a4->mulInt64($b2))->addInt64($a5->mulInt64($b1)) |
|
| 2266 | - ->addInt64($a6->mulInt64($b0)); |
|
| 2267 | - $s7 = $c7->addInt64($a0->mulInt64($b7))->addInt64($a1->mulInt64($b6))->addInt64($a2->mulInt64($b5))->addInt64($a3->mulInt64($b4))->addInt64($a4->mulInt64($b3))->addInt64($a5->mulInt64($b2)) |
|
| 2268 | - ->addInt64($a6->mulInt64($b1))->addInt64($a7->mulInt64($b0)); |
|
| 2269 | - $s8 = $c8->addInt64($a0->mulInt64($b8))->addInt64($a1->mulInt64($b7))->addInt64($a2->mulInt64($b6))->addInt64($a3->mulInt64($b5))->addInt64($a4->mulInt64($b4))->addInt64($a5->mulInt64($b3)) |
|
| 2270 | - ->addInt64($a6->mulInt64($b2))->addInt64($a7->mulInt64($b1))->addInt64($a8->mulInt64($b0)); |
|
| 2271 | - $s9 = $c9->addInt64($a0->mulInt64($b9))->addInt64($a1->mulInt64($b8))->addInt64($a2->mulInt64($b7))->addInt64($a3->mulInt64($b6))->addInt64($a4->mulInt64($b5))->addInt64($a5->mulInt64($b4)) |
|
| 2272 | - ->addInt64($a6->mulInt64($b3))->addInt64($a7->mulInt64($b2))->addInt64($a8->mulInt64($b1))->addInt64($a9->mulInt64($b0)); |
|
| 2273 | - $s10 = $c10->addInt64($a0->mulInt64($b10))->addInt64($a1->mulInt64($b9))->addInt64($a2->mulInt64($b8))->addInt64($a3->mulInt64($b7))->addInt64($a4->mulInt64($b6))->addInt64($a5->mulInt64($b5)) |
|
| 2274 | - ->addInt64($a6->mulInt64($b4))->addInt64($a7->mulInt64($b3))->addInt64($a8->mulInt64($b2))->addInt64($a9->mulInt64($b1))->addInt64($a10->mulInt64($b0)); |
|
| 2275 | - $s11 = $c11->addInt64($a0->mulInt64($b11))->addInt64($a1->mulInt64($b10))->addInt64($a2->mulInt64($b9))->addInt64($a3->mulInt64($b8))->addInt64($a4->mulInt64($b7))->addInt64($a5->mulInt64($b6)) |
|
| 2276 | - ->addInt64($a6->mulInt64($b5))->addInt64($a7->mulInt64($b4))->addInt64($a8->mulInt64($b3))->addInt64($a9->mulInt64($b2))->addInt64($a10->mulInt64($b1))->addInt64($a11->mulInt64($b0)); |
|
| 2277 | - $s12 = $a1->mulInt64($b11)->addInt64($a2->mulInt64($b10))->addInt64($a3->mulInt64($b9))->addInt64($a4->mulInt64($b8))->addInt64($a5->mulInt64($b7))->addInt64($a6->mulInt64($b6)) |
|
| 2278 | - ->addInt64($a7->mulInt64($b5))->addInt64($a8->mulInt64($b4))->addInt64($a9->mulInt64($b3))->addInt64($a10->mulInt64($b2))->addInt64($a11->mulInt64($b1)); |
|
| 2279 | - $s13 = $a2->mulInt64($b11)->addInt64($a3->mulInt64($b10))->addInt64($a4->mulInt64($b9))->addInt64($a5->mulInt64($b8))->addInt64($a6->mulInt64($b7))->addInt64($a7->mulInt64($b6)) |
|
| 2280 | - ->addInt64($a8->mulInt64($b5))->addInt64($a9->mulInt64($b4))->addInt64($a10->mulInt64($b3))->addInt64($a11->mulInt64($b2)); |
|
| 2281 | - $s14 = $a3->mulInt64($b11)->addInt64($a4->mulInt64($b10))->addInt64($a5->mulInt64($b9))->addInt64($a6->mulInt64($b8))->addInt64($a7->mulInt64($b7))->addInt64($a8->mulInt64($b6)) |
|
| 2282 | - ->addInt64($a9->mulInt64($b5))->addInt64($a10->mulInt64($b4))->addInt64($a11->mulInt64($b3)); |
|
| 2283 | - $s15 = $a4->mulInt64($b11)->addInt64($a5->mulInt64($b10))->addInt64($a6->mulInt64($b9))->addInt64($a7->mulInt64($b8))->addInt64($a8->mulInt64($b7))->addInt64($a9->mulInt64($b6)) |
|
| 2284 | - ->addInt64($a10->mulInt64($b5))->addInt64($a11->mulInt64($b4)); |
|
| 2285 | - $s16 = $a5->mulInt64($b11)->addInt64($a6->mulInt64($b10))->addInt64($a7->mulInt64($b9))->addInt64($a8->mulInt64($b8))->addInt64($a9->mulInt64($b7))->addInt64($a10->mulInt64($b6)) |
|
| 2286 | - ->addInt64($a11->mulInt64($b5)); |
|
| 2287 | - $s17 = $a6->mulInt64($b11)->addInt64($a7->mulInt64($b10))->addInt64($a8->mulInt64($b9))->addInt64($a9->mulInt64($b8))->addInt64($a10->mulInt64($b7))->addInt64($a11->mulInt64($b6)); |
|
| 2288 | - $s18 = $a7->mulInt64($b11)->addInt64($a8->mulInt64($b10))->addInt64($a9->mulInt64($b9))->addInt64($a10->mulInt64($b8))->addInt64($a11->mulInt64($b7)); |
|
| 2289 | - $s19 = $a8->mulInt64($b11)->addInt64($a9->mulInt64($b10))->addInt64($a10->mulInt64($b9))->addInt64($a11->mulInt64($b8)); |
|
| 2290 | - $s20 = $a9->mulInt64($b11)->addInt64($a10->mulInt64($b10))->addInt64($a11->mulInt64($b9)); |
|
| 2291 | - $s21 = $a10->mulInt64($b11)->addInt64($a11->mulInt64($b10)); |
|
| 2292 | - $s22 = $a11->mulInt64($b11); |
|
| 2293 | - $s23 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2294 | - |
|
| 2295 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2296 | - $s1 = $s1->addInt64($carry0); |
|
| 2297 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2298 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2299 | - $s3 = $s3->addInt64($carry2); |
|
| 2300 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2301 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2302 | - $s5 = $s5->addInt64($carry4); |
|
| 2303 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2304 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2305 | - $s7 = $s7->addInt64($carry6); |
|
| 2306 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2307 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2308 | - $s9 = $s9->addInt64($carry8); |
|
| 2309 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2310 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2311 | - $s11 = $s11->addInt64($carry10); |
|
| 2312 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2313 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2314 | - $s13 = $s13->addInt64($carry12); |
|
| 2315 | - $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2316 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2317 | - $s15 = $s15->addInt64($carry14); |
|
| 2318 | - $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2319 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2320 | - $s17 = $s17->addInt64($carry16); |
|
| 2321 | - $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2322 | - $carry18 = $s18->addInt(1 << 20)->shiftRight(21); |
|
| 2323 | - $s19 = $s19->addInt64($carry18); |
|
| 2324 | - $s18 = $s18->subInt64($carry18->shiftLeft(21)); |
|
| 2325 | - $carry20 = $s20->addInt(1 << 20)->shiftRight(21); |
|
| 2326 | - $s21 = $s21->addInt64($carry20); |
|
| 2327 | - $s20 = $s20->subInt64($carry20->shiftLeft(21)); |
|
| 2328 | - $carry22 = $s22->addInt(1 << 20)->shiftRight(21); |
|
| 2329 | - $s23 = $s23->addInt64($carry22); |
|
| 2330 | - $s22 = $s22->subInt64($carry22->shiftLeft(21)); |
|
| 2331 | - |
|
| 2332 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2333 | - $s2 = $s2->addInt64($carry1); |
|
| 2334 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2335 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2336 | - $s4 = $s4->addInt64($carry3); |
|
| 2337 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2338 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2339 | - $s6 = $s6->addInt64($carry5); |
|
| 2340 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2341 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2342 | - $s8 = $s8->addInt64($carry7); |
|
| 2343 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2344 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2345 | - $s10 = $s10->addInt64($carry9); |
|
| 2346 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2347 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2348 | - $s12 = $s12->addInt64($carry11); |
|
| 2349 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2350 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2351 | - $s14 = $s14->addInt64($carry13); |
|
| 2352 | - $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2353 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2354 | - $s16 = $s16->addInt64($carry15); |
|
| 2355 | - $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2356 | - $carry17 = $s17->addInt(1 << 20)->shiftRight(21); |
|
| 2357 | - $s18 = $s18->addInt64($carry17); |
|
| 2358 | - $s17 = $s17->subInt64($carry17->shiftLeft(21)); |
|
| 2359 | - $carry19 = $s19->addInt(1 << 20)->shiftRight(21); |
|
| 2360 | - $s20 = $s20->addInt64($carry19); |
|
| 2361 | - $s19 = $s19->subInt64($carry19->shiftLeft(21)); |
|
| 2362 | - $carry21 = $s21->addInt(1 << 20)->shiftRight(21); |
|
| 2363 | - $s22 = $s22->addInt64($carry21); |
|
| 2364 | - $s21 = $s21->subInt64($carry21->shiftLeft(21)); |
|
| 2365 | - |
|
| 2366 | - $s11 = $s11->addInt64($s23->mulInt(666643)); |
|
| 2367 | - $s12 = $s12->addInt64($s23->mulInt(470296)); |
|
| 2368 | - $s13 = $s13->addInt64($s23->mulInt(654183)); |
|
| 2369 | - $s14 = $s14->subInt64($s23->mulInt(997805)); |
|
| 2370 | - $s15 = $s15->addInt64($s23->mulInt(136657)); |
|
| 2371 | - $s16 = $s16->subInt64($s23->mulInt(683901)); |
|
| 2372 | - |
|
| 2373 | - $s10 = $s10->addInt64($s22->mulInt(666643)); |
|
| 2374 | - $s11 = $s11->addInt64($s22->mulInt(470296)); |
|
| 2375 | - $s12 = $s12->addInt64($s22->mulInt(654183)); |
|
| 2376 | - $s13 = $s13->subInt64($s22->mulInt(997805)); |
|
| 2377 | - $s14 = $s14->addInt64($s22->mulInt(136657)); |
|
| 2378 | - $s15 = $s15->subInt64($s22->mulInt(683901)); |
|
| 2379 | - |
|
| 2380 | - $s9 = $s9->addInt64($s21->mulInt(666643)); |
|
| 2381 | - $s10 = $s10->addInt64($s21->mulInt(470296)); |
|
| 2382 | - $s11 = $s11->addInt64($s21->mulInt(654183)); |
|
| 2383 | - $s12 = $s12->subInt64($s21->mulInt(997805)); |
|
| 2384 | - $s13 = $s13->addInt64($s21->mulInt(136657)); |
|
| 2385 | - $s14 = $s14->subInt64($s21->mulInt(683901)); |
|
| 2386 | - |
|
| 2387 | - $s8 = $s8->addInt64($s20->mulInt(666643)); |
|
| 2388 | - $s9 = $s9->addInt64($s20->mulInt(470296)); |
|
| 2389 | - $s10 = $s10->addInt64($s20->mulInt(654183)); |
|
| 2390 | - $s11 = $s11->subInt64($s20->mulInt(997805)); |
|
| 2391 | - $s12 = $s12->addInt64($s20->mulInt(136657)); |
|
| 2392 | - $s13 = $s13->subInt64($s20->mulInt(683901)); |
|
| 2393 | - |
|
| 2394 | - $s7 = $s7->addInt64($s19->mulInt(666643)); |
|
| 2395 | - $s8 = $s8->addInt64($s19->mulInt(470296)); |
|
| 2396 | - $s9 = $s9->addInt64($s19->mulInt(654183)); |
|
| 2397 | - $s10 = $s10->subInt64($s19->mulInt(997805)); |
|
| 2398 | - $s11 = $s11->addInt64($s19->mulInt(136657)); |
|
| 2399 | - $s12 = $s12->subInt64($s19->mulInt(683901)); |
|
| 2400 | - |
|
| 2401 | - $s6 = $s6->addInt64($s18->mulInt(666643)); |
|
| 2402 | - $s7 = $s7->addInt64($s18->mulInt(470296)); |
|
| 2403 | - $s8 = $s8->addInt64($s18->mulInt(654183)); |
|
| 2404 | - $s9 = $s9->subInt64($s18->mulInt(997805)); |
|
| 2405 | - $s10 = $s10->addInt64($s18->mulInt(136657)); |
|
| 2406 | - $s11 = $s11->subInt64($s18->mulInt(683901)); |
|
| 2407 | - |
|
| 2408 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2409 | - $s7 = $s7->addInt64($carry6); |
|
| 2410 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2411 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2412 | - $s9 = $s9->addInt64($carry8); |
|
| 2413 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2414 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2415 | - $s11 = $s11->addInt64($carry10); |
|
| 2416 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2417 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2418 | - $s13 = $s13->addInt64($carry12); |
|
| 2419 | - $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2420 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2421 | - $s15 = $s15->addInt64($carry14); |
|
| 2422 | - $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2423 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2424 | - $s17 = $s17->addInt64($carry16); |
|
| 2425 | - $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2426 | - |
|
| 2427 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2428 | - $s8 = $s8->addInt64($carry7); |
|
| 2429 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2430 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2431 | - $s10 = $s10->addInt64($carry9); |
|
| 2432 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2433 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2434 | - $s12 = $s12->addInt64($carry11); |
|
| 2435 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2436 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2437 | - $s14 = $s14->addInt64($carry13); |
|
| 2438 | - $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2439 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2440 | - $s16 = $s16->addInt64($carry15); |
|
| 2441 | - $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2442 | - |
|
| 2443 | - $s5 = $s5->addInt64($s17->mulInt(666643)); |
|
| 2444 | - $s6 = $s6->addInt64($s17->mulInt(470296)); |
|
| 2445 | - $s7 = $s7->addInt64($s17->mulInt(654183)); |
|
| 2446 | - $s8 = $s8->subInt64($s17->mulInt(997805)); |
|
| 2447 | - $s9 = $s9->addInt64($s17->mulInt(136657)); |
|
| 2448 | - $s10 = $s10->subInt64($s17->mulInt(683901)); |
|
| 2449 | - |
|
| 2450 | - $s4 = $s4->addInt64($s16->mulInt(666643)); |
|
| 2451 | - $s5 = $s5->addInt64($s16->mulInt(470296)); |
|
| 2452 | - $s6 = $s6->addInt64($s16->mulInt(654183)); |
|
| 2453 | - $s7 = $s7->subInt64($s16->mulInt(997805)); |
|
| 2454 | - $s8 = $s8->addInt64($s16->mulInt(136657)); |
|
| 2455 | - $s9 = $s9->subInt64($s16->mulInt(683901)); |
|
| 2456 | - |
|
| 2457 | - $s3 = $s3->addInt64($s15->mulInt(666643)); |
|
| 2458 | - $s4 = $s4->addInt64($s15->mulInt(470296)); |
|
| 2459 | - $s5 = $s5->addInt64($s15->mulInt(654183)); |
|
| 2460 | - $s6 = $s6->subInt64($s15->mulInt(997805)); |
|
| 2461 | - $s7 = $s7->addInt64($s15->mulInt(136657)); |
|
| 2462 | - $s8 = $s8->subInt64($s15->mulInt(683901)); |
|
| 2463 | - |
|
| 2464 | - $s2 = $s2->addInt64($s14->mulInt(666643)); |
|
| 2465 | - $s3 = $s3->addInt64($s14->mulInt(470296)); |
|
| 2466 | - $s4 = $s4->addInt64($s14->mulInt(654183)); |
|
| 2467 | - $s5 = $s5->subInt64($s14->mulInt(997805)); |
|
| 2468 | - $s6 = $s6->addInt64($s14->mulInt(136657)); |
|
| 2469 | - $s7 = $s7->subInt64($s14->mulInt(683901)); |
|
| 2470 | - |
|
| 2471 | - $s1 = $s1->addInt64($s13->mulInt(666643)); |
|
| 2472 | - $s2 = $s2->addInt64($s13->mulInt(470296)); |
|
| 2473 | - $s3 = $s3->addInt64($s13->mulInt(654183)); |
|
| 2474 | - $s4 = $s4->subInt64($s13->mulInt(997805)); |
|
| 2475 | - $s5 = $s5->addInt64($s13->mulInt(136657)); |
|
| 2476 | - $s6 = $s6->subInt64($s13->mulInt(683901)); |
|
| 2477 | - |
|
| 2478 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2479 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2480 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2481 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2482 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2483 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2484 | - $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2485 | - |
|
| 2486 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2487 | - $s1 = $s1->addInt64($carry0); |
|
| 2488 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2489 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2490 | - $s3 = $s3->addInt64($carry2); |
|
| 2491 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2492 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2493 | - $s5 = $s5->addInt64($carry4); |
|
| 2494 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2495 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2496 | - $s7 = $s7->addInt64($carry6); |
|
| 2497 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2498 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2499 | - $s9 = $s9->addInt64($carry8); |
|
| 2500 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2501 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2502 | - $s11 = $s11->addInt64($carry10); |
|
| 2503 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2504 | - |
|
| 2505 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2506 | - $s2 = $s2->addInt64($carry1); |
|
| 2507 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2508 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2509 | - $s4 = $s4->addInt64($carry3); |
|
| 2510 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2511 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2512 | - $s6 = $s6->addInt64($carry5); |
|
| 2513 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2514 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2515 | - $s8 = $s8->addInt64($carry7); |
|
| 2516 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2517 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2518 | - $s10 = $s10->addInt64($carry9); |
|
| 2519 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2520 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2521 | - $s12 = $s12->addInt64($carry11); |
|
| 2522 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2523 | - |
|
| 2524 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2525 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2526 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2527 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2528 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2529 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2530 | - $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2531 | - |
|
| 2532 | - $carry0 = $s0->shiftRight(21); |
|
| 2533 | - $s1 = $s1->addInt64($carry0); |
|
| 2534 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2535 | - $carry1 = $s1->shiftRight(21); |
|
| 2536 | - $s2 = $s2->addInt64($carry1); |
|
| 2537 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2538 | - $carry2 = $s2->shiftRight(21); |
|
| 2539 | - $s3 = $s3->addInt64($carry2); |
|
| 2540 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2541 | - $carry3 = $s3->shiftRight(21); |
|
| 2542 | - $s4 = $s4->addInt64($carry3); |
|
| 2543 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2544 | - $carry4 = $s4->shiftRight(21); |
|
| 2545 | - $s5 = $s5->addInt64($carry4); |
|
| 2546 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2547 | - $carry5 = $s5->shiftRight(21); |
|
| 2548 | - $s6 = $s6->addInt64($carry5); |
|
| 2549 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2550 | - $carry6 = $s6->shiftRight(21); |
|
| 2551 | - $s7 = $s7->addInt64($carry6); |
|
| 2552 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2553 | - $carry7 = $s7->shiftRight(21); |
|
| 2554 | - $s8 = $s8->addInt64($carry7); |
|
| 2555 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2556 | - $carry8 = $s8->shiftRight(21); |
|
| 2557 | - $s9 = $s9->addInt64($carry8); |
|
| 2558 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2559 | - $carry9 = $s9->shiftRight(21); |
|
| 2560 | - $s10 = $s10->addInt64($carry9); |
|
| 2561 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2562 | - $carry10 = $s10->shiftRight(21); |
|
| 2563 | - $s11 = $s11->addInt64($carry10); |
|
| 2564 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2565 | - $carry11 = $s11->shiftRight(21); |
|
| 2566 | - $s12 = $s12->addInt64($carry11); |
|
| 2567 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2568 | - |
|
| 2569 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2570 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2571 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2572 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2573 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2574 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2575 | - |
|
| 2576 | - $carry0 = $s0->shiftRight(21); |
|
| 2577 | - $s1 = $s1->addInt64($carry0); |
|
| 2578 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2579 | - $carry1 = $s1->shiftRight(21); |
|
| 2580 | - $s2 = $s2->addInt64($carry1); |
|
| 2581 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2582 | - $carry2 = $s2->shiftRight(21); |
|
| 2583 | - $s3 = $s3->addInt64($carry2); |
|
| 2584 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2585 | - $carry3 = $s3->shiftRight(21); |
|
| 2586 | - $s4 = $s4->addInt64($carry3); |
|
| 2587 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2588 | - $carry4 = $s4->shiftRight(21); |
|
| 2589 | - $s5 = $s5->addInt64($carry4); |
|
| 2590 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2591 | - $carry5 = $s5->shiftRight(21); |
|
| 2592 | - $s6 = $s6->addInt64($carry5); |
|
| 2593 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2594 | - $carry6 = $s6->shiftRight(21); |
|
| 2595 | - $s7 = $s7->addInt64($carry6); |
|
| 2596 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2597 | - $carry7 = $s7->shiftRight(21); |
|
| 2598 | - $s8 = $s8->addInt64($carry7); |
|
| 2599 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2600 | - $carry8 = $s10->shiftRight(21); |
|
| 2601 | - $s9 = $s9->addInt64($carry8); |
|
| 2602 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2603 | - $carry9 = $s9->shiftRight(21); |
|
| 2604 | - $s10 = $s10->addInt64($carry9); |
|
| 2605 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2606 | - $carry10 = $s10->shiftRight(21); |
|
| 2607 | - $s11 = $s11->addInt64($carry10); |
|
| 2608 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2609 | - |
|
| 2610 | - $S0 = $s0->toInt32()->toInt(); |
|
| 2611 | - $S1 = $s1->toInt32()->toInt(); |
|
| 2612 | - $S2 = $s2->toInt32()->toInt(); |
|
| 2613 | - $S3 = $s3->toInt32()->toInt(); |
|
| 2614 | - $S4 = $s4->toInt32()->toInt(); |
|
| 2615 | - $S5 = $s5->toInt32()->toInt(); |
|
| 2616 | - $S6 = $s6->toInt32()->toInt(); |
|
| 2617 | - $S7 = $s7->toInt32()->toInt(); |
|
| 2618 | - $S8 = $s8->toInt32()->toInt(); |
|
| 2619 | - $S9 = $s9->toInt32()->toInt(); |
|
| 2620 | - $S10 = $s10->toInt32()->toInt(); |
|
| 2621 | - $S11 = $s11->toInt32()->toInt(); |
|
| 1148 | + } |
|
| 1149 | + |
|
| 1150 | + /** |
|
| 1151 | + * @internal You should not use this directly from another application |
|
| 1152 | + * |
|
| 1153 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $Z |
|
| 1154 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 1155 | + */ |
|
| 1156 | + public static function fe_invert(ParagonIE_Sodium_Core32_Curve25519_Fe $Z) |
|
| 1157 | + { |
|
| 1158 | + $z = clone $Z; |
|
| 1159 | + $t0 = self::fe_sq($z); |
|
| 1160 | + $t1 = self::fe_sq($t0); |
|
| 1161 | + $t1 = self::fe_sq($t1); |
|
| 1162 | + $t1 = self::fe_mul($z, $t1); |
|
| 1163 | + $t0 = self::fe_mul($t0, $t1); |
|
| 1164 | + $t2 = self::fe_sq($t0); |
|
| 1165 | + $t1 = self::fe_mul($t1, $t2); |
|
| 1166 | + $t2 = self::fe_sq($t1); |
|
| 1167 | + for ($i = 1; $i < 5; ++$i) { |
|
| 1168 | + $t2 = self::fe_sq($t2); |
|
| 1169 | + } |
|
| 1170 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1171 | + $t2 = self::fe_sq($t1); |
|
| 1172 | + for ($i = 1; $i < 10; ++$i) { |
|
| 1173 | + $t2 = self::fe_sq($t2); |
|
| 1174 | + } |
|
| 1175 | + $t2 = self::fe_mul($t2, $t1); |
|
| 1176 | + $t3 = self::fe_sq($t2); |
|
| 1177 | + for ($i = 1; $i < 20; ++$i) { |
|
| 1178 | + $t3 = self::fe_sq($t3); |
|
| 1179 | + } |
|
| 1180 | + $t2 = self::fe_mul($t3, $t2); |
|
| 1181 | + $t2 = self::fe_sq($t2); |
|
| 1182 | + for ($i = 1; $i < 10; ++$i) { |
|
| 1183 | + $t2 = self::fe_sq($t2); |
|
| 1184 | + } |
|
| 1185 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1186 | + $t2 = self::fe_sq($t1); |
|
| 1187 | + for ($i = 1; $i < 50; ++$i) { |
|
| 1188 | + $t2 = self::fe_sq($t2); |
|
| 1189 | + } |
|
| 1190 | + $t2 = self::fe_mul($t2, $t1); |
|
| 1191 | + $t3 = self::fe_sq($t2); |
|
| 1192 | + for ($i = 1; $i < 100; ++$i) { |
|
| 1193 | + $t3 = self::fe_sq($t3); |
|
| 1194 | + } |
|
| 1195 | + $t2 = self::fe_mul($t3, $t2); |
|
| 1196 | + $t2 = self::fe_sq($t2); |
|
| 1197 | + for ($i = 1; $i < 50; ++$i) { |
|
| 1198 | + $t2 = self::fe_sq($t2); |
|
| 1199 | + } |
|
| 1200 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1201 | + $t1 = self::fe_sq($t1); |
|
| 1202 | + for ($i = 1; $i < 5; ++$i) { |
|
| 1203 | + $t1 = self::fe_sq($t1); |
|
| 1204 | + } |
|
| 1205 | + return self::fe_mul($t1, $t0); |
|
| 1206 | + } |
|
| 1207 | + |
|
| 1208 | + /** |
|
| 1209 | + * @internal You should not use this directly from another application |
|
| 1210 | + * |
|
| 1211 | + * @ref https://github.com/jedisct1/libsodium/blob/68564326e1e9dc57ef03746f85734232d20ca6fb/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1054-L1106 |
|
| 1212 | + * |
|
| 1213 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $z |
|
| 1214 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 1215 | + */ |
|
| 1216 | + public static function fe_pow22523(ParagonIE_Sodium_Core32_Curve25519_Fe $z) |
|
| 1217 | + { |
|
| 1218 | + # fe_sq(t0, z); |
|
| 1219 | + # fe_sq(t1, t0); |
|
| 1220 | + # fe_sq(t1, t1); |
|
| 1221 | + # fe_mul(t1, z, t1); |
|
| 1222 | + # fe_mul(t0, t0, t1); |
|
| 1223 | + # fe_sq(t0, t0); |
|
| 1224 | + # fe_mul(t0, t1, t0); |
|
| 1225 | + # fe_sq(t1, t0); |
|
| 1226 | + $t0 = self::fe_sq($z); |
|
| 1227 | + $t1 = self::fe_sq($t0); |
|
| 1228 | + $t1 = self::fe_sq($t1); |
|
| 1229 | + $t1 = self::fe_mul($z, $t1); |
|
| 1230 | + $t0 = self::fe_mul($t0, $t1); |
|
| 1231 | + $t0 = self::fe_sq($t0); |
|
| 1232 | + $t0 = self::fe_mul($t1, $t0); |
|
| 1233 | + $t1 = self::fe_sq($t0); |
|
| 1234 | + |
|
| 1235 | + # for (i = 1; i < 5; ++i) { |
|
| 1236 | + # fe_sq(t1, t1); |
|
| 1237 | + # } |
|
| 1238 | + for ($i = 1; $i < 5; ++$i) { |
|
| 1239 | + $t1 = self::fe_sq($t1); |
|
| 1240 | + } |
|
| 1241 | + |
|
| 1242 | + # fe_mul(t0, t1, t0); |
|
| 1243 | + # fe_sq(t1, t0); |
|
| 1244 | + $t0 = self::fe_mul($t1, $t0); |
|
| 1245 | + $t1 = self::fe_sq($t0); |
|
| 1246 | + |
|
| 1247 | + # for (i = 1; i < 10; ++i) { |
|
| 1248 | + # fe_sq(t1, t1); |
|
| 1249 | + # } |
|
| 1250 | + for ($i = 1; $i < 10; ++$i) { |
|
| 1251 | + $t1 = self::fe_sq($t1); |
|
| 1252 | + } |
|
| 1253 | + |
|
| 1254 | + # fe_mul(t1, t1, t0); |
|
| 1255 | + # fe_sq(t2, t1); |
|
| 1256 | + $t1 = self::fe_mul($t1, $t0); |
|
| 1257 | + $t2 = self::fe_sq($t1); |
|
| 1258 | + |
|
| 1259 | + # for (i = 1; i < 20; ++i) { |
|
| 1260 | + # fe_sq(t2, t2); |
|
| 1261 | + # } |
|
| 1262 | + for ($i = 1; $i < 20; ++$i) { |
|
| 1263 | + $t2 = self::fe_sq($t2); |
|
| 1264 | + } |
|
| 1265 | + |
|
| 1266 | + # fe_mul(t1, t2, t1); |
|
| 1267 | + # fe_sq(t1, t1); |
|
| 1268 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1269 | + $t1 = self::fe_sq($t1); |
|
| 1270 | + |
|
| 1271 | + # for (i = 1; i < 10; ++i) { |
|
| 1272 | + # fe_sq(t1, t1); |
|
| 1273 | + # } |
|
| 1274 | + for ($i = 1; $i < 10; ++$i) { |
|
| 1275 | + $t1 = self::fe_sq($t1); |
|
| 1276 | + } |
|
| 1277 | + |
|
| 1278 | + # fe_mul(t0, t1, t0); |
|
| 1279 | + # fe_sq(t1, t0); |
|
| 1280 | + $t0 = self::fe_mul($t1, $t0); |
|
| 1281 | + $t1 = self::fe_sq($t0); |
|
| 1282 | + |
|
| 1283 | + # for (i = 1; i < 50; ++i) { |
|
| 1284 | + # fe_sq(t1, t1); |
|
| 1285 | + # } |
|
| 1286 | + for ($i = 1; $i < 50; ++$i) { |
|
| 1287 | + $t1 = self::fe_sq($t1); |
|
| 1288 | + } |
|
| 1289 | + |
|
| 1290 | + # fe_mul(t1, t1, t0); |
|
| 1291 | + # fe_sq(t2, t1); |
|
| 1292 | + $t1 = self::fe_mul($t1, $t0); |
|
| 1293 | + $t2 = self::fe_sq($t1); |
|
| 1294 | + |
|
| 1295 | + # for (i = 1; i < 100; ++i) { |
|
| 1296 | + # fe_sq(t2, t2); |
|
| 1297 | + # } |
|
| 1298 | + for ($i = 1; $i < 100; ++$i) { |
|
| 1299 | + $t2 = self::fe_sq($t2); |
|
| 1300 | + } |
|
| 1301 | + |
|
| 1302 | + # fe_mul(t1, t2, t1); |
|
| 1303 | + # fe_sq(t1, t1); |
|
| 1304 | + $t1 = self::fe_mul($t2, $t1); |
|
| 1305 | + $t1 = self::fe_sq($t1); |
|
| 1306 | + |
|
| 1307 | + # for (i = 1; i < 50; ++i) { |
|
| 1308 | + # fe_sq(t1, t1); |
|
| 1309 | + # } |
|
| 1310 | + for ($i = 1; $i < 50; ++$i) { |
|
| 1311 | + $t1 = self::fe_sq($t1); |
|
| 1312 | + } |
|
| 1313 | + |
|
| 1314 | + # fe_mul(t0, t1, t0); |
|
| 1315 | + # fe_sq(t0, t0); |
|
| 1316 | + # fe_sq(t0, t0); |
|
| 1317 | + # fe_mul(out, t0, z); |
|
| 1318 | + $t0 = self::fe_mul($t1, $t0); |
|
| 1319 | + $t0 = self::fe_sq($t0); |
|
| 1320 | + $t0 = self::fe_sq($t0); |
|
| 1321 | + return self::fe_mul($t0, $z); |
|
| 1322 | + } |
|
| 1323 | + |
|
| 1324 | + /** |
|
| 1325 | + * Subtract two field elements. |
|
| 1326 | + * |
|
| 1327 | + * h = f - g |
|
| 1328 | + * |
|
| 1329 | + * Preconditions: |
|
| 1330 | + * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1331 | + * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. |
|
| 1332 | + * |
|
| 1333 | + * Postconditions: |
|
| 1334 | + * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. |
|
| 1335 | + * |
|
| 1336 | + * @internal You should not use this directly from another application |
|
| 1337 | + * |
|
| 1338 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
|
| 1339 | + * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
|
| 1340 | + * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
|
| 1341 | + */ |
|
| 1342 | + public static function fe_sub(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) |
|
| 1343 | + { |
|
| 1344 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1345 | + array( |
|
| 1346 | + $f[0]->subInt32($g[0]), |
|
| 1347 | + $f[1]->subInt32($g[1]), |
|
| 1348 | + $f[2]->subInt32($g[2]), |
|
| 1349 | + $f[3]->subInt32($g[3]), |
|
| 1350 | + $f[4]->subInt32($g[4]), |
|
| 1351 | + $f[5]->subInt32($g[5]), |
|
| 1352 | + $f[6]->subInt32($g[6]), |
|
| 1353 | + $f[7]->subInt32($g[7]), |
|
| 1354 | + $f[8]->subInt32($g[8]), |
|
| 1355 | + $f[9]->subInt32($g[9]) |
|
| 1356 | + ) |
|
| 1357 | + ); |
|
| 1358 | + } |
|
| 1359 | + |
|
| 1360 | + /** |
|
| 1361 | + * Add two group elements. |
|
| 1362 | + * |
|
| 1363 | + * r = p + q |
|
| 1364 | + * |
|
| 1365 | + * @internal You should not use this directly from another application |
|
| 1366 | + * |
|
| 1367 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1368 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1369 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1370 | + */ |
|
| 1371 | + public static function ge_add( |
|
| 1372 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1373 | + ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1374 | + ) { |
|
| 1375 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 1376 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1377 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1378 | + $r->Z = self::fe_mul($r->X, $q->YplusX); |
|
| 1379 | + $r->Y = self::fe_mul($r->Y, $q->YminusX); |
|
| 1380 | + $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1381 | + $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1382 | + $t0 = self::fe_add($r->X, $r->X); |
|
| 1383 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1384 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1385 | + $r->Z = self::fe_add($t0, $r->T); |
|
| 1386 | + $r->T = self::fe_sub($t0, $r->T); |
|
| 1387 | + return $r; |
|
| 1388 | + } |
|
| 1389 | + |
|
| 1390 | + /** |
|
| 1391 | + * @internal You should not use this directly from another application |
|
| 1392 | + * |
|
| 1393 | + * @ref https://github.com/jedisct1/libsodium/blob/157c4a80c13b117608aeae12178b2d38825f9f8f/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c#L1185-L1215 |
|
| 1394 | + * @param string $a |
|
| 1395 | + * @return array<int, mixed> |
|
| 1396 | + */ |
|
| 1397 | + public static function slide($a) |
|
| 1398 | + { |
|
| 1399 | + if (self::strlen($a) < 256) { |
|
| 1400 | + if (self::strlen($a) < 16) { |
|
| 1401 | + $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
|
| 1402 | + } |
|
| 1403 | + } |
|
| 1404 | + $r = array(); |
|
| 1405 | + for ($i = 0; $i < 256; ++$i) { |
|
| 1406 | + $r[$i] = 1 & ( |
|
| 1407 | + self::chrToInt($a[$i >> 3]) |
|
| 1408 | + >> |
|
| 1409 | + ($i & 7) |
|
| 1410 | + ); |
|
| 1411 | + } |
|
| 1412 | + |
|
| 1413 | + for ($i = 0;$i < 256;++$i) { |
|
| 1414 | + if ($r[$i]) { |
|
| 1415 | + for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { |
|
| 1416 | + if ($r[$i + $b]) { |
|
| 1417 | + if ($r[$i] + ($r[$i + $b] << $b) <= 15) { |
|
| 1418 | + $r[$i] += $r[$i + $b] << $b; |
|
| 1419 | + $r[$i + $b] = 0; |
|
| 1420 | + } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { |
|
| 1421 | + $r[$i] -= $r[$i + $b] << $b; |
|
| 1422 | + for ($k = $i + $b; $k < 256; ++$k) { |
|
| 1423 | + if (!$r[$k]) { |
|
| 1424 | + $r[$k] = 1; |
|
| 1425 | + break; |
|
| 1426 | + } |
|
| 1427 | + $r[$k] = 0; |
|
| 1428 | + } |
|
| 1429 | + } else { |
|
| 1430 | + break; |
|
| 1431 | + } |
|
| 1432 | + } |
|
| 1433 | + } |
|
| 1434 | + } |
|
| 1435 | + } |
|
| 1436 | + return $r; |
|
| 1437 | + } |
|
| 1438 | + |
|
| 1439 | + /** |
|
| 1440 | + * @internal You should not use this directly from another application |
|
| 1441 | + * |
|
| 1442 | + * @param string $s |
|
| 1443 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 1444 | + */ |
|
| 1445 | + public static function ge_frombytes_negate_vartime($s) |
|
| 1446 | + { |
|
| 1447 | + static $d = null; |
|
| 1448 | + if (!$d) { |
|
| 1449 | + $d = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1450 | + array( |
|
| 1451 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[0]), |
|
| 1452 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[1]), |
|
| 1453 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[2]), |
|
| 1454 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[3]), |
|
| 1455 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[4]), |
|
| 1456 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[5]), |
|
| 1457 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[6]), |
|
| 1458 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[7]), |
|
| 1459 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[8]), |
|
| 1460 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[9]) |
|
| 1461 | + ) |
|
| 1462 | + ); |
|
| 1463 | + } |
|
| 1464 | + |
|
| 1465 | + # fe_frombytes(h->Y,s); |
|
| 1466 | + # fe_1(h->Z); |
|
| 1467 | + $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( |
|
| 1468 | + self::fe_0(), |
|
| 1469 | + self::fe_frombytes($s), |
|
| 1470 | + self::fe_1() |
|
| 1471 | + ); |
|
| 1472 | + |
|
| 1473 | + # fe_sq(u,h->Y); |
|
| 1474 | + # fe_mul(v,u,d); |
|
| 1475 | + # fe_sub(u,u,h->Z); /* u = y^2-1 */ |
|
| 1476 | + # fe_add(v,v,h->Z); /* v = dy^2+1 */ |
|
| 1477 | + $u = self::fe_sq($h->Y); |
|
| 1478 | + $v = self::fe_mul($u, $d); |
|
| 1479 | + $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ |
|
| 1480 | + $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ |
|
| 1481 | + |
|
| 1482 | + # fe_sq(v3,v); |
|
| 1483 | + # fe_mul(v3,v3,v); /* v3 = v^3 */ |
|
| 1484 | + # fe_sq(h->X,v3); |
|
| 1485 | + # fe_mul(h->X,h->X,v); |
|
| 1486 | + # fe_mul(h->X,h->X,u); /* x = uv^7 */ |
|
| 1487 | + $v3 = self::fe_sq($v); |
|
| 1488 | + $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ |
|
| 1489 | + $h->X = self::fe_sq($v3); |
|
| 1490 | + $h->X = self::fe_mul($h->X, $v); |
|
| 1491 | + $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ |
|
| 1492 | + |
|
| 1493 | + # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1494 | + # fe_mul(h->X,h->X,v3); |
|
| 1495 | + # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1496 | + $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1497 | + $h->X = self::fe_mul($h->X, $v3); |
|
| 1498 | + $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1499 | + |
|
| 1500 | + # fe_sq(vxx,h->X); |
|
| 1501 | + # fe_mul(vxx,vxx,v); |
|
| 1502 | + # fe_sub(check,vxx,u); /* vx^2-u */ |
|
| 1503 | + $vxx = self::fe_sq($h->X); |
|
| 1504 | + $vxx = self::fe_mul($vxx, $v); |
|
| 1505 | + $check = self::fe_sub($vxx, $u); /* vx^2 - u */ |
|
| 1506 | + |
|
| 1507 | + # if (fe_isnonzero(check)) { |
|
| 1508 | + # fe_add(check,vxx,u); /* vx^2+u */ |
|
| 1509 | + # if (fe_isnonzero(check)) { |
|
| 1510 | + # return -1; |
|
| 1511 | + # } |
|
| 1512 | + # fe_mul(h->X,h->X,sqrtm1); |
|
| 1513 | + # } |
|
| 1514 | + if (self::fe_isnonzero($check)) { |
|
| 1515 | + $check = self::fe_add($vxx, $u); /* vx^2 + u */ |
|
| 1516 | + if (self::fe_isnonzero($check)) { |
|
| 1517 | + throw new RangeException('Internal check failed.'); |
|
| 1518 | + } |
|
| 1519 | + $h->X = self::fe_mul( |
|
| 1520 | + $h->X, |
|
| 1521 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(self::$sqrtm1) |
|
| 1522 | + ); |
|
| 1523 | + } |
|
| 1524 | + |
|
| 1525 | + # if (fe_isnegative(h->X) == (s[31] >> 7)) { |
|
| 1526 | + # fe_neg(h->X,h->X); |
|
| 1527 | + # } |
|
| 1528 | + $i = self::chrToInt($s[31]); |
|
| 1529 | + if (self::fe_isnegative($h->X) === ($i >> 7)) { |
|
| 1530 | + $h->X = self::fe_neg($h->X); |
|
| 1531 | + } |
|
| 1532 | + |
|
| 1533 | + # fe_mul(h->T,h->X,h->Y); |
|
| 1534 | + $h->T = self::fe_mul($h->X, $h->Y); |
|
| 1535 | + return $h; |
|
| 1536 | + } |
|
| 1537 | + |
|
| 1538 | + /** |
|
| 1539 | + * @internal You should not use this directly from another application |
|
| 1540 | + * |
|
| 1541 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R |
|
| 1542 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1543 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1544 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1545 | + */ |
|
| 1546 | + public static function ge_madd( |
|
| 1547 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R, |
|
| 1548 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1549 | + ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1550 | + ) { |
|
| 1551 | + $r = clone $R; |
|
| 1552 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1553 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1554 | + $r->Z = self::fe_mul($r->X, $q->yplusx); |
|
| 1555 | + $r->Y = self::fe_mul($r->Y, $q->yminusx); |
|
| 1556 | + $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1557 | + $t0 = self::fe_add(clone $p->Z, clone $p->Z); |
|
| 1558 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1559 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1560 | + $r->Z = self::fe_add($t0, $r->T); |
|
| 1561 | + $r->T = self::fe_sub($t0, $r->T); |
|
| 1562 | + |
|
| 1563 | + return $r; |
|
| 1564 | + } |
|
| 1565 | + |
|
| 1566 | + /** |
|
| 1567 | + * @internal You should not use this directly from another application |
|
| 1568 | + * |
|
| 1569 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R |
|
| 1570 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1571 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1572 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1573 | + */ |
|
| 1574 | + public static function ge_msub( |
|
| 1575 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $R, |
|
| 1576 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1577 | + ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
|
| 1578 | + ) { |
|
| 1579 | + $r = clone $R; |
|
| 1580 | + |
|
| 1581 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1582 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1583 | + $r->Z = self::fe_mul($r->X, $q->yminusx); |
|
| 1584 | + $r->Y = self::fe_mul($r->Y, $q->yplusx); |
|
| 1585 | + $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1586 | + $t0 = self::fe_add($p->Z, $p->Z); |
|
| 1587 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1588 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1589 | + $r->Z = self::fe_sub($t0, $r->T); |
|
| 1590 | + $r->T = self::fe_add($t0, $r->T); |
|
| 1591 | + |
|
| 1592 | + return $r; |
|
| 1593 | + } |
|
| 1594 | + |
|
| 1595 | + /** |
|
| 1596 | + * @internal You should not use this directly from another application |
|
| 1597 | + * |
|
| 1598 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
|
| 1599 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1600 | + */ |
|
| 1601 | + public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1602 | + { |
|
| 1603 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P2(); |
|
| 1604 | + $r->X = self::fe_mul($p->X, $p->T); |
|
| 1605 | + $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1606 | + $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1607 | + return $r; |
|
| 1608 | + } |
|
| 1609 | + |
|
| 1610 | + /** |
|
| 1611 | + * @internal You should not use this directly from another application |
|
| 1612 | + * |
|
| 1613 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
|
| 1614 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 1615 | + */ |
|
| 1616 | + public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1617 | + { |
|
| 1618 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3(); |
|
| 1619 | + $r->X = self::fe_mul($p->X, $p->T); |
|
| 1620 | + $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1621 | + $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1622 | + $r->T = self::fe_mul($p->X, $p->Y); |
|
| 1623 | + return $r; |
|
| 1624 | + } |
|
| 1625 | + |
|
| 1626 | + /** |
|
| 1627 | + * @internal You should not use this directly from another application |
|
| 1628 | + * |
|
| 1629 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1630 | + */ |
|
| 1631 | + public static function ge_p2_0() |
|
| 1632 | + { |
|
| 1633 | + return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
|
| 1634 | + self::fe_0(), |
|
| 1635 | + self::fe_1(), |
|
| 1636 | + self::fe_1() |
|
| 1637 | + ); |
|
| 1638 | + } |
|
| 1639 | + |
|
| 1640 | + /** |
|
| 1641 | + * @internal You should not use this directly from another application |
|
| 1642 | + * |
|
| 1643 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p |
|
| 1644 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1645 | + */ |
|
| 1646 | + public static function ge_p2_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p) |
|
| 1647 | + { |
|
| 1648 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 1649 | + |
|
| 1650 | + $r->X = self::fe_sq($p->X); |
|
| 1651 | + $r->Z = self::fe_sq($p->Y); |
|
| 1652 | + $r->T = self::fe_sq2($p->Z); |
|
| 1653 | + $r->Y = self::fe_add($p->X, $p->Y); |
|
| 1654 | + $t0 = self::fe_sq($r->Y); |
|
| 1655 | + $r->Y = self::fe_add($r->Z, $r->X); |
|
| 1656 | + $r->Z = self::fe_sub($r->Z, $r->X); |
|
| 1657 | + $r->X = self::fe_sub($t0, $r->Y); |
|
| 1658 | + $r->T = self::fe_sub($r->T, $r->Z); |
|
| 1659 | + |
|
| 1660 | + return $r; |
|
| 1661 | + } |
|
| 1662 | + |
|
| 1663 | + /** |
|
| 1664 | + * @internal You should not use this directly from another application |
|
| 1665 | + * |
|
| 1666 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 1667 | + */ |
|
| 1668 | + public static function ge_p3_0() |
|
| 1669 | + { |
|
| 1670 | + return new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( |
|
| 1671 | + self::fe_0(), |
|
| 1672 | + self::fe_1(), |
|
| 1673 | + self::fe_1(), |
|
| 1674 | + self::fe_0() |
|
| 1675 | + ); |
|
| 1676 | + } |
|
| 1677 | + |
|
| 1678 | + /** |
|
| 1679 | + * @internal You should not use this directly from another application |
|
| 1680 | + * |
|
| 1681 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1682 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
|
| 1683 | + */ |
|
| 1684 | + public static function ge_p3_to_cached(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1685 | + { |
|
| 1686 | + static $d2 = null; |
|
| 1687 | + if ($d2 === null) { |
|
| 1688 | + $d2 = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1689 | + array( |
|
| 1690 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[0]), |
|
| 1691 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[1]), |
|
| 1692 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[2]), |
|
| 1693 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[3]), |
|
| 1694 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[4]), |
|
| 1695 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[5]), |
|
| 1696 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[6]), |
|
| 1697 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[7]), |
|
| 1698 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[8]), |
|
| 1699 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[9]) |
|
| 1700 | + ) |
|
| 1701 | + ); |
|
| 1702 | + } |
|
| 1703 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached(); |
|
| 1704 | + $r->YplusX = self::fe_add($p->Y, $p->X); |
|
| 1705 | + $r->YminusX = self::fe_sub($p->Y, $p->X); |
|
| 1706 | + $r->Z = self::fe_copy($p->Z); |
|
| 1707 | + $r->T2d = self::fe_mul($p->T, $d2); |
|
| 1708 | + return $r; |
|
| 1709 | + } |
|
| 1710 | + |
|
| 1711 | + /** |
|
| 1712 | + * @internal You should not use this directly from another application |
|
| 1713 | + * |
|
| 1714 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1715 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1716 | + */ |
|
| 1717 | + public static function ge_p3_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1718 | + { |
|
| 1719 | + return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
|
| 1720 | + $p->X, |
|
| 1721 | + $p->Y, |
|
| 1722 | + $p->Z |
|
| 1723 | + ); |
|
| 1724 | + } |
|
| 1725 | + |
|
| 1726 | + /** |
|
| 1727 | + * @internal You should not use this directly from another application |
|
| 1728 | + * |
|
| 1729 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h |
|
| 1730 | + * @return string |
|
| 1731 | + */ |
|
| 1732 | + public static function ge_p3_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h) |
|
| 1733 | + { |
|
| 1734 | + $recip = self::fe_invert($h->Z); |
|
| 1735 | + $x = self::fe_mul($h->X, $recip); |
|
| 1736 | + $y = self::fe_mul($h->Y, $recip); |
|
| 1737 | + $s = self::fe_tobytes($y); |
|
| 1738 | + $s[31] = self::intToChr( |
|
| 1739 | + self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1740 | + ); |
|
| 1741 | + return $s; |
|
| 1742 | + } |
|
| 1743 | + |
|
| 1744 | + /** |
|
| 1745 | + * @internal You should not use this directly from another application |
|
| 1746 | + * |
|
| 1747 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1748 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1749 | + */ |
|
| 1750 | + public static function ge_p3_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1751 | + { |
|
| 1752 | + $q = self::ge_p3_to_p2($p); |
|
| 1753 | + return self::ge_p2_dbl($q); |
|
| 1754 | + } |
|
| 1755 | + |
|
| 1756 | + /** |
|
| 1757 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 1758 | + */ |
|
| 1759 | + public static function ge_precomp_0() |
|
| 1760 | + { |
|
| 1761 | + return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1762 | + self::fe_1(), |
|
| 1763 | + self::fe_1(), |
|
| 1764 | + self::fe_0() |
|
| 1765 | + ); |
|
| 1766 | + } |
|
| 1767 | + |
|
| 1768 | + /** |
|
| 1769 | + * @internal You should not use this directly from another application |
|
| 1770 | + * |
|
| 1771 | + * @param int $b |
|
| 1772 | + * @param int $c |
|
| 1773 | + * @return int |
|
| 1774 | + */ |
|
| 1775 | + public static function equal($b, $c) |
|
| 1776 | + { |
|
| 1777 | + return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
|
| 1778 | + } |
|
| 1779 | + |
|
| 1780 | + /** |
|
| 1781 | + * @internal You should not use this directly from another application |
|
| 1782 | + * |
|
| 1783 | + * @param int $char |
|
| 1784 | + * @return int (1 = yes, 0 = no) |
|
| 1785 | + */ |
|
| 1786 | + public static function negative($char) |
|
| 1787 | + { |
|
| 1788 | + if (is_int($char)) { |
|
| 1789 | + return $char < 0 ? 1 : 0; |
|
| 1790 | + } |
|
| 1791 | + $x = self::chrToInt(self::substr($char, 0, 1)); |
|
| 1792 | + if (PHP_INT_SIZE === 8) { |
|
| 1793 | + return $x >> 63; |
|
| 1794 | + } |
|
| 1795 | + return $x >> 31; |
|
| 1796 | + } |
|
| 1797 | + |
|
| 1798 | + /** |
|
| 1799 | + * Conditional move |
|
| 1800 | + * |
|
| 1801 | + * @internal You should not use this directly from another application |
|
| 1802 | + * |
|
| 1803 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $t |
|
| 1804 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u |
|
| 1805 | + * @param int $b |
|
| 1806 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 1807 | + */ |
|
| 1808 | + public static function cmov( |
|
| 1809 | + ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $t, |
|
| 1810 | + ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u, |
|
| 1811 | + $b |
|
| 1812 | + ) { |
|
| 1813 | + if (!is_int($b)) { |
|
| 1814 | + throw new InvalidArgumentException('Expected an integer.'); |
|
| 1815 | + } |
|
| 1816 | + return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1817 | + self::fe_cmov($t->yplusx, $u->yplusx, $b), |
|
| 1818 | + self::fe_cmov($t->yminusx, $u->yminusx, $b), |
|
| 1819 | + self::fe_cmov($t->xy2d, $u->xy2d, $b) |
|
| 1820 | + ); |
|
| 1821 | + } |
|
| 1822 | + |
|
| 1823 | + /** |
|
| 1824 | + * @internal You should not use this directly from another application |
|
| 1825 | + * |
|
| 1826 | + * @param int $pos |
|
| 1827 | + * @param int $b |
|
| 1828 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
|
| 1829 | + */ |
|
| 1830 | + public static function ge_select($pos = 0, $b = 0) |
|
| 1831 | + { |
|
| 1832 | + static $base = null; |
|
| 1833 | + if ($base === null) { |
|
| 1834 | + $base = array(); |
|
| 1835 | + foreach (self::$base as $i => $bas) { |
|
| 1836 | + for ($j = 0; $j < 8; ++$j) { |
|
| 1837 | + $base[$i][$j] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1838 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1839 | + array( |
|
| 1840 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][0]), |
|
| 1841 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][1]), |
|
| 1842 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][2]), |
|
| 1843 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][3]), |
|
| 1844 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][4]), |
|
| 1845 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][5]), |
|
| 1846 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][6]), |
|
| 1847 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][7]), |
|
| 1848 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][8]), |
|
| 1849 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][9]) |
|
| 1850 | + ) |
|
| 1851 | + ), |
|
| 1852 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1853 | + array( |
|
| 1854 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][0]), |
|
| 1855 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][1]), |
|
| 1856 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][2]), |
|
| 1857 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][3]), |
|
| 1858 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][4]), |
|
| 1859 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][5]), |
|
| 1860 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][6]), |
|
| 1861 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][7]), |
|
| 1862 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][8]), |
|
| 1863 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][9]) |
|
| 1864 | + ) |
|
| 1865 | + ), |
|
| 1866 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1867 | + array( |
|
| 1868 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][0]), |
|
| 1869 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][1]), |
|
| 1870 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][2]), |
|
| 1871 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][3]), |
|
| 1872 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][4]), |
|
| 1873 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][5]), |
|
| 1874 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][6]), |
|
| 1875 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][7]), |
|
| 1876 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][8]), |
|
| 1877 | + ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][9]) |
|
| 1878 | + ) |
|
| 1879 | + ) |
|
| 1880 | + ); |
|
| 1881 | + } |
|
| 1882 | + } |
|
| 1883 | + } |
|
| 1884 | + if (!is_int($pos)) { |
|
| 1885 | + throw new InvalidArgumentException('Position must be an integer'); |
|
| 1886 | + } |
|
| 1887 | + if ($pos < 0 || $pos > 31) { |
|
| 1888 | + throw new RangeException('Position is out of range [0, 31]'); |
|
| 1889 | + } |
|
| 1890 | + |
|
| 1891 | + $bnegative = self::negative($b); |
|
| 1892 | + $babs = $b - (((-$bnegative) & $b) << 1); |
|
| 1893 | + |
|
| 1894 | + $t = self::ge_precomp_0(); |
|
| 1895 | + for ($i = 0; $i < 8; ++$i) { |
|
| 1896 | + $t = self::cmov( |
|
| 1897 | + $t, |
|
| 1898 | + $base[$pos][$i], |
|
| 1899 | + self::equal($babs, $i + 1) |
|
| 1900 | + ); |
|
| 1901 | + } |
|
| 1902 | + $minusT = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1903 | + self::fe_copy($t->yminusx), |
|
| 1904 | + self::fe_copy($t->yplusx), |
|
| 1905 | + self::fe_neg($t->xy2d) |
|
| 1906 | + ); |
|
| 1907 | + return self::cmov($t, $minusT, -$bnegative); |
|
| 1908 | + } |
|
| 1909 | + |
|
| 1910 | + /** |
|
| 1911 | + * Subtract two group elements. |
|
| 1912 | + * |
|
| 1913 | + * r = p - q |
|
| 1914 | + * |
|
| 1915 | + * @internal You should not use this directly from another application |
|
| 1916 | + * |
|
| 1917 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
|
| 1918 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1919 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
|
| 1920 | + */ |
|
| 1921 | + public static function ge_sub( |
|
| 1922 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p, |
|
| 1923 | + ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
|
| 1924 | + ) { |
|
| 1925 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 1926 | + |
|
| 1927 | + $r->X = self::fe_add($p->Y, $p->X); |
|
| 1928 | + $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1929 | + $r->Z = self::fe_mul($r->X, $q->YminusX); |
|
| 1930 | + $r->Y = self::fe_mul($r->Y, $q->YplusX); |
|
| 1931 | + $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1932 | + $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1933 | + $t0 = self::fe_add($r->X, $r->X); |
|
| 1934 | + $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1935 | + $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1936 | + $r->Z = self::fe_sub($t0, $r->T); |
|
| 1937 | + $r->T = self::fe_add($t0, $r->T); |
|
| 1938 | + |
|
| 1939 | + return $r; |
|
| 1940 | + } |
|
| 1941 | + |
|
| 1942 | + /** |
|
| 1943 | + * Convert a group element to a byte string. |
|
| 1944 | + * |
|
| 1945 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h |
|
| 1946 | + * @return string |
|
| 1947 | + */ |
|
| 1948 | + public static function ge_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h) |
|
| 1949 | + { |
|
| 1950 | + $recip = self::fe_invert($h->Z); |
|
| 1951 | + $x = self::fe_mul($h->X, $recip); |
|
| 1952 | + $y = self::fe_mul($h->Y, $recip); |
|
| 1953 | + $s = self::fe_tobytes($y); |
|
| 1954 | + $s[31] = self::intToChr( |
|
| 1955 | + self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1956 | + ); |
|
| 1957 | + return $s; |
|
| 1958 | + } |
|
| 1959 | + |
|
| 1960 | + /** |
|
| 1961 | + * @internal You should not use this directly from another application |
|
| 1962 | + * |
|
| 1963 | + * @param string $a |
|
| 1964 | + * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A |
|
| 1965 | + * @param string $b |
|
| 1966 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
|
| 1967 | + */ |
|
| 1968 | + public static function ge_double_scalarmult_vartime( |
|
| 1969 | + $a, |
|
| 1970 | + ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $A, |
|
| 1971 | + $b |
|
| 1972 | + ) { |
|
| 1973 | + /** |
|
| 1974 | + * @var ParagonIE_Sodium_Core32_Curve25519_Ge_Cached[] |
|
| 1975 | + */ |
|
| 1976 | + $Ai = array(); |
|
| 1977 | + |
|
| 1978 | + /** |
|
| 1979 | + * @var ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp[] |
|
| 1980 | + */ |
|
| 1981 | + static $Bi = array(); |
|
| 1982 | + if (!$Bi) { |
|
| 1983 | + for ($i = 0; $i < 8; ++$i) { |
|
| 1984 | + |
|
| 1985 | + $Bi[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
|
| 1986 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 1987 | + array( |
|
| 1988 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][0]), |
|
| 1989 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][1]), |
|
| 1990 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][2]), |
|
| 1991 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][3]), |
|
| 1992 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][4]), |
|
| 1993 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][5]), |
|
| 1994 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][6]), |
|
| 1995 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][7]), |
|
| 1996 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][8]), |
|
| 1997 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][9]) |
|
| 1998 | + ) |
|
| 1999 | + ), |
|
| 2000 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 2001 | + array( |
|
| 2002 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][0]), |
|
| 2003 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][1]), |
|
| 2004 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][2]), |
|
| 2005 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][3]), |
|
| 2006 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][4]), |
|
| 2007 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][5]), |
|
| 2008 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][6]), |
|
| 2009 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][7]), |
|
| 2010 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][8]), |
|
| 2011 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][9]) |
|
| 2012 | + ) |
|
| 2013 | + ), |
|
| 2014 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
|
| 2015 | + array( |
|
| 2016 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][0]), |
|
| 2017 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][1]), |
|
| 2018 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][2]), |
|
| 2019 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][3]), |
|
| 2020 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][4]), |
|
| 2021 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][5]), |
|
| 2022 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][6]), |
|
| 2023 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][7]), |
|
| 2024 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][8]), |
|
| 2025 | + ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][9]) |
|
| 2026 | + ) |
|
| 2027 | + ) |
|
| 2028 | + ); |
|
| 2029 | + } |
|
| 2030 | + } |
|
| 2031 | + for ($i = 0; $i < 8; ++$i) { |
|
| 2032 | + $Ai[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached( |
|
| 2033 | + self::fe_0(), |
|
| 2034 | + self::fe_0(), |
|
| 2035 | + self::fe_0(), |
|
| 2036 | + self::fe_0() |
|
| 2037 | + ); |
|
| 2038 | + } |
|
| 2039 | + |
|
| 2040 | + # slide(aslide,a); |
|
| 2041 | + # slide(bslide,b); |
|
| 2042 | + $aslide = self::slide($a); |
|
| 2043 | + $bslide = self::slide($b); |
|
| 2044 | + |
|
| 2045 | + # ge_p3_to_cached(&Ai[0],A); |
|
| 2046 | + # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); |
|
| 2047 | + $Ai[0] = self::ge_p3_to_cached($A); |
|
| 2048 | + $t = self::ge_p3_dbl($A); |
|
| 2049 | + $A2 = self::ge_p1p1_to_p3($t); |
|
| 2050 | + |
|
| 2051 | + # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); |
|
| 2052 | + # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); |
|
| 2053 | + # ge_add(&t,&A2,&Ai[2]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[3],&u); |
|
| 2054 | + # ge_add(&t,&A2,&Ai[3]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[4],&u); |
|
| 2055 | + # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); |
|
| 2056 | + # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); |
|
| 2057 | + # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); |
|
| 2058 | + for ($i = 0; $i < 7; ++$i) { |
|
| 2059 | + $t = self::ge_add($A2, $Ai[$i]); |
|
| 2060 | + $u = self::ge_p1p1_to_p3($t); |
|
| 2061 | + $Ai[$i + 1] = self::ge_p3_to_cached($u); |
|
| 2062 | + } |
|
| 2063 | + |
|
| 2064 | + # ge_p2_0(r); |
|
| 2065 | + $r = self::ge_p2_0(); |
|
| 2066 | + |
|
| 2067 | + # for (i = 255;i >= 0;--i) { |
|
| 2068 | + # if (aslide[i] || bslide[i]) break; |
|
| 2069 | + # } |
|
| 2070 | + $i = 255; |
|
| 2071 | + for (; $i >= 0; --$i) { |
|
| 2072 | + if ($aslide[$i] || $bslide[$i]) { |
|
| 2073 | + break; |
|
| 2074 | + } |
|
| 2075 | + } |
|
| 2076 | + |
|
| 2077 | + # for (;i >= 0;--i) { |
|
| 2078 | + for (; $i >= 0; --$i) { |
|
| 2079 | + # ge_p2_dbl(&t,r); |
|
| 2080 | + $t = self::ge_p2_dbl($r); |
|
| 2081 | + |
|
| 2082 | + # if (aslide[i] > 0) { |
|
| 2083 | + if ($aslide[$i] > 0) { |
|
| 2084 | + # ge_p1p1_to_p3(&u,&t); |
|
| 2085 | + # ge_add(&t,&u,&Ai[aslide[i]/2]); |
|
| 2086 | + $u = self::ge_p1p1_to_p3($t); |
|
| 2087 | + $t = self::ge_add( |
|
| 2088 | + $u, |
|
| 2089 | + $Ai[(int) floor($aslide[$i] / 2)] |
|
| 2090 | + ); |
|
| 2091 | + # } else if (aslide[i] < 0) { |
|
| 2092 | + } elseif ($aslide[$i] < 0) { |
|
| 2093 | + # ge_p1p1_to_p3(&u,&t); |
|
| 2094 | + # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); |
|
| 2095 | + $u = self::ge_p1p1_to_p3($t); |
|
| 2096 | + $t = self::ge_sub( |
|
| 2097 | + $u, |
|
| 2098 | + $Ai[(int) floor(-$aslide[$i] / 2)] |
|
| 2099 | + ); |
|
| 2100 | + } |
|
| 2101 | + |
|
| 2102 | + # if (bslide[i] > 0) { |
|
| 2103 | + if ($bslide[$i] > 0) { |
|
| 2104 | + # ge_p1p1_to_p3(&u,&t); |
|
| 2105 | + # ge_madd(&t,&u,&Bi[bslide[i]/2]); |
|
| 2106 | + $u = self::ge_p1p1_to_p3($t); |
|
| 2107 | + $t = self::ge_madd( |
|
| 2108 | + $t, |
|
| 2109 | + $u, |
|
| 2110 | + $Bi[(int) floor($bslide[$i] / 2)] |
|
| 2111 | + ); |
|
| 2112 | + # } else if (bslide[i] < 0) { |
|
| 2113 | + } elseif ($bslide[$i] < 0) { |
|
| 2114 | + # ge_p1p1_to_p3(&u,&t); |
|
| 2115 | + # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); |
|
| 2116 | + $u = self::ge_p1p1_to_p3($t); |
|
| 2117 | + $t = self::ge_msub( |
|
| 2118 | + $t, |
|
| 2119 | + $u, |
|
| 2120 | + $Bi[(int) floor(-$bslide[$i] / 2)] |
|
| 2121 | + ); |
|
| 2122 | + } |
|
| 2123 | + # ge_p1p1_to_p2(r,&t); |
|
| 2124 | + $r = self::ge_p1p1_to_p2($t); |
|
| 2125 | + } |
|
| 2126 | + return $r; |
|
| 2127 | + } |
|
| 2128 | + |
|
| 2129 | + /** |
|
| 2130 | + * @internal You should not use this directly from another application |
|
| 2131 | + * |
|
| 2132 | + * @param string $a |
|
| 2133 | + * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
|
| 2134 | + */ |
|
| 2135 | + public static function ge_scalarmult_base($a) |
|
| 2136 | + { |
|
| 2137 | + $e = array(); |
|
| 2138 | + $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
|
| 2139 | + |
|
| 2140 | + for ($i = 0; $i < 32; ++$i) { |
|
| 2141 | + $e[$i << 1] = self::chrToInt($a[$i]) & 15; |
|
| 2142 | + $e[($i << 1) + 1] = (self::chrToInt($a[$i]) >> 4) & 15; |
|
| 2143 | + } |
|
| 2144 | + |
|
| 2145 | + $carry = 0; |
|
| 2146 | + for ($i = 0; $i < 63; ++$i) { |
|
| 2147 | + $e[$i] += $carry; |
|
| 2148 | + $carry = $e[$i] + 8; |
|
| 2149 | + $carry >>= 4; |
|
| 2150 | + $e[$i] -= $carry << 4; |
|
| 2151 | + } |
|
| 2152 | + $e[63] += $carry; |
|
| 2153 | + |
|
| 2154 | + $h = self::ge_p3_0(); |
|
| 2155 | + |
|
| 2156 | + for ($i = 1; $i < 64; $i += 2) { |
|
| 2157 | + $t = self::ge_select((int) floor($i / 2), $e[$i]); |
|
| 2158 | + $r = self::ge_madd($r, $h, $t); |
|
| 2159 | + $h = self::ge_p1p1_to_p3($r); |
|
| 2160 | + } |
|
| 2161 | + |
|
| 2162 | + $r = self::ge_p3_dbl($h); |
|
| 2163 | + |
|
| 2164 | + $s = self::ge_p1p1_to_p2($r); |
|
| 2165 | + $r = self::ge_p2_dbl($s); |
|
| 2166 | + $s = self::ge_p1p1_to_p2($r); |
|
| 2167 | + $r = self::ge_p2_dbl($s); |
|
| 2168 | + $s = self::ge_p1p1_to_p2($r); |
|
| 2169 | + $r = self::ge_p2_dbl($s); |
|
| 2170 | + |
|
| 2171 | + $h = self::ge_p1p1_to_p3($r); |
|
| 2172 | + |
|
| 2173 | + for ($i = 0; $i < 64; $i += 2) { |
|
| 2174 | + $t = self::ge_select($i >> 1, $e[$i]); |
|
| 2175 | + $r = self::ge_madd($r, $h, $t); |
|
| 2176 | + $h = self::ge_p1p1_to_p3($r); |
|
| 2177 | + } |
|
| 2178 | + return $h; |
|
| 2179 | + } |
|
| 2180 | + |
|
| 2181 | + /** |
|
| 2182 | + * Calculates (ab + c) mod l |
|
| 2183 | + * where l = 2^252 + 27742317777372353535851937790883648493 |
|
| 2184 | + * |
|
| 2185 | + * @internal You should not use this directly from another application |
|
| 2186 | + * |
|
| 2187 | + * @param string $a |
|
| 2188 | + * @param string $b |
|
| 2189 | + * @param string $c |
|
| 2190 | + * @return string |
|
| 2191 | + */ |
|
| 2192 | + public static function sc_muladd($a, $b, $c) |
|
| 2193 | + { |
|
| 2194 | + $a0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 0, 3)))->toInt64(); |
|
| 2195 | + $a1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5))->toInt64(); |
|
| 2196 | + $a2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2))->toInt64(); |
|
| 2197 | + $a3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7))->toInt64(); |
|
| 2198 | + $a4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4))->toInt64(); |
|
| 2199 | + $a5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1))->toInt64(); |
|
| 2200 | + $a6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6))->toInt64(); |
|
| 2201 | + $a7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3))->toInt64(); |
|
| 2202 | + $a8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 21, 3)))->toInt64(); |
|
| 2203 | + $a9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5))->toInt64(); |
|
| 2204 | + $a10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2))->toInt64(); |
|
| 2205 | + $a11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($a, 28, 4)) >> 7))->toInt64(); |
|
| 2206 | + $b0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($b, 0, 3)))->toInt64(); |
|
| 2207 | + $b1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5))->toInt64(); |
|
| 2208 | + $b2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2))->toInt64(); |
|
| 2209 | + $b3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7))->toInt64(); |
|
| 2210 | + $b4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4))->toInt64(); |
|
| 2211 | + $b5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1))->toInt64(); |
|
| 2212 | + $b6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6))->toInt64(); |
|
| 2213 | + $b7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3))->toInt64(); |
|
| 2214 | + $b8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($b, 21, 3)))->toInt64(); |
|
| 2215 | + $b9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5))->toInt64(); |
|
| 2216 | + $b10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2))->toInt64(); |
|
| 2217 | + $b11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($b, 28, 4)) >> 7))->toInt64(); |
|
| 2218 | + $c0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($c, 0, 3)))->toInt64(); |
|
| 2219 | + $c1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5))->toInt64(); |
|
| 2220 | + $c2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2))->toInt64(); |
|
| 2221 | + $c3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7))->toInt64(); |
|
| 2222 | + $c4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4))->toInt64(); |
|
| 2223 | + $c5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1))->toInt64(); |
|
| 2224 | + $c6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6))->toInt64(); |
|
| 2225 | + $c7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3))->toInt64(); |
|
| 2226 | + $c8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($c, 21, 3)))->toInt64(); |
|
| 2227 | + $c9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5))->toInt64(); |
|
| 2228 | + $c10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2))->toInt64(); |
|
| 2229 | + $c11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($c, 28, 4)) >> 7))->toInt64(); |
|
| 2230 | + |
|
| 2231 | + /* Can't really avoid the pyramid here: */ |
|
| 2232 | + /** |
|
| 2233 | + * @var ParagonIE_Sodium_Core32_Int64 $s0 |
|
| 2234 | + * @var ParagonIE_Sodium_Core32_Int64 $s1 |
|
| 2235 | + * @var ParagonIE_Sodium_Core32_Int64 $s2 |
|
| 2236 | + * @var ParagonIE_Sodium_Core32_Int64 $s3 |
|
| 2237 | + * @var ParagonIE_Sodium_Core32_Int64 $s4 |
|
| 2238 | + * @var ParagonIE_Sodium_Core32_Int64 $s5 |
|
| 2239 | + * @var ParagonIE_Sodium_Core32_Int64 $s6 |
|
| 2240 | + * @var ParagonIE_Sodium_Core32_Int64 $s7 |
|
| 2241 | + * @var ParagonIE_Sodium_Core32_Int64 $s8 |
|
| 2242 | + * @var ParagonIE_Sodium_Core32_Int64 $s9 |
|
| 2243 | + * @var ParagonIE_Sodium_Core32_Int64 $s10 |
|
| 2244 | + * @var ParagonIE_Sodium_Core32_Int64 $s11 |
|
| 2245 | + * @var ParagonIE_Sodium_Core32_Int64 $s12 |
|
| 2246 | + * @var ParagonIE_Sodium_Core32_Int64 $s13 |
|
| 2247 | + * @var ParagonIE_Sodium_Core32_Int64 $s14 |
|
| 2248 | + * @var ParagonIE_Sodium_Core32_Int64 $s15 |
|
| 2249 | + * @var ParagonIE_Sodium_Core32_Int64 $s16 |
|
| 2250 | + * @var ParagonIE_Sodium_Core32_Int64 $s17 |
|
| 2251 | + * @var ParagonIE_Sodium_Core32_Int64 $s18 |
|
| 2252 | + * @var ParagonIE_Sodium_Core32_Int64 $s19 |
|
| 2253 | + * @var ParagonIE_Sodium_Core32_Int64 $s20 |
|
| 2254 | + * @var ParagonIE_Sodium_Core32_Int64 $s21 |
|
| 2255 | + * @var ParagonIE_Sodium_Core32_Int64 $s22 |
|
| 2256 | + * @var ParagonIE_Sodium_Core32_Int64 $s23 |
|
| 2257 | + */ |
|
| 2258 | + |
|
| 2259 | + $s0 = $c0->addInt64($a0->mulInt64($b0)); |
|
| 2260 | + $s1 = $c1->addInt64($a0->mulInt64($b1))->addInt64($a1->mulInt64($b0)); |
|
| 2261 | + $s2 = $c2->addInt64($a0->mulInt64($b2))->addInt64($a1->mulInt64($b1))->addInt64($a2->mulInt64($b0)); |
|
| 2262 | + $s3 = $c3->addInt64($a0->mulInt64($b3))->addInt64($a1->mulInt64($b2))->addInt64($a2->mulInt64($b1))->addInt64($a3->mulInt64($b0)); |
|
| 2263 | + $s4 = $c4->addInt64($a0->mulInt64($b4))->addInt64($a1->mulInt64($b3))->addInt64($a2->mulInt64($b2))->addInt64($a3->mulInt64($b1))->addInt64($a4->mulInt64($b0)); |
|
| 2264 | + $s5 = $c5->addInt64($a0->mulInt64($b5))->addInt64($a1->mulInt64($b4))->addInt64($a2->mulInt64($b3))->addInt64($a3->mulInt64($b2))->addInt64($a4->mulInt64($b1))->addInt64($a5->mulInt64($b0)); |
|
| 2265 | + $s6 = $c6->addInt64($a0->mulInt64($b6))->addInt64($a1->mulInt64($b5))->addInt64($a2->mulInt64($b4))->addInt64($a3->mulInt64($b3))->addInt64($a4->mulInt64($b2))->addInt64($a5->mulInt64($b1)) |
|
| 2266 | + ->addInt64($a6->mulInt64($b0)); |
|
| 2267 | + $s7 = $c7->addInt64($a0->mulInt64($b7))->addInt64($a1->mulInt64($b6))->addInt64($a2->mulInt64($b5))->addInt64($a3->mulInt64($b4))->addInt64($a4->mulInt64($b3))->addInt64($a5->mulInt64($b2)) |
|
| 2268 | + ->addInt64($a6->mulInt64($b1))->addInt64($a7->mulInt64($b0)); |
|
| 2269 | + $s8 = $c8->addInt64($a0->mulInt64($b8))->addInt64($a1->mulInt64($b7))->addInt64($a2->mulInt64($b6))->addInt64($a3->mulInt64($b5))->addInt64($a4->mulInt64($b4))->addInt64($a5->mulInt64($b3)) |
|
| 2270 | + ->addInt64($a6->mulInt64($b2))->addInt64($a7->mulInt64($b1))->addInt64($a8->mulInt64($b0)); |
|
| 2271 | + $s9 = $c9->addInt64($a0->mulInt64($b9))->addInt64($a1->mulInt64($b8))->addInt64($a2->mulInt64($b7))->addInt64($a3->mulInt64($b6))->addInt64($a4->mulInt64($b5))->addInt64($a5->mulInt64($b4)) |
|
| 2272 | + ->addInt64($a6->mulInt64($b3))->addInt64($a7->mulInt64($b2))->addInt64($a8->mulInt64($b1))->addInt64($a9->mulInt64($b0)); |
|
| 2273 | + $s10 = $c10->addInt64($a0->mulInt64($b10))->addInt64($a1->mulInt64($b9))->addInt64($a2->mulInt64($b8))->addInt64($a3->mulInt64($b7))->addInt64($a4->mulInt64($b6))->addInt64($a5->mulInt64($b5)) |
|
| 2274 | + ->addInt64($a6->mulInt64($b4))->addInt64($a7->mulInt64($b3))->addInt64($a8->mulInt64($b2))->addInt64($a9->mulInt64($b1))->addInt64($a10->mulInt64($b0)); |
|
| 2275 | + $s11 = $c11->addInt64($a0->mulInt64($b11))->addInt64($a1->mulInt64($b10))->addInt64($a2->mulInt64($b9))->addInt64($a3->mulInt64($b8))->addInt64($a4->mulInt64($b7))->addInt64($a5->mulInt64($b6)) |
|
| 2276 | + ->addInt64($a6->mulInt64($b5))->addInt64($a7->mulInt64($b4))->addInt64($a8->mulInt64($b3))->addInt64($a9->mulInt64($b2))->addInt64($a10->mulInt64($b1))->addInt64($a11->mulInt64($b0)); |
|
| 2277 | + $s12 = $a1->mulInt64($b11)->addInt64($a2->mulInt64($b10))->addInt64($a3->mulInt64($b9))->addInt64($a4->mulInt64($b8))->addInt64($a5->mulInt64($b7))->addInt64($a6->mulInt64($b6)) |
|
| 2278 | + ->addInt64($a7->mulInt64($b5))->addInt64($a8->mulInt64($b4))->addInt64($a9->mulInt64($b3))->addInt64($a10->mulInt64($b2))->addInt64($a11->mulInt64($b1)); |
|
| 2279 | + $s13 = $a2->mulInt64($b11)->addInt64($a3->mulInt64($b10))->addInt64($a4->mulInt64($b9))->addInt64($a5->mulInt64($b8))->addInt64($a6->mulInt64($b7))->addInt64($a7->mulInt64($b6)) |
|
| 2280 | + ->addInt64($a8->mulInt64($b5))->addInt64($a9->mulInt64($b4))->addInt64($a10->mulInt64($b3))->addInt64($a11->mulInt64($b2)); |
|
| 2281 | + $s14 = $a3->mulInt64($b11)->addInt64($a4->mulInt64($b10))->addInt64($a5->mulInt64($b9))->addInt64($a6->mulInt64($b8))->addInt64($a7->mulInt64($b7))->addInt64($a8->mulInt64($b6)) |
|
| 2282 | + ->addInt64($a9->mulInt64($b5))->addInt64($a10->mulInt64($b4))->addInt64($a11->mulInt64($b3)); |
|
| 2283 | + $s15 = $a4->mulInt64($b11)->addInt64($a5->mulInt64($b10))->addInt64($a6->mulInt64($b9))->addInt64($a7->mulInt64($b8))->addInt64($a8->mulInt64($b7))->addInt64($a9->mulInt64($b6)) |
|
| 2284 | + ->addInt64($a10->mulInt64($b5))->addInt64($a11->mulInt64($b4)); |
|
| 2285 | + $s16 = $a5->mulInt64($b11)->addInt64($a6->mulInt64($b10))->addInt64($a7->mulInt64($b9))->addInt64($a8->mulInt64($b8))->addInt64($a9->mulInt64($b7))->addInt64($a10->mulInt64($b6)) |
|
| 2286 | + ->addInt64($a11->mulInt64($b5)); |
|
| 2287 | + $s17 = $a6->mulInt64($b11)->addInt64($a7->mulInt64($b10))->addInt64($a8->mulInt64($b9))->addInt64($a9->mulInt64($b8))->addInt64($a10->mulInt64($b7))->addInt64($a11->mulInt64($b6)); |
|
| 2288 | + $s18 = $a7->mulInt64($b11)->addInt64($a8->mulInt64($b10))->addInt64($a9->mulInt64($b9))->addInt64($a10->mulInt64($b8))->addInt64($a11->mulInt64($b7)); |
|
| 2289 | + $s19 = $a8->mulInt64($b11)->addInt64($a9->mulInt64($b10))->addInt64($a10->mulInt64($b9))->addInt64($a11->mulInt64($b8)); |
|
| 2290 | + $s20 = $a9->mulInt64($b11)->addInt64($a10->mulInt64($b10))->addInt64($a11->mulInt64($b9)); |
|
| 2291 | + $s21 = $a10->mulInt64($b11)->addInt64($a11->mulInt64($b10)); |
|
| 2292 | + $s22 = $a11->mulInt64($b11); |
|
| 2293 | + $s23 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2294 | + |
|
| 2295 | + $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2296 | + $s1 = $s1->addInt64($carry0); |
|
| 2297 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2298 | + $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2299 | + $s3 = $s3->addInt64($carry2); |
|
| 2300 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2301 | + $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2302 | + $s5 = $s5->addInt64($carry4); |
|
| 2303 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2304 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2305 | + $s7 = $s7->addInt64($carry6); |
|
| 2306 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2307 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2308 | + $s9 = $s9->addInt64($carry8); |
|
| 2309 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2310 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2311 | + $s11 = $s11->addInt64($carry10); |
|
| 2312 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2313 | + $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2314 | + $s13 = $s13->addInt64($carry12); |
|
| 2315 | + $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2316 | + $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2317 | + $s15 = $s15->addInt64($carry14); |
|
| 2318 | + $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2319 | + $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2320 | + $s17 = $s17->addInt64($carry16); |
|
| 2321 | + $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2322 | + $carry18 = $s18->addInt(1 << 20)->shiftRight(21); |
|
| 2323 | + $s19 = $s19->addInt64($carry18); |
|
| 2324 | + $s18 = $s18->subInt64($carry18->shiftLeft(21)); |
|
| 2325 | + $carry20 = $s20->addInt(1 << 20)->shiftRight(21); |
|
| 2326 | + $s21 = $s21->addInt64($carry20); |
|
| 2327 | + $s20 = $s20->subInt64($carry20->shiftLeft(21)); |
|
| 2328 | + $carry22 = $s22->addInt(1 << 20)->shiftRight(21); |
|
| 2329 | + $s23 = $s23->addInt64($carry22); |
|
| 2330 | + $s22 = $s22->subInt64($carry22->shiftLeft(21)); |
|
| 2331 | + |
|
| 2332 | + $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2333 | + $s2 = $s2->addInt64($carry1); |
|
| 2334 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2335 | + $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2336 | + $s4 = $s4->addInt64($carry3); |
|
| 2337 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2338 | + $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2339 | + $s6 = $s6->addInt64($carry5); |
|
| 2340 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2341 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2342 | + $s8 = $s8->addInt64($carry7); |
|
| 2343 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2344 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2345 | + $s10 = $s10->addInt64($carry9); |
|
| 2346 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2347 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2348 | + $s12 = $s12->addInt64($carry11); |
|
| 2349 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2350 | + $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2351 | + $s14 = $s14->addInt64($carry13); |
|
| 2352 | + $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2353 | + $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2354 | + $s16 = $s16->addInt64($carry15); |
|
| 2355 | + $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2356 | + $carry17 = $s17->addInt(1 << 20)->shiftRight(21); |
|
| 2357 | + $s18 = $s18->addInt64($carry17); |
|
| 2358 | + $s17 = $s17->subInt64($carry17->shiftLeft(21)); |
|
| 2359 | + $carry19 = $s19->addInt(1 << 20)->shiftRight(21); |
|
| 2360 | + $s20 = $s20->addInt64($carry19); |
|
| 2361 | + $s19 = $s19->subInt64($carry19->shiftLeft(21)); |
|
| 2362 | + $carry21 = $s21->addInt(1 << 20)->shiftRight(21); |
|
| 2363 | + $s22 = $s22->addInt64($carry21); |
|
| 2364 | + $s21 = $s21->subInt64($carry21->shiftLeft(21)); |
|
| 2365 | + |
|
| 2366 | + $s11 = $s11->addInt64($s23->mulInt(666643)); |
|
| 2367 | + $s12 = $s12->addInt64($s23->mulInt(470296)); |
|
| 2368 | + $s13 = $s13->addInt64($s23->mulInt(654183)); |
|
| 2369 | + $s14 = $s14->subInt64($s23->mulInt(997805)); |
|
| 2370 | + $s15 = $s15->addInt64($s23->mulInt(136657)); |
|
| 2371 | + $s16 = $s16->subInt64($s23->mulInt(683901)); |
|
| 2372 | + |
|
| 2373 | + $s10 = $s10->addInt64($s22->mulInt(666643)); |
|
| 2374 | + $s11 = $s11->addInt64($s22->mulInt(470296)); |
|
| 2375 | + $s12 = $s12->addInt64($s22->mulInt(654183)); |
|
| 2376 | + $s13 = $s13->subInt64($s22->mulInt(997805)); |
|
| 2377 | + $s14 = $s14->addInt64($s22->mulInt(136657)); |
|
| 2378 | + $s15 = $s15->subInt64($s22->mulInt(683901)); |
|
| 2379 | + |
|
| 2380 | + $s9 = $s9->addInt64($s21->mulInt(666643)); |
|
| 2381 | + $s10 = $s10->addInt64($s21->mulInt(470296)); |
|
| 2382 | + $s11 = $s11->addInt64($s21->mulInt(654183)); |
|
| 2383 | + $s12 = $s12->subInt64($s21->mulInt(997805)); |
|
| 2384 | + $s13 = $s13->addInt64($s21->mulInt(136657)); |
|
| 2385 | + $s14 = $s14->subInt64($s21->mulInt(683901)); |
|
| 2386 | + |
|
| 2387 | + $s8 = $s8->addInt64($s20->mulInt(666643)); |
|
| 2388 | + $s9 = $s9->addInt64($s20->mulInt(470296)); |
|
| 2389 | + $s10 = $s10->addInt64($s20->mulInt(654183)); |
|
| 2390 | + $s11 = $s11->subInt64($s20->mulInt(997805)); |
|
| 2391 | + $s12 = $s12->addInt64($s20->mulInt(136657)); |
|
| 2392 | + $s13 = $s13->subInt64($s20->mulInt(683901)); |
|
| 2393 | + |
|
| 2394 | + $s7 = $s7->addInt64($s19->mulInt(666643)); |
|
| 2395 | + $s8 = $s8->addInt64($s19->mulInt(470296)); |
|
| 2396 | + $s9 = $s9->addInt64($s19->mulInt(654183)); |
|
| 2397 | + $s10 = $s10->subInt64($s19->mulInt(997805)); |
|
| 2398 | + $s11 = $s11->addInt64($s19->mulInt(136657)); |
|
| 2399 | + $s12 = $s12->subInt64($s19->mulInt(683901)); |
|
| 2400 | + |
|
| 2401 | + $s6 = $s6->addInt64($s18->mulInt(666643)); |
|
| 2402 | + $s7 = $s7->addInt64($s18->mulInt(470296)); |
|
| 2403 | + $s8 = $s8->addInt64($s18->mulInt(654183)); |
|
| 2404 | + $s9 = $s9->subInt64($s18->mulInt(997805)); |
|
| 2405 | + $s10 = $s10->addInt64($s18->mulInt(136657)); |
|
| 2406 | + $s11 = $s11->subInt64($s18->mulInt(683901)); |
|
| 2407 | + |
|
| 2408 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2409 | + $s7 = $s7->addInt64($carry6); |
|
| 2410 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2411 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2412 | + $s9 = $s9->addInt64($carry8); |
|
| 2413 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2414 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2415 | + $s11 = $s11->addInt64($carry10); |
|
| 2416 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2417 | + $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2418 | + $s13 = $s13->addInt64($carry12); |
|
| 2419 | + $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2420 | + $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2421 | + $s15 = $s15->addInt64($carry14); |
|
| 2422 | + $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2423 | + $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2424 | + $s17 = $s17->addInt64($carry16); |
|
| 2425 | + $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2426 | + |
|
| 2427 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2428 | + $s8 = $s8->addInt64($carry7); |
|
| 2429 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2430 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2431 | + $s10 = $s10->addInt64($carry9); |
|
| 2432 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2433 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2434 | + $s12 = $s12->addInt64($carry11); |
|
| 2435 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2436 | + $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2437 | + $s14 = $s14->addInt64($carry13); |
|
| 2438 | + $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2439 | + $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2440 | + $s16 = $s16->addInt64($carry15); |
|
| 2441 | + $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2442 | + |
|
| 2443 | + $s5 = $s5->addInt64($s17->mulInt(666643)); |
|
| 2444 | + $s6 = $s6->addInt64($s17->mulInt(470296)); |
|
| 2445 | + $s7 = $s7->addInt64($s17->mulInt(654183)); |
|
| 2446 | + $s8 = $s8->subInt64($s17->mulInt(997805)); |
|
| 2447 | + $s9 = $s9->addInt64($s17->mulInt(136657)); |
|
| 2448 | + $s10 = $s10->subInt64($s17->mulInt(683901)); |
|
| 2449 | + |
|
| 2450 | + $s4 = $s4->addInt64($s16->mulInt(666643)); |
|
| 2451 | + $s5 = $s5->addInt64($s16->mulInt(470296)); |
|
| 2452 | + $s6 = $s6->addInt64($s16->mulInt(654183)); |
|
| 2453 | + $s7 = $s7->subInt64($s16->mulInt(997805)); |
|
| 2454 | + $s8 = $s8->addInt64($s16->mulInt(136657)); |
|
| 2455 | + $s9 = $s9->subInt64($s16->mulInt(683901)); |
|
| 2456 | + |
|
| 2457 | + $s3 = $s3->addInt64($s15->mulInt(666643)); |
|
| 2458 | + $s4 = $s4->addInt64($s15->mulInt(470296)); |
|
| 2459 | + $s5 = $s5->addInt64($s15->mulInt(654183)); |
|
| 2460 | + $s6 = $s6->subInt64($s15->mulInt(997805)); |
|
| 2461 | + $s7 = $s7->addInt64($s15->mulInt(136657)); |
|
| 2462 | + $s8 = $s8->subInt64($s15->mulInt(683901)); |
|
| 2463 | + |
|
| 2464 | + $s2 = $s2->addInt64($s14->mulInt(666643)); |
|
| 2465 | + $s3 = $s3->addInt64($s14->mulInt(470296)); |
|
| 2466 | + $s4 = $s4->addInt64($s14->mulInt(654183)); |
|
| 2467 | + $s5 = $s5->subInt64($s14->mulInt(997805)); |
|
| 2468 | + $s6 = $s6->addInt64($s14->mulInt(136657)); |
|
| 2469 | + $s7 = $s7->subInt64($s14->mulInt(683901)); |
|
| 2470 | + |
|
| 2471 | + $s1 = $s1->addInt64($s13->mulInt(666643)); |
|
| 2472 | + $s2 = $s2->addInt64($s13->mulInt(470296)); |
|
| 2473 | + $s3 = $s3->addInt64($s13->mulInt(654183)); |
|
| 2474 | + $s4 = $s4->subInt64($s13->mulInt(997805)); |
|
| 2475 | + $s5 = $s5->addInt64($s13->mulInt(136657)); |
|
| 2476 | + $s6 = $s6->subInt64($s13->mulInt(683901)); |
|
| 2477 | + |
|
| 2478 | + $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2479 | + $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2480 | + $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2481 | + $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2482 | + $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2483 | + $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2484 | + $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2485 | + |
|
| 2486 | + $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2487 | + $s1 = $s1->addInt64($carry0); |
|
| 2488 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2489 | + $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2490 | + $s3 = $s3->addInt64($carry2); |
|
| 2491 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2492 | + $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2493 | + $s5 = $s5->addInt64($carry4); |
|
| 2494 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2495 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2496 | + $s7 = $s7->addInt64($carry6); |
|
| 2497 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2498 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2499 | + $s9 = $s9->addInt64($carry8); |
|
| 2500 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2501 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2502 | + $s11 = $s11->addInt64($carry10); |
|
| 2503 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2504 | + |
|
| 2505 | + $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2506 | + $s2 = $s2->addInt64($carry1); |
|
| 2507 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2508 | + $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2509 | + $s4 = $s4->addInt64($carry3); |
|
| 2510 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2511 | + $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2512 | + $s6 = $s6->addInt64($carry5); |
|
| 2513 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2514 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2515 | + $s8 = $s8->addInt64($carry7); |
|
| 2516 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2517 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2518 | + $s10 = $s10->addInt64($carry9); |
|
| 2519 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2520 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2521 | + $s12 = $s12->addInt64($carry11); |
|
| 2522 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2523 | + |
|
| 2524 | + $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2525 | + $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2526 | + $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2527 | + $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2528 | + $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2529 | + $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2530 | + $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2531 | + |
|
| 2532 | + $carry0 = $s0->shiftRight(21); |
|
| 2533 | + $s1 = $s1->addInt64($carry0); |
|
| 2534 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2535 | + $carry1 = $s1->shiftRight(21); |
|
| 2536 | + $s2 = $s2->addInt64($carry1); |
|
| 2537 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2538 | + $carry2 = $s2->shiftRight(21); |
|
| 2539 | + $s3 = $s3->addInt64($carry2); |
|
| 2540 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2541 | + $carry3 = $s3->shiftRight(21); |
|
| 2542 | + $s4 = $s4->addInt64($carry3); |
|
| 2543 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2544 | + $carry4 = $s4->shiftRight(21); |
|
| 2545 | + $s5 = $s5->addInt64($carry4); |
|
| 2546 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2547 | + $carry5 = $s5->shiftRight(21); |
|
| 2548 | + $s6 = $s6->addInt64($carry5); |
|
| 2549 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2550 | + $carry6 = $s6->shiftRight(21); |
|
| 2551 | + $s7 = $s7->addInt64($carry6); |
|
| 2552 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2553 | + $carry7 = $s7->shiftRight(21); |
|
| 2554 | + $s8 = $s8->addInt64($carry7); |
|
| 2555 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2556 | + $carry8 = $s8->shiftRight(21); |
|
| 2557 | + $s9 = $s9->addInt64($carry8); |
|
| 2558 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2559 | + $carry9 = $s9->shiftRight(21); |
|
| 2560 | + $s10 = $s10->addInt64($carry9); |
|
| 2561 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2562 | + $carry10 = $s10->shiftRight(21); |
|
| 2563 | + $s11 = $s11->addInt64($carry10); |
|
| 2564 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2565 | + $carry11 = $s11->shiftRight(21); |
|
| 2566 | + $s12 = $s12->addInt64($carry11); |
|
| 2567 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2568 | + |
|
| 2569 | + $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2570 | + $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2571 | + $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2572 | + $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2573 | + $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2574 | + $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2575 | + |
|
| 2576 | + $carry0 = $s0->shiftRight(21); |
|
| 2577 | + $s1 = $s1->addInt64($carry0); |
|
| 2578 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2579 | + $carry1 = $s1->shiftRight(21); |
|
| 2580 | + $s2 = $s2->addInt64($carry1); |
|
| 2581 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2582 | + $carry2 = $s2->shiftRight(21); |
|
| 2583 | + $s3 = $s3->addInt64($carry2); |
|
| 2584 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2585 | + $carry3 = $s3->shiftRight(21); |
|
| 2586 | + $s4 = $s4->addInt64($carry3); |
|
| 2587 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2588 | + $carry4 = $s4->shiftRight(21); |
|
| 2589 | + $s5 = $s5->addInt64($carry4); |
|
| 2590 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2591 | + $carry5 = $s5->shiftRight(21); |
|
| 2592 | + $s6 = $s6->addInt64($carry5); |
|
| 2593 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2594 | + $carry6 = $s6->shiftRight(21); |
|
| 2595 | + $s7 = $s7->addInt64($carry6); |
|
| 2596 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2597 | + $carry7 = $s7->shiftRight(21); |
|
| 2598 | + $s8 = $s8->addInt64($carry7); |
|
| 2599 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2600 | + $carry8 = $s10->shiftRight(21); |
|
| 2601 | + $s9 = $s9->addInt64($carry8); |
|
| 2602 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2603 | + $carry9 = $s9->shiftRight(21); |
|
| 2604 | + $s10 = $s10->addInt64($carry9); |
|
| 2605 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2606 | + $carry10 = $s10->shiftRight(21); |
|
| 2607 | + $s11 = $s11->addInt64($carry10); |
|
| 2608 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2609 | + |
|
| 2610 | + $S0 = $s0->toInt32()->toInt(); |
|
| 2611 | + $S1 = $s1->toInt32()->toInt(); |
|
| 2612 | + $S2 = $s2->toInt32()->toInt(); |
|
| 2613 | + $S3 = $s3->toInt32()->toInt(); |
|
| 2614 | + $S4 = $s4->toInt32()->toInt(); |
|
| 2615 | + $S5 = $s5->toInt32()->toInt(); |
|
| 2616 | + $S6 = $s6->toInt32()->toInt(); |
|
| 2617 | + $S7 = $s7->toInt32()->toInt(); |
|
| 2618 | + $S8 = $s8->toInt32()->toInt(); |
|
| 2619 | + $S9 = $s9->toInt32()->toInt(); |
|
| 2620 | + $S10 = $s10->toInt32()->toInt(); |
|
| 2621 | + $S11 = $s11->toInt32()->toInt(); |
|
| 2622 | 2622 | |
| 2623 | - /** |
|
| 2624 | - * @var array<int, int> |
|
| 2625 | - */ |
|
| 2626 | - $arr = array( |
|
| 2627 | - (int) (0xff & ($S0 >> 0)), |
|
| 2628 | - (int) (0xff & ($S0 >> 8)), |
|
| 2629 | - (int) (0xff & (($S0 >> 16) | self::mul($S1, 1 << 5))), |
|
| 2630 | - (int) (0xff & ($S1 >> 3)), |
|
| 2631 | - (int) (0xff & ($S1 >> 11)), |
|
| 2632 | - (int) (0xff & (($S1 >> 19) | self::mul($S2, 1 << 2))), |
|
| 2633 | - (int) (0xff & ($S2 >> 6)), |
|
| 2634 | - (int) (0xff & (($S2 >> 14) | self::mul($S3, 1 << 7))), |
|
| 2635 | - (int) (0xff & ($S3 >> 1)), |
|
| 2636 | - (int) (0xff & ($S3 >> 9)), |
|
| 2637 | - (int) (0xff & (($S3 >> 17) | self::mul($S4, 1 << 4))), |
|
| 2638 | - (int) (0xff & ($S4 >> 4)), |
|
| 2639 | - (int) (0xff & ($S4 >> 12)), |
|
| 2640 | - (int) (0xff & (($S4 >> 20) | self::mul($S5, 1 << 1))), |
|
| 2641 | - (int) (0xff & ($S5 >> 7)), |
|
| 2642 | - (int) (0xff & (($S5 >> 15) | self::mul($S6, 1 << 6))), |
|
| 2643 | - (int) (0xff & ($S6 >> 2)), |
|
| 2644 | - (int) (0xff & ($S6 >> 10)), |
|
| 2645 | - (int) (0xff & (($S6 >> 18) | self::mul($S7, 1 << 3))), |
|
| 2646 | - (int) (0xff & ($S7 >> 5)), |
|
| 2647 | - (int) (0xff & ($S7 >> 13)), |
|
| 2648 | - (int) (0xff & ($S8 >> 0)), |
|
| 2649 | - (int) (0xff & ($S8 >> 8)), |
|
| 2650 | - (int) (0xff & (($S8 >> 16) | self::mul($S9, 1 << 5))), |
|
| 2651 | - (int) (0xff & ($S9 >> 3)), |
|
| 2652 | - (int) (0xff & ($S9 >> 11)), |
|
| 2653 | - (int) (0xff & (($S9 >> 19) | self::mul($S10, 1 << 2))), |
|
| 2654 | - (int) (0xff & ($S10 >> 6)), |
|
| 2655 | - (int) (0xff & (($S10 >> 14) | self::mul($S11, 1 << 7))), |
|
| 2656 | - (int) (0xff & ($S11 >> 1)), |
|
| 2657 | - (int) (0xff & ($S11 >> 9)), |
|
| 2658 | - (int) (0xff & ($S11 >> 17)) |
|
| 2659 | - ); |
|
| 2660 | - return self::intArrayToString($arr); |
|
| 2661 | - } |
|
| 2662 | - |
|
| 2663 | - /** |
|
| 2664 | - * @internal You should not use this directly from another application |
|
| 2665 | - * |
|
| 2666 | - * @param string $s |
|
| 2667 | - * @return string |
|
| 2668 | - */ |
|
| 2669 | - public static function sc_reduce($s) |
|
| 2670 | - { |
|
| 2671 | - /** |
|
| 2672 | - * @var ParagonIE_Sodium_Core32_Int64 $s0 |
|
| 2673 | - * @var ParagonIE_Sodium_Core32_Int64 $s1 |
|
| 2674 | - * @var ParagonIE_Sodium_Core32_Int64 $s2 |
|
| 2675 | - * @var ParagonIE_Sodium_Core32_Int64 $s3 |
|
| 2676 | - * @var ParagonIE_Sodium_Core32_Int64 $s4 |
|
| 2677 | - * @var ParagonIE_Sodium_Core32_Int64 $s5 |
|
| 2678 | - * @var ParagonIE_Sodium_Core32_Int64 $s6 |
|
| 2679 | - * @var ParagonIE_Sodium_Core32_Int64 $s7 |
|
| 2680 | - * @var ParagonIE_Sodium_Core32_Int64 $s8 |
|
| 2681 | - * @var ParagonIE_Sodium_Core32_Int64 $s9 |
|
| 2682 | - * @var ParagonIE_Sodium_Core32_Int64 $s10 |
|
| 2683 | - * @var ParagonIE_Sodium_Core32_Int64 $s11 |
|
| 2684 | - * @var ParagonIE_Sodium_Core32_Int64 $s12 |
|
| 2685 | - * @var ParagonIE_Sodium_Core32_Int64 $s13 |
|
| 2686 | - * @var ParagonIE_Sodium_Core32_Int64 $s14 |
|
| 2687 | - * @var ParagonIE_Sodium_Core32_Int64 $s15 |
|
| 2688 | - * @var ParagonIE_Sodium_Core32_Int64 $s16 |
|
| 2689 | - * @var ParagonIE_Sodium_Core32_Int64 $s17 |
|
| 2690 | - * @var ParagonIE_Sodium_Core32_Int64 $s18 |
|
| 2691 | - * @var ParagonIE_Sodium_Core32_Int64 $s19 |
|
| 2692 | - * @var ParagonIE_Sodium_Core32_Int64 $s20 |
|
| 2693 | - * @var ParagonIE_Sodium_Core32_Int64 $s21 |
|
| 2694 | - * @var ParagonIE_Sodium_Core32_Int64 $s22 |
|
| 2695 | - * @var ParagonIE_Sodium_Core32_Int64 $s23 |
|
| 2696 | - */ |
|
| 2697 | - $s0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 0, 3)))->toInt64(); |
|
| 2698 | - $s1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5))->toInt64(); |
|
| 2699 | - $s2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2))->toInt64(); |
|
| 2700 | - $s3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7))->toInt64(); |
|
| 2701 | - $s4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4))->toInt64(); |
|
| 2702 | - $s5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1))->toInt64(); |
|
| 2703 | - $s6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6))->toInt64(); |
|
| 2704 | - $s7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3))->toInt64(); |
|
| 2705 | - $s8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 21, 3)))->toInt64(); |
|
| 2706 | - $s9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5))->toInt64(); |
|
| 2707 | - $s10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2))->toInt64(); |
|
| 2708 | - $s11 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7))->toInt64(); |
|
| 2709 | - $s12 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4))->toInt64(); |
|
| 2710 | - $s13 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1))->toInt64(); |
|
| 2711 | - $s14 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6))->toInt64(); |
|
| 2712 | - $s15 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3))->toInt64(); |
|
| 2713 | - $s16 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 42, 3)))->toInt64(); |
|
| 2714 | - $s17 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5))->toInt64(); |
|
| 2715 | - $s18 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2))->toInt64(); |
|
| 2716 | - $s19 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7))->toInt64(); |
|
| 2717 | - $s20 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4))->toInt64(); |
|
| 2718 | - $s21 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1))->toInt64(); |
|
| 2719 | - $s22 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6))->toInt64(); |
|
| 2720 | - $s23 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($s, 60, 4)) >> 3))->toInt64(); |
|
| 2721 | - |
|
| 2722 | - $s11 = $s11->addInt64($s23->mulInt(666643)); |
|
| 2723 | - $s12 = $s12->addInt64($s23->mulInt(470296)); |
|
| 2724 | - $s13 = $s13->addInt64($s23->mulInt(654183)); |
|
| 2725 | - $s14 = $s14->subInt64($s23->mulInt(997805)); |
|
| 2726 | - $s15 = $s15->addInt64($s23->mulInt(136657)); |
|
| 2727 | - $s16 = $s16->subInt64($s23->mulInt(683901)); |
|
| 2728 | - |
|
| 2729 | - $s10 = $s10->addInt64($s22->mulInt(666643)); |
|
| 2730 | - $s11 = $s11->addInt64($s22->mulInt(470296)); |
|
| 2731 | - $s12 = $s12->addInt64($s22->mulInt(654183)); |
|
| 2732 | - $s13 = $s13->subInt64($s22->mulInt(997805)); |
|
| 2733 | - $s14 = $s14->addInt64($s22->mulInt(136657)); |
|
| 2734 | - $s15 = $s15->subInt64($s22->mulInt(683901)); |
|
| 2735 | - |
|
| 2736 | - $s9 = $s9->addInt64($s21->mulInt(666643)); |
|
| 2737 | - $s10 = $s10->addInt64($s21->mulInt(470296)); |
|
| 2738 | - $s11 = $s11->addInt64($s21->mulInt(654183)); |
|
| 2739 | - $s12 = $s12->subInt64($s21->mulInt(997805)); |
|
| 2740 | - $s13 = $s13->addInt64($s21->mulInt(136657)); |
|
| 2741 | - $s14 = $s14->subInt64($s21->mulInt(683901)); |
|
| 2742 | - |
|
| 2743 | - $s8 = $s8->addInt64($s20->mulInt(666643)); |
|
| 2744 | - $s9 = $s9->addInt64($s20->mulInt(470296)); |
|
| 2745 | - $s10 = $s10->addInt64($s20->mulInt(654183)); |
|
| 2746 | - $s11 = $s11->subInt64($s20->mulInt(997805)); |
|
| 2747 | - $s12 = $s12->addInt64($s20->mulInt(136657)); |
|
| 2748 | - $s13 = $s13->subInt64($s20->mulInt(683901)); |
|
| 2749 | - |
|
| 2750 | - $s7 = $s7->addInt64($s19->mulInt(666643)); |
|
| 2751 | - $s8 = $s8->addInt64($s19->mulInt(470296)); |
|
| 2752 | - $s9 = $s9->addInt64($s19->mulInt(654183)); |
|
| 2753 | - $s10 = $s10->subInt64($s19->mulInt(997805)); |
|
| 2754 | - $s11 = $s11->addInt64($s19->mulInt(136657)); |
|
| 2755 | - $s12 = $s12->subInt64($s19->mulInt(683901)); |
|
| 2756 | - |
|
| 2757 | - $s6 = $s6->addInt64($s18->mulInt(666643)); |
|
| 2758 | - $s7 = $s7->addInt64($s18->mulInt(470296)); |
|
| 2759 | - $s8 = $s8->addInt64($s18->mulInt(654183)); |
|
| 2760 | - $s9 = $s9->subInt64($s18->mulInt(997805)); |
|
| 2761 | - $s10 = $s10->addInt64($s18->mulInt(136657)); |
|
| 2762 | - $s11 = $s11->subInt64($s18->mulInt(683901)); |
|
| 2763 | - |
|
| 2764 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2765 | - $s7 = $s7->addInt64($carry6); |
|
| 2766 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2767 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2768 | - $s9 = $s9->addInt64($carry8); |
|
| 2769 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2770 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2771 | - $s11 = $s11->addInt64($carry10); |
|
| 2772 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2773 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2774 | - $s13 = $s13->addInt64($carry12); |
|
| 2775 | - $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2776 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2777 | - $s15 = $s15->addInt64($carry14); |
|
| 2778 | - $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2779 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2780 | - $s17 = $s17->addInt64($carry16); |
|
| 2781 | - $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2782 | - |
|
| 2783 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2784 | - $s8 = $s8->addInt64($carry7); |
|
| 2785 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2786 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2787 | - $s10 = $s10->addInt64($carry9); |
|
| 2788 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2789 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2790 | - $s12 = $s12->addInt64($carry11); |
|
| 2791 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2792 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2793 | - $s14 = $s14->addInt64($carry13); |
|
| 2794 | - $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2795 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2796 | - $s16 = $s16->addInt64($carry15); |
|
| 2797 | - $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2798 | - |
|
| 2799 | - $s5 = $s5->addInt64($s17->mulInt(666643)); |
|
| 2800 | - $s6 = $s6->addInt64($s17->mulInt(470296)); |
|
| 2801 | - $s7 = $s7->addInt64($s17->mulInt(654183)); |
|
| 2802 | - $s8 = $s8->subInt64($s17->mulInt(997805)); |
|
| 2803 | - $s9 = $s9->addInt64($s17->mulInt(136657)); |
|
| 2804 | - $s10 = $s10->subInt64($s17->mulInt(683901)); |
|
| 2805 | - |
|
| 2806 | - $s4 = $s4->addInt64($s16->mulInt(666643)); |
|
| 2807 | - $s5 = $s5->addInt64($s16->mulInt(470296)); |
|
| 2808 | - $s6 = $s6->addInt64($s16->mulInt(654183)); |
|
| 2809 | - $s7 = $s7->subInt64($s16->mulInt(997805)); |
|
| 2810 | - $s8 = $s8->addInt64($s16->mulInt(136657)); |
|
| 2811 | - $s9 = $s9->subInt64($s16->mulInt(683901)); |
|
| 2812 | - |
|
| 2813 | - $s3 = $s3->addInt64($s15->mulInt(666643)); |
|
| 2814 | - $s4 = $s4->addInt64($s15->mulInt(470296)); |
|
| 2815 | - $s5 = $s5->addInt64($s15->mulInt(654183)); |
|
| 2816 | - $s6 = $s6->subInt64($s15->mulInt(997805)); |
|
| 2817 | - $s7 = $s7->addInt64($s15->mulInt(136657)); |
|
| 2818 | - $s8 = $s8->subInt64($s15->mulInt(683901)); |
|
| 2819 | - |
|
| 2820 | - $s2 = $s2->addInt64($s14->mulInt(666643)); |
|
| 2821 | - $s3 = $s3->addInt64($s14->mulInt(470296)); |
|
| 2822 | - $s4 = $s4->addInt64($s14->mulInt(654183)); |
|
| 2823 | - $s5 = $s5->subInt64($s14->mulInt(997805)); |
|
| 2824 | - $s6 = $s6->addInt64($s14->mulInt(136657)); |
|
| 2825 | - $s7 = $s7->subInt64($s14->mulInt(683901)); |
|
| 2826 | - |
|
| 2827 | - $s1 = $s1->addInt64($s13->mulInt(666643)); |
|
| 2828 | - $s2 = $s2->addInt64($s13->mulInt(470296)); |
|
| 2829 | - $s3 = $s3->addInt64($s13->mulInt(654183)); |
|
| 2830 | - $s4 = $s4->subInt64($s13->mulInt(997805)); |
|
| 2831 | - $s5 = $s5->addInt64($s13->mulInt(136657)); |
|
| 2832 | - $s6 = $s6->subInt64($s13->mulInt(683901)); |
|
| 2833 | - |
|
| 2834 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2835 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2836 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2837 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2838 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2839 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2840 | - $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2841 | - |
|
| 2842 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2843 | - $s1 = $s1->addInt64($carry0); |
|
| 2844 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2845 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2846 | - $s3 = $s3->addInt64($carry2); |
|
| 2847 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2848 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2849 | - $s5 = $s5->addInt64($carry4); |
|
| 2850 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2851 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2852 | - $s7 = $s7->addInt64($carry6); |
|
| 2853 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2854 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2855 | - $s9 = $s9->addInt64($carry8); |
|
| 2856 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2857 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2858 | - $s11 = $s11->addInt64($carry10); |
|
| 2859 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2860 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2861 | - $s2 = $s2->addInt64($carry1); |
|
| 2862 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2863 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2864 | - $s4 = $s4->addInt64($carry3); |
|
| 2865 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2866 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2867 | - $s6 = $s6->addInt64($carry5); |
|
| 2868 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2869 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2870 | - $s8 = $s8->addInt64($carry7); |
|
| 2871 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2872 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2873 | - $s10 = $s10->addInt64($carry9); |
|
| 2874 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2875 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2876 | - $s12 = $s12->addInt64($carry11); |
|
| 2877 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2878 | - |
|
| 2879 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2880 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2881 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2882 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2883 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2884 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2885 | - $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2886 | - |
|
| 2887 | - $carry0 = $s0->shiftRight(21); |
|
| 2888 | - $s1 = $s1->addInt64($carry0); |
|
| 2889 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2890 | - $carry1 = $s1->shiftRight(21); |
|
| 2891 | - $s2 = $s2->addInt64($carry1); |
|
| 2892 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2893 | - $carry2 = $s2->shiftRight(21); |
|
| 2894 | - $s3 = $s3->addInt64($carry2); |
|
| 2895 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2896 | - $carry3 = $s3->shiftRight(21); |
|
| 2897 | - $s4 = $s4->addInt64($carry3); |
|
| 2898 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2899 | - $carry4 = $s4->shiftRight(21); |
|
| 2900 | - $s5 = $s5->addInt64($carry4); |
|
| 2901 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2902 | - $carry5 = $s5->shiftRight(21); |
|
| 2903 | - $s6 = $s6->addInt64($carry5); |
|
| 2904 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2905 | - $carry6 = $s6->shiftRight(21); |
|
| 2906 | - $s7 = $s7->addInt64($carry6); |
|
| 2907 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2908 | - $carry7 = $s7->shiftRight(21); |
|
| 2909 | - $s8 = $s8->addInt64($carry7); |
|
| 2910 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2911 | - $carry8 = $s8->shiftRight(21); |
|
| 2912 | - $s9 = $s9->addInt64($carry8); |
|
| 2913 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2914 | - $carry9 = $s9->shiftRight(21); |
|
| 2915 | - $s10 = $s10->addInt64($carry9); |
|
| 2916 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2917 | - $carry10 = $s10->shiftRight(21); |
|
| 2918 | - $s11 = $s11->addInt64($carry10); |
|
| 2919 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2920 | - $carry11 = $s11->shiftRight(21); |
|
| 2921 | - $s12 = $s12->addInt64($carry11); |
|
| 2922 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2923 | - |
|
| 2924 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2925 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2926 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2927 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2928 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2929 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2930 | - |
|
| 2931 | - $carry0 = $s0->shiftRight(21); |
|
| 2932 | - $s1 = $s1->addInt64($carry0); |
|
| 2933 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2934 | - $carry1 = $s1->shiftRight(21); |
|
| 2935 | - $s2 = $s2->addInt64($carry1); |
|
| 2936 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2937 | - $carry2 = $s2->shiftRight(21); |
|
| 2938 | - $s3 = $s3->addInt64($carry2); |
|
| 2939 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2940 | - $carry3 = $s3->shiftRight(21); |
|
| 2941 | - $s4 = $s4->addInt64($carry3); |
|
| 2942 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2943 | - $carry4 = $s4->shiftRight(21); |
|
| 2944 | - $s5 = $s5->addInt64($carry4); |
|
| 2945 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2946 | - $carry5 = $s5->shiftRight(21); |
|
| 2947 | - $s6 = $s6->addInt64($carry5); |
|
| 2948 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2949 | - $carry6 = $s6->shiftRight(21); |
|
| 2950 | - $s7 = $s7->addInt64($carry6); |
|
| 2951 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2952 | - $carry7 = $s7->shiftRight(21); |
|
| 2953 | - $s8 = $s8->addInt64($carry7); |
|
| 2954 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2955 | - $carry8 = $s8->shiftRight(21); |
|
| 2956 | - $s9 = $s9->addInt64($carry8); |
|
| 2957 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2958 | - $carry9 = $s9->shiftRight(21); |
|
| 2959 | - $s10 = $s10->addInt64($carry9); |
|
| 2960 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2961 | - $carry10 = $s10->shiftRight(21); |
|
| 2962 | - $s11 = $s11->addInt64($carry10); |
|
| 2963 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2964 | - |
|
| 2965 | - $S0 = $s0->toInt32()->toInt(); |
|
| 2966 | - $S1 = $s1->toInt32()->toInt(); |
|
| 2967 | - $S2 = $s2->toInt32()->toInt(); |
|
| 2968 | - $S3 = $s3->toInt32()->toInt(); |
|
| 2969 | - $S4 = $s4->toInt32()->toInt(); |
|
| 2970 | - $S5 = $s5->toInt32()->toInt(); |
|
| 2971 | - $S6 = $s6->toInt32()->toInt(); |
|
| 2972 | - $S7 = $s7->toInt32()->toInt(); |
|
| 2973 | - $S8 = $s8->toInt32()->toInt(); |
|
| 2974 | - $S9 = $s9->toInt32()->toInt(); |
|
| 2975 | - $S10 = $s10->toInt32()->toInt(); |
|
| 2976 | - $S11 = $s11->toInt32()->toInt(); |
|
| 2977 | - |
|
| 2978 | - /** |
|
| 2979 | - * @var array<int, int> |
|
| 2980 | - */ |
|
| 2981 | - $arr = array( |
|
| 2982 | - (int) ($S0 >> 0), |
|
| 2983 | - (int) ($S0 >> 8), |
|
| 2984 | - (int) (($S0 >> 16) | self::mul($S1, 1 << 5)), |
|
| 2985 | - (int) ($S1 >> 3), |
|
| 2986 | - (int) ($S1 >> 11), |
|
| 2987 | - (int) (($S1 >> 19) | self::mul($S2, 1 << 2)), |
|
| 2988 | - (int) ($S2 >> 6), |
|
| 2989 | - (int) (($S2 >> 14) | self::mul($S3, 1 << 7)), |
|
| 2990 | - (int) ($S3 >> 1), |
|
| 2991 | - (int) ($S3 >> 9), |
|
| 2992 | - (int) (($S3 >> 17) | self::mul($S4, 1 << 4)), |
|
| 2993 | - (int) ($S4 >> 4), |
|
| 2994 | - (int) ($S4 >> 12), |
|
| 2995 | - (int) (($S4 >> 20) | self::mul($S5, 1 << 1)), |
|
| 2996 | - (int) ($S5 >> 7), |
|
| 2997 | - (int) (($S5 >> 15) | self::mul($S6, 1 << 6)), |
|
| 2998 | - (int) ($S6 >> 2), |
|
| 2999 | - (int) ($S6 >> 10), |
|
| 3000 | - (int) (($S6 >> 18) | self::mul($S7, 1 << 3)), |
|
| 3001 | - (int) ($S7 >> 5), |
|
| 3002 | - (int) ($S7 >> 13), |
|
| 3003 | - (int) ($S8 >> 0), |
|
| 3004 | - (int) ($S8 >> 8), |
|
| 3005 | - (int) (($S8 >> 16) | self::mul($S9, 1 << 5)), |
|
| 3006 | - (int) ($S9 >> 3), |
|
| 3007 | - (int) ($S9 >> 11), |
|
| 3008 | - (int) (($S9 >> 19) | self::mul($S10, 1 << 2)), |
|
| 3009 | - (int) ($S10 >> 6), |
|
| 3010 | - (int) (($S10 >> 14) | self::mul($S11, 1 << 7)), |
|
| 3011 | - (int) ($S11 >> 1), |
|
| 3012 | - (int) ($S11 >> 9), |
|
| 3013 | - (int) $S11 >> 17 |
|
| 3014 | - ); |
|
| 3015 | - return self::intArrayToString($arr); |
|
| 3016 | - } |
|
| 3017 | - |
|
| 3018 | - /** |
|
| 3019 | - * @internal You should not use this directly from another application |
|
| 3020 | - * |
|
| 3021 | - * @param string $s |
|
| 3022 | - * @return string |
|
| 3023 | - */ |
|
| 3024 | - public static function sc_reduce_old($s) |
|
| 3025 | - { |
|
| 3026 | - /** |
|
| 3027 | - * @var ParagonIE_Sodium_Core32_Int32 $s0 |
|
| 3028 | - * @var ParagonIE_Sodium_Core32_Int32 $s1 |
|
| 3029 | - * @var ParagonIE_Sodium_Core32_Int32 $s2 |
|
| 3030 | - * @var ParagonIE_Sodium_Core32_Int32 $s3 |
|
| 3031 | - * @var ParagonIE_Sodium_Core32_Int32 $s4 |
|
| 3032 | - * @var ParagonIE_Sodium_Core32_Int32 $s5 |
|
| 3033 | - * @var ParagonIE_Sodium_Core32_Int32 $s6 |
|
| 3034 | - * @var ParagonIE_Sodium_Core32_Int32 $s7 |
|
| 3035 | - * @var ParagonIE_Sodium_Core32_Int32 $s8 |
|
| 3036 | - * @var ParagonIE_Sodium_Core32_Int32 $s9 |
|
| 3037 | - * @var ParagonIE_Sodium_Core32_Int32 $s10 |
|
| 3038 | - * @var ParagonIE_Sodium_Core32_Int32 $s11 |
|
| 3039 | - * @var ParagonIE_Sodium_Core32_Int32 $s12 |
|
| 3040 | - * @var ParagonIE_Sodium_Core32_Int32 $s13 |
|
| 3041 | - * @var ParagonIE_Sodium_Core32_Int32 $s14 |
|
| 3042 | - * @var ParagonIE_Sodium_Core32_Int32 $s15 |
|
| 3043 | - * @var ParagonIE_Sodium_Core32_Int32 $s16 |
|
| 3044 | - * @var ParagonIE_Sodium_Core32_Int32 $s17 |
|
| 3045 | - * @var ParagonIE_Sodium_Core32_Int32 $s18 |
|
| 3046 | - * @var ParagonIE_Sodium_Core32_Int32 $s19 |
|
| 3047 | - * @var ParagonIE_Sodium_Core32_Int32 $s20 |
|
| 3048 | - * @var ParagonIE_Sodium_Core32_Int32 $s21 |
|
| 3049 | - * @var ParagonIE_Sodium_Core32_Int32 $s22 |
|
| 3050 | - * @var ParagonIE_Sodium_Core32_Int32 $s23 |
|
| 3051 | - */ |
|
| 3052 | - $s0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 0, 3))); |
|
| 3053 | - $s1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5)); |
|
| 3054 | - $s2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2)); |
|
| 3055 | - $s3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7)); |
|
| 3056 | - $s4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4)); |
|
| 3057 | - $s5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1)); |
|
| 3058 | - $s6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6)); |
|
| 3059 | - $s7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3)); |
|
| 3060 | - $s8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 21, 3))); |
|
| 3061 | - $s9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5)); |
|
| 3062 | - $s10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2)); |
|
| 3063 | - $s11 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7)); |
|
| 3064 | - $s12 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4)); |
|
| 3065 | - $s13 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1)); |
|
| 3066 | - $s14 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6)); |
|
| 3067 | - $s15 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3)); |
|
| 3068 | - $s16 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 42, 3))); |
|
| 3069 | - $s17 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5)); |
|
| 3070 | - $s18 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2)); |
|
| 3071 | - $s19 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7)); |
|
| 3072 | - $s20 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4)); |
|
| 3073 | - $s21 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1)); |
|
| 3074 | - $s22 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6)); |
|
| 3075 | - $s23 = ParagonIE_Sodium_Core32_Int32::fromInt(self::load_4(self::substr($s, 60, 4)) >> 3); |
|
| 3076 | - |
|
| 3077 | - $s11 = $s11->addInt32($s23->mulInt(666643)); |
|
| 3078 | - $s12 = $s12->addInt32($s23->mulInt(470296)); |
|
| 3079 | - $s13 = $s13->addInt32($s23->mulInt(654183)); |
|
| 3080 | - $s14 = $s14->subInt32($s23->mulInt(997805)); |
|
| 3081 | - $s15 = $s15->addInt32($s23->mulInt(136657)); |
|
| 3082 | - $s16 = $s16->subInt32($s23->mulInt(683901)); |
|
| 3083 | - |
|
| 3084 | - $s10 = $s10->addInt32($s22->mulInt(666643)); |
|
| 3085 | - $s11 = $s11->addInt32($s22->mulInt(470296)); |
|
| 3086 | - $s12 = $s12->addInt32($s22->mulInt(654183)); |
|
| 3087 | - $s13 = $s13->subInt32($s22->mulInt(997805)); |
|
| 3088 | - $s14 = $s14->addInt32($s22->mulInt(136657)); |
|
| 3089 | - $s15 = $s15->subInt32($s22->mulInt(683901)); |
|
| 3090 | - |
|
| 3091 | - $s9 = $s9->addInt32($s21->mulInt(666643)); |
|
| 3092 | - $s10 = $s10->addInt32($s21->mulInt(470296)); |
|
| 3093 | - $s11 = $s11->addInt32($s21->mulInt(654183)); |
|
| 3094 | - $s12 = $s12->subInt32($s21->mulInt(997805)); |
|
| 3095 | - $s13 = $s13->addInt32($s21->mulInt(136657)); |
|
| 3096 | - $s14 = $s14->subInt32($s21->mulInt(683901)); |
|
| 3097 | - |
|
| 3098 | - $s8 = $s8->addInt32($s20->mulInt(666643)); |
|
| 3099 | - $s9 = $s9->addInt32($s20->mulInt(470296)); |
|
| 3100 | - $s10 = $s10->addInt32($s20->mulInt(654183)); |
|
| 3101 | - $s11 = $s11->subInt32($s20->mulInt(997805)); |
|
| 3102 | - $s12 = $s12->addInt32($s20->mulInt(136657)); |
|
| 3103 | - $s13 = $s13->subInt32($s20->mulInt(683901)); |
|
| 3104 | - |
|
| 3105 | - $s7 = $s7->addInt32($s19->mulInt(666643)); |
|
| 3106 | - $s8 = $s8->addInt32($s19->mulInt(470296)); |
|
| 3107 | - $s9 = $s9->addInt32($s19->mulInt(654183)); |
|
| 3108 | - $s10 = $s10->subInt32($s19->mulInt(997805)); |
|
| 3109 | - $s11 = $s11->addInt32($s19->mulInt(136657)); |
|
| 3110 | - $s12 = $s12->subInt32($s19->mulInt(683901)); |
|
| 3111 | - |
|
| 3112 | - $s6 = $s6->addInt32($s18->mulInt(666643)); |
|
| 3113 | - $s7 = $s7->addInt32($s18->mulInt(470296)); |
|
| 3114 | - $s8 = $s8->addInt32($s18->mulInt(654183)); |
|
| 3115 | - $s9 = $s9->subInt32($s18->mulInt(997805)); |
|
| 3116 | - $s10 = $s10->addInt32($s18->mulInt(136657)); |
|
| 3117 | - $s11 = $s11->subInt32($s18->mulInt(683901)); |
|
| 3118 | - |
|
| 3119 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 3120 | - $s7 = $s7->addInt32($carry6); |
|
| 3121 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3122 | - |
|
| 3123 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 3124 | - $s9 = $s9->addInt32($carry8); |
|
| 3125 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3126 | - |
|
| 3127 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 3128 | - $s11 = $s11->addInt32($carry10); |
|
| 3129 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3130 | - |
|
| 3131 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 3132 | - $s13 = $s13->addInt32($carry12); |
|
| 3133 | - $s12 = $s12->subInt32($carry12->shiftLeft(21)); |
|
| 3134 | - |
|
| 3135 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 3136 | - $s15 = $s15->addInt32($carry14); |
|
| 3137 | - $s14 = $s14->subInt32($carry14->shiftLeft(21)); |
|
| 3138 | - |
|
| 3139 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 3140 | - $s17 = $s17->addInt32($carry16); |
|
| 3141 | - $s16 = $s16->subInt32($carry16->shiftLeft(21)); |
|
| 3142 | - |
|
| 3143 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 3144 | - $s8 = $s8->addInt32($carry7); |
|
| 3145 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3146 | - |
|
| 3147 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 3148 | - $s10 = $s10->addInt32($carry9); |
|
| 3149 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3150 | - |
|
| 3151 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 3152 | - $s12 = $s12->addInt32($carry11); |
|
| 3153 | - $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3154 | - |
|
| 3155 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 3156 | - $s14 = $s14->addInt32($carry13); |
|
| 3157 | - $s13 = $s13->subInt32($carry13->shiftLeft(21)); |
|
| 3158 | - |
|
| 3159 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 3160 | - $s16 = $s16->addInt32($carry15); |
|
| 3161 | - $s15 = $s15->subInt32($carry15->shiftLeft(21)); |
|
| 3162 | - |
|
| 3163 | - $s5 = $s5->addInt32($s17->mulInt(666643)); |
|
| 3164 | - $s6 = $s6->addInt32($s17->mulInt(470296)); |
|
| 3165 | - $s7 = $s7->addInt32($s17->mulInt(654183)); |
|
| 3166 | - $s8 = $s8->subInt32($s17->mulInt(997805)); |
|
| 3167 | - $s9 = $s9->addInt32($s17->mulInt(136657)); |
|
| 3168 | - $s10 = $s10->subInt32($s17->mulInt(683901)); |
|
| 3169 | - |
|
| 3170 | - $s4 = $s4->addInt32($s16->mulInt(666643)); |
|
| 3171 | - $s5 = $s5->addInt32($s16->mulInt(470296)); |
|
| 3172 | - $s6 = $s6->addInt32($s16->mulInt(654183)); |
|
| 3173 | - $s7 = $s7->subInt32($s16->mulInt(997805)); |
|
| 3174 | - $s8 = $s8->addInt32($s16->mulInt(136657)); |
|
| 3175 | - $s9 = $s9->subInt32($s16->mulInt(683901)); |
|
| 3176 | - |
|
| 3177 | - $s3 = $s3->addInt32($s15->mulInt(666643)); |
|
| 3178 | - $s4 = $s4->addInt32($s15->mulInt(470296)); |
|
| 3179 | - $s5 = $s5->addInt32($s15->mulInt(654183)); |
|
| 3180 | - $s6 = $s6->subInt32($s15->mulInt(997805)); |
|
| 3181 | - $s7 = $s7->addInt32($s15->mulInt(136657)); |
|
| 3182 | - $s8 = $s8->subInt32($s15->mulInt(683901)); |
|
| 3183 | - |
|
| 3184 | - $s2 = $s2->addInt32($s14->mulInt(666643)); |
|
| 3185 | - $s3 = $s3->addInt32($s14->mulInt(470296)); |
|
| 3186 | - $s4 = $s4->addInt32($s14->mulInt(654183)); |
|
| 3187 | - $s5 = $s5->subInt32($s14->mulInt(997805)); |
|
| 3188 | - $s6 = $s6->addInt32($s14->mulInt(136657)); |
|
| 3189 | - $s7 = $s7->subInt32($s14->mulInt(683901)); |
|
| 3190 | - |
|
| 3191 | - $s1 = $s1->addInt32($s13->mulInt(666643)); |
|
| 3192 | - $s2 = $s2->addInt32($s13->mulInt(470296)); |
|
| 3193 | - $s3 = $s3->addInt32($s13->mulInt(654183)); |
|
| 3194 | - $s4 = $s4->subInt32($s13->mulInt(997805)); |
|
| 3195 | - $s5 = $s5->addInt32($s13->mulInt(136657)); |
|
| 3196 | - $s6 = $s6->subInt32($s13->mulInt(683901)); |
|
| 3197 | - |
|
| 3198 | - $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3199 | - $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3200 | - $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3201 | - $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3202 | - $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3203 | - $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3204 | - $s12 = new ParagonIE_Sodium_Core32_Int32(); |
|
| 3205 | - |
|
| 3206 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 3207 | - $s1 = $s1->addInt32($carry0); |
|
| 3208 | - $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3209 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 3210 | - $s3 = $s3->addInt32($carry2); |
|
| 3211 | - $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3212 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 3213 | - $s5 = $s5->addInt32($carry4); |
|
| 3214 | - $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3215 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 3216 | - $s7 = $s7->addInt32($carry6); |
|
| 3217 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3218 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 3219 | - $s9 = $s9->addInt32($carry8); |
|
| 3220 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3221 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 3222 | - $s11 = $s11->addInt32($carry10); |
|
| 3223 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3224 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 3225 | - $s2 = $s2->addInt32($carry1); |
|
| 3226 | - $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3227 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 3228 | - $s4 = $s4->addInt32($carry3); |
|
| 3229 | - $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3230 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 3231 | - $s6 = $s6->addInt32($carry5); |
|
| 3232 | - $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3233 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 3234 | - $s8 = $s8->addInt32($carry7); |
|
| 3235 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3236 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 3237 | - $s10 = $s10->addInt32($carry9); |
|
| 3238 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3239 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 3240 | - $s12 = $s12->addInt32($carry11); |
|
| 3241 | - $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3242 | - |
|
| 3243 | - $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3244 | - $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3245 | - $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3246 | - $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3247 | - $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3248 | - $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3249 | - $s12 = new ParagonIE_Sodium_Core32_Int32(); |
|
| 3250 | - |
|
| 3251 | - $carry0 = $s0->shiftRight(21); |
|
| 3252 | - $s1 = $s1->addInt32($carry0); |
|
| 3253 | - $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3254 | - $carry1 = $s1->shiftRight(21); |
|
| 3255 | - $s2 = $s2->addInt32($carry1); |
|
| 3256 | - $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3257 | - $carry2 = $s2->shiftRight(21); |
|
| 3258 | - $s3 = $s3->addInt32($carry2); |
|
| 3259 | - $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3260 | - $carry3 = $s3->shiftRight(21); |
|
| 3261 | - $s4 = $s4->addInt32($carry3); |
|
| 3262 | - $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3263 | - $carry4 = $s4->shiftRight(21); |
|
| 3264 | - $s5 = $s5->addInt32($carry4); |
|
| 3265 | - $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3266 | - $carry5 = $s5->shiftRight(21); |
|
| 3267 | - $s6 = $s6->addInt32($carry5); |
|
| 3268 | - $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3269 | - $carry6 = $s6->shiftRight(21); |
|
| 3270 | - $s7 = $s7->addInt32($carry6); |
|
| 3271 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3272 | - $carry7 = $s7->shiftRight(21); |
|
| 3273 | - $s8 = $s8->addInt32($carry7); |
|
| 3274 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3275 | - $carry8 = $s8->shiftRight(21); |
|
| 3276 | - $s9 = $s9->addInt32($carry8); |
|
| 3277 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3278 | - $carry9 = $s9->shiftRight(21); |
|
| 3279 | - $s10 = $s10->addInt32($carry9); |
|
| 3280 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3281 | - $carry10 = $s10->shiftRight(21); |
|
| 3282 | - $s11 = $s11->addInt32($carry10); |
|
| 3283 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3284 | - $carry11 = $s11->shiftRight(21); |
|
| 3285 | - $s12 = $s12->addInt32($carry11); |
|
| 3286 | - $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3287 | - |
|
| 3288 | - $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3289 | - $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3290 | - $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3291 | - $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3292 | - $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3293 | - $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3294 | - |
|
| 3295 | - $carry0 = $s0->shiftRight(21); |
|
| 3296 | - $s1 = $s1->addInt32($carry0); |
|
| 3297 | - $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3298 | - $carry1 = $s1->shiftRight(21); |
|
| 3299 | - $s2 = $s2->addInt32($carry1); |
|
| 3300 | - $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3301 | - $carry2 = $s2->shiftRight(21); |
|
| 3302 | - $s3 = $s3->addInt32($carry2); |
|
| 3303 | - $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3304 | - $carry3 = $s3->shiftRight(21); |
|
| 3305 | - $s4 = $s4->addInt32($carry3); |
|
| 3306 | - $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3307 | - $carry4 = $s4->shiftRight(21); |
|
| 3308 | - $s5 = $s5->addInt32($carry4); |
|
| 3309 | - $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3310 | - $carry5 = $s5->shiftRight(21); |
|
| 3311 | - $s6 = $s6->addInt32($carry5); |
|
| 3312 | - $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3313 | - $carry6 = $s6->shiftRight(21); |
|
| 3314 | - $s7 = $s7->addInt32($carry6); |
|
| 3315 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3316 | - $carry7 = $s7->shiftRight(21); |
|
| 3317 | - $s8 = $s8->addInt32($carry7); |
|
| 3318 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3319 | - $carry8 = $s8->shiftRight(21); |
|
| 3320 | - $s9 = $s9->addInt32($carry8); |
|
| 3321 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3322 | - $carry9 = $s9->shiftRight(21); |
|
| 3323 | - $s10 = $s10->addInt32($carry9); |
|
| 3324 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3325 | - $carry10 = $s10->shiftRight(21); |
|
| 3326 | - $s11 = $s11->addInt32($carry10); |
|
| 3327 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3328 | - |
|
| 3329 | - $S0 = $s0->toInt(); |
|
| 3330 | - $S1 = $s1->toInt(); |
|
| 3331 | - $S2 = $s2->toInt(); |
|
| 3332 | - $S3 = $s3->toInt(); |
|
| 3333 | - $S4 = $s4->toInt(); |
|
| 3334 | - $S5 = $s5->toInt(); |
|
| 3335 | - $S6 = $s6->toInt(); |
|
| 3336 | - $S7 = $s7->toInt(); |
|
| 3337 | - $S8 = $s8->toInt(); |
|
| 3338 | - $S9 = $s9->toInt(); |
|
| 3339 | - $S10 = $s10->toInt(); |
|
| 3340 | - $S11 = $s11->toInt(); |
|
| 3341 | - |
|
| 3342 | - /** |
|
| 3343 | - * @var array<int, int> |
|
| 3344 | - */ |
|
| 3345 | - $arr = array( |
|
| 3346 | - (int) ($S0 >> 0), |
|
| 3347 | - (int) ($S0 >> 8), |
|
| 3348 | - (int) (($S0 >> 16) | self::mul($S1, 1 << 5)), |
|
| 3349 | - (int) ($S1 >> 3), |
|
| 3350 | - (int) ($S1 >> 11), |
|
| 3351 | - (int) (($S1 >> 19) | self::mul($S2, 1 << 2)), |
|
| 3352 | - (int) ($S2 >> 6), |
|
| 3353 | - (int) (($S2 >> 14) | self::mul($S3, 1 << 7)), |
|
| 3354 | - (int) ($S3 >> 1), |
|
| 3355 | - (int) ($S3 >> 9), |
|
| 3356 | - (int) (($S3 >> 17) | self::mul($S4, 1 << 4)), |
|
| 3357 | - (int) ($S4 >> 4), |
|
| 3358 | - (int) ($S4 >> 12), |
|
| 3359 | - (int) (($S4 >> 20) | self::mul($S5, 1 << 1)), |
|
| 3360 | - (int) ($S5 >> 7), |
|
| 3361 | - (int) (($S5 >> 15) | self::mul($S6, 1 << 6)), |
|
| 3362 | - (int) ($S6 >> 2), |
|
| 3363 | - (int) ($S6 >> 10), |
|
| 3364 | - (int) (($S6 >> 18) | self::mul($S7, 1 << 3)), |
|
| 3365 | - (int) ($S7 >> 5), |
|
| 3366 | - (int) ($S7 >> 13), |
|
| 3367 | - (int) ($S8 >> 0), |
|
| 3368 | - (int) ($S8 >> 8), |
|
| 3369 | - (int) (($S8 >> 16) | self::mul($S9, 1 << 5)), |
|
| 3370 | - (int) ($S9 >> 3), |
|
| 3371 | - (int) ($S9 >> 11), |
|
| 3372 | - (int) (($S9 >> 19) | self::mul($S10, 1 << 2)), |
|
| 3373 | - (int) ($S10 >> 6), |
|
| 3374 | - (int) (($S10 >> 14) | self::mul($S11, 1 << 7)), |
|
| 3375 | - (int) ($S11 >> 1), |
|
| 3376 | - (int) ($S11 >> 9), |
|
| 3377 | - (int) $S11 >> 17 |
|
| 3378 | - ); |
|
| 3379 | - return self::intArrayToString($arr); |
|
| 3380 | - } |
|
| 2623 | + /** |
|
| 2624 | + * @var array<int, int> |
|
| 2625 | + */ |
|
| 2626 | + $arr = array( |
|
| 2627 | + (int) (0xff & ($S0 >> 0)), |
|
| 2628 | + (int) (0xff & ($S0 >> 8)), |
|
| 2629 | + (int) (0xff & (($S0 >> 16) | self::mul($S1, 1 << 5))), |
|
| 2630 | + (int) (0xff & ($S1 >> 3)), |
|
| 2631 | + (int) (0xff & ($S1 >> 11)), |
|
| 2632 | + (int) (0xff & (($S1 >> 19) | self::mul($S2, 1 << 2))), |
|
| 2633 | + (int) (0xff & ($S2 >> 6)), |
|
| 2634 | + (int) (0xff & (($S2 >> 14) | self::mul($S3, 1 << 7))), |
|
| 2635 | + (int) (0xff & ($S3 >> 1)), |
|
| 2636 | + (int) (0xff & ($S3 >> 9)), |
|
| 2637 | + (int) (0xff & (($S3 >> 17) | self::mul($S4, 1 << 4))), |
|
| 2638 | + (int) (0xff & ($S4 >> 4)), |
|
| 2639 | + (int) (0xff & ($S4 >> 12)), |
|
| 2640 | + (int) (0xff & (($S4 >> 20) | self::mul($S5, 1 << 1))), |
|
| 2641 | + (int) (0xff & ($S5 >> 7)), |
|
| 2642 | + (int) (0xff & (($S5 >> 15) | self::mul($S6, 1 << 6))), |
|
| 2643 | + (int) (0xff & ($S6 >> 2)), |
|
| 2644 | + (int) (0xff & ($S6 >> 10)), |
|
| 2645 | + (int) (0xff & (($S6 >> 18) | self::mul($S7, 1 << 3))), |
|
| 2646 | + (int) (0xff & ($S7 >> 5)), |
|
| 2647 | + (int) (0xff & ($S7 >> 13)), |
|
| 2648 | + (int) (0xff & ($S8 >> 0)), |
|
| 2649 | + (int) (0xff & ($S8 >> 8)), |
|
| 2650 | + (int) (0xff & (($S8 >> 16) | self::mul($S9, 1 << 5))), |
|
| 2651 | + (int) (0xff & ($S9 >> 3)), |
|
| 2652 | + (int) (0xff & ($S9 >> 11)), |
|
| 2653 | + (int) (0xff & (($S9 >> 19) | self::mul($S10, 1 << 2))), |
|
| 2654 | + (int) (0xff & ($S10 >> 6)), |
|
| 2655 | + (int) (0xff & (($S10 >> 14) | self::mul($S11, 1 << 7))), |
|
| 2656 | + (int) (0xff & ($S11 >> 1)), |
|
| 2657 | + (int) (0xff & ($S11 >> 9)), |
|
| 2658 | + (int) (0xff & ($S11 >> 17)) |
|
| 2659 | + ); |
|
| 2660 | + return self::intArrayToString($arr); |
|
| 2661 | + } |
|
| 2662 | + |
|
| 2663 | + /** |
|
| 2664 | + * @internal You should not use this directly from another application |
|
| 2665 | + * |
|
| 2666 | + * @param string $s |
|
| 2667 | + * @return string |
|
| 2668 | + */ |
|
| 2669 | + public static function sc_reduce($s) |
|
| 2670 | + { |
|
| 2671 | + /** |
|
| 2672 | + * @var ParagonIE_Sodium_Core32_Int64 $s0 |
|
| 2673 | + * @var ParagonIE_Sodium_Core32_Int64 $s1 |
|
| 2674 | + * @var ParagonIE_Sodium_Core32_Int64 $s2 |
|
| 2675 | + * @var ParagonIE_Sodium_Core32_Int64 $s3 |
|
| 2676 | + * @var ParagonIE_Sodium_Core32_Int64 $s4 |
|
| 2677 | + * @var ParagonIE_Sodium_Core32_Int64 $s5 |
|
| 2678 | + * @var ParagonIE_Sodium_Core32_Int64 $s6 |
|
| 2679 | + * @var ParagonIE_Sodium_Core32_Int64 $s7 |
|
| 2680 | + * @var ParagonIE_Sodium_Core32_Int64 $s8 |
|
| 2681 | + * @var ParagonIE_Sodium_Core32_Int64 $s9 |
|
| 2682 | + * @var ParagonIE_Sodium_Core32_Int64 $s10 |
|
| 2683 | + * @var ParagonIE_Sodium_Core32_Int64 $s11 |
|
| 2684 | + * @var ParagonIE_Sodium_Core32_Int64 $s12 |
|
| 2685 | + * @var ParagonIE_Sodium_Core32_Int64 $s13 |
|
| 2686 | + * @var ParagonIE_Sodium_Core32_Int64 $s14 |
|
| 2687 | + * @var ParagonIE_Sodium_Core32_Int64 $s15 |
|
| 2688 | + * @var ParagonIE_Sodium_Core32_Int64 $s16 |
|
| 2689 | + * @var ParagonIE_Sodium_Core32_Int64 $s17 |
|
| 2690 | + * @var ParagonIE_Sodium_Core32_Int64 $s18 |
|
| 2691 | + * @var ParagonIE_Sodium_Core32_Int64 $s19 |
|
| 2692 | + * @var ParagonIE_Sodium_Core32_Int64 $s20 |
|
| 2693 | + * @var ParagonIE_Sodium_Core32_Int64 $s21 |
|
| 2694 | + * @var ParagonIE_Sodium_Core32_Int64 $s22 |
|
| 2695 | + * @var ParagonIE_Sodium_Core32_Int64 $s23 |
|
| 2696 | + */ |
|
| 2697 | + $s0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 0, 3)))->toInt64(); |
|
| 2698 | + $s1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5))->toInt64(); |
|
| 2699 | + $s2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2))->toInt64(); |
|
| 2700 | + $s3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7))->toInt64(); |
|
| 2701 | + $s4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4))->toInt64(); |
|
| 2702 | + $s5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1))->toInt64(); |
|
| 2703 | + $s6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6))->toInt64(); |
|
| 2704 | + $s7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3))->toInt64(); |
|
| 2705 | + $s8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 21, 3)))->toInt64(); |
|
| 2706 | + $s9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5))->toInt64(); |
|
| 2707 | + $s10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2))->toInt64(); |
|
| 2708 | + $s11 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7))->toInt64(); |
|
| 2709 | + $s12 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4))->toInt64(); |
|
| 2710 | + $s13 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1))->toInt64(); |
|
| 2711 | + $s14 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6))->toInt64(); |
|
| 2712 | + $s15 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3))->toInt64(); |
|
| 2713 | + $s16 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 42, 3)))->toInt64(); |
|
| 2714 | + $s17 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5))->toInt64(); |
|
| 2715 | + $s18 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2))->toInt64(); |
|
| 2716 | + $s19 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7))->toInt64(); |
|
| 2717 | + $s20 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4))->toInt64(); |
|
| 2718 | + $s21 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1))->toInt64(); |
|
| 2719 | + $s22 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6))->toInt64(); |
|
| 2720 | + $s23 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($s, 60, 4)) >> 3))->toInt64(); |
|
| 2721 | + |
|
| 2722 | + $s11 = $s11->addInt64($s23->mulInt(666643)); |
|
| 2723 | + $s12 = $s12->addInt64($s23->mulInt(470296)); |
|
| 2724 | + $s13 = $s13->addInt64($s23->mulInt(654183)); |
|
| 2725 | + $s14 = $s14->subInt64($s23->mulInt(997805)); |
|
| 2726 | + $s15 = $s15->addInt64($s23->mulInt(136657)); |
|
| 2727 | + $s16 = $s16->subInt64($s23->mulInt(683901)); |
|
| 2728 | + |
|
| 2729 | + $s10 = $s10->addInt64($s22->mulInt(666643)); |
|
| 2730 | + $s11 = $s11->addInt64($s22->mulInt(470296)); |
|
| 2731 | + $s12 = $s12->addInt64($s22->mulInt(654183)); |
|
| 2732 | + $s13 = $s13->subInt64($s22->mulInt(997805)); |
|
| 2733 | + $s14 = $s14->addInt64($s22->mulInt(136657)); |
|
| 2734 | + $s15 = $s15->subInt64($s22->mulInt(683901)); |
|
| 2735 | + |
|
| 2736 | + $s9 = $s9->addInt64($s21->mulInt(666643)); |
|
| 2737 | + $s10 = $s10->addInt64($s21->mulInt(470296)); |
|
| 2738 | + $s11 = $s11->addInt64($s21->mulInt(654183)); |
|
| 2739 | + $s12 = $s12->subInt64($s21->mulInt(997805)); |
|
| 2740 | + $s13 = $s13->addInt64($s21->mulInt(136657)); |
|
| 2741 | + $s14 = $s14->subInt64($s21->mulInt(683901)); |
|
| 2742 | + |
|
| 2743 | + $s8 = $s8->addInt64($s20->mulInt(666643)); |
|
| 2744 | + $s9 = $s9->addInt64($s20->mulInt(470296)); |
|
| 2745 | + $s10 = $s10->addInt64($s20->mulInt(654183)); |
|
| 2746 | + $s11 = $s11->subInt64($s20->mulInt(997805)); |
|
| 2747 | + $s12 = $s12->addInt64($s20->mulInt(136657)); |
|
| 2748 | + $s13 = $s13->subInt64($s20->mulInt(683901)); |
|
| 2749 | + |
|
| 2750 | + $s7 = $s7->addInt64($s19->mulInt(666643)); |
|
| 2751 | + $s8 = $s8->addInt64($s19->mulInt(470296)); |
|
| 2752 | + $s9 = $s9->addInt64($s19->mulInt(654183)); |
|
| 2753 | + $s10 = $s10->subInt64($s19->mulInt(997805)); |
|
| 2754 | + $s11 = $s11->addInt64($s19->mulInt(136657)); |
|
| 2755 | + $s12 = $s12->subInt64($s19->mulInt(683901)); |
|
| 2756 | + |
|
| 2757 | + $s6 = $s6->addInt64($s18->mulInt(666643)); |
|
| 2758 | + $s7 = $s7->addInt64($s18->mulInt(470296)); |
|
| 2759 | + $s8 = $s8->addInt64($s18->mulInt(654183)); |
|
| 2760 | + $s9 = $s9->subInt64($s18->mulInt(997805)); |
|
| 2761 | + $s10 = $s10->addInt64($s18->mulInt(136657)); |
|
| 2762 | + $s11 = $s11->subInt64($s18->mulInt(683901)); |
|
| 2763 | + |
|
| 2764 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2765 | + $s7 = $s7->addInt64($carry6); |
|
| 2766 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2767 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2768 | + $s9 = $s9->addInt64($carry8); |
|
| 2769 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2770 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2771 | + $s11 = $s11->addInt64($carry10); |
|
| 2772 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2773 | + $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2774 | + $s13 = $s13->addInt64($carry12); |
|
| 2775 | + $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2776 | + $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2777 | + $s15 = $s15->addInt64($carry14); |
|
| 2778 | + $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2779 | + $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2780 | + $s17 = $s17->addInt64($carry16); |
|
| 2781 | + $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2782 | + |
|
| 2783 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2784 | + $s8 = $s8->addInt64($carry7); |
|
| 2785 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2786 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2787 | + $s10 = $s10->addInt64($carry9); |
|
| 2788 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2789 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2790 | + $s12 = $s12->addInt64($carry11); |
|
| 2791 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2792 | + $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2793 | + $s14 = $s14->addInt64($carry13); |
|
| 2794 | + $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2795 | + $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2796 | + $s16 = $s16->addInt64($carry15); |
|
| 2797 | + $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2798 | + |
|
| 2799 | + $s5 = $s5->addInt64($s17->mulInt(666643)); |
|
| 2800 | + $s6 = $s6->addInt64($s17->mulInt(470296)); |
|
| 2801 | + $s7 = $s7->addInt64($s17->mulInt(654183)); |
|
| 2802 | + $s8 = $s8->subInt64($s17->mulInt(997805)); |
|
| 2803 | + $s9 = $s9->addInt64($s17->mulInt(136657)); |
|
| 2804 | + $s10 = $s10->subInt64($s17->mulInt(683901)); |
|
| 2805 | + |
|
| 2806 | + $s4 = $s4->addInt64($s16->mulInt(666643)); |
|
| 2807 | + $s5 = $s5->addInt64($s16->mulInt(470296)); |
|
| 2808 | + $s6 = $s6->addInt64($s16->mulInt(654183)); |
|
| 2809 | + $s7 = $s7->subInt64($s16->mulInt(997805)); |
|
| 2810 | + $s8 = $s8->addInt64($s16->mulInt(136657)); |
|
| 2811 | + $s9 = $s9->subInt64($s16->mulInt(683901)); |
|
| 2812 | + |
|
| 2813 | + $s3 = $s3->addInt64($s15->mulInt(666643)); |
|
| 2814 | + $s4 = $s4->addInt64($s15->mulInt(470296)); |
|
| 2815 | + $s5 = $s5->addInt64($s15->mulInt(654183)); |
|
| 2816 | + $s6 = $s6->subInt64($s15->mulInt(997805)); |
|
| 2817 | + $s7 = $s7->addInt64($s15->mulInt(136657)); |
|
| 2818 | + $s8 = $s8->subInt64($s15->mulInt(683901)); |
|
| 2819 | + |
|
| 2820 | + $s2 = $s2->addInt64($s14->mulInt(666643)); |
|
| 2821 | + $s3 = $s3->addInt64($s14->mulInt(470296)); |
|
| 2822 | + $s4 = $s4->addInt64($s14->mulInt(654183)); |
|
| 2823 | + $s5 = $s5->subInt64($s14->mulInt(997805)); |
|
| 2824 | + $s6 = $s6->addInt64($s14->mulInt(136657)); |
|
| 2825 | + $s7 = $s7->subInt64($s14->mulInt(683901)); |
|
| 2826 | + |
|
| 2827 | + $s1 = $s1->addInt64($s13->mulInt(666643)); |
|
| 2828 | + $s2 = $s2->addInt64($s13->mulInt(470296)); |
|
| 2829 | + $s3 = $s3->addInt64($s13->mulInt(654183)); |
|
| 2830 | + $s4 = $s4->subInt64($s13->mulInt(997805)); |
|
| 2831 | + $s5 = $s5->addInt64($s13->mulInt(136657)); |
|
| 2832 | + $s6 = $s6->subInt64($s13->mulInt(683901)); |
|
| 2833 | + |
|
| 2834 | + $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2835 | + $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2836 | + $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2837 | + $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2838 | + $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2839 | + $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2840 | + $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2841 | + |
|
| 2842 | + $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2843 | + $s1 = $s1->addInt64($carry0); |
|
| 2844 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2845 | + $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2846 | + $s3 = $s3->addInt64($carry2); |
|
| 2847 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2848 | + $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2849 | + $s5 = $s5->addInt64($carry4); |
|
| 2850 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2851 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2852 | + $s7 = $s7->addInt64($carry6); |
|
| 2853 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2854 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2855 | + $s9 = $s9->addInt64($carry8); |
|
| 2856 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2857 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2858 | + $s11 = $s11->addInt64($carry10); |
|
| 2859 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2860 | + $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2861 | + $s2 = $s2->addInt64($carry1); |
|
| 2862 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2863 | + $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2864 | + $s4 = $s4->addInt64($carry3); |
|
| 2865 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2866 | + $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2867 | + $s6 = $s6->addInt64($carry5); |
|
| 2868 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2869 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2870 | + $s8 = $s8->addInt64($carry7); |
|
| 2871 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2872 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2873 | + $s10 = $s10->addInt64($carry9); |
|
| 2874 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2875 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2876 | + $s12 = $s12->addInt64($carry11); |
|
| 2877 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2878 | + |
|
| 2879 | + $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2880 | + $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2881 | + $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2882 | + $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2883 | + $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2884 | + $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2885 | + $s12 = new ParagonIE_Sodium_Core32_Int64(); |
|
| 2886 | + |
|
| 2887 | + $carry0 = $s0->shiftRight(21); |
|
| 2888 | + $s1 = $s1->addInt64($carry0); |
|
| 2889 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2890 | + $carry1 = $s1->shiftRight(21); |
|
| 2891 | + $s2 = $s2->addInt64($carry1); |
|
| 2892 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2893 | + $carry2 = $s2->shiftRight(21); |
|
| 2894 | + $s3 = $s3->addInt64($carry2); |
|
| 2895 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2896 | + $carry3 = $s3->shiftRight(21); |
|
| 2897 | + $s4 = $s4->addInt64($carry3); |
|
| 2898 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2899 | + $carry4 = $s4->shiftRight(21); |
|
| 2900 | + $s5 = $s5->addInt64($carry4); |
|
| 2901 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2902 | + $carry5 = $s5->shiftRight(21); |
|
| 2903 | + $s6 = $s6->addInt64($carry5); |
|
| 2904 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2905 | + $carry6 = $s6->shiftRight(21); |
|
| 2906 | + $s7 = $s7->addInt64($carry6); |
|
| 2907 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2908 | + $carry7 = $s7->shiftRight(21); |
|
| 2909 | + $s8 = $s8->addInt64($carry7); |
|
| 2910 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2911 | + $carry8 = $s8->shiftRight(21); |
|
| 2912 | + $s9 = $s9->addInt64($carry8); |
|
| 2913 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2914 | + $carry9 = $s9->shiftRight(21); |
|
| 2915 | + $s10 = $s10->addInt64($carry9); |
|
| 2916 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2917 | + $carry10 = $s10->shiftRight(21); |
|
| 2918 | + $s11 = $s11->addInt64($carry10); |
|
| 2919 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2920 | + $carry11 = $s11->shiftRight(21); |
|
| 2921 | + $s12 = $s12->addInt64($carry11); |
|
| 2922 | + $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2923 | + |
|
| 2924 | + $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2925 | + $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2926 | + $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2927 | + $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2928 | + $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2929 | + $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2930 | + |
|
| 2931 | + $carry0 = $s0->shiftRight(21); |
|
| 2932 | + $s1 = $s1->addInt64($carry0); |
|
| 2933 | + $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2934 | + $carry1 = $s1->shiftRight(21); |
|
| 2935 | + $s2 = $s2->addInt64($carry1); |
|
| 2936 | + $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2937 | + $carry2 = $s2->shiftRight(21); |
|
| 2938 | + $s3 = $s3->addInt64($carry2); |
|
| 2939 | + $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2940 | + $carry3 = $s3->shiftRight(21); |
|
| 2941 | + $s4 = $s4->addInt64($carry3); |
|
| 2942 | + $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2943 | + $carry4 = $s4->shiftRight(21); |
|
| 2944 | + $s5 = $s5->addInt64($carry4); |
|
| 2945 | + $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2946 | + $carry5 = $s5->shiftRight(21); |
|
| 2947 | + $s6 = $s6->addInt64($carry5); |
|
| 2948 | + $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2949 | + $carry6 = $s6->shiftRight(21); |
|
| 2950 | + $s7 = $s7->addInt64($carry6); |
|
| 2951 | + $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2952 | + $carry7 = $s7->shiftRight(21); |
|
| 2953 | + $s8 = $s8->addInt64($carry7); |
|
| 2954 | + $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2955 | + $carry8 = $s8->shiftRight(21); |
|
| 2956 | + $s9 = $s9->addInt64($carry8); |
|
| 2957 | + $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2958 | + $carry9 = $s9->shiftRight(21); |
|
| 2959 | + $s10 = $s10->addInt64($carry9); |
|
| 2960 | + $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2961 | + $carry10 = $s10->shiftRight(21); |
|
| 2962 | + $s11 = $s11->addInt64($carry10); |
|
| 2963 | + $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2964 | + |
|
| 2965 | + $S0 = $s0->toInt32()->toInt(); |
|
| 2966 | + $S1 = $s1->toInt32()->toInt(); |
|
| 2967 | + $S2 = $s2->toInt32()->toInt(); |
|
| 2968 | + $S3 = $s3->toInt32()->toInt(); |
|
| 2969 | + $S4 = $s4->toInt32()->toInt(); |
|
| 2970 | + $S5 = $s5->toInt32()->toInt(); |
|
| 2971 | + $S6 = $s6->toInt32()->toInt(); |
|
| 2972 | + $S7 = $s7->toInt32()->toInt(); |
|
| 2973 | + $S8 = $s8->toInt32()->toInt(); |
|
| 2974 | + $S9 = $s9->toInt32()->toInt(); |
|
| 2975 | + $S10 = $s10->toInt32()->toInt(); |
|
| 2976 | + $S11 = $s11->toInt32()->toInt(); |
|
| 2977 | + |
|
| 2978 | + /** |
|
| 2979 | + * @var array<int, int> |
|
| 2980 | + */ |
|
| 2981 | + $arr = array( |
|
| 2982 | + (int) ($S0 >> 0), |
|
| 2983 | + (int) ($S0 >> 8), |
|
| 2984 | + (int) (($S0 >> 16) | self::mul($S1, 1 << 5)), |
|
| 2985 | + (int) ($S1 >> 3), |
|
| 2986 | + (int) ($S1 >> 11), |
|
| 2987 | + (int) (($S1 >> 19) | self::mul($S2, 1 << 2)), |
|
| 2988 | + (int) ($S2 >> 6), |
|
| 2989 | + (int) (($S2 >> 14) | self::mul($S3, 1 << 7)), |
|
| 2990 | + (int) ($S3 >> 1), |
|
| 2991 | + (int) ($S3 >> 9), |
|
| 2992 | + (int) (($S3 >> 17) | self::mul($S4, 1 << 4)), |
|
| 2993 | + (int) ($S4 >> 4), |
|
| 2994 | + (int) ($S4 >> 12), |
|
| 2995 | + (int) (($S4 >> 20) | self::mul($S5, 1 << 1)), |
|
| 2996 | + (int) ($S5 >> 7), |
|
| 2997 | + (int) (($S5 >> 15) | self::mul($S6, 1 << 6)), |
|
| 2998 | + (int) ($S6 >> 2), |
|
| 2999 | + (int) ($S6 >> 10), |
|
| 3000 | + (int) (($S6 >> 18) | self::mul($S7, 1 << 3)), |
|
| 3001 | + (int) ($S7 >> 5), |
|
| 3002 | + (int) ($S7 >> 13), |
|
| 3003 | + (int) ($S8 >> 0), |
|
| 3004 | + (int) ($S8 >> 8), |
|
| 3005 | + (int) (($S8 >> 16) | self::mul($S9, 1 << 5)), |
|
| 3006 | + (int) ($S9 >> 3), |
|
| 3007 | + (int) ($S9 >> 11), |
|
| 3008 | + (int) (($S9 >> 19) | self::mul($S10, 1 << 2)), |
|
| 3009 | + (int) ($S10 >> 6), |
|
| 3010 | + (int) (($S10 >> 14) | self::mul($S11, 1 << 7)), |
|
| 3011 | + (int) ($S11 >> 1), |
|
| 3012 | + (int) ($S11 >> 9), |
|
| 3013 | + (int) $S11 >> 17 |
|
| 3014 | + ); |
|
| 3015 | + return self::intArrayToString($arr); |
|
| 3016 | + } |
|
| 3017 | + |
|
| 3018 | + /** |
|
| 3019 | + * @internal You should not use this directly from another application |
|
| 3020 | + * |
|
| 3021 | + * @param string $s |
|
| 3022 | + * @return string |
|
| 3023 | + */ |
|
| 3024 | + public static function sc_reduce_old($s) |
|
| 3025 | + { |
|
| 3026 | + /** |
|
| 3027 | + * @var ParagonIE_Sodium_Core32_Int32 $s0 |
|
| 3028 | + * @var ParagonIE_Sodium_Core32_Int32 $s1 |
|
| 3029 | + * @var ParagonIE_Sodium_Core32_Int32 $s2 |
|
| 3030 | + * @var ParagonIE_Sodium_Core32_Int32 $s3 |
|
| 3031 | + * @var ParagonIE_Sodium_Core32_Int32 $s4 |
|
| 3032 | + * @var ParagonIE_Sodium_Core32_Int32 $s5 |
|
| 3033 | + * @var ParagonIE_Sodium_Core32_Int32 $s6 |
|
| 3034 | + * @var ParagonIE_Sodium_Core32_Int32 $s7 |
|
| 3035 | + * @var ParagonIE_Sodium_Core32_Int32 $s8 |
|
| 3036 | + * @var ParagonIE_Sodium_Core32_Int32 $s9 |
|
| 3037 | + * @var ParagonIE_Sodium_Core32_Int32 $s10 |
|
| 3038 | + * @var ParagonIE_Sodium_Core32_Int32 $s11 |
|
| 3039 | + * @var ParagonIE_Sodium_Core32_Int32 $s12 |
|
| 3040 | + * @var ParagonIE_Sodium_Core32_Int32 $s13 |
|
| 3041 | + * @var ParagonIE_Sodium_Core32_Int32 $s14 |
|
| 3042 | + * @var ParagonIE_Sodium_Core32_Int32 $s15 |
|
| 3043 | + * @var ParagonIE_Sodium_Core32_Int32 $s16 |
|
| 3044 | + * @var ParagonIE_Sodium_Core32_Int32 $s17 |
|
| 3045 | + * @var ParagonIE_Sodium_Core32_Int32 $s18 |
|
| 3046 | + * @var ParagonIE_Sodium_Core32_Int32 $s19 |
|
| 3047 | + * @var ParagonIE_Sodium_Core32_Int32 $s20 |
|
| 3048 | + * @var ParagonIE_Sodium_Core32_Int32 $s21 |
|
| 3049 | + * @var ParagonIE_Sodium_Core32_Int32 $s22 |
|
| 3050 | + * @var ParagonIE_Sodium_Core32_Int32 $s23 |
|
| 3051 | + */ |
|
| 3052 | + $s0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 0, 3))); |
|
| 3053 | + $s1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5)); |
|
| 3054 | + $s2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2)); |
|
| 3055 | + $s3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7)); |
|
| 3056 | + $s4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4)); |
|
| 3057 | + $s5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1)); |
|
| 3058 | + $s6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6)); |
|
| 3059 | + $s7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3)); |
|
| 3060 | + $s8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 21, 3))); |
|
| 3061 | + $s9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5)); |
|
| 3062 | + $s10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2)); |
|
| 3063 | + $s11 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7)); |
|
| 3064 | + $s12 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4)); |
|
| 3065 | + $s13 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1)); |
|
| 3066 | + $s14 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6)); |
|
| 3067 | + $s15 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3)); |
|
| 3068 | + $s16 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 42, 3))); |
|
| 3069 | + $s17 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5)); |
|
| 3070 | + $s18 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2)); |
|
| 3071 | + $s19 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7)); |
|
| 3072 | + $s20 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4)); |
|
| 3073 | + $s21 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1)); |
|
| 3074 | + $s22 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6)); |
|
| 3075 | + $s23 = ParagonIE_Sodium_Core32_Int32::fromInt(self::load_4(self::substr($s, 60, 4)) >> 3); |
|
| 3076 | + |
|
| 3077 | + $s11 = $s11->addInt32($s23->mulInt(666643)); |
|
| 3078 | + $s12 = $s12->addInt32($s23->mulInt(470296)); |
|
| 3079 | + $s13 = $s13->addInt32($s23->mulInt(654183)); |
|
| 3080 | + $s14 = $s14->subInt32($s23->mulInt(997805)); |
|
| 3081 | + $s15 = $s15->addInt32($s23->mulInt(136657)); |
|
| 3082 | + $s16 = $s16->subInt32($s23->mulInt(683901)); |
|
| 3083 | + |
|
| 3084 | + $s10 = $s10->addInt32($s22->mulInt(666643)); |
|
| 3085 | + $s11 = $s11->addInt32($s22->mulInt(470296)); |
|
| 3086 | + $s12 = $s12->addInt32($s22->mulInt(654183)); |
|
| 3087 | + $s13 = $s13->subInt32($s22->mulInt(997805)); |
|
| 3088 | + $s14 = $s14->addInt32($s22->mulInt(136657)); |
|
| 3089 | + $s15 = $s15->subInt32($s22->mulInt(683901)); |
|
| 3090 | + |
|
| 3091 | + $s9 = $s9->addInt32($s21->mulInt(666643)); |
|
| 3092 | + $s10 = $s10->addInt32($s21->mulInt(470296)); |
|
| 3093 | + $s11 = $s11->addInt32($s21->mulInt(654183)); |
|
| 3094 | + $s12 = $s12->subInt32($s21->mulInt(997805)); |
|
| 3095 | + $s13 = $s13->addInt32($s21->mulInt(136657)); |
|
| 3096 | + $s14 = $s14->subInt32($s21->mulInt(683901)); |
|
| 3097 | + |
|
| 3098 | + $s8 = $s8->addInt32($s20->mulInt(666643)); |
|
| 3099 | + $s9 = $s9->addInt32($s20->mulInt(470296)); |
|
| 3100 | + $s10 = $s10->addInt32($s20->mulInt(654183)); |
|
| 3101 | + $s11 = $s11->subInt32($s20->mulInt(997805)); |
|
| 3102 | + $s12 = $s12->addInt32($s20->mulInt(136657)); |
|
| 3103 | + $s13 = $s13->subInt32($s20->mulInt(683901)); |
|
| 3104 | + |
|
| 3105 | + $s7 = $s7->addInt32($s19->mulInt(666643)); |
|
| 3106 | + $s8 = $s8->addInt32($s19->mulInt(470296)); |
|
| 3107 | + $s9 = $s9->addInt32($s19->mulInt(654183)); |
|
| 3108 | + $s10 = $s10->subInt32($s19->mulInt(997805)); |
|
| 3109 | + $s11 = $s11->addInt32($s19->mulInt(136657)); |
|
| 3110 | + $s12 = $s12->subInt32($s19->mulInt(683901)); |
|
| 3111 | + |
|
| 3112 | + $s6 = $s6->addInt32($s18->mulInt(666643)); |
|
| 3113 | + $s7 = $s7->addInt32($s18->mulInt(470296)); |
|
| 3114 | + $s8 = $s8->addInt32($s18->mulInt(654183)); |
|
| 3115 | + $s9 = $s9->subInt32($s18->mulInt(997805)); |
|
| 3116 | + $s10 = $s10->addInt32($s18->mulInt(136657)); |
|
| 3117 | + $s11 = $s11->subInt32($s18->mulInt(683901)); |
|
| 3118 | + |
|
| 3119 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 3120 | + $s7 = $s7->addInt32($carry6); |
|
| 3121 | + $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3122 | + |
|
| 3123 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 3124 | + $s9 = $s9->addInt32($carry8); |
|
| 3125 | + $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3126 | + |
|
| 3127 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 3128 | + $s11 = $s11->addInt32($carry10); |
|
| 3129 | + $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3130 | + |
|
| 3131 | + $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 3132 | + $s13 = $s13->addInt32($carry12); |
|
| 3133 | + $s12 = $s12->subInt32($carry12->shiftLeft(21)); |
|
| 3134 | + |
|
| 3135 | + $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 3136 | + $s15 = $s15->addInt32($carry14); |
|
| 3137 | + $s14 = $s14->subInt32($carry14->shiftLeft(21)); |
|
| 3138 | + |
|
| 3139 | + $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 3140 | + $s17 = $s17->addInt32($carry16); |
|
| 3141 | + $s16 = $s16->subInt32($carry16->shiftLeft(21)); |
|
| 3142 | + |
|
| 3143 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 3144 | + $s8 = $s8->addInt32($carry7); |
|
| 3145 | + $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3146 | + |
|
| 3147 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 3148 | + $s10 = $s10->addInt32($carry9); |
|
| 3149 | + $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3150 | + |
|
| 3151 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 3152 | + $s12 = $s12->addInt32($carry11); |
|
| 3153 | + $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3154 | + |
|
| 3155 | + $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 3156 | + $s14 = $s14->addInt32($carry13); |
|
| 3157 | + $s13 = $s13->subInt32($carry13->shiftLeft(21)); |
|
| 3158 | + |
|
| 3159 | + $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 3160 | + $s16 = $s16->addInt32($carry15); |
|
| 3161 | + $s15 = $s15->subInt32($carry15->shiftLeft(21)); |
|
| 3162 | + |
|
| 3163 | + $s5 = $s5->addInt32($s17->mulInt(666643)); |
|
| 3164 | + $s6 = $s6->addInt32($s17->mulInt(470296)); |
|
| 3165 | + $s7 = $s7->addInt32($s17->mulInt(654183)); |
|
| 3166 | + $s8 = $s8->subInt32($s17->mulInt(997805)); |
|
| 3167 | + $s9 = $s9->addInt32($s17->mulInt(136657)); |
|
| 3168 | + $s10 = $s10->subInt32($s17->mulInt(683901)); |
|
| 3169 | + |
|
| 3170 | + $s4 = $s4->addInt32($s16->mulInt(666643)); |
|
| 3171 | + $s5 = $s5->addInt32($s16->mulInt(470296)); |
|
| 3172 | + $s6 = $s6->addInt32($s16->mulInt(654183)); |
|
| 3173 | + $s7 = $s7->subInt32($s16->mulInt(997805)); |
|
| 3174 | + $s8 = $s8->addInt32($s16->mulInt(136657)); |
|
| 3175 | + $s9 = $s9->subInt32($s16->mulInt(683901)); |
|
| 3176 | + |
|
| 3177 | + $s3 = $s3->addInt32($s15->mulInt(666643)); |
|
| 3178 | + $s4 = $s4->addInt32($s15->mulInt(470296)); |
|
| 3179 | + $s5 = $s5->addInt32($s15->mulInt(654183)); |
|
| 3180 | + $s6 = $s6->subInt32($s15->mulInt(997805)); |
|
| 3181 | + $s7 = $s7->addInt32($s15->mulInt(136657)); |
|
| 3182 | + $s8 = $s8->subInt32($s15->mulInt(683901)); |
|
| 3183 | + |
|
| 3184 | + $s2 = $s2->addInt32($s14->mulInt(666643)); |
|
| 3185 | + $s3 = $s3->addInt32($s14->mulInt(470296)); |
|
| 3186 | + $s4 = $s4->addInt32($s14->mulInt(654183)); |
|
| 3187 | + $s5 = $s5->subInt32($s14->mulInt(997805)); |
|
| 3188 | + $s6 = $s6->addInt32($s14->mulInt(136657)); |
|
| 3189 | + $s7 = $s7->subInt32($s14->mulInt(683901)); |
|
| 3190 | + |
|
| 3191 | + $s1 = $s1->addInt32($s13->mulInt(666643)); |
|
| 3192 | + $s2 = $s2->addInt32($s13->mulInt(470296)); |
|
| 3193 | + $s3 = $s3->addInt32($s13->mulInt(654183)); |
|
| 3194 | + $s4 = $s4->subInt32($s13->mulInt(997805)); |
|
| 3195 | + $s5 = $s5->addInt32($s13->mulInt(136657)); |
|
| 3196 | + $s6 = $s6->subInt32($s13->mulInt(683901)); |
|
| 3197 | + |
|
| 3198 | + $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3199 | + $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3200 | + $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3201 | + $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3202 | + $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3203 | + $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3204 | + $s12 = new ParagonIE_Sodium_Core32_Int32(); |
|
| 3205 | + |
|
| 3206 | + $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 3207 | + $s1 = $s1->addInt32($carry0); |
|
| 3208 | + $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3209 | + $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 3210 | + $s3 = $s3->addInt32($carry2); |
|
| 3211 | + $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3212 | + $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 3213 | + $s5 = $s5->addInt32($carry4); |
|
| 3214 | + $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3215 | + $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 3216 | + $s7 = $s7->addInt32($carry6); |
|
| 3217 | + $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3218 | + $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 3219 | + $s9 = $s9->addInt32($carry8); |
|
| 3220 | + $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3221 | + $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 3222 | + $s11 = $s11->addInt32($carry10); |
|
| 3223 | + $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3224 | + $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 3225 | + $s2 = $s2->addInt32($carry1); |
|
| 3226 | + $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3227 | + $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 3228 | + $s4 = $s4->addInt32($carry3); |
|
| 3229 | + $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3230 | + $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 3231 | + $s6 = $s6->addInt32($carry5); |
|
| 3232 | + $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3233 | + $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 3234 | + $s8 = $s8->addInt32($carry7); |
|
| 3235 | + $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3236 | + $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 3237 | + $s10 = $s10->addInt32($carry9); |
|
| 3238 | + $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3239 | + $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 3240 | + $s12 = $s12->addInt32($carry11); |
|
| 3241 | + $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3242 | + |
|
| 3243 | + $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3244 | + $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3245 | + $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3246 | + $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3247 | + $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3248 | + $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3249 | + $s12 = new ParagonIE_Sodium_Core32_Int32(); |
|
| 3250 | + |
|
| 3251 | + $carry0 = $s0->shiftRight(21); |
|
| 3252 | + $s1 = $s1->addInt32($carry0); |
|
| 3253 | + $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3254 | + $carry1 = $s1->shiftRight(21); |
|
| 3255 | + $s2 = $s2->addInt32($carry1); |
|
| 3256 | + $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3257 | + $carry2 = $s2->shiftRight(21); |
|
| 3258 | + $s3 = $s3->addInt32($carry2); |
|
| 3259 | + $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3260 | + $carry3 = $s3->shiftRight(21); |
|
| 3261 | + $s4 = $s4->addInt32($carry3); |
|
| 3262 | + $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3263 | + $carry4 = $s4->shiftRight(21); |
|
| 3264 | + $s5 = $s5->addInt32($carry4); |
|
| 3265 | + $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3266 | + $carry5 = $s5->shiftRight(21); |
|
| 3267 | + $s6 = $s6->addInt32($carry5); |
|
| 3268 | + $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3269 | + $carry6 = $s6->shiftRight(21); |
|
| 3270 | + $s7 = $s7->addInt32($carry6); |
|
| 3271 | + $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3272 | + $carry7 = $s7->shiftRight(21); |
|
| 3273 | + $s8 = $s8->addInt32($carry7); |
|
| 3274 | + $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3275 | + $carry8 = $s8->shiftRight(21); |
|
| 3276 | + $s9 = $s9->addInt32($carry8); |
|
| 3277 | + $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3278 | + $carry9 = $s9->shiftRight(21); |
|
| 3279 | + $s10 = $s10->addInt32($carry9); |
|
| 3280 | + $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3281 | + $carry10 = $s10->shiftRight(21); |
|
| 3282 | + $s11 = $s11->addInt32($carry10); |
|
| 3283 | + $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3284 | + $carry11 = $s11->shiftRight(21); |
|
| 3285 | + $s12 = $s12->addInt32($carry11); |
|
| 3286 | + $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3287 | + |
|
| 3288 | + $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3289 | + $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3290 | + $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3291 | + $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3292 | + $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3293 | + $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3294 | + |
|
| 3295 | + $carry0 = $s0->shiftRight(21); |
|
| 3296 | + $s1 = $s1->addInt32($carry0); |
|
| 3297 | + $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3298 | + $carry1 = $s1->shiftRight(21); |
|
| 3299 | + $s2 = $s2->addInt32($carry1); |
|
| 3300 | + $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3301 | + $carry2 = $s2->shiftRight(21); |
|
| 3302 | + $s3 = $s3->addInt32($carry2); |
|
| 3303 | + $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3304 | + $carry3 = $s3->shiftRight(21); |
|
| 3305 | + $s4 = $s4->addInt32($carry3); |
|
| 3306 | + $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3307 | + $carry4 = $s4->shiftRight(21); |
|
| 3308 | + $s5 = $s5->addInt32($carry4); |
|
| 3309 | + $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3310 | + $carry5 = $s5->shiftRight(21); |
|
| 3311 | + $s6 = $s6->addInt32($carry5); |
|
| 3312 | + $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3313 | + $carry6 = $s6->shiftRight(21); |
|
| 3314 | + $s7 = $s7->addInt32($carry6); |
|
| 3315 | + $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3316 | + $carry7 = $s7->shiftRight(21); |
|
| 3317 | + $s8 = $s8->addInt32($carry7); |
|
| 3318 | + $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3319 | + $carry8 = $s8->shiftRight(21); |
|
| 3320 | + $s9 = $s9->addInt32($carry8); |
|
| 3321 | + $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3322 | + $carry9 = $s9->shiftRight(21); |
|
| 3323 | + $s10 = $s10->addInt32($carry9); |
|
| 3324 | + $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3325 | + $carry10 = $s10->shiftRight(21); |
|
| 3326 | + $s11 = $s11->addInt32($carry10); |
|
| 3327 | + $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3328 | + |
|
| 3329 | + $S0 = $s0->toInt(); |
|
| 3330 | + $S1 = $s1->toInt(); |
|
| 3331 | + $S2 = $s2->toInt(); |
|
| 3332 | + $S3 = $s3->toInt(); |
|
| 3333 | + $S4 = $s4->toInt(); |
|
| 3334 | + $S5 = $s5->toInt(); |
|
| 3335 | + $S6 = $s6->toInt(); |
|
| 3336 | + $S7 = $s7->toInt(); |
|
| 3337 | + $S8 = $s8->toInt(); |
|
| 3338 | + $S9 = $s9->toInt(); |
|
| 3339 | + $S10 = $s10->toInt(); |
|
| 3340 | + $S11 = $s11->toInt(); |
|
| 3341 | + |
|
| 3342 | + /** |
|
| 3343 | + * @var array<int, int> |
|
| 3344 | + */ |
|
| 3345 | + $arr = array( |
|
| 3346 | + (int) ($S0 >> 0), |
|
| 3347 | + (int) ($S0 >> 8), |
|
| 3348 | + (int) (($S0 >> 16) | self::mul($S1, 1 << 5)), |
|
| 3349 | + (int) ($S1 >> 3), |
|
| 3350 | + (int) ($S1 >> 11), |
|
| 3351 | + (int) (($S1 >> 19) | self::mul($S2, 1 << 2)), |
|
| 3352 | + (int) ($S2 >> 6), |
|
| 3353 | + (int) (($S2 >> 14) | self::mul($S3, 1 << 7)), |
|
| 3354 | + (int) ($S3 >> 1), |
|
| 3355 | + (int) ($S3 >> 9), |
|
| 3356 | + (int) (($S3 >> 17) | self::mul($S4, 1 << 4)), |
|
| 3357 | + (int) ($S4 >> 4), |
|
| 3358 | + (int) ($S4 >> 12), |
|
| 3359 | + (int) (($S4 >> 20) | self::mul($S5, 1 << 1)), |
|
| 3360 | + (int) ($S5 >> 7), |
|
| 3361 | + (int) (($S5 >> 15) | self::mul($S6, 1 << 6)), |
|
| 3362 | + (int) ($S6 >> 2), |
|
| 3363 | + (int) ($S6 >> 10), |
|
| 3364 | + (int) (($S6 >> 18) | self::mul($S7, 1 << 3)), |
|
| 3365 | + (int) ($S7 >> 5), |
|
| 3366 | + (int) ($S7 >> 13), |
|
| 3367 | + (int) ($S8 >> 0), |
|
| 3368 | + (int) ($S8 >> 8), |
|
| 3369 | + (int) (($S8 >> 16) | self::mul($S9, 1 << 5)), |
|
| 3370 | + (int) ($S9 >> 3), |
|
| 3371 | + (int) ($S9 >> 11), |
|
| 3372 | + (int) (($S9 >> 19) | self::mul($S10, 1 << 2)), |
|
| 3373 | + (int) ($S10 >> 6), |
|
| 3374 | + (int) (($S10 >> 14) | self::mul($S11, 1 << 7)), |
|
| 3375 | + (int) ($S11 >> 1), |
|
| 3376 | + (int) ($S11 >> 9), |
|
| 3377 | + (int) $S11 >> 17 |
|
| 3378 | + ); |
|
| 3379 | + return self::intArrayToString($arr); |
|
| 3380 | + } |
|
| 3381 | 3381 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (class_exists('ParagonIE_Sodium_Core32_Curve25519', false)) { |
|
| 3 | +if ( class_exists( 'ParagonIE_Sodium_Core32_Curve25519', false ) ) { |
|
| 4 | 4 | return; |
| 5 | 5 | } |
| 6 | 6 | |
@@ -51,7 +51,7 @@ discard block |
||
| 51 | 51 | { |
| 52 | 52 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 53 | 53 | array( |
| 54 | - ParagonIE_Sodium_Core32_Int32::fromInt(1), |
|
| 54 | + ParagonIE_Sodium_Core32_Int32::fromInt( 1 ), |
|
| 55 | 55 | new ParagonIE_Sodium_Core32_Int32(), |
| 56 | 56 | new ParagonIE_Sodium_Core32_Int32(), |
| 57 | 57 | new ParagonIE_Sodium_Core32_Int32(), |
@@ -79,10 +79,10 @@ discard block |
||
| 79 | 79 | ParagonIE_Sodium_Core32_Curve25519_Fe $g |
| 80 | 80 | ) { |
| 81 | 81 | $arr = array(); |
| 82 | - for ($i = 0; $i < 10; ++$i) { |
|
| 83 | - $arr[$i] = $f[$i]->addInt32($g[$i]); |
|
| 82 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 83 | + $arr[$i] = $f[$i]->addInt32( $g[$i] ); |
|
| 84 | 84 | } |
| 85 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($arr); |
|
| 85 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( $arr ); |
|
| 86 | 86 | } |
| 87 | 87 | |
| 88 | 88 | /** |
@@ -102,15 +102,15 @@ discard block |
||
| 102 | 102 | $b = 0 |
| 103 | 103 | ) { |
| 104 | 104 | $h = array(); |
| 105 | - for ($i = 0; $i < 10; ++$i) { |
|
| 106 | - if (!($f[$i] instanceof ParagonIE_Sodium_Core32_Int32)) { |
|
| 105 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 106 | + if ( ! ( $f[$i] instanceof ParagonIE_Sodium_Core32_Int32 ) ) { |
|
| 107 | 107 | throw new TypeError(); |
| 108 | 108 | } |
| 109 | 109 | $h[$i] = $f[$i]->xorInt32( |
| 110 | - $f[$i]->xorInt32($g[$i])->mask($b) |
|
| 110 | + $f[$i]->xorInt32( $g[$i] )->mask( $b ) |
|
| 111 | 111 | ); |
| 112 | 112 | } |
| 113 | - return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray($h); |
|
| 113 | + return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( $h ); |
|
| 114 | 114 | } |
| 115 | 115 | |
| 116 | 116 | /** |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 122 | 122 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 123 | 123 | */ |
| 124 | - public static function fe_copy(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 124 | + public static function fe_copy( ParagonIE_Sodium_Core32_Curve25519_Fe $f ) |
|
| 125 | 125 | { |
| 126 | 126 | $h = clone $f; |
| 127 | 127 | return $h; |
@@ -137,94 +137,94 @@ discard block |
||
| 137 | 137 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 138 | 138 | * @throws RangeException |
| 139 | 139 | */ |
| 140 | - public static function fe_frombytes($s) |
|
| 140 | + public static function fe_frombytes( $s ) |
|
| 141 | 141 | { |
| 142 | - if (self::strlen($s) !== 32) { |
|
| 143 | - throw new RangeException('Expected a 32-byte string.'); |
|
| 142 | + if ( self::strlen( $s ) !== 32 ) { |
|
| 143 | + throw new RangeException( 'Expected a 32-byte string.' ); |
|
| 144 | 144 | } |
| 145 | 145 | /** @var ParagonIE_Sodium_Core32_Int32 $h0 */ |
| 146 | 146 | $h0 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 147 | - self::load_4($s) |
|
| 147 | + self::load_4( $s ) |
|
| 148 | 148 | ); |
| 149 | 149 | /** @var ParagonIE_Sodium_Core32_Int32 $h1 */ |
| 150 | 150 | $h1 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 151 | - self::load_3(self::substr($s, 4, 3)) << 6 |
|
| 151 | + self::load_3( self::substr( $s, 4, 3 ) ) << 6 |
|
| 152 | 152 | ); |
| 153 | 153 | /** @var ParagonIE_Sodium_Core32_Int32 $h2 */ |
| 154 | 154 | $h2 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 155 | - self::load_3(self::substr($s, 7, 3)) << 5 |
|
| 155 | + self::load_3( self::substr( $s, 7, 3 ) ) << 5 |
|
| 156 | 156 | ); |
| 157 | 157 | /** @var ParagonIE_Sodium_Core32_Int32 $h3 */ |
| 158 | 158 | $h3 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 159 | - self::load_3(self::substr($s, 10, 3)) << 3 |
|
| 159 | + self::load_3( self::substr( $s, 10, 3 ) ) << 3 |
|
| 160 | 160 | ); |
| 161 | 161 | /** @var ParagonIE_Sodium_Core32_Int32 $h4 */ |
| 162 | 162 | $h4 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 163 | - self::load_3(self::substr($s, 13, 3)) << 2 |
|
| 163 | + self::load_3( self::substr( $s, 13, 3 ) ) << 2 |
|
| 164 | 164 | ); |
| 165 | 165 | /** @var ParagonIE_Sodium_Core32_Int32 $h5 */ |
| 166 | 166 | $h5 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 167 | - self::load_4(self::substr($s, 16, 4)) |
|
| 167 | + self::load_4( self::substr( $s, 16, 4 ) ) |
|
| 168 | 168 | ); |
| 169 | 169 | /** @var ParagonIE_Sodium_Core32_Int32 $h6 */ |
| 170 | 170 | $h6 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 171 | - self::load_3(self::substr($s, 20, 3)) << 7 |
|
| 171 | + self::load_3( self::substr( $s, 20, 3 ) ) << 7 |
|
| 172 | 172 | ); |
| 173 | 173 | /** @var ParagonIE_Sodium_Core32_Int32 $h7 */ |
| 174 | 174 | $h7 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 175 | - self::load_3(self::substr($s, 23, 3)) << 5 |
|
| 175 | + self::load_3( self::substr( $s, 23, 3 ) ) << 5 |
|
| 176 | 176 | ); |
| 177 | 177 | /** @var ParagonIE_Sodium_Core32_Int32 $h8 */ |
| 178 | 178 | $h8 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 179 | - self::load_3(self::substr($s, 26, 3)) << 4 |
|
| 179 | + self::load_3( self::substr( $s, 26, 3 ) ) << 4 |
|
| 180 | 180 | ); |
| 181 | 181 | /** @var ParagonIE_Sodium_Core32_Int32 $h9 */ |
| 182 | 182 | $h9 = ParagonIE_Sodium_Core32_Int32::fromInt( |
| 183 | - (self::load_3(self::substr($s, 29, 3)) & 8388607) << 2 |
|
| 183 | + ( self::load_3( self::substr( $s, 29, 3 ) ) & 8388607 ) << 2 |
|
| 184 | 184 | ); |
| 185 | 185 | |
| 186 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 187 | - $h0 = $h0->addInt32($carry9->mulInt(19)); |
|
| 188 | - $h9 = $h9->subInt32($carry9->shiftLeft(25)); |
|
| 186 | + $carry9 = $h9->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 187 | + $h0 = $h0->addInt32( $carry9->mulInt( 19 ) ); |
|
| 188 | + $h9 = $h9->subInt32( $carry9->shiftLeft( 25 ) ); |
|
| 189 | 189 | |
| 190 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 191 | - $h2 = $h2->addInt32($carry1); |
|
| 192 | - $h1 = $h1->subInt32($carry1->shiftLeft(25)); |
|
| 190 | + $carry1 = $h1->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 191 | + $h2 = $h2->addInt32( $carry1 ); |
|
| 192 | + $h1 = $h1->subInt32( $carry1->shiftLeft( 25 ) ); |
|
| 193 | 193 | |
| 194 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 195 | - $h4 = $h4->addInt32($carry3); |
|
| 196 | - $h3 = $h3->subInt32($carry3->shiftLeft(25)); |
|
| 194 | + $carry3 = $h3->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 195 | + $h4 = $h4->addInt32( $carry3 ); |
|
| 196 | + $h3 = $h3->subInt32( $carry3->shiftLeft( 25 ) ); |
|
| 197 | 197 | |
| 198 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 199 | - $h6 = $h6->addInt32($carry5); |
|
| 200 | - $h5 = $h5->subInt32($carry5->shiftLeft(25)); |
|
| 198 | + $carry5 = $h5->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 199 | + $h6 = $h6->addInt32( $carry5 ); |
|
| 200 | + $h5 = $h5->subInt32( $carry5->shiftLeft( 25 ) ); |
|
| 201 | 201 | |
| 202 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 203 | - $h8 = $h8->addInt32($carry7); |
|
| 204 | - $h7 = $h7->subInt32($carry7->shiftLeft(25)); |
|
| 202 | + $carry7 = $h7->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 203 | + $h8 = $h8->addInt32( $carry7 ); |
|
| 204 | + $h7 = $h7->subInt32( $carry7->shiftLeft( 25 ) ); |
|
| 205 | 205 | |
| 206 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 207 | - $h1 = $h1->addInt32($carry0); |
|
| 208 | - $h0 = $h0->subInt32($carry0->shiftLeft(26)); |
|
| 206 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 207 | + $h1 = $h1->addInt32( $carry0 ); |
|
| 208 | + $h0 = $h0->subInt32( $carry0->shiftLeft( 26 ) ); |
|
| 209 | 209 | |
| 210 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 211 | - $h3 = $h3->addInt32($carry2); |
|
| 212 | - $h2 = $h2->subInt32($carry2->shiftLeft(26)); |
|
| 210 | + $carry2 = $h2->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 211 | + $h3 = $h3->addInt32( $carry2 ); |
|
| 212 | + $h2 = $h2->subInt32( $carry2->shiftLeft( 26 ) ); |
|
| 213 | 213 | |
| 214 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 215 | - $h5 = $h5->addInt32($carry4); |
|
| 216 | - $h4 = $h4->subInt32($carry4->shiftLeft(26)); |
|
| 214 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 215 | + $h5 = $h5->addInt32( $carry4 ); |
|
| 216 | + $h4 = $h4->subInt32( $carry4->shiftLeft( 26 ) ); |
|
| 217 | 217 | |
| 218 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 219 | - $h7 = $h7->addInt32($carry6); |
|
| 220 | - $h6 = $h6->subInt32($carry6->shiftLeft(26)); |
|
| 218 | + $carry6 = $h6->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 219 | + $h7 = $h7->addInt32( $carry6 ); |
|
| 220 | + $h6 = $h6->subInt32( $carry6->shiftLeft( 26 ) ); |
|
| 221 | 221 | |
| 222 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 223 | - $h9 = $h9->addInt32($carry8); |
|
| 224 | - $h8 = $h8->subInt32($carry8->shiftLeft(26)); |
|
| 222 | + $carry8 = $h8->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 223 | + $h9 = $h9->addInt32( $carry8 ); |
|
| 224 | + $h8 = $h8->subInt32( $carry8->shiftLeft( 26 ) ); |
|
| 225 | 225 | |
| 226 | 226 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 227 | - array($h0, $h1, $h2,$h3, $h4, $h5, $h6, $h7, $h8, $h9) |
|
| 227 | + array( $h0, $h1, $h2, $h3, $h4, $h5, $h6, $h7, $h8, $h9 ) |
|
| 228 | 228 | ); |
| 229 | 229 | } |
| 230 | 230 | |
@@ -236,7 +236,7 @@ discard block |
||
| 236 | 236 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $h |
| 237 | 237 | * @return string |
| 238 | 238 | */ |
| 239 | - public static function fe_tobytes(ParagonIE_Sodium_Core32_Curve25519_Fe $h) |
|
| 239 | + public static function fe_tobytes( ParagonIE_Sodium_Core32_Curve25519_Fe $h ) |
|
| 240 | 240 | { |
| 241 | 241 | /** |
| 242 | 242 | * @var ParagonIE_Sodium_Core32_Int64[] $f |
@@ -244,21 +244,21 @@ discard block |
||
| 244 | 244 | */ |
| 245 | 245 | $f = array(); |
| 246 | 246 | |
| 247 | - for ($i = 0; $i < 10; ++$i) { |
|
| 247 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 248 | 248 | $f[$i] = $h[$i]->toInt64(); |
| 249 | 249 | } |
| 250 | 250 | |
| 251 | - $q = $f[9]->mulInt(19, 5)->addInt(1 << 14)->shiftRight(25) |
|
| 252 | - ->addInt64($f[0])->shiftRight(26) |
|
| 253 | - ->addInt64($f[1])->shiftRight(25) |
|
| 254 | - ->addInt64($f[2])->shiftRight(26) |
|
| 255 | - ->addInt64($f[3])->shiftRight(25) |
|
| 256 | - ->addInt64($f[4])->shiftRight(26) |
|
| 257 | - ->addInt64($f[5])->shiftRight(25) |
|
| 258 | - ->addInt64($f[6])->shiftRight(26) |
|
| 259 | - ->addInt64($f[7])->shiftRight(25) |
|
| 260 | - ->addInt64($f[8])->shiftRight(26) |
|
| 261 | - ->addInt64($f[9])->shiftRight(25); |
|
| 251 | + $q = $f[9]->mulInt( 19, 5 )->addInt( 1 << 14 )->shiftRight( 25 ) |
|
| 252 | + ->addInt64( $f[0] )->shiftRight( 26 ) |
|
| 253 | + ->addInt64( $f[1] )->shiftRight( 25 ) |
|
| 254 | + ->addInt64( $f[2] )->shiftRight( 26 ) |
|
| 255 | + ->addInt64( $f[3] )->shiftRight( 25 ) |
|
| 256 | + ->addInt64( $f[4] )->shiftRight( 26 ) |
|
| 257 | + ->addInt64( $f[5] )->shiftRight( 25 ) |
|
| 258 | + ->addInt64( $f[6] )->shiftRight( 26 ) |
|
| 259 | + ->addInt64( $f[7] )->shiftRight( 25 ) |
|
| 260 | + ->addInt64( $f[8] )->shiftRight( 26 ) |
|
| 261 | + ->addInt64( $f[9] )->shiftRight( 25 ); |
|
| 262 | 262 | |
| 263 | 263 | |
| 264 | 264 | /* |
@@ -276,46 +276,46 @@ discard block |
||
| 276 | 276 | |
| 277 | 277 | $f[0] += self::mul(19, $q); |
| 278 | 278 | */ |
| 279 | - $f[0] = $f[0]->addInt64($q->mulInt(19, 5)); |
|
| 279 | + $f[0] = $f[0]->addInt64( $q->mulInt( 19, 5 ) ); |
|
| 280 | 280 | |
| 281 | - $carry0 = $f[0]->shiftRight(26); |
|
| 282 | - $f[1] = $f[1]->addInt64($carry0); |
|
| 283 | - $f[0] = $f[0]->subInt64($carry0->shiftLeft(26)); |
|
| 281 | + $carry0 = $f[0]->shiftRight( 26 ); |
|
| 282 | + $f[1] = $f[1]->addInt64( $carry0 ); |
|
| 283 | + $f[0] = $f[0]->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 284 | 284 | |
| 285 | - $carry1 = $f[1]->shiftRight(25); |
|
| 286 | - $f[2] = $f[2]->addInt64($carry1); |
|
| 287 | - $f[1] = $f[1]->subInt64($carry1->shiftLeft(25)); |
|
| 285 | + $carry1 = $f[1]->shiftRight( 25 ); |
|
| 286 | + $f[2] = $f[2]->addInt64( $carry1 ); |
|
| 287 | + $f[1] = $f[1]->subInt64( $carry1->shiftLeft( 25 ) ); |
|
| 288 | 288 | |
| 289 | - $carry2 = $f[2]->shiftRight(26); |
|
| 290 | - $f[3] = $f[3]->addInt64($carry2); |
|
| 291 | - $f[2] = $f[2]->subInt64($carry2->shiftLeft(26)); |
|
| 289 | + $carry2 = $f[2]->shiftRight( 26 ); |
|
| 290 | + $f[3] = $f[3]->addInt64( $carry2 ); |
|
| 291 | + $f[2] = $f[2]->subInt64( $carry2->shiftLeft( 26 ) ); |
|
| 292 | 292 | |
| 293 | - $carry3 = $f[3]->shiftRight(25); |
|
| 294 | - $f[4] = $f[4]->addInt64($carry3); |
|
| 295 | - $f[3] = $f[3]->subInt64($carry3->shiftLeft(25)); |
|
| 293 | + $carry3 = $f[3]->shiftRight( 25 ); |
|
| 294 | + $f[4] = $f[4]->addInt64( $carry3 ); |
|
| 295 | + $f[3] = $f[3]->subInt64( $carry3->shiftLeft( 25 ) ); |
|
| 296 | 296 | |
| 297 | - $carry4 = $f[4]->shiftRight(26); |
|
| 298 | - $f[5] = $f[5]->addInt64($carry4); |
|
| 299 | - $f[4] = $f[4]->subInt64($carry4->shiftLeft(26)); |
|
| 297 | + $carry4 = $f[4]->shiftRight( 26 ); |
|
| 298 | + $f[5] = $f[5]->addInt64( $carry4 ); |
|
| 299 | + $f[4] = $f[4]->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 300 | 300 | |
| 301 | - $carry5 = $f[5]->shiftRight(25); |
|
| 302 | - $f[6] = $f[6]->addInt64($carry5); |
|
| 303 | - $f[5] = $f[5]->subInt64($carry5->shiftLeft(25)); |
|
| 301 | + $carry5 = $f[5]->shiftRight( 25 ); |
|
| 302 | + $f[6] = $f[6]->addInt64( $carry5 ); |
|
| 303 | + $f[5] = $f[5]->subInt64( $carry5->shiftLeft( 25 ) ); |
|
| 304 | 304 | |
| 305 | - $carry6 = $f[6]->shiftRight(26); |
|
| 306 | - $f[7] = $f[7]->addInt64($carry6); |
|
| 307 | - $f[6] = $f[6]->subInt64($carry6->shiftLeft(26)); |
|
| 305 | + $carry6 = $f[6]->shiftRight( 26 ); |
|
| 306 | + $f[7] = $f[7]->addInt64( $carry6 ); |
|
| 307 | + $f[6] = $f[6]->subInt64( $carry6->shiftLeft( 26 ) ); |
|
| 308 | 308 | |
| 309 | - $carry7 = $f[7]->shiftRight(25); |
|
| 310 | - $f[8] = $f[8]->addInt64($carry7); |
|
| 311 | - $f[7] = $f[7]->subInt64($carry7->shiftLeft(25)); |
|
| 309 | + $carry7 = $f[7]->shiftRight( 25 ); |
|
| 310 | + $f[8] = $f[8]->addInt64( $carry7 ); |
|
| 311 | + $f[7] = $f[7]->subInt64( $carry7->shiftLeft( 25 ) ); |
|
| 312 | 312 | |
| 313 | - $carry8 = $f[8]->shiftRight(26); |
|
| 314 | - $f[9] = $f[9]->addInt64($carry8); |
|
| 315 | - $f[8] = $f[8]->subInt64($carry8->shiftLeft(26)); |
|
| 313 | + $carry8 = $f[8]->shiftRight( 26 ); |
|
| 314 | + $f[9] = $f[9]->addInt64( $carry8 ); |
|
| 315 | + $f[8] = $f[8]->subInt64( $carry8->shiftLeft( 26 ) ); |
|
| 316 | 316 | |
| 317 | - $carry9 = $f[9]->shiftRight(25); |
|
| 318 | - $f[9] = $f[9]->subInt64($carry9->shiftLeft(25)); |
|
| 317 | + $carry9 = $f[9]->shiftRight( 25 ); |
|
| 318 | + $f[9] = $f[9]->subInt64( $carry9->shiftLeft( 25 ) ); |
|
| 319 | 319 | |
| 320 | 320 | /** |
| 321 | 321 | * @var int $h0 |
@@ -344,40 +344,40 @@ discard block |
||
| 344 | 344 | * @var array<int, int> |
| 345 | 345 | */ |
| 346 | 346 | $s = array( |
| 347 | - (int) (($h0 >> 0) & 0xff), |
|
| 348 | - (int) (($h0 >> 8) & 0xff), |
|
| 349 | - (int) (($h0 >> 16) & 0xff), |
|
| 350 | - (int) ((($h0 >> 24) | ($h1 << 2)) & 0xff), |
|
| 351 | - (int) (($h1 >> 6) & 0xff), |
|
| 352 | - (int) (($h1 >> 14) & 0xff), |
|
| 353 | - (int) ((($h1 >> 22) | ($h2 << 3)) & 0xff), |
|
| 354 | - (int) (($h2 >> 5) & 0xff), |
|
| 355 | - (int) (($h2 >> 13) & 0xff), |
|
| 356 | - (int) ((($h2 >> 21) | ($h3 << 5)) & 0xff), |
|
| 357 | - (int) (($h3 >> 3) & 0xff), |
|
| 358 | - (int) (($h3 >> 11) & 0xff), |
|
| 359 | - (int) ((($h3 >> 19) | ($h4 << 6)) & 0xff), |
|
| 360 | - (int) (($h4 >> 2) & 0xff), |
|
| 361 | - (int) (($h4 >> 10) & 0xff), |
|
| 362 | - (int) (($h4 >> 18) & 0xff), |
|
| 363 | - (int) (($h5 >> 0) & 0xff), |
|
| 364 | - (int) (($h5 >> 8) & 0xff), |
|
| 365 | - (int) (($h5 >> 16) & 0xff), |
|
| 366 | - (int) ((($h5 >> 24) | ($h6 << 1)) & 0xff), |
|
| 367 | - (int) (($h6 >> 7) & 0xff), |
|
| 368 | - (int) (($h6 >> 15) & 0xff), |
|
| 369 | - (int) ((($h6 >> 23) | ($h7 << 3)) & 0xff), |
|
| 370 | - (int) (($h7 >> 5) & 0xff), |
|
| 371 | - (int) (($h7 >> 13) & 0xff), |
|
| 372 | - (int) ((($h7 >> 21) | ($h8 << 4)) & 0xff), |
|
| 373 | - (int) (($h8 >> 4) & 0xff), |
|
| 374 | - (int) (($h8 >> 12) & 0xff), |
|
| 375 | - (int) ((($h8 >> 20) | ($h9 << 6)) & 0xff), |
|
| 376 | - (int) (($h9 >> 2) & 0xff), |
|
| 377 | - (int) (($h9 >> 10) & 0xff), |
|
| 378 | - (int) (($h9 >> 18) & 0xff) |
|
| 347 | + (int) ( ( $h0 >> 0 ) & 0xff ), |
|
| 348 | + (int) ( ( $h0 >> 8 ) & 0xff ), |
|
| 349 | + (int) ( ( $h0 >> 16 ) & 0xff ), |
|
| 350 | + (int) ( ( ( $h0 >> 24 ) | ( $h1 << 2 ) ) & 0xff ), |
|
| 351 | + (int) ( ( $h1 >> 6 ) & 0xff ), |
|
| 352 | + (int) ( ( $h1 >> 14 ) & 0xff ), |
|
| 353 | + (int) ( ( ( $h1 >> 22 ) | ( $h2 << 3 ) ) & 0xff ), |
|
| 354 | + (int) ( ( $h2 >> 5 ) & 0xff ), |
|
| 355 | + (int) ( ( $h2 >> 13 ) & 0xff ), |
|
| 356 | + (int) ( ( ( $h2 >> 21 ) | ( $h3 << 5 ) ) & 0xff ), |
|
| 357 | + (int) ( ( $h3 >> 3 ) & 0xff ), |
|
| 358 | + (int) ( ( $h3 >> 11 ) & 0xff ), |
|
| 359 | + (int) ( ( ( $h3 >> 19 ) | ( $h4 << 6 ) ) & 0xff ), |
|
| 360 | + (int) ( ( $h4 >> 2 ) & 0xff ), |
|
| 361 | + (int) ( ( $h4 >> 10 ) & 0xff ), |
|
| 362 | + (int) ( ( $h4 >> 18 ) & 0xff ), |
|
| 363 | + (int) ( ( $h5 >> 0 ) & 0xff ), |
|
| 364 | + (int) ( ( $h5 >> 8 ) & 0xff ), |
|
| 365 | + (int) ( ( $h5 >> 16 ) & 0xff ), |
|
| 366 | + (int) ( ( ( $h5 >> 24 ) | ( $h6 << 1 ) ) & 0xff ), |
|
| 367 | + (int) ( ( $h6 >> 7 ) & 0xff ), |
|
| 368 | + (int) ( ( $h6 >> 15 ) & 0xff ), |
|
| 369 | + (int) ( ( ( $h6 >> 23 ) | ( $h7 << 3 ) ) & 0xff ), |
|
| 370 | + (int) ( ( $h7 >> 5 ) & 0xff ), |
|
| 371 | + (int) ( ( $h7 >> 13 ) & 0xff ), |
|
| 372 | + (int) ( ( ( $h7 >> 21 ) | ( $h8 << 4 ) ) & 0xff ), |
|
| 373 | + (int) ( ( $h8 >> 4 ) & 0xff ), |
|
| 374 | + (int) ( ( $h8 >> 12 ) & 0xff ), |
|
| 375 | + (int) ( ( ( $h8 >> 20 ) | ( $h9 << 6 ) ) & 0xff ), |
|
| 376 | + (int) ( ( $h9 >> 2 ) & 0xff ), |
|
| 377 | + (int) ( ( $h9 >> 10 ) & 0xff ), |
|
| 378 | + (int) ( ( $h9 >> 18 ) & 0xff ) |
|
| 379 | 379 | ); |
| 380 | - return self::intArrayToString($s); |
|
| 380 | + return self::intArrayToString( $s ); |
|
| 381 | 381 | } |
| 382 | 382 | |
| 383 | 383 | /** |
@@ -388,10 +388,10 @@ discard block |
||
| 388 | 388 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 389 | 389 | * @return int |
| 390 | 390 | */ |
| 391 | - public static function fe_isnegative(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 391 | + public static function fe_isnegative( ParagonIE_Sodium_Core32_Curve25519_Fe $f ) |
|
| 392 | 392 | { |
| 393 | - $str = self::fe_tobytes($f); |
|
| 394 | - return self::chrToInt($str[0]) & 1; |
|
| 393 | + $str = self::fe_tobytes( $f ); |
|
| 394 | + return self::chrToInt( $str[0] ) & 1; |
|
| 395 | 395 | } |
| 396 | 396 | |
| 397 | 397 | /** |
@@ -402,14 +402,14 @@ discard block |
||
| 402 | 402 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 403 | 403 | * @return bool |
| 404 | 404 | */ |
| 405 | - public static function fe_isnonzero(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 405 | + public static function fe_isnonzero( ParagonIE_Sodium_Core32_Curve25519_Fe $f ) |
|
| 406 | 406 | { |
| 407 | 407 | static $zero; |
| 408 | - if ($zero === null) { |
|
| 409 | - $zero = str_repeat("\x00", 32); |
|
| 408 | + if ( $zero === null ) { |
|
| 409 | + $zero = str_repeat( "\x00", 32 ); |
|
| 410 | 410 | } |
| 411 | - $str = self::fe_tobytes($f); |
|
| 412 | - return !self::verify_32($str, $zero); |
|
| 411 | + $str = self::fe_tobytes( $f ); |
|
| 412 | + return ! self::verify_32( $str, $zero ); |
|
| 413 | 413 | } |
| 414 | 414 | |
| 415 | 415 | /** |
@@ -474,175 +474,175 @@ discard block |
||
| 474 | 474 | $g7 = $g[7]->toInt64(); |
| 475 | 475 | $g8 = $g[8]->toInt64(); |
| 476 | 476 | $g9 = $g[9]->toInt64(); |
| 477 | - $g1_19 = $g1->mulInt(19, 5); /* 2^4 <= 19 <= 2^5, but we only want 5 bits */ |
|
| 478 | - $g2_19 = $g2->mulInt(19, 5); |
|
| 479 | - $g3_19 = $g3->mulInt(19, 5); |
|
| 480 | - $g4_19 = $g4->mulInt(19, 5); |
|
| 481 | - $g5_19 = $g5->mulInt(19, 5); |
|
| 482 | - $g6_19 = $g6->mulInt(19, 5); |
|
| 483 | - $g7_19 = $g7->mulInt(19, 5); |
|
| 484 | - $g8_19 = $g8->mulInt(19, 5); |
|
| 485 | - $g9_19 = $g9->mulInt(19, 5); |
|
| 477 | + $g1_19 = $g1->mulInt( 19, 5 ); /* 2^4 <= 19 <= 2^5, but we only want 5 bits */ |
|
| 478 | + $g2_19 = $g2->mulInt( 19, 5 ); |
|
| 479 | + $g3_19 = $g3->mulInt( 19, 5 ); |
|
| 480 | + $g4_19 = $g4->mulInt( 19, 5 ); |
|
| 481 | + $g5_19 = $g5->mulInt( 19, 5 ); |
|
| 482 | + $g6_19 = $g6->mulInt( 19, 5 ); |
|
| 483 | + $g7_19 = $g7->mulInt( 19, 5 ); |
|
| 484 | + $g8_19 = $g8->mulInt( 19, 5 ); |
|
| 485 | + $g9_19 = $g9->mulInt( 19, 5 ); |
|
| 486 | 486 | /** @var ParagonIE_Sodium_Core32_Int64 $f1_2 */ |
| 487 | - $f1_2 = $f1->shiftLeft(1); |
|
| 487 | + $f1_2 = $f1->shiftLeft( 1 ); |
|
| 488 | 488 | /** @var ParagonIE_Sodium_Core32_Int64 $f3_2 */ |
| 489 | - $f3_2 = $f3->shiftLeft(1); |
|
| 489 | + $f3_2 = $f3->shiftLeft( 1 ); |
|
| 490 | 490 | /** @var ParagonIE_Sodium_Core32_Int64 $f5_2 */ |
| 491 | - $f5_2 = $f5->shiftLeft(1); |
|
| 491 | + $f5_2 = $f5->shiftLeft( 1 ); |
|
| 492 | 492 | /** @var ParagonIE_Sodium_Core32_Int64 $f7_2 */ |
| 493 | - $f7_2 = $f7->shiftLeft(1); |
|
| 493 | + $f7_2 = $f7->shiftLeft( 1 ); |
|
| 494 | 494 | /** @var ParagonIE_Sodium_Core32_Int64 $f9_2 */ |
| 495 | - $f9_2 = $f9->shiftLeft(1); |
|
| 496 | - $f0g0 = $f0->mulInt64($g0); |
|
| 497 | - $f0g1 = $f0->mulInt64($g1); |
|
| 498 | - $f0g2 = $f0->mulInt64($g2); |
|
| 499 | - $f0g3 = $f0->mulInt64($g3); |
|
| 500 | - $f0g4 = $f0->mulInt64($g4); |
|
| 501 | - $f0g5 = $f0->mulInt64($g5); |
|
| 502 | - $f0g6 = $f0->mulInt64($g6); |
|
| 503 | - $f0g7 = $f0->mulInt64($g7); |
|
| 504 | - $f0g8 = $f0->mulInt64($g8); |
|
| 505 | - $f0g9 = $f0->mulInt64($g9); |
|
| 506 | - $f1g0 = $f1->mulInt64($g0); |
|
| 507 | - $f1g1_2 = $f1_2->mulInt64($g1); |
|
| 508 | - $f1g2 = $f1->mulInt64($g2); |
|
| 509 | - $f1g3_2 = $f1_2->mulInt64($g3); |
|
| 510 | - $f1g4 = $f1->mulInt64($g4); |
|
| 511 | - $f1g5_2 = $f1_2->mulInt64($g5); |
|
| 512 | - $f1g6 = $f1->mulInt64($g6); |
|
| 513 | - $f1g7_2 = $f1_2->mulInt64($g7); |
|
| 514 | - $f1g8 = $f1->mulInt64($g8); |
|
| 515 | - $f1g9_38 = $f1_2->mulInt64($g9_19); |
|
| 516 | - $f2g0 = $f2->mulInt64($g0); |
|
| 517 | - $f2g1 = $f2->mulInt64($g1); |
|
| 518 | - $f2g2 = $f2->mulInt64($g2); |
|
| 519 | - $f2g3 = $f2->mulInt64($g3); |
|
| 520 | - $f2g4 = $f2->mulInt64($g4); |
|
| 521 | - $f2g5 = $f2->mulInt64($g5); |
|
| 522 | - $f2g6 = $f2->mulInt64($g6); |
|
| 523 | - $f2g7 = $f2->mulInt64($g7); |
|
| 524 | - $f2g8_19 = $f2->mulInt64($g8_19); |
|
| 525 | - $f2g9_19 = $f2->mulInt64($g9_19); |
|
| 526 | - $f3g0 = $f3->mulInt64($g0); |
|
| 527 | - $f3g1_2 = $f3_2->mulInt64($g1); |
|
| 528 | - $f3g2 = $f3->mulInt64($g2); |
|
| 529 | - $f3g3_2 = $f3_2->mulInt64($g3); |
|
| 530 | - $f3g4 = $f3->mulInt64($g4); |
|
| 531 | - $f3g5_2 = $f3_2->mulInt64($g5); |
|
| 532 | - $f3g6 = $f3->mulInt64($g6); |
|
| 533 | - $f3g7_38 = $f3_2->mulInt64($g7_19); |
|
| 534 | - $f3g8_19 = $f3->mulInt64($g8_19); |
|
| 535 | - $f3g9_38 = $f3_2->mulInt64($g9_19); |
|
| 536 | - $f4g0 = $f4->mulInt64($g0); |
|
| 537 | - $f4g1 = $f4->mulInt64($g1); |
|
| 538 | - $f4g2 = $f4->mulInt64($g2); |
|
| 539 | - $f4g3 = $f4->mulInt64($g3); |
|
| 540 | - $f4g4 = $f4->mulInt64($g4); |
|
| 541 | - $f4g5 = $f4->mulInt64($g5); |
|
| 542 | - $f4g6_19 = $f4->mulInt64($g6_19); |
|
| 543 | - $f4g7_19 = $f4->mulInt64($g7_19); |
|
| 544 | - $f4g8_19 = $f4->mulInt64($g8_19); |
|
| 545 | - $f4g9_19 = $f4->mulInt64($g9_19); |
|
| 546 | - $f5g0 = $f5->mulInt64($g0); |
|
| 547 | - $f5g1_2 = $f5_2->mulInt64($g1); |
|
| 548 | - $f5g2 = $f5->mulInt64($g2); |
|
| 549 | - $f5g3_2 = $f5_2->mulInt64($g3); |
|
| 550 | - $f5g4 = $f5->mulInt64($g4); |
|
| 551 | - $f5g5_38 = $f5_2->mulInt64($g5_19); |
|
| 552 | - $f5g6_19 = $f5->mulInt64($g6_19); |
|
| 553 | - $f5g7_38 = $f5_2->mulInt64($g7_19); |
|
| 554 | - $f5g8_19 = $f5->mulInt64($g8_19); |
|
| 555 | - $f5g9_38 = $f5_2->mulInt64($g9_19); |
|
| 556 | - $f6g0 = $f6->mulInt64($g0); |
|
| 557 | - $f6g1 = $f6->mulInt64($g1); |
|
| 558 | - $f6g2 = $f6->mulInt64($g2); |
|
| 559 | - $f6g3 = $f6->mulInt64($g3); |
|
| 560 | - $f6g4_19 = $f6->mulInt64($g4_19); |
|
| 561 | - $f6g5_19 = $f6->mulInt64($g5_19); |
|
| 562 | - $f6g6_19 = $f6->mulInt64($g6_19); |
|
| 563 | - $f6g7_19 = $f6->mulInt64($g7_19); |
|
| 564 | - $f6g8_19 = $f6->mulInt64($g8_19); |
|
| 565 | - $f6g9_19 = $f6->mulInt64($g9_19); |
|
| 566 | - $f7g0 = $f7->mulInt64($g0); |
|
| 567 | - $f7g1_2 = $f7_2->mulInt64($g1); |
|
| 568 | - $f7g2 = $f7->mulInt64($g2); |
|
| 569 | - $f7g3_38 = $f7_2->mulInt64($g3_19); |
|
| 570 | - $f7g4_19 = $f7->mulInt64($g4_19); |
|
| 571 | - $f7g5_38 = $f7_2->mulInt64($g5_19); |
|
| 572 | - $f7g6_19 = $f7->mulInt64($g6_19); |
|
| 573 | - $f7g7_38 = $f7_2->mulInt64($g7_19); |
|
| 574 | - $f7g8_19 = $f7->mulInt64($g8_19); |
|
| 575 | - $f7g9_38 = $f7_2->mulInt64($g9_19); |
|
| 576 | - $f8g0 = $f8->mulInt64($g0); |
|
| 577 | - $f8g1 = $f8->mulInt64($g1); |
|
| 578 | - $f8g2_19 = $f8->mulInt64($g2_19); |
|
| 579 | - $f8g3_19 = $f8->mulInt64($g3_19); |
|
| 580 | - $f8g4_19 = $f8->mulInt64($g4_19); |
|
| 581 | - $f8g5_19 = $f8->mulInt64($g5_19); |
|
| 582 | - $f8g6_19 = $f8->mulInt64($g6_19); |
|
| 583 | - $f8g7_19 = $f8->mulInt64($g7_19); |
|
| 584 | - $f8g8_19 = $f8->mulInt64($g8_19); |
|
| 585 | - $f8g9_19 = $f8->mulInt64($g9_19); |
|
| 586 | - $f9g0 = $f9->mulInt64($g0); |
|
| 587 | - $f9g1_38 = $f9_2->mulInt64($g1_19); |
|
| 588 | - $f9g2_19 = $f9->mulInt64($g2_19); |
|
| 589 | - $f9g3_38 = $f9_2->mulInt64($g3_19); |
|
| 590 | - $f9g4_19 = $f9->mulInt64($g4_19); |
|
| 591 | - $f9g5_38 = $f9_2->mulInt64($g5_19); |
|
| 592 | - $f9g6_19 = $f9->mulInt64($g6_19); |
|
| 593 | - $f9g7_38 = $f9_2->mulInt64($g7_19); |
|
| 594 | - $f9g8_19 = $f9->mulInt64($g8_19); |
|
| 595 | - $f9g9_38 = $f9_2->mulInt64($g9_19); |
|
| 495 | + $f9_2 = $f9->shiftLeft( 1 ); |
|
| 496 | + $f0g0 = $f0->mulInt64( $g0 ); |
|
| 497 | + $f0g1 = $f0->mulInt64( $g1 ); |
|
| 498 | + $f0g2 = $f0->mulInt64( $g2 ); |
|
| 499 | + $f0g3 = $f0->mulInt64( $g3 ); |
|
| 500 | + $f0g4 = $f0->mulInt64( $g4 ); |
|
| 501 | + $f0g5 = $f0->mulInt64( $g5 ); |
|
| 502 | + $f0g6 = $f0->mulInt64( $g6 ); |
|
| 503 | + $f0g7 = $f0->mulInt64( $g7 ); |
|
| 504 | + $f0g8 = $f0->mulInt64( $g8 ); |
|
| 505 | + $f0g9 = $f0->mulInt64( $g9 ); |
|
| 506 | + $f1g0 = $f1->mulInt64( $g0 ); |
|
| 507 | + $f1g1_2 = $f1_2->mulInt64( $g1 ); |
|
| 508 | + $f1g2 = $f1->mulInt64( $g2 ); |
|
| 509 | + $f1g3_2 = $f1_2->mulInt64( $g3 ); |
|
| 510 | + $f1g4 = $f1->mulInt64( $g4 ); |
|
| 511 | + $f1g5_2 = $f1_2->mulInt64( $g5 ); |
|
| 512 | + $f1g6 = $f1->mulInt64( $g6 ); |
|
| 513 | + $f1g7_2 = $f1_2->mulInt64( $g7 ); |
|
| 514 | + $f1g8 = $f1->mulInt64( $g8 ); |
|
| 515 | + $f1g9_38 = $f1_2->mulInt64( $g9_19 ); |
|
| 516 | + $f2g0 = $f2->mulInt64( $g0 ); |
|
| 517 | + $f2g1 = $f2->mulInt64( $g1 ); |
|
| 518 | + $f2g2 = $f2->mulInt64( $g2 ); |
|
| 519 | + $f2g3 = $f2->mulInt64( $g3 ); |
|
| 520 | + $f2g4 = $f2->mulInt64( $g4 ); |
|
| 521 | + $f2g5 = $f2->mulInt64( $g5 ); |
|
| 522 | + $f2g6 = $f2->mulInt64( $g6 ); |
|
| 523 | + $f2g7 = $f2->mulInt64( $g7 ); |
|
| 524 | + $f2g8_19 = $f2->mulInt64( $g8_19 ); |
|
| 525 | + $f2g9_19 = $f2->mulInt64( $g9_19 ); |
|
| 526 | + $f3g0 = $f3->mulInt64( $g0 ); |
|
| 527 | + $f3g1_2 = $f3_2->mulInt64( $g1 ); |
|
| 528 | + $f3g2 = $f3->mulInt64( $g2 ); |
|
| 529 | + $f3g3_2 = $f3_2->mulInt64( $g3 ); |
|
| 530 | + $f3g4 = $f3->mulInt64( $g4 ); |
|
| 531 | + $f3g5_2 = $f3_2->mulInt64( $g5 ); |
|
| 532 | + $f3g6 = $f3->mulInt64( $g6 ); |
|
| 533 | + $f3g7_38 = $f3_2->mulInt64( $g7_19 ); |
|
| 534 | + $f3g8_19 = $f3->mulInt64( $g8_19 ); |
|
| 535 | + $f3g9_38 = $f3_2->mulInt64( $g9_19 ); |
|
| 536 | + $f4g0 = $f4->mulInt64( $g0 ); |
|
| 537 | + $f4g1 = $f4->mulInt64( $g1 ); |
|
| 538 | + $f4g2 = $f4->mulInt64( $g2 ); |
|
| 539 | + $f4g3 = $f4->mulInt64( $g3 ); |
|
| 540 | + $f4g4 = $f4->mulInt64( $g4 ); |
|
| 541 | + $f4g5 = $f4->mulInt64( $g5 ); |
|
| 542 | + $f4g6_19 = $f4->mulInt64( $g6_19 ); |
|
| 543 | + $f4g7_19 = $f4->mulInt64( $g7_19 ); |
|
| 544 | + $f4g8_19 = $f4->mulInt64( $g8_19 ); |
|
| 545 | + $f4g9_19 = $f4->mulInt64( $g9_19 ); |
|
| 546 | + $f5g0 = $f5->mulInt64( $g0 ); |
|
| 547 | + $f5g1_2 = $f5_2->mulInt64( $g1 ); |
|
| 548 | + $f5g2 = $f5->mulInt64( $g2 ); |
|
| 549 | + $f5g3_2 = $f5_2->mulInt64( $g3 ); |
|
| 550 | + $f5g4 = $f5->mulInt64( $g4 ); |
|
| 551 | + $f5g5_38 = $f5_2->mulInt64( $g5_19 ); |
|
| 552 | + $f5g6_19 = $f5->mulInt64( $g6_19 ); |
|
| 553 | + $f5g7_38 = $f5_2->mulInt64( $g7_19 ); |
|
| 554 | + $f5g8_19 = $f5->mulInt64( $g8_19 ); |
|
| 555 | + $f5g9_38 = $f5_2->mulInt64( $g9_19 ); |
|
| 556 | + $f6g0 = $f6->mulInt64( $g0 ); |
|
| 557 | + $f6g1 = $f6->mulInt64( $g1 ); |
|
| 558 | + $f6g2 = $f6->mulInt64( $g2 ); |
|
| 559 | + $f6g3 = $f6->mulInt64( $g3 ); |
|
| 560 | + $f6g4_19 = $f6->mulInt64( $g4_19 ); |
|
| 561 | + $f6g5_19 = $f6->mulInt64( $g5_19 ); |
|
| 562 | + $f6g6_19 = $f6->mulInt64( $g6_19 ); |
|
| 563 | + $f6g7_19 = $f6->mulInt64( $g7_19 ); |
|
| 564 | + $f6g8_19 = $f6->mulInt64( $g8_19 ); |
|
| 565 | + $f6g9_19 = $f6->mulInt64( $g9_19 ); |
|
| 566 | + $f7g0 = $f7->mulInt64( $g0 ); |
|
| 567 | + $f7g1_2 = $f7_2->mulInt64( $g1 ); |
|
| 568 | + $f7g2 = $f7->mulInt64( $g2 ); |
|
| 569 | + $f7g3_38 = $f7_2->mulInt64( $g3_19 ); |
|
| 570 | + $f7g4_19 = $f7->mulInt64( $g4_19 ); |
|
| 571 | + $f7g5_38 = $f7_2->mulInt64( $g5_19 ); |
|
| 572 | + $f7g6_19 = $f7->mulInt64( $g6_19 ); |
|
| 573 | + $f7g7_38 = $f7_2->mulInt64( $g7_19 ); |
|
| 574 | + $f7g8_19 = $f7->mulInt64( $g8_19 ); |
|
| 575 | + $f7g9_38 = $f7_2->mulInt64( $g9_19 ); |
|
| 576 | + $f8g0 = $f8->mulInt64( $g0 ); |
|
| 577 | + $f8g1 = $f8->mulInt64( $g1 ); |
|
| 578 | + $f8g2_19 = $f8->mulInt64( $g2_19 ); |
|
| 579 | + $f8g3_19 = $f8->mulInt64( $g3_19 ); |
|
| 580 | + $f8g4_19 = $f8->mulInt64( $g4_19 ); |
|
| 581 | + $f8g5_19 = $f8->mulInt64( $g5_19 ); |
|
| 582 | + $f8g6_19 = $f8->mulInt64( $g6_19 ); |
|
| 583 | + $f8g7_19 = $f8->mulInt64( $g7_19 ); |
|
| 584 | + $f8g8_19 = $f8->mulInt64( $g8_19 ); |
|
| 585 | + $f8g9_19 = $f8->mulInt64( $g9_19 ); |
|
| 586 | + $f9g0 = $f9->mulInt64( $g0 ); |
|
| 587 | + $f9g1_38 = $f9_2->mulInt64( $g1_19 ); |
|
| 588 | + $f9g2_19 = $f9->mulInt64( $g2_19 ); |
|
| 589 | + $f9g3_38 = $f9_2->mulInt64( $g3_19 ); |
|
| 590 | + $f9g4_19 = $f9->mulInt64( $g4_19 ); |
|
| 591 | + $f9g5_38 = $f9_2->mulInt64( $g5_19 ); |
|
| 592 | + $f9g6_19 = $f9->mulInt64( $g6_19 ); |
|
| 593 | + $f9g7_38 = $f9_2->mulInt64( $g7_19 ); |
|
| 594 | + $f9g8_19 = $f9->mulInt64( $g8_19 ); |
|
| 595 | + $f9g9_38 = $f9_2->mulInt64( $g9_19 ); |
|
| 596 | 596 | |
| 597 | 597 | // $h0 = $f0g0 + $f1g9_38 + $f2g8_19 + $f3g7_38 + $f4g6_19 + $f5g5_38 + $f6g4_19 + $f7g3_38 + $f8g2_19 + $f9g1_38; |
| 598 | - $h0 = $f0g0->addInt64($f1g9_38)->addInt64($f2g8_19)->addInt64($f3g7_38) |
|
| 599 | - ->addInt64($f4g6_19)->addInt64($f5g5_38)->addInt64($f6g4_19) |
|
| 600 | - ->addInt64($f7g3_38)->addInt64($f8g2_19)->addInt64($f9g1_38); |
|
| 598 | + $h0 = $f0g0->addInt64( $f1g9_38 )->addInt64( $f2g8_19 )->addInt64( $f3g7_38 ) |
|
| 599 | + ->addInt64( $f4g6_19 )->addInt64( $f5g5_38 )->addInt64( $f6g4_19 ) |
|
| 600 | + ->addInt64( $f7g3_38 )->addInt64( $f8g2_19 )->addInt64( $f9g1_38 ); |
|
| 601 | 601 | |
| 602 | 602 | // $h1 = $f0g1 + $f1g0 + $f2g9_19 + $f3g8_19 + $f4g7_19 + $f5g6_19 + $f6g5_19 + $f7g4_19 + $f8g3_19 + $f9g2_19; |
| 603 | - $h1 = $f0g1->addInt64($f1g0)->addInt64($f2g9_19)->addInt64($f3g8_19) |
|
| 604 | - ->addInt64($f4g7_19)->addInt64($f5g6_19)->addInt64($f6g5_19) |
|
| 605 | - ->addInt64($f7g4_19)->addInt64($f8g3_19)->addInt64($f9g2_19); |
|
| 603 | + $h1 = $f0g1->addInt64( $f1g0 )->addInt64( $f2g9_19 )->addInt64( $f3g8_19 ) |
|
| 604 | + ->addInt64( $f4g7_19 )->addInt64( $f5g6_19 )->addInt64( $f6g5_19 ) |
|
| 605 | + ->addInt64( $f7g4_19 )->addInt64( $f8g3_19 )->addInt64( $f9g2_19 ); |
|
| 606 | 606 | |
| 607 | 607 | // $h2 = $f0g2 + $f1g1_2 + $f2g0 + $f3g9_38 + $f4g8_19 + $f5g7_38 + $f6g6_19 + $f7g5_38 + $f8g4_19 + $f9g3_38; |
| 608 | - $h2 = $f0g2->addInt64($f1g1_2)->addInt64($f2g0)->addInt64($f3g9_38) |
|
| 609 | - ->addInt64($f4g8_19)->addInt64($f5g7_38)->addInt64($f6g6_19) |
|
| 610 | - ->addInt64($f7g5_38)->addInt64($f8g4_19)->addInt64($f9g3_38); |
|
| 608 | + $h2 = $f0g2->addInt64( $f1g1_2 )->addInt64( $f2g0 )->addInt64( $f3g9_38 ) |
|
| 609 | + ->addInt64( $f4g8_19 )->addInt64( $f5g7_38 )->addInt64( $f6g6_19 ) |
|
| 610 | + ->addInt64( $f7g5_38 )->addInt64( $f8g4_19 )->addInt64( $f9g3_38 ); |
|
| 611 | 611 | |
| 612 | 612 | // $h3 = $f0g3 + $f1g2 + $f2g1 + $f3g0 + $f4g9_19 + $f5g8_19 + $f6g7_19 + $f7g6_19 + $f8g5_19 + $f9g4_19; |
| 613 | - $h3 = $f0g3->addInt64($f1g2)->addInt64($f2g1)->addInt64($f3g0) |
|
| 614 | - ->addInt64($f4g9_19)->addInt64($f5g8_19)->addInt64($f6g7_19) |
|
| 615 | - ->addInt64($f7g6_19)->addInt64($f8g5_19)->addInt64($f9g4_19); |
|
| 613 | + $h3 = $f0g3->addInt64( $f1g2 )->addInt64( $f2g1 )->addInt64( $f3g0 ) |
|
| 614 | + ->addInt64( $f4g9_19 )->addInt64( $f5g8_19 )->addInt64( $f6g7_19 ) |
|
| 615 | + ->addInt64( $f7g6_19 )->addInt64( $f8g5_19 )->addInt64( $f9g4_19 ); |
|
| 616 | 616 | |
| 617 | 617 | // $h4 = $f0g4 + $f1g3_2 + $f2g2 + $f3g1_2 + $f4g0 + $f5g9_38 + $f6g8_19 + $f7g7_38 + $f8g6_19 + $f9g5_38; |
| 618 | - $h4 = $f0g4->addInt64($f1g3_2)->addInt64($f2g2)->addInt64($f3g1_2) |
|
| 619 | - ->addInt64($f4g0)->addInt64($f5g9_38)->addInt64($f6g8_19) |
|
| 620 | - ->addInt64($f7g7_38)->addInt64($f8g6_19)->addInt64($f9g5_38); |
|
| 618 | + $h4 = $f0g4->addInt64( $f1g3_2 )->addInt64( $f2g2 )->addInt64( $f3g1_2 ) |
|
| 619 | + ->addInt64( $f4g0 )->addInt64( $f5g9_38 )->addInt64( $f6g8_19 ) |
|
| 620 | + ->addInt64( $f7g7_38 )->addInt64( $f8g6_19 )->addInt64( $f9g5_38 ); |
|
| 621 | 621 | |
| 622 | 622 | // $h5 = $f0g5 + $f1g4 + $f2g3 + $f3g2 + $f4g1 + $f5g0 + $f6g9_19 + $f7g8_19 + $f8g7_19 + $f9g6_19; |
| 623 | - $h5 = $f0g5->addInt64($f1g4)->addInt64($f2g3)->addInt64($f3g2) |
|
| 624 | - ->addInt64($f4g1)->addInt64($f5g0)->addInt64($f6g9_19) |
|
| 625 | - ->addInt64($f7g8_19)->addInt64($f8g7_19)->addInt64($f9g6_19); |
|
| 623 | + $h5 = $f0g5->addInt64( $f1g4 )->addInt64( $f2g3 )->addInt64( $f3g2 ) |
|
| 624 | + ->addInt64( $f4g1 )->addInt64( $f5g0 )->addInt64( $f6g9_19 ) |
|
| 625 | + ->addInt64( $f7g8_19 )->addInt64( $f8g7_19 )->addInt64( $f9g6_19 ); |
|
| 626 | 626 | |
| 627 | 627 | // $h6 = $f0g6 + $f1g5_2 + $f2g4 + $f3g3_2 + $f4g2 + $f5g1_2 + $f6g0 + $f7g9_38 + $f8g8_19 + $f9g7_38; |
| 628 | - $h6 = $f0g6->addInt64($f1g5_2)->addInt64($f2g4)->addInt64($f3g3_2) |
|
| 629 | - ->addInt64($f4g2)->addInt64($f5g1_2)->addInt64($f6g0) |
|
| 630 | - ->addInt64($f7g9_38)->addInt64($f8g8_19)->addInt64($f9g7_38); |
|
| 628 | + $h6 = $f0g6->addInt64( $f1g5_2 )->addInt64( $f2g4 )->addInt64( $f3g3_2 ) |
|
| 629 | + ->addInt64( $f4g2 )->addInt64( $f5g1_2 )->addInt64( $f6g0 ) |
|
| 630 | + ->addInt64( $f7g9_38 )->addInt64( $f8g8_19 )->addInt64( $f9g7_38 ); |
|
| 631 | 631 | |
| 632 | 632 | // $h7 = $f0g7 + $f1g6 + $f2g5 + $f3g4 + $f4g3 + $f5g2 + $f6g1 + $f7g0 + $f8g9_19 + $f9g8_19; |
| 633 | - $h7 = $f0g7->addInt64($f1g6)->addInt64($f2g5)->addInt64($f3g4) |
|
| 634 | - ->addInt64($f4g3)->addInt64($f5g2)->addInt64($f6g1) |
|
| 635 | - ->addInt64($f7g0)->addInt64($f8g9_19)->addInt64($f9g8_19); |
|
| 633 | + $h7 = $f0g7->addInt64( $f1g6 )->addInt64( $f2g5 )->addInt64( $f3g4 ) |
|
| 634 | + ->addInt64( $f4g3 )->addInt64( $f5g2 )->addInt64( $f6g1 ) |
|
| 635 | + ->addInt64( $f7g0 )->addInt64( $f8g9_19 )->addInt64( $f9g8_19 ); |
|
| 636 | 636 | |
| 637 | 637 | // $h8 = $f0g8 + $f1g7_2 + $f2g6 + $f3g5_2 + $f4g4 + $f5g3_2 + $f6g2 + $f7g1_2 + $f8g0 + $f9g9_38; |
| 638 | - $h8 = $f0g8->addInt64($f1g7_2)->addInt64($f2g6)->addInt64($f3g5_2) |
|
| 639 | - ->addInt64($f4g4)->addInt64($f5g3_2)->addInt64($f6g2) |
|
| 640 | - ->addInt64($f7g1_2)->addInt64($f8g0)->addInt64($f9g9_38); |
|
| 638 | + $h8 = $f0g8->addInt64( $f1g7_2 )->addInt64( $f2g6 )->addInt64( $f3g5_2 ) |
|
| 639 | + ->addInt64( $f4g4 )->addInt64( $f5g3_2 )->addInt64( $f6g2 ) |
|
| 640 | + ->addInt64( $f7g1_2 )->addInt64( $f8g0 )->addInt64( $f9g9_38 ); |
|
| 641 | 641 | |
| 642 | 642 | // $h9 = $f0g9 + $f1g8 + $f2g7 + $f3g6 + $f4g5 + $f5g4 + $f6g3 + $f7g2 + $f8g1 + $f9g0 ; |
| 643 | - $h9 = $f0g9->addInt64($f1g8)->addInt64($f2g7)->addInt64($f3g6) |
|
| 644 | - ->addInt64($f4g5)->addInt64($f5g4)->addInt64($f6g3) |
|
| 645 | - ->addInt64($f7g2)->addInt64($f8g1)->addInt64($f9g0); |
|
| 643 | + $h9 = $f0g9->addInt64( $f1g8 )->addInt64( $f2g7 )->addInt64( $f3g6 ) |
|
| 644 | + ->addInt64( $f4g5 )->addInt64( $f5g4 )->addInt64( $f6g3 ) |
|
| 645 | + ->addInt64( $f7g2 )->addInt64( $f8g1 )->addInt64( $f9g0 ); |
|
| 646 | 646 | |
| 647 | 647 | /** |
| 648 | 648 | * @var ParagonIE_Sodium_Core32_Int64 $h0 |
@@ -666,48 +666,48 @@ discard block |
||
| 666 | 666 | * @var ParagonIE_Sodium_Core32_Int64 $carry8 |
| 667 | 667 | * @var ParagonIE_Sodium_Core32_Int64 $carry9 |
| 668 | 668 | */ |
| 669 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 670 | - $h1 = $h1->addInt64($carry0); |
|
| 671 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 672 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 673 | - $h5 = $h5->addInt64($carry4); |
|
| 674 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 675 | - |
|
| 676 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 677 | - $h2 = $h2->addInt64($carry1); |
|
| 678 | - $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 679 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 680 | - $h6 = $h6->addInt64($carry5); |
|
| 681 | - $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 682 | - |
|
| 683 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 684 | - $h3 = $h3->addInt64($carry2); |
|
| 685 | - $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 686 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 687 | - $h7 = $h7->addInt64($carry6); |
|
| 688 | - $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 689 | - |
|
| 690 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 691 | - $h4 = $h4->addInt64($carry3); |
|
| 692 | - $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 693 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 694 | - $h8 = $h8->addInt64($carry7); |
|
| 695 | - $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 696 | - |
|
| 697 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 698 | - $h5 = $h5->addInt64($carry4); |
|
| 699 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 700 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 701 | - $h9 = $h9->addInt64($carry8); |
|
| 702 | - $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 703 | - |
|
| 704 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 705 | - $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 706 | - $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 707 | - |
|
| 708 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 709 | - $h1 = $h1->addInt64($carry0); |
|
| 710 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 669 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 670 | + $h1 = $h1->addInt64( $carry0 ); |
|
| 671 | + $h0 = $h0->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 672 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 673 | + $h5 = $h5->addInt64( $carry4 ); |
|
| 674 | + $h4 = $h4->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 675 | + |
|
| 676 | + $carry1 = $h1->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 677 | + $h2 = $h2->addInt64( $carry1 ); |
|
| 678 | + $h1 = $h1->subInt64( $carry1->shiftLeft( 25 ) ); |
|
| 679 | + $carry5 = $h5->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 680 | + $h6 = $h6->addInt64( $carry5 ); |
|
| 681 | + $h5 = $h5->subInt64( $carry5->shiftLeft( 25 ) ); |
|
| 682 | + |
|
| 683 | + $carry2 = $h2->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 684 | + $h3 = $h3->addInt64( $carry2 ); |
|
| 685 | + $h2 = $h2->subInt64( $carry2->shiftLeft( 26 ) ); |
|
| 686 | + $carry6 = $h6->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 687 | + $h7 = $h7->addInt64( $carry6 ); |
|
| 688 | + $h6 = $h6->subInt64( $carry6->shiftLeft( 26 ) ); |
|
| 689 | + |
|
| 690 | + $carry3 = $h3->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 691 | + $h4 = $h4->addInt64( $carry3 ); |
|
| 692 | + $h3 = $h3->subInt64( $carry3->shiftLeft( 25 ) ); |
|
| 693 | + $carry7 = $h7->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 694 | + $h8 = $h8->addInt64( $carry7 ); |
|
| 695 | + $h7 = $h7->subInt64( $carry7->shiftLeft( 25 ) ); |
|
| 696 | + |
|
| 697 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 698 | + $h5 = $h5->addInt64( $carry4 ); |
|
| 699 | + $h4 = $h4->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 700 | + $carry8 = $h8->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 701 | + $h9 = $h9->addInt64( $carry8 ); |
|
| 702 | + $h8 = $h8->subInt64( $carry8->shiftLeft( 26 ) ); |
|
| 703 | + |
|
| 704 | + $carry9 = $h9->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 705 | + $h0 = $h0->addInt64( $carry9->mulInt( 19 ) ); |
|
| 706 | + $h9 = $h9->subInt64( $carry9->shiftLeft( 25 ) ); |
|
| 707 | + |
|
| 708 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 709 | + $h1 = $h1->addInt64( $carry0 ); |
|
| 710 | + $h0 = $h0->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 711 | 711 | |
| 712 | 712 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 713 | 713 | array( |
@@ -735,11 +735,11 @@ discard block |
||
| 735 | 735 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 736 | 736 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 737 | 737 | */ |
| 738 | - public static function fe_neg(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 738 | + public static function fe_neg( ParagonIE_Sodium_Core32_Curve25519_Fe $f ) |
|
| 739 | 739 | { |
| 740 | 740 | $h = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 741 | - for ($i = 0; $i < 10; ++$i) { |
|
| 742 | - $h[$i] = $h[$i]->subInt32($f[$i]); |
|
| 741 | + for ( $i = 0; $i < 10; ++$i ) { |
|
| 742 | + $h[$i] = $h[$i]->subInt32( $f[$i] ); |
|
| 743 | 743 | } |
| 744 | 744 | return $h; |
| 745 | 745 | } |
@@ -754,7 +754,7 @@ discard block |
||
| 754 | 754 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 755 | 755 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 756 | 756 | */ |
| 757 | - public static function fe_sq(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 757 | + public static function fe_sq( ParagonIE_Sodium_Core32_Curve25519_Fe $f ) |
|
| 758 | 758 | { |
| 759 | 759 | /** |
| 760 | 760 | * @var ParagonIE_Sodium_Core32_Int64 $f0 |
@@ -780,86 +780,86 @@ discard block |
||
| 780 | 780 | $f9 = $f[9]->toInt64(); |
| 781 | 781 | |
| 782 | 782 | /** @var ParagonIE_Sodium_Core32_Int64 $f0_2 */ |
| 783 | - $f0_2 = $f0->shiftLeft(1); |
|
| 784 | - $f1_2 = $f1->shiftLeft(1); |
|
| 785 | - $f2_2 = $f2->shiftLeft(1); |
|
| 786 | - $f3_2 = $f3->shiftLeft(1); |
|
| 787 | - $f4_2 = $f4->shiftLeft(1); |
|
| 788 | - $f5_2 = $f5->shiftLeft(1); |
|
| 789 | - $f6_2 = $f6->shiftLeft(1); |
|
| 790 | - $f7_2 = $f7->shiftLeft(1); |
|
| 791 | - $f5_38 = $f5->mulInt(38, 6); |
|
| 792 | - $f6_19 = $f6->mulInt(19, 5); |
|
| 793 | - $f7_38 = $f7->mulInt(38, 6); |
|
| 794 | - $f8_19 = $f8->mulInt(19, 5); |
|
| 795 | - $f9_38 = $f9->mulInt(38, 6); |
|
| 783 | + $f0_2 = $f0->shiftLeft( 1 ); |
|
| 784 | + $f1_2 = $f1->shiftLeft( 1 ); |
|
| 785 | + $f2_2 = $f2->shiftLeft( 1 ); |
|
| 786 | + $f3_2 = $f3->shiftLeft( 1 ); |
|
| 787 | + $f4_2 = $f4->shiftLeft( 1 ); |
|
| 788 | + $f5_2 = $f5->shiftLeft( 1 ); |
|
| 789 | + $f6_2 = $f6->shiftLeft( 1 ); |
|
| 790 | + $f7_2 = $f7->shiftLeft( 1 ); |
|
| 791 | + $f5_38 = $f5->mulInt( 38, 6 ); |
|
| 792 | + $f6_19 = $f6->mulInt( 19, 5 ); |
|
| 793 | + $f7_38 = $f7->mulInt( 38, 6 ); |
|
| 794 | + $f8_19 = $f8->mulInt( 19, 5 ); |
|
| 795 | + $f9_38 = $f9->mulInt( 38, 6 ); |
|
| 796 | 796 | /** @var ParagonIE_Sodium_Core32_Int64 $f0f0*/ |
| 797 | - $f0f0 = $f0->mulInt64($f0); |
|
| 798 | - $f0f1_2 = $f0_2->mulInt64($f1); |
|
| 799 | - $f0f2_2 = $f0_2->mulInt64($f2); |
|
| 800 | - $f0f3_2 = $f0_2->mulInt64($f3); |
|
| 801 | - $f0f4_2 = $f0_2->mulInt64($f4); |
|
| 802 | - $f0f5_2 = $f0_2->mulInt64($f5); |
|
| 803 | - $f0f6_2 = $f0_2->mulInt64($f6); |
|
| 804 | - $f0f7_2 = $f0_2->mulInt64($f7); |
|
| 805 | - $f0f8_2 = $f0_2->mulInt64($f8); |
|
| 806 | - $f0f9_2 = $f0_2->mulInt64($f9); |
|
| 807 | - $f1f1_2 = $f1_2->mulInt64($f1); |
|
| 808 | - $f1f2_2 = $f1_2->mulInt64($f2); |
|
| 809 | - $f1f3_4 = $f1_2->mulInt64($f3_2); |
|
| 810 | - $f1f4_2 = $f1_2->mulInt64($f4); |
|
| 811 | - $f1f5_4 = $f1_2->mulInt64($f5_2); |
|
| 812 | - $f1f6_2 = $f1_2->mulInt64($f6); |
|
| 813 | - $f1f7_4 = $f1_2->mulInt64($f7_2); |
|
| 814 | - $f1f8_2 = $f1_2->mulInt64($f8); |
|
| 815 | - $f1f9_76 = $f1_2->mulInt64($f9_38); |
|
| 816 | - $f2f2 = $f2->mulInt64($f2); |
|
| 817 | - $f2f3_2 = $f2_2->mulInt64($f3); |
|
| 818 | - $f2f4_2 = $f2_2->mulInt64($f4); |
|
| 819 | - $f2f5_2 = $f2_2->mulInt64($f5); |
|
| 820 | - $f2f6_2 = $f2_2->mulInt64($f6); |
|
| 821 | - $f2f7_2 = $f2_2->mulInt64($f7); |
|
| 822 | - $f2f8_38 = $f2_2->mulInt64($f8_19); |
|
| 823 | - $f2f9_38 = $f2->mulInt64($f9_38); |
|
| 824 | - $f3f3_2 = $f3_2->mulInt64($f3); |
|
| 825 | - $f3f4_2 = $f3_2->mulInt64($f4); |
|
| 826 | - $f3f5_4 = $f3_2->mulInt64($f5_2); |
|
| 827 | - $f3f6_2 = $f3_2->mulInt64($f6); |
|
| 828 | - $f3f7_76 = $f3_2->mulInt64($f7_38); |
|
| 829 | - $f3f8_38 = $f3_2->mulInt64($f8_19); |
|
| 830 | - $f3f9_76 = $f3_2->mulInt64($f9_38); |
|
| 831 | - $f4f4 = $f4->mulInt64($f4); |
|
| 832 | - $f4f5_2 = $f4_2->mulInt64($f5); |
|
| 833 | - $f4f6_38 = $f4_2->mulInt64($f6_19); |
|
| 834 | - $f4f7_38 = $f4->mulInt64($f7_38); |
|
| 835 | - $f4f8_38 = $f4_2->mulInt64($f8_19); |
|
| 836 | - $f4f9_38 = $f4->mulInt64($f9_38); |
|
| 837 | - $f5f5_38 = $f5->mulInt64($f5_38); |
|
| 838 | - $f5f6_38 = $f5_2->mulInt64($f6_19); |
|
| 839 | - $f5f7_76 = $f5_2->mulInt64($f7_38); |
|
| 840 | - $f5f8_38 = $f5_2->mulInt64($f8_19); |
|
| 841 | - $f5f9_76 = $f5_2->mulInt64($f9_38); |
|
| 842 | - $f6f6_19 = $f6->mulInt64($f6_19); |
|
| 843 | - $f6f7_38 = $f6->mulInt64($f7_38); |
|
| 844 | - $f6f8_38 = $f6_2->mulInt64($f8_19); |
|
| 845 | - $f6f9_38 = $f6->mulInt64($f9_38); |
|
| 846 | - $f7f7_38 = $f7->mulInt64($f7_38); |
|
| 847 | - $f7f8_38 = $f7_2->mulInt64($f8_19); |
|
| 848 | - $f7f9_76 = $f7_2->mulInt64($f9_38); |
|
| 849 | - $f8f8_19 = $f8->mulInt64($f8_19); |
|
| 850 | - $f8f9_38 = $f8->mulInt64($f9_38); |
|
| 851 | - $f9f9_38 = $f9->mulInt64($f9_38); |
|
| 852 | - |
|
| 853 | - $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); |
|
| 854 | - $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); |
|
| 855 | - $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); |
|
| 856 | - $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); |
|
| 857 | - $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); |
|
| 858 | - $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); |
|
| 859 | - $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); |
|
| 860 | - $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); |
|
| 861 | - $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); |
|
| 862 | - $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); |
|
| 797 | + $f0f0 = $f0->mulInt64( $f0 ); |
|
| 798 | + $f0f1_2 = $f0_2->mulInt64( $f1 ); |
|
| 799 | + $f0f2_2 = $f0_2->mulInt64( $f2 ); |
|
| 800 | + $f0f3_2 = $f0_2->mulInt64( $f3 ); |
|
| 801 | + $f0f4_2 = $f0_2->mulInt64( $f4 ); |
|
| 802 | + $f0f5_2 = $f0_2->mulInt64( $f5 ); |
|
| 803 | + $f0f6_2 = $f0_2->mulInt64( $f6 ); |
|
| 804 | + $f0f7_2 = $f0_2->mulInt64( $f7 ); |
|
| 805 | + $f0f8_2 = $f0_2->mulInt64( $f8 ); |
|
| 806 | + $f0f9_2 = $f0_2->mulInt64( $f9 ); |
|
| 807 | + $f1f1_2 = $f1_2->mulInt64( $f1 ); |
|
| 808 | + $f1f2_2 = $f1_2->mulInt64( $f2 ); |
|
| 809 | + $f1f3_4 = $f1_2->mulInt64( $f3_2 ); |
|
| 810 | + $f1f4_2 = $f1_2->mulInt64( $f4 ); |
|
| 811 | + $f1f5_4 = $f1_2->mulInt64( $f5_2 ); |
|
| 812 | + $f1f6_2 = $f1_2->mulInt64( $f6 ); |
|
| 813 | + $f1f7_4 = $f1_2->mulInt64( $f7_2 ); |
|
| 814 | + $f1f8_2 = $f1_2->mulInt64( $f8 ); |
|
| 815 | + $f1f9_76 = $f1_2->mulInt64( $f9_38 ); |
|
| 816 | + $f2f2 = $f2->mulInt64( $f2 ); |
|
| 817 | + $f2f3_2 = $f2_2->mulInt64( $f3 ); |
|
| 818 | + $f2f4_2 = $f2_2->mulInt64( $f4 ); |
|
| 819 | + $f2f5_2 = $f2_2->mulInt64( $f5 ); |
|
| 820 | + $f2f6_2 = $f2_2->mulInt64( $f6 ); |
|
| 821 | + $f2f7_2 = $f2_2->mulInt64( $f7 ); |
|
| 822 | + $f2f8_38 = $f2_2->mulInt64( $f8_19 ); |
|
| 823 | + $f2f9_38 = $f2->mulInt64( $f9_38 ); |
|
| 824 | + $f3f3_2 = $f3_2->mulInt64( $f3 ); |
|
| 825 | + $f3f4_2 = $f3_2->mulInt64( $f4 ); |
|
| 826 | + $f3f5_4 = $f3_2->mulInt64( $f5_2 ); |
|
| 827 | + $f3f6_2 = $f3_2->mulInt64( $f6 ); |
|
| 828 | + $f3f7_76 = $f3_2->mulInt64( $f7_38 ); |
|
| 829 | + $f3f8_38 = $f3_2->mulInt64( $f8_19 ); |
|
| 830 | + $f3f9_76 = $f3_2->mulInt64( $f9_38 ); |
|
| 831 | + $f4f4 = $f4->mulInt64( $f4 ); |
|
| 832 | + $f4f5_2 = $f4_2->mulInt64( $f5 ); |
|
| 833 | + $f4f6_38 = $f4_2->mulInt64( $f6_19 ); |
|
| 834 | + $f4f7_38 = $f4->mulInt64( $f7_38 ); |
|
| 835 | + $f4f8_38 = $f4_2->mulInt64( $f8_19 ); |
|
| 836 | + $f4f9_38 = $f4->mulInt64( $f9_38 ); |
|
| 837 | + $f5f5_38 = $f5->mulInt64( $f5_38 ); |
|
| 838 | + $f5f6_38 = $f5_2->mulInt64( $f6_19 ); |
|
| 839 | + $f5f7_76 = $f5_2->mulInt64( $f7_38 ); |
|
| 840 | + $f5f8_38 = $f5_2->mulInt64( $f8_19 ); |
|
| 841 | + $f5f9_76 = $f5_2->mulInt64( $f9_38 ); |
|
| 842 | + $f6f6_19 = $f6->mulInt64( $f6_19 ); |
|
| 843 | + $f6f7_38 = $f6->mulInt64( $f7_38 ); |
|
| 844 | + $f6f8_38 = $f6_2->mulInt64( $f8_19 ); |
|
| 845 | + $f6f9_38 = $f6->mulInt64( $f9_38 ); |
|
| 846 | + $f7f7_38 = $f7->mulInt64( $f7_38 ); |
|
| 847 | + $f7f8_38 = $f7_2->mulInt64( $f8_19 ); |
|
| 848 | + $f7f9_76 = $f7_2->mulInt64( $f9_38 ); |
|
| 849 | + $f8f8_19 = $f8->mulInt64( $f8_19 ); |
|
| 850 | + $f8f9_38 = $f8->mulInt64( $f9_38 ); |
|
| 851 | + $f9f9_38 = $f9->mulInt64( $f9_38 ); |
|
| 852 | + |
|
| 853 | + $h0 = $f0f0->addInt64( $f1f9_76 )->addInt64( $f2f8_38 )->addInt64( $f3f7_76 )->addInt64( $f4f6_38 )->addInt64( $f5f5_38 ); |
|
| 854 | + $h1 = $f0f1_2->addInt64( $f2f9_38 )->addInt64( $f3f8_38 )->addInt64( $f4f7_38 )->addInt64( $f5f6_38 ); |
|
| 855 | + $h2 = $f0f2_2->addInt64( $f1f1_2 )->addInt64( $f3f9_76 )->addInt64( $f4f8_38 )->addInt64( $f5f7_76 )->addInt64( $f6f6_19 ); |
|
| 856 | + $h3 = $f0f3_2->addInt64( $f1f2_2 )->addInt64( $f4f9_38 )->addInt64( $f5f8_38 )->addInt64( $f6f7_38 ); |
|
| 857 | + $h4 = $f0f4_2->addInt64( $f1f3_4 )->addInt64( $f2f2 )->addInt64( $f5f9_76 )->addInt64( $f6f8_38 )->addInt64( $f7f7_38 ); |
|
| 858 | + $h5 = $f0f5_2->addInt64( $f1f4_2 )->addInt64( $f2f3_2 )->addInt64( $f6f9_38 )->addInt64( $f7f8_38 ); |
|
| 859 | + $h6 = $f0f6_2->addInt64( $f1f5_4 )->addInt64( $f2f4_2 )->addInt64( $f3f3_2 )->addInt64( $f7f9_76 )->addInt64( $f8f8_19 ); |
|
| 860 | + $h7 = $f0f7_2->addInt64( $f1f6_2 )->addInt64( $f2f5_2 )->addInt64( $f3f4_2 )->addInt64( $f8f9_38 ); |
|
| 861 | + $h8 = $f0f8_2->addInt64( $f1f7_4 )->addInt64( $f2f6_2 )->addInt64( $f3f5_4 )->addInt64( $f4f4 )->addInt64( $f9f9_38 ); |
|
| 862 | + $h9 = $f0f9_2->addInt64( $f1f8_2 )->addInt64( $f2f7_2 )->addInt64( $f3f6_2 )->addInt64( $f4f5_2 ); |
|
| 863 | 863 | |
| 864 | 864 | /** |
| 865 | 865 | * @var ParagonIE_Sodium_Core32_Int64 $h0 |
@@ -874,53 +874,53 @@ discard block |
||
| 874 | 874 | * @var ParagonIE_Sodium_Core32_Int64 $h9 |
| 875 | 875 | */ |
| 876 | 876 | |
| 877 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 878 | - $h1 = $h1->addInt64($carry0); |
|
| 879 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 877 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 878 | + $h1 = $h1->addInt64( $carry0 ); |
|
| 879 | + $h0 = $h0->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 880 | 880 | |
| 881 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 882 | - $h5 = $h5->addInt64($carry4); |
|
| 883 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 881 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 882 | + $h5 = $h5->addInt64( $carry4 ); |
|
| 883 | + $h4 = $h4->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 884 | 884 | |
| 885 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 886 | - $h2 = $h2->addInt64($carry1); |
|
| 887 | - $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 885 | + $carry1 = $h1->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 886 | + $h2 = $h2->addInt64( $carry1 ); |
|
| 887 | + $h1 = $h1->subInt64( $carry1->shiftLeft( 25 ) ); |
|
| 888 | 888 | |
| 889 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 890 | - $h6 = $h6->addInt64($carry5); |
|
| 891 | - $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 889 | + $carry5 = $h5->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 890 | + $h6 = $h6->addInt64( $carry5 ); |
|
| 891 | + $h5 = $h5->subInt64( $carry5->shiftLeft( 25 ) ); |
|
| 892 | 892 | |
| 893 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 894 | - $h3 = $h3->addInt64($carry2); |
|
| 895 | - $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 893 | + $carry2 = $h2->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 894 | + $h3 = $h3->addInt64( $carry2 ); |
|
| 895 | + $h2 = $h2->subInt64( $carry2->shiftLeft( 26 ) ); |
|
| 896 | 896 | |
| 897 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 898 | - $h7 = $h7->addInt64($carry6); |
|
| 899 | - $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 897 | + $carry6 = $h6->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 898 | + $h7 = $h7->addInt64( $carry6 ); |
|
| 899 | + $h6 = $h6->subInt64( $carry6->shiftLeft( 26 ) ); |
|
| 900 | 900 | |
| 901 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 902 | - $h4 = $h4->addInt64($carry3); |
|
| 903 | - $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 901 | + $carry3 = $h3->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 902 | + $h4 = $h4->addInt64( $carry3 ); |
|
| 903 | + $h3 = $h3->subInt64( $carry3->shiftLeft( 25 ) ); |
|
| 904 | 904 | |
| 905 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 906 | - $h8 = $h8->addInt64($carry7); |
|
| 907 | - $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 905 | + $carry7 = $h7->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 906 | + $h8 = $h8->addInt64( $carry7 ); |
|
| 907 | + $h7 = $h7->subInt64( $carry7->shiftLeft( 25 ) ); |
|
| 908 | 908 | |
| 909 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 910 | - $h5 = $h5->addInt64($carry4); |
|
| 911 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 909 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 910 | + $h5 = $h5->addInt64( $carry4 ); |
|
| 911 | + $h4 = $h4->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 912 | 912 | |
| 913 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 914 | - $h9 = $h9->addInt64($carry8); |
|
| 915 | - $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 913 | + $carry8 = $h8->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 914 | + $h9 = $h9->addInt64( $carry8 ); |
|
| 915 | + $h8 = $h8->subInt64( $carry8->shiftLeft( 26 ) ); |
|
| 916 | 916 | |
| 917 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 918 | - $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 919 | - $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 917 | + $carry9 = $h9->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 918 | + $h0 = $h0->addInt64( $carry9->mulInt( 19 ) ); |
|
| 919 | + $h9 = $h9->subInt64( $carry9->shiftLeft( 25 ) ); |
|
| 920 | 920 | |
| 921 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 922 | - $h1 = $h1->addInt64($carry0); |
|
| 923 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 921 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 922 | + $h1 = $h1->addInt64( $carry0 ); |
|
| 923 | + $h0 = $h0->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 924 | 924 | |
| 925 | 925 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 926 | 926 | array( |
@@ -948,7 +948,7 @@ discard block |
||
| 948 | 948 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 949 | 949 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 950 | 950 | */ |
| 951 | - public static function fe_sq2(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 951 | + public static function fe_sq2( ParagonIE_Sodium_Core32_Curve25519_Fe $f ) |
|
| 952 | 952 | { |
| 953 | 953 | /** |
| 954 | 954 | * @var ParagonIE_Sodium_Core32_Int64 $f0 |
@@ -974,85 +974,85 @@ discard block |
||
| 974 | 974 | $f8 = $f[8]->toInt64(); |
| 975 | 975 | $f9 = $f[9]->toInt64(); |
| 976 | 976 | |
| 977 | - $f0_2 = $f0->shiftLeft(1); |
|
| 978 | - $f1_2 = $f1->shiftLeft(1); |
|
| 979 | - $f2_2 = $f2->shiftLeft(1); |
|
| 980 | - $f3_2 = $f3->shiftLeft(1); |
|
| 981 | - $f4_2 = $f4->shiftLeft(1); |
|
| 982 | - $f5_2 = $f5->shiftLeft(1); |
|
| 983 | - $f6_2 = $f6->shiftLeft(1); |
|
| 984 | - $f7_2 = $f7->shiftLeft(1); |
|
| 985 | - $f5_38 = $f5->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 986 | - $f6_19 = $f6->mulInt(19, 5); /* 1.959375*2^30 */ |
|
| 987 | - $f7_38 = $f7->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 988 | - $f8_19 = $f8->mulInt(19, 5); /* 1.959375*2^30 */ |
|
| 989 | - $f9_38 = $f9->mulInt(38, 6); /* 1.959375*2^30 */ |
|
| 990 | - $f0f0 = $f0->mulInt64($f0); |
|
| 991 | - $f0f1_2 = $f0_2->mulInt64($f1); |
|
| 992 | - $f0f2_2 = $f0_2->mulInt64($f2); |
|
| 993 | - $f0f3_2 = $f0_2->mulInt64($f3); |
|
| 994 | - $f0f4_2 = $f0_2->mulInt64($f4); |
|
| 995 | - $f0f5_2 = $f0_2->mulInt64($f5); |
|
| 996 | - $f0f6_2 = $f0_2->mulInt64($f6); |
|
| 997 | - $f0f7_2 = $f0_2->mulInt64($f7); |
|
| 998 | - $f0f8_2 = $f0_2->mulInt64($f8); |
|
| 999 | - $f0f9_2 = $f0_2->mulInt64($f9); |
|
| 1000 | - $f1f1_2 = $f1_2->mulInt64($f1); |
|
| 1001 | - $f1f2_2 = $f1_2->mulInt64($f2); |
|
| 1002 | - $f1f3_4 = $f1_2->mulInt64($f3_2); |
|
| 1003 | - $f1f4_2 = $f1_2->mulInt64($f4); |
|
| 1004 | - $f1f5_4 = $f1_2->mulInt64($f5_2); |
|
| 1005 | - $f1f6_2 = $f1_2->mulInt64($f6); |
|
| 1006 | - $f1f7_4 = $f1_2->mulInt64($f7_2); |
|
| 1007 | - $f1f8_2 = $f1_2->mulInt64($f8); |
|
| 1008 | - $f1f9_76 = $f1_2->mulInt64($f9_38); |
|
| 1009 | - $f2f2 = $f2->mulInt64($f2); |
|
| 1010 | - $f2f3_2 = $f2_2->mulInt64($f3); |
|
| 1011 | - $f2f4_2 = $f2_2->mulInt64($f4); |
|
| 1012 | - $f2f5_2 = $f2_2->mulInt64($f5); |
|
| 1013 | - $f2f6_2 = $f2_2->mulInt64($f6); |
|
| 1014 | - $f2f7_2 = $f2_2->mulInt64($f7); |
|
| 1015 | - $f2f8_38 = $f2_2->mulInt64($f8_19); |
|
| 1016 | - $f2f9_38 = $f2->mulInt64($f9_38); |
|
| 1017 | - $f3f3_2 = $f3_2->mulInt64($f3); |
|
| 1018 | - $f3f4_2 = $f3_2->mulInt64($f4); |
|
| 1019 | - $f3f5_4 = $f3_2->mulInt64($f5_2); |
|
| 1020 | - $f3f6_2 = $f3_2->mulInt64($f6); |
|
| 1021 | - $f3f7_76 = $f3_2->mulInt64($f7_38); |
|
| 1022 | - $f3f8_38 = $f3_2->mulInt64($f8_19); |
|
| 1023 | - $f3f9_76 = $f3_2->mulInt64($f9_38); |
|
| 1024 | - $f4f4 = $f4->mulInt64($f4); |
|
| 1025 | - $f4f5_2 = $f4_2->mulInt64($f5); |
|
| 1026 | - $f4f6_38 = $f4_2->mulInt64($f6_19); |
|
| 1027 | - $f4f7_38 = $f4->mulInt64($f7_38); |
|
| 1028 | - $f4f8_38 = $f4_2->mulInt64($f8_19); |
|
| 1029 | - $f4f9_38 = $f4->mulInt64($f9_38); |
|
| 1030 | - $f5f5_38 = $f5->mulInt64($f5_38); |
|
| 1031 | - $f5f6_38 = $f5_2->mulInt64($f6_19); |
|
| 1032 | - $f5f7_76 = $f5_2->mulInt64($f7_38); |
|
| 1033 | - $f5f8_38 = $f5_2->mulInt64($f8_19); |
|
| 1034 | - $f5f9_76 = $f5_2->mulInt64($f9_38); |
|
| 1035 | - $f6f6_19 = $f6->mulInt64($f6_19); |
|
| 1036 | - $f6f7_38 = $f6->mulInt64($f7_38); |
|
| 1037 | - $f6f8_38 = $f6_2->mulInt64($f8_19); |
|
| 1038 | - $f6f9_38 = $f6->mulInt64($f9_38); |
|
| 1039 | - $f7f7_38 = $f7->mulInt64($f7_38); |
|
| 1040 | - $f7f8_38 = $f7_2->mulInt64($f8_19); |
|
| 1041 | - $f7f9_76 = $f7_2->mulInt64($f9_38); |
|
| 1042 | - $f8f8_19 = $f8->mulInt64($f8_19); |
|
| 1043 | - $f8f9_38 = $f8->mulInt64($f9_38); |
|
| 1044 | - $f9f9_38 = $f9->mulInt64($f9_38); |
|
| 1045 | - |
|
| 1046 | - $h0 = $f0f0->addInt64($f1f9_76)->addInt64($f2f8_38)->addInt64($f3f7_76)->addInt64($f4f6_38)->addInt64($f5f5_38); |
|
| 1047 | - $h1 = $f0f1_2->addInt64($f2f9_38)->addInt64($f3f8_38)->addInt64($f4f7_38)->addInt64($f5f6_38); |
|
| 1048 | - $h2 = $f0f2_2->addInt64($f1f1_2)->addInt64($f3f9_76)->addInt64($f4f8_38)->addInt64($f5f7_76)->addInt64($f6f6_19); |
|
| 1049 | - $h3 = $f0f3_2->addInt64($f1f2_2)->addInt64($f4f9_38)->addInt64($f5f8_38)->addInt64($f6f7_38); |
|
| 1050 | - $h4 = $f0f4_2->addInt64($f1f3_4)->addInt64($f2f2)->addInt64($f5f9_76)->addInt64($f6f8_38)->addInt64($f7f7_38); |
|
| 1051 | - $h5 = $f0f5_2->addInt64($f1f4_2)->addInt64($f2f3_2)->addInt64($f6f9_38)->addInt64($f7f8_38); |
|
| 1052 | - $h6 = $f0f6_2->addInt64($f1f5_4)->addInt64($f2f4_2)->addInt64($f3f3_2)->addInt64($f7f9_76)->addInt64($f8f8_19); |
|
| 1053 | - $h7 = $f0f7_2->addInt64($f1f6_2)->addInt64($f2f5_2)->addInt64($f3f4_2)->addInt64($f8f9_38); |
|
| 1054 | - $h8 = $f0f8_2->addInt64($f1f7_4)->addInt64($f2f6_2)->addInt64($f3f5_4)->addInt64($f4f4)->addInt64($f9f9_38); |
|
| 1055 | - $h9 = $f0f9_2->addInt64($f1f8_2)->addInt64($f2f7_2)->addInt64($f3f6_2)->addInt64($f4f5_2); |
|
| 977 | + $f0_2 = $f0->shiftLeft( 1 ); |
|
| 978 | + $f1_2 = $f1->shiftLeft( 1 ); |
|
| 979 | + $f2_2 = $f2->shiftLeft( 1 ); |
|
| 980 | + $f3_2 = $f3->shiftLeft( 1 ); |
|
| 981 | + $f4_2 = $f4->shiftLeft( 1 ); |
|
| 982 | + $f5_2 = $f5->shiftLeft( 1 ); |
|
| 983 | + $f6_2 = $f6->shiftLeft( 1 ); |
|
| 984 | + $f7_2 = $f7->shiftLeft( 1 ); |
|
| 985 | + $f5_38 = $f5->mulInt( 38, 6 ); /* 1.959375*2^30 */ |
|
| 986 | + $f6_19 = $f6->mulInt( 19, 5 ); /* 1.959375*2^30 */ |
|
| 987 | + $f7_38 = $f7->mulInt( 38, 6 ); /* 1.959375*2^30 */ |
|
| 988 | + $f8_19 = $f8->mulInt( 19, 5 ); /* 1.959375*2^30 */ |
|
| 989 | + $f9_38 = $f9->mulInt( 38, 6 ); /* 1.959375*2^30 */ |
|
| 990 | + $f0f0 = $f0->mulInt64( $f0 ); |
|
| 991 | + $f0f1_2 = $f0_2->mulInt64( $f1 ); |
|
| 992 | + $f0f2_2 = $f0_2->mulInt64( $f2 ); |
|
| 993 | + $f0f3_2 = $f0_2->mulInt64( $f3 ); |
|
| 994 | + $f0f4_2 = $f0_2->mulInt64( $f4 ); |
|
| 995 | + $f0f5_2 = $f0_2->mulInt64( $f5 ); |
|
| 996 | + $f0f6_2 = $f0_2->mulInt64( $f6 ); |
|
| 997 | + $f0f7_2 = $f0_2->mulInt64( $f7 ); |
|
| 998 | + $f0f8_2 = $f0_2->mulInt64( $f8 ); |
|
| 999 | + $f0f9_2 = $f0_2->mulInt64( $f9 ); |
|
| 1000 | + $f1f1_2 = $f1_2->mulInt64( $f1 ); |
|
| 1001 | + $f1f2_2 = $f1_2->mulInt64( $f2 ); |
|
| 1002 | + $f1f3_4 = $f1_2->mulInt64( $f3_2 ); |
|
| 1003 | + $f1f4_2 = $f1_2->mulInt64( $f4 ); |
|
| 1004 | + $f1f5_4 = $f1_2->mulInt64( $f5_2 ); |
|
| 1005 | + $f1f6_2 = $f1_2->mulInt64( $f6 ); |
|
| 1006 | + $f1f7_4 = $f1_2->mulInt64( $f7_2 ); |
|
| 1007 | + $f1f8_2 = $f1_2->mulInt64( $f8 ); |
|
| 1008 | + $f1f9_76 = $f1_2->mulInt64( $f9_38 ); |
|
| 1009 | + $f2f2 = $f2->mulInt64( $f2 ); |
|
| 1010 | + $f2f3_2 = $f2_2->mulInt64( $f3 ); |
|
| 1011 | + $f2f4_2 = $f2_2->mulInt64( $f4 ); |
|
| 1012 | + $f2f5_2 = $f2_2->mulInt64( $f5 ); |
|
| 1013 | + $f2f6_2 = $f2_2->mulInt64( $f6 ); |
|
| 1014 | + $f2f7_2 = $f2_2->mulInt64( $f7 ); |
|
| 1015 | + $f2f8_38 = $f2_2->mulInt64( $f8_19 ); |
|
| 1016 | + $f2f9_38 = $f2->mulInt64( $f9_38 ); |
|
| 1017 | + $f3f3_2 = $f3_2->mulInt64( $f3 ); |
|
| 1018 | + $f3f4_2 = $f3_2->mulInt64( $f4 ); |
|
| 1019 | + $f3f5_4 = $f3_2->mulInt64( $f5_2 ); |
|
| 1020 | + $f3f6_2 = $f3_2->mulInt64( $f6 ); |
|
| 1021 | + $f3f7_76 = $f3_2->mulInt64( $f7_38 ); |
|
| 1022 | + $f3f8_38 = $f3_2->mulInt64( $f8_19 ); |
|
| 1023 | + $f3f9_76 = $f3_2->mulInt64( $f9_38 ); |
|
| 1024 | + $f4f4 = $f4->mulInt64( $f4 ); |
|
| 1025 | + $f4f5_2 = $f4_2->mulInt64( $f5 ); |
|
| 1026 | + $f4f6_38 = $f4_2->mulInt64( $f6_19 ); |
|
| 1027 | + $f4f7_38 = $f4->mulInt64( $f7_38 ); |
|
| 1028 | + $f4f8_38 = $f4_2->mulInt64( $f8_19 ); |
|
| 1029 | + $f4f9_38 = $f4->mulInt64( $f9_38 ); |
|
| 1030 | + $f5f5_38 = $f5->mulInt64( $f5_38 ); |
|
| 1031 | + $f5f6_38 = $f5_2->mulInt64( $f6_19 ); |
|
| 1032 | + $f5f7_76 = $f5_2->mulInt64( $f7_38 ); |
|
| 1033 | + $f5f8_38 = $f5_2->mulInt64( $f8_19 ); |
|
| 1034 | + $f5f9_76 = $f5_2->mulInt64( $f9_38 ); |
|
| 1035 | + $f6f6_19 = $f6->mulInt64( $f6_19 ); |
|
| 1036 | + $f6f7_38 = $f6->mulInt64( $f7_38 ); |
|
| 1037 | + $f6f8_38 = $f6_2->mulInt64( $f8_19 ); |
|
| 1038 | + $f6f9_38 = $f6->mulInt64( $f9_38 ); |
|
| 1039 | + $f7f7_38 = $f7->mulInt64( $f7_38 ); |
|
| 1040 | + $f7f8_38 = $f7_2->mulInt64( $f8_19 ); |
|
| 1041 | + $f7f9_76 = $f7_2->mulInt64( $f9_38 ); |
|
| 1042 | + $f8f8_19 = $f8->mulInt64( $f8_19 ); |
|
| 1043 | + $f8f9_38 = $f8->mulInt64( $f9_38 ); |
|
| 1044 | + $f9f9_38 = $f9->mulInt64( $f9_38 ); |
|
| 1045 | + |
|
| 1046 | + $h0 = $f0f0->addInt64( $f1f9_76 )->addInt64( $f2f8_38 )->addInt64( $f3f7_76 )->addInt64( $f4f6_38 )->addInt64( $f5f5_38 ); |
|
| 1047 | + $h1 = $f0f1_2->addInt64( $f2f9_38 )->addInt64( $f3f8_38 )->addInt64( $f4f7_38 )->addInt64( $f5f6_38 ); |
|
| 1048 | + $h2 = $f0f2_2->addInt64( $f1f1_2 )->addInt64( $f3f9_76 )->addInt64( $f4f8_38 )->addInt64( $f5f7_76 )->addInt64( $f6f6_19 ); |
|
| 1049 | + $h3 = $f0f3_2->addInt64( $f1f2_2 )->addInt64( $f4f9_38 )->addInt64( $f5f8_38 )->addInt64( $f6f7_38 ); |
|
| 1050 | + $h4 = $f0f4_2->addInt64( $f1f3_4 )->addInt64( $f2f2 )->addInt64( $f5f9_76 )->addInt64( $f6f8_38 )->addInt64( $f7f7_38 ); |
|
| 1051 | + $h5 = $f0f5_2->addInt64( $f1f4_2 )->addInt64( $f2f3_2 )->addInt64( $f6f9_38 )->addInt64( $f7f8_38 ); |
|
| 1052 | + $h6 = $f0f6_2->addInt64( $f1f5_4 )->addInt64( $f2f4_2 )->addInt64( $f3f3_2 )->addInt64( $f7f9_76 )->addInt64( $f8f8_19 ); |
|
| 1053 | + $h7 = $f0f7_2->addInt64( $f1f6_2 )->addInt64( $f2f5_2 )->addInt64( $f3f4_2 )->addInt64( $f8f9_38 ); |
|
| 1054 | + $h8 = $f0f8_2->addInt64( $f1f7_4 )->addInt64( $f2f6_2 )->addInt64( $f3f5_4 )->addInt64( $f4f4 )->addInt64( $f9f9_38 ); |
|
| 1055 | + $h9 = $f0f9_2->addInt64( $f1f8_2 )->addInt64( $f2f7_2 )->addInt64( $f3f6_2 )->addInt64( $f4f5_2 ); |
|
| 1056 | 1056 | |
| 1057 | 1057 | /* |
| 1058 | 1058 | $h6 = (int) ($f0f6_2 + $f1f5_4 + $f2f4_2 + $f3f3_2 + $f7f9_76 + $f8f8_19); |
@@ -1072,59 +1072,59 @@ discard block |
||
| 1072 | 1072 | * @var ParagonIE_Sodium_Core32_Int64 $h8 |
| 1073 | 1073 | * @var ParagonIE_Sodium_Core32_Int64 $h9 |
| 1074 | 1074 | */ |
| 1075 | - $h0 = $h0->shiftLeft(1); |
|
| 1076 | - $h1 = $h1->shiftLeft(1); |
|
| 1077 | - $h2 = $h2->shiftLeft(1); |
|
| 1078 | - $h3 = $h3->shiftLeft(1); |
|
| 1079 | - $h4 = $h4->shiftLeft(1); |
|
| 1080 | - $h5 = $h5->shiftLeft(1); |
|
| 1081 | - $h6 = $h6->shiftLeft(1); |
|
| 1082 | - $h7 = $h7->shiftLeft(1); |
|
| 1083 | - $h8 = $h8->shiftLeft(1); |
|
| 1084 | - $h9 = $h9->shiftLeft(1); |
|
| 1085 | - |
|
| 1086 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 1087 | - $h1 = $h1->addInt64($carry0); |
|
| 1088 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 1089 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 1090 | - $h5 = $h5->addInt64($carry4); |
|
| 1091 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 1092 | - |
|
| 1093 | - $carry1 = $h1->addInt(1 << 24)->shiftRight(25); |
|
| 1094 | - $h2 = $h2->addInt64($carry1); |
|
| 1095 | - $h1 = $h1->subInt64($carry1->shiftLeft(25)); |
|
| 1096 | - $carry5 = $h5->addInt(1 << 24)->shiftRight(25); |
|
| 1097 | - $h6 = $h6->addInt64($carry5); |
|
| 1098 | - $h5 = $h5->subInt64($carry5->shiftLeft(25)); |
|
| 1099 | - |
|
| 1100 | - $carry2 = $h2->addInt(1 << 25)->shiftRight(26); |
|
| 1101 | - $h3 = $h3->addInt64($carry2); |
|
| 1102 | - $h2 = $h2->subInt64($carry2->shiftLeft(26)); |
|
| 1103 | - $carry6 = $h6->addInt(1 << 25)->shiftRight(26); |
|
| 1104 | - $h7 = $h7->addInt64($carry6); |
|
| 1105 | - $h6 = $h6->subInt64($carry6->shiftLeft(26)); |
|
| 1106 | - |
|
| 1107 | - $carry3 = $h3->addInt(1 << 24)->shiftRight(25); |
|
| 1108 | - $h4 = $h4->addInt64($carry3); |
|
| 1109 | - $h3 = $h3->subInt64($carry3->shiftLeft(25)); |
|
| 1110 | - $carry7 = $h7->addInt(1 << 24)->shiftRight(25); |
|
| 1111 | - $h8 = $h8->addInt64($carry7); |
|
| 1112 | - $h7 = $h7->subInt64($carry7->shiftLeft(25)); |
|
| 1113 | - |
|
| 1114 | - $carry4 = $h4->addInt(1 << 25)->shiftRight(26); |
|
| 1115 | - $h5 = $h5->addInt64($carry4); |
|
| 1116 | - $h4 = $h4->subInt64($carry4->shiftLeft(26)); |
|
| 1117 | - $carry8 = $h8->addInt(1 << 25)->shiftRight(26); |
|
| 1118 | - $h9 = $h9->addInt64($carry8); |
|
| 1119 | - $h8 = $h8->subInt64($carry8->shiftLeft(26)); |
|
| 1120 | - |
|
| 1121 | - $carry9 = $h9->addInt(1 << 24)->shiftRight(25); |
|
| 1122 | - $h0 = $h0->addInt64($carry9->mulInt(19)); |
|
| 1123 | - $h9 = $h9->subInt64($carry9->shiftLeft(25)); |
|
| 1124 | - |
|
| 1125 | - $carry0 = $h0->addInt(1 << 25)->shiftRight(26); |
|
| 1126 | - $h1 = $h1->addInt64($carry0); |
|
| 1127 | - $h0 = $h0->subInt64($carry0->shiftLeft(26)); |
|
| 1075 | + $h0 = $h0->shiftLeft( 1 ); |
|
| 1076 | + $h1 = $h1->shiftLeft( 1 ); |
|
| 1077 | + $h2 = $h2->shiftLeft( 1 ); |
|
| 1078 | + $h3 = $h3->shiftLeft( 1 ); |
|
| 1079 | + $h4 = $h4->shiftLeft( 1 ); |
|
| 1080 | + $h5 = $h5->shiftLeft( 1 ); |
|
| 1081 | + $h6 = $h6->shiftLeft( 1 ); |
|
| 1082 | + $h7 = $h7->shiftLeft( 1 ); |
|
| 1083 | + $h8 = $h8->shiftLeft( 1 ); |
|
| 1084 | + $h9 = $h9->shiftLeft( 1 ); |
|
| 1085 | + |
|
| 1086 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1087 | + $h1 = $h1->addInt64( $carry0 ); |
|
| 1088 | + $h0 = $h0->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 1089 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1090 | + $h5 = $h5->addInt64( $carry4 ); |
|
| 1091 | + $h4 = $h4->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 1092 | + |
|
| 1093 | + $carry1 = $h1->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 1094 | + $h2 = $h2->addInt64( $carry1 ); |
|
| 1095 | + $h1 = $h1->subInt64( $carry1->shiftLeft( 25 ) ); |
|
| 1096 | + $carry5 = $h5->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 1097 | + $h6 = $h6->addInt64( $carry5 ); |
|
| 1098 | + $h5 = $h5->subInt64( $carry5->shiftLeft( 25 ) ); |
|
| 1099 | + |
|
| 1100 | + $carry2 = $h2->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1101 | + $h3 = $h3->addInt64( $carry2 ); |
|
| 1102 | + $h2 = $h2->subInt64( $carry2->shiftLeft( 26 ) ); |
|
| 1103 | + $carry6 = $h6->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1104 | + $h7 = $h7->addInt64( $carry6 ); |
|
| 1105 | + $h6 = $h6->subInt64( $carry6->shiftLeft( 26 ) ); |
|
| 1106 | + |
|
| 1107 | + $carry3 = $h3->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 1108 | + $h4 = $h4->addInt64( $carry3 ); |
|
| 1109 | + $h3 = $h3->subInt64( $carry3->shiftLeft( 25 ) ); |
|
| 1110 | + $carry7 = $h7->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 1111 | + $h8 = $h8->addInt64( $carry7 ); |
|
| 1112 | + $h7 = $h7->subInt64( $carry7->shiftLeft( 25 ) ); |
|
| 1113 | + |
|
| 1114 | + $carry4 = $h4->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1115 | + $h5 = $h5->addInt64( $carry4 ); |
|
| 1116 | + $h4 = $h4->subInt64( $carry4->shiftLeft( 26 ) ); |
|
| 1117 | + $carry8 = $h8->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1118 | + $h9 = $h9->addInt64( $carry8 ); |
|
| 1119 | + $h8 = $h8->subInt64( $carry8->shiftLeft( 26 ) ); |
|
| 1120 | + |
|
| 1121 | + $carry9 = $h9->addInt( 1 << 24 )->shiftRight( 25 ); |
|
| 1122 | + $h0 = $h0->addInt64( $carry9->mulInt( 19 ) ); |
|
| 1123 | + $h9 = $h9->subInt64( $carry9->shiftLeft( 25 ) ); |
|
| 1124 | + |
|
| 1125 | + $carry0 = $h0->addInt( 1 << 25 )->shiftRight( 26 ); |
|
| 1126 | + $h1 = $h1->addInt64( $carry0 ); |
|
| 1127 | + $h0 = $h0->subInt64( $carry0->shiftLeft( 26 ) ); |
|
| 1128 | 1128 | |
| 1129 | 1129 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1130 | 1130 | array( |
@@ -1153,56 +1153,56 @@ discard block |
||
| 1153 | 1153 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $Z |
| 1154 | 1154 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 1155 | 1155 | */ |
| 1156 | - public static function fe_invert(ParagonIE_Sodium_Core32_Curve25519_Fe $Z) |
|
| 1156 | + public static function fe_invert( ParagonIE_Sodium_Core32_Curve25519_Fe $Z ) |
|
| 1157 | 1157 | { |
| 1158 | 1158 | $z = clone $Z; |
| 1159 | - $t0 = self::fe_sq($z); |
|
| 1160 | - $t1 = self::fe_sq($t0); |
|
| 1161 | - $t1 = self::fe_sq($t1); |
|
| 1162 | - $t1 = self::fe_mul($z, $t1); |
|
| 1163 | - $t0 = self::fe_mul($t0, $t1); |
|
| 1164 | - $t2 = self::fe_sq($t0); |
|
| 1165 | - $t1 = self::fe_mul($t1, $t2); |
|
| 1166 | - $t2 = self::fe_sq($t1); |
|
| 1167 | - for ($i = 1; $i < 5; ++$i) { |
|
| 1168 | - $t2 = self::fe_sq($t2); |
|
| 1159 | + $t0 = self::fe_sq( $z ); |
|
| 1160 | + $t1 = self::fe_sq( $t0 ); |
|
| 1161 | + $t1 = self::fe_sq( $t1 ); |
|
| 1162 | + $t1 = self::fe_mul( $z, $t1 ); |
|
| 1163 | + $t0 = self::fe_mul( $t0, $t1 ); |
|
| 1164 | + $t2 = self::fe_sq( $t0 ); |
|
| 1165 | + $t1 = self::fe_mul( $t1, $t2 ); |
|
| 1166 | + $t2 = self::fe_sq( $t1 ); |
|
| 1167 | + for ( $i = 1; $i < 5; ++$i ) { |
|
| 1168 | + $t2 = self::fe_sq( $t2 ); |
|
| 1169 | 1169 | } |
| 1170 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1171 | - $t2 = self::fe_sq($t1); |
|
| 1172 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1173 | - $t2 = self::fe_sq($t2); |
|
| 1170 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1171 | + $t2 = self::fe_sq( $t1 ); |
|
| 1172 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 1173 | + $t2 = self::fe_sq( $t2 ); |
|
| 1174 | 1174 | } |
| 1175 | - $t2 = self::fe_mul($t2, $t1); |
|
| 1176 | - $t3 = self::fe_sq($t2); |
|
| 1177 | - for ($i = 1; $i < 20; ++$i) { |
|
| 1178 | - $t3 = self::fe_sq($t3); |
|
| 1175 | + $t2 = self::fe_mul( $t2, $t1 ); |
|
| 1176 | + $t3 = self::fe_sq( $t2 ); |
|
| 1177 | + for ( $i = 1; $i < 20; ++$i ) { |
|
| 1178 | + $t3 = self::fe_sq( $t3 ); |
|
| 1179 | 1179 | } |
| 1180 | - $t2 = self::fe_mul($t3, $t2); |
|
| 1181 | - $t2 = self::fe_sq($t2); |
|
| 1182 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1183 | - $t2 = self::fe_sq($t2); |
|
| 1180 | + $t2 = self::fe_mul( $t3, $t2 ); |
|
| 1181 | + $t2 = self::fe_sq( $t2 ); |
|
| 1182 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 1183 | + $t2 = self::fe_sq( $t2 ); |
|
| 1184 | 1184 | } |
| 1185 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1186 | - $t2 = self::fe_sq($t1); |
|
| 1187 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1188 | - $t2 = self::fe_sq($t2); |
|
| 1185 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1186 | + $t2 = self::fe_sq( $t1 ); |
|
| 1187 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 1188 | + $t2 = self::fe_sq( $t2 ); |
|
| 1189 | 1189 | } |
| 1190 | - $t2 = self::fe_mul($t2, $t1); |
|
| 1191 | - $t3 = self::fe_sq($t2); |
|
| 1192 | - for ($i = 1; $i < 100; ++$i) { |
|
| 1193 | - $t3 = self::fe_sq($t3); |
|
| 1190 | + $t2 = self::fe_mul( $t2, $t1 ); |
|
| 1191 | + $t3 = self::fe_sq( $t2 ); |
|
| 1192 | + for ( $i = 1; $i < 100; ++$i ) { |
|
| 1193 | + $t3 = self::fe_sq( $t3 ); |
|
| 1194 | 1194 | } |
| 1195 | - $t2 = self::fe_mul($t3, $t2); |
|
| 1196 | - $t2 = self::fe_sq($t2); |
|
| 1197 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1198 | - $t2 = self::fe_sq($t2); |
|
| 1195 | + $t2 = self::fe_mul( $t3, $t2 ); |
|
| 1196 | + $t2 = self::fe_sq( $t2 ); |
|
| 1197 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 1198 | + $t2 = self::fe_sq( $t2 ); |
|
| 1199 | 1199 | } |
| 1200 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1201 | - $t1 = self::fe_sq($t1); |
|
| 1202 | - for ($i = 1; $i < 5; ++$i) { |
|
| 1203 | - $t1 = self::fe_sq($t1); |
|
| 1200 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1201 | + $t1 = self::fe_sq( $t1 ); |
|
| 1202 | + for ( $i = 1; $i < 5; ++$i ) { |
|
| 1203 | + $t1 = self::fe_sq( $t1 ); |
|
| 1204 | 1204 | } |
| 1205 | - return self::fe_mul($t1, $t0); |
|
| 1205 | + return self::fe_mul( $t1, $t0 ); |
|
| 1206 | 1206 | } |
| 1207 | 1207 | |
| 1208 | 1208 | /** |
@@ -1213,7 +1213,7 @@ discard block |
||
| 1213 | 1213 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $z |
| 1214 | 1214 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 1215 | 1215 | */ |
| 1216 | - public static function fe_pow22523(ParagonIE_Sodium_Core32_Curve25519_Fe $z) |
|
| 1216 | + public static function fe_pow22523( ParagonIE_Sodium_Core32_Curve25519_Fe $z ) |
|
| 1217 | 1217 | { |
| 1218 | 1218 | # fe_sq(t0, z); |
| 1219 | 1219 | # fe_sq(t1, t0); |
@@ -1223,102 +1223,102 @@ discard block |
||
| 1223 | 1223 | # fe_sq(t0, t0); |
| 1224 | 1224 | # fe_mul(t0, t1, t0); |
| 1225 | 1225 | # fe_sq(t1, t0); |
| 1226 | - $t0 = self::fe_sq($z); |
|
| 1227 | - $t1 = self::fe_sq($t0); |
|
| 1228 | - $t1 = self::fe_sq($t1); |
|
| 1229 | - $t1 = self::fe_mul($z, $t1); |
|
| 1230 | - $t0 = self::fe_mul($t0, $t1); |
|
| 1231 | - $t0 = self::fe_sq($t0); |
|
| 1232 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1233 | - $t1 = self::fe_sq($t0); |
|
| 1226 | + $t0 = self::fe_sq( $z ); |
|
| 1227 | + $t1 = self::fe_sq( $t0 ); |
|
| 1228 | + $t1 = self::fe_sq( $t1 ); |
|
| 1229 | + $t1 = self::fe_mul( $z, $t1 ); |
|
| 1230 | + $t0 = self::fe_mul( $t0, $t1 ); |
|
| 1231 | + $t0 = self::fe_sq( $t0 ); |
|
| 1232 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 1233 | + $t1 = self::fe_sq( $t0 ); |
|
| 1234 | 1234 | |
| 1235 | 1235 | # for (i = 1; i < 5; ++i) { |
| 1236 | 1236 | # fe_sq(t1, t1); |
| 1237 | 1237 | # } |
| 1238 | - for ($i = 1; $i < 5; ++$i) { |
|
| 1239 | - $t1 = self::fe_sq($t1); |
|
| 1238 | + for ( $i = 1; $i < 5; ++$i ) { |
|
| 1239 | + $t1 = self::fe_sq( $t1 ); |
|
| 1240 | 1240 | } |
| 1241 | 1241 | |
| 1242 | 1242 | # fe_mul(t0, t1, t0); |
| 1243 | 1243 | # fe_sq(t1, t0); |
| 1244 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1245 | - $t1 = self::fe_sq($t0); |
|
| 1244 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 1245 | + $t1 = self::fe_sq( $t0 ); |
|
| 1246 | 1246 | |
| 1247 | 1247 | # for (i = 1; i < 10; ++i) { |
| 1248 | 1248 | # fe_sq(t1, t1); |
| 1249 | 1249 | # } |
| 1250 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1251 | - $t1 = self::fe_sq($t1); |
|
| 1250 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 1251 | + $t1 = self::fe_sq( $t1 ); |
|
| 1252 | 1252 | } |
| 1253 | 1253 | |
| 1254 | 1254 | # fe_mul(t1, t1, t0); |
| 1255 | 1255 | # fe_sq(t2, t1); |
| 1256 | - $t1 = self::fe_mul($t1, $t0); |
|
| 1257 | - $t2 = self::fe_sq($t1); |
|
| 1256 | + $t1 = self::fe_mul( $t1, $t0 ); |
|
| 1257 | + $t2 = self::fe_sq( $t1 ); |
|
| 1258 | 1258 | |
| 1259 | 1259 | # for (i = 1; i < 20; ++i) { |
| 1260 | 1260 | # fe_sq(t2, t2); |
| 1261 | 1261 | # } |
| 1262 | - for ($i = 1; $i < 20; ++$i) { |
|
| 1263 | - $t2 = self::fe_sq($t2); |
|
| 1262 | + for ( $i = 1; $i < 20; ++$i ) { |
|
| 1263 | + $t2 = self::fe_sq( $t2 ); |
|
| 1264 | 1264 | } |
| 1265 | 1265 | |
| 1266 | 1266 | # fe_mul(t1, t2, t1); |
| 1267 | 1267 | # fe_sq(t1, t1); |
| 1268 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1269 | - $t1 = self::fe_sq($t1); |
|
| 1268 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1269 | + $t1 = self::fe_sq( $t1 ); |
|
| 1270 | 1270 | |
| 1271 | 1271 | # for (i = 1; i < 10; ++i) { |
| 1272 | 1272 | # fe_sq(t1, t1); |
| 1273 | 1273 | # } |
| 1274 | - for ($i = 1; $i < 10; ++$i) { |
|
| 1275 | - $t1 = self::fe_sq($t1); |
|
| 1274 | + for ( $i = 1; $i < 10; ++$i ) { |
|
| 1275 | + $t1 = self::fe_sq( $t1 ); |
|
| 1276 | 1276 | } |
| 1277 | 1277 | |
| 1278 | 1278 | # fe_mul(t0, t1, t0); |
| 1279 | 1279 | # fe_sq(t1, t0); |
| 1280 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1281 | - $t1 = self::fe_sq($t0); |
|
| 1280 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 1281 | + $t1 = self::fe_sq( $t0 ); |
|
| 1282 | 1282 | |
| 1283 | 1283 | # for (i = 1; i < 50; ++i) { |
| 1284 | 1284 | # fe_sq(t1, t1); |
| 1285 | 1285 | # } |
| 1286 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1287 | - $t1 = self::fe_sq($t1); |
|
| 1286 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 1287 | + $t1 = self::fe_sq( $t1 ); |
|
| 1288 | 1288 | } |
| 1289 | 1289 | |
| 1290 | 1290 | # fe_mul(t1, t1, t0); |
| 1291 | 1291 | # fe_sq(t2, t1); |
| 1292 | - $t1 = self::fe_mul($t1, $t0); |
|
| 1293 | - $t2 = self::fe_sq($t1); |
|
| 1292 | + $t1 = self::fe_mul( $t1, $t0 ); |
|
| 1293 | + $t2 = self::fe_sq( $t1 ); |
|
| 1294 | 1294 | |
| 1295 | 1295 | # for (i = 1; i < 100; ++i) { |
| 1296 | 1296 | # fe_sq(t2, t2); |
| 1297 | 1297 | # } |
| 1298 | - for ($i = 1; $i < 100; ++$i) { |
|
| 1299 | - $t2 = self::fe_sq($t2); |
|
| 1298 | + for ( $i = 1; $i < 100; ++$i ) { |
|
| 1299 | + $t2 = self::fe_sq( $t2 ); |
|
| 1300 | 1300 | } |
| 1301 | 1301 | |
| 1302 | 1302 | # fe_mul(t1, t2, t1); |
| 1303 | 1303 | # fe_sq(t1, t1); |
| 1304 | - $t1 = self::fe_mul($t2, $t1); |
|
| 1305 | - $t1 = self::fe_sq($t1); |
|
| 1304 | + $t1 = self::fe_mul( $t2, $t1 ); |
|
| 1305 | + $t1 = self::fe_sq( $t1 ); |
|
| 1306 | 1306 | |
| 1307 | 1307 | # for (i = 1; i < 50; ++i) { |
| 1308 | 1308 | # fe_sq(t1, t1); |
| 1309 | 1309 | # } |
| 1310 | - for ($i = 1; $i < 50; ++$i) { |
|
| 1311 | - $t1 = self::fe_sq($t1); |
|
| 1310 | + for ( $i = 1; $i < 50; ++$i ) { |
|
| 1311 | + $t1 = self::fe_sq( $t1 ); |
|
| 1312 | 1312 | } |
| 1313 | 1313 | |
| 1314 | 1314 | # fe_mul(t0, t1, t0); |
| 1315 | 1315 | # fe_sq(t0, t0); |
| 1316 | 1316 | # fe_sq(t0, t0); |
| 1317 | 1317 | # fe_mul(out, t0, z); |
| 1318 | - $t0 = self::fe_mul($t1, $t0); |
|
| 1319 | - $t0 = self::fe_sq($t0); |
|
| 1320 | - $t0 = self::fe_sq($t0); |
|
| 1321 | - return self::fe_mul($t0, $z); |
|
| 1318 | + $t0 = self::fe_mul( $t1, $t0 ); |
|
| 1319 | + $t0 = self::fe_sq( $t0 ); |
|
| 1320 | + $t0 = self::fe_sq( $t0 ); |
|
| 1321 | + return self::fe_mul( $t0, $z ); |
|
| 1322 | 1322 | } |
| 1323 | 1323 | |
| 1324 | 1324 | /** |
@@ -1339,20 +1339,20 @@ discard block |
||
| 1339 | 1339 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
| 1340 | 1340 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 1341 | 1341 | */ |
| 1342 | - public static function fe_sub(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) |
|
| 1342 | + public static function fe_sub( ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g ) |
|
| 1343 | 1343 | { |
| 1344 | 1344 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1345 | 1345 | array( |
| 1346 | - $f[0]->subInt32($g[0]), |
|
| 1347 | - $f[1]->subInt32($g[1]), |
|
| 1348 | - $f[2]->subInt32($g[2]), |
|
| 1349 | - $f[3]->subInt32($g[3]), |
|
| 1350 | - $f[4]->subInt32($g[4]), |
|
| 1351 | - $f[5]->subInt32($g[5]), |
|
| 1352 | - $f[6]->subInt32($g[6]), |
|
| 1353 | - $f[7]->subInt32($g[7]), |
|
| 1354 | - $f[8]->subInt32($g[8]), |
|
| 1355 | - $f[9]->subInt32($g[9]) |
|
| 1346 | + $f[0]->subInt32( $g[0] ), |
|
| 1347 | + $f[1]->subInt32( $g[1] ), |
|
| 1348 | + $f[2]->subInt32( $g[2] ), |
|
| 1349 | + $f[3]->subInt32( $g[3] ), |
|
| 1350 | + $f[4]->subInt32( $g[4] ), |
|
| 1351 | + $f[5]->subInt32( $g[5] ), |
|
| 1352 | + $f[6]->subInt32( $g[6] ), |
|
| 1353 | + $f[7]->subInt32( $g[7] ), |
|
| 1354 | + $f[8]->subInt32( $g[8] ), |
|
| 1355 | + $f[9]->subInt32( $g[9] ) |
|
| 1356 | 1356 | ) |
| 1357 | 1357 | ); |
| 1358 | 1358 | } |
@@ -1373,17 +1373,17 @@ discard block |
||
| 1373 | 1373 | ParagonIE_Sodium_Core32_Curve25519_Ge_Cached $q |
| 1374 | 1374 | ) { |
| 1375 | 1375 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
| 1376 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1377 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1378 | - $r->Z = self::fe_mul($r->X, $q->YplusX); |
|
| 1379 | - $r->Y = self::fe_mul($r->Y, $q->YminusX); |
|
| 1380 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1381 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1382 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1383 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1384 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1385 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1386 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1376 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1377 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1378 | + $r->Z = self::fe_mul( $r->X, $q->YplusX ); |
|
| 1379 | + $r->Y = self::fe_mul( $r->Y, $q->YminusX ); |
|
| 1380 | + $r->T = self::fe_mul( $q->T2d, $p->T ); |
|
| 1381 | + $r->X = self::fe_mul( $p->Z, $q->Z ); |
|
| 1382 | + $t0 = self::fe_add( $r->X, $r->X ); |
|
| 1383 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1384 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1385 | + $r->Z = self::fe_add( $t0, $r->T ); |
|
| 1386 | + $r->T = self::fe_sub( $t0, $r->T ); |
|
| 1387 | 1387 | return $r; |
| 1388 | 1388 | } |
| 1389 | 1389 | |
@@ -1394,33 +1394,33 @@ discard block |
||
| 1394 | 1394 | * @param string $a |
| 1395 | 1395 | * @return array<int, mixed> |
| 1396 | 1396 | */ |
| 1397 | - public static function slide($a) |
|
| 1397 | + public static function slide( $a ) |
|
| 1398 | 1398 | { |
| 1399 | - if (self::strlen($a) < 256) { |
|
| 1400 | - if (self::strlen($a) < 16) { |
|
| 1401 | - $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
|
| 1399 | + if ( self::strlen( $a ) < 256 ) { |
|
| 1400 | + if ( self::strlen( $a ) < 16 ) { |
|
| 1401 | + $a = str_pad( $a, 256, '0', STR_PAD_RIGHT ); |
|
| 1402 | 1402 | } |
| 1403 | 1403 | } |
| 1404 | 1404 | $r = array(); |
| 1405 | - for ($i = 0; $i < 256; ++$i) { |
|
| 1405 | + for ( $i = 0; $i < 256; ++$i ) { |
|
| 1406 | 1406 | $r[$i] = 1 & ( |
| 1407 | - self::chrToInt($a[$i >> 3]) |
|
| 1407 | + self::chrToInt( $a[$i >> 3] ) |
|
| 1408 | 1408 | >> |
| 1409 | - ($i & 7) |
|
| 1409 | + ( $i & 7 ) |
|
| 1410 | 1410 | ); |
| 1411 | 1411 | } |
| 1412 | 1412 | |
| 1413 | - for ($i = 0;$i < 256;++$i) { |
|
| 1414 | - if ($r[$i]) { |
|
| 1415 | - for ($b = 1;$b <= 6 && $i + $b < 256;++$b) { |
|
| 1416 | - if ($r[$i + $b]) { |
|
| 1417 | - if ($r[$i] + ($r[$i + $b] << $b) <= 15) { |
|
| 1413 | + for ( $i = 0; $i < 256; ++$i ) { |
|
| 1414 | + if ( $r[$i] ) { |
|
| 1415 | + for ( $b = 1; $b <= 6 && $i + $b < 256; ++$b ) { |
|
| 1416 | + if ( $r[$i + $b] ) { |
|
| 1417 | + if ( $r[$i] + ( $r[$i + $b] << $b ) <= 15 ) { |
|
| 1418 | 1418 | $r[$i] += $r[$i + $b] << $b; |
| 1419 | 1419 | $r[$i + $b] = 0; |
| 1420 | - } elseif ($r[$i] - ($r[$i + $b] << $b) >= -15) { |
|
| 1420 | + } elseif ( $r[$i] - ( $r[$i + $b] << $b ) >= -15 ) { |
|
| 1421 | 1421 | $r[$i] -= $r[$i + $b] << $b; |
| 1422 | - for ($k = $i + $b; $k < 256; ++$k) { |
|
| 1423 | - if (!$r[$k]) { |
|
| 1422 | + for ( $k = $i + $b; $k < 256; ++$k ) { |
|
| 1423 | + if ( ! $r[$k] ) { |
|
| 1424 | 1424 | $r[$k] = 1; |
| 1425 | 1425 | break; |
| 1426 | 1426 | } |
@@ -1442,22 +1442,22 @@ discard block |
||
| 1442 | 1442 | * @param string $s |
| 1443 | 1443 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 1444 | 1444 | */ |
| 1445 | - public static function ge_frombytes_negate_vartime($s) |
|
| 1445 | + public static function ge_frombytes_negate_vartime( $s ) |
|
| 1446 | 1446 | { |
| 1447 | 1447 | static $d = null; |
| 1448 | - if (!$d) { |
|
| 1448 | + if ( ! $d ) { |
|
| 1449 | 1449 | $d = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1450 | 1450 | array( |
| 1451 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[0]), |
|
| 1452 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[1]), |
|
| 1453 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[2]), |
|
| 1454 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[3]), |
|
| 1455 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[4]), |
|
| 1456 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[5]), |
|
| 1457 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[6]), |
|
| 1458 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[7]), |
|
| 1459 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[8]), |
|
| 1460 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d[9]) |
|
| 1451 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[0] ), |
|
| 1452 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[1] ), |
|
| 1453 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[2] ), |
|
| 1454 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[3] ), |
|
| 1455 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[4] ), |
|
| 1456 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[5] ), |
|
| 1457 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[6] ), |
|
| 1458 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[7] ), |
|
| 1459 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[8] ), |
|
| 1460 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d[9] ) |
|
| 1461 | 1461 | ) |
| 1462 | 1462 | ); |
| 1463 | 1463 | } |
@@ -1466,7 +1466,7 @@ discard block |
||
| 1466 | 1466 | # fe_1(h->Z); |
| 1467 | 1467 | $h = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( |
| 1468 | 1468 | self::fe_0(), |
| 1469 | - self::fe_frombytes($s), |
|
| 1469 | + self::fe_frombytes( $s ), |
|
| 1470 | 1470 | self::fe_1() |
| 1471 | 1471 | ); |
| 1472 | 1472 | |
@@ -1474,35 +1474,35 @@ discard block |
||
| 1474 | 1474 | # fe_mul(v,u,d); |
| 1475 | 1475 | # fe_sub(u,u,h->Z); /* u = y^2-1 */ |
| 1476 | 1476 | # fe_add(v,v,h->Z); /* v = dy^2+1 */ |
| 1477 | - $u = self::fe_sq($h->Y); |
|
| 1478 | - $v = self::fe_mul($u, $d); |
|
| 1479 | - $u = self::fe_sub($u, $h->Z); /* u = y^2 - 1 */ |
|
| 1480 | - $v = self::fe_add($v, $h->Z); /* v = dy^2 + 1 */ |
|
| 1477 | + $u = self::fe_sq( $h->Y ); |
|
| 1478 | + $v = self::fe_mul( $u, $d ); |
|
| 1479 | + $u = self::fe_sub( $u, $h->Z ); /* u = y^2 - 1 */ |
|
| 1480 | + $v = self::fe_add( $v, $h->Z ); /* v = dy^2 + 1 */ |
|
| 1481 | 1481 | |
| 1482 | 1482 | # fe_sq(v3,v); |
| 1483 | 1483 | # fe_mul(v3,v3,v); /* v3 = v^3 */ |
| 1484 | 1484 | # fe_sq(h->X,v3); |
| 1485 | 1485 | # fe_mul(h->X,h->X,v); |
| 1486 | 1486 | # fe_mul(h->X,h->X,u); /* x = uv^7 */ |
| 1487 | - $v3 = self::fe_sq($v); |
|
| 1488 | - $v3 = self::fe_mul($v3, $v); /* v3 = v^3 */ |
|
| 1489 | - $h->X = self::fe_sq($v3); |
|
| 1490 | - $h->X = self::fe_mul($h->X, $v); |
|
| 1491 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^7 */ |
|
| 1487 | + $v3 = self::fe_sq( $v ); |
|
| 1488 | + $v3 = self::fe_mul( $v3, $v ); /* v3 = v^3 */ |
|
| 1489 | + $h->X = self::fe_sq( $v3 ); |
|
| 1490 | + $h->X = self::fe_mul( $h->X, $v ); |
|
| 1491 | + $h->X = self::fe_mul( $h->X, $u ); /* x = uv^7 */ |
|
| 1492 | 1492 | |
| 1493 | 1493 | # fe_pow22523(h->X,h->X); /* x = (uv^7)^((q-5)/8) */ |
| 1494 | 1494 | # fe_mul(h->X,h->X,v3); |
| 1495 | 1495 | # fe_mul(h->X,h->X,u); /* x = uv^3(uv^7)^((q-5)/8) */ |
| 1496 | - $h->X = self::fe_pow22523($h->X); /* x = (uv^7)^((q-5)/8) */ |
|
| 1497 | - $h->X = self::fe_mul($h->X, $v3); |
|
| 1498 | - $h->X = self::fe_mul($h->X, $u); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1496 | + $h->X = self::fe_pow22523( $h->X ); /* x = (uv^7)^((q-5)/8) */ |
|
| 1497 | + $h->X = self::fe_mul( $h->X, $v3 ); |
|
| 1498 | + $h->X = self::fe_mul( $h->X, $u ); /* x = uv^3(uv^7)^((q-5)/8) */ |
|
| 1499 | 1499 | |
| 1500 | 1500 | # fe_sq(vxx,h->X); |
| 1501 | 1501 | # fe_mul(vxx,vxx,v); |
| 1502 | 1502 | # fe_sub(check,vxx,u); /* vx^2-u */ |
| 1503 | - $vxx = self::fe_sq($h->X); |
|
| 1504 | - $vxx = self::fe_mul($vxx, $v); |
|
| 1505 | - $check = self::fe_sub($vxx, $u); /* vx^2 - u */ |
|
| 1503 | + $vxx = self::fe_sq( $h->X ); |
|
| 1504 | + $vxx = self::fe_mul( $vxx, $v ); |
|
| 1505 | + $check = self::fe_sub( $vxx, $u ); /* vx^2 - u */ |
|
| 1506 | 1506 | |
| 1507 | 1507 | # if (fe_isnonzero(check)) { |
| 1508 | 1508 | # fe_add(check,vxx,u); /* vx^2+u */ |
@@ -1511,27 +1511,27 @@ discard block |
||
| 1511 | 1511 | # } |
| 1512 | 1512 | # fe_mul(h->X,h->X,sqrtm1); |
| 1513 | 1513 | # } |
| 1514 | - if (self::fe_isnonzero($check)) { |
|
| 1515 | - $check = self::fe_add($vxx, $u); /* vx^2 + u */ |
|
| 1516 | - if (self::fe_isnonzero($check)) { |
|
| 1517 | - throw new RangeException('Internal check failed.'); |
|
| 1514 | + if ( self::fe_isnonzero( $check ) ) { |
|
| 1515 | + $check = self::fe_add( $vxx, $u ); /* vx^2 + u */ |
|
| 1516 | + if ( self::fe_isnonzero( $check ) ) { |
|
| 1517 | + throw new RangeException( 'Internal check failed.' ); |
|
| 1518 | 1518 | } |
| 1519 | 1519 | $h->X = self::fe_mul( |
| 1520 | 1520 | $h->X, |
| 1521 | - ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray(self::$sqrtm1) |
|
| 1521 | + ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( self::$sqrtm1 ) |
|
| 1522 | 1522 | ); |
| 1523 | 1523 | } |
| 1524 | 1524 | |
| 1525 | 1525 | # if (fe_isnegative(h->X) == (s[31] >> 7)) { |
| 1526 | 1526 | # fe_neg(h->X,h->X); |
| 1527 | 1527 | # } |
| 1528 | - $i = self::chrToInt($s[31]); |
|
| 1529 | - if (self::fe_isnegative($h->X) === ($i >> 7)) { |
|
| 1530 | - $h->X = self::fe_neg($h->X); |
|
| 1528 | + $i = self::chrToInt( $s[31] ); |
|
| 1529 | + if ( self::fe_isnegative( $h->X ) === ( $i >> 7 ) ) { |
|
| 1530 | + $h->X = self::fe_neg( $h->X ); |
|
| 1531 | 1531 | } |
| 1532 | 1532 | |
| 1533 | 1533 | # fe_mul(h->T,h->X,h->Y); |
| 1534 | - $h->T = self::fe_mul($h->X, $h->Y); |
|
| 1534 | + $h->T = self::fe_mul( $h->X, $h->Y ); |
|
| 1535 | 1535 | return $h; |
| 1536 | 1536 | } |
| 1537 | 1537 | |
@@ -1549,16 +1549,16 @@ discard block |
||
| 1549 | 1549 | ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $q |
| 1550 | 1550 | ) { |
| 1551 | 1551 | $r = clone $R; |
| 1552 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1553 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1554 | - $r->Z = self::fe_mul($r->X, $q->yplusx); |
|
| 1555 | - $r->Y = self::fe_mul($r->Y, $q->yminusx); |
|
| 1556 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1557 | - $t0 = self::fe_add(clone $p->Z, clone $p->Z); |
|
| 1558 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1559 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1560 | - $r->Z = self::fe_add($t0, $r->T); |
|
| 1561 | - $r->T = self::fe_sub($t0, $r->T); |
|
| 1552 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1553 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1554 | + $r->Z = self::fe_mul( $r->X, $q->yplusx ); |
|
| 1555 | + $r->Y = self::fe_mul( $r->Y, $q->yminusx ); |
|
| 1556 | + $r->T = self::fe_mul( $q->xy2d, $p->T ); |
|
| 1557 | + $t0 = self::fe_add( clone $p->Z, clone $p->Z ); |
|
| 1558 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1559 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1560 | + $r->Z = self::fe_add( $t0, $r->T ); |
|
| 1561 | + $r->T = self::fe_sub( $t0, $r->T ); |
|
| 1562 | 1562 | |
| 1563 | 1563 | return $r; |
| 1564 | 1564 | } |
@@ -1578,16 +1578,16 @@ discard block |
||
| 1578 | 1578 | ) { |
| 1579 | 1579 | $r = clone $R; |
| 1580 | 1580 | |
| 1581 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1582 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1583 | - $r->Z = self::fe_mul($r->X, $q->yminusx); |
|
| 1584 | - $r->Y = self::fe_mul($r->Y, $q->yplusx); |
|
| 1585 | - $r->T = self::fe_mul($q->xy2d, $p->T); |
|
| 1586 | - $t0 = self::fe_add($p->Z, $p->Z); |
|
| 1587 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1588 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1589 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1590 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1581 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1582 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1583 | + $r->Z = self::fe_mul( $r->X, $q->yminusx ); |
|
| 1584 | + $r->Y = self::fe_mul( $r->Y, $q->yplusx ); |
|
| 1585 | + $r->T = self::fe_mul( $q->xy2d, $p->T ); |
|
| 1586 | + $t0 = self::fe_add( $p->Z, $p->Z ); |
|
| 1587 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1588 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1589 | + $r->Z = self::fe_sub( $t0, $r->T ); |
|
| 1590 | + $r->T = self::fe_add( $t0, $r->T ); |
|
| 1591 | 1591 | |
| 1592 | 1592 | return $r; |
| 1593 | 1593 | } |
@@ -1598,12 +1598,12 @@ discard block |
||
| 1598 | 1598 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
| 1599 | 1599 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 1600 | 1600 | */ |
| 1601 | - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1601 | + public static function ge_p1p1_to_p2( ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p ) |
|
| 1602 | 1602 | { |
| 1603 | 1603 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P2(); |
| 1604 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1605 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1606 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1604 | + $r->X = self::fe_mul( $p->X, $p->T ); |
|
| 1605 | + $r->Y = self::fe_mul( $p->Y, $p->Z ); |
|
| 1606 | + $r->Z = self::fe_mul( $p->Z, $p->T ); |
|
| 1607 | 1607 | return $r; |
| 1608 | 1608 | } |
| 1609 | 1609 | |
@@ -1613,13 +1613,13 @@ discard block |
||
| 1613 | 1613 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
| 1614 | 1614 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 1615 | 1615 | */ |
| 1616 | - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1616 | + public static function ge_p1p1_to_p3( ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p ) |
|
| 1617 | 1617 | { |
| 1618 | 1618 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3(); |
| 1619 | - $r->X = self::fe_mul($p->X, $p->T); |
|
| 1620 | - $r->Y = self::fe_mul($p->Y, $p->Z); |
|
| 1621 | - $r->Z = self::fe_mul($p->Z, $p->T); |
|
| 1622 | - $r->T = self::fe_mul($p->X, $p->Y); |
|
| 1619 | + $r->X = self::fe_mul( $p->X, $p->T ); |
|
| 1620 | + $r->Y = self::fe_mul( $p->Y, $p->Z ); |
|
| 1621 | + $r->Z = self::fe_mul( $p->Z, $p->T ); |
|
| 1622 | + $r->T = self::fe_mul( $p->X, $p->Y ); |
|
| 1623 | 1623 | return $r; |
| 1624 | 1624 | } |
| 1625 | 1625 | |
@@ -1643,19 +1643,19 @@ discard block |
||
| 1643 | 1643 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p |
| 1644 | 1644 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 1645 | 1645 | */ |
| 1646 | - public static function ge_p2_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p) |
|
| 1646 | + public static function ge_p2_dbl( ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p ) |
|
| 1647 | 1647 | { |
| 1648 | 1648 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
| 1649 | 1649 | |
| 1650 | - $r->X = self::fe_sq($p->X); |
|
| 1651 | - $r->Z = self::fe_sq($p->Y); |
|
| 1652 | - $r->T = self::fe_sq2($p->Z); |
|
| 1653 | - $r->Y = self::fe_add($p->X, $p->Y); |
|
| 1654 | - $t0 = self::fe_sq($r->Y); |
|
| 1655 | - $r->Y = self::fe_add($r->Z, $r->X); |
|
| 1656 | - $r->Z = self::fe_sub($r->Z, $r->X); |
|
| 1657 | - $r->X = self::fe_sub($t0, $r->Y); |
|
| 1658 | - $r->T = self::fe_sub($r->T, $r->Z); |
|
| 1650 | + $r->X = self::fe_sq( $p->X ); |
|
| 1651 | + $r->Z = self::fe_sq( $p->Y ); |
|
| 1652 | + $r->T = self::fe_sq2( $p->Z ); |
|
| 1653 | + $r->Y = self::fe_add( $p->X, $p->Y ); |
|
| 1654 | + $t0 = self::fe_sq( $r->Y ); |
|
| 1655 | + $r->Y = self::fe_add( $r->Z, $r->X ); |
|
| 1656 | + $r->Z = self::fe_sub( $r->Z, $r->X ); |
|
| 1657 | + $r->X = self::fe_sub( $t0, $r->Y ); |
|
| 1658 | + $r->T = self::fe_sub( $r->T, $r->Z ); |
|
| 1659 | 1659 | |
| 1660 | 1660 | return $r; |
| 1661 | 1661 | } |
@@ -1681,30 +1681,30 @@ discard block |
||
| 1681 | 1681 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
| 1682 | 1682 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
| 1683 | 1683 | */ |
| 1684 | - public static function ge_p3_to_cached(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1684 | + public static function ge_p3_to_cached( ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p ) |
|
| 1685 | 1685 | { |
| 1686 | 1686 | static $d2 = null; |
| 1687 | - if ($d2 === null) { |
|
| 1687 | + if ( $d2 === null ) { |
|
| 1688 | 1688 | $d2 = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1689 | 1689 | array( |
| 1690 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[0]), |
|
| 1691 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[1]), |
|
| 1692 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[2]), |
|
| 1693 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[3]), |
|
| 1694 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[4]), |
|
| 1695 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[5]), |
|
| 1696 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[6]), |
|
| 1697 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[7]), |
|
| 1698 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[8]), |
|
| 1699 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$d2[9]) |
|
| 1690 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[0] ), |
|
| 1691 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[1] ), |
|
| 1692 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[2] ), |
|
| 1693 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[3] ), |
|
| 1694 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[4] ), |
|
| 1695 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[5] ), |
|
| 1696 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[6] ), |
|
| 1697 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[7] ), |
|
| 1698 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[8] ), |
|
| 1699 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$d2[9] ) |
|
| 1700 | 1700 | ) |
| 1701 | 1701 | ); |
| 1702 | 1702 | } |
| 1703 | 1703 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached(); |
| 1704 | - $r->YplusX = self::fe_add($p->Y, $p->X); |
|
| 1705 | - $r->YminusX = self::fe_sub($p->Y, $p->X); |
|
| 1706 | - $r->Z = self::fe_copy($p->Z); |
|
| 1707 | - $r->T2d = self::fe_mul($p->T, $d2); |
|
| 1704 | + $r->YplusX = self::fe_add( $p->Y, $p->X ); |
|
| 1705 | + $r->YminusX = self::fe_sub( $p->Y, $p->X ); |
|
| 1706 | + $r->Z = self::fe_copy( $p->Z ); |
|
| 1707 | + $r->T2d = self::fe_mul( $p->T, $d2 ); |
|
| 1708 | 1708 | return $r; |
| 1709 | 1709 | } |
| 1710 | 1710 | |
@@ -1714,7 +1714,7 @@ discard block |
||
| 1714 | 1714 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
| 1715 | 1715 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 1716 | 1716 | */ |
| 1717 | - public static function ge_p3_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1717 | + public static function ge_p3_to_p2( ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p ) |
|
| 1718 | 1718 | { |
| 1719 | 1719 | return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
| 1720 | 1720 | $p->X, |
@@ -1729,14 +1729,14 @@ discard block |
||
| 1729 | 1729 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h |
| 1730 | 1730 | * @return string |
| 1731 | 1731 | */ |
| 1732 | - public static function ge_p3_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h) |
|
| 1732 | + public static function ge_p3_tobytes( ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h ) |
|
| 1733 | 1733 | { |
| 1734 | - $recip = self::fe_invert($h->Z); |
|
| 1735 | - $x = self::fe_mul($h->X, $recip); |
|
| 1736 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1737 | - $s = self::fe_tobytes($y); |
|
| 1734 | + $recip = self::fe_invert( $h->Z ); |
|
| 1735 | + $x = self::fe_mul( $h->X, $recip ); |
|
| 1736 | + $y = self::fe_mul( $h->Y, $recip ); |
|
| 1737 | + $s = self::fe_tobytes( $y ); |
|
| 1738 | 1738 | $s[31] = self::intToChr( |
| 1739 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1739 | + self::chrToInt( $s[31] ) ^ ( self::fe_isnegative( $x ) << 7 ) |
|
| 1740 | 1740 | ); |
| 1741 | 1741 | return $s; |
| 1742 | 1742 | } |
@@ -1747,10 +1747,10 @@ discard block |
||
| 1747 | 1747 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
| 1748 | 1748 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 1749 | 1749 | */ |
| 1750 | - public static function ge_p3_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1750 | + public static function ge_p3_dbl( ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p ) |
|
| 1751 | 1751 | { |
| 1752 | - $q = self::ge_p3_to_p2($p); |
|
| 1753 | - return self::ge_p2_dbl($q); |
|
| 1752 | + $q = self::ge_p3_to_p2( $p ); |
|
| 1753 | + return self::ge_p2_dbl( $q ); |
|
| 1754 | 1754 | } |
| 1755 | 1755 | |
| 1756 | 1756 | /** |
@@ -1772,9 +1772,9 @@ discard block |
||
| 1772 | 1772 | * @param int $c |
| 1773 | 1773 | * @return int |
| 1774 | 1774 | */ |
| 1775 | - public static function equal($b, $c) |
|
| 1775 | + public static function equal( $b, $c ) |
|
| 1776 | 1776 | { |
| 1777 | - return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
|
| 1777 | + return ( ( $b ^ $c ) - 1 & 0xffffffff ) >> 31; |
|
| 1778 | 1778 | } |
| 1779 | 1779 | |
| 1780 | 1780 | /** |
@@ -1783,13 +1783,13 @@ discard block |
||
| 1783 | 1783 | * @param int $char |
| 1784 | 1784 | * @return int (1 = yes, 0 = no) |
| 1785 | 1785 | */ |
| 1786 | - public static function negative($char) |
|
| 1786 | + public static function negative( $char ) |
|
| 1787 | 1787 | { |
| 1788 | - if (is_int($char)) { |
|
| 1788 | + if ( is_int( $char ) ) { |
|
| 1789 | 1789 | return $char < 0 ? 1 : 0; |
| 1790 | 1790 | } |
| 1791 | - $x = self::chrToInt(self::substr($char, 0, 1)); |
|
| 1792 | - if (PHP_INT_SIZE === 8) { |
|
| 1791 | + $x = self::chrToInt( self::substr( $char, 0, 1 ) ); |
|
| 1792 | + if ( PHP_INT_SIZE === 8 ) { |
|
| 1793 | 1793 | return $x >> 63; |
| 1794 | 1794 | } |
| 1795 | 1795 | return $x >> 31; |
@@ -1810,13 +1810,13 @@ discard block |
||
| 1810 | 1810 | ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp $u, |
| 1811 | 1811 | $b |
| 1812 | 1812 | ) { |
| 1813 | - if (!is_int($b)) { |
|
| 1814 | - throw new InvalidArgumentException('Expected an integer.'); |
|
| 1813 | + if ( ! is_int( $b ) ) { |
|
| 1814 | + throw new InvalidArgumentException( 'Expected an integer.' ); |
|
| 1815 | 1815 | } |
| 1816 | 1816 | return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
| 1817 | - self::fe_cmov($t->yplusx, $u->yplusx, $b), |
|
| 1818 | - self::fe_cmov($t->yminusx, $u->yminusx, $b), |
|
| 1819 | - self::fe_cmov($t->xy2d, $u->xy2d, $b) |
|
| 1817 | + self::fe_cmov( $t->yplusx, $u->yplusx, $b ), |
|
| 1818 | + self::fe_cmov( $t->yminusx, $u->yminusx, $b ), |
|
| 1819 | + self::fe_cmov( $t->xy2d, $u->xy2d, $b ) |
|
| 1820 | 1820 | ); |
| 1821 | 1821 | } |
| 1822 | 1822 | |
@@ -1827,84 +1827,84 @@ discard block |
||
| 1827 | 1827 | * @param int $b |
| 1828 | 1828 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
| 1829 | 1829 | */ |
| 1830 | - public static function ge_select($pos = 0, $b = 0) |
|
| 1830 | + public static function ge_select( $pos = 0, $b = 0 ) |
|
| 1831 | 1831 | { |
| 1832 | 1832 | static $base = null; |
| 1833 | - if ($base === null) { |
|
| 1833 | + if ( $base === null ) { |
|
| 1834 | 1834 | $base = array(); |
| 1835 | - foreach (self::$base as $i => $bas) { |
|
| 1836 | - for ($j = 0; $j < 8; ++$j) { |
|
| 1835 | + foreach ( self::$base as $i => $bas ) { |
|
| 1836 | + for ( $j = 0; $j < 8; ++$j ) { |
|
| 1837 | 1837 | $base[$i][$j] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
| 1838 | 1838 | ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1839 | 1839 | array( |
| 1840 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][0]), |
|
| 1841 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][1]), |
|
| 1842 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][2]), |
|
| 1843 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][3]), |
|
| 1844 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][4]), |
|
| 1845 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][5]), |
|
| 1846 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][6]), |
|
| 1847 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][7]), |
|
| 1848 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][8]), |
|
| 1849 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][0][9]) |
|
| 1840 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][0] ), |
|
| 1841 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][1] ), |
|
| 1842 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][2] ), |
|
| 1843 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][3] ), |
|
| 1844 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][4] ), |
|
| 1845 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][5] ), |
|
| 1846 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][6] ), |
|
| 1847 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][7] ), |
|
| 1848 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][8] ), |
|
| 1849 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][0][9] ) |
|
| 1850 | 1850 | ) |
| 1851 | 1851 | ), |
| 1852 | 1852 | ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1853 | 1853 | array( |
| 1854 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][0]), |
|
| 1855 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][1]), |
|
| 1856 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][2]), |
|
| 1857 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][3]), |
|
| 1858 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][4]), |
|
| 1859 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][5]), |
|
| 1860 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][6]), |
|
| 1861 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][7]), |
|
| 1862 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][8]), |
|
| 1863 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][1][9]) |
|
| 1854 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][0] ), |
|
| 1855 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][1] ), |
|
| 1856 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][2] ), |
|
| 1857 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][3] ), |
|
| 1858 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][4] ), |
|
| 1859 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][5] ), |
|
| 1860 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][6] ), |
|
| 1861 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][7] ), |
|
| 1862 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][8] ), |
|
| 1863 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][1][9] ) |
|
| 1864 | 1864 | ) |
| 1865 | 1865 | ), |
| 1866 | 1866 | ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1867 | 1867 | array( |
| 1868 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][0]), |
|
| 1869 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][1]), |
|
| 1870 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][2]), |
|
| 1871 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][3]), |
|
| 1872 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][4]), |
|
| 1873 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][5]), |
|
| 1874 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][6]), |
|
| 1875 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][7]), |
|
| 1876 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][8]), |
|
| 1877 | - ParagonIE_Sodium_Core32_Int32::fromInt($bas[$j][2][9]) |
|
| 1868 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][0] ), |
|
| 1869 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][1] ), |
|
| 1870 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][2] ), |
|
| 1871 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][3] ), |
|
| 1872 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][4] ), |
|
| 1873 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][5] ), |
|
| 1874 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][6] ), |
|
| 1875 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][7] ), |
|
| 1876 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][8] ), |
|
| 1877 | + ParagonIE_Sodium_Core32_Int32::fromInt( $bas[$j][2][9] ) |
|
| 1878 | 1878 | ) |
| 1879 | 1879 | ) |
| 1880 | 1880 | ); |
| 1881 | 1881 | } |
| 1882 | 1882 | } |
| 1883 | 1883 | } |
| 1884 | - if (!is_int($pos)) { |
|
| 1885 | - throw new InvalidArgumentException('Position must be an integer'); |
|
| 1884 | + if ( ! is_int( $pos ) ) { |
|
| 1885 | + throw new InvalidArgumentException( 'Position must be an integer' ); |
|
| 1886 | 1886 | } |
| 1887 | - if ($pos < 0 || $pos > 31) { |
|
| 1888 | - throw new RangeException('Position is out of range [0, 31]'); |
|
| 1887 | + if ( $pos < 0 || $pos > 31 ) { |
|
| 1888 | + throw new RangeException( 'Position is out of range [0, 31]' ); |
|
| 1889 | 1889 | } |
| 1890 | 1890 | |
| 1891 | - $bnegative = self::negative($b); |
|
| 1892 | - $babs = $b - (((-$bnegative) & $b) << 1); |
|
| 1891 | + $bnegative = self::negative( $b ); |
|
| 1892 | + $babs = $b - ( ( (-$bnegative) & $b ) << 1 ); |
|
| 1893 | 1893 | |
| 1894 | 1894 | $t = self::ge_precomp_0(); |
| 1895 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1895 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 1896 | 1896 | $t = self::cmov( |
| 1897 | 1897 | $t, |
| 1898 | 1898 | $base[$pos][$i], |
| 1899 | - self::equal($babs, $i + 1) |
|
| 1899 | + self::equal( $babs, $i + 1 ) |
|
| 1900 | 1900 | ); |
| 1901 | 1901 | } |
| 1902 | 1902 | $minusT = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
| 1903 | - self::fe_copy($t->yminusx), |
|
| 1904 | - self::fe_copy($t->yplusx), |
|
| 1905 | - self::fe_neg($t->xy2d) |
|
| 1903 | + self::fe_copy( $t->yminusx ), |
|
| 1904 | + self::fe_copy( $t->yplusx ), |
|
| 1905 | + self::fe_neg( $t->xy2d ) |
|
| 1906 | 1906 | ); |
| 1907 | - return self::cmov($t, $minusT, -$bnegative); |
|
| 1907 | + return self::cmov( $t, $minusT, -$bnegative ); |
|
| 1908 | 1908 | } |
| 1909 | 1909 | |
| 1910 | 1910 | /** |
@@ -1924,17 +1924,17 @@ discard block |
||
| 1924 | 1924 | ) { |
| 1925 | 1925 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
| 1926 | 1926 | |
| 1927 | - $r->X = self::fe_add($p->Y, $p->X); |
|
| 1928 | - $r->Y = self::fe_sub($p->Y, $p->X); |
|
| 1929 | - $r->Z = self::fe_mul($r->X, $q->YminusX); |
|
| 1930 | - $r->Y = self::fe_mul($r->Y, $q->YplusX); |
|
| 1931 | - $r->T = self::fe_mul($q->T2d, $p->T); |
|
| 1932 | - $r->X = self::fe_mul($p->Z, $q->Z); |
|
| 1933 | - $t0 = self::fe_add($r->X, $r->X); |
|
| 1934 | - $r->X = self::fe_sub($r->Z, $r->Y); |
|
| 1935 | - $r->Y = self::fe_add($r->Z, $r->Y); |
|
| 1936 | - $r->Z = self::fe_sub($t0, $r->T); |
|
| 1937 | - $r->T = self::fe_add($t0, $r->T); |
|
| 1927 | + $r->X = self::fe_add( $p->Y, $p->X ); |
|
| 1928 | + $r->Y = self::fe_sub( $p->Y, $p->X ); |
|
| 1929 | + $r->Z = self::fe_mul( $r->X, $q->YminusX ); |
|
| 1930 | + $r->Y = self::fe_mul( $r->Y, $q->YplusX ); |
|
| 1931 | + $r->T = self::fe_mul( $q->T2d, $p->T ); |
|
| 1932 | + $r->X = self::fe_mul( $p->Z, $q->Z ); |
|
| 1933 | + $t0 = self::fe_add( $r->X, $r->X ); |
|
| 1934 | + $r->X = self::fe_sub( $r->Z, $r->Y ); |
|
| 1935 | + $r->Y = self::fe_add( $r->Z, $r->Y ); |
|
| 1936 | + $r->Z = self::fe_sub( $t0, $r->T ); |
|
| 1937 | + $r->T = self::fe_add( $t0, $r->T ); |
|
| 1938 | 1938 | |
| 1939 | 1939 | return $r; |
| 1940 | 1940 | } |
@@ -1945,14 +1945,14 @@ discard block |
||
| 1945 | 1945 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h |
| 1946 | 1946 | * @return string |
| 1947 | 1947 | */ |
| 1948 | - public static function ge_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h) |
|
| 1948 | + public static function ge_tobytes( ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h ) |
|
| 1949 | 1949 | { |
| 1950 | - $recip = self::fe_invert($h->Z); |
|
| 1951 | - $x = self::fe_mul($h->X, $recip); |
|
| 1952 | - $y = self::fe_mul($h->Y, $recip); |
|
| 1953 | - $s = self::fe_tobytes($y); |
|
| 1950 | + $recip = self::fe_invert( $h->Z ); |
|
| 1951 | + $x = self::fe_mul( $h->X, $recip ); |
|
| 1952 | + $y = self::fe_mul( $h->Y, $recip ); |
|
| 1953 | + $s = self::fe_tobytes( $y ); |
|
| 1954 | 1954 | $s[31] = self::intToChr( |
| 1955 | - self::chrToInt($s[31]) ^ (self::fe_isnegative($x) << 7) |
|
| 1955 | + self::chrToInt( $s[31] ) ^ ( self::fe_isnegative( $x ) << 7 ) |
|
| 1956 | 1956 | ); |
| 1957 | 1957 | return $s; |
| 1958 | 1958 | } |
@@ -1979,56 +1979,56 @@ discard block |
||
| 1979 | 1979 | * @var ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp[] |
| 1980 | 1980 | */ |
| 1981 | 1981 | static $Bi = array(); |
| 1982 | - if (!$Bi) { |
|
| 1983 | - for ($i = 0; $i < 8; ++$i) { |
|
| 1982 | + if ( ! $Bi ) { |
|
| 1983 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 1984 | 1984 | |
| 1985 | 1985 | $Bi[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
| 1986 | 1986 | ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1987 | 1987 | array( |
| 1988 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][0]), |
|
| 1989 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][1]), |
|
| 1990 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][2]), |
|
| 1991 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][3]), |
|
| 1992 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][4]), |
|
| 1993 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][5]), |
|
| 1994 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][6]), |
|
| 1995 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][7]), |
|
| 1996 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][8]), |
|
| 1997 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][0][9]) |
|
| 1988 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][0] ), |
|
| 1989 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][1] ), |
|
| 1990 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][2] ), |
|
| 1991 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][3] ), |
|
| 1992 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][4] ), |
|
| 1993 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][5] ), |
|
| 1994 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][6] ), |
|
| 1995 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][7] ), |
|
| 1996 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][8] ), |
|
| 1997 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][0][9] ) |
|
| 1998 | 1998 | ) |
| 1999 | 1999 | ), |
| 2000 | 2000 | ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 2001 | 2001 | array( |
| 2002 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][0]), |
|
| 2003 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][1]), |
|
| 2004 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][2]), |
|
| 2005 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][3]), |
|
| 2006 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][4]), |
|
| 2007 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][5]), |
|
| 2008 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][6]), |
|
| 2009 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][7]), |
|
| 2010 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][8]), |
|
| 2011 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][1][9]) |
|
| 2002 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][0] ), |
|
| 2003 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][1] ), |
|
| 2004 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][2] ), |
|
| 2005 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][3] ), |
|
| 2006 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][4] ), |
|
| 2007 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][5] ), |
|
| 2008 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][6] ), |
|
| 2009 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][7] ), |
|
| 2010 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][8] ), |
|
| 2011 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][1][9] ) |
|
| 2012 | 2012 | ) |
| 2013 | 2013 | ), |
| 2014 | 2014 | ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 2015 | 2015 | array( |
| 2016 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][0]), |
|
| 2017 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][1]), |
|
| 2018 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][2]), |
|
| 2019 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][3]), |
|
| 2020 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][4]), |
|
| 2021 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][5]), |
|
| 2022 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][6]), |
|
| 2023 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][7]), |
|
| 2024 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][8]), |
|
| 2025 | - ParagonIE_Sodium_Core32_Int32::fromInt(self::$base2[$i][2][9]) |
|
| 2016 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][0] ), |
|
| 2017 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][1] ), |
|
| 2018 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][2] ), |
|
| 2019 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][3] ), |
|
| 2020 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][4] ), |
|
| 2021 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][5] ), |
|
| 2022 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][6] ), |
|
| 2023 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][7] ), |
|
| 2024 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][8] ), |
|
| 2025 | + ParagonIE_Sodium_Core32_Int32::fromInt( self::$base2[$i][2][9] ) |
|
| 2026 | 2026 | ) |
| 2027 | 2027 | ) |
| 2028 | 2028 | ); |
| 2029 | 2029 | } |
| 2030 | 2030 | } |
| 2031 | - for ($i = 0; $i < 8; ++$i) { |
|
| 2031 | + for ( $i = 0; $i < 8; ++$i ) { |
|
| 2032 | 2032 | $Ai[$i] = new ParagonIE_Sodium_Core32_Curve25519_Ge_Cached( |
| 2033 | 2033 | self::fe_0(), |
| 2034 | 2034 | self::fe_0(), |
@@ -2039,14 +2039,14 @@ discard block |
||
| 2039 | 2039 | |
| 2040 | 2040 | # slide(aslide,a); |
| 2041 | 2041 | # slide(bslide,b); |
| 2042 | - $aslide = self::slide($a); |
|
| 2043 | - $bslide = self::slide($b); |
|
| 2042 | + $aslide = self::slide( $a ); |
|
| 2043 | + $bslide = self::slide( $b ); |
|
| 2044 | 2044 | |
| 2045 | 2045 | # ge_p3_to_cached(&Ai[0],A); |
| 2046 | 2046 | # ge_p3_dbl(&t,A); ge_p1p1_to_p3(&A2,&t); |
| 2047 | - $Ai[0] = self::ge_p3_to_cached($A); |
|
| 2048 | - $t = self::ge_p3_dbl($A); |
|
| 2049 | - $A2 = self::ge_p1p1_to_p3($t); |
|
| 2047 | + $Ai[0] = self::ge_p3_to_cached( $A ); |
|
| 2048 | + $t = self::ge_p3_dbl( $A ); |
|
| 2049 | + $A2 = self::ge_p1p1_to_p3( $t ); |
|
| 2050 | 2050 | |
| 2051 | 2051 | # ge_add(&t,&A2,&Ai[0]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[1],&u); |
| 2052 | 2052 | # ge_add(&t,&A2,&Ai[1]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[2],&u); |
@@ -2055,10 +2055,10 @@ discard block |
||
| 2055 | 2055 | # ge_add(&t,&A2,&Ai[4]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[5],&u); |
| 2056 | 2056 | # ge_add(&t,&A2,&Ai[5]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[6],&u); |
| 2057 | 2057 | # ge_add(&t,&A2,&Ai[6]); ge_p1p1_to_p3(&u,&t); ge_p3_to_cached(&Ai[7],&u); |
| 2058 | - for ($i = 0; $i < 7; ++$i) { |
|
| 2059 | - $t = self::ge_add($A2, $Ai[$i]); |
|
| 2060 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2061 | - $Ai[$i + 1] = self::ge_p3_to_cached($u); |
|
| 2058 | + for ( $i = 0; $i < 7; ++$i ) { |
|
| 2059 | + $t = self::ge_add( $A2, $Ai[$i] ); |
|
| 2060 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 2061 | + $Ai[$i + 1] = self::ge_p3_to_cached( $u ); |
|
| 2062 | 2062 | } |
| 2063 | 2063 | |
| 2064 | 2064 | # ge_p2_0(r); |
@@ -2068,31 +2068,31 @@ discard block |
||
| 2068 | 2068 | # if (aslide[i] || bslide[i]) break; |
| 2069 | 2069 | # } |
| 2070 | 2070 | $i = 255; |
| 2071 | - for (; $i >= 0; --$i) { |
|
| 2072 | - if ($aslide[$i] || $bslide[$i]) { |
|
| 2071 | + for ( ; $i >= 0; --$i ) { |
|
| 2072 | + if ( $aslide[$i] || $bslide[$i] ) { |
|
| 2073 | 2073 | break; |
| 2074 | 2074 | } |
| 2075 | 2075 | } |
| 2076 | 2076 | |
| 2077 | 2077 | # for (;i >= 0;--i) { |
| 2078 | - for (; $i >= 0; --$i) { |
|
| 2078 | + for ( ; $i >= 0; --$i ) { |
|
| 2079 | 2079 | # ge_p2_dbl(&t,r); |
| 2080 | - $t = self::ge_p2_dbl($r); |
|
| 2080 | + $t = self::ge_p2_dbl( $r ); |
|
| 2081 | 2081 | |
| 2082 | 2082 | # if (aslide[i] > 0) { |
| 2083 | - if ($aslide[$i] > 0) { |
|
| 2083 | + if ( $aslide[$i] > 0 ) { |
|
| 2084 | 2084 | # ge_p1p1_to_p3(&u,&t); |
| 2085 | 2085 | # ge_add(&t,&u,&Ai[aslide[i]/2]); |
| 2086 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2086 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 2087 | 2087 | $t = self::ge_add( |
| 2088 | 2088 | $u, |
| 2089 | - $Ai[(int) floor($aslide[$i] / 2)] |
|
| 2089 | + $Ai[(int) floor( $aslide[$i] / 2 )] |
|
| 2090 | 2090 | ); |
| 2091 | 2091 | # } else if (aslide[i] < 0) { |
| 2092 | - } elseif ($aslide[$i] < 0) { |
|
| 2092 | + } elseif ( $aslide[$i] < 0 ) { |
|
| 2093 | 2093 | # ge_p1p1_to_p3(&u,&t); |
| 2094 | 2094 | # ge_sub(&t,&u,&Ai[(-aslide[i])/2]); |
| 2095 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2095 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 2096 | 2096 | $t = self::ge_sub( |
| 2097 | 2097 | $u, |
| 2098 | 2098 | $Ai[(int) floor(-$aslide[$i] / 2)] |
@@ -2100,20 +2100,20 @@ discard block |
||
| 2100 | 2100 | } |
| 2101 | 2101 | |
| 2102 | 2102 | # if (bslide[i] > 0) { |
| 2103 | - if ($bslide[$i] > 0) { |
|
| 2103 | + if ( $bslide[$i] > 0 ) { |
|
| 2104 | 2104 | # ge_p1p1_to_p3(&u,&t); |
| 2105 | 2105 | # ge_madd(&t,&u,&Bi[bslide[i]/2]); |
| 2106 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2106 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 2107 | 2107 | $t = self::ge_madd( |
| 2108 | 2108 | $t, |
| 2109 | 2109 | $u, |
| 2110 | - $Bi[(int) floor($bslide[$i] / 2)] |
|
| 2110 | + $Bi[(int) floor( $bslide[$i] / 2 )] |
|
| 2111 | 2111 | ); |
| 2112 | 2112 | # } else if (bslide[i] < 0) { |
| 2113 | - } elseif ($bslide[$i] < 0) { |
|
| 2113 | + } elseif ( $bslide[$i] < 0 ) { |
|
| 2114 | 2114 | # ge_p1p1_to_p3(&u,&t); |
| 2115 | 2115 | # ge_msub(&t,&u,&Bi[(-bslide[i])/2]); |
| 2116 | - $u = self::ge_p1p1_to_p3($t); |
|
| 2116 | + $u = self::ge_p1p1_to_p3( $t ); |
|
| 2117 | 2117 | $t = self::ge_msub( |
| 2118 | 2118 | $t, |
| 2119 | 2119 | $u, |
@@ -2121,7 +2121,7 @@ discard block |
||
| 2121 | 2121 | ); |
| 2122 | 2122 | } |
| 2123 | 2123 | # ge_p1p1_to_p2(r,&t); |
| 2124 | - $r = self::ge_p1p1_to_p2($t); |
|
| 2124 | + $r = self::ge_p1p1_to_p2( $t ); |
|
| 2125 | 2125 | } |
| 2126 | 2126 | return $r; |
| 2127 | 2127 | } |
@@ -2132,18 +2132,18 @@ discard block |
||
| 2132 | 2132 | * @param string $a |
| 2133 | 2133 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 2134 | 2134 | */ |
| 2135 | - public static function ge_scalarmult_base($a) |
|
| 2135 | + public static function ge_scalarmult_base( $a ) |
|
| 2136 | 2136 | { |
| 2137 | 2137 | $e = array(); |
| 2138 | 2138 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
| 2139 | 2139 | |
| 2140 | - for ($i = 0; $i < 32; ++$i) { |
|
| 2141 | - $e[$i << 1] = self::chrToInt($a[$i]) & 15; |
|
| 2142 | - $e[($i << 1) + 1] = (self::chrToInt($a[$i]) >> 4) & 15; |
|
| 2140 | + for ( $i = 0; $i < 32; ++$i ) { |
|
| 2141 | + $e[$i << 1] = self::chrToInt( $a[$i] ) & 15; |
|
| 2142 | + $e[( $i << 1 ) + 1] = ( self::chrToInt( $a[$i] ) >> 4 ) & 15; |
|
| 2143 | 2143 | } |
| 2144 | 2144 | |
| 2145 | 2145 | $carry = 0; |
| 2146 | - for ($i = 0; $i < 63; ++$i) { |
|
| 2146 | + for ( $i = 0; $i < 63; ++$i ) { |
|
| 2147 | 2147 | $e[$i] += $carry; |
| 2148 | 2148 | $carry = $e[$i] + 8; |
| 2149 | 2149 | $carry >>= 4; |
@@ -2153,27 +2153,27 @@ discard block |
||
| 2153 | 2153 | |
| 2154 | 2154 | $h = self::ge_p3_0(); |
| 2155 | 2155 | |
| 2156 | - for ($i = 1; $i < 64; $i += 2) { |
|
| 2157 | - $t = self::ge_select((int) floor($i / 2), $e[$i]); |
|
| 2158 | - $r = self::ge_madd($r, $h, $t); |
|
| 2159 | - $h = self::ge_p1p1_to_p3($r); |
|
| 2156 | + for ( $i = 1; $i < 64; $i += 2 ) { |
|
| 2157 | + $t = self::ge_select( (int) floor( $i / 2 ), $e[$i] ); |
|
| 2158 | + $r = self::ge_madd( $r, $h, $t ); |
|
| 2159 | + $h = self::ge_p1p1_to_p3( $r ); |
|
| 2160 | 2160 | } |
| 2161 | 2161 | |
| 2162 | - $r = self::ge_p3_dbl($h); |
|
| 2162 | + $r = self::ge_p3_dbl( $h ); |
|
| 2163 | 2163 | |
| 2164 | - $s = self::ge_p1p1_to_p2($r); |
|
| 2165 | - $r = self::ge_p2_dbl($s); |
|
| 2166 | - $s = self::ge_p1p1_to_p2($r); |
|
| 2167 | - $r = self::ge_p2_dbl($s); |
|
| 2168 | - $s = self::ge_p1p1_to_p2($r); |
|
| 2169 | - $r = self::ge_p2_dbl($s); |
|
| 2164 | + $s = self::ge_p1p1_to_p2( $r ); |
|
| 2165 | + $r = self::ge_p2_dbl( $s ); |
|
| 2166 | + $s = self::ge_p1p1_to_p2( $r ); |
|
| 2167 | + $r = self::ge_p2_dbl( $s ); |
|
| 2168 | + $s = self::ge_p1p1_to_p2( $r ); |
|
| 2169 | + $r = self::ge_p2_dbl( $s ); |
|
| 2170 | 2170 | |
| 2171 | - $h = self::ge_p1p1_to_p3($r); |
|
| 2171 | + $h = self::ge_p1p1_to_p3( $r ); |
|
| 2172 | 2172 | |
| 2173 | - for ($i = 0; $i < 64; $i += 2) { |
|
| 2174 | - $t = self::ge_select($i >> 1, $e[$i]); |
|
| 2175 | - $r = self::ge_madd($r, $h, $t); |
|
| 2176 | - $h = self::ge_p1p1_to_p3($r); |
|
| 2173 | + for ( $i = 0; $i < 64; $i += 2 ) { |
|
| 2174 | + $t = self::ge_select( $i >> 1, $e[$i] ); |
|
| 2175 | + $r = self::ge_madd( $r, $h, $t ); |
|
| 2176 | + $h = self::ge_p1p1_to_p3( $r ); |
|
| 2177 | 2177 | } |
| 2178 | 2178 | return $h; |
| 2179 | 2179 | } |
@@ -2189,44 +2189,44 @@ discard block |
||
| 2189 | 2189 | * @param string $c |
| 2190 | 2190 | * @return string |
| 2191 | 2191 | */ |
| 2192 | - public static function sc_muladd($a, $b, $c) |
|
| 2192 | + public static function sc_muladd( $a, $b, $c ) |
|
| 2193 | 2193 | { |
| 2194 | - $a0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 0, 3)))->toInt64(); |
|
| 2195 | - $a1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5))->toInt64(); |
|
| 2196 | - $a2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2))->toInt64(); |
|
| 2197 | - $a3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 7, 4)) >> 7))->toInt64(); |
|
| 2198 | - $a4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 10, 4)) >> 4))->toInt64(); |
|
| 2199 | - $a5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 13, 3)) >> 1))->toInt64(); |
|
| 2200 | - $a6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 15, 4)) >> 6))->toInt64(); |
|
| 2201 | - $a7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 18, 3)) >> 3))->toInt64(); |
|
| 2202 | - $a8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 21, 3)))->toInt64(); |
|
| 2203 | - $a9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 23, 4)) >> 5))->toInt64(); |
|
| 2204 | - $a10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 26, 3)) >> 2))->toInt64(); |
|
| 2205 | - $a11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($a, 28, 4)) >> 7))->toInt64(); |
|
| 2206 | - $b0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($b, 0, 3)))->toInt64(); |
|
| 2207 | - $b1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 2, 4)) >> 5))->toInt64(); |
|
| 2208 | - $b2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 5, 3)) >> 2))->toInt64(); |
|
| 2209 | - $b3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 7, 4)) >> 7))->toInt64(); |
|
| 2210 | - $b4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 10, 4)) >> 4))->toInt64(); |
|
| 2211 | - $b5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 13, 3)) >> 1))->toInt64(); |
|
| 2212 | - $b6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 15, 4)) >> 6))->toInt64(); |
|
| 2213 | - $b7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 18, 3)) >> 3))->toInt64(); |
|
| 2214 | - $b8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($b, 21, 3)))->toInt64(); |
|
| 2215 | - $b9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($b, 23, 4)) >> 5))->toInt64(); |
|
| 2216 | - $b10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($b, 26, 3)) >> 2))->toInt64(); |
|
| 2217 | - $b11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($b, 28, 4)) >> 7))->toInt64(); |
|
| 2218 | - $c0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($c, 0, 3)))->toInt64(); |
|
| 2219 | - $c1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 2, 4)) >> 5))->toInt64(); |
|
| 2220 | - $c2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 5, 3)) >> 2))->toInt64(); |
|
| 2221 | - $c3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 7, 4)) >> 7))->toInt64(); |
|
| 2222 | - $c4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 10, 4)) >> 4))->toInt64(); |
|
| 2223 | - $c5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 13, 3)) >> 1))->toInt64(); |
|
| 2224 | - $c6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 15, 4)) >> 6))->toInt64(); |
|
| 2225 | - $c7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 18, 3)) >> 3))->toInt64(); |
|
| 2226 | - $c8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($c, 21, 3)))->toInt64(); |
|
| 2227 | - $c9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($c, 23, 4)) >> 5))->toInt64(); |
|
| 2228 | - $c10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($c, 26, 3)) >> 2))->toInt64(); |
|
| 2229 | - $c11 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($c, 28, 4)) >> 7))->toInt64(); |
|
| 2194 | + $a0 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $a, 0, 3 ) ) )->toInt64(); |
|
| 2195 | + $a1 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $a, 2, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2196 | + $a2 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $a, 5, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2197 | + $a3 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $a, 7, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2198 | + $a4 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $a, 10, 4 ) ) >> 4 ) )->toInt64(); |
|
| 2199 | + $a5 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $a, 13, 3 ) ) >> 1 ) )->toInt64(); |
|
| 2200 | + $a6 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $a, 15, 4 ) ) >> 6 ) )->toInt64(); |
|
| 2201 | + $a7 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $a, 18, 3 ) ) >> 3 ) )->toInt64(); |
|
| 2202 | + $a8 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $a, 21, 3 ) ) )->toInt64(); |
|
| 2203 | + $a9 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $a, 23, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2204 | + $a10 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $a, 26, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2205 | + $a11 = ParagonIE_Sodium_Core32_Int32::fromInt( 0x1fffffff & ( self::load_4( self::substr( $a, 28, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2206 | + $b0 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $b, 0, 3 ) ) )->toInt64(); |
|
| 2207 | + $b1 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $b, 2, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2208 | + $b2 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $b, 5, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2209 | + $b3 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $b, 7, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2210 | + $b4 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $b, 10, 4 ) ) >> 4 ) )->toInt64(); |
|
| 2211 | + $b5 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $b, 13, 3 ) ) >> 1 ) )->toInt64(); |
|
| 2212 | + $b6 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $b, 15, 4 ) ) >> 6 ) )->toInt64(); |
|
| 2213 | + $b7 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $b, 18, 3 ) ) >> 3 ) )->toInt64(); |
|
| 2214 | + $b8 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $b, 21, 3 ) ) )->toInt64(); |
|
| 2215 | + $b9 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $b, 23, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2216 | + $b10 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $b, 26, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2217 | + $b11 = ParagonIE_Sodium_Core32_Int32::fromInt( 0x1fffffff & ( self::load_4( self::substr( $b, 28, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2218 | + $c0 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $c, 0, 3 ) ) )->toInt64(); |
|
| 2219 | + $c1 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $c, 2, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2220 | + $c2 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $c, 5, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2221 | + $c3 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $c, 7, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2222 | + $c4 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $c, 10, 4 ) ) >> 4 ) )->toInt64(); |
|
| 2223 | + $c5 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $c, 13, 3 ) ) >> 1 ) )->toInt64(); |
|
| 2224 | + $c6 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $c, 15, 4 ) ) >> 6 ) )->toInt64(); |
|
| 2225 | + $c7 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $c, 18, 3 ) ) >> 3 ) )->toInt64(); |
|
| 2226 | + $c8 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $c, 21, 3 ) ) )->toInt64(); |
|
| 2227 | + $c9 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $c, 23, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2228 | + $c10 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $c, 26, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2229 | + $c11 = ParagonIE_Sodium_Core32_Int32::fromInt( 0x1fffffff & ( self::load_4( self::substr( $c, 28, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2230 | 2230 | |
| 2231 | 2231 | /* Can't really avoid the pyramid here: */ |
| 2232 | 2232 | /** |
@@ -2256,367 +2256,367 @@ discard block |
||
| 2256 | 2256 | * @var ParagonIE_Sodium_Core32_Int64 $s23 |
| 2257 | 2257 | */ |
| 2258 | 2258 | |
| 2259 | - $s0 = $c0->addInt64($a0->mulInt64($b0)); |
|
| 2260 | - $s1 = $c1->addInt64($a0->mulInt64($b1))->addInt64($a1->mulInt64($b0)); |
|
| 2261 | - $s2 = $c2->addInt64($a0->mulInt64($b2))->addInt64($a1->mulInt64($b1))->addInt64($a2->mulInt64($b0)); |
|
| 2262 | - $s3 = $c3->addInt64($a0->mulInt64($b3))->addInt64($a1->mulInt64($b2))->addInt64($a2->mulInt64($b1))->addInt64($a3->mulInt64($b0)); |
|
| 2263 | - $s4 = $c4->addInt64($a0->mulInt64($b4))->addInt64($a1->mulInt64($b3))->addInt64($a2->mulInt64($b2))->addInt64($a3->mulInt64($b1))->addInt64($a4->mulInt64($b0)); |
|
| 2264 | - $s5 = $c5->addInt64($a0->mulInt64($b5))->addInt64($a1->mulInt64($b4))->addInt64($a2->mulInt64($b3))->addInt64($a3->mulInt64($b2))->addInt64($a4->mulInt64($b1))->addInt64($a5->mulInt64($b0)); |
|
| 2265 | - $s6 = $c6->addInt64($a0->mulInt64($b6))->addInt64($a1->mulInt64($b5))->addInt64($a2->mulInt64($b4))->addInt64($a3->mulInt64($b3))->addInt64($a4->mulInt64($b2))->addInt64($a5->mulInt64($b1)) |
|
| 2266 | - ->addInt64($a6->mulInt64($b0)); |
|
| 2267 | - $s7 = $c7->addInt64($a0->mulInt64($b7))->addInt64($a1->mulInt64($b6))->addInt64($a2->mulInt64($b5))->addInt64($a3->mulInt64($b4))->addInt64($a4->mulInt64($b3))->addInt64($a5->mulInt64($b2)) |
|
| 2268 | - ->addInt64($a6->mulInt64($b1))->addInt64($a7->mulInt64($b0)); |
|
| 2269 | - $s8 = $c8->addInt64($a0->mulInt64($b8))->addInt64($a1->mulInt64($b7))->addInt64($a2->mulInt64($b6))->addInt64($a3->mulInt64($b5))->addInt64($a4->mulInt64($b4))->addInt64($a5->mulInt64($b3)) |
|
| 2270 | - ->addInt64($a6->mulInt64($b2))->addInt64($a7->mulInt64($b1))->addInt64($a8->mulInt64($b0)); |
|
| 2271 | - $s9 = $c9->addInt64($a0->mulInt64($b9))->addInt64($a1->mulInt64($b8))->addInt64($a2->mulInt64($b7))->addInt64($a3->mulInt64($b6))->addInt64($a4->mulInt64($b5))->addInt64($a5->mulInt64($b4)) |
|
| 2272 | - ->addInt64($a6->mulInt64($b3))->addInt64($a7->mulInt64($b2))->addInt64($a8->mulInt64($b1))->addInt64($a9->mulInt64($b0)); |
|
| 2273 | - $s10 = $c10->addInt64($a0->mulInt64($b10))->addInt64($a1->mulInt64($b9))->addInt64($a2->mulInt64($b8))->addInt64($a3->mulInt64($b7))->addInt64($a4->mulInt64($b6))->addInt64($a5->mulInt64($b5)) |
|
| 2274 | - ->addInt64($a6->mulInt64($b4))->addInt64($a7->mulInt64($b3))->addInt64($a8->mulInt64($b2))->addInt64($a9->mulInt64($b1))->addInt64($a10->mulInt64($b0)); |
|
| 2275 | - $s11 = $c11->addInt64($a0->mulInt64($b11))->addInt64($a1->mulInt64($b10))->addInt64($a2->mulInt64($b9))->addInt64($a3->mulInt64($b8))->addInt64($a4->mulInt64($b7))->addInt64($a5->mulInt64($b6)) |
|
| 2276 | - ->addInt64($a6->mulInt64($b5))->addInt64($a7->mulInt64($b4))->addInt64($a8->mulInt64($b3))->addInt64($a9->mulInt64($b2))->addInt64($a10->mulInt64($b1))->addInt64($a11->mulInt64($b0)); |
|
| 2277 | - $s12 = $a1->mulInt64($b11)->addInt64($a2->mulInt64($b10))->addInt64($a3->mulInt64($b9))->addInt64($a4->mulInt64($b8))->addInt64($a5->mulInt64($b7))->addInt64($a6->mulInt64($b6)) |
|
| 2278 | - ->addInt64($a7->mulInt64($b5))->addInt64($a8->mulInt64($b4))->addInt64($a9->mulInt64($b3))->addInt64($a10->mulInt64($b2))->addInt64($a11->mulInt64($b1)); |
|
| 2279 | - $s13 = $a2->mulInt64($b11)->addInt64($a3->mulInt64($b10))->addInt64($a4->mulInt64($b9))->addInt64($a5->mulInt64($b8))->addInt64($a6->mulInt64($b7))->addInt64($a7->mulInt64($b6)) |
|
| 2280 | - ->addInt64($a8->mulInt64($b5))->addInt64($a9->mulInt64($b4))->addInt64($a10->mulInt64($b3))->addInt64($a11->mulInt64($b2)); |
|
| 2281 | - $s14 = $a3->mulInt64($b11)->addInt64($a4->mulInt64($b10))->addInt64($a5->mulInt64($b9))->addInt64($a6->mulInt64($b8))->addInt64($a7->mulInt64($b7))->addInt64($a8->mulInt64($b6)) |
|
| 2282 | - ->addInt64($a9->mulInt64($b5))->addInt64($a10->mulInt64($b4))->addInt64($a11->mulInt64($b3)); |
|
| 2283 | - $s15 = $a4->mulInt64($b11)->addInt64($a5->mulInt64($b10))->addInt64($a6->mulInt64($b9))->addInt64($a7->mulInt64($b8))->addInt64($a8->mulInt64($b7))->addInt64($a9->mulInt64($b6)) |
|
| 2284 | - ->addInt64($a10->mulInt64($b5))->addInt64($a11->mulInt64($b4)); |
|
| 2285 | - $s16 = $a5->mulInt64($b11)->addInt64($a6->mulInt64($b10))->addInt64($a7->mulInt64($b9))->addInt64($a8->mulInt64($b8))->addInt64($a9->mulInt64($b7))->addInt64($a10->mulInt64($b6)) |
|
| 2286 | - ->addInt64($a11->mulInt64($b5)); |
|
| 2287 | - $s17 = $a6->mulInt64($b11)->addInt64($a7->mulInt64($b10))->addInt64($a8->mulInt64($b9))->addInt64($a9->mulInt64($b8))->addInt64($a10->mulInt64($b7))->addInt64($a11->mulInt64($b6)); |
|
| 2288 | - $s18 = $a7->mulInt64($b11)->addInt64($a8->mulInt64($b10))->addInt64($a9->mulInt64($b9))->addInt64($a10->mulInt64($b8))->addInt64($a11->mulInt64($b7)); |
|
| 2289 | - $s19 = $a8->mulInt64($b11)->addInt64($a9->mulInt64($b10))->addInt64($a10->mulInt64($b9))->addInt64($a11->mulInt64($b8)); |
|
| 2290 | - $s20 = $a9->mulInt64($b11)->addInt64($a10->mulInt64($b10))->addInt64($a11->mulInt64($b9)); |
|
| 2291 | - $s21 = $a10->mulInt64($b11)->addInt64($a11->mulInt64($b10)); |
|
| 2292 | - $s22 = $a11->mulInt64($b11); |
|
| 2259 | + $s0 = $c0->addInt64( $a0->mulInt64( $b0 ) ); |
|
| 2260 | + $s1 = $c1->addInt64( $a0->mulInt64( $b1 ) )->addInt64( $a1->mulInt64( $b0 ) ); |
|
| 2261 | + $s2 = $c2->addInt64( $a0->mulInt64( $b2 ) )->addInt64( $a1->mulInt64( $b1 ) )->addInt64( $a2->mulInt64( $b0 ) ); |
|
| 2262 | + $s3 = $c3->addInt64( $a0->mulInt64( $b3 ) )->addInt64( $a1->mulInt64( $b2 ) )->addInt64( $a2->mulInt64( $b1 ) )->addInt64( $a3->mulInt64( $b0 ) ); |
|
| 2263 | + $s4 = $c4->addInt64( $a0->mulInt64( $b4 ) )->addInt64( $a1->mulInt64( $b3 ) )->addInt64( $a2->mulInt64( $b2 ) )->addInt64( $a3->mulInt64( $b1 ) )->addInt64( $a4->mulInt64( $b0 ) ); |
|
| 2264 | + $s5 = $c5->addInt64( $a0->mulInt64( $b5 ) )->addInt64( $a1->mulInt64( $b4 ) )->addInt64( $a2->mulInt64( $b3 ) )->addInt64( $a3->mulInt64( $b2 ) )->addInt64( $a4->mulInt64( $b1 ) )->addInt64( $a5->mulInt64( $b0 ) ); |
|
| 2265 | + $s6 = $c6->addInt64( $a0->mulInt64( $b6 ) )->addInt64( $a1->mulInt64( $b5 ) )->addInt64( $a2->mulInt64( $b4 ) )->addInt64( $a3->mulInt64( $b3 ) )->addInt64( $a4->mulInt64( $b2 ) )->addInt64( $a5->mulInt64( $b1 ) ) |
|
| 2266 | + ->addInt64( $a6->mulInt64( $b0 ) ); |
|
| 2267 | + $s7 = $c7->addInt64( $a0->mulInt64( $b7 ) )->addInt64( $a1->mulInt64( $b6 ) )->addInt64( $a2->mulInt64( $b5 ) )->addInt64( $a3->mulInt64( $b4 ) )->addInt64( $a4->mulInt64( $b3 ) )->addInt64( $a5->mulInt64( $b2 ) ) |
|
| 2268 | + ->addInt64( $a6->mulInt64( $b1 ) )->addInt64( $a7->mulInt64( $b0 ) ); |
|
| 2269 | + $s8 = $c8->addInt64( $a0->mulInt64( $b8 ) )->addInt64( $a1->mulInt64( $b7 ) )->addInt64( $a2->mulInt64( $b6 ) )->addInt64( $a3->mulInt64( $b5 ) )->addInt64( $a4->mulInt64( $b4 ) )->addInt64( $a5->mulInt64( $b3 ) ) |
|
| 2270 | + ->addInt64( $a6->mulInt64( $b2 ) )->addInt64( $a7->mulInt64( $b1 ) )->addInt64( $a8->mulInt64( $b0 ) ); |
|
| 2271 | + $s9 = $c9->addInt64( $a0->mulInt64( $b9 ) )->addInt64( $a1->mulInt64( $b8 ) )->addInt64( $a2->mulInt64( $b7 ) )->addInt64( $a3->mulInt64( $b6 ) )->addInt64( $a4->mulInt64( $b5 ) )->addInt64( $a5->mulInt64( $b4 ) ) |
|
| 2272 | + ->addInt64( $a6->mulInt64( $b3 ) )->addInt64( $a7->mulInt64( $b2 ) )->addInt64( $a8->mulInt64( $b1 ) )->addInt64( $a9->mulInt64( $b0 ) ); |
|
| 2273 | + $s10 = $c10->addInt64( $a0->mulInt64( $b10 ) )->addInt64( $a1->mulInt64( $b9 ) )->addInt64( $a2->mulInt64( $b8 ) )->addInt64( $a3->mulInt64( $b7 ) )->addInt64( $a4->mulInt64( $b6 ) )->addInt64( $a5->mulInt64( $b5 ) ) |
|
| 2274 | + ->addInt64( $a6->mulInt64( $b4 ) )->addInt64( $a7->mulInt64( $b3 ) )->addInt64( $a8->mulInt64( $b2 ) )->addInt64( $a9->mulInt64( $b1 ) )->addInt64( $a10->mulInt64( $b0 ) ); |
|
| 2275 | + $s11 = $c11->addInt64( $a0->mulInt64( $b11 ) )->addInt64( $a1->mulInt64( $b10 ) )->addInt64( $a2->mulInt64( $b9 ) )->addInt64( $a3->mulInt64( $b8 ) )->addInt64( $a4->mulInt64( $b7 ) )->addInt64( $a5->mulInt64( $b6 ) ) |
|
| 2276 | + ->addInt64( $a6->mulInt64( $b5 ) )->addInt64( $a7->mulInt64( $b4 ) )->addInt64( $a8->mulInt64( $b3 ) )->addInt64( $a9->mulInt64( $b2 ) )->addInt64( $a10->mulInt64( $b1 ) )->addInt64( $a11->mulInt64( $b0 ) ); |
|
| 2277 | + $s12 = $a1->mulInt64( $b11 )->addInt64( $a2->mulInt64( $b10 ) )->addInt64( $a3->mulInt64( $b9 ) )->addInt64( $a4->mulInt64( $b8 ) )->addInt64( $a5->mulInt64( $b7 ) )->addInt64( $a6->mulInt64( $b6 ) ) |
|
| 2278 | + ->addInt64( $a7->mulInt64( $b5 ) )->addInt64( $a8->mulInt64( $b4 ) )->addInt64( $a9->mulInt64( $b3 ) )->addInt64( $a10->mulInt64( $b2 ) )->addInt64( $a11->mulInt64( $b1 ) ); |
|
| 2279 | + $s13 = $a2->mulInt64( $b11 )->addInt64( $a3->mulInt64( $b10 ) )->addInt64( $a4->mulInt64( $b9 ) )->addInt64( $a5->mulInt64( $b8 ) )->addInt64( $a6->mulInt64( $b7 ) )->addInt64( $a7->mulInt64( $b6 ) ) |
|
| 2280 | + ->addInt64( $a8->mulInt64( $b5 ) )->addInt64( $a9->mulInt64( $b4 ) )->addInt64( $a10->mulInt64( $b3 ) )->addInt64( $a11->mulInt64( $b2 ) ); |
|
| 2281 | + $s14 = $a3->mulInt64( $b11 )->addInt64( $a4->mulInt64( $b10 ) )->addInt64( $a5->mulInt64( $b9 ) )->addInt64( $a6->mulInt64( $b8 ) )->addInt64( $a7->mulInt64( $b7 ) )->addInt64( $a8->mulInt64( $b6 ) ) |
|
| 2282 | + ->addInt64( $a9->mulInt64( $b5 ) )->addInt64( $a10->mulInt64( $b4 ) )->addInt64( $a11->mulInt64( $b3 ) ); |
|
| 2283 | + $s15 = $a4->mulInt64( $b11 )->addInt64( $a5->mulInt64( $b10 ) )->addInt64( $a6->mulInt64( $b9 ) )->addInt64( $a7->mulInt64( $b8 ) )->addInt64( $a8->mulInt64( $b7 ) )->addInt64( $a9->mulInt64( $b6 ) ) |
|
| 2284 | + ->addInt64( $a10->mulInt64( $b5 ) )->addInt64( $a11->mulInt64( $b4 ) ); |
|
| 2285 | + $s16 = $a5->mulInt64( $b11 )->addInt64( $a6->mulInt64( $b10 ) )->addInt64( $a7->mulInt64( $b9 ) )->addInt64( $a8->mulInt64( $b8 ) )->addInt64( $a9->mulInt64( $b7 ) )->addInt64( $a10->mulInt64( $b6 ) ) |
|
| 2286 | + ->addInt64( $a11->mulInt64( $b5 ) ); |
|
| 2287 | + $s17 = $a6->mulInt64( $b11 )->addInt64( $a7->mulInt64( $b10 ) )->addInt64( $a8->mulInt64( $b9 ) )->addInt64( $a9->mulInt64( $b8 ) )->addInt64( $a10->mulInt64( $b7 ) )->addInt64( $a11->mulInt64( $b6 ) ); |
|
| 2288 | + $s18 = $a7->mulInt64( $b11 )->addInt64( $a8->mulInt64( $b10 ) )->addInt64( $a9->mulInt64( $b9 ) )->addInt64( $a10->mulInt64( $b8 ) )->addInt64( $a11->mulInt64( $b7 ) ); |
|
| 2289 | + $s19 = $a8->mulInt64( $b11 )->addInt64( $a9->mulInt64( $b10 ) )->addInt64( $a10->mulInt64( $b9 ) )->addInt64( $a11->mulInt64( $b8 ) ); |
|
| 2290 | + $s20 = $a9->mulInt64( $b11 )->addInt64( $a10->mulInt64( $b10 ) )->addInt64( $a11->mulInt64( $b9 ) ); |
|
| 2291 | + $s21 = $a10->mulInt64( $b11 )->addInt64( $a11->mulInt64( $b10 ) ); |
|
| 2292 | + $s22 = $a11->mulInt64( $b11 ); |
|
| 2293 | 2293 | $s23 = new ParagonIE_Sodium_Core32_Int64(); |
| 2294 | 2294 | |
| 2295 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2296 | - $s1 = $s1->addInt64($carry0); |
|
| 2297 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2298 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2299 | - $s3 = $s3->addInt64($carry2); |
|
| 2300 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2301 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2302 | - $s5 = $s5->addInt64($carry4); |
|
| 2303 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2304 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2305 | - $s7 = $s7->addInt64($carry6); |
|
| 2306 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2307 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2308 | - $s9 = $s9->addInt64($carry8); |
|
| 2309 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2310 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2311 | - $s11 = $s11->addInt64($carry10); |
|
| 2312 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2313 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2314 | - $s13 = $s13->addInt64($carry12); |
|
| 2315 | - $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2316 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2317 | - $s15 = $s15->addInt64($carry14); |
|
| 2318 | - $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2319 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2320 | - $s17 = $s17->addInt64($carry16); |
|
| 2321 | - $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2322 | - $carry18 = $s18->addInt(1 << 20)->shiftRight(21); |
|
| 2323 | - $s19 = $s19->addInt64($carry18); |
|
| 2324 | - $s18 = $s18->subInt64($carry18->shiftLeft(21)); |
|
| 2325 | - $carry20 = $s20->addInt(1 << 20)->shiftRight(21); |
|
| 2326 | - $s21 = $s21->addInt64($carry20); |
|
| 2327 | - $s20 = $s20->subInt64($carry20->shiftLeft(21)); |
|
| 2328 | - $carry22 = $s22->addInt(1 << 20)->shiftRight(21); |
|
| 2329 | - $s23 = $s23->addInt64($carry22); |
|
| 2330 | - $s22 = $s22->subInt64($carry22->shiftLeft(21)); |
|
| 2331 | - |
|
| 2332 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2333 | - $s2 = $s2->addInt64($carry1); |
|
| 2334 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2335 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2336 | - $s4 = $s4->addInt64($carry3); |
|
| 2337 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2338 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2339 | - $s6 = $s6->addInt64($carry5); |
|
| 2340 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2341 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2342 | - $s8 = $s8->addInt64($carry7); |
|
| 2343 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2344 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2345 | - $s10 = $s10->addInt64($carry9); |
|
| 2346 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2347 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2348 | - $s12 = $s12->addInt64($carry11); |
|
| 2349 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2350 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2351 | - $s14 = $s14->addInt64($carry13); |
|
| 2352 | - $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2353 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2354 | - $s16 = $s16->addInt64($carry15); |
|
| 2355 | - $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2356 | - $carry17 = $s17->addInt(1 << 20)->shiftRight(21); |
|
| 2357 | - $s18 = $s18->addInt64($carry17); |
|
| 2358 | - $s17 = $s17->subInt64($carry17->shiftLeft(21)); |
|
| 2359 | - $carry19 = $s19->addInt(1 << 20)->shiftRight(21); |
|
| 2360 | - $s20 = $s20->addInt64($carry19); |
|
| 2361 | - $s19 = $s19->subInt64($carry19->shiftLeft(21)); |
|
| 2362 | - $carry21 = $s21->addInt(1 << 20)->shiftRight(21); |
|
| 2363 | - $s22 = $s22->addInt64($carry21); |
|
| 2364 | - $s21 = $s21->subInt64($carry21->shiftLeft(21)); |
|
| 2365 | - |
|
| 2366 | - $s11 = $s11->addInt64($s23->mulInt(666643)); |
|
| 2367 | - $s12 = $s12->addInt64($s23->mulInt(470296)); |
|
| 2368 | - $s13 = $s13->addInt64($s23->mulInt(654183)); |
|
| 2369 | - $s14 = $s14->subInt64($s23->mulInt(997805)); |
|
| 2370 | - $s15 = $s15->addInt64($s23->mulInt(136657)); |
|
| 2371 | - $s16 = $s16->subInt64($s23->mulInt(683901)); |
|
| 2372 | - |
|
| 2373 | - $s10 = $s10->addInt64($s22->mulInt(666643)); |
|
| 2374 | - $s11 = $s11->addInt64($s22->mulInt(470296)); |
|
| 2375 | - $s12 = $s12->addInt64($s22->mulInt(654183)); |
|
| 2376 | - $s13 = $s13->subInt64($s22->mulInt(997805)); |
|
| 2377 | - $s14 = $s14->addInt64($s22->mulInt(136657)); |
|
| 2378 | - $s15 = $s15->subInt64($s22->mulInt(683901)); |
|
| 2379 | - |
|
| 2380 | - $s9 = $s9->addInt64($s21->mulInt(666643)); |
|
| 2381 | - $s10 = $s10->addInt64($s21->mulInt(470296)); |
|
| 2382 | - $s11 = $s11->addInt64($s21->mulInt(654183)); |
|
| 2383 | - $s12 = $s12->subInt64($s21->mulInt(997805)); |
|
| 2384 | - $s13 = $s13->addInt64($s21->mulInt(136657)); |
|
| 2385 | - $s14 = $s14->subInt64($s21->mulInt(683901)); |
|
| 2386 | - |
|
| 2387 | - $s8 = $s8->addInt64($s20->mulInt(666643)); |
|
| 2388 | - $s9 = $s9->addInt64($s20->mulInt(470296)); |
|
| 2389 | - $s10 = $s10->addInt64($s20->mulInt(654183)); |
|
| 2390 | - $s11 = $s11->subInt64($s20->mulInt(997805)); |
|
| 2391 | - $s12 = $s12->addInt64($s20->mulInt(136657)); |
|
| 2392 | - $s13 = $s13->subInt64($s20->mulInt(683901)); |
|
| 2393 | - |
|
| 2394 | - $s7 = $s7->addInt64($s19->mulInt(666643)); |
|
| 2395 | - $s8 = $s8->addInt64($s19->mulInt(470296)); |
|
| 2396 | - $s9 = $s9->addInt64($s19->mulInt(654183)); |
|
| 2397 | - $s10 = $s10->subInt64($s19->mulInt(997805)); |
|
| 2398 | - $s11 = $s11->addInt64($s19->mulInt(136657)); |
|
| 2399 | - $s12 = $s12->subInt64($s19->mulInt(683901)); |
|
| 2400 | - |
|
| 2401 | - $s6 = $s6->addInt64($s18->mulInt(666643)); |
|
| 2402 | - $s7 = $s7->addInt64($s18->mulInt(470296)); |
|
| 2403 | - $s8 = $s8->addInt64($s18->mulInt(654183)); |
|
| 2404 | - $s9 = $s9->subInt64($s18->mulInt(997805)); |
|
| 2405 | - $s10 = $s10->addInt64($s18->mulInt(136657)); |
|
| 2406 | - $s11 = $s11->subInt64($s18->mulInt(683901)); |
|
| 2407 | - |
|
| 2408 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2409 | - $s7 = $s7->addInt64($carry6); |
|
| 2410 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2411 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2412 | - $s9 = $s9->addInt64($carry8); |
|
| 2413 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2414 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2415 | - $s11 = $s11->addInt64($carry10); |
|
| 2416 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2417 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2418 | - $s13 = $s13->addInt64($carry12); |
|
| 2419 | - $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2420 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2421 | - $s15 = $s15->addInt64($carry14); |
|
| 2422 | - $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2423 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2424 | - $s17 = $s17->addInt64($carry16); |
|
| 2425 | - $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2426 | - |
|
| 2427 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2428 | - $s8 = $s8->addInt64($carry7); |
|
| 2429 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2430 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2431 | - $s10 = $s10->addInt64($carry9); |
|
| 2432 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2433 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2434 | - $s12 = $s12->addInt64($carry11); |
|
| 2435 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2436 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2437 | - $s14 = $s14->addInt64($carry13); |
|
| 2438 | - $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2439 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2440 | - $s16 = $s16->addInt64($carry15); |
|
| 2441 | - $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2442 | - |
|
| 2443 | - $s5 = $s5->addInt64($s17->mulInt(666643)); |
|
| 2444 | - $s6 = $s6->addInt64($s17->mulInt(470296)); |
|
| 2445 | - $s7 = $s7->addInt64($s17->mulInt(654183)); |
|
| 2446 | - $s8 = $s8->subInt64($s17->mulInt(997805)); |
|
| 2447 | - $s9 = $s9->addInt64($s17->mulInt(136657)); |
|
| 2448 | - $s10 = $s10->subInt64($s17->mulInt(683901)); |
|
| 2449 | - |
|
| 2450 | - $s4 = $s4->addInt64($s16->mulInt(666643)); |
|
| 2451 | - $s5 = $s5->addInt64($s16->mulInt(470296)); |
|
| 2452 | - $s6 = $s6->addInt64($s16->mulInt(654183)); |
|
| 2453 | - $s7 = $s7->subInt64($s16->mulInt(997805)); |
|
| 2454 | - $s8 = $s8->addInt64($s16->mulInt(136657)); |
|
| 2455 | - $s9 = $s9->subInt64($s16->mulInt(683901)); |
|
| 2456 | - |
|
| 2457 | - $s3 = $s3->addInt64($s15->mulInt(666643)); |
|
| 2458 | - $s4 = $s4->addInt64($s15->mulInt(470296)); |
|
| 2459 | - $s5 = $s5->addInt64($s15->mulInt(654183)); |
|
| 2460 | - $s6 = $s6->subInt64($s15->mulInt(997805)); |
|
| 2461 | - $s7 = $s7->addInt64($s15->mulInt(136657)); |
|
| 2462 | - $s8 = $s8->subInt64($s15->mulInt(683901)); |
|
| 2463 | - |
|
| 2464 | - $s2 = $s2->addInt64($s14->mulInt(666643)); |
|
| 2465 | - $s3 = $s3->addInt64($s14->mulInt(470296)); |
|
| 2466 | - $s4 = $s4->addInt64($s14->mulInt(654183)); |
|
| 2467 | - $s5 = $s5->subInt64($s14->mulInt(997805)); |
|
| 2468 | - $s6 = $s6->addInt64($s14->mulInt(136657)); |
|
| 2469 | - $s7 = $s7->subInt64($s14->mulInt(683901)); |
|
| 2470 | - |
|
| 2471 | - $s1 = $s1->addInt64($s13->mulInt(666643)); |
|
| 2472 | - $s2 = $s2->addInt64($s13->mulInt(470296)); |
|
| 2473 | - $s3 = $s3->addInt64($s13->mulInt(654183)); |
|
| 2474 | - $s4 = $s4->subInt64($s13->mulInt(997805)); |
|
| 2475 | - $s5 = $s5->addInt64($s13->mulInt(136657)); |
|
| 2476 | - $s6 = $s6->subInt64($s13->mulInt(683901)); |
|
| 2477 | - |
|
| 2478 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2479 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2480 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2481 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2482 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2483 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2295 | + $carry0 = $s0->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2296 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2297 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2298 | + $carry2 = $s2->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2299 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2300 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2301 | + $carry4 = $s4->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2302 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2303 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2304 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2305 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2306 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2307 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2308 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2309 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2310 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2311 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2312 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2313 | + $carry12 = $s12->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2314 | + $s13 = $s13->addInt64( $carry12 ); |
|
| 2315 | + $s12 = $s12->subInt64( $carry12->shiftLeft( 21 ) ); |
|
| 2316 | + $carry14 = $s14->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2317 | + $s15 = $s15->addInt64( $carry14 ); |
|
| 2318 | + $s14 = $s14->subInt64( $carry14->shiftLeft( 21 ) ); |
|
| 2319 | + $carry16 = $s16->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2320 | + $s17 = $s17->addInt64( $carry16 ); |
|
| 2321 | + $s16 = $s16->subInt64( $carry16->shiftLeft( 21 ) ); |
|
| 2322 | + $carry18 = $s18->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2323 | + $s19 = $s19->addInt64( $carry18 ); |
|
| 2324 | + $s18 = $s18->subInt64( $carry18->shiftLeft( 21 ) ); |
|
| 2325 | + $carry20 = $s20->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2326 | + $s21 = $s21->addInt64( $carry20 ); |
|
| 2327 | + $s20 = $s20->subInt64( $carry20->shiftLeft( 21 ) ); |
|
| 2328 | + $carry22 = $s22->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2329 | + $s23 = $s23->addInt64( $carry22 ); |
|
| 2330 | + $s22 = $s22->subInt64( $carry22->shiftLeft( 21 ) ); |
|
| 2331 | + |
|
| 2332 | + $carry1 = $s1->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2333 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2334 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2335 | + $carry3 = $s3->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2336 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2337 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2338 | + $carry5 = $s5->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2339 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2340 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2341 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2342 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2343 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2344 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2345 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2346 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2347 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2348 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2349 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2350 | + $carry13 = $s13->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2351 | + $s14 = $s14->addInt64( $carry13 ); |
|
| 2352 | + $s13 = $s13->subInt64( $carry13->shiftLeft( 21 ) ); |
|
| 2353 | + $carry15 = $s15->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2354 | + $s16 = $s16->addInt64( $carry15 ); |
|
| 2355 | + $s15 = $s15->subInt64( $carry15->shiftLeft( 21 ) ); |
|
| 2356 | + $carry17 = $s17->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2357 | + $s18 = $s18->addInt64( $carry17 ); |
|
| 2358 | + $s17 = $s17->subInt64( $carry17->shiftLeft( 21 ) ); |
|
| 2359 | + $carry19 = $s19->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2360 | + $s20 = $s20->addInt64( $carry19 ); |
|
| 2361 | + $s19 = $s19->subInt64( $carry19->shiftLeft( 21 ) ); |
|
| 2362 | + $carry21 = $s21->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2363 | + $s22 = $s22->addInt64( $carry21 ); |
|
| 2364 | + $s21 = $s21->subInt64( $carry21->shiftLeft( 21 ) ); |
|
| 2365 | + |
|
| 2366 | + $s11 = $s11->addInt64( $s23->mulInt( 666643 ) ); |
|
| 2367 | + $s12 = $s12->addInt64( $s23->mulInt( 470296 ) ); |
|
| 2368 | + $s13 = $s13->addInt64( $s23->mulInt( 654183 ) ); |
|
| 2369 | + $s14 = $s14->subInt64( $s23->mulInt( 997805 ) ); |
|
| 2370 | + $s15 = $s15->addInt64( $s23->mulInt( 136657 ) ); |
|
| 2371 | + $s16 = $s16->subInt64( $s23->mulInt( 683901 ) ); |
|
| 2372 | + |
|
| 2373 | + $s10 = $s10->addInt64( $s22->mulInt( 666643 ) ); |
|
| 2374 | + $s11 = $s11->addInt64( $s22->mulInt( 470296 ) ); |
|
| 2375 | + $s12 = $s12->addInt64( $s22->mulInt( 654183 ) ); |
|
| 2376 | + $s13 = $s13->subInt64( $s22->mulInt( 997805 ) ); |
|
| 2377 | + $s14 = $s14->addInt64( $s22->mulInt( 136657 ) ); |
|
| 2378 | + $s15 = $s15->subInt64( $s22->mulInt( 683901 ) ); |
|
| 2379 | + |
|
| 2380 | + $s9 = $s9->addInt64( $s21->mulInt( 666643 ) ); |
|
| 2381 | + $s10 = $s10->addInt64( $s21->mulInt( 470296 ) ); |
|
| 2382 | + $s11 = $s11->addInt64( $s21->mulInt( 654183 ) ); |
|
| 2383 | + $s12 = $s12->subInt64( $s21->mulInt( 997805 ) ); |
|
| 2384 | + $s13 = $s13->addInt64( $s21->mulInt( 136657 ) ); |
|
| 2385 | + $s14 = $s14->subInt64( $s21->mulInt( 683901 ) ); |
|
| 2386 | + |
|
| 2387 | + $s8 = $s8->addInt64( $s20->mulInt( 666643 ) ); |
|
| 2388 | + $s9 = $s9->addInt64( $s20->mulInt( 470296 ) ); |
|
| 2389 | + $s10 = $s10->addInt64( $s20->mulInt( 654183 ) ); |
|
| 2390 | + $s11 = $s11->subInt64( $s20->mulInt( 997805 ) ); |
|
| 2391 | + $s12 = $s12->addInt64( $s20->mulInt( 136657 ) ); |
|
| 2392 | + $s13 = $s13->subInt64( $s20->mulInt( 683901 ) ); |
|
| 2393 | + |
|
| 2394 | + $s7 = $s7->addInt64( $s19->mulInt( 666643 ) ); |
|
| 2395 | + $s8 = $s8->addInt64( $s19->mulInt( 470296 ) ); |
|
| 2396 | + $s9 = $s9->addInt64( $s19->mulInt( 654183 ) ); |
|
| 2397 | + $s10 = $s10->subInt64( $s19->mulInt( 997805 ) ); |
|
| 2398 | + $s11 = $s11->addInt64( $s19->mulInt( 136657 ) ); |
|
| 2399 | + $s12 = $s12->subInt64( $s19->mulInt( 683901 ) ); |
|
| 2400 | + |
|
| 2401 | + $s6 = $s6->addInt64( $s18->mulInt( 666643 ) ); |
|
| 2402 | + $s7 = $s7->addInt64( $s18->mulInt( 470296 ) ); |
|
| 2403 | + $s8 = $s8->addInt64( $s18->mulInt( 654183 ) ); |
|
| 2404 | + $s9 = $s9->subInt64( $s18->mulInt( 997805 ) ); |
|
| 2405 | + $s10 = $s10->addInt64( $s18->mulInt( 136657 ) ); |
|
| 2406 | + $s11 = $s11->subInt64( $s18->mulInt( 683901 ) ); |
|
| 2407 | + |
|
| 2408 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2409 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2410 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2411 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2412 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2413 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2414 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2415 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2416 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2417 | + $carry12 = $s12->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2418 | + $s13 = $s13->addInt64( $carry12 ); |
|
| 2419 | + $s12 = $s12->subInt64( $carry12->shiftLeft( 21 ) ); |
|
| 2420 | + $carry14 = $s14->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2421 | + $s15 = $s15->addInt64( $carry14 ); |
|
| 2422 | + $s14 = $s14->subInt64( $carry14->shiftLeft( 21 ) ); |
|
| 2423 | + $carry16 = $s16->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2424 | + $s17 = $s17->addInt64( $carry16 ); |
|
| 2425 | + $s16 = $s16->subInt64( $carry16->shiftLeft( 21 ) ); |
|
| 2426 | + |
|
| 2427 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2428 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2429 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2430 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2431 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2432 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2433 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2434 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2435 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2436 | + $carry13 = $s13->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2437 | + $s14 = $s14->addInt64( $carry13 ); |
|
| 2438 | + $s13 = $s13->subInt64( $carry13->shiftLeft( 21 ) ); |
|
| 2439 | + $carry15 = $s15->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2440 | + $s16 = $s16->addInt64( $carry15 ); |
|
| 2441 | + $s15 = $s15->subInt64( $carry15->shiftLeft( 21 ) ); |
|
| 2442 | + |
|
| 2443 | + $s5 = $s5->addInt64( $s17->mulInt( 666643 ) ); |
|
| 2444 | + $s6 = $s6->addInt64( $s17->mulInt( 470296 ) ); |
|
| 2445 | + $s7 = $s7->addInt64( $s17->mulInt( 654183 ) ); |
|
| 2446 | + $s8 = $s8->subInt64( $s17->mulInt( 997805 ) ); |
|
| 2447 | + $s9 = $s9->addInt64( $s17->mulInt( 136657 ) ); |
|
| 2448 | + $s10 = $s10->subInt64( $s17->mulInt( 683901 ) ); |
|
| 2449 | + |
|
| 2450 | + $s4 = $s4->addInt64( $s16->mulInt( 666643 ) ); |
|
| 2451 | + $s5 = $s5->addInt64( $s16->mulInt( 470296 ) ); |
|
| 2452 | + $s6 = $s6->addInt64( $s16->mulInt( 654183 ) ); |
|
| 2453 | + $s7 = $s7->subInt64( $s16->mulInt( 997805 ) ); |
|
| 2454 | + $s8 = $s8->addInt64( $s16->mulInt( 136657 ) ); |
|
| 2455 | + $s9 = $s9->subInt64( $s16->mulInt( 683901 ) ); |
|
| 2456 | + |
|
| 2457 | + $s3 = $s3->addInt64( $s15->mulInt( 666643 ) ); |
|
| 2458 | + $s4 = $s4->addInt64( $s15->mulInt( 470296 ) ); |
|
| 2459 | + $s5 = $s5->addInt64( $s15->mulInt( 654183 ) ); |
|
| 2460 | + $s6 = $s6->subInt64( $s15->mulInt( 997805 ) ); |
|
| 2461 | + $s7 = $s7->addInt64( $s15->mulInt( 136657 ) ); |
|
| 2462 | + $s8 = $s8->subInt64( $s15->mulInt( 683901 ) ); |
|
| 2463 | + |
|
| 2464 | + $s2 = $s2->addInt64( $s14->mulInt( 666643 ) ); |
|
| 2465 | + $s3 = $s3->addInt64( $s14->mulInt( 470296 ) ); |
|
| 2466 | + $s4 = $s4->addInt64( $s14->mulInt( 654183 ) ); |
|
| 2467 | + $s5 = $s5->subInt64( $s14->mulInt( 997805 ) ); |
|
| 2468 | + $s6 = $s6->addInt64( $s14->mulInt( 136657 ) ); |
|
| 2469 | + $s7 = $s7->subInt64( $s14->mulInt( 683901 ) ); |
|
| 2470 | + |
|
| 2471 | + $s1 = $s1->addInt64( $s13->mulInt( 666643 ) ); |
|
| 2472 | + $s2 = $s2->addInt64( $s13->mulInt( 470296 ) ); |
|
| 2473 | + $s3 = $s3->addInt64( $s13->mulInt( 654183 ) ); |
|
| 2474 | + $s4 = $s4->subInt64( $s13->mulInt( 997805 ) ); |
|
| 2475 | + $s5 = $s5->addInt64( $s13->mulInt( 136657 ) ); |
|
| 2476 | + $s6 = $s6->subInt64( $s13->mulInt( 683901 ) ); |
|
| 2477 | + |
|
| 2478 | + $s0 = $s0->addInt64( $s12->mulInt( 666643 ) ); |
|
| 2479 | + $s1 = $s1->addInt64( $s12->mulInt( 470296 ) ); |
|
| 2480 | + $s2 = $s2->addInt64( $s12->mulInt( 654183 ) ); |
|
| 2481 | + $s3 = $s3->subInt64( $s12->mulInt( 997805 ) ); |
|
| 2482 | + $s4 = $s4->addInt64( $s12->mulInt( 136657 ) ); |
|
| 2483 | + $s5 = $s5->subInt64( $s12->mulInt( 683901 ) ); |
|
| 2484 | 2484 | $s12 = new ParagonIE_Sodium_Core32_Int64(); |
| 2485 | 2485 | |
| 2486 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2487 | - $s1 = $s1->addInt64($carry0); |
|
| 2488 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2489 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2490 | - $s3 = $s3->addInt64($carry2); |
|
| 2491 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2492 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2493 | - $s5 = $s5->addInt64($carry4); |
|
| 2494 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2495 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2496 | - $s7 = $s7->addInt64($carry6); |
|
| 2497 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2498 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2499 | - $s9 = $s9->addInt64($carry8); |
|
| 2500 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2501 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2502 | - $s11 = $s11->addInt64($carry10); |
|
| 2503 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2504 | - |
|
| 2505 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2506 | - $s2 = $s2->addInt64($carry1); |
|
| 2507 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2508 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2509 | - $s4 = $s4->addInt64($carry3); |
|
| 2510 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2511 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2512 | - $s6 = $s6->addInt64($carry5); |
|
| 2513 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2514 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2515 | - $s8 = $s8->addInt64($carry7); |
|
| 2516 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2517 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2518 | - $s10 = $s10->addInt64($carry9); |
|
| 2519 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2520 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2521 | - $s12 = $s12->addInt64($carry11); |
|
| 2522 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2523 | - |
|
| 2524 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2525 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2526 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2527 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2528 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2529 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2486 | + $carry0 = $s0->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2487 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2488 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2489 | + $carry2 = $s2->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2490 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2491 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2492 | + $carry4 = $s4->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2493 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2494 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2495 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2496 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2497 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2498 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2499 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2500 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2501 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2502 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2503 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2504 | + |
|
| 2505 | + $carry1 = $s1->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2506 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2507 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2508 | + $carry3 = $s3->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2509 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2510 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2511 | + $carry5 = $s5->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2512 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2513 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2514 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2515 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2516 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2517 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2518 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2519 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2520 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2521 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2522 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2523 | + |
|
| 2524 | + $s0 = $s0->addInt64( $s12->mulInt( 666643 ) ); |
|
| 2525 | + $s1 = $s1->addInt64( $s12->mulInt( 470296 ) ); |
|
| 2526 | + $s2 = $s2->addInt64( $s12->mulInt( 654183 ) ); |
|
| 2527 | + $s3 = $s3->subInt64( $s12->mulInt( 997805 ) ); |
|
| 2528 | + $s4 = $s4->addInt64( $s12->mulInt( 136657 ) ); |
|
| 2529 | + $s5 = $s5->subInt64( $s12->mulInt( 683901 ) ); |
|
| 2530 | 2530 | $s12 = new ParagonIE_Sodium_Core32_Int64(); |
| 2531 | 2531 | |
| 2532 | - $carry0 = $s0->shiftRight(21); |
|
| 2533 | - $s1 = $s1->addInt64($carry0); |
|
| 2534 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2535 | - $carry1 = $s1->shiftRight(21); |
|
| 2536 | - $s2 = $s2->addInt64($carry1); |
|
| 2537 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2538 | - $carry2 = $s2->shiftRight(21); |
|
| 2539 | - $s3 = $s3->addInt64($carry2); |
|
| 2540 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2541 | - $carry3 = $s3->shiftRight(21); |
|
| 2542 | - $s4 = $s4->addInt64($carry3); |
|
| 2543 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2544 | - $carry4 = $s4->shiftRight(21); |
|
| 2545 | - $s5 = $s5->addInt64($carry4); |
|
| 2546 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2547 | - $carry5 = $s5->shiftRight(21); |
|
| 2548 | - $s6 = $s6->addInt64($carry5); |
|
| 2549 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2550 | - $carry6 = $s6->shiftRight(21); |
|
| 2551 | - $s7 = $s7->addInt64($carry6); |
|
| 2552 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2553 | - $carry7 = $s7->shiftRight(21); |
|
| 2554 | - $s8 = $s8->addInt64($carry7); |
|
| 2555 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2556 | - $carry8 = $s8->shiftRight(21); |
|
| 2557 | - $s9 = $s9->addInt64($carry8); |
|
| 2558 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2559 | - $carry9 = $s9->shiftRight(21); |
|
| 2560 | - $s10 = $s10->addInt64($carry9); |
|
| 2561 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2562 | - $carry10 = $s10->shiftRight(21); |
|
| 2563 | - $s11 = $s11->addInt64($carry10); |
|
| 2564 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2565 | - $carry11 = $s11->shiftRight(21); |
|
| 2566 | - $s12 = $s12->addInt64($carry11); |
|
| 2567 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2568 | - |
|
| 2569 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2570 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2571 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2572 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2573 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2574 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2575 | - |
|
| 2576 | - $carry0 = $s0->shiftRight(21); |
|
| 2577 | - $s1 = $s1->addInt64($carry0); |
|
| 2578 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2579 | - $carry1 = $s1->shiftRight(21); |
|
| 2580 | - $s2 = $s2->addInt64($carry1); |
|
| 2581 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2582 | - $carry2 = $s2->shiftRight(21); |
|
| 2583 | - $s3 = $s3->addInt64($carry2); |
|
| 2584 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2585 | - $carry3 = $s3->shiftRight(21); |
|
| 2586 | - $s4 = $s4->addInt64($carry3); |
|
| 2587 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2588 | - $carry4 = $s4->shiftRight(21); |
|
| 2589 | - $s5 = $s5->addInt64($carry4); |
|
| 2590 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2591 | - $carry5 = $s5->shiftRight(21); |
|
| 2592 | - $s6 = $s6->addInt64($carry5); |
|
| 2593 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2594 | - $carry6 = $s6->shiftRight(21); |
|
| 2595 | - $s7 = $s7->addInt64($carry6); |
|
| 2596 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2597 | - $carry7 = $s7->shiftRight(21); |
|
| 2598 | - $s8 = $s8->addInt64($carry7); |
|
| 2599 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2600 | - $carry8 = $s10->shiftRight(21); |
|
| 2601 | - $s9 = $s9->addInt64($carry8); |
|
| 2602 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2603 | - $carry9 = $s9->shiftRight(21); |
|
| 2604 | - $s10 = $s10->addInt64($carry9); |
|
| 2605 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2606 | - $carry10 = $s10->shiftRight(21); |
|
| 2607 | - $s11 = $s11->addInt64($carry10); |
|
| 2608 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2609 | - |
|
| 2610 | - $S0 = $s0->toInt32()->toInt(); |
|
| 2611 | - $S1 = $s1->toInt32()->toInt(); |
|
| 2612 | - $S2 = $s2->toInt32()->toInt(); |
|
| 2613 | - $S3 = $s3->toInt32()->toInt(); |
|
| 2614 | - $S4 = $s4->toInt32()->toInt(); |
|
| 2615 | - $S5 = $s5->toInt32()->toInt(); |
|
| 2616 | - $S6 = $s6->toInt32()->toInt(); |
|
| 2617 | - $S7 = $s7->toInt32()->toInt(); |
|
| 2618 | - $S8 = $s8->toInt32()->toInt(); |
|
| 2619 | - $S9 = $s9->toInt32()->toInt(); |
|
| 2532 | + $carry0 = $s0->shiftRight( 21 ); |
|
| 2533 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2534 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2535 | + $carry1 = $s1->shiftRight( 21 ); |
|
| 2536 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2537 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2538 | + $carry2 = $s2->shiftRight( 21 ); |
|
| 2539 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2540 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2541 | + $carry3 = $s3->shiftRight( 21 ); |
|
| 2542 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2543 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2544 | + $carry4 = $s4->shiftRight( 21 ); |
|
| 2545 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2546 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2547 | + $carry5 = $s5->shiftRight( 21 ); |
|
| 2548 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2549 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2550 | + $carry6 = $s6->shiftRight( 21 ); |
|
| 2551 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2552 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2553 | + $carry7 = $s7->shiftRight( 21 ); |
|
| 2554 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2555 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2556 | + $carry8 = $s8->shiftRight( 21 ); |
|
| 2557 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2558 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2559 | + $carry9 = $s9->shiftRight( 21 ); |
|
| 2560 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2561 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2562 | + $carry10 = $s10->shiftRight( 21 ); |
|
| 2563 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2564 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2565 | + $carry11 = $s11->shiftRight( 21 ); |
|
| 2566 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2567 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2568 | + |
|
| 2569 | + $s0 = $s0->addInt64( $s12->mulInt( 666643 ) ); |
|
| 2570 | + $s1 = $s1->addInt64( $s12->mulInt( 470296 ) ); |
|
| 2571 | + $s2 = $s2->addInt64( $s12->mulInt( 654183 ) ); |
|
| 2572 | + $s3 = $s3->subInt64( $s12->mulInt( 997805 ) ); |
|
| 2573 | + $s4 = $s4->addInt64( $s12->mulInt( 136657 ) ); |
|
| 2574 | + $s5 = $s5->subInt64( $s12->mulInt( 683901 ) ); |
|
| 2575 | + |
|
| 2576 | + $carry0 = $s0->shiftRight( 21 ); |
|
| 2577 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2578 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2579 | + $carry1 = $s1->shiftRight( 21 ); |
|
| 2580 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2581 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2582 | + $carry2 = $s2->shiftRight( 21 ); |
|
| 2583 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2584 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2585 | + $carry3 = $s3->shiftRight( 21 ); |
|
| 2586 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2587 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2588 | + $carry4 = $s4->shiftRight( 21 ); |
|
| 2589 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2590 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2591 | + $carry5 = $s5->shiftRight( 21 ); |
|
| 2592 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2593 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2594 | + $carry6 = $s6->shiftRight( 21 ); |
|
| 2595 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2596 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2597 | + $carry7 = $s7->shiftRight( 21 ); |
|
| 2598 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2599 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2600 | + $carry8 = $s10->shiftRight( 21 ); |
|
| 2601 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2602 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2603 | + $carry9 = $s9->shiftRight( 21 ); |
|
| 2604 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2605 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2606 | + $carry10 = $s10->shiftRight( 21 ); |
|
| 2607 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2608 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2609 | + |
|
| 2610 | + $S0 = $s0->toInt32()->toInt(); |
|
| 2611 | + $S1 = $s1->toInt32()->toInt(); |
|
| 2612 | + $S2 = $s2->toInt32()->toInt(); |
|
| 2613 | + $S3 = $s3->toInt32()->toInt(); |
|
| 2614 | + $S4 = $s4->toInt32()->toInt(); |
|
| 2615 | + $S5 = $s5->toInt32()->toInt(); |
|
| 2616 | + $S6 = $s6->toInt32()->toInt(); |
|
| 2617 | + $S7 = $s7->toInt32()->toInt(); |
|
| 2618 | + $S8 = $s8->toInt32()->toInt(); |
|
| 2619 | + $S9 = $s9->toInt32()->toInt(); |
|
| 2620 | 2620 | $S10 = $s10->toInt32()->toInt(); |
| 2621 | 2621 | $S11 = $s11->toInt32()->toInt(); |
| 2622 | 2622 | |
@@ -2624,40 +2624,40 @@ discard block |
||
| 2624 | 2624 | * @var array<int, int> |
| 2625 | 2625 | */ |
| 2626 | 2626 | $arr = array( |
| 2627 | - (int) (0xff & ($S0 >> 0)), |
|
| 2628 | - (int) (0xff & ($S0 >> 8)), |
|
| 2629 | - (int) (0xff & (($S0 >> 16) | self::mul($S1, 1 << 5))), |
|
| 2630 | - (int) (0xff & ($S1 >> 3)), |
|
| 2631 | - (int) (0xff & ($S1 >> 11)), |
|
| 2632 | - (int) (0xff & (($S1 >> 19) | self::mul($S2, 1 << 2))), |
|
| 2633 | - (int) (0xff & ($S2 >> 6)), |
|
| 2634 | - (int) (0xff & (($S2 >> 14) | self::mul($S3, 1 << 7))), |
|
| 2635 | - (int) (0xff & ($S3 >> 1)), |
|
| 2636 | - (int) (0xff & ($S3 >> 9)), |
|
| 2637 | - (int) (0xff & (($S3 >> 17) | self::mul($S4, 1 << 4))), |
|
| 2638 | - (int) (0xff & ($S4 >> 4)), |
|
| 2639 | - (int) (0xff & ($S4 >> 12)), |
|
| 2640 | - (int) (0xff & (($S4 >> 20) | self::mul($S5, 1 << 1))), |
|
| 2641 | - (int) (0xff & ($S5 >> 7)), |
|
| 2642 | - (int) (0xff & (($S5 >> 15) | self::mul($S6, 1 << 6))), |
|
| 2643 | - (int) (0xff & ($S6 >> 2)), |
|
| 2644 | - (int) (0xff & ($S6 >> 10)), |
|
| 2645 | - (int) (0xff & (($S6 >> 18) | self::mul($S7, 1 << 3))), |
|
| 2646 | - (int) (0xff & ($S7 >> 5)), |
|
| 2647 | - (int) (0xff & ($S7 >> 13)), |
|
| 2648 | - (int) (0xff & ($S8 >> 0)), |
|
| 2649 | - (int) (0xff & ($S8 >> 8)), |
|
| 2650 | - (int) (0xff & (($S8 >> 16) | self::mul($S9, 1 << 5))), |
|
| 2651 | - (int) (0xff & ($S9 >> 3)), |
|
| 2652 | - (int) (0xff & ($S9 >> 11)), |
|
| 2653 | - (int) (0xff & (($S9 >> 19) | self::mul($S10, 1 << 2))), |
|
| 2654 | - (int) (0xff & ($S10 >> 6)), |
|
| 2655 | - (int) (0xff & (($S10 >> 14) | self::mul($S11, 1 << 7))), |
|
| 2656 | - (int) (0xff & ($S11 >> 1)), |
|
| 2657 | - (int) (0xff & ($S11 >> 9)), |
|
| 2658 | - (int) (0xff & ($S11 >> 17)) |
|
| 2627 | + (int) ( 0xff & ( $S0 >> 0 ) ), |
|
| 2628 | + (int) ( 0xff & ( $S0 >> 8 ) ), |
|
| 2629 | + (int) ( 0xff & ( ( $S0 >> 16 ) | self::mul( $S1, 1 << 5 ) ) ), |
|
| 2630 | + (int) ( 0xff & ( $S1 >> 3 ) ), |
|
| 2631 | + (int) ( 0xff & ( $S1 >> 11 ) ), |
|
| 2632 | + (int) ( 0xff & ( ( $S1 >> 19 ) | self::mul( $S2, 1 << 2 ) ) ), |
|
| 2633 | + (int) ( 0xff & ( $S2 >> 6 ) ), |
|
| 2634 | + (int) ( 0xff & ( ( $S2 >> 14 ) | self::mul( $S3, 1 << 7 ) ) ), |
|
| 2635 | + (int) ( 0xff & ( $S3 >> 1 ) ), |
|
| 2636 | + (int) ( 0xff & ( $S3 >> 9 ) ), |
|
| 2637 | + (int) ( 0xff & ( ( $S3 >> 17 ) | self::mul( $S4, 1 << 4 ) ) ), |
|
| 2638 | + (int) ( 0xff & ( $S4 >> 4 ) ), |
|
| 2639 | + (int) ( 0xff & ( $S4 >> 12 ) ), |
|
| 2640 | + (int) ( 0xff & ( ( $S4 >> 20 ) | self::mul( $S5, 1 << 1 ) ) ), |
|
| 2641 | + (int) ( 0xff & ( $S5 >> 7 ) ), |
|
| 2642 | + (int) ( 0xff & ( ( $S5 >> 15 ) | self::mul( $S6, 1 << 6 ) ) ), |
|
| 2643 | + (int) ( 0xff & ( $S6 >> 2 ) ), |
|
| 2644 | + (int) ( 0xff & ( $S6 >> 10 ) ), |
|
| 2645 | + (int) ( 0xff & ( ( $S6 >> 18 ) | self::mul( $S7, 1 << 3 ) ) ), |
|
| 2646 | + (int) ( 0xff & ( $S7 >> 5 ) ), |
|
| 2647 | + (int) ( 0xff & ( $S7 >> 13 ) ), |
|
| 2648 | + (int) ( 0xff & ( $S8 >> 0 ) ), |
|
| 2649 | + (int) ( 0xff & ( $S8 >> 8 ) ), |
|
| 2650 | + (int) ( 0xff & ( ( $S8 >> 16 ) | self::mul( $S9, 1 << 5 ) ) ), |
|
| 2651 | + (int) ( 0xff & ( $S9 >> 3 ) ), |
|
| 2652 | + (int) ( 0xff & ( $S9 >> 11 ) ), |
|
| 2653 | + (int) ( 0xff & ( ( $S9 >> 19 ) | self::mul( $S10, 1 << 2 ) ) ), |
|
| 2654 | + (int) ( 0xff & ( $S10 >> 6 ) ), |
|
| 2655 | + (int) ( 0xff & ( ( $S10 >> 14 ) | self::mul( $S11, 1 << 7 ) ) ), |
|
| 2656 | + (int) ( 0xff & ( $S11 >> 1 ) ), |
|
| 2657 | + (int) ( 0xff & ( $S11 >> 9 ) ), |
|
| 2658 | + (int) ( 0xff & ( $S11 >> 17 ) ) |
|
| 2659 | 2659 | ); |
| 2660 | - return self::intArrayToString($arr); |
|
| 2660 | + return self::intArrayToString( $arr ); |
|
| 2661 | 2661 | } |
| 2662 | 2662 | |
| 2663 | 2663 | /** |
@@ -2666,7 +2666,7 @@ discard block |
||
| 2666 | 2666 | * @param string $s |
| 2667 | 2667 | * @return string |
| 2668 | 2668 | */ |
| 2669 | - public static function sc_reduce($s) |
|
| 2669 | + public static function sc_reduce( $s ) |
|
| 2670 | 2670 | { |
| 2671 | 2671 | /** |
| 2672 | 2672 | * @var ParagonIE_Sodium_Core32_Int64 $s0 |
@@ -2694,273 +2694,273 @@ discard block |
||
| 2694 | 2694 | * @var ParagonIE_Sodium_Core32_Int64 $s22 |
| 2695 | 2695 | * @var ParagonIE_Sodium_Core32_Int64 $s23 |
| 2696 | 2696 | */ |
| 2697 | - $s0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 0, 3)))->toInt64(); |
|
| 2698 | - $s1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5))->toInt64(); |
|
| 2699 | - $s2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2))->toInt64(); |
|
| 2700 | - $s3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7))->toInt64(); |
|
| 2701 | - $s4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4))->toInt64(); |
|
| 2702 | - $s5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1))->toInt64(); |
|
| 2703 | - $s6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6))->toInt64(); |
|
| 2704 | - $s7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3))->toInt64(); |
|
| 2705 | - $s8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 21, 3)))->toInt64(); |
|
| 2706 | - $s9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5))->toInt64(); |
|
| 2707 | - $s10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2))->toInt64(); |
|
| 2708 | - $s11 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7))->toInt64(); |
|
| 2709 | - $s12 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4))->toInt64(); |
|
| 2710 | - $s13 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1))->toInt64(); |
|
| 2711 | - $s14 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6))->toInt64(); |
|
| 2712 | - $s15 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3))->toInt64(); |
|
| 2713 | - $s16 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 42, 3)))->toInt64(); |
|
| 2714 | - $s17 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5))->toInt64(); |
|
| 2715 | - $s18 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2))->toInt64(); |
|
| 2716 | - $s19 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7))->toInt64(); |
|
| 2717 | - $s20 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4))->toInt64(); |
|
| 2718 | - $s21 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1))->toInt64(); |
|
| 2719 | - $s22 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6))->toInt64(); |
|
| 2720 | - $s23 = ParagonIE_Sodium_Core32_Int32::fromInt(0x1fffffff & (self::load_4(self::substr($s, 60, 4)) >> 3))->toInt64(); |
|
| 2721 | - |
|
| 2722 | - $s11 = $s11->addInt64($s23->mulInt(666643)); |
|
| 2723 | - $s12 = $s12->addInt64($s23->mulInt(470296)); |
|
| 2724 | - $s13 = $s13->addInt64($s23->mulInt(654183)); |
|
| 2725 | - $s14 = $s14->subInt64($s23->mulInt(997805)); |
|
| 2726 | - $s15 = $s15->addInt64($s23->mulInt(136657)); |
|
| 2727 | - $s16 = $s16->subInt64($s23->mulInt(683901)); |
|
| 2728 | - |
|
| 2729 | - $s10 = $s10->addInt64($s22->mulInt(666643)); |
|
| 2730 | - $s11 = $s11->addInt64($s22->mulInt(470296)); |
|
| 2731 | - $s12 = $s12->addInt64($s22->mulInt(654183)); |
|
| 2732 | - $s13 = $s13->subInt64($s22->mulInt(997805)); |
|
| 2733 | - $s14 = $s14->addInt64($s22->mulInt(136657)); |
|
| 2734 | - $s15 = $s15->subInt64($s22->mulInt(683901)); |
|
| 2735 | - |
|
| 2736 | - $s9 = $s9->addInt64($s21->mulInt(666643)); |
|
| 2737 | - $s10 = $s10->addInt64($s21->mulInt(470296)); |
|
| 2738 | - $s11 = $s11->addInt64($s21->mulInt(654183)); |
|
| 2739 | - $s12 = $s12->subInt64($s21->mulInt(997805)); |
|
| 2740 | - $s13 = $s13->addInt64($s21->mulInt(136657)); |
|
| 2741 | - $s14 = $s14->subInt64($s21->mulInt(683901)); |
|
| 2742 | - |
|
| 2743 | - $s8 = $s8->addInt64($s20->mulInt(666643)); |
|
| 2744 | - $s9 = $s9->addInt64($s20->mulInt(470296)); |
|
| 2745 | - $s10 = $s10->addInt64($s20->mulInt(654183)); |
|
| 2746 | - $s11 = $s11->subInt64($s20->mulInt(997805)); |
|
| 2747 | - $s12 = $s12->addInt64($s20->mulInt(136657)); |
|
| 2748 | - $s13 = $s13->subInt64($s20->mulInt(683901)); |
|
| 2749 | - |
|
| 2750 | - $s7 = $s7->addInt64($s19->mulInt(666643)); |
|
| 2751 | - $s8 = $s8->addInt64($s19->mulInt(470296)); |
|
| 2752 | - $s9 = $s9->addInt64($s19->mulInt(654183)); |
|
| 2753 | - $s10 = $s10->subInt64($s19->mulInt(997805)); |
|
| 2754 | - $s11 = $s11->addInt64($s19->mulInt(136657)); |
|
| 2755 | - $s12 = $s12->subInt64($s19->mulInt(683901)); |
|
| 2756 | - |
|
| 2757 | - $s6 = $s6->addInt64($s18->mulInt(666643)); |
|
| 2758 | - $s7 = $s7->addInt64($s18->mulInt(470296)); |
|
| 2759 | - $s8 = $s8->addInt64($s18->mulInt(654183)); |
|
| 2760 | - $s9 = $s9->subInt64($s18->mulInt(997805)); |
|
| 2761 | - $s10 = $s10->addInt64($s18->mulInt(136657)); |
|
| 2762 | - $s11 = $s11->subInt64($s18->mulInt(683901)); |
|
| 2763 | - |
|
| 2764 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2765 | - $s7 = $s7->addInt64($carry6); |
|
| 2766 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2767 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2768 | - $s9 = $s9->addInt64($carry8); |
|
| 2769 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2770 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2771 | - $s11 = $s11->addInt64($carry10); |
|
| 2772 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2773 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 2774 | - $s13 = $s13->addInt64($carry12); |
|
| 2775 | - $s12 = $s12->subInt64($carry12->shiftLeft(21)); |
|
| 2776 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 2777 | - $s15 = $s15->addInt64($carry14); |
|
| 2778 | - $s14 = $s14->subInt64($carry14->shiftLeft(21)); |
|
| 2779 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 2780 | - $s17 = $s17->addInt64($carry16); |
|
| 2781 | - $s16 = $s16->subInt64($carry16->shiftLeft(21)); |
|
| 2782 | - |
|
| 2783 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2784 | - $s8 = $s8->addInt64($carry7); |
|
| 2785 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2786 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2787 | - $s10 = $s10->addInt64($carry9); |
|
| 2788 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2789 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2790 | - $s12 = $s12->addInt64($carry11); |
|
| 2791 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2792 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 2793 | - $s14 = $s14->addInt64($carry13); |
|
| 2794 | - $s13 = $s13->subInt64($carry13->shiftLeft(21)); |
|
| 2795 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 2796 | - $s16 = $s16->addInt64($carry15); |
|
| 2797 | - $s15 = $s15->subInt64($carry15->shiftLeft(21)); |
|
| 2798 | - |
|
| 2799 | - $s5 = $s5->addInt64($s17->mulInt(666643)); |
|
| 2800 | - $s6 = $s6->addInt64($s17->mulInt(470296)); |
|
| 2801 | - $s7 = $s7->addInt64($s17->mulInt(654183)); |
|
| 2802 | - $s8 = $s8->subInt64($s17->mulInt(997805)); |
|
| 2803 | - $s9 = $s9->addInt64($s17->mulInt(136657)); |
|
| 2804 | - $s10 = $s10->subInt64($s17->mulInt(683901)); |
|
| 2805 | - |
|
| 2806 | - $s4 = $s4->addInt64($s16->mulInt(666643)); |
|
| 2807 | - $s5 = $s5->addInt64($s16->mulInt(470296)); |
|
| 2808 | - $s6 = $s6->addInt64($s16->mulInt(654183)); |
|
| 2809 | - $s7 = $s7->subInt64($s16->mulInt(997805)); |
|
| 2810 | - $s8 = $s8->addInt64($s16->mulInt(136657)); |
|
| 2811 | - $s9 = $s9->subInt64($s16->mulInt(683901)); |
|
| 2812 | - |
|
| 2813 | - $s3 = $s3->addInt64($s15->mulInt(666643)); |
|
| 2814 | - $s4 = $s4->addInt64($s15->mulInt(470296)); |
|
| 2815 | - $s5 = $s5->addInt64($s15->mulInt(654183)); |
|
| 2816 | - $s6 = $s6->subInt64($s15->mulInt(997805)); |
|
| 2817 | - $s7 = $s7->addInt64($s15->mulInt(136657)); |
|
| 2818 | - $s8 = $s8->subInt64($s15->mulInt(683901)); |
|
| 2819 | - |
|
| 2820 | - $s2 = $s2->addInt64($s14->mulInt(666643)); |
|
| 2821 | - $s3 = $s3->addInt64($s14->mulInt(470296)); |
|
| 2822 | - $s4 = $s4->addInt64($s14->mulInt(654183)); |
|
| 2823 | - $s5 = $s5->subInt64($s14->mulInt(997805)); |
|
| 2824 | - $s6 = $s6->addInt64($s14->mulInt(136657)); |
|
| 2825 | - $s7 = $s7->subInt64($s14->mulInt(683901)); |
|
| 2826 | - |
|
| 2827 | - $s1 = $s1->addInt64($s13->mulInt(666643)); |
|
| 2828 | - $s2 = $s2->addInt64($s13->mulInt(470296)); |
|
| 2829 | - $s3 = $s3->addInt64($s13->mulInt(654183)); |
|
| 2830 | - $s4 = $s4->subInt64($s13->mulInt(997805)); |
|
| 2831 | - $s5 = $s5->addInt64($s13->mulInt(136657)); |
|
| 2832 | - $s6 = $s6->subInt64($s13->mulInt(683901)); |
|
| 2833 | - |
|
| 2834 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2835 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2836 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2837 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2838 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2839 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2697 | + $s0 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $s, 0, 3 ) ) )->toInt64(); |
|
| 2698 | + $s1 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 2, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2699 | + $s2 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 5, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2700 | + $s3 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 7, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2701 | + $s4 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 10, 4 ) ) >> 4 ) )->toInt64(); |
|
| 2702 | + $s5 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 13, 3 ) ) >> 1 ) )->toInt64(); |
|
| 2703 | + $s6 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 15, 4 ) ) >> 6 ) )->toInt64(); |
|
| 2704 | + $s7 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 18, 4 ) ) >> 3 ) )->toInt64(); |
|
| 2705 | + $s8 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $s, 21, 3 ) ) )->toInt64(); |
|
| 2706 | + $s9 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 23, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2707 | + $s10 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 26, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2708 | + $s11 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 28, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2709 | + $s12 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 31, 4 ) ) >> 4 ) )->toInt64(); |
|
| 2710 | + $s13 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 34, 3 ) ) >> 1 ) )->toInt64(); |
|
| 2711 | + $s14 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 36, 4 ) ) >> 6 ) )->toInt64(); |
|
| 2712 | + $s15 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 39, 4 ) ) >> 3 ) )->toInt64(); |
|
| 2713 | + $s16 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $s, 42, 3 ) ) )->toInt64(); |
|
| 2714 | + $s17 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 44, 4 ) ) >> 5 ) )->toInt64(); |
|
| 2715 | + $s18 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 47, 3 ) ) >> 2 ) )->toInt64(); |
|
| 2716 | + $s19 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 49, 4 ) ) >> 7 ) )->toInt64(); |
|
| 2717 | + $s20 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 52, 4 ) ) >> 4 ) )->toInt64(); |
|
| 2718 | + $s21 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 55, 3 ) ) >> 1 ) )->toInt64(); |
|
| 2719 | + $s22 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 57, 4 ) ) >> 6 ) )->toInt64(); |
|
| 2720 | + $s23 = ParagonIE_Sodium_Core32_Int32::fromInt( 0x1fffffff & ( self::load_4( self::substr( $s, 60, 4 ) ) >> 3 ) )->toInt64(); |
|
| 2721 | + |
|
| 2722 | + $s11 = $s11->addInt64( $s23->mulInt( 666643 ) ); |
|
| 2723 | + $s12 = $s12->addInt64( $s23->mulInt( 470296 ) ); |
|
| 2724 | + $s13 = $s13->addInt64( $s23->mulInt( 654183 ) ); |
|
| 2725 | + $s14 = $s14->subInt64( $s23->mulInt( 997805 ) ); |
|
| 2726 | + $s15 = $s15->addInt64( $s23->mulInt( 136657 ) ); |
|
| 2727 | + $s16 = $s16->subInt64( $s23->mulInt( 683901 ) ); |
|
| 2728 | + |
|
| 2729 | + $s10 = $s10->addInt64( $s22->mulInt( 666643 ) ); |
|
| 2730 | + $s11 = $s11->addInt64( $s22->mulInt( 470296 ) ); |
|
| 2731 | + $s12 = $s12->addInt64( $s22->mulInt( 654183 ) ); |
|
| 2732 | + $s13 = $s13->subInt64( $s22->mulInt( 997805 ) ); |
|
| 2733 | + $s14 = $s14->addInt64( $s22->mulInt( 136657 ) ); |
|
| 2734 | + $s15 = $s15->subInt64( $s22->mulInt( 683901 ) ); |
|
| 2735 | + |
|
| 2736 | + $s9 = $s9->addInt64( $s21->mulInt( 666643 ) ); |
|
| 2737 | + $s10 = $s10->addInt64( $s21->mulInt( 470296 ) ); |
|
| 2738 | + $s11 = $s11->addInt64( $s21->mulInt( 654183 ) ); |
|
| 2739 | + $s12 = $s12->subInt64( $s21->mulInt( 997805 ) ); |
|
| 2740 | + $s13 = $s13->addInt64( $s21->mulInt( 136657 ) ); |
|
| 2741 | + $s14 = $s14->subInt64( $s21->mulInt( 683901 ) ); |
|
| 2742 | + |
|
| 2743 | + $s8 = $s8->addInt64( $s20->mulInt( 666643 ) ); |
|
| 2744 | + $s9 = $s9->addInt64( $s20->mulInt( 470296 ) ); |
|
| 2745 | + $s10 = $s10->addInt64( $s20->mulInt( 654183 ) ); |
|
| 2746 | + $s11 = $s11->subInt64( $s20->mulInt( 997805 ) ); |
|
| 2747 | + $s12 = $s12->addInt64( $s20->mulInt( 136657 ) ); |
|
| 2748 | + $s13 = $s13->subInt64( $s20->mulInt( 683901 ) ); |
|
| 2749 | + |
|
| 2750 | + $s7 = $s7->addInt64( $s19->mulInt( 666643 ) ); |
|
| 2751 | + $s8 = $s8->addInt64( $s19->mulInt( 470296 ) ); |
|
| 2752 | + $s9 = $s9->addInt64( $s19->mulInt( 654183 ) ); |
|
| 2753 | + $s10 = $s10->subInt64( $s19->mulInt( 997805 ) ); |
|
| 2754 | + $s11 = $s11->addInt64( $s19->mulInt( 136657 ) ); |
|
| 2755 | + $s12 = $s12->subInt64( $s19->mulInt( 683901 ) ); |
|
| 2756 | + |
|
| 2757 | + $s6 = $s6->addInt64( $s18->mulInt( 666643 ) ); |
|
| 2758 | + $s7 = $s7->addInt64( $s18->mulInt( 470296 ) ); |
|
| 2759 | + $s8 = $s8->addInt64( $s18->mulInt( 654183 ) ); |
|
| 2760 | + $s9 = $s9->subInt64( $s18->mulInt( 997805 ) ); |
|
| 2761 | + $s10 = $s10->addInt64( $s18->mulInt( 136657 ) ); |
|
| 2762 | + $s11 = $s11->subInt64( $s18->mulInt( 683901 ) ); |
|
| 2763 | + |
|
| 2764 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2765 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2766 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2767 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2768 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2769 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2770 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2771 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2772 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2773 | + $carry12 = $s12->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2774 | + $s13 = $s13->addInt64( $carry12 ); |
|
| 2775 | + $s12 = $s12->subInt64( $carry12->shiftLeft( 21 ) ); |
|
| 2776 | + $carry14 = $s14->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2777 | + $s15 = $s15->addInt64( $carry14 ); |
|
| 2778 | + $s14 = $s14->subInt64( $carry14->shiftLeft( 21 ) ); |
|
| 2779 | + $carry16 = $s16->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2780 | + $s17 = $s17->addInt64( $carry16 ); |
|
| 2781 | + $s16 = $s16->subInt64( $carry16->shiftLeft( 21 ) ); |
|
| 2782 | + |
|
| 2783 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2784 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2785 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2786 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2787 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2788 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2789 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2790 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2791 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2792 | + $carry13 = $s13->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2793 | + $s14 = $s14->addInt64( $carry13 ); |
|
| 2794 | + $s13 = $s13->subInt64( $carry13->shiftLeft( 21 ) ); |
|
| 2795 | + $carry15 = $s15->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2796 | + $s16 = $s16->addInt64( $carry15 ); |
|
| 2797 | + $s15 = $s15->subInt64( $carry15->shiftLeft( 21 ) ); |
|
| 2798 | + |
|
| 2799 | + $s5 = $s5->addInt64( $s17->mulInt( 666643 ) ); |
|
| 2800 | + $s6 = $s6->addInt64( $s17->mulInt( 470296 ) ); |
|
| 2801 | + $s7 = $s7->addInt64( $s17->mulInt( 654183 ) ); |
|
| 2802 | + $s8 = $s8->subInt64( $s17->mulInt( 997805 ) ); |
|
| 2803 | + $s9 = $s9->addInt64( $s17->mulInt( 136657 ) ); |
|
| 2804 | + $s10 = $s10->subInt64( $s17->mulInt( 683901 ) ); |
|
| 2805 | + |
|
| 2806 | + $s4 = $s4->addInt64( $s16->mulInt( 666643 ) ); |
|
| 2807 | + $s5 = $s5->addInt64( $s16->mulInt( 470296 ) ); |
|
| 2808 | + $s6 = $s6->addInt64( $s16->mulInt( 654183 ) ); |
|
| 2809 | + $s7 = $s7->subInt64( $s16->mulInt( 997805 ) ); |
|
| 2810 | + $s8 = $s8->addInt64( $s16->mulInt( 136657 ) ); |
|
| 2811 | + $s9 = $s9->subInt64( $s16->mulInt( 683901 ) ); |
|
| 2812 | + |
|
| 2813 | + $s3 = $s3->addInt64( $s15->mulInt( 666643 ) ); |
|
| 2814 | + $s4 = $s4->addInt64( $s15->mulInt( 470296 ) ); |
|
| 2815 | + $s5 = $s5->addInt64( $s15->mulInt( 654183 ) ); |
|
| 2816 | + $s6 = $s6->subInt64( $s15->mulInt( 997805 ) ); |
|
| 2817 | + $s7 = $s7->addInt64( $s15->mulInt( 136657 ) ); |
|
| 2818 | + $s8 = $s8->subInt64( $s15->mulInt( 683901 ) ); |
|
| 2819 | + |
|
| 2820 | + $s2 = $s2->addInt64( $s14->mulInt( 666643 ) ); |
|
| 2821 | + $s3 = $s3->addInt64( $s14->mulInt( 470296 ) ); |
|
| 2822 | + $s4 = $s4->addInt64( $s14->mulInt( 654183 ) ); |
|
| 2823 | + $s5 = $s5->subInt64( $s14->mulInt( 997805 ) ); |
|
| 2824 | + $s6 = $s6->addInt64( $s14->mulInt( 136657 ) ); |
|
| 2825 | + $s7 = $s7->subInt64( $s14->mulInt( 683901 ) ); |
|
| 2826 | + |
|
| 2827 | + $s1 = $s1->addInt64( $s13->mulInt( 666643 ) ); |
|
| 2828 | + $s2 = $s2->addInt64( $s13->mulInt( 470296 ) ); |
|
| 2829 | + $s3 = $s3->addInt64( $s13->mulInt( 654183 ) ); |
|
| 2830 | + $s4 = $s4->subInt64( $s13->mulInt( 997805 ) ); |
|
| 2831 | + $s5 = $s5->addInt64( $s13->mulInt( 136657 ) ); |
|
| 2832 | + $s6 = $s6->subInt64( $s13->mulInt( 683901 ) ); |
|
| 2833 | + |
|
| 2834 | + $s0 = $s0->addInt64( $s12->mulInt( 666643 ) ); |
|
| 2835 | + $s1 = $s1->addInt64( $s12->mulInt( 470296 ) ); |
|
| 2836 | + $s2 = $s2->addInt64( $s12->mulInt( 654183 ) ); |
|
| 2837 | + $s3 = $s3->subInt64( $s12->mulInt( 997805 ) ); |
|
| 2838 | + $s4 = $s4->addInt64( $s12->mulInt( 136657 ) ); |
|
| 2839 | + $s5 = $s5->subInt64( $s12->mulInt( 683901 ) ); |
|
| 2840 | 2840 | $s12 = new ParagonIE_Sodium_Core32_Int64(); |
| 2841 | 2841 | |
| 2842 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 2843 | - $s1 = $s1->addInt64($carry0); |
|
| 2844 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2845 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 2846 | - $s3 = $s3->addInt64($carry2); |
|
| 2847 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2848 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 2849 | - $s5 = $s5->addInt64($carry4); |
|
| 2850 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2851 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 2852 | - $s7 = $s7->addInt64($carry6); |
|
| 2853 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2854 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 2855 | - $s9 = $s9->addInt64($carry8); |
|
| 2856 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2857 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 2858 | - $s11 = $s11->addInt64($carry10); |
|
| 2859 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2860 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 2861 | - $s2 = $s2->addInt64($carry1); |
|
| 2862 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2863 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 2864 | - $s4 = $s4->addInt64($carry3); |
|
| 2865 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2866 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 2867 | - $s6 = $s6->addInt64($carry5); |
|
| 2868 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2869 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 2870 | - $s8 = $s8->addInt64($carry7); |
|
| 2871 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2872 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 2873 | - $s10 = $s10->addInt64($carry9); |
|
| 2874 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2875 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 2876 | - $s12 = $s12->addInt64($carry11); |
|
| 2877 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2878 | - |
|
| 2879 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2880 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2881 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2882 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2883 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2884 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2842 | + $carry0 = $s0->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2843 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2844 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2845 | + $carry2 = $s2->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2846 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2847 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2848 | + $carry4 = $s4->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2849 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2850 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2851 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2852 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2853 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2854 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2855 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2856 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2857 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2858 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2859 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2860 | + $carry1 = $s1->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2861 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2862 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2863 | + $carry3 = $s3->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2864 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2865 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2866 | + $carry5 = $s5->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2867 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2868 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2869 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2870 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2871 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2872 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2873 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2874 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2875 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 2876 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2877 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2878 | + |
|
| 2879 | + $s0 = $s0->addInt64( $s12->mulInt( 666643 ) ); |
|
| 2880 | + $s1 = $s1->addInt64( $s12->mulInt( 470296 ) ); |
|
| 2881 | + $s2 = $s2->addInt64( $s12->mulInt( 654183 ) ); |
|
| 2882 | + $s3 = $s3->subInt64( $s12->mulInt( 997805 ) ); |
|
| 2883 | + $s4 = $s4->addInt64( $s12->mulInt( 136657 ) ); |
|
| 2884 | + $s5 = $s5->subInt64( $s12->mulInt( 683901 ) ); |
|
| 2885 | 2885 | $s12 = new ParagonIE_Sodium_Core32_Int64(); |
| 2886 | 2886 | |
| 2887 | - $carry0 = $s0->shiftRight(21); |
|
| 2888 | - $s1 = $s1->addInt64($carry0); |
|
| 2889 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2890 | - $carry1 = $s1->shiftRight(21); |
|
| 2891 | - $s2 = $s2->addInt64($carry1); |
|
| 2892 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2893 | - $carry2 = $s2->shiftRight(21); |
|
| 2894 | - $s3 = $s3->addInt64($carry2); |
|
| 2895 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2896 | - $carry3 = $s3->shiftRight(21); |
|
| 2897 | - $s4 = $s4->addInt64($carry3); |
|
| 2898 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2899 | - $carry4 = $s4->shiftRight(21); |
|
| 2900 | - $s5 = $s5->addInt64($carry4); |
|
| 2901 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2902 | - $carry5 = $s5->shiftRight(21); |
|
| 2903 | - $s6 = $s6->addInt64($carry5); |
|
| 2904 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2905 | - $carry6 = $s6->shiftRight(21); |
|
| 2906 | - $s7 = $s7->addInt64($carry6); |
|
| 2907 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2908 | - $carry7 = $s7->shiftRight(21); |
|
| 2909 | - $s8 = $s8->addInt64($carry7); |
|
| 2910 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2911 | - $carry8 = $s8->shiftRight(21); |
|
| 2912 | - $s9 = $s9->addInt64($carry8); |
|
| 2913 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2914 | - $carry9 = $s9->shiftRight(21); |
|
| 2915 | - $s10 = $s10->addInt64($carry9); |
|
| 2916 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2917 | - $carry10 = $s10->shiftRight(21); |
|
| 2918 | - $s11 = $s11->addInt64($carry10); |
|
| 2919 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2920 | - $carry11 = $s11->shiftRight(21); |
|
| 2921 | - $s12 = $s12->addInt64($carry11); |
|
| 2922 | - $s11 = $s11->subInt64($carry11->shiftLeft(21)); |
|
| 2923 | - |
|
| 2924 | - $s0 = $s0->addInt64($s12->mulInt(666643)); |
|
| 2925 | - $s1 = $s1->addInt64($s12->mulInt(470296)); |
|
| 2926 | - $s2 = $s2->addInt64($s12->mulInt(654183)); |
|
| 2927 | - $s3 = $s3->subInt64($s12->mulInt(997805)); |
|
| 2928 | - $s4 = $s4->addInt64($s12->mulInt(136657)); |
|
| 2929 | - $s5 = $s5->subInt64($s12->mulInt(683901)); |
|
| 2930 | - |
|
| 2931 | - $carry0 = $s0->shiftRight(21); |
|
| 2932 | - $s1 = $s1->addInt64($carry0); |
|
| 2933 | - $s0 = $s0->subInt64($carry0->shiftLeft(21)); |
|
| 2934 | - $carry1 = $s1->shiftRight(21); |
|
| 2935 | - $s2 = $s2->addInt64($carry1); |
|
| 2936 | - $s1 = $s1->subInt64($carry1->shiftLeft(21)); |
|
| 2937 | - $carry2 = $s2->shiftRight(21); |
|
| 2938 | - $s3 = $s3->addInt64($carry2); |
|
| 2939 | - $s2 = $s2->subInt64($carry2->shiftLeft(21)); |
|
| 2940 | - $carry3 = $s3->shiftRight(21); |
|
| 2941 | - $s4 = $s4->addInt64($carry3); |
|
| 2942 | - $s3 = $s3->subInt64($carry3->shiftLeft(21)); |
|
| 2943 | - $carry4 = $s4->shiftRight(21); |
|
| 2944 | - $s5 = $s5->addInt64($carry4); |
|
| 2945 | - $s4 = $s4->subInt64($carry4->shiftLeft(21)); |
|
| 2946 | - $carry5 = $s5->shiftRight(21); |
|
| 2947 | - $s6 = $s6->addInt64($carry5); |
|
| 2948 | - $s5 = $s5->subInt64($carry5->shiftLeft(21)); |
|
| 2949 | - $carry6 = $s6->shiftRight(21); |
|
| 2950 | - $s7 = $s7->addInt64($carry6); |
|
| 2951 | - $s6 = $s6->subInt64($carry6->shiftLeft(21)); |
|
| 2952 | - $carry7 = $s7->shiftRight(21); |
|
| 2953 | - $s8 = $s8->addInt64($carry7); |
|
| 2954 | - $s7 = $s7->subInt64($carry7->shiftLeft(21)); |
|
| 2955 | - $carry8 = $s8->shiftRight(21); |
|
| 2956 | - $s9 = $s9->addInt64($carry8); |
|
| 2957 | - $s8 = $s8->subInt64($carry8->shiftLeft(21)); |
|
| 2958 | - $carry9 = $s9->shiftRight(21); |
|
| 2959 | - $s10 = $s10->addInt64($carry9); |
|
| 2960 | - $s9 = $s9->subInt64($carry9->shiftLeft(21)); |
|
| 2961 | - $carry10 = $s10->shiftRight(21); |
|
| 2962 | - $s11 = $s11->addInt64($carry10); |
|
| 2963 | - $s10 = $s10->subInt64($carry10->shiftLeft(21)); |
|
| 2887 | + $carry0 = $s0->shiftRight( 21 ); |
|
| 2888 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2889 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2890 | + $carry1 = $s1->shiftRight( 21 ); |
|
| 2891 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2892 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2893 | + $carry2 = $s2->shiftRight( 21 ); |
|
| 2894 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2895 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2896 | + $carry3 = $s3->shiftRight( 21 ); |
|
| 2897 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2898 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2899 | + $carry4 = $s4->shiftRight( 21 ); |
|
| 2900 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2901 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2902 | + $carry5 = $s5->shiftRight( 21 ); |
|
| 2903 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2904 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2905 | + $carry6 = $s6->shiftRight( 21 ); |
|
| 2906 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2907 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2908 | + $carry7 = $s7->shiftRight( 21 ); |
|
| 2909 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2910 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2911 | + $carry8 = $s8->shiftRight( 21 ); |
|
| 2912 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2913 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2914 | + $carry9 = $s9->shiftRight( 21 ); |
|
| 2915 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2916 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2917 | + $carry10 = $s10->shiftRight( 21 ); |
|
| 2918 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2919 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2920 | + $carry11 = $s11->shiftRight( 21 ); |
|
| 2921 | + $s12 = $s12->addInt64( $carry11 ); |
|
| 2922 | + $s11 = $s11->subInt64( $carry11->shiftLeft( 21 ) ); |
|
| 2923 | + |
|
| 2924 | + $s0 = $s0->addInt64( $s12->mulInt( 666643 ) ); |
|
| 2925 | + $s1 = $s1->addInt64( $s12->mulInt( 470296 ) ); |
|
| 2926 | + $s2 = $s2->addInt64( $s12->mulInt( 654183 ) ); |
|
| 2927 | + $s3 = $s3->subInt64( $s12->mulInt( 997805 ) ); |
|
| 2928 | + $s4 = $s4->addInt64( $s12->mulInt( 136657 ) ); |
|
| 2929 | + $s5 = $s5->subInt64( $s12->mulInt( 683901 ) ); |
|
| 2930 | + |
|
| 2931 | + $carry0 = $s0->shiftRight( 21 ); |
|
| 2932 | + $s1 = $s1->addInt64( $carry0 ); |
|
| 2933 | + $s0 = $s0->subInt64( $carry0->shiftLeft( 21 ) ); |
|
| 2934 | + $carry1 = $s1->shiftRight( 21 ); |
|
| 2935 | + $s2 = $s2->addInt64( $carry1 ); |
|
| 2936 | + $s1 = $s1->subInt64( $carry1->shiftLeft( 21 ) ); |
|
| 2937 | + $carry2 = $s2->shiftRight( 21 ); |
|
| 2938 | + $s3 = $s3->addInt64( $carry2 ); |
|
| 2939 | + $s2 = $s2->subInt64( $carry2->shiftLeft( 21 ) ); |
|
| 2940 | + $carry3 = $s3->shiftRight( 21 ); |
|
| 2941 | + $s4 = $s4->addInt64( $carry3 ); |
|
| 2942 | + $s3 = $s3->subInt64( $carry3->shiftLeft( 21 ) ); |
|
| 2943 | + $carry4 = $s4->shiftRight( 21 ); |
|
| 2944 | + $s5 = $s5->addInt64( $carry4 ); |
|
| 2945 | + $s4 = $s4->subInt64( $carry4->shiftLeft( 21 ) ); |
|
| 2946 | + $carry5 = $s5->shiftRight( 21 ); |
|
| 2947 | + $s6 = $s6->addInt64( $carry5 ); |
|
| 2948 | + $s5 = $s5->subInt64( $carry5->shiftLeft( 21 ) ); |
|
| 2949 | + $carry6 = $s6->shiftRight( 21 ); |
|
| 2950 | + $s7 = $s7->addInt64( $carry6 ); |
|
| 2951 | + $s6 = $s6->subInt64( $carry6->shiftLeft( 21 ) ); |
|
| 2952 | + $carry7 = $s7->shiftRight( 21 ); |
|
| 2953 | + $s8 = $s8->addInt64( $carry7 ); |
|
| 2954 | + $s7 = $s7->subInt64( $carry7->shiftLeft( 21 ) ); |
|
| 2955 | + $carry8 = $s8->shiftRight( 21 ); |
|
| 2956 | + $s9 = $s9->addInt64( $carry8 ); |
|
| 2957 | + $s8 = $s8->subInt64( $carry8->shiftLeft( 21 ) ); |
|
| 2958 | + $carry9 = $s9->shiftRight( 21 ); |
|
| 2959 | + $s10 = $s10->addInt64( $carry9 ); |
|
| 2960 | + $s9 = $s9->subInt64( $carry9->shiftLeft( 21 ) ); |
|
| 2961 | + $carry10 = $s10->shiftRight( 21 ); |
|
| 2962 | + $s11 = $s11->addInt64( $carry10 ); |
|
| 2963 | + $s10 = $s10->subInt64( $carry10->shiftLeft( 21 ) ); |
|
| 2964 | 2964 | |
| 2965 | 2965 | $S0 = $s0->toInt32()->toInt(); |
| 2966 | 2966 | $S1 = $s1->toInt32()->toInt(); |
@@ -2979,40 +2979,40 @@ discard block |
||
| 2979 | 2979 | * @var array<int, int> |
| 2980 | 2980 | */ |
| 2981 | 2981 | $arr = array( |
| 2982 | - (int) ($S0 >> 0), |
|
| 2983 | - (int) ($S0 >> 8), |
|
| 2984 | - (int) (($S0 >> 16) | self::mul($S1, 1 << 5)), |
|
| 2985 | - (int) ($S1 >> 3), |
|
| 2986 | - (int) ($S1 >> 11), |
|
| 2987 | - (int) (($S1 >> 19) | self::mul($S2, 1 << 2)), |
|
| 2988 | - (int) ($S2 >> 6), |
|
| 2989 | - (int) (($S2 >> 14) | self::mul($S3, 1 << 7)), |
|
| 2990 | - (int) ($S3 >> 1), |
|
| 2991 | - (int) ($S3 >> 9), |
|
| 2992 | - (int) (($S3 >> 17) | self::mul($S4, 1 << 4)), |
|
| 2993 | - (int) ($S4 >> 4), |
|
| 2994 | - (int) ($S4 >> 12), |
|
| 2995 | - (int) (($S4 >> 20) | self::mul($S5, 1 << 1)), |
|
| 2996 | - (int) ($S5 >> 7), |
|
| 2997 | - (int) (($S5 >> 15) | self::mul($S6, 1 << 6)), |
|
| 2998 | - (int) ($S6 >> 2), |
|
| 2999 | - (int) ($S6 >> 10), |
|
| 3000 | - (int) (($S6 >> 18) | self::mul($S7, 1 << 3)), |
|
| 3001 | - (int) ($S7 >> 5), |
|
| 3002 | - (int) ($S7 >> 13), |
|
| 3003 | - (int) ($S8 >> 0), |
|
| 3004 | - (int) ($S8 >> 8), |
|
| 3005 | - (int) (($S8 >> 16) | self::mul($S9, 1 << 5)), |
|
| 3006 | - (int) ($S9 >> 3), |
|
| 3007 | - (int) ($S9 >> 11), |
|
| 3008 | - (int) (($S9 >> 19) | self::mul($S10, 1 << 2)), |
|
| 3009 | - (int) ($S10 >> 6), |
|
| 3010 | - (int) (($S10 >> 14) | self::mul($S11, 1 << 7)), |
|
| 3011 | - (int) ($S11 >> 1), |
|
| 3012 | - (int) ($S11 >> 9), |
|
| 2982 | + (int) ( $S0 >> 0 ), |
|
| 2983 | + (int) ( $S0 >> 8 ), |
|
| 2984 | + (int) ( ( $S0 >> 16 ) | self::mul( $S1, 1 << 5 ) ), |
|
| 2985 | + (int) ( $S1 >> 3 ), |
|
| 2986 | + (int) ( $S1 >> 11 ), |
|
| 2987 | + (int) ( ( $S1 >> 19 ) | self::mul( $S2, 1 << 2 ) ), |
|
| 2988 | + (int) ( $S2 >> 6 ), |
|
| 2989 | + (int) ( ( $S2 >> 14 ) | self::mul( $S3, 1 << 7 ) ), |
|
| 2990 | + (int) ( $S3 >> 1 ), |
|
| 2991 | + (int) ( $S3 >> 9 ), |
|
| 2992 | + (int) ( ( $S3 >> 17 ) | self::mul( $S4, 1 << 4 ) ), |
|
| 2993 | + (int) ( $S4 >> 4 ), |
|
| 2994 | + (int) ( $S4 >> 12 ), |
|
| 2995 | + (int) ( ( $S4 >> 20 ) | self::mul( $S5, 1 << 1 ) ), |
|
| 2996 | + (int) ( $S5 >> 7 ), |
|
| 2997 | + (int) ( ( $S5 >> 15 ) | self::mul( $S6, 1 << 6 ) ), |
|
| 2998 | + (int) ( $S6 >> 2 ), |
|
| 2999 | + (int) ( $S6 >> 10 ), |
|
| 3000 | + (int) ( ( $S6 >> 18 ) | self::mul( $S7, 1 << 3 ) ), |
|
| 3001 | + (int) ( $S7 >> 5 ), |
|
| 3002 | + (int) ( $S7 >> 13 ), |
|
| 3003 | + (int) ( $S8 >> 0 ), |
|
| 3004 | + (int) ( $S8 >> 8 ), |
|
| 3005 | + (int) ( ( $S8 >> 16 ) | self::mul( $S9, 1 << 5 ) ), |
|
| 3006 | + (int) ( $S9 >> 3 ), |
|
| 3007 | + (int) ( $S9 >> 11 ), |
|
| 3008 | + (int) ( ( $S9 >> 19 ) | self::mul( $S10, 1 << 2 ) ), |
|
| 3009 | + (int) ( $S10 >> 6 ), |
|
| 3010 | + (int) ( ( $S10 >> 14 ) | self::mul( $S11, 1 << 7 ) ), |
|
| 3011 | + (int) ( $S11 >> 1 ), |
|
| 3012 | + (int) ( $S11 >> 9 ), |
|
| 3013 | 3013 | (int) $S11 >> 17 |
| 3014 | 3014 | ); |
| 3015 | - return self::intArrayToString($arr); |
|
| 3015 | + return self::intArrayToString( $arr ); |
|
| 3016 | 3016 | } |
| 3017 | 3017 | |
| 3018 | 3018 | /** |
@@ -3021,7 +3021,7 @@ discard block |
||
| 3021 | 3021 | * @param string $s |
| 3022 | 3022 | * @return string |
| 3023 | 3023 | */ |
| 3024 | - public static function sc_reduce_old($s) |
|
| 3024 | + public static function sc_reduce_old( $s ) |
|
| 3025 | 3025 | { |
| 3026 | 3026 | /** |
| 3027 | 3027 | * @var ParagonIE_Sodium_Core32_Int32 $s0 |
@@ -3049,282 +3049,282 @@ discard block |
||
| 3049 | 3049 | * @var ParagonIE_Sodium_Core32_Int32 $s22 |
| 3050 | 3050 | * @var ParagonIE_Sodium_Core32_Int32 $s23 |
| 3051 | 3051 | */ |
| 3052 | - $s0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 0, 3))); |
|
| 3053 | - $s1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 2, 4)) >> 5)); |
|
| 3054 | - $s2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 5, 3)) >> 2)); |
|
| 3055 | - $s3 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 7, 4)) >> 7)); |
|
| 3056 | - $s4 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 10, 4)) >> 4)); |
|
| 3057 | - $s5 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 13, 3)) >> 1)); |
|
| 3058 | - $s6 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 15, 4)) >> 6)); |
|
| 3059 | - $s7 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 18, 4)) >> 3)); |
|
| 3060 | - $s8 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 21, 3))); |
|
| 3061 | - $s9 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 23, 4)) >> 5)); |
|
| 3062 | - $s10 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 26, 3)) >> 2)); |
|
| 3063 | - $s11 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 28, 4)) >> 7)); |
|
| 3064 | - $s12 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 31, 4)) >> 4)); |
|
| 3065 | - $s13 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 34, 3)) >> 1)); |
|
| 3066 | - $s14 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 36, 4)) >> 6)); |
|
| 3067 | - $s15 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 39, 4)) >> 3)); |
|
| 3068 | - $s16 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($s, 42, 3))); |
|
| 3069 | - $s17 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 44, 4)) >> 5)); |
|
| 3070 | - $s18 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 47, 3)) >> 2)); |
|
| 3071 | - $s19 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 49, 4)) >> 7)); |
|
| 3072 | - $s20 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 52, 4)) >> 4)); |
|
| 3073 | - $s21 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($s, 55, 3)) >> 1)); |
|
| 3074 | - $s22 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($s, 57, 4)) >> 6)); |
|
| 3075 | - $s23 = ParagonIE_Sodium_Core32_Int32::fromInt(self::load_4(self::substr($s, 60, 4)) >> 3); |
|
| 3076 | - |
|
| 3077 | - $s11 = $s11->addInt32($s23->mulInt(666643)); |
|
| 3078 | - $s12 = $s12->addInt32($s23->mulInt(470296)); |
|
| 3079 | - $s13 = $s13->addInt32($s23->mulInt(654183)); |
|
| 3080 | - $s14 = $s14->subInt32($s23->mulInt(997805)); |
|
| 3081 | - $s15 = $s15->addInt32($s23->mulInt(136657)); |
|
| 3082 | - $s16 = $s16->subInt32($s23->mulInt(683901)); |
|
| 3083 | - |
|
| 3084 | - $s10 = $s10->addInt32($s22->mulInt(666643)); |
|
| 3085 | - $s11 = $s11->addInt32($s22->mulInt(470296)); |
|
| 3086 | - $s12 = $s12->addInt32($s22->mulInt(654183)); |
|
| 3087 | - $s13 = $s13->subInt32($s22->mulInt(997805)); |
|
| 3088 | - $s14 = $s14->addInt32($s22->mulInt(136657)); |
|
| 3089 | - $s15 = $s15->subInt32($s22->mulInt(683901)); |
|
| 3090 | - |
|
| 3091 | - $s9 = $s9->addInt32($s21->mulInt(666643)); |
|
| 3092 | - $s10 = $s10->addInt32($s21->mulInt(470296)); |
|
| 3093 | - $s11 = $s11->addInt32($s21->mulInt(654183)); |
|
| 3094 | - $s12 = $s12->subInt32($s21->mulInt(997805)); |
|
| 3095 | - $s13 = $s13->addInt32($s21->mulInt(136657)); |
|
| 3096 | - $s14 = $s14->subInt32($s21->mulInt(683901)); |
|
| 3097 | - |
|
| 3098 | - $s8 = $s8->addInt32($s20->mulInt(666643)); |
|
| 3099 | - $s9 = $s9->addInt32($s20->mulInt(470296)); |
|
| 3100 | - $s10 = $s10->addInt32($s20->mulInt(654183)); |
|
| 3101 | - $s11 = $s11->subInt32($s20->mulInt(997805)); |
|
| 3102 | - $s12 = $s12->addInt32($s20->mulInt(136657)); |
|
| 3103 | - $s13 = $s13->subInt32($s20->mulInt(683901)); |
|
| 3104 | - |
|
| 3105 | - $s7 = $s7->addInt32($s19->mulInt(666643)); |
|
| 3106 | - $s8 = $s8->addInt32($s19->mulInt(470296)); |
|
| 3107 | - $s9 = $s9->addInt32($s19->mulInt(654183)); |
|
| 3108 | - $s10 = $s10->subInt32($s19->mulInt(997805)); |
|
| 3109 | - $s11 = $s11->addInt32($s19->mulInt(136657)); |
|
| 3110 | - $s12 = $s12->subInt32($s19->mulInt(683901)); |
|
| 3111 | - |
|
| 3112 | - $s6 = $s6->addInt32($s18->mulInt(666643)); |
|
| 3113 | - $s7 = $s7->addInt32($s18->mulInt(470296)); |
|
| 3114 | - $s8 = $s8->addInt32($s18->mulInt(654183)); |
|
| 3115 | - $s9 = $s9->subInt32($s18->mulInt(997805)); |
|
| 3116 | - $s10 = $s10->addInt32($s18->mulInt(136657)); |
|
| 3117 | - $s11 = $s11->subInt32($s18->mulInt(683901)); |
|
| 3118 | - |
|
| 3119 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 3120 | - $s7 = $s7->addInt32($carry6); |
|
| 3121 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3122 | - |
|
| 3123 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 3124 | - $s9 = $s9->addInt32($carry8); |
|
| 3125 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3126 | - |
|
| 3127 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 3128 | - $s11 = $s11->addInt32($carry10); |
|
| 3129 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3130 | - |
|
| 3131 | - $carry12 = $s12->addInt(1 << 20)->shiftRight(21); |
|
| 3132 | - $s13 = $s13->addInt32($carry12); |
|
| 3133 | - $s12 = $s12->subInt32($carry12->shiftLeft(21)); |
|
| 3134 | - |
|
| 3135 | - $carry14 = $s14->addInt(1 << 20)->shiftRight(21); |
|
| 3136 | - $s15 = $s15->addInt32($carry14); |
|
| 3137 | - $s14 = $s14->subInt32($carry14->shiftLeft(21)); |
|
| 3138 | - |
|
| 3139 | - $carry16 = $s16->addInt(1 << 20)->shiftRight(21); |
|
| 3140 | - $s17 = $s17->addInt32($carry16); |
|
| 3141 | - $s16 = $s16->subInt32($carry16->shiftLeft(21)); |
|
| 3142 | - |
|
| 3143 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 3144 | - $s8 = $s8->addInt32($carry7); |
|
| 3145 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3146 | - |
|
| 3147 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 3148 | - $s10 = $s10->addInt32($carry9); |
|
| 3149 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3150 | - |
|
| 3151 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 3152 | - $s12 = $s12->addInt32($carry11); |
|
| 3153 | - $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3154 | - |
|
| 3155 | - $carry13 = $s13->addInt(1 << 20)->shiftRight(21); |
|
| 3156 | - $s14 = $s14->addInt32($carry13); |
|
| 3157 | - $s13 = $s13->subInt32($carry13->shiftLeft(21)); |
|
| 3158 | - |
|
| 3159 | - $carry15 = $s15->addInt(1 << 20)->shiftRight(21); |
|
| 3160 | - $s16 = $s16->addInt32($carry15); |
|
| 3161 | - $s15 = $s15->subInt32($carry15->shiftLeft(21)); |
|
| 3162 | - |
|
| 3163 | - $s5 = $s5->addInt32($s17->mulInt(666643)); |
|
| 3164 | - $s6 = $s6->addInt32($s17->mulInt(470296)); |
|
| 3165 | - $s7 = $s7->addInt32($s17->mulInt(654183)); |
|
| 3166 | - $s8 = $s8->subInt32($s17->mulInt(997805)); |
|
| 3167 | - $s9 = $s9->addInt32($s17->mulInt(136657)); |
|
| 3168 | - $s10 = $s10->subInt32($s17->mulInt(683901)); |
|
| 3169 | - |
|
| 3170 | - $s4 = $s4->addInt32($s16->mulInt(666643)); |
|
| 3171 | - $s5 = $s5->addInt32($s16->mulInt(470296)); |
|
| 3172 | - $s6 = $s6->addInt32($s16->mulInt(654183)); |
|
| 3173 | - $s7 = $s7->subInt32($s16->mulInt(997805)); |
|
| 3174 | - $s8 = $s8->addInt32($s16->mulInt(136657)); |
|
| 3175 | - $s9 = $s9->subInt32($s16->mulInt(683901)); |
|
| 3176 | - |
|
| 3177 | - $s3 = $s3->addInt32($s15->mulInt(666643)); |
|
| 3178 | - $s4 = $s4->addInt32($s15->mulInt(470296)); |
|
| 3179 | - $s5 = $s5->addInt32($s15->mulInt(654183)); |
|
| 3180 | - $s6 = $s6->subInt32($s15->mulInt(997805)); |
|
| 3181 | - $s7 = $s7->addInt32($s15->mulInt(136657)); |
|
| 3182 | - $s8 = $s8->subInt32($s15->mulInt(683901)); |
|
| 3183 | - |
|
| 3184 | - $s2 = $s2->addInt32($s14->mulInt(666643)); |
|
| 3185 | - $s3 = $s3->addInt32($s14->mulInt(470296)); |
|
| 3186 | - $s4 = $s4->addInt32($s14->mulInt(654183)); |
|
| 3187 | - $s5 = $s5->subInt32($s14->mulInt(997805)); |
|
| 3188 | - $s6 = $s6->addInt32($s14->mulInt(136657)); |
|
| 3189 | - $s7 = $s7->subInt32($s14->mulInt(683901)); |
|
| 3190 | - |
|
| 3191 | - $s1 = $s1->addInt32($s13->mulInt(666643)); |
|
| 3192 | - $s2 = $s2->addInt32($s13->mulInt(470296)); |
|
| 3193 | - $s3 = $s3->addInt32($s13->mulInt(654183)); |
|
| 3194 | - $s4 = $s4->subInt32($s13->mulInt(997805)); |
|
| 3195 | - $s5 = $s5->addInt32($s13->mulInt(136657)); |
|
| 3196 | - $s6 = $s6->subInt32($s13->mulInt(683901)); |
|
| 3197 | - |
|
| 3198 | - $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3199 | - $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3200 | - $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3201 | - $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3202 | - $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3203 | - $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3052 | + $s0 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $s, 0, 3 ) ) ); |
|
| 3053 | + $s1 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 2, 4 ) ) >> 5 ) ); |
|
| 3054 | + $s2 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 5, 3 ) ) >> 2 ) ); |
|
| 3055 | + $s3 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 7, 4 ) ) >> 7 ) ); |
|
| 3056 | + $s4 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 10, 4 ) ) >> 4 ) ); |
|
| 3057 | + $s5 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 13, 3 ) ) >> 1 ) ); |
|
| 3058 | + $s6 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 15, 4 ) ) >> 6 ) ); |
|
| 3059 | + $s7 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 18, 4 ) ) >> 3 ) ); |
|
| 3060 | + $s8 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $s, 21, 3 ) ) ); |
|
| 3061 | + $s9 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 23, 4 ) ) >> 5 ) ); |
|
| 3062 | + $s10 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 26, 3 ) ) >> 2 ) ); |
|
| 3063 | + $s11 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 28, 4 ) ) >> 7 ) ); |
|
| 3064 | + $s12 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 31, 4 ) ) >> 4 ) ); |
|
| 3065 | + $s13 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 34, 3 ) ) >> 1 ) ); |
|
| 3066 | + $s14 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 36, 4 ) ) >> 6 ) ); |
|
| 3067 | + $s15 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 39, 4 ) ) >> 3 ) ); |
|
| 3068 | + $s16 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & self::load_3( self::substr( $s, 42, 3 ) ) ); |
|
| 3069 | + $s17 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 44, 4 ) ) >> 5 ) ); |
|
| 3070 | + $s18 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 47, 3 ) ) >> 2 ) ); |
|
| 3071 | + $s19 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 49, 4 ) ) >> 7 ) ); |
|
| 3072 | + $s20 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 52, 4 ) ) >> 4 ) ); |
|
| 3073 | + $s21 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_3( self::substr( $s, 55, 3 ) ) >> 1 ) ); |
|
| 3074 | + $s22 = ParagonIE_Sodium_Core32_Int32::fromInt( 2097151 & ( self::load_4( self::substr( $s, 57, 4 ) ) >> 6 ) ); |
|
| 3075 | + $s23 = ParagonIE_Sodium_Core32_Int32::fromInt( self::load_4( self::substr( $s, 60, 4 ) ) >> 3 ); |
|
| 3076 | + |
|
| 3077 | + $s11 = $s11->addInt32( $s23->mulInt( 666643 ) ); |
|
| 3078 | + $s12 = $s12->addInt32( $s23->mulInt( 470296 ) ); |
|
| 3079 | + $s13 = $s13->addInt32( $s23->mulInt( 654183 ) ); |
|
| 3080 | + $s14 = $s14->subInt32( $s23->mulInt( 997805 ) ); |
|
| 3081 | + $s15 = $s15->addInt32( $s23->mulInt( 136657 ) ); |
|
| 3082 | + $s16 = $s16->subInt32( $s23->mulInt( 683901 ) ); |
|
| 3083 | + |
|
| 3084 | + $s10 = $s10->addInt32( $s22->mulInt( 666643 ) ); |
|
| 3085 | + $s11 = $s11->addInt32( $s22->mulInt( 470296 ) ); |
|
| 3086 | + $s12 = $s12->addInt32( $s22->mulInt( 654183 ) ); |
|
| 3087 | + $s13 = $s13->subInt32( $s22->mulInt( 997805 ) ); |
|
| 3088 | + $s14 = $s14->addInt32( $s22->mulInt( 136657 ) ); |
|
| 3089 | + $s15 = $s15->subInt32( $s22->mulInt( 683901 ) ); |
|
| 3090 | + |
|
| 3091 | + $s9 = $s9->addInt32( $s21->mulInt( 666643 ) ); |
|
| 3092 | + $s10 = $s10->addInt32( $s21->mulInt( 470296 ) ); |
|
| 3093 | + $s11 = $s11->addInt32( $s21->mulInt( 654183 ) ); |
|
| 3094 | + $s12 = $s12->subInt32( $s21->mulInt( 997805 ) ); |
|
| 3095 | + $s13 = $s13->addInt32( $s21->mulInt( 136657 ) ); |
|
| 3096 | + $s14 = $s14->subInt32( $s21->mulInt( 683901 ) ); |
|
| 3097 | + |
|
| 3098 | + $s8 = $s8->addInt32( $s20->mulInt( 666643 ) ); |
|
| 3099 | + $s9 = $s9->addInt32( $s20->mulInt( 470296 ) ); |
|
| 3100 | + $s10 = $s10->addInt32( $s20->mulInt( 654183 ) ); |
|
| 3101 | + $s11 = $s11->subInt32( $s20->mulInt( 997805 ) ); |
|
| 3102 | + $s12 = $s12->addInt32( $s20->mulInt( 136657 ) ); |
|
| 3103 | + $s13 = $s13->subInt32( $s20->mulInt( 683901 ) ); |
|
| 3104 | + |
|
| 3105 | + $s7 = $s7->addInt32( $s19->mulInt( 666643 ) ); |
|
| 3106 | + $s8 = $s8->addInt32( $s19->mulInt( 470296 ) ); |
|
| 3107 | + $s9 = $s9->addInt32( $s19->mulInt( 654183 ) ); |
|
| 3108 | + $s10 = $s10->subInt32( $s19->mulInt( 997805 ) ); |
|
| 3109 | + $s11 = $s11->addInt32( $s19->mulInt( 136657 ) ); |
|
| 3110 | + $s12 = $s12->subInt32( $s19->mulInt( 683901 ) ); |
|
| 3111 | + |
|
| 3112 | + $s6 = $s6->addInt32( $s18->mulInt( 666643 ) ); |
|
| 3113 | + $s7 = $s7->addInt32( $s18->mulInt( 470296 ) ); |
|
| 3114 | + $s8 = $s8->addInt32( $s18->mulInt( 654183 ) ); |
|
| 3115 | + $s9 = $s9->subInt32( $s18->mulInt( 997805 ) ); |
|
| 3116 | + $s10 = $s10->addInt32( $s18->mulInt( 136657 ) ); |
|
| 3117 | + $s11 = $s11->subInt32( $s18->mulInt( 683901 ) ); |
|
| 3118 | + |
|
| 3119 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3120 | + $s7 = $s7->addInt32( $carry6 ); |
|
| 3121 | + $s6 = $s6->subInt32( $carry6->shiftLeft( 21 ) ); |
|
| 3122 | + |
|
| 3123 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3124 | + $s9 = $s9->addInt32( $carry8 ); |
|
| 3125 | + $s8 = $s8->subInt32( $carry8->shiftLeft( 21 ) ); |
|
| 3126 | + |
|
| 3127 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3128 | + $s11 = $s11->addInt32( $carry10 ); |
|
| 3129 | + $s10 = $s10->subInt32( $carry10->shiftLeft( 21 ) ); |
|
| 3130 | + |
|
| 3131 | + $carry12 = $s12->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3132 | + $s13 = $s13->addInt32( $carry12 ); |
|
| 3133 | + $s12 = $s12->subInt32( $carry12->shiftLeft( 21 ) ); |
|
| 3134 | + |
|
| 3135 | + $carry14 = $s14->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3136 | + $s15 = $s15->addInt32( $carry14 ); |
|
| 3137 | + $s14 = $s14->subInt32( $carry14->shiftLeft( 21 ) ); |
|
| 3138 | + |
|
| 3139 | + $carry16 = $s16->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3140 | + $s17 = $s17->addInt32( $carry16 ); |
|
| 3141 | + $s16 = $s16->subInt32( $carry16->shiftLeft( 21 ) ); |
|
| 3142 | + |
|
| 3143 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3144 | + $s8 = $s8->addInt32( $carry7 ); |
|
| 3145 | + $s7 = $s7->subInt32( $carry7->shiftLeft( 21 ) ); |
|
| 3146 | + |
|
| 3147 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3148 | + $s10 = $s10->addInt32( $carry9 ); |
|
| 3149 | + $s9 = $s9->subInt32( $carry9->shiftLeft( 21 ) ); |
|
| 3150 | + |
|
| 3151 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3152 | + $s12 = $s12->addInt32( $carry11 ); |
|
| 3153 | + $s11 = $s11->subInt32( $carry11->shiftLeft( 21 ) ); |
|
| 3154 | + |
|
| 3155 | + $carry13 = $s13->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3156 | + $s14 = $s14->addInt32( $carry13 ); |
|
| 3157 | + $s13 = $s13->subInt32( $carry13->shiftLeft( 21 ) ); |
|
| 3158 | + |
|
| 3159 | + $carry15 = $s15->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3160 | + $s16 = $s16->addInt32( $carry15 ); |
|
| 3161 | + $s15 = $s15->subInt32( $carry15->shiftLeft( 21 ) ); |
|
| 3162 | + |
|
| 3163 | + $s5 = $s5->addInt32( $s17->mulInt( 666643 ) ); |
|
| 3164 | + $s6 = $s6->addInt32( $s17->mulInt( 470296 ) ); |
|
| 3165 | + $s7 = $s7->addInt32( $s17->mulInt( 654183 ) ); |
|
| 3166 | + $s8 = $s8->subInt32( $s17->mulInt( 997805 ) ); |
|
| 3167 | + $s9 = $s9->addInt32( $s17->mulInt( 136657 ) ); |
|
| 3168 | + $s10 = $s10->subInt32( $s17->mulInt( 683901 ) ); |
|
| 3169 | + |
|
| 3170 | + $s4 = $s4->addInt32( $s16->mulInt( 666643 ) ); |
|
| 3171 | + $s5 = $s5->addInt32( $s16->mulInt( 470296 ) ); |
|
| 3172 | + $s6 = $s6->addInt32( $s16->mulInt( 654183 ) ); |
|
| 3173 | + $s7 = $s7->subInt32( $s16->mulInt( 997805 ) ); |
|
| 3174 | + $s8 = $s8->addInt32( $s16->mulInt( 136657 ) ); |
|
| 3175 | + $s9 = $s9->subInt32( $s16->mulInt( 683901 ) ); |
|
| 3176 | + |
|
| 3177 | + $s3 = $s3->addInt32( $s15->mulInt( 666643 ) ); |
|
| 3178 | + $s4 = $s4->addInt32( $s15->mulInt( 470296 ) ); |
|
| 3179 | + $s5 = $s5->addInt32( $s15->mulInt( 654183 ) ); |
|
| 3180 | + $s6 = $s6->subInt32( $s15->mulInt( 997805 ) ); |
|
| 3181 | + $s7 = $s7->addInt32( $s15->mulInt( 136657 ) ); |
|
| 3182 | + $s8 = $s8->subInt32( $s15->mulInt( 683901 ) ); |
|
| 3183 | + |
|
| 3184 | + $s2 = $s2->addInt32( $s14->mulInt( 666643 ) ); |
|
| 3185 | + $s3 = $s3->addInt32( $s14->mulInt( 470296 ) ); |
|
| 3186 | + $s4 = $s4->addInt32( $s14->mulInt( 654183 ) ); |
|
| 3187 | + $s5 = $s5->subInt32( $s14->mulInt( 997805 ) ); |
|
| 3188 | + $s6 = $s6->addInt32( $s14->mulInt( 136657 ) ); |
|
| 3189 | + $s7 = $s7->subInt32( $s14->mulInt( 683901 ) ); |
|
| 3190 | + |
|
| 3191 | + $s1 = $s1->addInt32( $s13->mulInt( 666643 ) ); |
|
| 3192 | + $s2 = $s2->addInt32( $s13->mulInt( 470296 ) ); |
|
| 3193 | + $s3 = $s3->addInt32( $s13->mulInt( 654183 ) ); |
|
| 3194 | + $s4 = $s4->subInt32( $s13->mulInt( 997805 ) ); |
|
| 3195 | + $s5 = $s5->addInt32( $s13->mulInt( 136657 ) ); |
|
| 3196 | + $s6 = $s6->subInt32( $s13->mulInt( 683901 ) ); |
|
| 3197 | + |
|
| 3198 | + $s0 = $s0->addInt32( $s12->mulInt( 666643 ) ); |
|
| 3199 | + $s1 = $s1->addInt32( $s12->mulInt( 470296 ) ); |
|
| 3200 | + $s2 = $s2->addInt32( $s12->mulInt( 654183 ) ); |
|
| 3201 | + $s3 = $s3->subInt32( $s12->mulInt( 997805 ) ); |
|
| 3202 | + $s4 = $s4->addInt32( $s12->mulInt( 136657 ) ); |
|
| 3203 | + $s5 = $s5->subInt32( $s12->mulInt( 683901 ) ); |
|
| 3204 | 3204 | $s12 = new ParagonIE_Sodium_Core32_Int32(); |
| 3205 | 3205 | |
| 3206 | - $carry0 = $s0->addInt(1 << 20)->shiftRight(21); |
|
| 3207 | - $s1 = $s1->addInt32($carry0); |
|
| 3208 | - $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3209 | - $carry2 = $s2->addInt(1 << 20)->shiftRight(21); |
|
| 3210 | - $s3 = $s3->addInt32($carry2); |
|
| 3211 | - $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3212 | - $carry4 = $s4->addInt(1 << 20)->shiftRight(21); |
|
| 3213 | - $s5 = $s5->addInt32($carry4); |
|
| 3214 | - $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3215 | - $carry6 = $s6->addInt(1 << 20)->shiftRight(21); |
|
| 3216 | - $s7 = $s7->addInt32($carry6); |
|
| 3217 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3218 | - $carry8 = $s8->addInt(1 << 20)->shiftRight(21); |
|
| 3219 | - $s9 = $s9->addInt32($carry8); |
|
| 3220 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3221 | - $carry10 = $s10->addInt(1 << 20)->shiftRight(21); |
|
| 3222 | - $s11 = $s11->addInt32($carry10); |
|
| 3223 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3224 | - $carry1 = $s1->addInt(1 << 20)->shiftRight(21); |
|
| 3225 | - $s2 = $s2->addInt32($carry1); |
|
| 3226 | - $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3227 | - $carry3 = $s3->addInt(1 << 20)->shiftRight(21); |
|
| 3228 | - $s4 = $s4->addInt32($carry3); |
|
| 3229 | - $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3230 | - $carry5 = $s5->addInt(1 << 20)->shiftRight(21); |
|
| 3231 | - $s6 = $s6->addInt32($carry5); |
|
| 3232 | - $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3233 | - $carry7 = $s7->addInt(1 << 20)->shiftRight(21); |
|
| 3234 | - $s8 = $s8->addInt32($carry7); |
|
| 3235 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3236 | - $carry9 = $s9->addInt(1 << 20)->shiftRight(21); |
|
| 3237 | - $s10 = $s10->addInt32($carry9); |
|
| 3238 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3239 | - $carry11 = $s11->addInt(1 << 20)->shiftRight(21); |
|
| 3240 | - $s12 = $s12->addInt32($carry11); |
|
| 3241 | - $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3242 | - |
|
| 3243 | - $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3244 | - $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3245 | - $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3246 | - $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3247 | - $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3248 | - $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3206 | + $carry0 = $s0->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3207 | + $s1 = $s1->addInt32( $carry0 ); |
|
| 3208 | + $s0 = $s0->subInt32( $carry0->shiftLeft( 21 ) ); |
|
| 3209 | + $carry2 = $s2->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3210 | + $s3 = $s3->addInt32( $carry2 ); |
|
| 3211 | + $s2 = $s2->subInt32( $carry2->shiftLeft( 21 ) ); |
|
| 3212 | + $carry4 = $s4->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3213 | + $s5 = $s5->addInt32( $carry4 ); |
|
| 3214 | + $s4 = $s4->subInt32( $carry4->shiftLeft( 21 ) ); |
|
| 3215 | + $carry6 = $s6->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3216 | + $s7 = $s7->addInt32( $carry6 ); |
|
| 3217 | + $s6 = $s6->subInt32( $carry6->shiftLeft( 21 ) ); |
|
| 3218 | + $carry8 = $s8->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3219 | + $s9 = $s9->addInt32( $carry8 ); |
|
| 3220 | + $s8 = $s8->subInt32( $carry8->shiftLeft( 21 ) ); |
|
| 3221 | + $carry10 = $s10->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3222 | + $s11 = $s11->addInt32( $carry10 ); |
|
| 3223 | + $s10 = $s10->subInt32( $carry10->shiftLeft( 21 ) ); |
|
| 3224 | + $carry1 = $s1->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3225 | + $s2 = $s2->addInt32( $carry1 ); |
|
| 3226 | + $s1 = $s1->subInt32( $carry1->shiftLeft( 21 ) ); |
|
| 3227 | + $carry3 = $s3->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3228 | + $s4 = $s4->addInt32( $carry3 ); |
|
| 3229 | + $s3 = $s3->subInt32( $carry3->shiftLeft( 21 ) ); |
|
| 3230 | + $carry5 = $s5->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3231 | + $s6 = $s6->addInt32( $carry5 ); |
|
| 3232 | + $s5 = $s5->subInt32( $carry5->shiftLeft( 21 ) ); |
|
| 3233 | + $carry7 = $s7->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3234 | + $s8 = $s8->addInt32( $carry7 ); |
|
| 3235 | + $s7 = $s7->subInt32( $carry7->shiftLeft( 21 ) ); |
|
| 3236 | + $carry9 = $s9->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3237 | + $s10 = $s10->addInt32( $carry9 ); |
|
| 3238 | + $s9 = $s9->subInt32( $carry9->shiftLeft( 21 ) ); |
|
| 3239 | + $carry11 = $s11->addInt( 1 << 20 )->shiftRight( 21 ); |
|
| 3240 | + $s12 = $s12->addInt32( $carry11 ); |
|
| 3241 | + $s11 = $s11->subInt32( $carry11->shiftLeft( 21 ) ); |
|
| 3242 | + |
|
| 3243 | + $s0 = $s0->addInt32( $s12->mulInt( 666643 ) ); |
|
| 3244 | + $s1 = $s1->addInt32( $s12->mulInt( 470296 ) ); |
|
| 3245 | + $s2 = $s2->addInt32( $s12->mulInt( 654183 ) ); |
|
| 3246 | + $s3 = $s3->subInt32( $s12->mulInt( 997805 ) ); |
|
| 3247 | + $s4 = $s4->addInt32( $s12->mulInt( 136657 ) ); |
|
| 3248 | + $s5 = $s5->subInt32( $s12->mulInt( 683901 ) ); |
|
| 3249 | 3249 | $s12 = new ParagonIE_Sodium_Core32_Int32(); |
| 3250 | 3250 | |
| 3251 | - $carry0 = $s0->shiftRight(21); |
|
| 3252 | - $s1 = $s1->addInt32($carry0); |
|
| 3253 | - $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3254 | - $carry1 = $s1->shiftRight(21); |
|
| 3255 | - $s2 = $s2->addInt32($carry1); |
|
| 3256 | - $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3257 | - $carry2 = $s2->shiftRight(21); |
|
| 3258 | - $s3 = $s3->addInt32($carry2); |
|
| 3259 | - $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3260 | - $carry3 = $s3->shiftRight(21); |
|
| 3261 | - $s4 = $s4->addInt32($carry3); |
|
| 3262 | - $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3263 | - $carry4 = $s4->shiftRight(21); |
|
| 3264 | - $s5 = $s5->addInt32($carry4); |
|
| 3265 | - $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3266 | - $carry5 = $s5->shiftRight(21); |
|
| 3267 | - $s6 = $s6->addInt32($carry5); |
|
| 3268 | - $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3269 | - $carry6 = $s6->shiftRight(21); |
|
| 3270 | - $s7 = $s7->addInt32($carry6); |
|
| 3271 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3272 | - $carry7 = $s7->shiftRight(21); |
|
| 3273 | - $s8 = $s8->addInt32($carry7); |
|
| 3274 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3275 | - $carry8 = $s8->shiftRight(21); |
|
| 3276 | - $s9 = $s9->addInt32($carry8); |
|
| 3277 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3278 | - $carry9 = $s9->shiftRight(21); |
|
| 3279 | - $s10 = $s10->addInt32($carry9); |
|
| 3280 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3281 | - $carry10 = $s10->shiftRight(21); |
|
| 3282 | - $s11 = $s11->addInt32($carry10); |
|
| 3283 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3284 | - $carry11 = $s11->shiftRight(21); |
|
| 3285 | - $s12 = $s12->addInt32($carry11); |
|
| 3286 | - $s11 = $s11->subInt32($carry11->shiftLeft(21)); |
|
| 3287 | - |
|
| 3288 | - $s0 = $s0->addInt32($s12->mulInt(666643)); |
|
| 3289 | - $s1 = $s1->addInt32($s12->mulInt(470296)); |
|
| 3290 | - $s2 = $s2->addInt32($s12->mulInt(654183)); |
|
| 3291 | - $s3 = $s3->subInt32($s12->mulInt(997805)); |
|
| 3292 | - $s4 = $s4->addInt32($s12->mulInt(136657)); |
|
| 3293 | - $s5 = $s5->subInt32($s12->mulInt(683901)); |
|
| 3294 | - |
|
| 3295 | - $carry0 = $s0->shiftRight(21); |
|
| 3296 | - $s1 = $s1->addInt32($carry0); |
|
| 3297 | - $s0 = $s0->subInt32($carry0->shiftLeft(21)); |
|
| 3298 | - $carry1 = $s1->shiftRight(21); |
|
| 3299 | - $s2 = $s2->addInt32($carry1); |
|
| 3300 | - $s1 = $s1->subInt32($carry1->shiftLeft(21)); |
|
| 3301 | - $carry2 = $s2->shiftRight(21); |
|
| 3302 | - $s3 = $s3->addInt32($carry2); |
|
| 3303 | - $s2 = $s2->subInt32($carry2->shiftLeft(21)); |
|
| 3304 | - $carry3 = $s3->shiftRight(21); |
|
| 3305 | - $s4 = $s4->addInt32($carry3); |
|
| 3306 | - $s3 = $s3->subInt32($carry3->shiftLeft(21)); |
|
| 3307 | - $carry4 = $s4->shiftRight(21); |
|
| 3308 | - $s5 = $s5->addInt32($carry4); |
|
| 3309 | - $s4 = $s4->subInt32($carry4->shiftLeft(21)); |
|
| 3310 | - $carry5 = $s5->shiftRight(21); |
|
| 3311 | - $s6 = $s6->addInt32($carry5); |
|
| 3312 | - $s5 = $s5->subInt32($carry5->shiftLeft(21)); |
|
| 3313 | - $carry6 = $s6->shiftRight(21); |
|
| 3314 | - $s7 = $s7->addInt32($carry6); |
|
| 3315 | - $s6 = $s6->subInt32($carry6->shiftLeft(21)); |
|
| 3316 | - $carry7 = $s7->shiftRight(21); |
|
| 3317 | - $s8 = $s8->addInt32($carry7); |
|
| 3318 | - $s7 = $s7->subInt32($carry7->shiftLeft(21)); |
|
| 3319 | - $carry8 = $s8->shiftRight(21); |
|
| 3320 | - $s9 = $s9->addInt32($carry8); |
|
| 3321 | - $s8 = $s8->subInt32($carry8->shiftLeft(21)); |
|
| 3322 | - $carry9 = $s9->shiftRight(21); |
|
| 3323 | - $s10 = $s10->addInt32($carry9); |
|
| 3324 | - $s9 = $s9->subInt32($carry9->shiftLeft(21)); |
|
| 3325 | - $carry10 = $s10->shiftRight(21); |
|
| 3326 | - $s11 = $s11->addInt32($carry10); |
|
| 3327 | - $s10 = $s10->subInt32($carry10->shiftLeft(21)); |
|
| 3251 | + $carry0 = $s0->shiftRight( 21 ); |
|
| 3252 | + $s1 = $s1->addInt32( $carry0 ); |
|
| 3253 | + $s0 = $s0->subInt32( $carry0->shiftLeft( 21 ) ); |
|
| 3254 | + $carry1 = $s1->shiftRight( 21 ); |
|
| 3255 | + $s2 = $s2->addInt32( $carry1 ); |
|
| 3256 | + $s1 = $s1->subInt32( $carry1->shiftLeft( 21 ) ); |
|
| 3257 | + $carry2 = $s2->shiftRight( 21 ); |
|
| 3258 | + $s3 = $s3->addInt32( $carry2 ); |
|
| 3259 | + $s2 = $s2->subInt32( $carry2->shiftLeft( 21 ) ); |
|
| 3260 | + $carry3 = $s3->shiftRight( 21 ); |
|
| 3261 | + $s4 = $s4->addInt32( $carry3 ); |
|
| 3262 | + $s3 = $s3->subInt32( $carry3->shiftLeft( 21 ) ); |
|
| 3263 | + $carry4 = $s4->shiftRight( 21 ); |
|
| 3264 | + $s5 = $s5->addInt32( $carry4 ); |
|
| 3265 | + $s4 = $s4->subInt32( $carry4->shiftLeft( 21 ) ); |
|
| 3266 | + $carry5 = $s5->shiftRight( 21 ); |
|
| 3267 | + $s6 = $s6->addInt32( $carry5 ); |
|
| 3268 | + $s5 = $s5->subInt32( $carry5->shiftLeft( 21 ) ); |
|
| 3269 | + $carry6 = $s6->shiftRight( 21 ); |
|
| 3270 | + $s7 = $s7->addInt32( $carry6 ); |
|
| 3271 | + $s6 = $s6->subInt32( $carry6->shiftLeft( 21 ) ); |
|
| 3272 | + $carry7 = $s7->shiftRight( 21 ); |
|
| 3273 | + $s8 = $s8->addInt32( $carry7 ); |
|
| 3274 | + $s7 = $s7->subInt32( $carry7->shiftLeft( 21 ) ); |
|
| 3275 | + $carry8 = $s8->shiftRight( 21 ); |
|
| 3276 | + $s9 = $s9->addInt32( $carry8 ); |
|
| 3277 | + $s8 = $s8->subInt32( $carry8->shiftLeft( 21 ) ); |
|
| 3278 | + $carry9 = $s9->shiftRight( 21 ); |
|
| 3279 | + $s10 = $s10->addInt32( $carry9 ); |
|
| 3280 | + $s9 = $s9->subInt32( $carry9->shiftLeft( 21 ) ); |
|
| 3281 | + $carry10 = $s10->shiftRight( 21 ); |
|
| 3282 | + $s11 = $s11->addInt32( $carry10 ); |
|
| 3283 | + $s10 = $s10->subInt32( $carry10->shiftLeft( 21 ) ); |
|
| 3284 | + $carry11 = $s11->shiftRight( 21 ); |
|
| 3285 | + $s12 = $s12->addInt32( $carry11 ); |
|
| 3286 | + $s11 = $s11->subInt32( $carry11->shiftLeft( 21 ) ); |
|
| 3287 | + |
|
| 3288 | + $s0 = $s0->addInt32( $s12->mulInt( 666643 ) ); |
|
| 3289 | + $s1 = $s1->addInt32( $s12->mulInt( 470296 ) ); |
|
| 3290 | + $s2 = $s2->addInt32( $s12->mulInt( 654183 ) ); |
|
| 3291 | + $s3 = $s3->subInt32( $s12->mulInt( 997805 ) ); |
|
| 3292 | + $s4 = $s4->addInt32( $s12->mulInt( 136657 ) ); |
|
| 3293 | + $s5 = $s5->subInt32( $s12->mulInt( 683901 ) ); |
|
| 3294 | + |
|
| 3295 | + $carry0 = $s0->shiftRight( 21 ); |
|
| 3296 | + $s1 = $s1->addInt32( $carry0 ); |
|
| 3297 | + $s0 = $s0->subInt32( $carry0->shiftLeft( 21 ) ); |
|
| 3298 | + $carry1 = $s1->shiftRight( 21 ); |
|
| 3299 | + $s2 = $s2->addInt32( $carry1 ); |
|
| 3300 | + $s1 = $s1->subInt32( $carry1->shiftLeft( 21 ) ); |
|
| 3301 | + $carry2 = $s2->shiftRight( 21 ); |
|
| 3302 | + $s3 = $s3->addInt32( $carry2 ); |
|
| 3303 | + $s2 = $s2->subInt32( $carry2->shiftLeft( 21 ) ); |
|
| 3304 | + $carry3 = $s3->shiftRight( 21 ); |
|
| 3305 | + $s4 = $s4->addInt32( $carry3 ); |
|
| 3306 | + $s3 = $s3->subInt32( $carry3->shiftLeft( 21 ) ); |
|
| 3307 | + $carry4 = $s4->shiftRight( 21 ); |
|
| 3308 | + $s5 = $s5->addInt32( $carry4 ); |
|
| 3309 | + $s4 = $s4->subInt32( $carry4->shiftLeft( 21 ) ); |
|
| 3310 | + $carry5 = $s5->shiftRight( 21 ); |
|
| 3311 | + $s6 = $s6->addInt32( $carry5 ); |
|
| 3312 | + $s5 = $s5->subInt32( $carry5->shiftLeft( 21 ) ); |
|
| 3313 | + $carry6 = $s6->shiftRight( 21 ); |
|
| 3314 | + $s7 = $s7->addInt32( $carry6 ); |
|
| 3315 | + $s6 = $s6->subInt32( $carry6->shiftLeft( 21 ) ); |
|
| 3316 | + $carry7 = $s7->shiftRight( 21 ); |
|
| 3317 | + $s8 = $s8->addInt32( $carry7 ); |
|
| 3318 | + $s7 = $s7->subInt32( $carry7->shiftLeft( 21 ) ); |
|
| 3319 | + $carry8 = $s8->shiftRight( 21 ); |
|
| 3320 | + $s9 = $s9->addInt32( $carry8 ); |
|
| 3321 | + $s8 = $s8->subInt32( $carry8->shiftLeft( 21 ) ); |
|
| 3322 | + $carry9 = $s9->shiftRight( 21 ); |
|
| 3323 | + $s10 = $s10->addInt32( $carry9 ); |
|
| 3324 | + $s9 = $s9->subInt32( $carry9->shiftLeft( 21 ) ); |
|
| 3325 | + $carry10 = $s10->shiftRight( 21 ); |
|
| 3326 | + $s11 = $s11->addInt32( $carry10 ); |
|
| 3327 | + $s10 = $s10->subInt32( $carry10->shiftLeft( 21 ) ); |
|
| 3328 | 3328 | |
| 3329 | 3329 | $S0 = $s0->toInt(); |
| 3330 | 3330 | $S1 = $s1->toInt(); |
@@ -3343,39 +3343,39 @@ discard block |
||
| 3343 | 3343 | * @var array<int, int> |
| 3344 | 3344 | */ |
| 3345 | 3345 | $arr = array( |
| 3346 | - (int) ($S0 >> 0), |
|
| 3347 | - (int) ($S0 >> 8), |
|
| 3348 | - (int) (($S0 >> 16) | self::mul($S1, 1 << 5)), |
|
| 3349 | - (int) ($S1 >> 3), |
|
| 3350 | - (int) ($S1 >> 11), |
|
| 3351 | - (int) (($S1 >> 19) | self::mul($S2, 1 << 2)), |
|
| 3352 | - (int) ($S2 >> 6), |
|
| 3353 | - (int) (($S2 >> 14) | self::mul($S3, 1 << 7)), |
|
| 3354 | - (int) ($S3 >> 1), |
|
| 3355 | - (int) ($S3 >> 9), |
|
| 3356 | - (int) (($S3 >> 17) | self::mul($S4, 1 << 4)), |
|
| 3357 | - (int) ($S4 >> 4), |
|
| 3358 | - (int) ($S4 >> 12), |
|
| 3359 | - (int) (($S4 >> 20) | self::mul($S5, 1 << 1)), |
|
| 3360 | - (int) ($S5 >> 7), |
|
| 3361 | - (int) (($S5 >> 15) | self::mul($S6, 1 << 6)), |
|
| 3362 | - (int) ($S6 >> 2), |
|
| 3363 | - (int) ($S6 >> 10), |
|
| 3364 | - (int) (($S6 >> 18) | self::mul($S7, 1 << 3)), |
|
| 3365 | - (int) ($S7 >> 5), |
|
| 3366 | - (int) ($S7 >> 13), |
|
| 3367 | - (int) ($S8 >> 0), |
|
| 3368 | - (int) ($S8 >> 8), |
|
| 3369 | - (int) (($S8 >> 16) | self::mul($S9, 1 << 5)), |
|
| 3370 | - (int) ($S9 >> 3), |
|
| 3371 | - (int) ($S9 >> 11), |
|
| 3372 | - (int) (($S9 >> 19) | self::mul($S10, 1 << 2)), |
|
| 3373 | - (int) ($S10 >> 6), |
|
| 3374 | - (int) (($S10 >> 14) | self::mul($S11, 1 << 7)), |
|
| 3375 | - (int) ($S11 >> 1), |
|
| 3376 | - (int) ($S11 >> 9), |
|
| 3346 | + (int) ( $S0 >> 0 ), |
|
| 3347 | + (int) ( $S0 >> 8 ), |
|
| 3348 | + (int) ( ( $S0 >> 16 ) | self::mul( $S1, 1 << 5 ) ), |
|
| 3349 | + (int) ( $S1 >> 3 ), |
|
| 3350 | + (int) ( $S1 >> 11 ), |
|
| 3351 | + (int) ( ( $S1 >> 19 ) | self::mul( $S2, 1 << 2 ) ), |
|
| 3352 | + (int) ( $S2 >> 6 ), |
|
| 3353 | + (int) ( ( $S2 >> 14 ) | self::mul( $S3, 1 << 7 ) ), |
|
| 3354 | + (int) ( $S3 >> 1 ), |
|
| 3355 | + (int) ( $S3 >> 9 ), |
|
| 3356 | + (int) ( ( $S3 >> 17 ) | self::mul( $S4, 1 << 4 ) ), |
|
| 3357 | + (int) ( $S4 >> 4 ), |
|
| 3358 | + (int) ( $S4 >> 12 ), |
|
| 3359 | + (int) ( ( $S4 >> 20 ) | self::mul( $S5, 1 << 1 ) ), |
|
| 3360 | + (int) ( $S5 >> 7 ), |
|
| 3361 | + (int) ( ( $S5 >> 15 ) | self::mul( $S6, 1 << 6 ) ), |
|
| 3362 | + (int) ( $S6 >> 2 ), |
|
| 3363 | + (int) ( $S6 >> 10 ), |
|
| 3364 | + (int) ( ( $S6 >> 18 ) | self::mul( $S7, 1 << 3 ) ), |
|
| 3365 | + (int) ( $S7 >> 5 ), |
|
| 3366 | + (int) ( $S7 >> 13 ), |
|
| 3367 | + (int) ( $S8 >> 0 ), |
|
| 3368 | + (int) ( $S8 >> 8 ), |
|
| 3369 | + (int) ( ( $S8 >> 16 ) | self::mul( $S9, 1 << 5 ) ), |
|
| 3370 | + (int) ( $S9 >> 3 ), |
|
| 3371 | + (int) ( $S9 >> 11 ), |
|
| 3372 | + (int) ( ( $S9 >> 19 ) | self::mul( $S10, 1 << 2 ) ), |
|
| 3373 | + (int) ( $S10 >> 6 ), |
|
| 3374 | + (int) ( ( $S10 >> 14 ) | self::mul( $S11, 1 << 7 ) ), |
|
| 3375 | + (int) ( $S11 >> 1 ), |
|
| 3376 | + (int) ( $S11 >> 9 ), |
|
| 3377 | 3377 | (int) $S11 >> 17 |
| 3378 | 3378 | ); |
| 3379 | - return self::intArrayToString($arr); |
|
| 3379 | + return self::intArrayToString( $arr ); |
|
| 3380 | 3380 | } |
| 3381 | 3381 | } |
@@ -13,8 +13,7 @@ discard block |
||
| 13 | 13 | * |
| 14 | 14 | * @ref https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_core/curve25519/ref10/curve25519_ref10.c |
| 15 | 15 | */ |
| 16 | -abstract class ParagonIE_Sodium_Core32_Curve25519 extends ParagonIE_Sodium_Core32_Curve25519_H |
|
| 17 | -{ |
|
| 16 | +abstract class ParagonIE_Sodium_Core32_Curve25519 extends ParagonIE_Sodium_Core32_Curve25519_H { |
|
| 18 | 17 | /** |
| 19 | 18 | * Get a field element of size 10 with a value of 0 |
| 20 | 19 | * |
@@ -22,8 +21,7 @@ discard block |
||
| 22 | 21 | * |
| 23 | 22 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 24 | 23 | */ |
| 25 | - public static function fe_0() |
|
| 26 | - { |
|
| 24 | + public static function fe_0() { |
|
| 27 | 25 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 28 | 26 | array( |
| 29 | 27 | new ParagonIE_Sodium_Core32_Int32(), |
@@ -47,8 +45,7 @@ discard block |
||
| 47 | 45 | * |
| 48 | 46 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 49 | 47 | */ |
| 50 | - public static function fe_1() |
|
| 51 | - { |
|
| 48 | + public static function fe_1() { |
|
| 52 | 49 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 53 | 50 | array( |
| 54 | 51 | ParagonIE_Sodium_Core32_Int32::fromInt(1), |
@@ -121,8 +118,7 @@ discard block |
||
| 121 | 118 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 122 | 119 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 123 | 120 | */ |
| 124 | - public static function fe_copy(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 125 | - { |
|
| 121 | + public static function fe_copy(ParagonIE_Sodium_Core32_Curve25519_Fe $f) { |
|
| 126 | 122 | $h = clone $f; |
| 127 | 123 | return $h; |
| 128 | 124 | } |
@@ -137,8 +133,7 @@ discard block |
||
| 137 | 133 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 138 | 134 | * @throws RangeException |
| 139 | 135 | */ |
| 140 | - public static function fe_frombytes($s) |
|
| 141 | - { |
|
| 136 | + public static function fe_frombytes($s) { |
|
| 142 | 137 | if (self::strlen($s) !== 32) { |
| 143 | 138 | throw new RangeException('Expected a 32-byte string.'); |
| 144 | 139 | } |
@@ -236,8 +231,7 @@ discard block |
||
| 236 | 231 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $h |
| 237 | 232 | * @return string |
| 238 | 233 | */ |
| 239 | - public static function fe_tobytes(ParagonIE_Sodium_Core32_Curve25519_Fe $h) |
|
| 240 | - { |
|
| 234 | + public static function fe_tobytes(ParagonIE_Sodium_Core32_Curve25519_Fe $h) { |
|
| 241 | 235 | /** |
| 242 | 236 | * @var ParagonIE_Sodium_Core32_Int64[] $f |
| 243 | 237 | * @var ParagonIE_Sodium_Core32_Int64 $q |
@@ -388,8 +382,7 @@ discard block |
||
| 388 | 382 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 389 | 383 | * @return int |
| 390 | 384 | */ |
| 391 | - public static function fe_isnegative(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 392 | - { |
|
| 385 | + public static function fe_isnegative(ParagonIE_Sodium_Core32_Curve25519_Fe $f) { |
|
| 393 | 386 | $str = self::fe_tobytes($f); |
| 394 | 387 | return self::chrToInt($str[0]) & 1; |
| 395 | 388 | } |
@@ -402,8 +395,7 @@ discard block |
||
| 402 | 395 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 403 | 396 | * @return bool |
| 404 | 397 | */ |
| 405 | - public static function fe_isnonzero(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 406 | - { |
|
| 398 | + public static function fe_isnonzero(ParagonIE_Sodium_Core32_Curve25519_Fe $f) { |
|
| 407 | 399 | static $zero; |
| 408 | 400 | if ($zero === null) { |
| 409 | 401 | $zero = str_repeat("\x00", 32); |
@@ -735,8 +727,7 @@ discard block |
||
| 735 | 727 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 736 | 728 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 737 | 729 | */ |
| 738 | - public static function fe_neg(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 739 | - { |
|
| 730 | + public static function fe_neg(ParagonIE_Sodium_Core32_Curve25519_Fe $f) { |
|
| 740 | 731 | $h = new ParagonIE_Sodium_Core32_Curve25519_Fe(); |
| 741 | 732 | for ($i = 0; $i < 10; ++$i) { |
| 742 | 733 | $h[$i] = $h[$i]->subInt32($f[$i]); |
@@ -754,8 +745,7 @@ discard block |
||
| 754 | 745 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 755 | 746 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 756 | 747 | */ |
| 757 | - public static function fe_sq(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 758 | - { |
|
| 748 | + public static function fe_sq(ParagonIE_Sodium_Core32_Curve25519_Fe $f) { |
|
| 759 | 749 | /** |
| 760 | 750 | * @var ParagonIE_Sodium_Core32_Int64 $f0 |
| 761 | 751 | * @var ParagonIE_Sodium_Core32_Int64 $f1 |
@@ -948,8 +938,7 @@ discard block |
||
| 948 | 938 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $f |
| 949 | 939 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 950 | 940 | */ |
| 951 | - public static function fe_sq2(ParagonIE_Sodium_Core32_Curve25519_Fe $f) |
|
| 952 | - { |
|
| 941 | + public static function fe_sq2(ParagonIE_Sodium_Core32_Curve25519_Fe $f) { |
|
| 953 | 942 | /** |
| 954 | 943 | * @var ParagonIE_Sodium_Core32_Int64 $f0 |
| 955 | 944 | * @var ParagonIE_Sodium_Core32_Int64 $f1 |
@@ -1153,8 +1142,7 @@ discard block |
||
| 1153 | 1142 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $Z |
| 1154 | 1143 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 1155 | 1144 | */ |
| 1156 | - public static function fe_invert(ParagonIE_Sodium_Core32_Curve25519_Fe $Z) |
|
| 1157 | - { |
|
| 1145 | + public static function fe_invert(ParagonIE_Sodium_Core32_Curve25519_Fe $Z) { |
|
| 1158 | 1146 | $z = clone $Z; |
| 1159 | 1147 | $t0 = self::fe_sq($z); |
| 1160 | 1148 | $t1 = self::fe_sq($t0); |
@@ -1213,8 +1201,7 @@ discard block |
||
| 1213 | 1201 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $z |
| 1214 | 1202 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 1215 | 1203 | */ |
| 1216 | - public static function fe_pow22523(ParagonIE_Sodium_Core32_Curve25519_Fe $z) |
|
| 1217 | - { |
|
| 1204 | + public static function fe_pow22523(ParagonIE_Sodium_Core32_Curve25519_Fe $z) { |
|
| 1218 | 1205 | # fe_sq(t0, z); |
| 1219 | 1206 | # fe_sq(t1, t0); |
| 1220 | 1207 | # fe_sq(t1, t1); |
@@ -1339,8 +1326,7 @@ discard block |
||
| 1339 | 1326 | * @param ParagonIE_Sodium_Core32_Curve25519_Fe $g |
| 1340 | 1327 | * @return ParagonIE_Sodium_Core32_Curve25519_Fe |
| 1341 | 1328 | */ |
| 1342 | - public static function fe_sub(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) |
|
| 1343 | - { |
|
| 1329 | + public static function fe_sub(ParagonIE_Sodium_Core32_Curve25519_Fe $f, ParagonIE_Sodium_Core32_Curve25519_Fe $g) { |
|
| 1344 | 1330 | return ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
| 1345 | 1331 | array( |
| 1346 | 1332 | $f[0]->subInt32($g[0]), |
@@ -1394,8 +1380,7 @@ discard block |
||
| 1394 | 1380 | * @param string $a |
| 1395 | 1381 | * @return array<int, mixed> |
| 1396 | 1382 | */ |
| 1397 | - public static function slide($a) |
|
| 1398 | - { |
|
| 1383 | + public static function slide($a) { |
|
| 1399 | 1384 | if (self::strlen($a) < 256) { |
| 1400 | 1385 | if (self::strlen($a) < 16) { |
| 1401 | 1386 | $a = str_pad($a, 256, '0', STR_PAD_RIGHT); |
@@ -1442,8 +1427,7 @@ discard block |
||
| 1442 | 1427 | * @param string $s |
| 1443 | 1428 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 1444 | 1429 | */ |
| 1445 | - public static function ge_frombytes_negate_vartime($s) |
|
| 1446 | - { |
|
| 1430 | + public static function ge_frombytes_negate_vartime($s) { |
|
| 1447 | 1431 | static $d = null; |
| 1448 | 1432 | if (!$d) { |
| 1449 | 1433 | $d = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
@@ -1598,8 +1582,7 @@ discard block |
||
| 1598 | 1582 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
| 1599 | 1583 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 1600 | 1584 | */ |
| 1601 | - public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1602 | - { |
|
| 1585 | + public static function ge_p1p1_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) { |
|
| 1603 | 1586 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P2(); |
| 1604 | 1587 | $r->X = self::fe_mul($p->X, $p->T); |
| 1605 | 1588 | $r->Y = self::fe_mul($p->Y, $p->Z); |
@@ -1613,8 +1596,7 @@ discard block |
||
| 1613 | 1596 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p |
| 1614 | 1597 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 1615 | 1598 | */ |
| 1616 | - public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) |
|
| 1617 | - { |
|
| 1599 | + public static function ge_p1p1_to_p3(ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 $p) { |
|
| 1618 | 1600 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P3(); |
| 1619 | 1601 | $r->X = self::fe_mul($p->X, $p->T); |
| 1620 | 1602 | $r->Y = self::fe_mul($p->Y, $p->Z); |
@@ -1628,8 +1610,7 @@ discard block |
||
| 1628 | 1610 | * |
| 1629 | 1611 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 1630 | 1612 | */ |
| 1631 | - public static function ge_p2_0() |
|
| 1632 | - { |
|
| 1613 | + public static function ge_p2_0() { |
|
| 1633 | 1614 | return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
| 1634 | 1615 | self::fe_0(), |
| 1635 | 1616 | self::fe_1(), |
@@ -1643,8 +1624,7 @@ discard block |
||
| 1643 | 1624 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p |
| 1644 | 1625 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 1645 | 1626 | */ |
| 1646 | - public static function ge_p2_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p) |
|
| 1647 | - { |
|
| 1627 | + public static function ge_p2_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $p) { |
|
| 1648 | 1628 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
| 1649 | 1629 | |
| 1650 | 1630 | $r->X = self::fe_sq($p->X); |
@@ -1665,8 +1645,7 @@ discard block |
||
| 1665 | 1645 | * |
| 1666 | 1646 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 1667 | 1647 | */ |
| 1668 | - public static function ge_p3_0() |
|
| 1669 | - { |
|
| 1648 | + public static function ge_p3_0() { |
|
| 1670 | 1649 | return new ParagonIE_Sodium_Core32_Curve25519_Ge_P3( |
| 1671 | 1650 | self::fe_0(), |
| 1672 | 1651 | self::fe_1(), |
@@ -1681,8 +1660,7 @@ discard block |
||
| 1681 | 1660 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
| 1682 | 1661 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Cached |
| 1683 | 1662 | */ |
| 1684 | - public static function ge_p3_to_cached(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1685 | - { |
|
| 1663 | + public static function ge_p3_to_cached(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) { |
|
| 1686 | 1664 | static $d2 = null; |
| 1687 | 1665 | if ($d2 === null) { |
| 1688 | 1666 | $d2 = ParagonIE_Sodium_Core32_Curve25519_Fe::fromArray( |
@@ -1714,8 +1692,7 @@ discard block |
||
| 1714 | 1692 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
| 1715 | 1693 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P2 |
| 1716 | 1694 | */ |
| 1717 | - public static function ge_p3_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1718 | - { |
|
| 1695 | + public static function ge_p3_to_p2(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) { |
|
| 1719 | 1696 | return new ParagonIE_Sodium_Core32_Curve25519_Ge_P2( |
| 1720 | 1697 | $p->X, |
| 1721 | 1698 | $p->Y, |
@@ -1729,8 +1706,7 @@ discard block |
||
| 1729 | 1706 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h |
| 1730 | 1707 | * @return string |
| 1731 | 1708 | */ |
| 1732 | - public static function ge_p3_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h) |
|
| 1733 | - { |
|
| 1709 | + public static function ge_p3_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $h) { |
|
| 1734 | 1710 | $recip = self::fe_invert($h->Z); |
| 1735 | 1711 | $x = self::fe_mul($h->X, $recip); |
| 1736 | 1712 | $y = self::fe_mul($h->Y, $recip); |
@@ -1747,8 +1723,7 @@ discard block |
||
| 1747 | 1723 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p |
| 1748 | 1724 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1 |
| 1749 | 1725 | */ |
| 1750 | - public static function ge_p3_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) |
|
| 1751 | - { |
|
| 1726 | + public static function ge_p3_dbl(ParagonIE_Sodium_Core32_Curve25519_Ge_P3 $p) { |
|
| 1752 | 1727 | $q = self::ge_p3_to_p2($p); |
| 1753 | 1728 | return self::ge_p2_dbl($q); |
| 1754 | 1729 | } |
@@ -1756,8 +1731,7 @@ discard block |
||
| 1756 | 1731 | /** |
| 1757 | 1732 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
| 1758 | 1733 | */ |
| 1759 | - public static function ge_precomp_0() |
|
| 1760 | - { |
|
| 1734 | + public static function ge_precomp_0() { |
|
| 1761 | 1735 | return new ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp( |
| 1762 | 1736 | self::fe_1(), |
| 1763 | 1737 | self::fe_1(), |
@@ -1772,8 +1746,7 @@ discard block |
||
| 1772 | 1746 | * @param int $c |
| 1773 | 1747 | * @return int |
| 1774 | 1748 | */ |
| 1775 | - public static function equal($b, $c) |
|
| 1776 | - { |
|
| 1749 | + public static function equal($b, $c) { |
|
| 1777 | 1750 | return (($b ^ $c) - 1 & 0xffffffff) >> 31; |
| 1778 | 1751 | } |
| 1779 | 1752 | |
@@ -1783,8 +1756,7 @@ discard block |
||
| 1783 | 1756 | * @param int $char |
| 1784 | 1757 | * @return int (1 = yes, 0 = no) |
| 1785 | 1758 | */ |
| 1786 | - public static function negative($char) |
|
| 1787 | - { |
|
| 1759 | + public static function negative($char) { |
|
| 1788 | 1760 | if (is_int($char)) { |
| 1789 | 1761 | return $char < 0 ? 1 : 0; |
| 1790 | 1762 | } |
@@ -1827,8 +1799,7 @@ discard block |
||
| 1827 | 1799 | * @param int $b |
| 1828 | 1800 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_Precomp |
| 1829 | 1801 | */ |
| 1830 | - public static function ge_select($pos = 0, $b = 0) |
|
| 1831 | - { |
|
| 1802 | + public static function ge_select($pos = 0, $b = 0) { |
|
| 1832 | 1803 | static $base = null; |
| 1833 | 1804 | if ($base === null) { |
| 1834 | 1805 | $base = array(); |
@@ -1945,8 +1916,7 @@ discard block |
||
| 1945 | 1916 | * @param ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h |
| 1946 | 1917 | * @return string |
| 1947 | 1918 | */ |
| 1948 | - public static function ge_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h) |
|
| 1949 | - { |
|
| 1919 | + public static function ge_tobytes(ParagonIE_Sodium_Core32_Curve25519_Ge_P2 $h) { |
|
| 1950 | 1920 | $recip = self::fe_invert($h->Z); |
| 1951 | 1921 | $x = self::fe_mul($h->X, $recip); |
| 1952 | 1922 | $y = self::fe_mul($h->Y, $recip); |
@@ -2132,8 +2102,7 @@ discard block |
||
| 2132 | 2102 | * @param string $a |
| 2133 | 2103 | * @return ParagonIE_Sodium_Core32_Curve25519_Ge_P3 |
| 2134 | 2104 | */ |
| 2135 | - public static function ge_scalarmult_base($a) |
|
| 2136 | - { |
|
| 2105 | + public static function ge_scalarmult_base($a) { |
|
| 2137 | 2106 | $e = array(); |
| 2138 | 2107 | $r = new ParagonIE_Sodium_Core32_Curve25519_Ge_P1p1(); |
| 2139 | 2108 | |
@@ -2189,8 +2158,7 @@ discard block |
||
| 2189 | 2158 | * @param string $c |
| 2190 | 2159 | * @return string |
| 2191 | 2160 | */ |
| 2192 | - public static function sc_muladd($a, $b, $c) |
|
| 2193 | - { |
|
| 2161 | + public static function sc_muladd($a, $b, $c) { |
|
| 2194 | 2162 | $a0 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & self::load_3(self::substr($a, 0, 3)))->toInt64(); |
| 2195 | 2163 | $a1 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_4(self::substr($a, 2, 4)) >> 5))->toInt64(); |
| 2196 | 2164 | $a2 = ParagonIE_Sodium_Core32_Int32::fromInt(2097151 & (self::load_3(self::substr($a, 5, 3)) >> 2))->toInt64(); |
@@ -2666,8 +2634,7 @@ discard block |
||
| 2666 | 2634 | * @param string $s |
| 2667 | 2635 | * @return string |
| 2668 | 2636 | */ |
| 2669 | - public static function sc_reduce($s) |
|
| 2670 | - { |
|
| 2637 | + public static function sc_reduce($s) { |
|
| 2671 | 2638 | /** |
| 2672 | 2639 | * @var ParagonIE_Sodium_Core32_Int64 $s0 |
| 2673 | 2640 | * @var ParagonIE_Sodium_Core32_Int64 $s1 |
@@ -3021,8 +2988,7 @@ discard block |
||
| 3021 | 2988 | * @param string $s |
| 3022 | 2989 | * @return string |
| 3023 | 2990 | */ |
| 3024 | - public static function sc_reduce_old($s) |
|
| 3025 | - { |
|
| 2991 | + public static function sc_reduce_old($s) { |
|
| 3026 | 2992 | /** |
| 3027 | 2993 | * @var ParagonIE_Sodium_Core32_Int32 $s0 |
| 3028 | 2994 | * @var ParagonIE_Sodium_Core32_Int32 $s1 |
